2010-04-12 21:16:26 +00:00
|
|
|
<?php
|
2016-06-23 11:37:22 +12:00
|
|
|
|
2016-10-14 14:30:05 +13:00
|
|
|
namespace SilverStripe\Security\Tests;
|
|
|
|
|
2016-06-23 11:37:22 +12:00
|
|
|
use SilverStripe\Security\Security;
|
|
|
|
use SilverStripe\Security\Permission;
|
|
|
|
use SilverStripe\Security\Member;
|
2016-08-19 10:51:35 +12:00
|
|
|
use SilverStripe\Dev\SapphireTest;
|
|
|
|
|
2010-04-12 21:16:26 +00:00
|
|
|
class SecurityDefaultAdminTest extends SapphireTest {
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2015-09-07 13:44:16 +12:00
|
|
|
protected $usesDatabase = true;
|
|
|
|
|
2014-10-06 16:01:33 +13:00
|
|
|
protected $defaultUsername = null;
|
|
|
|
protected $defaultPassword = null;
|
2016-01-06 12:34:58 +13:00
|
|
|
|
2012-09-19 12:07:39 +02:00
|
|
|
public function setUp() {
|
2010-04-12 23:08:35 +00:00
|
|
|
parent::setUp();
|
|
|
|
|
2014-08-15 18:53:05 +12:00
|
|
|
// TODO Workaround to force database clearing with no fixture present,
|
2010-04-12 21:16:26 +00:00
|
|
|
// and avoid sideeffects from other tests
|
2010-04-12 23:08:35 +00:00
|
|
|
if(!self::using_temp_db()) self::create_temp_db();
|
2010-04-12 21:16:26 +00:00
|
|
|
self::empty_temp_db();
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2014-10-06 16:01:33 +13:00
|
|
|
$this->defaultUsername = Security::default_admin_username();
|
|
|
|
$this->defaultPassword = Security::default_admin_password();
|
|
|
|
Security::clear_default_admin();
|
2010-04-12 21:16:26 +00:00
|
|
|
Security::setDefaultAdmin('admin', 'password');
|
2015-09-07 13:44:16 +12:00
|
|
|
Permission::flush_permission_cache();
|
2014-10-06 16:01:33 +13:00
|
|
|
}
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2014-10-06 16:01:33 +13:00
|
|
|
public function tearDown() {
|
|
|
|
Security::setDefaultAdmin($this->defaultUsername, $this->defaultPassword);
|
2015-09-07 13:44:16 +12:00
|
|
|
Permission::flush_permission_cache();
|
2014-10-06 16:01:33 +13:00
|
|
|
parent::tearDown();
|
2010-04-12 21:16:26 +00:00
|
|
|
}
|
2016-01-06 12:34:58 +13:00
|
|
|
|
2012-09-19 12:07:39 +02:00
|
|
|
public function testCheckDefaultAdmin() {
|
2010-04-12 21:16:26 +00:00
|
|
|
$this->assertTrue(Security::has_default_admin());
|
|
|
|
$this->assertTrue(
|
|
|
|
Security::check_default_admin('admin', 'password'),
|
|
|
|
'Succeeds with correct username and password'
|
|
|
|
);
|
|
|
|
$this->assertFalse(
|
|
|
|
Security::check_default_admin('wronguser', 'password'),
|
|
|
|
'Fails with incorrect username'
|
|
|
|
);
|
|
|
|
$this->assertFalse(
|
|
|
|
Security::check_default_admin('admin', 'wrongpassword'),
|
|
|
|
'Fails with incorrect password'
|
|
|
|
);
|
|
|
|
}
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2012-09-19 12:07:39 +02:00
|
|
|
public function testFindAnAdministratorCreatesNewUser() {
|
2010-04-12 21:16:26 +00:00
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
2009-11-22 18:16:38 +13:00
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2010-04-12 21:16:26 +00:00
|
|
|
$admin = Security::findAnAdministrator();
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2016-10-14 14:30:05 +13:00
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
2010-04-12 21:16:26 +00:00
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
2014-10-06 16:01:33 +13:00
|
|
|
$this->assertEquals($admin->Email, Security::default_admin_username());
|
2010-04-12 21:16:26 +00:00
|
|
|
$this->assertNull($admin->Password);
|
|
|
|
}
|
2014-08-15 18:53:05 +12:00
|
|
|
|
2014-11-18 15:36:34 +13:00
|
|
|
public function testFindAnAdministratorWithoutDefaultAdmin() {
|
|
|
|
// Clear default admin
|
|
|
|
Security::clear_default_admin();
|
|
|
|
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
|
|
|
|
|
|
|
$admin = Security::findAnAdministrator();
|
|
|
|
|
2016-10-14 14:30:05 +13:00
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
2014-11-18 15:36:34 +13:00
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
|
|
|
|
|
|
|
// User should be blank
|
|
|
|
$this->assertEmpty($admin->Email);
|
|
|
|
$this->assertEmpty($admin->Password);
|
|
|
|
}
|
|
|
|
|
2014-10-06 16:01:33 +13:00
|
|
|
public function testDefaultAdmin() {
|
|
|
|
$adminMembers = Permission::get_members_by_permission('ADMIN');
|
|
|
|
$this->assertEquals(0, $adminMembers->count());
|
2016-01-06 12:34:58 +13:00
|
|
|
|
2014-10-06 16:01:33 +13:00
|
|
|
$admin = Member::default_admin();
|
2016-01-06 12:34:58 +13:00
|
|
|
|
2016-10-14 14:30:05 +13:00
|
|
|
$this->assertInstanceOf(Member::class, $admin);
|
2014-10-06 16:01:33 +13:00
|
|
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
|
|
|
$this->assertEquals($admin->Email, Security::default_admin_username());
|
|
|
|
$this->assertNull($admin->Password);
|
|
|
|
|
|
|
|
}
|
2014-11-18 12:45:54 +13:00
|
|
|
|
2012-03-24 16:04:52 +13:00
|
|
|
}
|