silverstripe-framework/tests/security/SecurityDefaultAdminTest.php

<?php
class SecurityDefaultAdminTest extends SapphireTest {
	
	function setUp() {
		parent::setUp();

		// TODO Workaround to force database clearing with no fixture present, 
		// and avoid sideeffects from other tests
		if(!self::using_temp_db()) self::create_temp_db();
		self::empty_temp_db();
	}
	
	function testCheckDefaultAdmin() {
		// TODO There's currently no way to inspect default admin state,
		//  hence we don't override existing settings
		if(Security::has_default_admin()) return;
		
		Security::setDefaultAdmin('admin', 'password');
		
		$this->assertTrue(Security::has_default_admin());
		$this->assertTrue(
			Security::check_default_admin('admin', 'password'),
			'Succeeds with correct username and password'
		);
		$this->assertFalse(
			Security::check_default_admin('wronguser', 'password'),
			'Fails with incorrect username'
		);
		$this->assertFalse(
			Security::check_default_admin('admin', 'wrongpassword'),
			'Fails with incorrect password'
		);
		
		Security::setDefaultAdmin(null, null);
	}
	
	function testFindAnAdministratorCreatesNewUser() {
		$adminMembers = Permission::get_members_by_permission('ADMIN');
		$this->assertEquals(0, $adminMembers->count());
		
		$admin = Security::findAnAdministrator();
		
		$this->assertType('Member', $admin);
		$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
		$this->assertNull($admin->Email);
		$this->assertNull($admin->Password);
	}
	
}
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method. ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install() MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 23:16:26 +02:00			`<?php`
			`class SecurityDefaultAdminTest extends SapphireTest {`

			`function setUp() {`
MINOR: Make SecurityDefaultAdminTest when you run it by itself. (from r97652) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102522 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-13 01:08:35 +02:00			`parent::setUp();`

API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method. ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install() MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 23:16:26 +02:00			`// TODO Workaround to force database clearing with no fixture present,`
			`// and avoid sideeffects from other tests`
MINOR: Make SecurityDefaultAdminTest when you run it by itself. (from r97652) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102522 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-13 01:08:35 +02:00			`if(!self::using_temp_db()) self::create_temp_db();`
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method. ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install() MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 23:16:26 +02:00			`self::empty_temp_db();`
			`}`

			`function testCheckDefaultAdmin() {`
			`// TODO There's currently no way to inspect default admin state,`
			`// hence we don't override existing settings`
			`if(Security::has_default_admin()) return;`

			`Security::setDefaultAdmin('admin', 'password');`

			`$this->assertTrue(Security::has_default_admin());`
			`$this->assertTrue(`
			`Security::check_default_admin('admin', 'password'),`
			`'Succeeds with correct username and password'`
			`);`
			`$this->assertFalse(`
			`Security::check_default_admin('wronguser', 'password'),`
			`'Fails with incorrect username'`
			`);`
			`$this->assertFalse(`
			`Security::check_default_admin('admin', 'wrongpassword'),`
			`'Fails with incorrect password'`
			`);`

			`Security::setDefaultAdmin(null, null);`
			`}`

			`function testFindAnAdministratorCreatesNewUser() {`
			`$adminMembers = Permission::get_members_by_permission('ADMIN');`
ENHANCEMENT: Implemented DataList as the successor of DataObjectSet. DataList doesn't execute the query until it's actually needed, allowing for a more flexible ORM. API CHANGE: augmentSQL is now passed a DataQuery object from which query parameters can be extracted. API CHANGE: DataObjectDecorators that manipulate the query can now define augmentDataQueryCreation(). API CHANGE: The container class argument for DataObject::get() is deprecated. API CHANGE: DataObject::buildSQL() and DataObject::extendedSQL() are deprecated; just use DataObject::get() now. API CHANGE: DataObject::instance_get() and DataObject::instance_get_one() are deprecated, and can no longer be overloaded. API CHANGE: DataObject::buildDataObjectSet() is deprecated. API CHANGE: Cant't call manual manipulation methods on DataList such as insertFirst() 2009-11-22 06:16:38 +01:00			`$this->assertEquals(0, $adminMembers->count());`
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method. ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install() MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 23:16:26 +02:00
			`$admin = Security::findAnAdministrator();`

Revert "MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10)" - cased too many problems with mixed build environments that require PHP 3.4 This reverts commit 65f6104cd6aaad00b3fbb4a6a1c13e431afa3f9a. 2011-03-11 03:06:09 +01:00			`$this->assertType('Member', $admin);`
API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271) API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method. ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install() MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 23:16:26 +02:00			`$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));`
			`$this->assertNull($admin->Email);`
			`$this->assertNull($admin->Password);`
			`}`

			`}`