2010-04-12 21:16:26 +00:00
|
|
|
<?php
|
2016-06-23 11:37:22 +12:00
|
|
|
|
2016-10-14 14:30:05 +13:00
|
|
|
namespace SilverStripe\Security\Tests;
|
|
|
|
|
|
2016-08-19 10:51:35 +12:00
|
|
|
use SilverStripe\Dev\SapphireTest;
|
2017-06-15 14:20:12 +12:00
|
|
|
use SilverStripe\Security\Member;
|
2018-02-06 13:56:46 +00:00
|
|
|
use SilverStripe\Security\PasswordEncryptor;
|
2017-06-15 14:20:12 +12:00
|
|
|
use SilverStripe\Security\Permission;
|
|
|
|
|
use SilverStripe\Security\DefaultAdminService;
|
2022-11-10 11:36:56 +13:00
|
|
|
use SilverStripe\Security\Security;
|
2016-08-19 10:51:35 +12:00
|
|
|
|
2016-12-16 17:34:21 +13:00
|
|
|
class SecurityDefaultAdminTest extends SapphireTest
|
|
|
|
|
{
|
|
|
|
|
protected $usesDatabase = true;
|
|
|
|
|
|
|
|
|
|
protected $defaultUsername = null;
|
2017-06-15 14:20:12 +12:00
|
|
|
|
2016-12-16 17:34:21 +13:00
|
|
|
protected $defaultPassword = null;
|
|
|
|
|
|
2021-10-27 15:39:47 +13:00
|
|
|
protected function setUp(): void
|
2016-12-16 17:34:21 +13:00
|
|
|
{
|
|
|
|
|
parent::setUp();
|
|
|
|
|
|
2017-06-22 22:50:45 +12:00
|
|
|
if (!static::$tempDB->isUsed()) {
|
|
|
|
|
static::$tempDB->build();
|
2016-12-16 17:34:21 +13:00
|
|
|
}
|
2017-06-22 22:50:45 +12:00
|
|
|
static::$tempDB->clearAllData();
|
2016-12-16 17:34:21 +13:00
|
|
|
|
2017-06-15 14:20:12 +12:00
|
|
|
if (DefaultAdminService::hasDefaultAdmin()) {
|
|
|
|
|
$this->defaultUsername = DefaultAdminService::getDefaultAdminUsername();
|
|
|
|
|
$this->defaultPassword = DefaultAdminService::getDefaultAdminPassword();
|
|
|
|
|
DefaultAdminService::clearDefaultAdmin();
|
|
|
|
|
} else {
|
|
|
|
|
$this->defaultUsername = null;
|
|
|
|
|
$this->defaultPassword = null;
|
|
|
|
|
}
|
2022-11-10 11:36:56 +13:00
|
|
|
Security::config()->set('password_encryption_algorithm', 'blowfish');
|
2017-06-15 14:20:12 +12:00
|
|
|
DefaultAdminService::setDefaultAdmin('admin', 'password');
|
2017-01-20 15:57:50 +13:00
|
|
|
Permission::reset();
|
2016-12-16 17:34:21 +13:00
|
|
|
}
|
|
|
|
|
|
2021-10-27 15:39:47 +13:00
|
|
|
protected function tearDown(): void
|
2016-12-16 17:34:21 +13:00
|
|
|
{
|
2017-06-15 14:20:12 +12:00
|
|
|
DefaultAdminService::clearDefaultAdmin();
|
|
|
|
|
if ($this->defaultUsername) {
|
|
|
|
|
DefaultAdminService::setDefaultAdmin($this->defaultUsername, $this->defaultPassword);
|
|
|
|
|
}
|
2017-01-20 15:57:50 +13:00
|
|
|
Permission::reset();
|
2016-12-16 17:34:21 +13:00
|
|
|
parent::tearDown();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testCheckDefaultAdmin()
|
|
|
|
|
{
|
2017-06-15 14:20:12 +12:00
|
|
|
$this->assertTrue(DefaultAdminService::hasDefaultAdmin());
|
2016-12-16 17:34:21 +13:00
|
|
|
$this->assertTrue(
|
2017-06-15 14:20:12 +12:00
|
|
|
DefaultAdminService::isDefaultAdminCredentials('admin', 'password'),
|
2016-12-16 17:34:21 +13:00
|
|
|
'Succeeds with correct username and password'
|
|
|
|
|
);
|
|
|
|
|
$this->assertFalse(
|
2017-06-15 14:20:12 +12:00
|
|
|
DefaultAdminService::isDefaultAdminCredentials('wronguser', 'password'),
|
2016-12-16 17:34:21 +13:00
|
|
|
'Fails with incorrect username'
|
|
|
|
|
);
|
|
|
|
|
$this->assertFalse(
|
2017-06-15 14:20:12 +12:00
|
|
|
DefaultAdminService::isDefaultAdminCredentials('admin', 'wrongpassword'),
|
2016-12-16 17:34:21 +13:00
|
|
|
'Fails with incorrect password'
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testFindAnAdministratorCreatesNewUser()
|
|
|
|
|
{
|
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
|
|
|
|
|
2017-06-15 14:20:12 +12:00
|
|
|
$admin = DefaultAdminService::singleton()->findOrCreateDefaultAdmin();
|
2016-12-16 17:34:21 +13:00
|
|
|
|
|
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
|
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
2017-06-15 14:20:12 +12:00
|
|
|
$this->assertEquals($admin->Email, DefaultAdminService::getDefaultAdminUsername());
|
|
|
|
|
$this->assertTrue(DefaultAdminService::isDefaultAdmin($admin->Email));
|
2022-08-25 11:17:38 +12:00
|
|
|
$this->assertStringStartsWith('$2y$10$', $admin->Password);
|
2018-02-06 13:56:46 +00:00
|
|
|
$this->assertArrayHasKey($admin->PasswordEncryption, PasswordEncryptor::get_encryptors());
|
2016-12-16 17:34:21 +13:00
|
|
|
}
|
|
|
|
|
|
2017-07-06 13:29:27 +12:00
|
|
|
public function testFindOrCreateAdmin()
|
|
|
|
|
{
|
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
|
|
|
|
|
|
|
|
|
$admin = DefaultAdminService::singleton()->findOrCreateAdmin('newadmin@example.com', 'Admin Name');
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
|
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
|
|
|
|
$this->assertEquals('newadmin@example.com', $admin->Email);
|
|
|
|
|
$this->assertEquals('Admin Name', $admin->FirstName);
|
2022-08-25 11:17:38 +12:00
|
|
|
$this->assertStringStartsWith('$2y$10$', $admin->Password);
|
2017-07-06 13:29:27 +12:00
|
|
|
}
|
|
|
|
|
|
2016-12-16 17:34:21 +13:00
|
|
|
public function testFindAnAdministratorWithoutDefaultAdmin()
|
|
|
|
|
{
|
|
|
|
|
// Clear default admin
|
2017-06-15 14:20:12 +12:00
|
|
|
$service = DefaultAdminService::singleton();
|
2017-06-13 21:04:43 +12:00
|
|
|
DefaultAdminService::clearDefaultAdmin();
|
2016-12-16 17:34:21 +13:00
|
|
|
|
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
|
|
|
|
|
2017-06-13 21:04:43 +12:00
|
|
|
$admin = $service->findOrCreateDefaultAdmin();
|
|
|
|
|
$this->assertNull($admin);
|
2017-06-15 14:20:12 +12:00
|
|
|
|
2017-06-13 21:04:43 +12:00
|
|
|
// When clearing the admin, it will not re-instate it anymore
|
|
|
|
|
DefaultAdminService::setDefaultAdmin('admin', 'password');
|
2017-06-15 14:20:12 +12:00
|
|
|
$admin = $service->findOrCreateDefaultAdmin();
|
2016-12-16 17:34:21 +13:00
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
|
|
|
|
|
2017-06-15 14:20:12 +12:00
|
|
|
$this->assertEquals('admin', $admin->Email);
|
2022-08-25 11:17:38 +12:00
|
|
|
$this->assertStringStartsWith('$2y$10$', $admin->Password);
|
2016-12-16 17:34:21 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDefaultAdmin()
|
|
|
|
|
{
|
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
|
|
|
|
|
2017-06-15 14:20:12 +12:00
|
|
|
$admin = DefaultAdminService::singleton()->findOrCreateDefaultAdmin();
|
2016-12-16 17:34:21 +13:00
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
|
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
2017-06-15 14:20:12 +12:00
|
|
|
$this->assertEquals($admin->Email, DefaultAdminService::getDefaultAdminUsername());
|
|
|
|
|
$this->assertTrue(DefaultAdminService::isDefaultAdmin($admin->Email));
|
2022-08-25 11:17:38 +12:00
|
|
|
$this->assertStringStartsWith('$2y$10$', $admin->Password);
|
2016-12-16 17:34:21 +13:00
|
|
|
}
|
2012-03-24 16:04:52 +13:00
|
|
|
}
|
