Merge branch '5' into 6

# Conflicts:
#	src/Security/Member.php
#	src/Security/PasswordValidator.php
#	tests/php/Forms/ConfirmedPasswordFieldTest.php
This commit is contained in:
Guy Sartorelli 2024-09-26 09:23:56 +12:00
commit 730b891e10
No known key found for this signature in database
8 changed files with 48 additions and 19 deletions

View File

@ -44,6 +44,7 @@ use SilverStripe\Forms\FormField;
use SilverStripe\Forms\SearchableDropdownField; use SilverStripe\Forms\SearchableDropdownField;
use SilverStripe\Forms\SearchableMultiDropdownField; use SilverStripe\Forms\SearchableMultiDropdownField;
use SilverStripe\ORM\FieldType\DBForeignKey; use SilverStripe\ORM\FieldType\DBForeignKey;
use SilverStripe\Dev\Deprecation;
/** /**
* The member class which represents the users of the system * The member class which represents the users of the system
@ -400,7 +401,7 @@ class Member extends DataObject
public static function password_validator() public static function password_validator()
{ {
if (Injector::inst()->has(PasswordValidator::class)) { if (Injector::inst()->has(PasswordValidator::class)) {
return Injector::inst()->get(PasswordValidator::class); return Deprecation::withSuppressedNotice(fn() => Injector::inst()->get(PasswordValidator::class));
} }
return null; return null;
} }

View File

@ -6,6 +6,7 @@ use SilverStripe\Core\Config\Configurable;
use SilverStripe\Core\Extensible; use SilverStripe\Core\Extensible;
use SilverStripe\Core\Injector\Injectable; use SilverStripe\Core\Injector\Injectable;
use SilverStripe\Core\Validation\ValidationResult; use SilverStripe\Core\Validation\ValidationResult;
use SilverStripe\Dev\Deprecation;
/** /**
* This class represents a validator for member passwords. * This class represents a validator for member passwords.
@ -19,6 +20,8 @@ use SilverStripe\Core\Validation\ValidationResult;
* *
* Member::set_password_validator($pwdValidator); * Member::set_password_validator($pwdValidator);
* </code> * </code>
*
* @deprecated 5.4.0 Will be renamed to SilverStripe\Security\Validation\RulesPasswordValidator
*/ */
class PasswordValidator class PasswordValidator
{ {
@ -75,6 +78,15 @@ class PasswordValidator
*/ */
protected $historicalPasswordCount = null; protected $historicalPasswordCount = null;
public function __construct()
{
Deprecation::notice(
'5.4.0',
'Will be renamed to SilverStripe\Security\Validation\RulesPasswordValidator',
Deprecation::SCOPE_CLASS
);
}
/** /**
* @return int * @return int
*/ */

View File

@ -15,6 +15,7 @@ use SilverStripe\Security\PasswordValidator;
use SilverStripe\View\SSViewer; use SilverStripe\View\SSViewer;
use Closure; use Closure;
use PHPUnit\Framework\Attributes\DataProvider; use PHPUnit\Framework\Attributes\DataProvider;
use SilverStripe\Dev\Deprecation;
class ConfirmedPasswordFieldTest extends SapphireTest class ConfirmedPasswordFieldTest extends SapphireTest
{ {
@ -24,9 +25,11 @@ class ConfirmedPasswordFieldTest extends SapphireTest
{ {
parent::setUp(); parent::setUp();
PasswordValidator::singleton() Deprecation::withSuppressedNotice(
fn() => PasswordValidator::singleton()
->setMinLength(0) ->setMinLength(0)
->setTestNames([]); ->setTestNames([])
);
} }
public function testSetValue() public function testSetValue()

View File

@ -6,6 +6,7 @@ use SilverStripe\Control\Controller;
use SilverStripe\Control\NullHTTPRequest; use SilverStripe\Control\NullHTTPRequest;
use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Config;
use SilverStripe\Core\Injector\Injector; use SilverStripe\Core\Injector\Injector;
use SilverStripe\Dev\Deprecation;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\ORM\FieldType\DBDatetime; use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\Core\Validation\ValidationResult; use SilverStripe\Core\Validation\ValidationResult;
@ -44,9 +45,11 @@ class MemberAuthenticatorTest extends SapphireTest
DefaultAdminService::setDefaultAdmin('admin', 'password'); DefaultAdminService::setDefaultAdmin('admin', 'password');
// Enforce dummy validation (this can otherwise be influenced by recipe config) // Enforce dummy validation (this can otherwise be influenced by recipe config)
PasswordValidator::singleton() Deprecation::withSuppressedNotice(
fn() => PasswordValidator::singleton()
->setMinLength(0) ->setMinLength(0)
->setTestNames([]); ->setTestNames([])
);
} }
protected function tearDown(): void protected function tearDown(): void

View File

@ -2,6 +2,7 @@
namespace SilverStripe\Security\Tests; namespace SilverStripe\Security\Tests;
use SilverStripe\Dev\Deprecation;
use SilverStripe\ORM\DataObject; use SilverStripe\ORM\DataObject;
use SilverStripe\Security\Group; use SilverStripe\Security\Group;
use SilverStripe\Security\MemberCsvBulkLoader; use SilverStripe\Security\MemberCsvBulkLoader;
@ -19,9 +20,11 @@ class MemberCsvBulkLoaderTest extends SapphireTest
{ {
parent::setUp(); parent::setUp();
PasswordValidator::singleton() Deprecation::withSuppressedNotice(
fn() => PasswordValidator::singleton()
->setMinLength(0) ->setMinLength(0)
->setTestNames([]); ->setTestNames([])
);
} }
public function testNewImport() public function testNewImport()

View File

@ -8,6 +8,7 @@ use SilverStripe\Control\Cookie;
use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Config;
use SilverStripe\Core\Convert; use SilverStripe\Core\Convert;
use SilverStripe\Core\Injector\Injector; use SilverStripe\Core\Injector\Injector;
use SilverStripe\Dev\Deprecation;
use SilverStripe\Dev\FunctionalTest; use SilverStripe\Dev\FunctionalTest;
use SilverStripe\Forms\CheckboxField; use SilverStripe\Forms\CheckboxField;
use SilverStripe\Forms\FieldList; use SilverStripe\Forms\FieldList;
@ -74,9 +75,11 @@ class MemberTest extends FunctionalTest
Member::config()->set('unique_identifier_field', 'Email'); Member::config()->set('unique_identifier_field', 'Email');
PasswordValidator::singleton() Deprecation::withSuppressedNotice(
fn() => PasswordValidator::singleton()
->setMinLength(0) ->setMinLength(0)
->setTestNames([]); ->setTestNames([])
);
i18n::set_locale('en_US'); i18n::set_locale('en_US');
} }
@ -1740,7 +1743,7 @@ class MemberTest extends FunctionalTest
public function testChangePasswordOnlyValidatesPlaintext() public function testChangePasswordOnlyValidatesPlaintext()
{ {
// This validator requires passwords to be 17 characters long // This validator requires passwords to be 17 characters long
Member::set_password_validator(new MemberTest\VerySpecificPasswordValidator()); Member::set_password_validator(Deprecation::withSuppressedNotice(fn() => new MemberTest\VerySpecificPasswordValidator()));
// This algorithm will never return a 17 character hash // This algorithm will never return a 17 character hash
Security::config()->set('password_encryption_algorithm', 'blowfish'); Security::config()->set('password_encryption_algorithm', 'blowfish');
@ -1769,7 +1772,7 @@ class MemberTest extends FunctionalTest
public function testChangePasswordToBlankIsValidated() public function testChangePasswordToBlankIsValidated()
{ {
Member::set_password_validator(new PasswordValidator()); Member::set_password_validator(Deprecation::withSuppressedNotice(fn() => new PasswordValidator()));
// override setup() function which setMinLength(0) // override setup() function which setMinLength(0)
PasswordValidator::singleton()->setMinLength(8); PasswordValidator::singleton()->setMinLength(8);
// 'test' member has a password defined in yml // 'test' member has a password defined in yml
@ -1905,7 +1908,7 @@ class MemberTest extends FunctionalTest
$password = $member->generateRandomPassword(); $password = $member->generateRandomPassword();
$this->assertSame(20, strlen($password)); $this->assertSame(20, strlen($password));
// password validator // password validator
$validator = new PasswordValidator(); $validator = Deprecation::withSuppressedNotice(fn() => new PasswordValidator());
Member::set_password_validator($validator); Member::set_password_validator($validator);
// Password length of 20 even if validator minLength is less than 20 // Password length of 20 even if validator minLength is less than 20
$validator->setMinLength(10); $validator->setMinLength(10);

View File

@ -2,6 +2,7 @@
namespace SilverStripe\Security\Tests; namespace SilverStripe\Security\Tests;
use SilverStripe\Dev\Deprecation;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\Security\Member; use SilverStripe\Security\Member;
use SilverStripe\Security\PasswordValidator; use SilverStripe\Security\PasswordValidator;
@ -26,7 +27,7 @@ class PasswordValidatorTest extends SapphireTest
public function testValidate() public function testValidate()
{ {
$v = new PasswordValidator(); $v = Deprecation::withSuppressedNotice(fn() => new PasswordValidator());
$r = $v->validate('', new Member()); $r = $v->validate('', new Member());
$this->assertTrue($r->isValid(), 'Empty password is valid by default'); $this->assertTrue($r->isValid(), 'Empty password is valid by default');
@ -36,7 +37,7 @@ class PasswordValidatorTest extends SapphireTest
public function testValidateMinLength() public function testValidateMinLength()
{ {
$v = new PasswordValidator(); $v = Deprecation::withSuppressedNotice(fn() => new PasswordValidator());
$v->setMinLength(4); $v->setMinLength(4);
$r = $v->validate('123', new Member()); $r = $v->validate('123', new Member());
@ -50,7 +51,7 @@ class PasswordValidatorTest extends SapphireTest
public function testValidateMinScore() public function testValidateMinScore()
{ {
// Set both score and set of tests // Set both score and set of tests
$v = new PasswordValidator(); $v = Deprecation::withSuppressedNotice(fn() => new PasswordValidator());
$v->setMinTestScore(3); $v->setMinTestScore(3);
$v->setTestNames(["lowercase", "uppercase", "digits", "punctuation"]); $v->setTestNames(["lowercase", "uppercase", "digits", "punctuation"]);
@ -61,7 +62,7 @@ class PasswordValidatorTest extends SapphireTest
$this->assertTrue($r->isValid(), 'Passing enough tests'); $this->assertTrue($r->isValid(), 'Passing enough tests');
// Ensure min score without tests works (uses default tests) // Ensure min score without tests works (uses default tests)
$v = new PasswordValidator(); $v = Deprecation::withSuppressedNotice(fn() => new PasswordValidator());
$v->setMinTestScore(3); $v->setMinTestScore(3);
$r = $v->validate('aA', new Member()); $r = $v->validate('aA', new Member());
@ -81,7 +82,7 @@ class PasswordValidatorTest extends SapphireTest
*/ */
public function testHistoricalPasswordCount() public function testHistoricalPasswordCount()
{ {
$validator = new PasswordValidator; $validator = Deprecation::withSuppressedNotice(fn() => new PasswordValidator);
$validator->setHistoricCount(3); $validator->setHistoricCount(3);
Member::set_password_validator($validator); Member::set_password_validator($validator);

View File

@ -6,6 +6,7 @@ use SilverStripe\Control\Controller;
use SilverStripe\Control\NullHTTPRequest; use SilverStripe\Control\NullHTTPRequest;
use SilverStripe\Core\Config\Config; use SilverStripe\Core\Config\Config;
use SilverStripe\Core\Injector\Injector; use SilverStripe\Core\Injector\Injector;
use SilverStripe\Dev\Deprecation;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\ORM\FieldType\DBDatetime; use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\Core\Validation\ValidationResult; use SilverStripe\Core\Validation\ValidationResult;
@ -43,9 +44,11 @@ class VersionedMemberAuthenticatorTest extends SapphireTest
} }
// Enforce dummy validation (this can otherwise be influenced by recipe config) // Enforce dummy validation (this can otherwise be influenced by recipe config)
PasswordValidator::singleton() Deprecation::withSuppressedNotice(
fn() => PasswordValidator::singleton()
->setMinLength(0) ->setMinLength(0)
->setTestNames([]); ->setTestNames([])
);
} }
protected function tearDown(): void protected function tearDown(): void