tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-27 23:19:35 +02:00
Code Issues Projects Releases Wiki Activity

FIX Issue where default admin has no password encryption

Browse Source
This commit is contained in:
Daniel Hensby 2018-02-06 13:56:46 +00:00
parent 97ce336409
commit 660dfd34a8
No known key found for this signature in database
GPG Key ID: B00D1E9767F0B06E
4 changed files with 11 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Security/DefaultAdminService.php
View File

@ -171,6 +171,7 @@ class DefaultAdminService
$admin = Member::create(); $admin = Member::create();
$admin->FirstName = $name ?: $email; $admin->FirstName = $name ?: $email;
$admin->Email = $email; $admin->Email = $email;
$admin->PasswordEncryption = 'none';
$admin->write(); $admin->write();
} }

2
src/Security/Member.php
View File

@ -919,7 +919,7 @@ class Member extends DataObject
// The test on $this->ID is used for when records are initially created. Note that this only works with // The test on $this->ID is used for when records are initially created. Note that this only works with
// cleartext passwords, as we can't rehash existing passwords. Checking passwordChangesToWrite prevents // cleartext passwords, as we can't rehash existing passwords. Checking passwordChangesToWrite prevents
// recursion between changePassword and this method. // recursion between changePassword and this method.
if ((!$this->ID && $this->Password) || ($this->isChanged('Password') && !$this->passwordChangesToWrite)) { if (!$this->ID || ($this->isChanged('Password') && !$this->passwordChangesToWrite)) {
$this->changePassword($this->Password, false); $this->changePassword($this->Password, false);
} }

20
tests/php/Security/MemberTest.php
View File

@ -115,7 +115,8 @@ class MemberTest extends FunctionalTest
$memberNoPassword = new Member(); $memberNoPassword = new Member();
$memberNoPassword->write(); $memberNoPassword->write();
$this->assertNull( $this->assertEquals(
Security::config()->get('password_encryption_algorithm'),
$memberNoPassword->PasswordEncryption, $memberNoPassword->PasswordEncryption,
'Password encryption is not set for new member records on first write, when not setting a "Password")' 'Password encryption is not set for new member records on first write, when not setting a "Password")'
); );
@ -853,15 +854,12 @@ class MemberTest extends FunctionalTest
public function testGenerateAutologinTokenAndStoreHash() public function testGenerateAutologinTokenAndStoreHash()
{ {
$enc = new PasswordEncryptor_Blowfish();
$m = new Member(); $m = new Member();
$m->PasswordEncryption = 'blowfish'; $m->write();
$m->Salt = $enc->salt('123');
$token = $m->generateAutologinTokenAndStoreHash(); $token = $m->generateAutologinTokenAndStoreHash();
$this->assertEquals($m->encryptWithUserSettings($token), $m->AutoLoginHash, 'Stores the token as ahash.'); $this->assertEquals($m->encryptWithUserSettings($token), $m->AutoLoginHash, 'Stores the token as a hash.');
} }
public function testValidateAutoLoginToken() public function testValidateAutoLoginToken()
@ -869,13 +867,11 @@ class MemberTest extends FunctionalTest
$enc = new PasswordEncryptor_Blowfish(); $enc = new PasswordEncryptor_Blowfish();
$m1 = new Member(); $m1 = new Member();
$m1->PasswordEncryption = 'blowfish'; $m1->write();
$m1->Salt = $enc->salt('123');
$m1Token = $m1->generateAutologinTokenAndStoreHash(); $m1Token = $m1->generateAutologinTokenAndStoreHash();
$m2 = new Member(); $m2 = new Member();
$m2->PasswordEncryption = 'blowfish'; $m2->write();
$m2->Salt = $enc->salt('456');
$m2->generateAutologinTokenAndStoreHash(); $m2->generateAutologinTokenAndStoreHash();
$this->assertTrue($m1->validateAutoLoginToken($m1Token), 'Passes token validity test against matching member.'); $this->assertTrue($m1->validateAutoLoginToken($m1Token), 'Passes token validity test against matching member.');
@ -899,9 +895,7 @@ class MemberTest extends FunctionalTest
public function testRememberMeHashAutologin() public function testRememberMeHashAutologin()
{ {
/** /** @var Member $m1 */
* @var Member $m1
*/
$m1 = $this->objFromFixture(Member::class, 'noexpiry'); $m1 = $this->objFromFixture(Member::class, 'noexpiry');
Injector::inst()->get(IdentityStore::class)->logIn($m1, true); Injector::inst()->get(IdentityStore::class)->logIn($m1, true);

2
tests/php/Security/SecurityDefaultAdminTest.php
View File

@ -4,6 +4,7 @@ namespace SilverStripe\Security\Tests;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
use SilverStripe\Security\PasswordEncryptor;
use SilverStripe\Security\Permission; use SilverStripe\Security\Permission;
use SilverStripe\Security\DefaultAdminService; use SilverStripe\Security\DefaultAdminService;
@ -77,6 +78,7 @@ class SecurityDefaultAdminTest extends SapphireTest
$this->assertEquals($admin->Email, DefaultAdminService::getDefaultAdminUsername()); $this->assertEquals($admin->Email, DefaultAdminService::getDefaultAdminUsername());
$this->assertTrue(DefaultAdminService::isDefaultAdmin($admin->Email)); $this->assertTrue(DefaultAdminService::isDefaultAdmin($admin->Email));
$this->assertNull($admin->Password); $this->assertNull($admin->Password);
$this->assertArrayHasKey($admin->PasswordEncryption, PasswordEncryptor::get_encryptors());
} }
public function testFindOrCreateAdmin() public function testFindOrCreateAdmin()