Make CMS Compatible with Authentication Refactor work

Move Member::currentUser() to Security::getCurrentUser()
This commit is contained in:
Simon Erkelens 2017-05-21 15:15:00 +12:00
parent 8d717c81b9
commit b2fd014216
12 changed files with 89 additions and 77 deletions

View File

@ -922,7 +922,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
// Generate basic cache key. Too complex to encompass all variations // Generate basic cache key. Too complex to encompass all variations
$cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints'); $cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints');
$cacheKey = md5(implode('_', array(Member::currentUserID(), implode(',', $cacheCanCreate), implode(',', $classes)))); $cacheKey = md5(implode('_', array(Security::getCurrentUser()->ID, implode(',', $cacheCanCreate), implode(',', $classes))));
if ($this->getRequest()->getVar('flush')) { if ($this->getRequest()->getVar('flush')) {
$cache->clear(); $cache->clear();
} }

View File

@ -199,7 +199,7 @@ class CMSPageAddController extends CMSPageEditController
$parentID = 0; $parentID = 0;
} }
if (!singleton($className)->canCreate(Member::currentUser(), array('Parent' => $parentObj))) { if (!singleton($className)->canCreate(Security::getCurrentUser(), array('Parent' => $parentObj))) {
return Security::permissionFailure($this); return Security::permissionFailure($this);
} }

View File

@ -20,8 +20,6 @@ use SilverStripe\ORM\FieldType\DBHTMLText;
use SilverStripe\ORM\FieldType\DBVarchar; use SilverStripe\ORM\FieldType\DBVarchar;
use SilverStripe\ORM\SS_List; use SilverStripe\ORM\SS_List;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator;
use SilverStripe\Security\Permission; use SilverStripe\Security\Permission;
use SilverStripe\Security\Security; use SilverStripe\Security\Security;
use SilverStripe\SiteConfig\SiteConfig; use SilverStripe\SiteConfig\SiteConfig;
@ -320,12 +318,12 @@ class ContentController extends Controller
*/ */
public function LoginForm() public function LoginForm()
{ {
return MemberAuthenticator::get_login_form($this); return MemberAuthenticator::singleton()->loginForm($this);
} }
public function SilverStripeNavigator() public function SilverStripeNavigator()
{ {
$member = Member::currentUser(); $member = Security::getCurrentUser();
$items = ''; $items = '';
$message = ''; $message = '';

View File

@ -52,6 +52,7 @@ use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\InheritedPermissions; use SilverStripe\Security\InheritedPermissions;
use SilverStripe\Security\InheritedPermissionsExtension; use SilverStripe\Security\InheritedPermissionsExtension;
use SilverStripe\Security\PermissionChecker; use SilverStripe\Security\PermissionChecker;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Group; use SilverStripe\Security\Group;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
@ -922,7 +923,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function can($perm, $member = null, $context = array()) public function can($perm, $member = null, $context = array())
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
if ($member && Permission::checkMember($member, "ADMIN")) { if ($member && Permission::checkMember($member, "ADMIN")) {
@ -968,7 +969,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
} }
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Standard mechanism for accepting permission changes from extensions // Standard mechanism for accepting permission changes from extensions
@ -1004,7 +1005,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canView($member = null) public function canView($member = null)
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Standard mechanism for accepting permission changes from extensions // Standard mechanism for accepting permission changes from extensions
@ -1065,7 +1066,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canPublish($member = null) public function canPublish($member = null)
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Check extension // Check extension
@ -1101,7 +1102,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canDelete($member = null) public function canDelete($member = null)
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Standard mechanism for accepting permission changes from extensions // Standard mechanism for accepting permission changes from extensions
@ -1145,7 +1146,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canCreate($member = null, $context = array()) public function canCreate($member = null, $context = array())
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Check parent (custom canCreate option for SiteTree) // Check parent (custom canCreate option for SiteTree)
@ -1199,7 +1200,7 @@ class SiteTree extends DataObject implements PermissionProvider, i18nEntityProvi
public function canEdit($member = null) public function canEdit($member = null)
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
// Standard mechanism for accepting permission changes from extensions // Standard mechanism for accepting permission changes from extensions

View File

@ -19,10 +19,10 @@
"composer/installers": "*", "composer/installers": "*",
"silverstripe/admin": "^1.0@dev", "silverstripe/admin": "^1.0@dev",
"silverstripe/campaign-admin": "^1@dev", "silverstripe/campaign-admin": "^1@dev",
"silverstripe/framework": "^4.0@dev", "silverstripe/framework": "4.0.x-dev",
"silverstripe/reports": "^4.0@dev", "silverstripe/reports": "^4.0@dev",
"silverstripe/siteconfig": "^4.0@dev", "silverstripe/siteconfig": "^4.0@dev",
"silverstripe/versioned": "^1.0@dev" "silverstripe/versioned": "1.0@dev"
}, },
"require-dev": { "require-dev": {
"phpunit/phpunit": "^5.7", "phpunit/phpunit": "^5.7",

View File

@ -4,6 +4,7 @@ use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\DB; use SilverStripe\ORM\DB;
use SilverStripe\ORM\DataObject; use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException; use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\HiddenClass; use SilverStripe\ORM\HiddenClass;
use SilverStripe\CMS\Controllers\CMSMain; use SilverStripe\CMS\Controllers\CMSMain;
@ -49,7 +50,7 @@ class CMSMainTest extends FunctionalTest
$cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints'); $cache = Injector::inst()->get(CacheInterface::class . '.CMSMain_SiteTreeHints');
// Login as user with root creation privileges // Login as user with root creation privileges
$user = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser'); $user = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
$user->logIn(); Security::setCurrentUser($user);
$cache->clear(); $cache->clear();
$rawHints = singleton('SilverStripe\\CMS\\Controllers\\CMSMain')->SiteTreeHints(); $rawHints = singleton('SilverStripe\\CMS\\Controllers\\CMSMain')->SiteTreeHints();
@ -240,7 +241,7 @@ class CMSMainTest extends FunctionalTest
*/ */
public function testDraftDeletedPageCanBeOpenedInCMS() public function testDraftDeletedPageCanBeOpenedInCMS()
{ {
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin')); $this->logInWithPermission('ADMIN');
// Set up a page that is delete from live // Set up a page that is delete from live
$page = $this->objFromFixture(Page::class, 'page1'); $page = $this->objFromFixture(Page::class, 'page1');
@ -306,7 +307,7 @@ class CMSMainTest extends FunctionalTest
$rootEditUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser'); $rootEditUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'rootedituser');
// with insufficient permissions // with insufficient permissions
$cmsUser->logIn(); Security::setCurrentUser($cmsUser);
$this->get('admin/pages/add'); $this->get('admin/pages/add');
$response = $this->post( $response = $this->post(
'admin/pages/add/AddForm', 'admin/pages/add/AddForm',
@ -325,7 +326,7 @@ class CMSMainTest extends FunctionalTest
$this->assertEquals(403, $response->getStatusCode(), 'Add TopLevel page must fail for normal user'); $this->assertEquals(403, $response->getStatusCode(), 'Add TopLevel page must fail for normal user');
// with correct permissions // with correct permissions
$rootEditUser->logIn(); Security::setCurrentUser($rootEditUser);
$response = $this->get('admin/pages/add'); $response = $this->get('admin/pages/add');
$response = $this->post( $response = $this->post(
@ -346,7 +347,7 @@ class CMSMainTest extends FunctionalTest
$this->assertNotEmpty($location, 'Must be a redirect on success'); $this->assertNotEmpty($location, 'Must be a redirect on success');
$this->assertContains('/show/', $location, 'Must redirect to /show/ the new page'); $this->assertContains('/show/', $location, 'Must redirect to /show/ the new page');
// TODO Logout // TODO Logout
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$this->autoFollowRedirection = $origFollow; $this->autoFollowRedirection = $origFollow;
} }
@ -357,7 +358,7 @@ class CMSMainTest extends FunctionalTest
$this->autoFollowRedirection = false; $this->autoFollowRedirection = false;
$adminUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin'); $adminUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$adminUser->logIn(); Security::setCurrentUser($adminUser);
// Create toplevel page // Create toplevel page
$this->get('admin/pages/add'); $this->get('admin/pages/add');
@ -422,7 +423,7 @@ class CMSMainTest extends FunctionalTest
); );
$this->assertEquals(403, $response->getStatusCode(), 'Add disallowed child should fail'); $this->assertEquals(403, $response->getStatusCode(), 'Add disallowed child should fail');
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$this->autoFollowRedirection = $origFollow; $this->autoFollowRedirection = $origFollow;
} }
@ -432,7 +433,7 @@ class CMSMainTest extends FunctionalTest
$page3 = $this->objFromFixture(Page::class, 'page3'); $page3 = $this->objFromFixture(Page::class, 'page3');
$page31 = $this->objFromFixture(Page::class, 'page31'); $page31 = $this->objFromFixture(Page::class, 'page31');
$adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin'); $adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
$this->session()->inst_set('loggedInAs', $adminuser->ID); Security::setCurrentUser($adminuser);
$response = $this->get('admin/pages/edit/show/' . $page31->ID); $response = $this->get('admin/pages/edit/show/' . $page31->ID);
$parser = new CSSContentParser($response->getBody()); $parser = new CSSContentParser($response->getBody());
@ -443,7 +444,7 @@ class CMSMainTest extends FunctionalTest
$this->assertEquals('Page 3', (string)$crumbs[0]); $this->assertEquals('Page 3', (string)$crumbs[0]);
$this->assertEquals('Page 3.1', (string)$crumbs[1]); $this->assertEquals('Page 3.1', (string)$crumbs[1]);
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
} }
public function testGetNewItem() public function testGetNewItem()

View File

@ -7,6 +7,7 @@ use SilverStripe\CMS\Controllers\SilverStripeNavigator;
use SilverStripe\CMS\Controllers\SilverStripeNavigatorItem; use SilverStripe\CMS\Controllers\SilverStripeNavigatorItem;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\Dev\TestOnly; use SilverStripe\Dev\TestOnly;
use SilverStripe\Security\Security;
/** /**
* @package cms * @package cms
@ -85,7 +86,7 @@ class SilverStripeNavigatorTest_ProtectedTestItem extends SilverStripeNavigatorI
public function canView($member = null) public function canView($member = null)
{ {
if (!$member) { if (!$member) {
$member = Member::currentUser(); $member = Security::getCurrentUser();
} }
return Permission::checkMember($member, 'ADMIN'); return Permission::checkMember($member, 'ADMIN');
} }

View File

@ -1,5 +1,6 @@
<?php <?php
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\Assets\File; use SilverStripe\Assets\File;
use SilverStripe\Control\Session; use SilverStripe\Control\Session;
@ -46,7 +47,7 @@ class ErrorPageFileExtensionTest extends SapphireTest
// Get stage version of file // Get stage version of file
$file = File::get()->first(); $file = File::get()->first();
$fileLink = $file->Link(); $fileLink = $file->Link();
Session::clear("loggedInAs"); Security::setCurrentUser(null);
// Generate shortcode for a file which doesn't exist // Generate shortcode for a file which doesn't exist
$shortcode = File::handle_shortcode(array('id' => 9999), null, new ShortcodeParser(), 'file_link'); $shortcode = File::handle_shortcode(array('id' => 9999), null, new ShortcodeParser(), 'file_link');

View File

@ -1,6 +1,7 @@
<?php <?php
use SilverStripe\CMS\Model\SiteTree; use SilverStripe\CMS\Model\SiteTree;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\DB; use SilverStripe\ORM\DB;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
@ -40,7 +41,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Log in as another user // Log in as another user
$readonlyEditor = $this->objFromFixture(Member::class, 'cmsreadonlyeditor'); $readonlyEditor = $this->objFromFixture(Member::class, 'cmsreadonlyeditor');
$this->session()->inst_set('loggedInAs', $readonlyEditor->ID); Security::setCurrentUser($readonlyEditor);
// Reload latest version // Reload latest version
$page = Page::get()->byID($page->ID); $page = Page::get()->byID($page->ID);
@ -76,7 +77,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Check that someone without the right permission can't delete the page // Check that someone without the right permission can't delete the page
$editor = $this->objFromFixture(Member::class, 'cmsnodeleteeditor'); $editor = $this->objFromFixture(Member::class, 'cmsnodeleteeditor');
$this->session()->inst_set('loggedInAs', $editor->ID); Security::setCurrentUser($editor);
$actions = $page->getCMSActions(); $actions = $page->getCMSActions();
$this->assertNull($actions->dataFieldByName('action_archive')); $this->assertNull($actions->dataFieldByName('action_archive'));
@ -84,7 +85,7 @@ class SiteTreeActionsTest extends FunctionalTest
// Check that someone with the right permission can delete the page // Check that someone with the right permission can delete the page
/** @var Member $member */ /** @var Member $member */
$member = $this->objFromFixture(Member::class, 'cmseditor'); $member = $this->objFromFixture(Member::class, 'cmseditor');
$member->logIn(); Security::setCurrentUser($member);
$actions = $page->getCMSActions(); $actions = $page->getCMSActions();
$this->assertNotNull($actions->dataFieldByName('action_archive')); $this->assertNotNull($actions->dataFieldByName('action_archive'));
} }
@ -96,7 +97,7 @@ class SiteTreeActionsTest extends FunctionalTest
} }
$author = $this->objFromFixture(Member::class, 'cmseditor'); $author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID); Security::setCurrentUser($author);
/** @var Page $page */ /** @var Page $page */
$page = new Page(); $page = new Page();
@ -125,7 +126,7 @@ class SiteTreeActionsTest extends FunctionalTest
} }
$author = $this->objFromFixture(Member::class, 'cmseditor'); $author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID); Security::setCurrentUser($author);
$page = new Page(); $page = new Page();
$page->CanEditType = 'LoggedInUsers'; $page->CanEditType = 'LoggedInUsers';
@ -158,7 +159,7 @@ class SiteTreeActionsTest extends FunctionalTest
} }
$author = $this->objFromFixture(Member::class, 'cmseditor'); $author = $this->objFromFixture(Member::class, 'cmseditor');
$this->session()->inst_set('loggedInAs', $author->ID); Security::setCurrentUser($author);
$page = new Page(); $page = new Page();
$page->CanEditType = 'LoggedInUsers'; $page->CanEditType = 'LoggedInUsers';

View File

@ -1,6 +1,7 @@
<?php <?php
use SilverStripe\Security\Group; use SilverStripe\Security\Group;
use SilverStripe\Security\Security;
use SilverStripe\SiteConfig\SiteConfig; use SilverStripe\SiteConfig\SiteConfig;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
@ -42,8 +43,8 @@ class SiteTreePermissionsTest extends FunctionalTest
$page = $this->objFromFixture('Page', 'draftOnlyPage'); $page = $this->objFromFixture('Page', 'draftOnlyPage');
if ($member = Member::currentUser()) { if ($member = Security::getCurrentUser()) {
$member->logOut(); Security::setCurrentUser(null);
} }
$response = $this->get($page->URLSegment . '?stage=Live'); $response = $this->get($page->URLSegment . '?stage=Live');
@ -90,7 +91,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin has edit rights on that page // subadmin has edit rights on that page
$member = $this->objFromFixture(Member::class, 'subadmin'); $member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn(); Security::setCurrentUser($member);
// Test can_edit_multiple // Test can_edit_multiple
$this->assertEquals( $this->assertEquals(
@ -99,7 +100,7 @@ class SiteTreePermissionsTest extends FunctionalTest
); );
// Test canEdit // Test canEdit
$member->logIn(); Security::setCurrentUser($member);
$this->assertTrue($page->canEdit()); $this->assertTrue($page->canEdit());
} }
@ -113,7 +114,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin has edit rights on that page // subadmin has edit rights on that page
$member = $this->objFromFixture(Member::class, 'subadmin'); $member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn(); Security::setCurrentUser($member);
// Test can_edit_multiple // Test can_edit_multiple
$this->assertEquals( $this->assertEquals(
@ -122,7 +123,7 @@ class SiteTreePermissionsTest extends FunctionalTest
); );
// Test canEdit // Test canEdit
$member->logIn(); Security::setCurrentUser($member);
$this->assertTrue($page->canEdit()); $this->assertTrue($page->canEdit());
} }
@ -140,7 +141,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// subadmin had edit rights on that page, but now it's gone // subadmin had edit rights on that page, but now it's gone
$member = $this->objFromFixture(Member::class, 'subadmin'); $member = $this->objFromFixture(Member::class, 'subadmin');
$member->logIn(); Security::setCurrentUser($member);
$this->assertFalse($page->canEdit()); $this->assertFalse($page->canEdit());
} }
@ -174,7 +175,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page = $this->objFromFixture('Page', 'standardpage'); $page = $this->objFromFixture('Page', 'standardpage');
$subadminuser = $this->objFromFixture(Member::class, 'subadmin'); $subadminuser = $this->objFromFixture(Member::class, 'subadmin');
$this->session()->inst_set('loggedInAs', $subadminuser->ID); Security::setCurrentUser($subadminuser);
$fields = $page->getSettingsFields(); $fields = $page->getSettingsFields();
$this->assertFalse( $this->assertFalse(
$fields->dataFieldByName('CanViewType')->isReadonly(), $fields->dataFieldByName('CanViewType')->isReadonly(),
@ -186,7 +187,7 @@ class SiteTreePermissionsTest extends FunctionalTest
); );
$editoruser = $this->objFromFixture(Member::class, 'editor'); $editoruser = $this->objFromFixture(Member::class, 'editor');
$this->session()->inst_set('loggedInAs', $editoruser->ID); Security::setCurrentUser($editoruser);
$fields = $page->getSettingsFields(); $fields = $page->getSettingsFields();
$this->assertTrue( $this->assertTrue(
$fields->dataFieldByName('CanViewType')->isReadonly(), $fields->dataFieldByName('CanViewType')->isReadonly(),
@ -209,7 +210,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView(false), $page->canView(false),
'Unauthenticated members cant view a page marked as "Viewable for any logged in users"' 'Unauthenticated members cant view a page marked as "Viewable for any logged in users"'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$response = $this->get($page->RelativeLink()); $response = $this->get($page->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
@ -223,14 +224,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($websiteuser), $page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS' 'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS'
); );
$this->session()->inst_set('loggedInAs', $websiteuser->ID); Security::setCurrentUser($websiteuser);
$response = $this->get($page->RelativeLink()); $response = $this->get($page->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
200, 200,
'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS' 'Authenticated members can view a page marked as "Viewable for any logged in users" even if they dont have access to the CMS'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
} }
public function testRestrictedViewOnlyTheseUsers() public function testRestrictedViewOnlyTheseUsers()
@ -242,7 +243,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView(false), $page->canView(false),
'Unauthenticated members cant view a page marked as "Viewable by these groups"' 'Unauthenticated members cant view a page marked as "Viewable by these groups"'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$response = $this->get($page->RelativeLink()); $response = $this->get($page->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
@ -256,14 +257,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($subadminuser), $page->canView($subadminuser),
'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups' 'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups'
); );
$this->session()->inst_set('loggedInAs', $subadminuser->ID); Security::setCurrentUser($subadminuser);
$response = $this->get($page->RelativeLink()); $response = $this->get($page->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
403, 403,
'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups' 'Authenticated members cant view a page marked as "Viewable by these groups" if theyre not in the listed groups'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
// website users // website users
$websiteuser = $this->objFromFixture(Member::class, 'websiteuser'); $websiteuser = $this->objFromFixture(Member::class, 'websiteuser');
@ -271,14 +272,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$page->canView($websiteuser), $page->canView($websiteuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups' 'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups'
); );
$this->session()->inst_set('loggedInAs', $websiteuser->ID); Security::setCurrentUser($websiteuser);
$response = $this->get($page->RelativeLink()); $response = $this->get($page->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
200, 200,
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups' 'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
} }
public function testRestrictedEditLoggedInUsers() public function testRestrictedEditLoggedInUsers()
@ -293,7 +294,7 @@ class SiteTreePermissionsTest extends FunctionalTest
// website users // website users
$websiteuser = $this->objFromFixture(Member::class, 'websiteuser'); $websiteuser = $this->objFromFixture(Member::class, 'websiteuser');
$websiteuser->logIn(); Security::setCurrentUser($websiteuser);
$this->assertFalse( $this->assertFalse(
$page->canEdit($websiteuser), $page->canEdit($websiteuser),
'Authenticated members cant edit a page marked as "Editable by logged in users" if they dont have cms permissions' 'Authenticated members cant edit a page marked as "Editable by logged in users" if they dont have cms permissions'
@ -342,7 +343,7 @@ class SiteTreePermissionsTest extends FunctionalTest
$childPage->canView(false), $childPage->canView(false),
'Unauthenticated members cant view a page marked as "Viewable by these groups" by inherited permission' 'Unauthenticated members cant view a page marked as "Viewable by these groups" by inherited permission'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$response = $this->get($childPage->RelativeLink()); $response = $this->get($childPage->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
@ -356,14 +357,14 @@ class SiteTreePermissionsTest extends FunctionalTest
$childPage->canView($subadminuser), $childPage->canView($subadminuser),
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission' 'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission'
); );
$this->session()->inst_set('loggedInAs', $subadminuser->ID); Security::setCurrentUser($subadminuser);
$response = $this->get($childPage->RelativeLink()); $response = $this->get($childPage->RelativeLink());
$this->assertEquals( $this->assertEquals(
$response->getStatusCode(), $response->getStatusCode(),
200, 200,
'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission' 'Authenticated members can view a page marked as "Viewable by these groups" if theyre in the listed groups by inherited permission'
); );
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
} }
public function testRestrictedEditInheritance() public function testRestrictedEditInheritance()
@ -461,16 +462,16 @@ class SiteTreePermissionsTest extends FunctionalTest
$siteconfig->write(); $siteconfig->write();
$this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers'); $this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
$this->session()->inst_set('loggedInAs', $editor->ID); Security::setCurrentUser($editor);
$this->assertTrue($page->canEdit(), 'Users can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers'); $this->assertTrue($page->canEdit(), 'Users can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to LoggedInUsers');
$siteconfig->CanEditType = 'OnlyTheseUsers'; $siteconfig->CanEditType = 'OnlyTheseUsers';
$siteconfig->EditorGroups()->add($editorGroup); $siteconfig->EditorGroups()->add($editorGroup);
$siteconfig->write(); $siteconfig->write();
$this->assertTrue($page->canEdit($editor), 'Editors can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers'); $this->assertTrue($page->canEdit($editor), 'Editors can edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
$this->session()->inst_set('loggedInAs', null); Security::setCurrentUser(null);
$this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers'); $this->assertFalse($page->canEdit(false), 'Anonymous can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
$this->session()->inst_set('loggedInAs', $user->ID); Security::setCurrentUser($user);
$this->assertFalse($page->canEdit($user), 'Website user can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers'); $this->assertFalse($page->canEdit($user), 'Website user can\'t edit a page when set to inherit from the SiteConfig, and SiteConfig has canEdit set to OnlyTheseUsers');
} }
} }

View File

@ -7,6 +7,7 @@ use SilverStripe\Control\ContentNegotiator;
use SilverStripe\Control\Controller; use SilverStripe\Control\Controller;
use SilverStripe\ORM\DB; use SilverStripe\ORM\DB;
use SilverStripe\Security\InheritedPermissions; use SilverStripe\Security\InheritedPermissions;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\ORM\DataObject; use SilverStripe\ORM\DataObject;
use SilverStripe\ORM\ValidationException; use SilverStripe\ORM\ValidationException;
@ -57,8 +58,9 @@ class SiteTreeTest extends SapphireTest
*/ */
public function logOut() public function logOut()
{ {
if ($member = Member::currentUser()) { if ($member = Security::getCurrentUser()) {
$member->logOut(); Session::clear('loggedInAs');
Security::setCurrentUser(null);
} }
} }
@ -663,11 +665,13 @@ class SiteTreeTest extends SapphireTest
$sc->write(); $sc->write();
// Confirm that Member.editor can't edit the page // Confirm that Member.editor can't edit the page
$this->objFromFixture(Member::class, 'editor')->logIn(); $member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertFalse($page->canEdit()); $this->assertFalse($page->canEdit());
// Change the page to be editable by Group.editors, but do not publish // Change the page to be editable by Group.editors, but do not publish
$this->objFromFixture(Member::class, 'admin')->logIn(); $admin = $this->objFromFixture(Member::class, 'admin');
Security::setCurrentUser($admin);
$page->CanEditType = 'OnlyTheseUsers'; $page->CanEditType = 'OnlyTheseUsers';
$page->EditorGroups()->add($this->idFromFixture(Group::class, 'editors')); $page->EditorGroups()->add($this->idFromFixture(Group::class, 'editors'));
$page->write(); $page->write();
@ -678,15 +682,18 @@ class SiteTreeTest extends SapphireTest
$checker->clearCache(); $checker->clearCache();
// Confirm that Member.editor can now edit the page // Confirm that Member.editor can now edit the page
$this->objFromFixture(Member::class, 'editor')->logIn(); $member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit()); $this->assertTrue($page->canEdit());
// Publish the changes to the page // Publish the changes to the page
$this->objFromFixture(Member::class, 'admin')->logIn(); $admin = $this->objFromFixture(Member::class, 'admin');
Security::setCurrentUser($admin);
$page->publishRecursive(); $page->publishRecursive();
// Confirm that Member.editor can still edit the page // Confirm that Member.editor can still edit the page
$this->objFromFixture(Member::class, 'editor')->logIn(); $member = $this->objFromFixture(Member::class, 'editor');
Security::setCurrentUser($member);
$this->assertTrue($page->canEdit()); $this->assertTrue($page->canEdit());
} }
@ -720,12 +727,12 @@ class SiteTreeTest extends SapphireTest
public function testAuthorIDAndPublisherIDFilledOutOnPublish() public function testAuthorIDAndPublisherIDFilledOutOnPublish()
{ {
// Ensure that we have a member ID who is doing all this work // Ensure that we have a member ID who is doing all this work
$member = Member::currentUser(); $member = security::getCurrentUser();
if ($member) { if ($member) {
$memberID = $member->ID; $memberID = $member->ID;
} else { } else {
$memberID = $this->idFromFixture(Member::class, "admin"); $member = $this->objFromFixture(Member::class, "admin");
Session::set("loggedInAs", $memberID); Security::setCurrentUser($member);
} }
// Write the page // Write the page
@ -1158,7 +1165,7 @@ class SiteTreeTest extends SapphireTest
$method = new ReflectionMethod($sitetree, 'getClassDropdown'); $method = new ReflectionMethod($sitetree, 'getClassDropdown');
$method->setAccessible(true); $method->setAccessible(true);
Session::set("loggedInAs", null); Security::setCurrentUser(null);
$this->assertArrayNotHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree)); $this->assertArrayNotHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree));
$this->loginWithPermission('ADMIN'); $this->loginWithPermission('ADMIN');
@ -1167,7 +1174,7 @@ class SiteTreeTest extends SapphireTest
$this->loginWithPermission('CMS_ACCESS_CMSMain'); $this->loginWithPermission('CMS_ACCESS_CMSMain');
$this->assertArrayHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree)); $this->assertArrayHasKey(SiteTreeTest_ClassA::class, $method->invoke($sitetree));
Session::set("loggedInAs", null); Security::setCurrentUser(null);
} }
public function testCanBeRoot() public function testCanBeRoot()
@ -1398,7 +1405,7 @@ class SiteTreeTest extends SapphireTest
public function testCanPublish() public function testCanPublish()
{ {
$page = new SiteTreeTest_ClassD(); $page = new SiteTreeTest_ClassD();
Session::clear("loggedInAs"); $this->logOut();
// Test that false overrides any can_publish = true // Test that false overrides any can_publish = true
SiteTreeTest_ExtensionA::$can_publish = true; SiteTreeTest_ExtensionA::$can_publish = true;

View File

@ -6,6 +6,7 @@ use SilverStripe\CMS\Model\SiteTree;
use SilverStripe\Control\HTTPRequest; use SilverStripe\Control\HTTPRequest;
use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Config;
use SilverStripe\ORM\DB; use SilverStripe\ORM\DB;
use SilverStripe\Security\Security;
use SilverStripe\Versioned\Versioned; use SilverStripe\Versioned\Versioned;
use SilverStripe\MSSQL\MSSQLDatabase; use SilverStripe\MSSQL\MSSQLDatabase;
use SilverStripe\PostgreSQL\PostgreSQLDatabase; use SilverStripe\PostgreSQL\PostgreSQLDatabase;
@ -200,14 +201,14 @@ class ZZZSearchFormTest extends FunctionalTest
); );
$member = $this->objFromFixture(Member::class, 'randomuser'); $member = $this->objFromFixture(Member::class, 'randomuser');
$member->logIn(); Security::setCurrentUser($member);
$results = $sf->getResults(); $results = $sf->getResults();
$this->assertContains( $this->assertContains(
$page->ID, $page->ID,
$results->column('ID'), $results->column('ID'),
'Page with "Restrict to logged in users" shows if login is present' 'Page with "Restrict to logged in users" shows if login is present'
); );
$member->logOut(); Security::setCurrentUser(null);
} }
public function testPagesRestrictedToSpecificGroupNotIncluded() public function testPagesRestrictedToSpecificGroupNotIncluded()
@ -230,24 +231,24 @@ class ZZZSearchFormTest extends FunctionalTest
); );
$member = $this->objFromFixture(Member::class, 'randomuser'); $member = $this->objFromFixture(Member::class, 'randomuser');
$member->logIn(); Security::setCurrentUser($member);
$results = $sf->getResults(); $results = $sf->getResults();
$this->assertNotContains( $this->assertNotContains(
$page->ID, $page->ID,
$results->column('ID'), $results->column('ID'),
'Page with "Restrict to these users" doesnt show if logged in user is not in the right group' 'Page with "Restrict to these users" doesnt show if logged in user is not in the right group'
); );
$member->logOut(); Security::setCurrentUser(null);
$member = $this->objFromFixture(Member::class, 'websiteuser'); $member = $this->objFromFixture(Member::class, 'websiteuser');
$member->logIn(); Security::setCurrentUser($member);
$results = $sf->getResults(); $results = $sf->getResults();
$this->assertContains( $this->assertContains(
$page->ID, $page->ID,
$results->column('ID'), $results->column('ID'),
'Page with "Restrict to these users" shows if user in this group is logged in' 'Page with "Restrict to these users" shows if user in this group is logged in'
); );
$member->logOut(); Security::setCurrentUser(null);
} }
public function testInheritedRestrictedPagesNotIncluded() public function testInheritedRestrictedPagesNotIncluded()
@ -269,14 +270,14 @@ class ZZZSearchFormTest extends FunctionalTest
); );
$member = $this->objFromFixture(Member::class, 'websiteuser'); $member = $this->objFromFixture(Member::class, 'websiteuser');
$member->logIn(); Security::setCurrentUser($member);
$results = $sf->getResults(); $results = $sf->getResults();
$this->assertContains( $this->assertContains(
$page->ID, $page->ID,
$results->column('ID'), $results->column('ID'),
'Page inheriting "Restrict to loggedin users" shows if user in this group is logged in' 'Page inheriting "Restrict to loggedin users" shows if user in this group is logged in'
); );
$member->logOut(); Security::setCurrentUser(null);
} }
public function testDisabledShowInSearchFlagNotIncludedForSiteTree() public function testDisabledShowInSearchFlagNotIncludedForSiteTree()