Merge pull request #1842 from Firesphere/authenticator-refactor

[WIP] Make CMS Compatible with Authentication Refactor work
This commit is contained in:
Chris Joe 2017-06-09 22:14:55 +12:00 committed by GitHub
commit 1af5957433
12 changed files with 89 additions and 77 deletions

View File

@ -922,7 +922,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
// Generate basic cache key. Too complex to encompass all variations
$cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints');
$cacheKey = md5(implode('_', array(Member::currentUserID(), implode(',', $cacheCanCreate), implode(',', $classes))));
$cacheKey = md5(implode('_', array(Security::getCurrentUser()->ID, implode(',', $cacheCanCreate), implode(',', $classes))));
if ($this->getRequest()->getVar('flush')) {
$cache->clear();
}

View File

@ -199,7 +199,7 @@ class CMSPageAddController extends CMSPageEditController
$parentID = 0;
}
if (!singleton($className)->canCreate(Member::currentUser(), array('Parent' => $parentObj))) {
if (!singleton($className)->canCreate(Security::getCurrentUser(), array('Parent' => $parentObj))) {
return Security::permissionFailure($this);
}

View File

@ -20,8 +20,6 @@ use SilverStripe\ORM\FieldType\DBHTMLText;
use SilverStripe\ORM\FieldType\DBVarchar;
use SilverStripe\ORM\SS_List;
use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator;
use SilverStripe\Security\Permission;
use SilverStripe\Security\Security;
use SilverStripe\SiteConfig\SiteConfig;
@ -320,12 +318,12 @@ class ContentController extends Controller
*/
public function LoginForm()
{
return MemberAuthenticator::get_login_form($this);
return MemberAuthenticator::singleton()->loginForm($this);
}
public function SilverStripeNavigator()
{
$member = Member::currentUser();
$member = Security::getCurrentUser();
$items = '';
$message = '';

View File

@ -52,6 +52,7 @@ use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\InheritedPermissions;
use SilverStripe\Security\InheritedPermissionsExtension;
use SilverStripe\Security\PermissionChecker;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Group;
use SilverStripe\Security\Member;
@ -922,7 +923,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function can($perm, $member = null, $context = array())
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
if ($member && Permission::checkMember($member, "ADMIN")) {
@ -968,7 +969,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
}
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Standard mechanism for accepting permission changes from extensions
@ -1004,7 +1005,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canView($member = null)
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Standard mechanism for accepting permission changes from extensions
@ -1065,7 +1066,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canPublish($member = null)
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Check extension
@ -1101,7 +1102,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canDelete($member = null)
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Standard mechanism for accepting permission changes from extensions
@ -1145,7 +1146,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canCreate($member = null, $context = array())
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Check parent (custom canCreate option for SiteTree)
@ -1199,7 +1200,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canEdit($member = null)
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
// Standard mechanism for accepting permission changes from extensions

View File

@ -19,10 +19,10 @@
"composer/installers": "*",
"silverstripe/admin": "^1.0@dev",
"silverstripe/campaign-admin": "^1@dev",
"silverstripe/framework": "^4.0@dev",
"silverstripe/framework": "4.0.x-dev",
"silverstripe/reports": "^4.0@dev",
"silverstripe/siteconfig": "^4.0@dev",
"silverstripe/versioned": "^1.0@dev"
"silverstripe/versioned": "1.0@dev"
},
"require-dev": {
"phpunit/phpunit": "^5.7",

View File

@ -4,6 +4,7 @@ use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\DB;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\HiddenClass;
use SilverStripe\CMS\Controllers\CMSMain;
@ -49,7 +50,7 @@ class CMSMainTest extends FunctionalTest
$cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints');
// Login as user with root creation privileges
$user = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
$user->logIn();
Security::setCurrentUser($user);
$cache->clear();
$rawHints = singleton('SilverStripe\\CMS\\Controllers\\CMSMain')->SiteTreeHints();
@ -240,7 +241,7 @@ class CMSMainTest extends FunctionalTest
*/
public function testDraftDeletedPageCanBeOpenedInCMS()
{
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin'));
$this->logInWithPermission('ADMIN');
// Set up a page that is delete from live
$page = $this->objFromFixture(Page::class, 'page1');
@ -306,7 +307,7 @@ class CMSMainTest extends FunctionalTest
$rootEditUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
// with insufficient permissions
$cmsUser->logIn();
Security::setCurrentUser($cmsUser);
$this->get('admin/pages/add');
$response = $this->post(
'admin/pages/add/AddForm',
@ -325,7 +326,7 @@ class CMSMainTest extends FunctionalTest
$this->assertEquals(403, $response->getStatusCode(), 'Add TopLevel page must fail for normal user');
// with correct permissions
$rootEditUser->logIn();
Security::setCurrentUser($rootEditUser);
$response = $this->get('admin/pages/add');
$response = $this->post(
@ -346,7 +347,7 @@ class CMSMainTest extends FunctionalTest
$this->assertNotEmpty($location, 'Must be a redirect on success');
$this->assertContains('/show/', $location, 'Must redirect to /show/ the new page');
// TODO Logout
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$this->autoFollowRedirection = $origFollow;
}
@ -357,7 +358,7 @@ class CMSMainTest extends FunctionalTest
$this->autoFollowRedirection = false;
$adminUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$adminUser->logIn();
Security::setCurrentUser($adminUser);
// Create toplevel page
$this->get('admin/pages/add');
@ -422,7 +423,7 @@ class CMSMainTest extends FunctionalTest
);
$this->assertEquals(403, $response->getStatusCode(), 'Add disallowed child should fail');
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$this->autoFollowRedirection = $origFollow;
}
@ -432,7 +433,7 @@ class CMSMainTest extends FunctionalTest
$page3 = $this->objFromFixture(Page::class, 'page3');
$page31 = $this->objFromFixture(Page::class, 'page31');
$adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$this->session()->inst_set('loggedInAs', $adminuser->ID);
Security::setCurrentUser($adminuser);
$response = $this->get('admin/pages/edit/show/' . $page31->ID);
$parser = new CSSContentParser($response->getBody());
@ -443,7 +444,7 @@ class CMSMainTest extends FunctionalTest
$this->assertEquals('Page 3', (string)$crumbs[0]);
$this->assertEquals('Page 3.1', (string)$crumbs[1]);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
}
public function testGetNewItem()

View File

@ -7,6 +7,7 @@ use SilverStripe\CMS\Controllers\SilverStripeNavigator;
use SilverStripe\CMS\Controllers\SilverStripeNavigatorItem;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\Dev\TestOnly;
use SilverStripe\Security\Security;
/**
* @package cms
@ -85,7 +86,7 @@ class SilverStripeNavigatorTest_ProtectedTestItem extends SilverStripeNavigatorI
public function canView($member = null)
{
if (!$member) {
$member = Member::currentUser();
$member = Security::getCurrentUser();
}
return Permission::checkMember($member, 'ADMIN');
}

View File

@ -1,5 +1,6 @@
<?php
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\Assets\File;
use SilverStripe\Control\Session;
@ -46,7 +47,7 @@ class ErrorPageFileExtensionTest extends SapphireTest
// Get stage version of file
$file = File::get()->first();
$fileLink = $file->Link();
Session::clear("loggedInAs");
Security::setCurrentUser(null);
// Generate shortcode for a file which doesn't exist
$shortcode = File::handle_shortcode(array('id' => 9999), null, new ShortcodeParser(), 'file_link');

View File

@ -1,6 +1,7 @@
<?php
use SilverStripe\CMS\Model\SiteTree;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\DB;
use SilverStripe\Security\Member;
@ -40,7 +41,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Log in as another user
$readonlyEditor = $this->objFromFixture(Member::class, 'cmsreadonlyeditor');
$this->session()->inst_set('loggedInAs', $readonlyEditor->ID);
Security::setCurrentUser($readonlyEditor);
// Reload latest version
$page = Page::get()->byID($page->ID);
@ -76,7 +77,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Check that someone without the right permission can't delete the page
$editor = $this->objFromFixture(Member::class, 'cmsnodeleteeditor');
$this->session()->inst_set('loggedInAs', $editor->ID);
Security::setCurrentUser($editor);
$actions = $page->getCMSActions();
$this->assertNull($actions->dataFieldByName('action_archive'));
@ -84,7 +85,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Check that someone with the right permission can delete the page
/** @var Member $member */
$member = $this->objFromFixture(Member::class, 'cmseditor');
$member->logIn();
Security::setCurrentUser($member);
$actions = $page->getCMSActions();
$this->assertNotNull($actions->dataFieldByName('action_archive'));
}
@ -96,7 +97,7 @@ class SiteTreeActionsTest extends FunctionalTest
}
$author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
Security::setCurrentUser($author);
/** @var Page $page */
$page = new Page();
@ -125,7 +126,7 @@ class SiteTreeActionsTest extends FunctionalTest
}
$author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
Security::setCurrentUser($author);
$page = new Page();
$page->CanEditType = 'LoggedInUsers';
@ -158,7 +159,7 @@ class SiteTreeActionsTest extends FunctionalTest
}
$author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID);
Security::setCurrentUser($author);
$page = new Page();
$page->CanEditType = 'LoggedInUsers';

View File

@ -1,6 +1,7 @@
<?php
use SilverStripe\Security\Group;
use SilverStripe\Security\Security;
use SilverStripe\SiteConfig\SiteConfig;
use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Member;
@ -42,8 +43,8 @@ class SiteTreePermissionsTest extends FunctionalTest
$page = $this->objFromFixture('Page', 'draftOnlyPage');
if ($member = Member::currentUser()) {
$member->logOut();
if ($member = Security::getCurrentUser()) {
Security::setCurrentUser(null);
}
$response = $this->get($page->URLSegment . '?stage=Live');
@ -90,7 +91,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin has edit rights on that page
$member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn();
Security::setCurrentUser($member);
// Test can_edit_multiple
$this->assertEquals(
@ -99,7 +100,7 @@ class SiteTreePermissionsTest extends FunctionalTest
);
// Test canEdit
$member->logIn();
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit());
}
@ -113,7 +114,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin has edit rights on that page
$member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn();
Security::setCurrentUser($member);
// Test can_edit_multiple
$this->assertEquals(
@ -122,7 +123,7 @@ class SiteTreePermissionsTest extends FunctionalTest
);
// Test canEdit
$member->logIn();
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit());
}
@ -140,7 +141,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin had edit rights on that page, but now it's gone
$member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn();
Security::setCurrentUser($member);
$this->assertFalse($page->canEdit());
}
@ -174,7 +175,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page = $this->objFromFixture('Page', 'standardpage');
$subadminuser = $this->objFromFixture(Member::class, 'subadmin');
$this->session()->inst_set('loggedInAs', $subadminuser->ID);
Security::setCurrentUser($subadminuser);
$fields = $page->getSettingsFields();
$this->assertFalse(
$fields->dataFieldByName('CanViewType')->isReadonly(),
@ -186,7 +187,7 @@ class SiteTreePermissionsTest extends FunctionalTest
);
$editoruser = $this->objFromFixture(Member::class, 'editor');
$this->session()->inst_set('loggedInAs', $editoruser->ID);
Security::setCurrentUser($editoruser);
$fields = $page->getSettingsFields();
$this->assertTrue(
$fields->dataFieldByName('CanViewType')->isReadonly(),
@ -209,7 +210,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView(false),
'Unauthenticated members cant view a page marked as "Viewable for any logged in users"'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$response = $this->get($page->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
@ -223,14 +224,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS'
);
$this->session()->inst_set('loggedInAs', $websiteuser->ID);
Security::setCurrentUser($websiteuser);
$response = $this->get($page->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
200,
'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
}
public function testRestrictedViewOnlyTheseUsers()
@ -242,7 +243,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView(false),
'Unauthenticated members cant view a page marked as "Viewable by these groups"'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$response = $this->get($page->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
@ -256,14 +257,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($subadminuser),
'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups'
);
$this->session()->inst_set('loggedInAs', $subadminuser->ID);
Security::setCurrentUser($subadminuser);
$response = $this->get($page->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
403,
'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
// website users
$websiteuser = $this->objFromFixture(Member::class, 'websiteuser');
@ -271,14 +272,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups'
);
$this->session()->inst_set('loggedInAs', $websiteuser->ID);
Security::setCurrentUser($websiteuser);
$response = $this->get($page->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
200,
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
}
public function testRestrictedEditLoggedInUsers()
@ -293,7 +294,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// website users
$websiteuser = $this->objFromFixture(Member::class, 'websiteuser');
$websiteuser->logIn();
Security::setCurrentUser($websiteuser);
$this->assertFalse(
$page->canEdit($websiteuser),
'Authenticated members cant edit a page marked as "Editable by logged in users" if they dont have cms permissions'
@ -342,7 +343,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$childPage->canView(false),
'Unauthenticated members cant view a page marked as "Viewable by these groups" by inherited permission'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$response = $this->get($childPage->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
@ -356,14 +357,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$childPage->canView($subadminuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission'
);
$this->session()->inst_set('loggedInAs', $subadminuser->ID);
Security::setCurrentUser($subadminuser);
$response = $this->get($childPage->RelativeLink());
$this->assertEquals(
$response->getStatusCode(),
200,
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission'
);
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
}
public function testRestrictedEditInheritance()
@ -461,16 +462,16 @@ class SiteTreePermissionsTest extends FunctionalTest
$siteconfig->write();
$this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
$this->session()->inst_set('loggedInAs', $editor->ID);
Security::setCurrentUser($editor);
$this->assertTrue($page->canEdit(), 'Users can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
$siteconfig->CanEditType = 'OnlyTheseUsers';
$siteconfig->EditorGroups()->add($editorGroup);
$siteconfig->write();
$this->assertTrue($page->canEdit($editor), 'Editors can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
$this->session()->inst_set('loggedInAs', null);
Security::setCurrentUser(null);
$this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
$this->session()->inst_set('loggedInAs', $user->ID);
Security::setCurrentUser($user);
$this->assertFalse($page->canEdit($user), 'Website user can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
}
}

View File

@ -7,6 +7,7 @@ use SilverStripe\Control\ContentNegotiator;
use SilverStripe\Control\Controller;
use SilverStripe\ORM\DB;
use SilverStripe\Security\InheritedPermissions;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException;
@ -57,8 +58,9 @@ class SiteTreeTest extends SapphireTest
*/
public function logOut()
{
if ($member = Member::currentUser()) {
$member->logOut();
if ($member = Security::getCurrentUser()) {
Session::clear('loggedInAs');
Security::setCurrentUser(null);
}
}
@ -663,11 +665,13 @@ class SiteTreeTest extends SapphireTest
$sc->write();
// Confirm that Member.editor can't edit the page
$this->objFromFixture(Member::class, 'editor')->logIn();
$member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertFalse($page->canEdit());
// Change the page to be editable by Group.editors, but do not publish
$this->objFromFixture(Member::class, 'admin')->logIn();
$admin = $this->objFromFixture(Member::class, 'admin');
Security::setCurrentUser($admin);
$page->CanEditType = 'OnlyTheseUsers';
$page->EditorGroups()->add($this->idFromFixture(Group::class, 'editors'));
$page->write();
@ -678,15 +682,18 @@ class SiteTreeTest extends SapphireTest
$checker->clearCache();
// Confirm that Member.editor can now edit the page
$this->objFromFixture(Member::class, 'editor')->logIn();
$member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit());
// Publish the changes to the page
$this->objFromFixture(Member::class, 'admin')->logIn();
$admin = $this->objFromFixture(Member::class, 'admin');
Security::setCurrentUser($admin);
$page->publishRecursive();
// Confirm that Member.editor can still edit the page
$this->objFromFixture(Member::class, 'editor')->logIn();
$member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit());
}
@ -720,12 +727,12 @@ class SiteTreeTest extends SapphireTest
public function testAuthorIDAndPublisherIDFilledOutOnPublish()
{
// Ensure that we have a member ID who is doing all this work
$member = Member::currentUser();
$member = security::getCurrentUser();
if ($member) {
$memberID = $member->ID;
} else {
$memberID = $this->idFromFixture(Member::class, "admin");
Session::set("loggedInAs", $memberID);
$member = $this->objFromFixture(Member::class, "admin");
Security::setCurrentUser($member);
}
// Write the page
@ -1158,7 +1165,7 @@ class SiteTreeTest extends SapphireTest
$method = new ReflectionMethod($sitetree, 'getClassDropdown');
$method->setAccessible(true);
Session::set("loggedInAs", null);
Security::setCurrentUser(null);
$this->assertArrayNotHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree));
$this->loginWithPermission('ADMIN');
@ -1167,7 +1174,7 @@ class SiteTreeTest extends SapphireTest
$this->loginWithPermission('CMS_ACCESS_CMSMain');
$this->assertArrayHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree));
Session::set("loggedInAs", null);
Security::setCurrentUser(null);
}
public function testCanBeRoot()
@ -1398,7 +1405,7 @@ class SiteTreeTest extends SapphireTest
public function testCanPublish()
{
$page = new SiteTreeTest_ClassD();
Session::clear("loggedInAs");
$this->logOut();
// Test that false overrides any can_publish = true
SiteTreeTest_ExtensionA::$can_publish = true;

View File

@ -6,6 +6,7 @@ use SilverStripe\CMS\Model\SiteTree;
use SilverStripe\Control\HTTPRequest;
use SilverStripe\Core\Config\Config;
use SilverStripe\ORM\DB;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned;
use SilverStripe\MSSQL\MSSQLDatabase;
use SilverStripe\PostgreSQL\PostgreSQLDatabase;
@ -200,14 +201,14 @@ class ZZZSearchFormTest extends FunctionalTest
);
$member = $this->objFromFixture(Member::class, 'randomuser');
$member->logIn();
Security::setCurrentUser($member);
$results = $sf->getResults();
$this->assertContains(
$page->ID,
$results->column('ID'),
'Page with "Restrict to logged in users" shows if login is present'
);
$member->logOut();
Security::setCurrentUser(null);
}
public function testPagesRestrictedToSpecificGroupNotIncluded()
@ -230,24 +231,24 @@ class ZZZSearchFormTest extends FunctionalTest
);
$member = $this->objFromFixture(Member::class, 'randomuser');
$member->logIn();
Security::setCurrentUser($member);
$results = $sf->getResults();
$this->assertNotContains(
$page->ID,
$results->column('ID'),
'Page with "Restrict to these users" doesnt show if logged in user is not in the right group'
);
$member->logOut();
Security::setCurrentUser(null);
$member = $this->objFromFixture(Member::class, 'websiteuser');
$member->logIn();
Security::setCurrentUser($member);
$results = $sf->getResults();
$this->assertContains(
$page->ID,
$results->column('ID'),
'Page with "Restrict to these users" shows if user in this group is logged in'
);
$member->logOut();
Security::setCurrentUser(null);
}
public function testInheritedRestrictedPagesNotIncluded()
@ -269,14 +270,14 @@ class ZZZSearchFormTest extends FunctionalTest
);
$member = $this->objFromFixture(Member::class, 'websiteuser');
$member->logIn();
Security::setCurrentUser($member);
$results = $sf->getResults();
$this->assertContains(
$page->ID,
$results->column('ID'),
'Page inheriting "Restrict to loggedin users" shows if user in this group is logged in'
);
$member->logOut();
Security::setCurrentUser(null);
}
public function testDisabledShowInSearchFlagNotIncludedForSiteTree()