mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
API Apply Framework\Security namespace
This commit is contained in:
parent
20efb0e8e1
commit
af22a83166
41
.upgrade.yml
41
.upgrade.yml
@ -115,8 +115,49 @@ mappings:
|
|||||||
VersionedGridFieldDetailForm: SilverStripe\ORM\Versioning\VersionedGridFieldDetailForm
|
VersionedGridFieldDetailForm: SilverStripe\ORM\Versioning\VersionedGridFieldDetailForm
|
||||||
VersionedGridFieldItemRequest: SilverStripe\ORM\Versioning\VersionedGridFieldItemRequest
|
VersionedGridFieldItemRequest: SilverStripe\ORM\Versioning\VersionedGridFieldItemRequest
|
||||||
Hierarchy: SilverStripe\ORM\Hierarchy\Hierarchy
|
Hierarchy: SilverStripe\ORM\Hierarchy\Hierarchy
|
||||||
|
Authenticator: SilverStripe\Security\Authenticator
|
||||||
|
BasicAuth: SilverStripe\Security\BasicAuth
|
||||||
|
ChangePasswordForm: SilverStripe\Security\ChangePasswordForm
|
||||||
|
CMSMemberLoginForm: SilverStripe\Security\CMSMemberLoginForm
|
||||||
|
CMSSecurity: SilverStripe\Security\CMSSecurity
|
||||||
|
Group: SilverStripe\Security\Group
|
||||||
|
GroupCsvBulkLoader: SilverStripe\Security\GroupCsvBulkLoader
|
||||||
|
LoginAttempt: SilverStripe\Security\LoginAttempt
|
||||||
|
LoginForm: SilverStripe\Security\LoginForm
|
||||||
|
Member: SilverStripe\Security\Member
|
||||||
|
Member_GroupSet: SilverStripe\Security\Member_GroupSet
|
||||||
|
Member_Validator: SilverStripe\Security\Member_Validator
|
||||||
|
MemberAuthenticator: SilverStripe\Security\MemberAuthenticator
|
||||||
|
MemberCsvBulkLoader: SilverStripe\Security\MemberCsvBulkLoader
|
||||||
|
MemberLoginForm: SilverStripe\Security\MemberLoginForm
|
||||||
|
MemberPassword: SilverStripe\Security\MemberPassword
|
||||||
|
PasswordEncryptor: SilverStripe\Security\PasswordEncryptor
|
||||||
|
PasswordEncryptor_Blowfish: SilverStripe\Security\PasswordEncryptor_Blowfish
|
||||||
|
PasswordEncryptor_PHPHash: SilverStripe\Security\PasswordEncryptor_PHPHash
|
||||||
|
PasswordEncryptor_LegacyPHPHash: SilverStripe\Security\PasswordEncryptor_LegacyPHPHash
|
||||||
|
PasswordEncryptor_MySQLPassword: SilverStripe\Security\PasswordEncryptor_MySQLPassword
|
||||||
|
PasswordEncryptor_MySQLOldPassword: SilverStripe\Security\PasswordEncryptor_MySQLOldPassword
|
||||||
|
PasswordEncryptor_None: SilverStripe\Security\PasswordEncryptor_None
|
||||||
|
PasswordEncryptor_NotFoundException: SilverStripe\Security\PasswordEncryptor_NotFoundException
|
||||||
|
PasswordEncryptor_EncryptionFailed: SilverStripe\Security\PasswordEncryptor_EncryptionFailed
|
||||||
|
PasswordValidator: SilverStripe\Security\PasswordValidator
|
||||||
|
Permission: SilverStripe\Security\Permission
|
||||||
|
Permission_Group: SilverStripe\Security\Permission_Group
|
||||||
|
PermissionCheckboxSetField: SilverStripe\Security\PermissionCheckboxSetField
|
||||||
|
PermissionCheckboxSetField_Readonly: SilverStripe\Security\PermissionCheckboxSetField_Readonly
|
||||||
|
PermissionFailureException: SilverStripe\Security\PermissionFailureException
|
||||||
|
PermissionProvider: SilverStripe\Security\PermissionProvider
|
||||||
|
PermissionRole: SilverStripe\Security\PermissionRole
|
||||||
|
PermissionRoleCode: SilverStripe\Security\PermissionRoleCode
|
||||||
|
RandomGenerator: SilverStripe\Security\RandomGenerator
|
||||||
|
RememberLoginHash: SilverStripe\Security\RememberLoginHash
|
||||||
|
Security: SilverStripe\Security\Security
|
||||||
|
SecurityToken: SilverStripe\Security\SecurityToken
|
||||||
|
NullSecurityToken: SilverStripe\Security\NullSecurityToken
|
||||||
skipConfigs:
|
skipConfigs:
|
||||||
- db
|
- db
|
||||||
- casting
|
- casting
|
||||||
- table_name
|
- table_name
|
||||||
- fixed_fields
|
- fixed_fields
|
||||||
|
- menu_title
|
||||||
|
- allowed_actions
|
||||||
|
@ -5,6 +5,7 @@ namespace SilverStripe\ORM\Connect;
|
|||||||
use Config;
|
use Config;
|
||||||
use Exception;
|
use Exception;
|
||||||
use PaginatedList;
|
use PaginatedList;
|
||||||
|
use SilverStripe\Framework\Core\Configurable;
|
||||||
use SilverStripe\ORM\DataList;
|
use SilverStripe\ORM\DataList;
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
|
|
||||||
|
@ -16,8 +16,10 @@ class MySQLSchemaManager extends DBSchemaManager {
|
|||||||
/**
|
/**
|
||||||
* Identifier for this schema, used for configuring schema-specific table
|
* Identifier for this schema, used for configuring schema-specific table
|
||||||
* creation options
|
* creation options
|
||||||
|
*
|
||||||
|
* @skipUpgrade
|
||||||
*/
|
*/
|
||||||
const ID = 'SilverStripe\ORM\Connect\MySQLDatabase';
|
const ID = 'MySQLDatabase';
|
||||||
|
|
||||||
public function createTable($table, $fields = null, $indexes = null, $options = null, $advancedOptions = null) {
|
public function createTable($table, $fields = null, $indexes = null, $options = null, $advancedOptions = null) {
|
||||||
$fieldSchemas = $indexSchemas = "";
|
$fieldSchemas = $indexSchemas = "";
|
||||||
|
27
ORM/DB.php
27
ORM/DB.php
@ -9,7 +9,9 @@ use Config;
|
|||||||
use LogicException;
|
use LogicException;
|
||||||
use Cookie;
|
use Cookie;
|
||||||
use Injector;
|
use Injector;
|
||||||
|
use SilverStripe\ORM\Connect\DBConnector;
|
||||||
use SilverStripe\ORM\Connect\DBSchemaManager;
|
use SilverStripe\ORM\Connect\DBSchemaManager;
|
||||||
|
use SilverStripe\ORM\Connect\SS_Query;
|
||||||
use SilverStripe\ORM\Queries\SQLExpression;
|
use SilverStripe\ORM\Queries\SQLExpression;
|
||||||
use SilverStripe\ORM\Connect\SS_Database;
|
use SilverStripe\ORM\Connect\SS_Database;
|
||||||
|
|
||||||
@ -53,8 +55,8 @@ class DB {
|
|||||||
* Pass an object that's a subclass of SS_Database. This object will be used when {@link DB::query()}
|
* Pass an object that's a subclass of SS_Database. This object will be used when {@link DB::query()}
|
||||||
* is called.
|
* is called.
|
||||||
*
|
*
|
||||||
* @param $connection The connecton object to set as the connection.
|
* @param SS_Database $connection The connecton object to set as the connection.
|
||||||
* @param $name The name to give to this connection. If you omit this argument, the connection
|
* @param string $name The name to give to this connection. If you omit this argument, the connection
|
||||||
* will be the default one used by the ORM. However, you can store other named connections to
|
* will be the default one used by the ORM. However, you can store other named connections to
|
||||||
* be accessed through DB::get_conn($name). This is useful when you have an application that
|
* be accessed through DB::get_conn($name). This is useful when you have an application that
|
||||||
* needs to connect to more than one database.
|
* needs to connect to more than one database.
|
||||||
@ -147,6 +149,7 @@ class DB {
|
|||||||
*
|
*
|
||||||
* Note that the database will be set on the next request.
|
* Note that the database will be set on the next request.
|
||||||
* Set it to null to revert to the main database.
|
* Set it to null to revert to the main database.
|
||||||
|
* @param string $name
|
||||||
*/
|
*/
|
||||||
public static function set_alternative_database_name($name = null) {
|
public static function set_alternative_database_name($name = null) {
|
||||||
// Skip if CLI
|
// Skip if CLI
|
||||||
@ -161,7 +164,7 @@ class DB {
|
|||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
$key = Config::inst()->get('Security', 'token');
|
$key = Config::inst()->get('SilverStripe\\Security\\Security', 'token');
|
||||||
if(!$key) {
|
if(!$key) {
|
||||||
throw new LogicException('"Security.token" not found, run "sake dev/generatesecuretoken"');
|
throw new LogicException('"Security.token" not found, run "sake dev/generatesecuretoken"');
|
||||||
}
|
}
|
||||||
@ -193,7 +196,7 @@ class DB {
|
|||||||
$iv = Cookie::get("alternativeDatabaseNameIv");
|
$iv = Cookie::get("alternativeDatabaseNameIv");
|
||||||
|
|
||||||
if($name) {
|
if($name) {
|
||||||
$key = Config::inst()->get('Security', 'token');
|
$key = Config::inst()->get('SilverStripe\\Security\\Security', 'token');
|
||||||
if(!$key) {
|
if(!$key) {
|
||||||
throw new LogicException('"Security.token" not found, run "sake dev/generatesecuretoken"');
|
throw new LogicException('"Security.token" not found, run "sake dev/generatesecuretoken"');
|
||||||
}
|
}
|
||||||
@ -231,10 +234,9 @@ class DB {
|
|||||||
* Given the database configuration, this method will create the correct
|
* Given the database configuration, this method will create the correct
|
||||||
* subclass of {@link SS_Database}.
|
* subclass of {@link SS_Database}.
|
||||||
*
|
*
|
||||||
* @param array $database A map of options. The 'type' is the name of the subclass of SS_Database to use. For the
|
* @param array $databaseConfig A map of options. The 'type' is the name of the
|
||||||
* rest of the options, see the specific class.
|
* subclass of SS_Database to use. For the rest of the options, see the specific class.
|
||||||
* @param string $name identifier for the connection
|
* @param string $label identifier for the connection
|
||||||
*
|
|
||||||
* @return SS_Database
|
* @return SS_Database
|
||||||
*/
|
*/
|
||||||
public static function connect($databaseConfig, $label = 'default') {
|
public static function connect($databaseConfig, $label = 'default') {
|
||||||
@ -296,7 +298,7 @@ class DB {
|
|||||||
*
|
*
|
||||||
* @param array|integer $input An array of items needing placeholders, or a
|
* @param array|integer $input An array of items needing placeholders, or a
|
||||||
* number to specify the number of placeholders
|
* number to specify the number of placeholders
|
||||||
* @param string The string to join each placeholder together with
|
* @param string $join The string to join each placeholder together with
|
||||||
* @return string|null Either a list of placeholders, or null
|
* @return string|null Either a list of placeholders, or null
|
||||||
*/
|
*/
|
||||||
public static function placeholders($input, $join = ', ') {
|
public static function placeholders($input, $join = ', ') {
|
||||||
@ -374,6 +376,8 @@ class DB {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the autogenerated ID from the previous INSERT query.
|
* Get the autogenerated ID from the previous INSERT query.
|
||||||
|
*
|
||||||
|
* @param string $table
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public static function get_generated_id($table) {
|
public static function get_generated_id($table) {
|
||||||
@ -427,13 +431,14 @@ class DB {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new table.
|
* Create a new table.
|
||||||
* @param string $tableName The name of the table
|
* @param string $table The name of the table
|
||||||
* @param array$fields A map of field names to field types
|
* @param array$fields A map of field names to field types
|
||||||
* @param array $indexes A map of indexes
|
* @param array $indexes A map of indexes
|
||||||
* @param array $options An map of additional options. The available keys are as follows:
|
* @param array $options An map of additional options. The available keys are as follows:
|
||||||
* - 'MSSQLDatabase'/'MySQLDatabase'/'PostgreSQLDatabase' - database-specific options such as "engine"
|
* - 'MSSQLDatabase'/'MySQLDatabase'/'PostgreSQLDatabase' - database-specific options such as "engine"
|
||||||
* for MySQL.
|
* for MySQL.
|
||||||
* - 'temporary' - If true, then a temporary table will be created
|
* - 'temporary' - If true, then a temporary table will be created
|
||||||
|
* @param array $advancedOptions
|
||||||
* @return string The table name generated. This may be different from the table name, for example with
|
* @return string The table name generated. This may be different from the table name, for example with
|
||||||
* temporary tables.
|
* temporary tables.
|
||||||
*/
|
*/
|
||||||
@ -577,7 +582,7 @@ class DB {
|
|||||||
/**
|
/**
|
||||||
* Checks a table's integrity and repairs it if necessary.
|
* Checks a table's integrity and repairs it if necessary.
|
||||||
*
|
*
|
||||||
* @param string $tableName The name of the table.
|
* @param string $table The name of the table.
|
||||||
* @return boolean Return true if the table has integrity after the method is complete.
|
* @return boolean Return true if the table has integrity after the method is complete.
|
||||||
*/
|
*/
|
||||||
public static function check_and_repair_table($table) {
|
public static function check_and_repair_table($table) {
|
||||||
|
@ -19,8 +19,8 @@ use SearchContext;
|
|||||||
use FieldList;
|
use FieldList;
|
||||||
use FormField;
|
use FormField;
|
||||||
use FormScaffolder;
|
use FormScaffolder;
|
||||||
use Member;
|
|
||||||
use Permission;
|
|
||||||
use Object;
|
use Object;
|
||||||
use SearchFilter;
|
use SearchFilter;
|
||||||
use SilverStripe\ORM\Queries\SQLInsert;
|
use SilverStripe\ORM\Queries\SQLInsert;
|
||||||
@ -30,6 +30,9 @@ use SilverStripe\ORM\FieldType\DBField;
|
|||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\FieldType\DBComposite;
|
use SilverStripe\ORM\FieldType\DBComposite;
|
||||||
use SilverStripe\ORM\FieldType\DBClassName;
|
use SilverStripe\ORM\FieldType\DBClassName;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A single database record & abstract class for the data-access-model.
|
* A single database record & abstract class for the data-access-model.
|
||||||
@ -907,10 +910,10 @@ class DataObject extends ViewableData implements DataObjectInterface, i18nEntity
|
|||||||
* Caution: Does not delete the merged object.
|
* Caution: Does not delete the merged object.
|
||||||
* Caution: Does now overwrite Created date on the original object.
|
* Caution: Does now overwrite Created date on the original object.
|
||||||
*
|
*
|
||||||
* @param $obj DataObject
|
* @param DataObject $rightObj
|
||||||
* @param $priority String left|right Determines who wins in case of a conflict (optional)
|
* @param string $priority left|right Determines who wins in case of a conflict (optional)
|
||||||
* @param $includeRelations Boolean Merge any existing relations (optional)
|
* @param bool $includeRelations Merge any existing relations (optional)
|
||||||
* @param $overwriteWithEmpty Boolean Overwrite existing left values with empty right values.
|
* @param bool $overwriteWithEmpty Overwrite existing left values with empty right values.
|
||||||
* Only applicable with $priority='right'. (optional)
|
* Only applicable with $priority='right'. (optional)
|
||||||
* @return Boolean
|
* @return Boolean
|
||||||
*/
|
*/
|
||||||
|
@ -5,12 +5,15 @@ namespace SilverStripe\ORM;
|
|||||||
use Controller;
|
use Controller;
|
||||||
use SapphireTest;
|
use SapphireTest;
|
||||||
use Director;
|
use Director;
|
||||||
use Security;
|
|
||||||
use Permission;
|
|
||||||
use SS_ClassLoader;
|
use SS_ClassLoader;
|
||||||
use ClassInfo;
|
use ClassInfo;
|
||||||
use TestOnly;
|
use TestOnly;
|
||||||
use Deprecation;
|
use Deprecation;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
// Include the DB class
|
// Include the DB class
|
||||||
require_once("DB.php");
|
require_once("DB.php");
|
||||||
@ -183,6 +186,7 @@ class DatabaseAdmin extends Controller {
|
|||||||
*
|
*
|
||||||
* @param boolean $quiet Don't show messages
|
* @param boolean $quiet Don't show messages
|
||||||
* @param boolean $populate Populate the database, as well as setting up its schema
|
* @param boolean $populate Populate the database, as well as setting up its schema
|
||||||
|
* @param bool $testMode
|
||||||
*/
|
*/
|
||||||
public function doBuild($quiet = false, $populate = true, $testMode = false) {
|
public function doBuild($quiet = false, $populate = true, $testMode = false) {
|
||||||
if($quiet) {
|
if($quiet) {
|
||||||
|
@ -2,13 +2,15 @@
|
|||||||
|
|
||||||
namespace SilverStripe\ORM\FieldType;
|
namespace SilverStripe\ORM\FieldType;
|
||||||
|
|
||||||
use Member;
|
|
||||||
use Zend_Date;
|
use Zend_Date;
|
||||||
use DateTime;
|
use DateTime;
|
||||||
use DateField;
|
use DateField;
|
||||||
use Convert;
|
use Convert;
|
||||||
use Exception;
|
use Exception;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Represents a date field.
|
* Represents a date field.
|
||||||
|
@ -4,12 +4,13 @@ namespace SilverStripe\ORM\FieldType;
|
|||||||
|
|
||||||
use Convert;
|
use Convert;
|
||||||
use Exception;
|
use Exception;
|
||||||
use Member;
|
|
||||||
use DatetimeField;
|
use DatetimeField;
|
||||||
use Zend_Date;
|
use Zend_Date;
|
||||||
use TemplateGlobalProvider;
|
use TemplateGlobalProvider;
|
||||||
use DateTime;
|
use DateTime;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Represents a date-time field.
|
* Represents a date-time field.
|
||||||
|
@ -768,15 +768,16 @@ class Hierarchy extends DataExtension {
|
|||||||
* @return DataObject
|
* @return DataObject
|
||||||
*/
|
*/
|
||||||
public function getParent($filter = null) {
|
public function getParent($filter = null) {
|
||||||
if($p = $this->owner->__get("ParentID")) {
|
$parentID = $this->owner->ParentID;
|
||||||
$tableClasses = ClassInfo::dataClassesFor($this->owner->class);
|
if(empty($parentID)) {
|
||||||
$baseClass = array_shift($tableClasses);
|
return null;
|
||||||
|
}
|
||||||
|
$idSQL = $this->owner->getSchema()->sqlColumnForField($this->owner, 'ID');
|
||||||
return DataObject::get_one($this->owner->class, array(
|
return DataObject::get_one($this->owner->class, array(
|
||||||
array("\"$baseClass\".\"ID\"" => $p),
|
array($idSQL => $parentID),
|
||||||
$filter
|
$filter
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all the parents of this class in a set ordered from the lowest to highest parent.
|
* Return all the parents of this class in a set ordered from the lowest to highest parent.
|
||||||
|
@ -4,6 +4,7 @@ namespace SilverStripe\ORM\Queries;
|
|||||||
|
|
||||||
use Exception;
|
use Exception;
|
||||||
use Convert;
|
use Convert;
|
||||||
|
use SilverStripe\ORM\Connect\SS_Query;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -2,9 +2,11 @@
|
|||||||
|
|
||||||
namespace SilverStripe\ORM\Versioning;
|
namespace SilverStripe\ORM\Versioning;
|
||||||
|
|
||||||
use Member;
|
|
||||||
use Permission;
|
|
||||||
|
use Exception;
|
||||||
use FieldList;
|
use FieldList;
|
||||||
|
use SilverStripe\ORM\HasManyList;
|
||||||
use TextField;
|
use TextField;
|
||||||
use ReadonlyField;
|
use ReadonlyField;
|
||||||
use i18n;
|
use i18n;
|
||||||
@ -13,6 +15,9 @@ use LogicException;
|
|||||||
use SilverStripe\ORM\ValidationException;
|
use SilverStripe\ORM\ValidationException;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The ChangeSet model tracks several VersionedAndStaged objects for later publication as a single
|
* The ChangeSet model tracks several VersionedAndStaged objects for later publication as a single
|
||||||
@ -57,7 +62,7 @@ class ChangeSet extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
'Owner' => 'Member',
|
'Owner' => 'SilverStripe\\Security\\Member',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $casting = array(
|
private static $casting = array(
|
||||||
|
@ -4,12 +4,18 @@ namespace SilverStripe\ORM\Versioning;
|
|||||||
|
|
||||||
use Exception;
|
use Exception;
|
||||||
use BadMethodCallException;
|
use BadMethodCallException;
|
||||||
use Member;
|
|
||||||
use Permission;
|
|
||||||
use CMSPreviewable;
|
use CMSPreviewable;
|
||||||
use Controller;
|
use Controller;
|
||||||
use SilverStripe\Filesystem\Thumbnail;
|
use SilverStripe\Filesystem\Thumbnail;
|
||||||
|
use SilverStripe\ORM\DataList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\ORM\ManyManyList;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A single line in a changeset
|
* A single line in a changeset
|
||||||
|
@ -2,16 +2,17 @@
|
|||||||
|
|
||||||
namespace SilverStripe\ORM\Versioning;
|
namespace SilverStripe\ORM\Versioning;
|
||||||
|
|
||||||
|
use SS_HTTPRequest;
|
||||||
use TemplateGlobalProvider;
|
use TemplateGlobalProvider;
|
||||||
use Session;
|
use Session;
|
||||||
use Deprecation;
|
use Deprecation;
|
||||||
use InvalidArgumentException;
|
use InvalidArgumentException;
|
||||||
use Config;
|
use Config;
|
||||||
use LogicException;
|
use LogicException;
|
||||||
use Member;
|
|
||||||
use ClassInfo;
|
use ClassInfo;
|
||||||
use Object;
|
use Object;
|
||||||
use Permission;
|
|
||||||
use Director;
|
use Director;
|
||||||
use Cookie;
|
use Cookie;
|
||||||
use FieldList;
|
use FieldList;
|
||||||
@ -25,6 +26,9 @@ use SilverStripe\ORM\DataExtension;
|
|||||||
use SilverStripe\ORM\SS_List;
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\Queries\SQLSelect;
|
use SilverStripe\ORM\Queries\SQLSelect;
|
||||||
use SilverStripe\ORM\Queries\SQLUpdate;
|
use SilverStripe\ORM\Queries\SQLUpdate;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Versioned extension allows your DataObjects to have several versions,
|
* The Versioned extension allows your DataObjects to have several versions,
|
||||||
@ -235,8 +239,8 @@ class Versioned extends DataExtension implements TemplateGlobalProvider {
|
|||||||
* Amend freshly created DataQuery objects with versioned-specific
|
* Amend freshly created DataQuery objects with versioned-specific
|
||||||
* information.
|
* information.
|
||||||
*
|
*
|
||||||
* @param SQLSelect
|
* @param SQLSelect $query
|
||||||
* @param DataQuery
|
* @param DataQuery $dataQuery
|
||||||
*/
|
*/
|
||||||
public function augmentDataQueryCreation(SQLSelect &$query, DataQuery &$dataQuery) {
|
public function augmentDataQueryCreation(SQLSelect &$query, DataQuery &$dataQuery) {
|
||||||
$parts = explode('.', Versioned::get_reading_mode());
|
$parts = explode('.', Versioned::get_reading_mode());
|
||||||
@ -2397,7 +2401,7 @@ class Versioned extends DataExtension implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param FieldList
|
* @param FieldList $fields
|
||||||
*/
|
*/
|
||||||
public function updateCMSFields(FieldList $fields) {
|
public function updateCMSFields(FieldList $fields) {
|
||||||
// remove the version field from the CMS as this should be left
|
// remove the version field from the CMS as this should be left
|
||||||
|
@ -1,4 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Object;
|
||||||
|
use Form;
|
||||||
|
use Controller;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract base class for an authentication method
|
* Abstract base class for an authentication method
|
||||||
*
|
*
|
||||||
@ -16,7 +23,7 @@ abstract class Authenticator extends Object {
|
|||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $authenticators = array('MemberAuthenticator');
|
private static $authenticators = array('SilverStripe\\Security\\MemberAuthenticator');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Used to influence the order of authenticators on the login-screen
|
* Used to influence the order of authenticators on the login-screen
|
||||||
@ -24,7 +31,7 @@ abstract class Authenticator extends Object {
|
|||||||
*
|
*
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
private static $default_authenticator = 'MemberAuthenticator';
|
private static $default_authenticator = 'SilverStripe\\Security\\MemberAuthenticator';
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -43,7 +50,7 @@ abstract class Authenticator extends Object {
|
|||||||
/**
|
/**
|
||||||
* Method that creates the login form for this authentication method
|
* Method that creates the login form for this authentication method
|
||||||
*
|
*
|
||||||
* @param Controller The parent controller, necessary to create the
|
* @param Controller $controller The parent controller, necessary to create the
|
||||||
* appropriate form action tag
|
* appropriate form action tag
|
||||||
* @return Form Returns the login form to use with this authentication
|
* @return Form Returns the login form to use with this authentication
|
||||||
* method
|
* method
|
||||||
@ -99,7 +106,7 @@ abstract class Authenticator extends Object {
|
|||||||
if(class_exists($authenticator) == false)
|
if(class_exists($authenticator) == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(is_subclass_of($authenticator, 'Authenticator') == false)
|
if(is_subclass_of($authenticator, 'SilverStripe\\Security\\Authenticator') == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(in_array($authenticator, self::$authenticators) == false) {
|
if(in_array($authenticator, self::$authenticators) == false) {
|
@ -1,4 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SapphireTest;
|
||||||
|
use Director;
|
||||||
|
use SS_HTTPResponse;
|
||||||
|
use SS_HTTPResponse_Exception;
|
||||||
|
use Config;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provides an interface to HTTP basic authentication.
|
* Provides an interface to HTTP basic authentication.
|
||||||
*
|
*
|
||||||
@ -125,14 +134,15 @@ class BasicAuth {
|
|||||||
* define('SS_USE_BASIC_AUTH', true);
|
* define('SS_USE_BASIC_AUTH', true);
|
||||||
*
|
*
|
||||||
* @param boolean $protect Set this to false to disable protection.
|
* @param boolean $protect Set this to false to disable protection.
|
||||||
* @param String $code {@link Permission} code that is required from the user.
|
* @param string $code {@link Permission} code that is required from the user.
|
||||||
* Defaults to "ADMIN". Set to NULL to just require a valid login, regardless
|
* Defaults to "ADMIN". Set to NULL to just require a valid login, regardless
|
||||||
* of the permission codes a user has.
|
* of the permission codes a user has.
|
||||||
|
* @param string $message
|
||||||
*/
|
*/
|
||||||
public static function protect_entire_site($protect = true, $code = 'ADMIN', $message = null) {
|
public static function protect_entire_site($protect = true, $code = 'ADMIN', $message = null) {
|
||||||
Config::inst()->update('BasicAuth', 'entire_site_protected', $protect);
|
Config::inst()->update('SilverStripe\\Security\\BasicAuth', 'entire_site_protected', $protect);
|
||||||
Config::inst()->update('BasicAuth', 'entire_site_protected_code', $code);
|
Config::inst()->update('SilverStripe\\Security\\BasicAuth', 'entire_site_protected_code', $code);
|
||||||
Config::inst()->update('BasicAuth', 'entire_site_protected_message', $message);
|
Config::inst()->update('SilverStripe\\Security\\BasicAuth', 'entire_site_protected_message', $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -143,7 +153,7 @@ class BasicAuth {
|
|||||||
* please use {@link protect_entire_site()}.
|
* please use {@link protect_entire_site()}.
|
||||||
*/
|
*/
|
||||||
public static function protect_site_if_necessary() {
|
public static function protect_site_if_necessary() {
|
||||||
$config = Config::inst()->forClass('BasicAuth');
|
$config = Config::inst()->forClass('SilverStripe\\Security\\BasicAuth');
|
||||||
if($config->entire_site_protected) {
|
if($config->entire_site_protected) {
|
||||||
self::requireLogin($config->entire_site_protected_message, $config->entire_site_protected_code, false);
|
self::requireLogin($config->entire_site_protected_message, $config->entire_site_protected_code, false);
|
||||||
}
|
}
|
@ -1,5 +1,19 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Controller;
|
||||||
|
use FieldList;
|
||||||
|
use HiddenField;
|
||||||
|
use PasswordField;
|
||||||
|
use LiteralField;
|
||||||
|
use CheckboxField;
|
||||||
|
use FormAction;
|
||||||
|
use Session;
|
||||||
|
use Convert;
|
||||||
|
use SS_HTTPResponse;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provides the in-cms session re-authentication form for the "member" authenticator
|
* Provides the in-cms session re-authentication form for the "member" authenticator
|
||||||
*
|
*
|
||||||
@ -8,7 +22,7 @@
|
|||||||
*/
|
*/
|
||||||
class CMSMemberLoginForm extends LoginForm {
|
class CMSMemberLoginForm extends LoginForm {
|
||||||
|
|
||||||
protected $authenticator_class = 'MemberAuthenticator';
|
protected $authenticator_class = 'SilverStripe\\Security\\MemberAuthenticator';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get link to use for external security actions
|
* Get link to use for external security actions
|
||||||
@ -68,7 +82,7 @@ class CMSMemberLoginForm extends LoginForm {
|
|||||||
/**
|
/**
|
||||||
* Try to authenticate the user
|
* Try to authenticate the user
|
||||||
*
|
*
|
||||||
* @param array Submitted data
|
* @param array $data Submitted data
|
||||||
* @return Member Returns the member object on successful authentication
|
* @return Member Returns the member object on successful authentication
|
||||||
* or NULL on failure.
|
* or NULL on failure.
|
||||||
*/
|
*/
|
||||||
@ -89,6 +103,7 @@ class CMSMemberLoginForm extends LoginForm {
|
|||||||
* This method is called when the user clicks on "Log in"
|
* This method is called when the user clicks on "Log in"
|
||||||
*
|
*
|
||||||
* @param array $data Submitted data
|
* @param array $data Submitted data
|
||||||
|
* @return \SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function dologin($data) {
|
public function dologin($data) {
|
||||||
if($this->performLogin($data)) {
|
if($this->performLogin($data)) {
|
||||||
@ -110,7 +125,7 @@ class CMSMemberLoginForm extends LoginForm {
|
|||||||
*/
|
*/
|
||||||
protected function redirectToChangePassword() {
|
protected function redirectToChangePassword() {
|
||||||
// Since this form is loaded via an iframe, this redirect must be performed via javascript
|
// Since this form is loaded via an iframe, this redirect must be performed via javascript
|
||||||
$changePasswordForm = new ChangePasswordForm($this->controller, 'ChangePasswordForm');
|
$changePasswordForm = new ChangePasswordForm($this->controller, 'SilverStripe\\Security\\ChangePasswordForm');
|
||||||
$changePasswordForm->sessionMessage(
|
$changePasswordForm->sessionMessage(
|
||||||
_t('Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'),
|
_t('Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'),
|
||||||
'good'
|
'good'
|
@ -1,5 +1,16 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Requirements;
|
||||||
|
use Controller;
|
||||||
|
use Director;
|
||||||
|
use Convert;
|
||||||
|
use Session;
|
||||||
|
use AdminRootController;
|
||||||
|
use SS_HTTPResponse;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provides a security interface functionality within the cms
|
* Provides a security interface functionality within the cms
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -12,7 +23,7 @@ class CMSSecurity extends Security {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $allowed_actions = array(
|
private static $allowed_actions = array(
|
||||||
'LoginForm',
|
'SilverStripe\\Security\\LoginForm',
|
||||||
'success'
|
'success'
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -43,6 +54,7 @@ class CMSSecurity extends Security {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function Link($action = null) {
|
public function Link($action = null) {
|
||||||
|
/** @skipUpgrade */
|
||||||
return Controller::join_links(Director::baseURL(), "CMSSecurity", $action);
|
return Controller::join_links(Director::baseURL(), "CMSSecurity", $action);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -173,7 +185,7 @@ PHP
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function getTemplatesFor($action) {
|
public function getTemplatesFor($action) {
|
||||||
return array("CMSSecurity_{$action}", "CMSSecurity")
|
return array("CMSSecurity_{$action}", "SilverStripe\\Security\\CMSSecurity")
|
||||||
+ parent::getTemplatesFor($action);
|
+ parent::getTemplatesFor($action);
|
||||||
}
|
}
|
||||||
|
|
@ -1,4 +1,17 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Form;
|
||||||
|
use Session;
|
||||||
|
use FieldList;
|
||||||
|
use PasswordField;
|
||||||
|
use FormAction;
|
||||||
|
use HiddenField;
|
||||||
|
use Director;
|
||||||
|
use HTTP;
|
||||||
|
use Convert;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Standard Change Password Form
|
* Standard Change Password Form
|
||||||
* @package framework
|
* @package framework
|
@ -1,8 +1,33 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\ORM\HasManyList;
|
||||||
|
use SilverStripe\ORM\ManyManyList;
|
||||||
use SilverStripe\ORM\UnsavedRelationList;
|
use SilverStripe\ORM\UnsavedRelationList;
|
||||||
|
use Requirements;
|
||||||
|
use FieldList;
|
||||||
|
use TabSet;
|
||||||
|
use Tab;
|
||||||
|
use TextField;
|
||||||
|
use DropdownField;
|
||||||
|
use TextareaField;
|
||||||
|
use Config;
|
||||||
|
use GridFieldConfig_RelationEditor;
|
||||||
|
use GridFieldButtonRow;
|
||||||
|
use GridFieldExportButton;
|
||||||
|
use GridFieldPrintButton;
|
||||||
|
use GridField;
|
||||||
|
use HTMLEditorConfig;
|
||||||
|
use LiteralField;
|
||||||
|
use ListboxField;
|
||||||
|
use HiddenField;
|
||||||
|
use InvalidArgumentException;
|
||||||
|
use Convert;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A security group.
|
* A security group.
|
||||||
*
|
*
|
||||||
@ -35,23 +60,25 @@ class Group extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Parent" => "Group",
|
"Parent" => "SilverStripe\\Security\\Group",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
"Permissions" => "Permission",
|
"Permissions" => "SilverStripe\\Security\\Permission",
|
||||||
"Groups" => "Group"
|
"Groups" => "SilverStripe\\Security\\Group"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $many_many = array(
|
private static $many_many = array(
|
||||||
"Members" => "Member",
|
"Members" => "SilverStripe\\Security\\Member",
|
||||||
"Roles" => "PermissionRole",
|
"Roles" => "SilverStripe\\Security\\PermissionRole",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $extensions = array(
|
private static $extensions = array(
|
||||||
"SilverStripe\\ORM\\Hierarchy\\Hierarchy",
|
"SilverStripe\\ORM\\Hierarchy\\Hierarchy",
|
||||||
);
|
);
|
||||||
|
|
||||||
|
private static $table_name = "Group";
|
||||||
|
|
||||||
public function populateDefaults() {
|
public function populateDefaults() {
|
||||||
parent::populateDefaults();
|
parent::populateDefaults();
|
||||||
|
|
||||||
@ -61,7 +88,7 @@ class Group extends DataObject {
|
|||||||
public function getAllChildren() {
|
public function getAllChildren() {
|
||||||
$doSet = new ArrayList();
|
$doSet = new ArrayList();
|
||||||
|
|
||||||
$children = DataObject::get('Group')->filter("ParentID", $this->ID);
|
$children = Group::get()->filter("ParentID", $this->ID);
|
||||||
foreach($children as $child) {
|
foreach($children as $child) {
|
||||||
$doSet->push($child);
|
$doSet->push($child);
|
||||||
$doSet->merge($child->getAllChildren());
|
$doSet->merge($child->getAllChildren());
|
||||||
@ -94,7 +121,7 @@ class Group extends DataObject {
|
|||||||
$permissionsField = new PermissionCheckboxSetField(
|
$permissionsField = new PermissionCheckboxSetField(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
false,
|
false,
|
||||||
'Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID',
|
'GroupID',
|
||||||
$this
|
$this
|
||||||
)
|
)
|
||||||
@ -163,7 +190,7 @@ class Group extends DataObject {
|
|||||||
|
|
||||||
// Only show the "Roles" tab if permissions are granted to edit them,
|
// Only show the "Roles" tab if permissions are granted to edit them,
|
||||||
// and at least one role exists
|
// and at least one role exists
|
||||||
if(Permission::check('APPLY_ROLES') && DataObject::get('PermissionRole')) {
|
if(Permission::check('APPLY_ROLES') && DataObject::get('SilverStripe\\Security\\PermissionRole')) {
|
||||||
$fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.ROLES', 'Roles'));
|
$fields->findOrMakeTab('Root.Roles', _t('SecurityAdmin.ROLES', 'Roles'));
|
||||||
$fields->addFieldToTab('Root.Roles',
|
$fields->addFieldToTab('Root.Roles',
|
||||||
new LiteralField(
|
new LiteralField(
|
||||||
@ -223,9 +250,8 @@ class Group extends DataObject {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
* @param bool $includerelations Indicate if the labels returned include relation fields
|
||||||
* @param boolean $includerelations a boolean value to indicate if the labels returned include relation fields
|
* @return array
|
||||||
*
|
|
||||||
*/
|
*/
|
||||||
public function fieldLabels($includerelations = true) {
|
public function fieldLabels($includerelations = true) {
|
||||||
$labels = parent::fieldLabels($includerelations);
|
$labels = parent::fieldLabels($includerelations);
|
||||||
@ -358,7 +384,7 @@ class Group extends DataObject {
|
|||||||
$inheritedCodes = Permission::get()
|
$inheritedCodes = Permission::get()
|
||||||
->filter('GroupID', $this->Parent()->collateAncestorIDs())
|
->filter('GroupID', $this->Parent()->collateAncestorIDs())
|
||||||
->column('Code');
|
->column('Code');
|
||||||
$privilegedCodes = Config::inst()->get('Permission', 'privileged_permissions');
|
$privilegedCodes = Config::inst()->get('SilverStripe\\Security\\Permission', 'privileged_permissions');
|
||||||
if(array_intersect($inheritedCodes, $privilegedCodes)) {
|
if(array_intersect($inheritedCodes, $privilegedCodes)) {
|
||||||
$result->error(sprintf(
|
$result->error(sprintf(
|
||||||
_t(
|
_t(
|
||||||
@ -406,7 +432,7 @@ class Group extends DataObject {
|
|||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function canEdit($member = null) {
|
public function canEdit($member = null) {
|
||||||
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) $member = Member::currentUser();
|
if(!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) $member = Member::currentUser();
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canEdit', $member);
|
$results = $this->extend('canEdit', $member);
|
||||||
@ -436,7 +462,7 @@ class Group extends DataObject {
|
|||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public function canView($member = null) {
|
public function canView($member = null) {
|
||||||
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) $member = Member::currentUser();
|
if(!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) $member = Member::currentUser();
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canView', $member);
|
$results = $this->extend('canView', $member);
|
||||||
@ -449,7 +475,7 @@ class Group extends DataObject {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function canDelete($member = null) {
|
public function canDelete($member = null) {
|
||||||
if(!$member || !(is_a($member, 'Member')) || is_numeric($member)) $member = Member::currentUser();
|
if(!$member || !(is_a($member, 'SilverStripe\\Security\\Member')) || is_numeric($member)) $member = Member::currentUser();
|
||||||
|
|
||||||
// extended access checks
|
// extended access checks
|
||||||
$results = $this->extend('canDelete', $member);
|
$results = $this->extend('canDelete', $member);
|
||||||
@ -487,7 +513,7 @@ class Group extends DataObject {
|
|||||||
parent::requireDefaultRecords();
|
parent::requireDefaultRecords();
|
||||||
|
|
||||||
// Add default author group if no other group exists
|
// Add default author group if no other group exists
|
||||||
$allGroups = DataObject::get('Group');
|
$allGroups = DataObject::get('SilverStripe\\Security\\Group');
|
||||||
if(!$allGroups->count()) {
|
if(!$allGroups->count()) {
|
||||||
$authorGroup = new Group();
|
$authorGroup = new Group();
|
||||||
$authorGroup->Code = 'content-authors';
|
$authorGroup->Code = 'content-authors';
|
@ -1,6 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use CsvBulkLoader;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @todo Migrate Permission->Arg and Permission->Type values
|
* @todo Migrate Permission->Arg and Permission->Type values
|
||||||
*
|
*
|
||||||
@ -14,7 +19,7 @@ class GroupCsvBulkLoader extends CsvBulkLoader {
|
|||||||
);
|
);
|
||||||
|
|
||||||
public function __construct($objectClass = null) {
|
public function __construct($objectClass = null) {
|
||||||
if(!$objectClass) $objectClass = 'Group';
|
if(!$objectClass) $objectClass = 'SilverStripe\\Security\\Group';
|
||||||
|
|
||||||
parent::__construct($objectClass);
|
parent::__construct($objectClass);
|
||||||
}
|
}
|
||||||
@ -30,7 +35,7 @@ class GroupCsvBulkLoader extends CsvBulkLoader {
|
|||||||
// are imported to avoid missing "early" references to parents
|
// are imported to avoid missing "early" references to parents
|
||||||
// which are imported later on in the CSV file.
|
// which are imported later on in the CSV file.
|
||||||
if(isset($record['ParentCode']) && $record['ParentCode']) {
|
if(isset($record['ParentCode']) && $record['ParentCode']) {
|
||||||
$parentGroup = DataObject::get_one('Group', array(
|
$parentGroup = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => $record['ParentCode']
|
'"Group"."Code"' => $record['ParentCode']
|
||||||
));
|
));
|
||||||
if($parentGroup) {
|
if($parentGroup) {
|
||||||
@ -43,7 +48,7 @@ class GroupCsvBulkLoader extends CsvBulkLoader {
|
|||||||
// existing permissions arent cleared.
|
// existing permissions arent cleared.
|
||||||
if(isset($record['PermissionCodes']) && $record['PermissionCodes']) {
|
if(isset($record['PermissionCodes']) && $record['PermissionCodes']) {
|
||||||
foreach(explode(',', $record['PermissionCodes']) as $code) {
|
foreach(explode(',', $record['PermissionCodes']) as $code) {
|
||||||
$p = DataObject::get_one('Permission', array(
|
$p = DataObject::get_one('SilverStripe\\Security\\Permission', array(
|
||||||
'"Permission"."Code"' => $code,
|
'"Permission"."Code"' => $code,
|
||||||
'"Permission"."GroupID"' => $group->ID
|
'"Permission"."GroupID"' => $group->ID
|
||||||
));
|
));
|
@ -1,6 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Record all login attempts through the {@link LoginForm} object.
|
* Record all login attempts through the {@link LoginForm} object.
|
||||||
* This behaviour is disabled by default.
|
* This behaviour is disabled by default.
|
||||||
@ -31,19 +36,14 @@ class LoginAttempt extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
'Member' => 'Member', // only linked if the member actually exists
|
'Member' => 'SilverStripe\\Security\\Member', // only linked if the member actually exists
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array();
|
private static $table_name = "LoginAttempt";
|
||||||
|
|
||||||
private static $many_many = array();
|
|
||||||
|
|
||||||
private static $belongs_many_many = array();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
* @param bool $includerelations Indicate if the labels returned include relation fields
|
||||||
* @param boolean $includerelations a boolean value to indicate if the labels returned include relation fields
|
* @return array
|
||||||
*
|
|
||||||
*/
|
*/
|
||||||
public function fieldLabels($includerelations = true) {
|
public function fieldLabels($includerelations = true) {
|
||||||
$labels = parent::fieldLabels($includerelations);
|
$labels = parent::fieldLabels($includerelations);
|
@ -1,4 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Form;
|
||||||
|
use Injector;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract base class for a login form
|
* Abstract base class for a login form
|
||||||
*
|
*
|
||||||
@ -27,7 +33,7 @@ abstract class LoginForm extends Form {
|
|||||||
* @return Authenticator Returns the authenticator instance for this login form.
|
* @return Authenticator Returns the authenticator instance for this login form.
|
||||||
*/
|
*/
|
||||||
public function getAuthenticator() {
|
public function getAuthenticator() {
|
||||||
if(!class_exists($this->authenticator_class) || !is_subclass_of($this->authenticator_class, 'Authenticator')) {
|
if(!class_exists($this->authenticator_class) || !is_subclass_of($this->authenticator_class, 'SilverStripe\\Security\\Authenticator')) {
|
||||||
user_error("The form uses an invalid authenticator class! '{$this->authenticator_class}'"
|
user_error("The form uses an invalid authenticator class! '{$this->authenticator_class}'"
|
||||||
. " is not a subclass of 'Authenticator'", E_USER_ERROR);
|
. " is not a subclass of 'Authenticator'", E_USER_ERROR);
|
||||||
return;
|
return;
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SilverStripe\ORM\SS_Map;
|
||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
@ -10,7 +12,30 @@ use SilverStripe\ORM\SS_List;
|
|||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\Queries\SQLSelect;
|
use SilverStripe\ORM\Queries\SQLSelect;
|
||||||
use SilverStripe\ORM\ManyManyList;
|
use SilverStripe\ORM\ManyManyList;
|
||||||
|
use SilverStripe\MSSQL\MSSQLDatabase;
|
||||||
|
use TemplateGlobalProvider;
|
||||||
|
use Deprecation;
|
||||||
|
use i18n;
|
||||||
|
use Director;
|
||||||
|
use Session;
|
||||||
|
use Cookie;
|
||||||
|
use Config;
|
||||||
|
use SapphireTest;
|
||||||
|
use DateTime;
|
||||||
|
use DropdownField;
|
||||||
|
use ConfirmedPasswordField;
|
||||||
|
use Injector;
|
||||||
|
use TestMailer;
|
||||||
|
use Email;
|
||||||
|
use FieldList;
|
||||||
|
use ListboxField;
|
||||||
|
use Zend_Locale_Format;
|
||||||
|
use Zend_Locale;
|
||||||
|
use Zend_Date;
|
||||||
|
use MemberDatetimeOptionsetField;
|
||||||
|
use HTMLEditorConfig;
|
||||||
|
use RequiredFields;
|
||||||
|
use GridFieldDetailForm_ItemRequest;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The member class which represents the users of the system
|
* The member class which represents the users of the system
|
||||||
@ -63,19 +88,15 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $belongs_many_many = array(
|
private static $belongs_many_many = array(
|
||||||
'Groups' => 'Group',
|
'Groups' => 'SilverStripe\\Security\\Group',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array();
|
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
'LoggedPasswords' => 'MemberPassword',
|
'LoggedPasswords' => 'SilverStripe\\Security\\MemberPassword',
|
||||||
'RememberLoginHashes' => 'RememberLoginHash'
|
'RememberLoginHashes' => 'SilverStripe\\Security\\RememberLoginHash'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $many_many = array();
|
private static $table_name = "Member";
|
||||||
|
|
||||||
private static $many_many_extraFields = array();
|
|
||||||
|
|
||||||
private static $default_sort = '"Surname", "FirstName"';
|
private static $default_sort = '"Surname", "FirstName"';
|
||||||
|
|
||||||
@ -133,7 +154,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var Array See {@link set_title_columns()}
|
* @var array See {@link set_title_columns()}
|
||||||
*/
|
*/
|
||||||
private static $title_format = null;
|
private static $title_format = null;
|
||||||
|
|
||||||
@ -148,8 +169,10 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
private static $unique_identifier_field = 'Email';
|
private static $unique_identifier_field = 'Email';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Object for validating user's password
|
||||||
|
*
|
||||||
* @config
|
* @config
|
||||||
* {@link PasswordValidator} object for validating user's password
|
* @var PasswordValidator
|
||||||
*/
|
*/
|
||||||
private static $password_validator = null;
|
private static $password_validator = null;
|
||||||
|
|
||||||
@ -243,8 +266,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
if(!Security::has_default_admin()) return null;
|
if(!Security::has_default_admin()) return null;
|
||||||
|
|
||||||
// Find or create ADMIN group
|
// Find or create ADMIN group
|
||||||
singleton('Group')->requireDefaultRecords();
|
Group::singleton()->requireDefaultRecords();
|
||||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
|
$adminGroup = Permission::get_groups_by_permission('ADMIN')->first();
|
||||||
|
|
||||||
// Find member
|
// Find member
|
||||||
$admin = Member::get()
|
$admin = Member::get()
|
||||||
@ -423,6 +446,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set a {@link PasswordValidator} object to use to validate member's passwords.
|
* Set a {@link PasswordValidator} object to use to validate member's passwords.
|
||||||
|
*
|
||||||
|
* @param PasswordValidator $pv
|
||||||
*/
|
*/
|
||||||
public static function set_password_validator($pv) {
|
public static function set_password_validator($pv) {
|
||||||
self::$password_validator = $pv;
|
self::$password_validator = $pv;
|
||||||
@ -430,6 +455,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the current {@link PasswordValidator}
|
* Returns the current {@link PasswordValidator}
|
||||||
|
*
|
||||||
|
* @return PasswordValidator
|
||||||
*/
|
*/
|
||||||
public static function password_validator() {
|
public static function password_validator() {
|
||||||
return self::$password_validator;
|
return self::$password_validator;
|
||||||
@ -482,8 +509,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
if($remember) {
|
if($remember) {
|
||||||
$rememberLoginHash = RememberLoginHash::generate($this);
|
$rememberLoginHash = RememberLoginHash::generate($this);
|
||||||
$tokenExpiryDays = Config::inst()->get('RememberLoginHash', 'token_expiry_days');
|
$tokenExpiryDays = Config::inst()->get('SilverStripe\\Security\\RememberLoginHash', 'token_expiry_days');
|
||||||
$deviceExpiryDays = Config::inst()->get('RememberLoginHash', 'device_expiry_days');
|
$deviceExpiryDays = Config::inst()->get('SilverStripe\\Security\\RememberLoginHash', 'device_expiry_days');
|
||||||
Cookie::set('alc_enc', $this->ID . ':' . $rememberLoginHash->getToken(),
|
Cookie::set('alc_enc', $this->ID . ':' . $rememberLoginHash->getToken(),
|
||||||
$tokenExpiryDays, null, null, null, true);
|
$tokenExpiryDays, null, null, null, true);
|
||||||
Cookie::set('alc_device', $rememberLoginHash->DeviceID, $deviceExpiryDays, null, null, null, true);
|
Cookie::set('alc_device', $rememberLoginHash->DeviceID, $deviceExpiryDays, null, null, null, true);
|
||||||
@ -497,10 +524,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
// Clear the incorrect log-in count
|
// Clear the incorrect log-in count
|
||||||
$this->registerSuccessfulLogin();
|
$this->registerSuccessfulLogin();
|
||||||
|
|
||||||
// Don't set column if its not built yet (the login might be precursor to a /dev/build...)
|
|
||||||
if(array_key_exists('LockedOutUntil', DB::field_list('Member'))) {
|
|
||||||
$this->LockedOutUntil = null;
|
$this->LockedOutUntil = null;
|
||||||
}
|
|
||||||
|
|
||||||
$this->regenerateTempID();
|
$this->regenerateTempID();
|
||||||
|
|
||||||
@ -534,7 +558,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
*/
|
*/
|
||||||
public static function logged_in_session_exists() {
|
public static function logged_in_session_exists() {
|
||||||
if($id = Member::currentUserID()) {
|
if($id = Member::currentUserID()) {
|
||||||
if($member = DataObject::get_by_id('Member', $id)) {
|
if($member = DataObject::get_by_id('SilverStripe\\Security\\Member', $id)) {
|
||||||
if($member->exists()) return true;
|
if($member->exists()) return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -570,7 +594,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
$deviceID = Cookie::get('alc_device');
|
$deviceID = Cookie::get('alc_device');
|
||||||
|
|
||||||
$member = Member::get()->byId($uid);
|
$member = Member::get()->byID($uid);
|
||||||
|
|
||||||
$rememberLoginHash = null;
|
$rememberLoginHash = null;
|
||||||
|
|
||||||
@ -606,7 +630,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
if ($rememberLoginHash) {
|
if ($rememberLoginHash) {
|
||||||
$rememberLoginHash->renew();
|
$rememberLoginHash->renew();
|
||||||
$tokenExpiryDays = Config::inst()->get('RememberLoginHash', 'token_expiry_days');
|
$tokenExpiryDays = Config::inst()->get('SilverStripe\\Security\\RememberLoginHash', 'token_expiry_days');
|
||||||
Cookie::set('alc_enc', $member->ID . ':' . $rememberLoginHash->getToken(),
|
Cookie::set('alc_enc', $member->ID . ':' . $rememberLoginHash->getToken(),
|
||||||
$tokenExpiryDays, null, null, false, true);
|
$tokenExpiryDays, null, null, false, true);
|
||||||
}
|
}
|
||||||
@ -652,6 +676,10 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Utility for generating secure password hashes for this member.
|
* Utility for generating secure password hashes for this member.
|
||||||
|
*
|
||||||
|
* @param string $string
|
||||||
|
* @return string
|
||||||
|
* @throws PasswordEncryptor_NotFoundException
|
||||||
*/
|
*/
|
||||||
public function encryptWithUserSettings($string) {
|
public function encryptWithUserSettings($string) {
|
||||||
if (!$string) return null;
|
if (!$string) return null;
|
||||||
@ -683,7 +711,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
$token = $generator->randomToken();
|
$token = $generator->randomToken();
|
||||||
$hash = $this->encryptWithUserSettings($token);
|
$hash = $this->encryptWithUserSettings($token);
|
||||||
} while(DataObject::get_one('Member', array(
|
} while(DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
'"Member"."AutoLoginHash"' => $hash
|
'"Member"."AutoLoginHash"' => $hash
|
||||||
)));
|
)));
|
||||||
|
|
||||||
@ -720,7 +748,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
public static function member_from_autologinhash($hash, $login = false) {
|
public static function member_from_autologinhash($hash, $login = false) {
|
||||||
|
|
||||||
$nowExpression = DB::get_conn()->now();
|
$nowExpression = DB::get_conn()->now();
|
||||||
$member = DataObject::get_one('Member', array(
|
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
"\"Member\".\"AutoLoginHash\"" => $hash,
|
"\"Member\".\"AutoLoginHash\"" => $hash,
|
||||||
"\"Member\".\"AutoLoginExpired\" > $nowExpression" // NOW() can't be parameterised
|
"\"Member\".\"AutoLoginExpired\" > $nowExpression" // NOW() can't be parameterised
|
||||||
));
|
));
|
||||||
@ -815,7 +843,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* @return Member_Validator
|
* @return Member_Validator
|
||||||
*/
|
*/
|
||||||
public function getValidator() {
|
public function getValidator() {
|
||||||
$validator = Injector::inst()->create('Member_Validator');
|
$validator = Injector::inst()->create('SilverStripe\\Security\\Member_Validator');
|
||||||
$validator->setForMember($this);
|
$validator->setForMember($this);
|
||||||
$this->extend('updateValidator', $validator);
|
$this->extend('updateValidator', $validator);
|
||||||
|
|
||||||
@ -826,13 +854,13 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Returns the current logged in user
|
* Returns the current logged in user
|
||||||
*
|
*
|
||||||
* @return Member|null
|
* @return Member
|
||||||
*/
|
*/
|
||||||
public static function currentUser() {
|
public static function currentUser() {
|
||||||
$id = Member::currentUserID();
|
$id = Member::currentUserID();
|
||||||
|
|
||||||
if($id) {
|
if($id) {
|
||||||
return Member::get()->byId($id);
|
return Member::get()->byID($id);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -860,7 +888,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* @return string Returns a random password.
|
* @return string Returns a random password.
|
||||||
*/
|
*/
|
||||||
public static function create_new_password() {
|
public static function create_new_password() {
|
||||||
$words = Config::inst()->get('Security', 'word_list');
|
$words = Config::inst()->get('SilverStripe\\Security\\Security', 'word_list');
|
||||||
|
|
||||||
if($words && file_exists($words)) {
|
if($words && file_exists($words)) {
|
||||||
$words = file($words);
|
$words = file($words);
|
||||||
@ -897,7 +925,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
if($this->ID) {
|
if($this->ID) {
|
||||||
$filter[] = array('"Member"."ID" <> ?' => $this->ID);
|
$filter[] = array('"Member"."ID" <> ?' => $this->ID);
|
||||||
}
|
}
|
||||||
$existingRecord = DataObject::get_one('Member', $filter);
|
$existingRecord = DataObject::get_one('SilverStripe\\Security\\Member', $filter);
|
||||||
|
|
||||||
if($existingRecord) {
|
if($existingRecord) {
|
||||||
throw new ValidationException(ValidationResult::create(false, _t(
|
throw new ValidationException(ValidationResult::create(false, _t(
|
||||||
@ -1001,8 +1029,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Filter out admin groups to avoid privilege escalation,
|
* Filter out admin groups to avoid privilege escalation,
|
||||||
* If any admin groups are requested, deny the whole save operation.
|
* If any admin groups are requested, deny the whole save operation.
|
||||||
*
|
*
|
||||||
* @param Array $ids Database IDs of Group records
|
* @param array $ids Database IDs of Group records
|
||||||
* @return boolean True if the change can be accepted
|
* @return bool True if the change can be accepted
|
||||||
*/
|
*/
|
||||||
public function onChangeGroups($ids) {
|
public function onChangeGroups($ids) {
|
||||||
// unless the current user is an admin already OR the logged in user is an admin
|
// unless the current user is an admin already OR the logged in user is an admin
|
||||||
@ -1042,9 +1070,9 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
*/
|
*/
|
||||||
public function inGroup($group, $strict = false) {
|
public function inGroup($group, $strict = false) {
|
||||||
if(is_numeric($group)) {
|
if(is_numeric($group)) {
|
||||||
$groupCheckObj = DataObject::get_by_id('Group', $group);
|
$groupCheckObj = DataObject::get_by_id('SilverStripe\\Security\\Group', $group);
|
||||||
} elseif(is_string($group)) {
|
} elseif(is_string($group)) {
|
||||||
$groupCheckObj = DataObject::get_one('Group', array(
|
$groupCheckObj = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => $group
|
'"Group"."Code"' => $group
|
||||||
));
|
));
|
||||||
} elseif($group instanceof Group) {
|
} elseif($group instanceof Group) {
|
||||||
@ -1068,10 +1096,10 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* group code does not return a valid group object.
|
* group code does not return a valid group object.
|
||||||
*
|
*
|
||||||
* @param string $groupcode
|
* @param string $groupcode
|
||||||
* @param string Title of the group
|
* @param string $title Title of the group
|
||||||
*/
|
*/
|
||||||
public function addToGroupByCode($groupcode, $title = "") {
|
public function addToGroupByCode($groupcode, $title = "") {
|
||||||
$group = DataObject::get_one('Group', array(
|
$group = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => $groupcode
|
'"Group"."Code"' => $groupcode
|
||||||
));
|
));
|
||||||
|
|
||||||
@ -1103,7 +1131,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Array $columns Column names on the Member record to show in {@link getTitle()}.
|
* @param array $columns Column names on the Member record to show in {@link getTitle()}.
|
||||||
* @param String $sep Separator
|
* @param String $sep Separator
|
||||||
*/
|
*/
|
||||||
public static function set_title_columns($columns, $sep = ' ') {
|
public static function set_title_columns($columns, $sep = ' ') {
|
||||||
@ -1151,24 +1179,28 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Return a SQL CONCAT() fragment suitable for a SELECT statement.
|
* Return a SQL CONCAT() fragment suitable for a SELECT statement.
|
||||||
* Useful for custom queries which assume a certain member title format.
|
* Useful for custom queries which assume a certain member title format.
|
||||||
*
|
*
|
||||||
* @param String $tableName
|
|
||||||
* @return String SQL
|
* @return String SQL
|
||||||
*/
|
*/
|
||||||
public static function get_title_sql($tableName = 'Member') {
|
public static function get_title_sql() {
|
||||||
// This should be abstracted to SSDatabase concatOperator or similar.
|
// This should be abstracted to SSDatabase concatOperator or similar.
|
||||||
$op = (DB::get_conn() instanceof MSSQLDatabase) ? " + " : " || ";
|
$op = (DB::get_conn() instanceof MSSQLDatabase) ? " + " : " || ";
|
||||||
|
|
||||||
$format = self::config()->title_format;
|
// Get title_format with fallback to default
|
||||||
if ($format) {
|
$format = static::config()->title_format;
|
||||||
$columnsWithTablename = array();
|
if (!$format) {
|
||||||
foreach($format['columns'] as $column) {
|
$format = [
|
||||||
$columnsWithTablename[] = "\"$tableName\".\"$column\"";
|
'columns' => ['Surname', 'FirstName'],
|
||||||
|
'sep' => ' ',
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
return "(".join(" $op '".$format['sep']."' $op ", $columnsWithTablename).")";
|
$columnsWithTablename = array();
|
||||||
} else {
|
foreach($format['columns'] as $column) {
|
||||||
return "(\"$tableName\".\"Surname\" $op ' ' $op \"$tableName\".\"FirstName\")";
|
$columnsWithTablename[] = static::getSchema()->sqlColumnForField(__CLASS__, $column);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$sepSQL = \Convert::raw2sql($format['sep'], true);
|
||||||
|
return "(".join(" $op $sepSQL $op ", $columnsWithTablename).")";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1249,7 +1281,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* @return Member_Groupset
|
* @return Member_Groupset
|
||||||
*/
|
*/
|
||||||
public function Groups() {
|
public function Groups() {
|
||||||
$groups = Member_GroupSet::create('Group', 'Group_Members', 'GroupID', 'MemberID');
|
$groups = Member_GroupSet::create('SilverStripe\\Security\\Group', 'Group_Members', 'GroupID', 'MemberID');
|
||||||
$groups = $groups->forForeignID($this->ID);
|
$groups = $groups->forForeignID($this->ID);
|
||||||
|
|
||||||
$this->extend('updateGroups', $groups);
|
$this->extend('updateGroups', $groups);
|
||||||
@ -1326,7 +1358,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$permsClause = DB::placeholders($perms);
|
$permsClause = DB::placeholders($perms);
|
||||||
$groups = DataObject::get('Group')
|
/** @skipUpgrade */
|
||||||
|
$groups = DataObject::get('SilverStripe\\Security\\Group')
|
||||||
->innerJoin("Permission", '"Permission"."GroupID" = "Group"."ID"')
|
->innerJoin("Permission", '"Permission"."GroupID" = "Group"."ID"')
|
||||||
->where(array(
|
->where(array(
|
||||||
"\"Permission\".\"Code\" IN ($permsClause)" => $perms
|
"\"Permission\".\"Code\" IN ($permsClause)" => $perms
|
||||||
@ -1343,6 +1376,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
$groupIDList = $groups;
|
$groupIDList = $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** @skipUpgrade */
|
||||||
$members = Member::get()
|
$members = Member::get()
|
||||||
->innerJoin("Group_Members", '"Group_Members"."MemberID" = "Member"."ID"')
|
->innerJoin("Group_Members", '"Group_Members"."MemberID" = "Member"."ID"')
|
||||||
->innerJoin("Group", '"Group"."ID" = "Group_Members"."GroupID"');
|
->innerJoin("Group", '"Group"."ID" = "Group_Members"."GroupID"');
|
||||||
@ -1429,7 +1463,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
asort($groupsMap);
|
asort($groupsMap);
|
||||||
$fields->addFieldToTab('Root.Main',
|
$fields->addFieldToTab('Root.Main',
|
||||||
ListboxField::create('DirectGroups', singleton('Group')->i18n_plural_name())
|
ListboxField::create('DirectGroups', singleton('SilverStripe\\Security\\Group')->i18n_plural_name())
|
||||||
->setSource($groupsMap)
|
->setSource($groupsMap)
|
||||||
->setAttribute(
|
->setAttribute(
|
||||||
'data-placeholder',
|
'data-placeholder',
|
||||||
@ -1445,12 +1479,12 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
$permissionsField = new PermissionCheckboxSetField_Readonly(
|
$permissionsField = new PermissionCheckboxSetField_Readonly(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
false,
|
false,
|
||||||
'Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID',
|
'GroupID',
|
||||||
// we don't want parent relationships, they're automatically resolved in the field
|
// we don't want parent relationships, they're automatically resolved in the field
|
||||||
$self->getManyManyComponents('Groups')
|
$self->getManyManyComponents('Groups')
|
||||||
);
|
);
|
||||||
$fields->findOrMakeTab('Root.Permissions', singleton('Permission')->i18n_plural_name());
|
$fields->findOrMakeTab('Root.Permissions', singleton('SilverStripe\\Security\\Permission')->i18n_plural_name());
|
||||||
$fields->addFieldToTab('Root.Permissions', $permissionsField);
|
$fields->addFieldToTab('Root.Permissions', $permissionsField);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1499,9 +1533,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
* @param bool $includerelations Indicate if the labels returned include relation fields
|
||||||
* @param boolean $includerelations a boolean value to indicate if the labels returned include relation fields
|
* @return array
|
||||||
*
|
|
||||||
*/
|
*/
|
||||||
public function fieldLabels($includerelations = true) {
|
public function fieldLabels($includerelations = true) {
|
||||||
$labels = parent::fieldLabels($includerelations);
|
$labels = parent::fieldLabels($includerelations);
|
||||||
@ -1526,6 +1559,9 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Users can view their own record.
|
* Users can view their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions.
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions.
|
||||||
* This is likely to be customized for social sites etc. with a looser permission model.
|
* This is likely to be customized for social sites etc. with a looser permission model.
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canView($member = null) {
|
public function canView($member = null) {
|
||||||
//get member
|
//get member
|
||||||
@ -1549,9 +1585,13 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
//standard check
|
//standard check
|
||||||
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
return Permission::checkMember($member, 'CMS_ACCESS_SecurityAdmin');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Users can edit their own record.
|
* Users can edit their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canEdit($member = null) {
|
public function canEdit($member = null) {
|
||||||
//get member
|
//get member
|
||||||
@ -1583,6 +1623,9 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Users can edit their own record.
|
* Users can edit their own record.
|
||||||
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
* Otherwise they'll need ADMIN or CMS_ACCESS_SecurityAdmin permissions
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function canDelete($member = null) {
|
public function canDelete($member = null) {
|
||||||
if(!($member instanceof Member)) {
|
if(!($member instanceof Member)) {
|
||||||
@ -1641,7 +1684,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Change password. This will cause rehashing according to
|
* Change password. This will cause rehashing according to
|
||||||
* the `PasswordEncryption` property.
|
* the `PasswordEncryption` property.
|
||||||
*
|
*
|
||||||
* @param String $password Cleartext password
|
* @param string $password Cleartext password
|
||||||
|
* @return ValidationResult
|
||||||
*/
|
*/
|
||||||
public function changePassword($password) {
|
public function changePassword($password) {
|
||||||
$this->Password = $password;
|
$this->Password = $password;
|
||||||
@ -1755,7 +1799,7 @@ class Member_GroupSet extends ManyManyList {
|
|||||||
$allGroupIDs = array();
|
$allGroupIDs = array();
|
||||||
while($groupIDs) {
|
while($groupIDs) {
|
||||||
$allGroupIDs = array_merge($allGroupIDs, $groupIDs);
|
$allGroupIDs = array_merge($allGroupIDs, $groupIDs);
|
||||||
$groupIDs = DataObject::get("Group")->byIDs($groupIDs)->column("ParentID");
|
$groupIDs = DataObject::get("SilverStripe\\Security\\Group")->byIDs($groupIDs)->column("ParentID");
|
||||||
$groupIDs = array_filter($groupIDs);
|
$groupIDs = array_filter($groupIDs);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1811,7 +1855,7 @@ class Member_GroupSet extends ManyManyList {
|
|||||||
protected function getMember() {
|
protected function getMember() {
|
||||||
$id = $this->getForeignID();
|
$id = $this->getForeignID();
|
||||||
if($id) {
|
if($id) {
|
||||||
return DataObject::get_by_id('Member', $id);
|
return DataObject::get_by_id('SilverStripe\\Security\\Member', $id);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -1,6 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
|
use InvalidArgumentException;
|
||||||
|
use Controller;
|
||||||
|
use Form;
|
||||||
|
use Session;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Authenticator for the default "member" method
|
* Authenticator for the default "member" method
|
||||||
*
|
*
|
||||||
@ -123,7 +131,7 @@ class MemberAuthenticator extends Authenticator {
|
|||||||
|
|
||||||
} else {
|
} else {
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
singleton('Member')->extend('authenticationFailedUnknownUser', $data);
|
Member::singleton()->extend('authenticationFailedUnknownUser', $data);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -170,16 +178,18 @@ class MemberAuthenticator extends Authenticator {
|
|||||||
/**
|
/**
|
||||||
* Method that creates the login form for this authentication method
|
* Method that creates the login form for this authentication method
|
||||||
*
|
*
|
||||||
* @param Controller The parent controller, necessary to create the
|
* @param Controller $controller The parent controller, necessary to create the
|
||||||
* appropriate form action tag
|
* appropriate form action tag
|
||||||
* @return Form Returns the login form to use with this authentication
|
* @return Form Returns the login form to use with this authentication
|
||||||
* method
|
* method
|
||||||
*/
|
*/
|
||||||
public static function get_login_form(Controller $controller) {
|
public static function get_login_form(Controller $controller) {
|
||||||
|
/** @skipUpgrade */
|
||||||
return MemberLoginForm::create($controller, "LoginForm");
|
return MemberLoginForm::create($controller, "LoginForm");
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function get_cms_login_form(\Controller $controller) {
|
public static function get_cms_login_form(\Controller $controller) {
|
||||||
|
/** @skipUpgrade */
|
||||||
return CMSMemberLoginForm::create($controller, "LoginForm");
|
return CMSMemberLoginForm::create($controller, "LoginForm");
|
||||||
}
|
}
|
||||||
|
|
@ -1,6 +1,12 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use CsvBulkLoader;
|
||||||
|
use Convert;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Imports member records, and checks/updates duplicates based on their
|
* Imports member records, and checks/updates duplicates based on their
|
||||||
* 'Email' property.
|
* 'Email' property.
|
||||||
@ -17,7 +23,7 @@ class MemberCsvBulkLoader extends CsvBulkLoader {
|
|||||||
protected $groups = array();
|
protected $groups = array();
|
||||||
|
|
||||||
public function __construct($objectClass = null) {
|
public function __construct($objectClass = null) {
|
||||||
if(!$objectClass) $objectClass = 'Member';
|
if(!$objectClass) $objectClass = 'SilverStripe\\Security\\Member';
|
||||||
|
|
||||||
parent::__construct($objectClass);
|
parent::__construct($objectClass);
|
||||||
}
|
}
|
||||||
@ -64,14 +70,14 @@ class MemberCsvBulkLoader extends CsvBulkLoader {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Array $groups
|
* @param array $groups
|
||||||
*/
|
*/
|
||||||
public function setGroups($groups) {
|
public function setGroups($groups) {
|
||||||
$this->groups = $groups;
|
$this->groups = $groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getGroups() {
|
public function getGroups() {
|
||||||
return $this->groups;
|
return $this->groups;
|
@ -1,4 +1,24 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Director;
|
||||||
|
use Requirements;
|
||||||
|
use Session;
|
||||||
|
use FieldList;
|
||||||
|
use HiddenField;
|
||||||
|
use FormAction;
|
||||||
|
use SS_HTTPResponse;
|
||||||
|
use TextField;
|
||||||
|
use PasswordField;
|
||||||
|
use CheckboxField;
|
||||||
|
use Config;
|
||||||
|
use LiteralField;
|
||||||
|
use RequiredFields;
|
||||||
|
use Controller;
|
||||||
|
use Convert;
|
||||||
|
use Email;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log-in form for the "member" authentication method.
|
* Log-in form for the "member" authentication method.
|
||||||
*
|
*
|
||||||
@ -20,7 +40,7 @@ class MemberLoginForm extends LoginForm {
|
|||||||
*/
|
*/
|
||||||
public $loggedInAsField = 'FirstName';
|
public $loggedInAsField = 'FirstName';
|
||||||
|
|
||||||
protected $authenticator_class = 'MemberAuthenticator';
|
protected $authenticator_class = 'SilverStripe\\Security\\MemberAuthenticator';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Since the logout and dologin actions may be conditionally removed, it's necessary to ensure these
|
* Since the logout and dologin actions may be conditionally removed, it's necessary to ensure these
|
||||||
@ -38,7 +58,7 @@ class MemberLoginForm extends LoginForm {
|
|||||||
* create the appropriate form action tag.
|
* create the appropriate form action tag.
|
||||||
* @param string $name The method on the controller that will return this
|
* @param string $name The method on the controller that will return this
|
||||||
* form object.
|
* form object.
|
||||||
* @param FieldList|FormField $fields All of the fields in the form - a
|
* @param FieldList $fields All of the fields in the form - a
|
||||||
* {@link FieldList} of {@link FormField}
|
* {@link FieldList} of {@link FormField}
|
||||||
* objects.
|
* objects.
|
||||||
* @param FieldList|FormAction $actions All of the action buttons in the
|
* @param FieldList|FormAction $actions All of the action buttons in the
|
||||||
@ -47,7 +67,6 @@ class MemberLoginForm extends LoginForm {
|
|||||||
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
|
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
|
||||||
* the user is currently logged in, and if
|
* the user is currently logged in, and if
|
||||||
* so, only a logout button will be rendered
|
* so, only a logout button will be rendered
|
||||||
* @param string $authenticatorClassName Name of the authenticator class that this form uses.
|
|
||||||
*/
|
*/
|
||||||
public function __construct($controller, $name, $fields = null, $actions = null,
|
public function __construct($controller, $name, $fields = null, $actions = null,
|
||||||
$checkCurrentUser = true) {
|
$checkCurrentUser = true) {
|
||||||
@ -75,7 +94,7 @@ class MemberLoginForm extends LoginForm {
|
|||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
if(!$fields) {
|
if(!$fields) {
|
||||||
$label=singleton('Member')->fieldLabel(Member::config()->unique_identifier_field);
|
$label=singleton('SilverStripe\\Security\\Member')->fieldLabel(Member::config()->unique_identifier_field);
|
||||||
$fields = FieldList::create(
|
$fields = FieldList::create(
|
||||||
HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this),
|
HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this),
|
||||||
// Regardless of what the unique identifer field is (usually 'Email'), it will be held in the
|
// Regardless of what the unique identifer field is (usually 'Email'), it will be held in the
|
||||||
@ -99,7 +118,7 @@ class MemberLoginForm extends LoginForm {
|
|||||||
'title',
|
'title',
|
||||||
sprintf(
|
sprintf(
|
||||||
_t('Member.REMEMBERME', "Remember me next time? (for %d days on this device)"),
|
_t('Member.REMEMBERME', "Remember me next time? (for %d days on this device)"),
|
||||||
Config::inst()->get('RememberLoginHash', 'token_expiry_days')
|
Config::inst()->get('SilverStripe\\Security\\RememberLoginHash', 'token_expiry_days')
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
@ -212,7 +231,7 @@ JS;
|
|||||||
if(isset($_REQUEST['BackURL']) && $backURL = $_REQUEST['BackURL']) {
|
if(isset($_REQUEST['BackURL']) && $backURL = $_REQUEST['BackURL']) {
|
||||||
Session::set('BackURL', $backURL);
|
Session::set('BackURL', $backURL);
|
||||||
}
|
}
|
||||||
$cp = ChangePasswordForm::create($this->controller, 'ChangePasswordForm');
|
$cp = ChangePasswordForm::create($this->controller, 'SilverStripe\\Security\\ChangePasswordForm');
|
||||||
$cp->sessionMessage(
|
$cp->sessionMessage(
|
||||||
_t('Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'),
|
_t('Member.PASSWORDEXPIRED', 'Your password has expired. Please choose a new one.'),
|
||||||
'good'
|
'good'
|
||||||
@ -275,7 +294,7 @@ JS;
|
|||||||
/**
|
/**
|
||||||
* Try to authenticate the user
|
* Try to authenticate the user
|
||||||
*
|
*
|
||||||
* @param array Submitted data
|
* @param array $data Submitted data
|
||||||
* @return Member Returns the member object on successful authentication
|
* @return Member Returns the member object on successful authentication
|
||||||
* or NULL on failure.
|
* or NULL on failure.
|
||||||
*/
|
*/
|
||||||
@ -300,6 +319,7 @@ JS;
|
|||||||
* in the form detailing why the action was denied.
|
* in the form detailing why the action was denied.
|
||||||
*
|
*
|
||||||
* @param array $data Submitted data
|
* @param array $data Submitted data
|
||||||
|
* @return SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function forgotPassword($data) {
|
public function forgotPassword($data) {
|
||||||
// Ensure password is given
|
// Ensure password is given
|
@ -1,6 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Keep track of users' previous passwords, so that we can check that new passwords aren't changed back to old ones.
|
* Keep track of users' previous passwords, so that we can check that new passwords aren't changed back to old ones.
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -22,18 +27,16 @@ class MemberPassword extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
'Member' => 'Member'
|
'Member' => 'SilverStripe\\Security\\Member'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array();
|
private static $table_name = "MemberPassword";
|
||||||
|
|
||||||
private static $many_many = array();
|
|
||||||
|
|
||||||
private static $belongs_many_many = array();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Log a password change from the given member.
|
* Log a password change from the given member.
|
||||||
* Call MemberPassword::log($this) from within Member whenever the password is changed.
|
* Call MemberPassword::log($this) from within Member whenever the password is changed.
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
*/
|
*/
|
||||||
public static function log($member) {
|
public static function log($member) {
|
||||||
$record = new MemberPassword();
|
$record = new MemberPassword();
|
@ -1,6 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use Config;
|
||||||
|
use ReflectionClass;
|
||||||
|
use Exception;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Allows pluggable password encryption.
|
* Allows pluggable password encryption.
|
||||||
* By default, this might be PHP's integrated sha1()
|
* By default, this might be PHP's integrated sha1()
|
||||||
@ -22,10 +29,10 @@ abstract class PasswordEncryptor {
|
|||||||
private static $encryptors = array();
|
private static $encryptors = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Array Map of encryptor code to the used class.
|
* @return array Map of encryptor code to the used class.
|
||||||
*/
|
*/
|
||||||
public static function get_encryptors() {
|
public static function get_encryptors() {
|
||||||
return Config::inst()->get('PasswordEncryptor', 'encryptors');
|
return Config::inst()->get('SilverStripe\\Security\\PasswordEncryptor', 'encryptors');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -73,9 +80,9 @@ abstract class PasswordEncryptor {
|
|||||||
*
|
*
|
||||||
* @uses RandomGenerator
|
* @uses RandomGenerator
|
||||||
*
|
*
|
||||||
* @param String $password Cleartext password
|
* @param string $password Cleartext password
|
||||||
* @param Member $member (Optional)
|
* @param Member $member (Optional)
|
||||||
* @return String Maximum of 50 characters
|
* @return string Maximum of 50 characters
|
||||||
*/
|
*/
|
||||||
public function salt($password, $member = null) {
|
public function salt($password, $member = null) {
|
||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
@ -87,6 +94,12 @@ abstract class PasswordEncryptor {
|
|||||||
* but is necessary for retain compatibility with password hashed
|
* but is necessary for retain compatibility with password hashed
|
||||||
* with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and
|
* with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and
|
||||||
* {@link PasswordEncryptor_Blowfish}
|
* {@link PasswordEncryptor_Blowfish}
|
||||||
|
*
|
||||||
|
* @param string $hash
|
||||||
|
* @param string $password
|
||||||
|
* @param string $salt
|
||||||
|
* @param Member $member
|
||||||
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function check($hash, $password, $salt = null, $member = null) {
|
public function check($hash, $password, $salt = null, $member = null) {
|
||||||
return $hash === $this->encrypt($password, $salt, $member);
|
return $hash === $this->encrypt($password, $salt, $member);
|
||||||
@ -129,8 +142,7 @@ class PasswordEncryptor_Blowfish extends PasswordEncryptor {
|
|||||||
/**
|
/**
|
||||||
* Gets the cost that is set for the blowfish algorithm
|
* Gets the cost that is set for the blowfish algorithm
|
||||||
*
|
*
|
||||||
* @param int $cost
|
* @return int
|
||||||
* @return null
|
|
||||||
*/
|
*/
|
||||||
public static function get_cost() {
|
public static function get_cost() {
|
||||||
return self::$cost;
|
return self::$cost;
|
||||||
@ -242,6 +254,10 @@ class PasswordEncryptor_Blowfish extends PasswordEncryptor {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* self::$cost param is forced to be two digits with leading zeroes for ints 4-9
|
* self::$cost param is forced to be two digits with leading zeroes for ints 4-9
|
||||||
|
*
|
||||||
|
* @param string $password
|
||||||
|
* @param Member $member
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function salt($password, $member = null) {
|
public function salt($password, $member = null) {
|
||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
@ -274,7 +290,8 @@ class PasswordEncryptor_PHPHash extends PasswordEncryptor {
|
|||||||
protected $algorithm = 'sha1';
|
protected $algorithm = 'sha1';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String $algorithm A PHP built-in hashing algorithm as defined by hash_algos()
|
* @param string $algorithm A PHP built-in hashing algorithm as defined by hash_algos()
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function __construct($algorithm) {
|
public function __construct($algorithm) {
|
||||||
if(!in_array($algorithm, hash_algos())) {
|
if(!in_array($algorithm, hash_algos())) {
|
@ -1,6 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
|
use Object;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class represents a validator for member passwords.
|
* This class represents a validator for member passwords.
|
@ -1,8 +1,16 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
|
use TemplateGlobalProvider;
|
||||||
|
use ClassInfo;
|
||||||
|
use TestOnly;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Represents a permission assigned to a group.
|
* Represents a permission assigned to a group.
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -25,20 +33,20 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
"Arg" => "Int",
|
"Arg" => "Int",
|
||||||
"Type" => "Int(1)"
|
"Type" => "Int(1)"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Group" => "Group"
|
"Group" => "SilverStripe\\Security\\Group"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $indexes = array(
|
private static $indexes = array(
|
||||||
"Code" => true
|
"Code" => true
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $defaults = array(
|
private static $defaults = array(
|
||||||
"Type" => 1
|
"Type" => 1
|
||||||
);
|
);
|
||||||
private static $has_many = array();
|
|
||||||
|
|
||||||
private static $many_many = array();
|
private static $table_name = "Permission";
|
||||||
|
|
||||||
private static $belongs_many_many = array();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is the value to use for the "Type" field if a permission should be
|
* This is the value to use for the "Type" field if a permission should be
|
||||||
@ -63,7 +71,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Method to globally disable "strict" checking, which means a permission
|
* Method to globally disable "strict" checking, which means a permission
|
||||||
* will be granted if the key does not exist at all.
|
* will be granted if the key does not exist at all.
|
||||||
*
|
*
|
||||||
* @var bool
|
* @var array
|
||||||
*/
|
*/
|
||||||
private static $declared_permissions = null;
|
private static $declared_permissions = null;
|
||||||
|
|
||||||
@ -172,10 +180,14 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Turn the code into an array as we may need to add other permsissions to the set we check
|
// Turn the code into an array as we may need to add other permsissions to the set we check
|
||||||
if(!is_array($code)) $code = array($code);
|
if(!is_array($code)) {
|
||||||
|
$code = array($code);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if admin should be treated as holding all permissions
|
||||||
|
$adminImpliesAll = (bool)static::config()->admin_implies_all;
|
||||||
|
|
||||||
if($arg == 'any') {
|
if($arg == 'any') {
|
||||||
$adminImpliesAll = (bool)Config::inst()->get('Permission', 'admin_implies_all');
|
|
||||||
// Cache the permissions in memory
|
// Cache the permissions in memory
|
||||||
if(!isset(self::$cache_permissions[$memberID])) {
|
if(!isset(self::$cache_permissions[$memberID])) {
|
||||||
self::$cache_permissions[$memberID] = self::permissions_for_member($memberID);
|
self::$cache_permissions[$memberID] = self::permissions_for_member($memberID);
|
||||||
@ -208,8 +220,8 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
// Code filters
|
// Code filters
|
||||||
$codeParams = is_array($code) ? $code : array($code);
|
$codeParams = is_array($code) ? $code : array($code);
|
||||||
$codeClause = DB::placeholders($codeParams);
|
$codeClause = DB::placeholders($codeParams);
|
||||||
$adminParams = (self::$admin_implies_all) ? array('ADMIN') : array();
|
$adminParams = $adminImpliesAll ? array('ADMIN') : array();
|
||||||
$adminClause = (self::$admin_implies_all) ? ", ?" : '';
|
$adminClause = $adminImpliesAll ? ", ?" : '';
|
||||||
|
|
||||||
// The following code should only be used if you're not using the "any" arg. This is kind
|
// The following code should only be used if you're not using the "any" arg. This is kind
|
||||||
// of obselete functionality and could possibly be deprecated.
|
// of obselete functionality and could possibly be deprecated.
|
||||||
@ -235,7 +247,6 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
user_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
|
user_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$adminFilter = (Config::inst()->get('Permission', 'admin_implies_all')) ? ",'ADMIN'" : '';
|
|
||||||
|
|
||||||
// Raw SQL for efficiency
|
// Raw SQL for efficiency
|
||||||
$permission = DB::prepared_query(
|
$permission = DB::prepared_query(
|
||||||
@ -259,7 +270,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
if($permission) return $permission;
|
if($permission) return $permission;
|
||||||
|
|
||||||
// Strict checking disabled?
|
// Strict checking disabled?
|
||||||
if(!Config::inst()->get('Permission', 'strict_checking') || !$strict) {
|
if(!static::config()->strict_checking || !$strict) {
|
||||||
$hasPermission = DB::prepared_query(
|
$hasPermission = DB::prepared_query(
|
||||||
"SELECT COUNT(*)
|
"SELECT COUNT(*)
|
||||||
FROM \"Permission\"
|
FROM \"Permission\"
|
||||||
@ -270,7 +281,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
array_merge($codeParams, array(self::GRANT_PERMISSION))
|
array_merge($codeParams, array(self::GRANT_PERMISSION))
|
||||||
)->value();
|
)->value();
|
||||||
|
|
||||||
if(!$hasPermission) return;
|
if(!$hasPermission) return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
@ -279,6 +290,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Get all the 'any' permission codes available to the given member.
|
* Get all the 'any' permission codes available to the given member.
|
||||||
*
|
*
|
||||||
|
* @param int $memberID
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public static function permissions_for_member($memberID) {
|
public static function permissions_for_member($memberID) {
|
||||||
@ -332,7 +344,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
if($member && isset($_SESSION['Permission_groupList'][$member->ID]))
|
if($member && isset($_SESSION['Permission_groupList'][$member->ID]))
|
||||||
return $_SESSION['Permission_groupList'][$member->ID];
|
return $_SESSION['Permission_groupList'][$member->ID];
|
||||||
} else {
|
} else {
|
||||||
$member = DataObject::get_by_id("Member", $memberID);
|
$member = DataObject::get_by_id("SilverStripe\\Security\\Member", $memberID);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($member) {
|
if($member) {
|
||||||
@ -364,7 +376,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
*
|
*
|
||||||
* @param int $groupID The ID of the group
|
* @param int $groupID The ID of the group
|
||||||
* @param string $code The permission code
|
* @param string $code The permission code
|
||||||
* @param string Optional: The permission argument (e.g. a page ID).
|
* @param string $arg Optional: The permission argument (e.g. a page ID).
|
||||||
* @returns Permission Returns the new permission object.
|
* @returns Permission Returns the new permission object.
|
||||||
*/
|
*/
|
||||||
public static function grant($groupID, $code, $arg = "any") {
|
public static function grant($groupID, $code, $arg = "any") {
|
||||||
@ -379,6 +391,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
break;
|
break;
|
||||||
case "all":
|
case "all":
|
||||||
$perm->Arg = -1;
|
$perm->Arg = -1;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
if(is_numeric($arg)) {
|
if(is_numeric($arg)) {
|
||||||
$perm->Arg = $arg;
|
$perm->Arg = $arg;
|
||||||
@ -398,7 +411,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
*
|
*
|
||||||
* @param int $groupID The ID of the group
|
* @param int $groupID The ID of the group
|
||||||
* @param string $code The permission code
|
* @param string $code The permission code
|
||||||
* @param string Optional: The permission argument (e.g. a page ID).
|
* @param string $arg Optional: The permission argument (e.g. a page ID).
|
||||||
* @returns Permission Returns the new permission object.
|
* @returns Permission Returns the new permission object.
|
||||||
*/
|
*/
|
||||||
public static function deny($groupID, $code, $arg = "any") {
|
public static function deny($groupID, $code, $arg = "any") {
|
||||||
@ -413,6 +426,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
break;
|
break;
|
||||||
case "all":
|
case "all":
|
||||||
$perm->Arg = -1;
|
$perm->Arg = -1;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
if(is_numeric($arg)) {
|
if(is_numeric($arg)) {
|
||||||
$perm->Arg = $arg;
|
$perm->Arg = $arg;
|
||||||
@ -448,6 +462,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
if(empty($groupIDs)) return new ArrayList();
|
if(empty($groupIDs)) return new ArrayList();
|
||||||
|
|
||||||
$groupClause = DB::placeholders($groupIDs);
|
$groupClause = DB::placeholders($groupIDs);
|
||||||
|
/** @skipUpgrade */
|
||||||
$members = Member::get()
|
$members = Member::get()
|
||||||
->where(array("\"Group\".\"ID\" IN ($groupClause)" => $groupIDs))
|
->where(array("\"Group\".\"ID\" IN ($groupClause)" => $groupIDs))
|
||||||
->leftJoin("Group_Members", '"Member"."ID" = "Group_Members"."MemberID"')
|
->leftJoin("Group_Members", '"Member"."ID" = "Group_Members"."MemberID"')
|
||||||
@ -458,7 +473,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Return all of the groups that have one of the given permission codes
|
* Return all of the groups that have one of the given permission codes
|
||||||
* @param $codes array|string Either a single permission code, or an array of permission codes
|
* @param array|string $codes Either a single permission code, or an array of permission codes
|
||||||
* @return SS_List The matching group objects
|
* @return SS_List The matching group objects
|
||||||
*/
|
*/
|
||||||
public static function get_groups_by_permission($codes) {
|
public static function get_groups_by_permission($codes) {
|
||||||
@ -466,7 +481,8 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
$codeClause = DB::placeholders($codeParams);
|
$codeClause = DB::placeholders($codeParams);
|
||||||
|
|
||||||
// Via Roles are groups that have the permission via a role
|
// Via Roles are groups that have the permission via a role
|
||||||
return DataObject::get('Group')
|
/** @skipUpgrade */
|
||||||
|
return Group::get()
|
||||||
->where(array(
|
->where(array(
|
||||||
"\"PermissionRoleCode\".\"Code\" IN ($codeClause) OR \"Permission\".\"Code\" IN ($codeClause)"
|
"\"PermissionRoleCode\".\"Code\" IN ($codeClause) OR \"Permission\".\"Code\" IN ($codeClause)"
|
||||||
=> array_merge($codeParams, $codeParams)
|
=> array_merge($codeParams, $codeParams)
|
||||||
@ -491,7 +507,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
* suitable for using in an interface.
|
* suitable for using in an interface.
|
||||||
*/
|
*/
|
||||||
public static function get_codes($grouped = true) {
|
public static function get_codes($grouped = true) {
|
||||||
$classes = ClassInfo::implementorsOf('PermissionProvider');
|
$classes = ClassInfo::implementorsOf('SilverStripe\\Security\\PermissionProvider');
|
||||||
|
|
||||||
$allCodes = array();
|
$allCodes = array();
|
||||||
$adminCategory = _t('Permission.AdminGroup', 'Administrator');
|
$adminCategory = _t('Permission.AdminGroup', 'Administrator');
|
||||||
@ -571,6 +587,9 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Sort permissions based on their sort value, or name
|
* Sort permissions based on their sort value, or name
|
||||||
*
|
*
|
||||||
|
* @param array $a
|
||||||
|
* @param array $b
|
||||||
|
* @return int
|
||||||
*/
|
*/
|
||||||
public static function sort_permissions($a, $b) {
|
public static function sort_permissions($a, $b) {
|
||||||
if ($a['sort'] == $b['sort']) {
|
if ($a['sort'] == $b['sort']) {
|
||||||
@ -582,48 +601,6 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* add a permission represented by the $code to the {@link slef::$hidden_permissions} list
|
|
||||||
*
|
|
||||||
* @deprecated 4.0 Use "Permission.hidden_permissions" config setting instead
|
|
||||||
* @param $code string - the permissions code
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public static function add_to_hidden_permissions($code){
|
|
||||||
if(is_string($codes)) $codes = array($codes);
|
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
|
||||||
Config::inst()->update('Permission', 'hidden_permissions', $codes);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* remove a permission represented by the $code from the {@link slef::$hidden_permissions} list
|
|
||||||
*
|
|
||||||
* @deprecated 4.0 Use "Permission.hidden_permissions" config setting instead
|
|
||||||
* @param $code string - the permissions code
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public static function remove_from_hidden_permissions($code){
|
|
||||||
if(is_string($codes)) $codes = array($codes);
|
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
|
||||||
Config::inst()->remove('Permission', 'hidden_permissions', $codes);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Declare an array of permissions for the system.
|
|
||||||
*
|
|
||||||
* Permissions can be grouped by nesting arrays. Scalar values are always
|
|
||||||
* treated as permissions.
|
|
||||||
*
|
|
||||||
* @deprecated 4.0 Use "Permission.declared_permissions" config setting instead
|
|
||||||
* @param array $permArray A (possibly nested) array of permissions to
|
|
||||||
* declare for the system.
|
|
||||||
*/
|
|
||||||
public static function declare_permissions($permArray) {
|
|
||||||
Deprecation::notice('4.0', 'Use "Permission.declared_permissions" config setting instead');
|
|
||||||
self::config()->declared_permissions = $permArray;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a linear list of the permissions in the system.
|
* Get a linear list of the permissions in the system.
|
||||||
*
|
*
|
||||||
@ -638,8 +615,7 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
self::$declared_permissions_list = array();
|
self::$declared_permissions_list = array();
|
||||||
|
|
||||||
self::traverse_declared_permissions(self::$declared_permissions,
|
self::traverse_declared_permissions(self::$declared_permissions, self::$declared_permissions_list);
|
||||||
self::$declared_permissions_list);
|
|
||||||
|
|
||||||
return self::$declared_permissions_list;
|
return self::$declared_permissions_list;
|
||||||
}
|
}
|
||||||
@ -647,8 +623,8 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Look up the human-readable title for the permission as defined by <code>Permission::declare_permissions</code>
|
* Look up the human-readable title for the permission as defined by <code>Permission::declare_permissions</code>
|
||||||
*
|
*
|
||||||
* @param $perm Permission code
|
* @param string $perm Permission code
|
||||||
* @return Label for the given permission, or the permission itself if the label doesn't exist
|
* @return string Label for the given permission, or the permission itself if the label doesn't exist
|
||||||
*/
|
*/
|
||||||
public static function get_label_for_permission($perm) {
|
public static function get_label_for_permission($perm) {
|
||||||
$list = self::get_declared_permissions_list();
|
$list = self::get_declared_permissions_list();
|
||||||
@ -660,8 +636,8 @@ class Permission extends DataObject implements TemplateGlobalProvider {
|
|||||||
* Recursively traverse the nested list of declared permissions and create
|
* Recursively traverse the nested list of declared permissions and create
|
||||||
* a linear list.
|
* a linear list.
|
||||||
*
|
*
|
||||||
* @param aeeay $declared Nested structure of permissions.
|
* @param array $declared Nested structure of permissions.
|
||||||
* @param $list List of permissions in the structure. The result will be
|
* @param array $list List of permissions in the structure. The result will be
|
||||||
* written to this array.
|
* written to this array.
|
||||||
*/
|
*/
|
||||||
protected static function traverse_declared_permissions($declared, &$list) {
|
protected static function traverse_declared_permissions($declared, &$list) {
|
@ -1,10 +1,19 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
use SilverStripe\ORM\SS_List;
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\FieldType\DBField;
|
use SilverStripe\ORM\FieldType\DBField;
|
||||||
use SilverStripe\ORM\DataObjectInterface;
|
use SilverStripe\ORM\DataObjectInterface;
|
||||||
|
use FormField;
|
||||||
|
use InvalidArgumentException;
|
||||||
|
use Requirements;
|
||||||
|
use Config;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -21,7 +30,7 @@ use SilverStripe\ORM\DataObjectInterface;
|
|||||||
class PermissionCheckboxSetField extends FormField {
|
class PermissionCheckboxSetField extends FormField {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Array Filter certain permission codes from the output.
|
* @var array Filter certain permission codes from the output.
|
||||||
* Useful to simplify the interface
|
* Useful to simplify the interface
|
||||||
*/
|
*/
|
||||||
protected $hiddenPermissions = array();
|
protected $hiddenPermissions = array();
|
||||||
@ -66,14 +75,14 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Array $codes
|
* @param array $codes
|
||||||
*/
|
*/
|
||||||
public function setHiddenPermissions($codes) {
|
public function setHiddenPermissions($codes) {
|
||||||
$this->hiddenPermissions = $codes;
|
$this->hiddenPermissions = $codes;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getHiddenPermissions() {
|
public function getHiddenPermissions() {
|
||||||
return $this->hiddenPermissions;
|
return $this->hiddenPermissions;
|
||||||
@ -81,7 +90,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $properties
|
* @param array $properties
|
||||||
* @return HTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function Field($properties = array()) {
|
public function Field($properties = array()) {
|
||||||
Requirements::css(FRAMEWORK_DIR . '/client/dist/styles/CheckboxSetField.css');
|
Requirements::css(FRAMEWORK_DIR . '/client/dist/styles/CheckboxSetField.css');
|
||||||
@ -96,7 +105,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
$record = $this->form->getRecord();
|
$record = $this->form->getRecord();
|
||||||
if(
|
if(
|
||||||
$record
|
$record
|
||||||
&& (is_a($record, 'Group') || is_a($record, 'PermissionRole'))
|
&& ($record instanceof Group || $record instanceof PermissionRole)
|
||||||
&& !$records->find('ID', $record->ID)
|
&& !$records->find('ID', $record->ID)
|
||||||
) {
|
) {
|
||||||
$records->push($record);
|
$records->push($record);
|
||||||
@ -117,7 +126,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
|
|
||||||
// Special case for Group records (not PermissionRole):
|
// Special case for Group records (not PermissionRole):
|
||||||
// Determine inherited assignments
|
// Determine inherited assignments
|
||||||
if(is_a($record, 'Group')) {
|
if(is_a($record, 'SilverStripe\\Security\\Group')) {
|
||||||
// Get all permissions from roles
|
// Get all permissions from roles
|
||||||
if ($record->Roles()->Count()) {
|
if ($record->Roles()->Count()) {
|
||||||
foreach($record->Roles() as $role) {
|
foreach($record->Roles() as $role) {
|
||||||
@ -172,7 +181,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
|
|
||||||
$odd = 0;
|
$odd = 0;
|
||||||
$options = '';
|
$options = '';
|
||||||
$globalHidden = (array)Config::inst()->get('Permission', 'hidden_permissions');
|
$globalHidden = (array)Config::inst()->get('SilverStripe\\Security\\Permission', 'hidden_permissions');
|
||||||
if($this->source) {
|
if($this->source) {
|
||||||
$privilegedPermissions = Permission::config()->privileged_permissions;
|
$privilegedPermissions = Permission::config()->privileged_permissions;
|
||||||
|
|
||||||
@ -188,7 +197,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
$odd = ($odd + 1) % 2;
|
$odd = ($odd + 1) % 2;
|
||||||
$extraClass = $odd ? 'odd' : 'even';
|
$extraClass = $odd ? 'odd' : 'even';
|
||||||
$extraClass .= ' val' . str_replace(' ', '', $code);
|
$extraClass .= ' val' . str_replace(' ', '', $code);
|
||||||
$itemID = $this->id() . '_' . preg_replace('/[^a-zA-Z0-9]+/', '', $code);
|
$itemID = $this->ID() . '_' . preg_replace('/[^a-zA-Z0-9]+/', '', $code);
|
||||||
$checked = $disabled = $inheritMessage = '';
|
$checked = $disabled = $inheritMessage = '';
|
||||||
$checked = (isset($uninheritedCodes[$code]) || isset($inheritedCodes[$code]))
|
$checked = (isset($uninheritedCodes[$code]) || isset($inheritedCodes[$code]))
|
||||||
? ' checked="checked"'
|
? ' checked="checked"'
|
||||||
@ -240,7 +249,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
}
|
}
|
||||||
if($this->readonly) {
|
if($this->readonly) {
|
||||||
return DBField::create_field('HTMLText',
|
return DBField::create_field('HTMLText',
|
||||||
"<ul id=\"{$this->id()}\" class=\"optionset checkboxsetfield{$this->extraClass()}\">\n" .
|
"<ul id=\"{$this->ID()}\" class=\"optionset checkboxsetfield{$this->extraClass()}\">\n" .
|
||||||
"<li class=\"help\">" .
|
"<li class=\"help\">" .
|
||||||
_t(
|
_t(
|
||||||
'Permissions.UserPermissionsIntro',
|
'Permissions.UserPermissionsIntro',
|
||||||
@ -253,7 +262,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
return DBField::create_field('HTMLText',
|
return DBField::create_field('HTMLText',
|
||||||
"<ul id=\"{$this->id()}\" class=\"optionset checkboxsetfield{$this->extraClass()}\">\n" .
|
"<ul id=\"{$this->ID()}\" class=\"optionset checkboxsetfield{$this->extraClass()}\">\n" .
|
||||||
$options .
|
$options .
|
||||||
"</ul>\n"
|
"</ul>\n"
|
||||||
);
|
);
|
||||||
@ -263,7 +272,7 @@ class PermissionCheckboxSetField extends FormField {
|
|||||||
/**
|
/**
|
||||||
* Update the permission set associated with $record DataObject
|
* Update the permission set associated with $record DataObject
|
||||||
*
|
*
|
||||||
* @param DataObject $record
|
* @param DataObjectInterface $record
|
||||||
*/
|
*/
|
||||||
public function saveInto(DataObjectInterface $record) {
|
public function saveInto(DataObjectInterface $record) {
|
||||||
$fieldname = $this->name;
|
$fieldname = $this->name;
|
@ -1,4 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Exception;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Throw this exception to register that a user doesn't have permission to do the given action
|
* Throw this exception to register that a user doesn't have permission to do the given action
|
||||||
* and potentially redirect them to the log-in page. The exception message may be presented to the
|
* and potentially redirect them to the log-in page. The exception message may be presented to the
|
@ -1,4 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Used to let classes provide new permission codes.
|
* Used to let classes provide new permission codes.
|
||||||
* Every implementor of PermissionProvider is accessed and providePermissions() called to get the full list of
|
* Every implementor of PermissionProvider is accessed and providePermissions() called to get the full list of
|
@ -1,6 +1,12 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\ORM\HasManyList;
|
||||||
|
use SilverStripe\ORM\ManyManyList;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A PermissionRole represents a collection of permission codes that can be applied to groups.
|
* A PermissionRole represents a collection of permission codes that can be applied to groups.
|
||||||
*
|
*
|
||||||
@ -28,13 +34,15 @@ class PermissionRole extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
"Codes" => "PermissionRoleCode",
|
"Codes" => "SilverStripe\\Security\\PermissionRoleCode",
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $belongs_many_many = array(
|
private static $belongs_many_many = array(
|
||||||
"Groups" => "Group",
|
"Groups" => "SilverStripe\\Security\\Group",
|
||||||
);
|
);
|
||||||
|
|
||||||
|
private static $table_name = "PermissionRole";
|
||||||
|
|
||||||
private static $default_sort = '"Title"';
|
private static $default_sort = '"Title"';
|
||||||
|
|
||||||
private static $singular_name = 'Role';
|
private static $singular_name = 'Role';
|
||||||
@ -51,13 +59,13 @@ class PermissionRole extends DataObject {
|
|||||||
'Root.Main',
|
'Root.Main',
|
||||||
$permissionField = new PermissionCheckboxSetField(
|
$permissionField = new PermissionCheckboxSetField(
|
||||||
'Codes',
|
'Codes',
|
||||||
singleton('Permission')->i18n_plural_name(),
|
Permission::singleton()->i18n_plural_name(),
|
||||||
'PermissionRoleCode',
|
'SilverStripe\\Security\\PermissionRoleCode',
|
||||||
'RoleID'
|
'RoleID'
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
$permissionField->setHiddenPermissions(
|
$permissionField->setHiddenPermissions(
|
||||||
Config::inst()->get('Permission', 'hidden_permissions')
|
Permission::config()->hidden_permissions
|
||||||
);
|
);
|
||||||
|
|
||||||
return $fields;
|
return $fields;
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A PermissionRoleCode represents a single permission code assigned to a {@link PermissionRole}.
|
* A PermissionRoleCode represents a single permission code assigned to a {@link PermissionRole}.
|
||||||
*
|
*
|
||||||
@ -19,14 +22,16 @@ class PermissionRoleCode extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Role" => "PermissionRole",
|
"Role" => "SilverStripe\\Security\\PermissionRole",
|
||||||
);
|
);
|
||||||
|
|
||||||
|
private static $table_name = "PermissionRoleCode";
|
||||||
|
|
||||||
public function validate() {
|
public function validate() {
|
||||||
$result = parent::validate();
|
$result = parent::validate();
|
||||||
|
|
||||||
// Check that new code doesn't increase privileges, unless an admin is editing.
|
// Check that new code doesn't increase privileges, unless an admin is editing.
|
||||||
$privilegedCodes = Config::inst()->get('Permission', 'privileged_permissions');
|
$privilegedCodes = Permission::config()->privileged_permissions;
|
||||||
if(
|
if(
|
||||||
$this->Code
|
$this->Code
|
||||||
&& in_array($this->Code, $privilegedCodes)
|
&& in_array($this->Code, $privilegedCodes)
|
@ -1,4 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Exception;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generates entropy values based on strongest available methods
|
* Generates entropy values based on strongest available methods
|
||||||
* (mcrypt_create_iv(), openssl_random_pseudo_bytes(), /dev/urandom, COM.CAPICOM.Utilities.1, mt_rand()).
|
* (mcrypt_create_iv(), openssl_random_pseudo_bytes(), /dev/urandom, COM.CAPICOM.Utilities.1, mt_rand()).
|
||||||
@ -46,7 +51,7 @@ class RandomGenerator {
|
|||||||
// try to read from the windows RNG
|
// try to read from the windows RNG
|
||||||
if($isWin && class_exists('COM')) {
|
if($isWin && class_exists('COM')) {
|
||||||
try {
|
try {
|
||||||
$comObj = new COM('CAPICOM.Utilities.1');
|
$comObj = new \COM('CAPICOM.Utilities.1');
|
||||||
|
|
||||||
if(is_callable(array($comObj,'GetRandom'))) {
|
if(is_callable(array($comObj,'GetRandom'))) {
|
||||||
return base64_decode($comObj->GetRandom(64, 0));
|
return base64_decode($comObj->GetRandom(64, 0));
|
@ -1,7 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use DateTime;
|
||||||
|
use DateInterval;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Persists a token associated with a device for users who opted for the "Remember Me"
|
* Persists a token associated with a device for users who opted for the "Remember Me"
|
||||||
* feature when logging in.
|
* feature when logging in.
|
||||||
@ -26,7 +32,7 @@ class RememberLoginHash extends DataObject {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array (
|
private static $has_one = array (
|
||||||
'Member' => 'Member',
|
'Member' => 'SilverStripe\\Security\\Member',
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $indexes = array(
|
private static $indexes = array(
|
||||||
@ -34,6 +40,8 @@ class RememberLoginHash extends DataObject {
|
|||||||
'Hash' => true
|
'Hash' => true
|
||||||
);
|
);
|
||||||
|
|
||||||
|
private static $table_name = "RememberLoginHash";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determines if logging out on one device also clears existing login tokens
|
* Determines if logging out on one device also clears existing login tokens
|
||||||
* on all other devices owned by the member.
|
* on all other devices owned by the member.
|
||||||
@ -95,7 +103,7 @@ class RememberLoginHash extends DataObject {
|
|||||||
/**
|
/**
|
||||||
* Creates a new random token and hashes it using the
|
* Creates a new random token and hashes it using the
|
||||||
* member information
|
* member information
|
||||||
* @param Member The logged in user
|
* @param Member $member The logged in user
|
||||||
* @return string The hash to be stored in the database
|
* @return string The hash to be stored in the database
|
||||||
*/
|
*/
|
||||||
public function getNewHash(Member $member){
|
public function getNewHash(Member $member){
|
||||||
@ -109,25 +117,27 @@ class RememberLoginHash extends DataObject {
|
|||||||
* The device is assigned a globally unique device ID
|
* The device is assigned a globally unique device ID
|
||||||
* The returned login hash stores the hashed token in the
|
* The returned login hash stores the hashed token in the
|
||||||
* database, for this device and this member
|
* database, for this device and this member
|
||||||
* @param Member The logged in user
|
* @param Member $member The logged in user
|
||||||
* @return RememberLoginHash The generated login hash
|
* @return RememberLoginHash The generated login hash
|
||||||
*/
|
*/
|
||||||
public static function generate(Member $member) {
|
public static function generate(Member $member) {
|
||||||
if(!$member->exists()) { return; }
|
if(!$member->exists()) {
|
||||||
if (Config::inst()->get('RememberLoginHash', 'force_single_token') == true) {
|
return null;
|
||||||
$rememberLoginHash = RememberLoginHash::get()->filter('MemberID', $member->ID)->removeAll();
|
}
|
||||||
|
if (static::config()->force_single_token) {
|
||||||
|
RememberLoginHash::get()->filter('MemberID', $member->ID)->removeAll();
|
||||||
}
|
}
|
||||||
$rememberLoginHash = RememberLoginHash::create();
|
$rememberLoginHash = RememberLoginHash::create();
|
||||||
do {
|
do {
|
||||||
$deviceID = $rememberLoginHash->getNewDeviceID();
|
$deviceID = $rememberLoginHash->getNewDeviceID();
|
||||||
} while (RememberLoginHash::get()->filter('DeviceID', $deviceID)->Count());
|
} while (RememberLoginHash::get()->filter('DeviceID', $deviceID)->count());
|
||||||
|
|
||||||
$rememberLoginHash->DeviceID = $deviceID;
|
$rememberLoginHash->DeviceID = $deviceID;
|
||||||
$rememberLoginHash->Hash = $rememberLoginHash->getNewHash($member);
|
$rememberLoginHash->Hash = $rememberLoginHash->getNewHash($member);
|
||||||
$rememberLoginHash->MemberID = $member->ID;
|
$rememberLoginHash->MemberID = $member->ID;
|
||||||
$now = DBDatetime::now();
|
$now = DBDatetime::now();
|
||||||
$expiryDate = new DateTime($now->Rfc2822());
|
$expiryDate = new DateTime($now->Rfc2822());
|
||||||
$tokenExpiryDays = Config::inst()->get('RememberLoginHash', 'token_expiry_days');
|
$tokenExpiryDays = static::config()->token_expiry_days;
|
||||||
$expiryDate->add(new DateInterval('P'.$tokenExpiryDays.'D'));
|
$expiryDate->add(new DateInterval('P'.$tokenExpiryDays.'D'));
|
||||||
$rememberLoginHash->ExpiryDate = $expiryDate->format('Y-m-d H:i:s');
|
$rememberLoginHash->ExpiryDate = $expiryDate->format('Y-m-d H:i:s');
|
||||||
$rememberLoginHash->extend('onAfterGenerateToken');
|
$rememberLoginHash->extend('onAfterGenerateToken');
|
||||||
@ -137,7 +147,7 @@ class RememberLoginHash extends DataObject {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Generates a new hash for this member but keeps the device ID intact
|
* Generates a new hash for this member but keeps the device ID intact
|
||||||
* @param Member the logged in user
|
*
|
||||||
* @return RememberLoginHash
|
* @return RememberLoginHash
|
||||||
*/
|
*/
|
||||||
public function renew() {
|
public function renew() {
|
||||||
@ -152,11 +162,14 @@ class RememberLoginHash extends DataObject {
|
|||||||
* Deletes existing tokens for this member
|
* Deletes existing tokens for this member
|
||||||
* if logout_across_devices is true, all tokens are deleted, otherwise
|
* if logout_across_devices is true, all tokens are deleted, otherwise
|
||||||
* only the token for the provided device ID will be removed
|
* only the token for the provided device ID will be removed
|
||||||
|
*
|
||||||
|
* @param Member $member
|
||||||
|
* @param string $alcDevice
|
||||||
*/
|
*/
|
||||||
public static function clear(Member $member, $alcDevice = null) {
|
public static function clear(Member $member, $alcDevice = null) {
|
||||||
if(!$member->exists()) { return; }
|
if(!$member->exists()) { return; }
|
||||||
$filter = array('MemberID'=>$member->ID);
|
$filter = array('MemberID'=>$member->ID);
|
||||||
if ((Config::inst()->get('RememberLoginHash', 'logout_across_devices') == false) && $alcDevice) {
|
if (!static::config()->logout_across_devices && $alcDevice) {
|
||||||
$filter['DeviceID'] = $alcDevice;
|
$filter['DeviceID'] = $alcDevice;
|
||||||
}
|
}
|
||||||
RememberLoginHash::get()
|
RememberLoginHash::get()
|
@ -1,8 +1,30 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use Form;
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use Controller;
|
||||||
|
use SS_HTTPRequest;
|
||||||
|
use TemplateGlobalProvider;
|
||||||
|
use Deprecation;
|
||||||
|
use Director;
|
||||||
|
use SS_HTTPResponse;
|
||||||
|
use Session;
|
||||||
|
use Config;
|
||||||
|
use Exception;
|
||||||
|
use Page;
|
||||||
|
use Page_Controller;
|
||||||
|
use ArrayData;
|
||||||
|
use FieldList;
|
||||||
|
use EmailField;
|
||||||
|
use FormAction;
|
||||||
|
use Convert;
|
||||||
|
use Object;
|
||||||
|
use ClassInfo;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Implements a basic security model
|
* Implements a basic security model
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -303,7 +325,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
$controller->extend('permissionDenied', $member);
|
$controller->extend('permissionDenied', $member);
|
||||||
|
|
||||||
return $controller->redirect(
|
return $controller->redirect(
|
||||||
Config::inst()->get('Security', 'login_url')
|
Config::inst()->get('SilverStripe\\Security\\Security', 'login_url')
|
||||||
. "?BackURL=" . urlencode($_SERVER['REQUEST_URI'])
|
. "?BackURL=" . urlencode($_SERVER['REQUEST_URI'])
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -341,6 +363,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
* Get the login form to process according to the submitted data
|
* Get the login form to process according to the submitted data
|
||||||
*
|
*
|
||||||
* @return Form
|
* @return Form
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function LoginForm() {
|
public function LoginForm() {
|
||||||
$authenticator = $this->getAuthenticator();
|
$authenticator = $this->getAuthenticator();
|
||||||
@ -375,6 +398,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
* @return string Returns the link to the given action
|
* @return string Returns the link to the given action
|
||||||
*/
|
*/
|
||||||
public function Link($action = null) {
|
public function Link($action = null) {
|
||||||
|
/** @skipUpgrade */
|
||||||
return Controller::join_links(Director::baseURL(), "Security", $action);
|
return Controller::join_links(Director::baseURL(), "Security", $action);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -448,6 +472,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
// Use sitetree pages to render the security page
|
// Use sitetree pages to render the security page
|
||||||
$tmpPage = new Page();
|
$tmpPage = new Page();
|
||||||
$tmpPage->Title = $title;
|
$tmpPage->Title = $title;
|
||||||
|
/** @skipUpgrade */
|
||||||
$tmpPage->URLSegment = "Security";
|
$tmpPage->URLSegment = "Security";
|
||||||
// Disable ID-based caching of the log-in page by making it a random number
|
// Disable ID-based caching of the log-in page by making it a random number
|
||||||
$tmpPage->ID = -1 * rand(1,10000000);
|
$tmpPage->ID = -1 * rand(1,10000000);
|
||||||
@ -465,6 +490,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
* @return array Template list
|
* @return array Template list
|
||||||
*/
|
*/
|
||||||
public function getTemplatesFor($action) {
|
public function getTemplatesFor($action) {
|
||||||
|
/** @skipUpgrade */
|
||||||
return array("Security_{$action}", 'Security', $this->stat('template_main'), 'BlankPage');
|
return array("Security_{$action}", 'Security', $this->stat('template_main'), 'BlankPage');
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -558,7 +584,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
public function basicauthlogin() {
|
public function basicauthlogin() {
|
||||||
$member = BasicAuth::requireLogin("SilverStripe login", 'ADMIN');
|
$member = BasicAuth::requireLogin("SilverStripe login", 'ADMIN');
|
||||||
$member->LogIn();
|
$member->logIn();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -652,7 +678,8 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
* - t: plaintext token
|
* - t: plaintext token
|
||||||
*
|
*
|
||||||
* @param Member $member Member object associated with this link.
|
* @param Member $member Member object associated with this link.
|
||||||
* @param string $autoLoginHash The auto login token.
|
* @param string $autologinToken The auto login token.
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function getPasswordResetLink($member, $autologinToken) {
|
public static function getPasswordResetLink($member, $autologinToken) {
|
||||||
$autologinToken = urldecode($autologinToken);
|
$autologinToken = urldecode($autologinToken);
|
||||||
@ -682,7 +709,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
// Extract the member from the URL.
|
// Extract the member from the URL.
|
||||||
$member = null;
|
$member = null;
|
||||||
if (isset($_REQUEST['m'])) {
|
if (isset($_REQUEST['m'])) {
|
||||||
$member = Member::get()->filter('ID', (int)$_REQUEST['m'])->First();
|
$member = Member::get()->filter('ID', (int)$_REQUEST['m'])->first();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check whether we are merely changin password, or resetting.
|
// Check whether we are merely changin password, or resetting.
|
||||||
@ -743,17 +770,23 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
/**
|
/**
|
||||||
* Factory method for the lost password form
|
* Factory method for the lost password form
|
||||||
*
|
*
|
||||||
* @return Form Returns the lost password form
|
* @return ChangePasswordForm Returns the lost password form
|
||||||
*/
|
*/
|
||||||
public function ChangePasswordForm() {
|
public function ChangePasswordForm() {
|
||||||
return Object::create('ChangePasswordForm', $this, 'ChangePasswordForm');
|
/** @skipUpgrade */
|
||||||
|
$formName = 'ChangePasswordForm';
|
||||||
|
return \Injector::inst()->createWithArgs(
|
||||||
|
'SilverStripe\\Security\\ChangePasswordForm',
|
||||||
|
[ $this, $formName]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the template for an include used for security.
|
* Gets the template for an include used for security.
|
||||||
* For use in any subclass.
|
* For use in any subclass.
|
||||||
*
|
*
|
||||||
* @return string|array Returns the template(s) for rendering
|
* @param string $name
|
||||||
|
* @return array Returns the template(s) for rendering
|
||||||
*/
|
*/
|
||||||
public function getIncludeTemplate($name) {
|
public function getIncludeTemplate($name) {
|
||||||
return array('Security_' . $name);
|
return array('Security_' . $name);
|
||||||
@ -776,17 +809,17 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
// coupling to subsites module
|
// coupling to subsites module
|
||||||
$origSubsite = null;
|
$origSubsite = null;
|
||||||
if(is_callable('Subsite::changeSubsite')) {
|
if(is_callable('Subsite::changeSubsite')) {
|
||||||
$origSubsite = Subsite::currentSubsiteID();
|
$origSubsite = \Subsite::currentSubsiteID();
|
||||||
Subsite::changeSubsite(0);
|
\Subsite::changeSubsite(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
$member = null;
|
$member = null;
|
||||||
|
|
||||||
// find a group with ADMIN permission
|
// find a group with ADMIN permission
|
||||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
|
$adminGroup = Permission::get_groups_by_permission('ADMIN')->first();
|
||||||
|
|
||||||
if(is_callable('Subsite::changeSubsite')) {
|
if(is_callable('Subsite::changeSubsite')) {
|
||||||
Subsite::changeSubsite($origSubsite);
|
\Subsite::changeSubsite($origSubsite);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($adminGroup) {
|
if ($adminGroup) {
|
||||||
@ -794,13 +827,13 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if(!$adminGroup) {
|
if(!$adminGroup) {
|
||||||
singleton('Group')->requireDefaultRecords();
|
Group::singleton()->requireDefaultRecords();
|
||||||
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
|
$adminGroup = Permission::get_groups_by_permission('ADMIN')->first();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$member) {
|
if(!$member) {
|
||||||
singleton('Member')->requireDefaultRecords();
|
Member::singleton()->requireDefaultRecords();
|
||||||
$member = Permission::get_members_by_permission('ADMIN')->First();
|
$member = Permission::get_members_by_permission('ADMIN')->first();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$member) {
|
if(!$member) {
|
||||||
@ -841,6 +874,7 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
*
|
*
|
||||||
* @param string $username The user name
|
* @param string $username The user name
|
||||||
* @param string $password The password (in cleartext)
|
* @param string $password The password (in cleartext)
|
||||||
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public static function setDefaultAdmin($username, $password) {
|
public static function setDefaultAdmin($username, $password) {
|
||||||
// don't overwrite if already set
|
// don't overwrite if already set
|
||||||
@ -1004,9 +1038,9 @@ class Security extends Controller implements TemplateGlobalProvider {
|
|||||||
return self::$database_is_ready;
|
return self::$database_is_ready;
|
||||||
}
|
}
|
||||||
|
|
||||||
$requiredClasses = ClassInfo::dataClassesFor('Member');
|
$requiredClasses = ClassInfo::dataClassesFor('SilverStripe\\Security\\Member');
|
||||||
$requiredClasses[] = 'Group';
|
$requiredClasses[] = 'SilverStripe\\Security\\Group';
|
||||||
$requiredClasses[] = 'Permission';
|
$requiredClasses[] = 'SilverStripe\\Security\\Permission';
|
||||||
|
|
||||||
foreach($requiredClasses as $class) {
|
foreach($requiredClasses as $class) {
|
||||||
// Skip test classes, as not all test classes are scaffolded at once
|
// Skip test classes, as not all test classes are scaffolded at once
|
@ -1,4 +1,15 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use FieldList;
|
||||||
|
use Object;
|
||||||
|
use SS_HTTPRequest;
|
||||||
|
use TemplateGlobalProvider;
|
||||||
|
use Session;
|
||||||
|
use HiddenField;
|
||||||
|
use Controller;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage security
|
* @subpackage security
|
||||||
@ -110,7 +121,8 @@ class SecurityToken extends Object implements TemplateGlobalProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return String
|
* @param string $name
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function setName($name) {
|
public function setName($name) {
|
||||||
$val = $this->getValue();
|
$val = $this->getValue();
|
@ -1,17 +1,17 @@
|
|||||||
---
|
---
|
||||||
name: coreencryptors
|
name: coreencryptors
|
||||||
---
|
---
|
||||||
PasswordEncryptor:
|
'SilverStripe\Security\PasswordEncryptor':
|
||||||
encryptors:
|
encryptors:
|
||||||
none:
|
none:
|
||||||
PasswordEncryptor_None:
|
'SilverStripe\Security\PasswordEncryptor_None':
|
||||||
md5:
|
md5:
|
||||||
PasswordEncryptor_LegacyPHPHash: md5
|
'SilverStripe\Security\PasswordEncryptor_LegacyPHPHash': md5
|
||||||
sha1:
|
sha1:
|
||||||
PasswordEncryptor_LegacyPHPHash: sha1
|
'SilverStripe\Security\PasswordEncryptor_LegacyPHPHash': sha1
|
||||||
md5_v2.4:
|
md5_v2.4:
|
||||||
PasswordEncryptor_PHPHash: md5
|
'SilverStripe\Security\PasswordEncryptor_PHPHash': md5
|
||||||
sha1_v2.4:
|
sha1_v2.4:
|
||||||
PasswordEncryptor_PHPHash: sha1
|
'SilverStripe\Security\PasswordEncryptor_PHPHash': sha1
|
||||||
blowfish:
|
blowfish:
|
||||||
PasswordEncryptor_Blowfish:
|
'SilverStripe\Security\PasswordEncryptor_Blowfish':
|
||||||
|
@ -14,8 +14,8 @@ After:
|
|||||||
---
|
---
|
||||||
Director:
|
Director:
|
||||||
rules:
|
rules:
|
||||||
'Security//$Action/$ID/$OtherID': 'Security'
|
'Security//$Action/$ID/$OtherID': 'SilverStripe\Security\Security'
|
||||||
'CMSSecurity//$Action/$ID/$OtherID': 'CMSSecurity'
|
'CMSSecurity//$Action/$ID/$OtherID': 'SilverStripe\Security\CMSSecurity'
|
||||||
'dev': 'DevelopmentAdmin'
|
'dev': 'DevelopmentAdmin'
|
||||||
'interactive': 'SapphireREPL'
|
'interactive': 'SapphireREPL'
|
||||||
'InstallerTest//$Action/$ID/$OtherID': 'InstallerTest'
|
'InstallerTest//$Action/$ID/$OtherID': 'InstallerTest'
|
||||||
|
@ -2,8 +2,11 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Special request handler for admin/batchaction
|
* Special request handler for admin/batchaction
|
||||||
@ -28,6 +31,9 @@ class CMSBatchActionHandler extends RequestHandler {
|
|||||||
'handleConfirmation',
|
'handleConfirmation',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var Controller
|
||||||
|
*/
|
||||||
protected $parentController;
|
protected $parentController;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -43,7 +49,7 @@ class CMSBatchActionHandler extends RequestHandler {
|
|||||||
protected $recordClass = 'SiteTree';
|
protected $recordClass = 'SiteTree';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $parentController
|
* @param Controller $parentController
|
||||||
* @param string $urlSegment
|
* @param string $urlSegment
|
||||||
* @param string $recordClass
|
* @param string $recordClass
|
||||||
*/
|
*/
|
||||||
@ -61,9 +67,10 @@ class CMSBatchActionHandler extends RequestHandler {
|
|||||||
* Register a new batch action. Each batch action needs to be represented by a subclass
|
* Register a new batch action. Each batch action needs to be represented by a subclass
|
||||||
* of {@link CMSBatchAction}.
|
* of {@link CMSBatchAction}.
|
||||||
*
|
*
|
||||||
* @param $urlSegment The URL Segment of the batch action - the URL used to process this
|
* @param string $urlSegment The URL Segment of the batch action - the URL used to process this
|
||||||
* action will be admin/batchactions/(urlSegment)
|
* action will be admin/batchactions/(urlSegment)
|
||||||
* @param $batchActionClass The name of the CMSBatchAction subclass to register
|
* @param string $batchActionClass The name of the CMSBatchAction subclass to register
|
||||||
|
* @param string $recordClass
|
||||||
*/
|
*/
|
||||||
public static function register($urlSegment, $batchActionClass, $recordClass = 'SiteTree') {
|
public static function register($urlSegment, $batchActionClass, $recordClass = 'SiteTree') {
|
||||||
if(is_subclass_of($batchActionClass, 'CMSBatchAction')) {
|
if(is_subclass_of($batchActionClass, 'CMSBatchAction')) {
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
/**
|
/**
|
||||||
* The object manages the main CMS menu. See {@link LeftAndMain::init()} for
|
* The object manages the main CMS menu. See {@link LeftAndMain::init()} for
|
||||||
* example usage.
|
* example usage.
|
||||||
@ -53,7 +55,6 @@ class CMSMenu extends Object implements IteratorAggregate, i18nEntityProvider {
|
|||||||
* Add a LeftAndMain controller to the CMS menu.
|
* Add a LeftAndMain controller to the CMS menu.
|
||||||
*
|
*
|
||||||
* @param string $controllerClass The class name of the controller
|
* @param string $controllerClass The class name of the controller
|
||||||
* @return The result of the operation
|
|
||||||
* @todo A director rule is added when a controller link is added, but it won't be removed
|
* @todo A director rule is added when a controller link is added, but it won't be removed
|
||||||
* when the item is removed. Functionality needed in {@link Director}.
|
* when the item is removed. Functionality needed in {@link Director}.
|
||||||
*/
|
*/
|
||||||
@ -65,6 +66,9 @@ class CMSMenu extends Object implements IteratorAggregate, i18nEntityProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Return a CMSMenuItem to add the given controller to the CMSMenu
|
* Return a CMSMenuItem to add the given controller to the CMSMenu
|
||||||
|
*
|
||||||
|
* @param string $controllerClass
|
||||||
|
* @return CMSMenuItem
|
||||||
*/
|
*/
|
||||||
protected static function menuitem_for_controller($controllerClass) {
|
protected static function menuitem_for_controller($controllerClass) {
|
||||||
$urlBase = Config::inst()->get($controllerClass, 'url_base', Config::FIRST_SET);
|
$urlBase = Config::inst()->get($controllerClass, 'url_base', Config::FIRST_SET);
|
||||||
@ -113,9 +117,9 @@ class CMSMenu extends Object implements IteratorAggregate, i18nEntityProvider {
|
|||||||
* @param string $controllerClass The controller class for this menu, used to check permisssions.
|
* @param string $controllerClass The controller class for this menu, used to check permisssions.
|
||||||
* If blank, it's assumed that this is public, and always shown to users who
|
* If blank, it's assumed that this is public, and always shown to users who
|
||||||
* have the rights to access some other part of the admin area.
|
* have the rights to access some other part of the admin area.
|
||||||
|
* @param int $priority
|
||||||
* @param array $attributes an array of attributes to include on the link.
|
* @param array $attributes an array of attributes to include on the link.
|
||||||
*
|
* @return bool Success
|
||||||
* @return boolean Success
|
|
||||||
*/
|
*/
|
||||||
public static function add_menu_item($code, $menuTitle, $url, $controllerClass = null, $priority = -1,
|
public static function add_menu_item($code, $menuTitle, $url, $controllerClass = null, $priority = -1,
|
||||||
$attributes = null) {
|
$attributes = null) {
|
||||||
@ -244,9 +248,9 @@ class CMSMenu extends Object implements IteratorAggregate, i18nEntityProvider {
|
|||||||
* @param string $controllerClass The controller class for this menu, used to check permisssions.
|
* @param string $controllerClass The controller class for this menu, used to check permisssions.
|
||||||
* If blank, it's assumed that this is public, and always shown to users who
|
* If blank, it's assumed that this is public, and always shown to users who
|
||||||
* have the rights to access some other part of the admin area.
|
* have the rights to access some other part of the admin area.
|
||||||
|
* @param int $priority
|
||||||
* @param array $attributes an array of attributes to include on the link.
|
* @param array $attributes an array of attributes to include on the link.
|
||||||
*
|
* @return bool Success
|
||||||
* @return boolean Success
|
|
||||||
*/
|
*/
|
||||||
public static function replace_menu_item($code, $menuTitle, $url, $controllerClass = null, $priority = -1,
|
public static function replace_menu_item($code, $menuTitle, $url, $controllerClass = null, $priority = -1,
|
||||||
$attributes = null) {
|
$attributes = null) {
|
||||||
@ -265,6 +269,9 @@ class CMSMenu extends Object implements IteratorAggregate, i18nEntityProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a previously built menu item object to the menu
|
* Add a previously built menu item object to the menu
|
||||||
|
*
|
||||||
|
* @param string $code
|
||||||
|
* @param CMSMenuItem $cmsMenuItem
|
||||||
*/
|
*/
|
||||||
protected static function add_menu_item_obj($code, $cmsMenuItem) {
|
protected static function add_menu_item_obj($code, $cmsMenuItem) {
|
||||||
self::$menu_item_changes[] = array(
|
self::$menu_item_changes[] = array(
|
||||||
|
@ -1,7 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -15,7 +17,7 @@ class CMSProfileController extends LeftAndMain {
|
|||||||
|
|
||||||
private static $required_permission_codes = false;
|
private static $required_permission_codes = false;
|
||||||
|
|
||||||
private static $tree_class = 'Member';
|
private static $tree_class = 'SilverStripe\\Security\\Member';
|
||||||
|
|
||||||
public function getEditForm($id = null, $fields = null) {
|
public function getEditForm($id = null, $fields = null) {
|
||||||
$this->setCurrentPageID(Member::currentUserID());
|
$this->setCurrentPageID(Member::currentUserID());
|
||||||
@ -40,7 +42,7 @@ class CMSProfileController extends LeftAndMain {
|
|||||||
if($member = Member::currentUser()) {
|
if($member = Member::currentUser()) {
|
||||||
$form->setValidator($member->getValidator());
|
$form->setValidator($member->getValidator());
|
||||||
} else {
|
} else {
|
||||||
$form->setValidator(Injector::inst()->get('Member')->getValidator());
|
$form->setValidator(Member::singleton()->getValidator());
|
||||||
}
|
}
|
||||||
|
|
||||||
if($form->Fields()->hasTabset()) {
|
if($form->Fields()->hasTabset()) {
|
||||||
@ -70,7 +72,7 @@ class CMSProfileController extends LeftAndMain {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function save($data, $form) {
|
public function save($data, $form) {
|
||||||
$member = DataObject::get_by_id("Member", $data['ID']);
|
$member = Member::get()->byID($data['ID']);
|
||||||
if(!$member) return $this->httpError(404);
|
if(!$member) return $this->httpError(404);
|
||||||
$origLocale = $member->Locale;
|
$origLocale = $member->Locale;
|
||||||
|
|
||||||
@ -93,6 +95,9 @@ class CMSProfileController extends LeftAndMain {
|
|||||||
* Only show first element, as the profile form is limited to editing
|
* Only show first element, as the profile form is limited to editing
|
||||||
* the current member it doesn't make much sense to show the member name
|
* the current member it doesn't make much sense to show the member name
|
||||||
* in the breadcrumbs.
|
* in the breadcrumbs.
|
||||||
|
*
|
||||||
|
* @param bool $unlinked
|
||||||
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function Breadcrumbs($unlinked = false) {
|
public function Breadcrumbs($unlinked = false) {
|
||||||
$items = parent::Breadcrumbs($unlinked);
|
$items = parent::Breadcrumbs($unlinked);
|
||||||
|
@ -1,8 +1,12 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\Versioning\ChangeSet;
|
use SilverStripe\ORM\Versioning\ChangeSet;
|
||||||
use SilverStripe\ORM\Versioning\ChangeSetItem;
|
use SilverStripe\ORM\Versioning\ChangeSetItem;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
use SilverStripe\Security\PermissionProvider;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Campaign section of the CMS
|
* Campaign section of the CMS
|
||||||
|
@ -1,5 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
|
use SilverStripe\Security\GroupCsvBulkLoader;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Imports {@link Group} records by CSV upload, as defined in
|
* Imports {@link Group} records by CSV upload, as defined in
|
||||||
* {@link GroupCsvBulkLoader}.
|
* {@link GroupCsvBulkLoader}.
|
||||||
|
@ -7,6 +7,8 @@
|
|||||||
|
|
||||||
use SilverStripe\Forms\Schema\FormSchema;
|
use SilverStripe\Forms\Schema\FormSchema;
|
||||||
|
|
||||||
|
use SilverStripe\ORM\Hierarchy\Hierarchy;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
use SilverStripe\ORM\ValidationException;
|
use SilverStripe\ORM\ValidationException;
|
||||||
@ -15,6 +17,12 @@ use SilverStripe\ORM\FieldType\DBField;
|
|||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\Queries\SQLSelect;
|
use SilverStripe\ORM\Queries\SQLSelect;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\PermissionProvider;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -660,6 +668,7 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
* You should implement a Link() function in your subclass of LeftAndMain,
|
* You should implement a Link() function in your subclass of LeftAndMain,
|
||||||
* to point to the URL of that particular controller.
|
* to point to the URL of that particular controller.
|
||||||
*
|
*
|
||||||
|
* @param string $action
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function Link($action = null) {
|
public function Link($action = null) {
|
||||||
@ -733,6 +742,11 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return SS_HTTPResponse
|
||||||
|
* @throws SS_HTTPResponse_Exception
|
||||||
|
*/
|
||||||
public function show($request) {
|
public function show($request) {
|
||||||
// TODO Necessary for TableListField URLs to work properly
|
// TODO Necessary for TableListField URLs to work properly
|
||||||
if($request->param('ID')) $this->setCurrentPageID($request->param('ID'));
|
if($request->param('ID')) $this->setCurrentPageID($request->param('ID'));
|
||||||
@ -775,7 +789,7 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
* Returns the main menu of the CMS. This is also used by init()
|
* Returns the main menu of the CMS. This is also used by init()
|
||||||
* to work out which sections the user has access to.
|
* to work out which sections the user has access to.
|
||||||
*
|
*
|
||||||
* @param Boolean
|
* @param bool $cached
|
||||||
* @return SS_List
|
* @return SS_List
|
||||||
*/
|
*/
|
||||||
public function MainMenu($cached = true) {
|
public function MainMenu($cached = true) {
|
||||||
@ -874,6 +888,7 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
* Return a list of appropriate templates for this class, with the given suffix using
|
* Return a list of appropriate templates for this class, with the given suffix using
|
||||||
* {@link SSViewer::get_templates_by_class()}
|
* {@link SSViewer::get_templates_by_class()}
|
||||||
*
|
*
|
||||||
|
* @param string $suffix
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getTemplatesWithSuffix($suffix) {
|
public function getTemplatesWithSuffix($suffix) {
|
||||||
@ -898,6 +913,7 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* @param bool $unlinked
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function Breadcrumbs($unlinked = false) {
|
public function Breadcrumbs($unlinked = false) {
|
||||||
@ -965,12 +981,15 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
/**
|
/**
|
||||||
* Get a site tree HTML listing which displays the nodes under the given criteria.
|
* Get a site tree HTML listing which displays the nodes under the given criteria.
|
||||||
*
|
*
|
||||||
* @param $className The class of the root object
|
* @param string $className The class of the root object
|
||||||
* @param $rootID The ID of the root object. If this is null then a complete tree will be
|
* @param string $rootID The ID of the root object. If this is null then a complete tree will be
|
||||||
* shown
|
* shown
|
||||||
* @param $childrenMethod The method to call to get the children of the tree. For example,
|
* @param string $childrenMethod The method to call to get the children of the tree. For example,
|
||||||
* Children, AllChildrenIncludingDeleted, or AllHistoricalChildren
|
* Children, AllChildrenIncludingDeleted, or AllHistoricalChildren
|
||||||
* @return String Nested unordered list with links to each page
|
* @param string $numChildrenMethod
|
||||||
|
* @param callable $filterFunction
|
||||||
|
* @param int $nodeCountThreshold
|
||||||
|
* @return string Nested unordered list with links to each page
|
||||||
*/
|
*/
|
||||||
public function getSiteTreeFor($className, $rootID = null, $childrenMethod = null, $numChildrenMethod = null,
|
public function getSiteTreeFor($className, $rootID = null, $childrenMethod = null, $numChildrenMethod = null,
|
||||||
$filterFunction = null, $nodeCountThreshold = 30) {
|
$filterFunction = null, $nodeCountThreshold = 30) {
|
||||||
@ -1100,6 +1119,9 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
/**
|
/**
|
||||||
* Get a subtree underneath the request param 'ID'.
|
* Get a subtree underneath the request param 'ID'.
|
||||||
* If ID = 0, then get the whole tree.
|
* If ID = 0, then get the whole tree.
|
||||||
|
*
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getsubtree($request) {
|
public function getsubtree($request) {
|
||||||
$html = $this->getSiteTreeFor(
|
$html = $this->getSiteTreeFor(
|
||||||
@ -1124,7 +1146,8 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
* all children with the node. Useful to refresh views after
|
* all children with the node. Useful to refresh views after
|
||||||
* state modifications, e.g. saving a form.
|
* state modifications, e.g. saving a form.
|
||||||
*
|
*
|
||||||
* @return String JSON
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return string JSON
|
||||||
*/
|
*/
|
||||||
public function updatetreenodes($request) {
|
public function updatetreenodes($request) {
|
||||||
$data = array();
|
$data = array();
|
||||||
@ -1264,7 +1287,9 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
|||||||
* - 'SiblingIDs': Array of all sibling nodes to the moved node (incl. the node itself).
|
* - 'SiblingIDs': Array of all sibling nodes to the moved node (incl. the node itself).
|
||||||
* In case of a 'ParentID' change, relates to the new siblings under the new parent.
|
* In case of a 'ParentID' change, relates to the new siblings under the new parent.
|
||||||
*
|
*
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
* @return SS_HTTPResponse JSON string with a
|
* @return SS_HTTPResponse JSON string with a
|
||||||
|
* @throws SS_HTTPResponse_Exception
|
||||||
*/
|
*/
|
||||||
public function savetreenode($request) {
|
public function savetreenode($request) {
|
||||||
if (!SecurityToken::inst()->checkRequest($request)) {
|
if (!SecurityToken::inst()->checkRequest($request)) {
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\MemberCsvBulkLoader;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Imports {@link Member} records by CSV upload, as defined in
|
* Imports {@link Member} records by CSV upload, as defined in
|
||||||
* {@link MemberCsvBulkLoader}.
|
* {@link MemberCsvBulkLoader}.
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generates a three-pane UI for editing model classes, with an
|
* Generates a three-pane UI for editing model classes, with an
|
||||||
* automatically generated search panel, tabular results and edit forms.
|
* automatically generated search panel, tabular results and edit forms.
|
||||||
@ -248,6 +251,8 @@ abstract class ModelAdmin extends LeftAndMain {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Sanitise a model class' name for inclusion in a link
|
* Sanitise a model class' name for inclusion in a link
|
||||||
|
*
|
||||||
|
* @param string $class
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected function sanitiseClassName($class) {
|
protected function sanitiseClassName($class) {
|
||||||
@ -256,6 +261,8 @@ abstract class ModelAdmin extends LeftAndMain {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Unsanitise a model class' name from a URL param
|
* Unsanitise a model class' name from a URL param
|
||||||
|
*
|
||||||
|
* @param string $class
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected function unsanitiseClassName($class) {
|
protected function unsanitiseClassName($class) {
|
||||||
@ -444,6 +451,7 @@ abstract class ModelAdmin extends LeftAndMain {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* @param bool $unlinked
|
||||||
* @return ArrayList
|
* @return ArrayList
|
||||||
*/
|
*/
|
||||||
public function Breadcrumbs($unlinked = false) {
|
public function Breadcrumbs($unlinked = false) {
|
||||||
|
@ -1,5 +1,12 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\PermissionRole;
|
||||||
|
use SilverStripe\Security\PermissionProvider;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Security section of the CMS
|
* Security section of the CMS
|
||||||
*
|
*
|
||||||
@ -14,9 +21,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
|
|
||||||
private static $menu_title = 'Security';
|
private static $menu_title = 'Security';
|
||||||
|
|
||||||
private static $tree_class = 'Group';
|
private static $tree_class = 'SilverStripe\\Security\\Group';
|
||||||
|
|
||||||
private static $subitem_class = 'Member';
|
private static $subitem_class = 'SilverStripe\\Security\\Member';
|
||||||
|
|
||||||
private static $allowed_actions = array(
|
private static $allowed_actions = array(
|
||||||
'EditForm',
|
'EditForm',
|
||||||
@ -36,6 +43,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Shortcut action for setting the correct active tab.
|
* Shortcut action for setting the correct active tab.
|
||||||
|
*
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function users($request) {
|
public function users($request) {
|
||||||
return $this->index($request);
|
return $this->index($request);
|
||||||
@ -43,6 +53,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Shortcut action for setting the correct active tab.
|
* Shortcut action for setting the correct active tab.
|
||||||
|
*
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function groups($request) {
|
public function groups($request) {
|
||||||
return $this->index($request);
|
return $this->index($request);
|
||||||
@ -50,6 +63,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Shortcut action for setting the correct active tab.
|
* Shortcut action for setting the correct active tab.
|
||||||
|
*
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function roles($request) {
|
public function roles($request) {
|
||||||
return $this->index($request);
|
return $this->index($request);
|
||||||
@ -79,7 +95,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
if($record && method_exists($record, 'getValidator')) {
|
if($record && method_exists($record, 'getValidator')) {
|
||||||
$validator = $record->getValidator();
|
$validator = $record->getValidator();
|
||||||
} else {
|
} else {
|
||||||
$validator = Injector::inst()->get('Member')->getValidator();
|
$validator = Member::singleton()->getValidator();
|
||||||
}
|
}
|
||||||
|
|
||||||
$memberListConfig
|
$memberListConfig
|
||||||
@ -94,7 +110,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
);
|
);
|
||||||
$columns = $groupList->getConfig()->getComponentByType('GridFieldDataColumns');
|
$columns = $groupList->getConfig()->getComponentByType('GridFieldDataColumns');
|
||||||
$columns->setDisplayFields(array(
|
$columns->setDisplayFields(array(
|
||||||
'Breadcrumbs' => singleton('Group')->fieldLabel('Title')
|
'Breadcrumbs' => singleton('SilverStripe\\Security\\Group')->fieldLabel('Title')
|
||||||
));
|
));
|
||||||
$columns->setFieldFormatting(array(
|
$columns->setFieldFormatting(array(
|
||||||
'Breadcrumbs' => function($val, $item) {
|
'Breadcrumbs' => function($val, $item) {
|
||||||
@ -117,7 +133,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
$groupsTab = new Tab('Groups', singleton('Group')->i18n_plural_name(),
|
$groupsTab = new Tab('Groups', singleton('SilverStripe\\Security\\Group')->i18n_plural_name(),
|
||||||
$groupList
|
$groupList
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
@ -276,7 +292,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
$firstCrumb = $crumbs->shift();
|
$firstCrumb = $crumbs->shift();
|
||||||
if($params['FieldName'] == 'Groups') {
|
if($params['FieldName'] == 'Groups') {
|
||||||
$crumbs->unshift(new ArrayData(array(
|
$crumbs->unshift(new ArrayData(array(
|
||||||
'Title' => singleton('Group')->i18n_plural_name(),
|
'Title' => singleton('SilverStripe\\Security\\Group')->i18n_plural_name(),
|
||||||
'Link' => $this->Link('groups')
|
'Link' => $this->Link('groups')
|
||||||
)));
|
)));
|
||||||
} elseif($params['FieldName'] == 'Users') {
|
} elseif($params['FieldName'] == 'Users') {
|
||||||
@ -335,7 +351,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
public static function add_hidden_permission($codes){
|
public static function add_hidden_permission($codes){
|
||||||
if(is_string($codes)) $codes = array($codes);
|
if(is_string($codes)) $codes = array($codes);
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
||||||
Config::inst()->update('Permission', 'hidden_permissions', $codes);
|
Config::inst()->update('SilverStripe\\Security\\Permission', 'hidden_permissions', $codes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -345,7 +361,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
public static function remove_hidden_permission($codes){
|
public static function remove_hidden_permission($codes){
|
||||||
if(is_string($codes)) $codes = array($codes);
|
if(is_string($codes)) $codes = array($codes);
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
||||||
Config::inst()->remove('Permission', 'hidden_permissions', $codes);
|
Config::inst()->remove('SilverStripe\\Security\\Permission', 'hidden_permissions', $codes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -354,7 +370,7 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
*/
|
*/
|
||||||
public static function get_hidden_permissions(){
|
public static function get_hidden_permissions(){
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
||||||
Config::inst()->get('Permission', 'hidden_permissions', Config::FIRST_SET);
|
Config::inst()->get('SilverStripe\\Security\\Permission', 'hidden_permissions', Config::FIRST_SET);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -364,6 +380,6 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
*/
|
*/
|
||||||
public static function clear_hidden_permissions(){
|
public static function clear_hidden_permissions(){
|
||||||
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
Deprecation::notice('4.0', 'Use "Permission.hidden_permissions" config setting instead');
|
||||||
Config::inst()->remove('Permission', 'hidden_permissions', Config::anything());
|
Config::inst()->remove('SilverStripe\\Security\\Permission', 'hidden_permissions', Config::anything());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -64,7 +64,7 @@ class LeftAndMainTest extends FunctionalTest {
|
|||||||
|
|
||||||
|
|
||||||
public function testExtraCssAndJavascript() {
|
public function testExtraCssAndJavascript() {
|
||||||
$admin = $this->objFromFixture('Member', 'admin');
|
$admin = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$this->session()->inst_set('loggedInAs', $admin->ID);
|
$this->session()->inst_set('loggedInAs', $admin->ID);
|
||||||
$response = $this->get('LeftAndMainTest_Controller');
|
$response = $this->get('LeftAndMainTest_Controller');
|
||||||
|
|
||||||
@ -146,7 +146,7 @@ class LeftAndMainTest extends FunctionalTest {
|
|||||||
* Check that all subclasses of leftandmain can be accessed
|
* Check that all subclasses of leftandmain can be accessed
|
||||||
*/
|
*/
|
||||||
public function testLeftAndMainSubclasses() {
|
public function testLeftAndMainSubclasses() {
|
||||||
$adminuser = $this->objFromFixture('Member','admin');
|
$adminuser = $this->objFromFixture('SilverStripe\\Security\\Member','admin');
|
||||||
$this->session()->inst_set('loggedInAs', $adminuser->ID);
|
$this->session()->inst_set('loggedInAs', $adminuser->ID);
|
||||||
|
|
||||||
$this->resetMenu();
|
$this->resetMenu();
|
||||||
@ -172,9 +172,9 @@ class LeftAndMainTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testCanView() {
|
public function testCanView() {
|
||||||
$adminuser = $this->objFromFixture('Member', 'admin');
|
$adminuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$securityonlyuser = $this->objFromFixture('Member', 'securityonlyuser');
|
$securityonlyuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'securityonlyuser');
|
||||||
$allcmssectionsuser = $this->objFromFixture('Member', 'allcmssectionsuser');
|
$allcmssectionsuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'allcmssectionsuser');
|
||||||
$allValsFn = create_function('$obj', 'return $obj->getValue();');
|
$allValsFn = create_function('$obj', 'return $obj->getValue();');
|
||||||
|
|
||||||
// anonymous user
|
// anonymous user
|
||||||
|
@ -89,7 +89,7 @@ LeftAndMainTest_Object:
|
|||||||
Title: Home
|
Title: Home
|
||||||
URLSegment: home
|
URLSegment: home
|
||||||
Sort: 0
|
Sort: 0
|
||||||
Group:
|
SilverStripe\Security\Group:
|
||||||
admin:
|
admin:
|
||||||
Title: Administrators
|
Title: Administrators
|
||||||
empty:
|
empty:
|
||||||
@ -100,30 +100,30 @@ Group:
|
|||||||
Title: allcmssections
|
Title: allcmssections
|
||||||
rooteditusers:
|
rooteditusers:
|
||||||
Title: rooteditusers
|
Title: rooteditusers
|
||||||
Member:
|
SilverStripe\Security\Member:
|
||||||
admin:
|
admin:
|
||||||
Email: admin@example.com
|
Email: admin@example.com
|
||||||
Password: ZXXlkwecxz2390232233
|
Password: ZXXlkwecxz2390232233
|
||||||
Groups: =>Group.admin
|
Groups: =>SilverStripe\Security\Group.admin
|
||||||
securityonlyuser:
|
securityonlyuser:
|
||||||
Email: securityonlyuser@test.com
|
Email: securityonlyuser@test.com
|
||||||
Groups: =>Group.securityonly
|
Groups: =>SilverStripe\Security\Group.securityonly
|
||||||
allcmssectionsuser:
|
allcmssectionsuser:
|
||||||
Email: allcmssectionsuser@test.com
|
Email: allcmssectionsuser@test.com
|
||||||
Groups: =>Group.allcmssections
|
Groups: =>SilverStripe\Security\Group.allcmssections
|
||||||
rootedituser:
|
rootedituser:
|
||||||
Email: rootedituser@test.com
|
Email: rootedituser@test.com
|
||||||
Groups: =>Group.rooteditusers
|
Groups: =>SilverStripe\Security\Group.rooteditusers
|
||||||
Permission:
|
SilverStripe\Security\Permission:
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
GroupID: =>Group.admin
|
GroupID: =>SilverStripe\Security\Group.admin
|
||||||
securityonly:
|
securityonly:
|
||||||
Code: CMS_ACCESS_SecurityAdmin
|
Code: CMS_ACCESS_SecurityAdmin
|
||||||
GroupID: =>Group.securityonly
|
GroupID: =>SilverStripe\Security\Group.securityonly
|
||||||
allcmssections:
|
allcmssections:
|
||||||
Code: CMS_ACCESS_LeftAndMain
|
Code: CMS_ACCESS_LeftAndMain
|
||||||
GroupID: =>Group.allcmssections
|
GroupID: =>SilverStripe\Security\Group.allcmssections
|
||||||
allcmssections2:
|
allcmssections2:
|
||||||
Code: CMS_ACCESS_LeftAndMain
|
Code: CMS_ACCESS_LeftAndMain
|
||||||
GroupID: =>Group.rooteditusers
|
GroupID: =>SilverStripe\Security\Group.rooteditusers
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
class ModelAdminTest extends FunctionalTest {
|
class ModelAdminTest extends FunctionalTest {
|
||||||
protected static $fixture_file = 'ModelAdminTest.yml';
|
protected static $fixture_file = 'ModelAdminTest.yml';
|
||||||
|
@ -6,14 +6,14 @@ ModelAdminTest_Contact:
|
|||||||
Name: ingo
|
Name: ingo
|
||||||
Phone: 04 987 6543
|
Phone: 04 987 6543
|
||||||
|
|
||||||
Member:
|
SilverStripe\Security\Member:
|
||||||
admin:
|
admin:
|
||||||
FirstName: admin
|
FirstName: admin
|
||||||
Group:
|
SilverStripe\Security\Group:
|
||||||
admin:
|
admin:
|
||||||
Title: Admin
|
Title: Admin
|
||||||
Members: =>Member.admin
|
Members: =>SilverStripe\Security\Member.admin
|
||||||
Permission:
|
SilverStripe\Security\Permission:
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Group: =>Group.admin
|
Group: =>SilverStripe\Security\Group.admin
|
||||||
|
@ -46,11 +46,11 @@ class SecurityAdminTest extends FunctionalTest {
|
|||||||
// }
|
// }
|
||||||
|
|
||||||
public function testPermissionFieldRespectsHiddenPermissions() {
|
public function testPermissionFieldRespectsHiddenPermissions() {
|
||||||
$this->session()->inst_set('loggedInAs', $this->idFromFixture('Member', 'admin'));
|
$this->session()->inst_set('loggedInAs', $this->idFromFixture('SilverStripe\\Security\\Member', 'admin'));
|
||||||
|
|
||||||
$group = $this->objFromFixture('Group', 'admin');
|
$group = $this->objFromFixture('SilverStripe\\Security\\Group', 'admin');
|
||||||
|
|
||||||
Config::inst()->update('Permission', 'hidden_permissions', array('CMS_ACCESS_ReportAdmin'));
|
Config::inst()->update('SilverStripe\\Security\\Permission', 'hidden_permissions', array('CMS_ACCESS_ReportAdmin'));
|
||||||
$response = $this->get(sprintf('admin/security/EditForm/field/Groups/item/%d/edit', $group->ID));
|
$response = $this->get(sprintf('admin/security/EditForm/field/Groups/item/%d/edit', $group->ID));
|
||||||
|
|
||||||
$this->assertContains(
|
$this->assertContains(
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
/**
|
/**
|
||||||
* Base class invoked from CLI rather than the webserver (Cron jobs, handling email bounces).
|
* Base class invoked from CLI rather than the webserver (Cron jobs, handling email bounces).
|
||||||
* You can call subclasses of CliController directly, which will trigger a
|
* You can call subclasses of CliController directly, which will trigger a
|
||||||
|
@ -52,6 +52,8 @@
|
|||||||
|
|
||||||
use Monolog\Logger;
|
use Monolog\Logger;
|
||||||
use Monolog\Handler\StreamHandler;
|
use Monolog\Handler\StreamHandler;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* _ss_environment.php handler
|
* _ss_environment.php handler
|
||||||
@ -139,7 +141,7 @@ if(defined('SS_DEFAULT_ADMIN_USERNAME')) {
|
|||||||
Security::setDefaultAdmin(SS_DEFAULT_ADMIN_USERNAME, SS_DEFAULT_ADMIN_PASSWORD);
|
Security::setDefaultAdmin(SS_DEFAULT_ADMIN_USERNAME, SS_DEFAULT_ADMIN_PASSWORD);
|
||||||
}
|
}
|
||||||
if(defined('SS_USE_BASIC_AUTH') && SS_USE_BASIC_AUTH) {
|
if(defined('SS_USE_BASIC_AUTH') && SS_USE_BASIC_AUTH) {
|
||||||
Config::inst()->update('BasicAuth', 'entire_site_protected', SS_USE_BASIC_AUTH);
|
Config::inst()->update('SilverStripe\\Security\\BasicAuth', 'entire_site_protected', SS_USE_BASIC_AUTH);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(defined('SS_ERROR_LOG')) {
|
if(defined('SS_ERROR_LOG')) {
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
use SilverStripe\Security\BasicAuth;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Controllers are the cornerstone of all site functionality in SilverStripe. The {@link Director}
|
* Controllers are the cornerstone of all site functionality in SilverStripe. The {@link Director}
|
||||||
@ -221,7 +225,7 @@ class Controller extends RequestHandler implements TemplateGlobalProvider {
|
|||||||
* Prepare the response (we can receive an assortment of response types (strings/objects/HTTPResponses) and
|
* Prepare the response (we can receive an assortment of response types (strings/objects/HTTPResponses) and
|
||||||
* changes the controller response object appropriately
|
* changes the controller response object appropriately
|
||||||
*
|
*
|
||||||
* @param $response
|
* @param SS_HTTPResponse|Object $response
|
||||||
*/
|
*/
|
||||||
protected function prepareResponse($response) {
|
protected function prepareResponse($response) {
|
||||||
if ($response instanceof SS_HTTPResponse) {
|
if ($response instanceof SS_HTTPResponse) {
|
||||||
@ -263,7 +267,7 @@ class Controller extends RequestHandler implements TemplateGlobalProvider {
|
|||||||
* @param SS_HTTPRequest $request
|
* @param SS_HTTPRequest $request
|
||||||
* @param string $action
|
* @param string $action
|
||||||
*
|
*
|
||||||
* @return HTMLText|SS_HTTPResponse
|
* @return DBHTMLText|SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
protected function handleAction($request, $action) {
|
protected function handleAction($request, $action) {
|
||||||
foreach($request->latestParams() as $k => $v) {
|
foreach($request->latestParams() as $k => $v) {
|
||||||
@ -302,6 +306,7 @@ class Controller extends RequestHandler implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $urlParams
|
* @param array $urlParams
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setURLParams($urlParams) {
|
public function setURLParams($urlParams) {
|
||||||
$this->urlParams = $urlParams;
|
$this->urlParams = $urlParams;
|
||||||
@ -373,8 +378,7 @@ class Controller extends RequestHandler implements TemplateGlobalProvider {
|
|||||||
* controller object with the template returned by {@link getViewer()}.
|
* controller object with the template returned by {@link getViewer()}.
|
||||||
*
|
*
|
||||||
* @param string $action
|
* @param string $action
|
||||||
*
|
* @return DBHTMLText
|
||||||
* @return HTMLText
|
|
||||||
*/
|
*/
|
||||||
public function defaultAction($action) {
|
public function defaultAction($action) {
|
||||||
return $this->getViewer($action)->process($this);
|
return $this->getViewer($action)->process($this);
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\PermissionFailureException;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class is the base class of any SilverStripe object that can be used to handle HTTP requests.
|
* This class is the base class of any SilverStripe object that can be used to handle HTTP requests.
|
||||||
@ -123,6 +127,8 @@ class RequestHandler extends ViewableData {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the DataModel for this request.
|
* Set the DataModel for this request.
|
||||||
|
*
|
||||||
|
* @param DataModel $model
|
||||||
*/
|
*/
|
||||||
public function setDataModel($model) {
|
public function setDataModel($model) {
|
||||||
$this->model = $model;
|
$this->model = $model;
|
||||||
@ -144,9 +150,8 @@ class RequestHandler extends ViewableData {
|
|||||||
* action will return an array of data with which to
|
* action will return an array of data with which to
|
||||||
* customise the controller.
|
* customise the controller.
|
||||||
*
|
*
|
||||||
* @param $request The {@link SS_HTTPRequest} object that is reponsible for distributing URL parsing
|
* @param SS_HTTPRequest $request The object that is reponsible for distributing URL parsing
|
||||||
* @uses SS_HTTPRequest
|
* @param DataModel $model
|
||||||
* @uses SS_HTTPRequest->match()
|
|
||||||
* @return SS_HTTPResponse|RequestHandler|string|array
|
* @return SS_HTTPResponse|RequestHandler|string|array
|
||||||
*/
|
*/
|
||||||
public function handleRequest(SS_HTTPRequest $request, DataModel $model) {
|
public function handleRequest(SS_HTTPRequest $request, DataModel $model) {
|
||||||
@ -240,6 +245,10 @@ class RequestHandler extends ViewableData {
|
|||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
protected function findAction($request) {
|
protected function findAction($request) {
|
||||||
$handlerClass = ($this->class) ? $this->class : get_class($this);
|
$handlerClass = ($this->class) ? $this->class : get_class($this);
|
||||||
|
|
||||||
@ -386,6 +395,9 @@ class RequestHandler extends ViewableData {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the class that defines the given action, so that we know where to check allowed_actions.
|
* Return the class that defines the given action, so that we know where to check allowed_actions.
|
||||||
|
*
|
||||||
|
* @param string $actionOrigCasing
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected function definingClassForAction($actionOrigCasing) {
|
protected function definingClassForAction($actionOrigCasing) {
|
||||||
$action = strtolower($actionOrigCasing);
|
$action = strtolower($actionOrigCasing);
|
||||||
@ -403,6 +415,10 @@ class RequestHandler extends ViewableData {
|
|||||||
/**
|
/**
|
||||||
* Check that the given action is allowed to be called from a URL.
|
* Check that the given action is allowed to be called from a URL.
|
||||||
* It will interrogate {@link self::$allowed_actions} to determine this.
|
* It will interrogate {@link self::$allowed_actions} to determine this.
|
||||||
|
*
|
||||||
|
* @param string $action
|
||||||
|
* @return bool
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function checkAccessAction($action) {
|
public function checkAccessAction($action) {
|
||||||
$actionOrigCasing = $action;
|
$actionOrigCasing = $action;
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initialises the versioned stage when a request is made.
|
* Initialises the versioned stage when a request is made.
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\RandomGenerator;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class ParameterConfirmationToken
|
* Class ParameterConfirmationToken
|
||||||
*
|
*
|
||||||
|
@ -20,24 +20,24 @@ class SS_Backtrace {
|
|||||||
array('mysqli', 'mysqli'),
|
array('mysqli', 'mysqli'),
|
||||||
array('mysqli', 'select_db'),
|
array('mysqli', 'select_db'),
|
||||||
array('SilverStripe\\ORM\\DB', 'connect'),
|
array('SilverStripe\\ORM\\DB', 'connect'),
|
||||||
array('Security', 'check_default_admin'),
|
array('SilverStripe\\Security\\Security', 'check_default_admin'),
|
||||||
array('Security', 'encrypt_password'),
|
array('SilverStripe\\Security\\Security', 'encrypt_password'),
|
||||||
array('Security', 'setDefaultAdmin'),
|
array('SilverStripe\\Security\\Security', 'setDefaultAdmin'),
|
||||||
array('SilverStripe\\ORM\\DB', 'createDatabase'),
|
array('SilverStripe\\ORM\\DB', 'createDatabase'),
|
||||||
array('Member', 'checkPassword'),
|
array('SilverStripe\\Security\\Member', 'checkPassword'),
|
||||||
array('Member', 'changePassword'),
|
array('SilverStripe\\Security\\Member', 'changePassword'),
|
||||||
array('MemberPassword', 'checkPassword'),
|
array('SilverStripe\\Security\\MemberPassword', 'checkPassword'),
|
||||||
array('PasswordValidator', 'validate'),
|
array('SilverStripe\\Security\\PasswordValidator', 'validate'),
|
||||||
array('PasswordEncryptor_PHPHash', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_PHPHash', 'encrypt'),
|
||||||
array('PasswordEncryptor_PHPHash', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_PHPHash', 'salt'),
|
||||||
array('PasswordEncryptor_LegacyPHPHash', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_LegacyPHPHash', 'encrypt'),
|
||||||
array('PasswordEncryptor_LegacyPHPHash', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_LegacyPHPHash', 'salt'),
|
||||||
array('PasswordEncryptor_MySQLPassword', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_MySQLPassword', 'encrypt'),
|
||||||
array('PasswordEncryptor_MySQLPassword', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_MySQLPassword', 'salt'),
|
||||||
array('PasswordEncryptor_MySQLOldPassword', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_MySQLOldPassword', 'encrypt'),
|
||||||
array('PasswordEncryptor_MySQLOldPassword', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_MySQLOldPassword', 'salt'),
|
||||||
array('PasswordEncryptor_Blowfish', 'encrypt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'encrypt'),
|
||||||
array('PasswordEncryptor_Blowfish', 'salt'),
|
array('SilverStripe\\Security\\PasswordEncryptor_Blowfish', 'salt'),
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -113,9 +113,10 @@ class SS_Backtrace {
|
|||||||
/**
|
/**
|
||||||
* Render or return a backtrace from the given scope.
|
* Render or return a backtrace from the given scope.
|
||||||
*
|
*
|
||||||
* @param unknown_type $returnVal
|
* @param mixed $returnVal
|
||||||
* @param unknown_type $ignoreAjax
|
* @param bool $ignoreAjax
|
||||||
* @return unknown
|
* @param array $ignoredFunctions
|
||||||
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public static function backtrace($returnVal = false, $ignoreAjax = false, $ignoredFunctions = null) {
|
public static function backtrace($returnVal = false, $ignoreAjax = false, $ignoredFunctions = null) {
|
||||||
$plainText = Director::is_cli() || (Director::is_ajax() && !$ignoreAjax);
|
$plainText = Director::is_cli() || (Director::is_ajax() && !$ignoreAjax);
|
||||||
@ -132,9 +133,9 @@ class SS_Backtrace {
|
|||||||
* shown
|
* shown
|
||||||
*
|
*
|
||||||
* @param Object $item
|
* @param Object $item
|
||||||
* @param boolean $showArg
|
* @param bool $showArgs
|
||||||
* @param Int $argCharLimit
|
* @param int $argCharLimit
|
||||||
* @return String
|
* @return string
|
||||||
*/
|
*/
|
||||||
public static function full_func_name($item, $showArgs = false, $argCharLimit = 10000) {
|
public static function full_func_name($item, $showArgs = false, $argCharLimit = 10000) {
|
||||||
$funcName = '';
|
$funcName = '';
|
||||||
@ -164,7 +165,7 @@ class SS_Backtrace {
|
|||||||
*
|
*
|
||||||
* @param array $bt The trace array, as returned by debug_backtrace() or Exception::getTrace()
|
* @param array $bt The trace array, as returned by debug_backtrace() or Exception::getTrace()
|
||||||
* @param boolean $plainText Set to false for HTML output, or true for plain-text output
|
* @param boolean $plainText Set to false for HTML output, or true for plain-text output
|
||||||
* @param array List of functions that should be ignored. If not set, a default is provided
|
* @param array $ignoredFunctions List of functions that should be ignored. If not set, a default is provided
|
||||||
* @return string The rendered backtrace
|
* @return string The rendered backtrace
|
||||||
*/
|
*/
|
||||||
public static function get_rendered_backtrace($bt, $plainText = false, $ignoredFunctions = null) {
|
public static function get_rendered_backtrace($bt, $plainText = false, $ignoredFunctions = null) {
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Supports debugging and core error handling.
|
* Supports debugging and core error handling.
|
||||||
@ -30,6 +33,9 @@ class Debug {
|
|||||||
/**
|
/**
|
||||||
* Show the contents of val in a debug-friendly way.
|
* Show the contents of val in a debug-friendly way.
|
||||||
* Debug::show() is intended to be equivalent to dprintr()
|
* Debug::show() is intended to be equivalent to dprintr()
|
||||||
|
*
|
||||||
|
* @param mixed $val
|
||||||
|
* @param bool $showHeader
|
||||||
*/
|
*/
|
||||||
public static function show($val, $showHeader = true) {
|
public static function show($val, $showHeader = true) {
|
||||||
if(!Director::isLive()) {
|
if(!Director::isLive()) {
|
||||||
@ -195,9 +201,9 @@ class Debug {
|
|||||||
// This basically does the same as
|
// This basically does the same as
|
||||||
// Security::permissionFailure(null, "You need to login with developer access to make use of debugging tools.")
|
// Security::permissionFailure(null, "You need to login with developer access to make use of debugging tools.")
|
||||||
// We have to do this because of how early this method is called in execution.
|
// We have to do this because of how early this method is called in execution.
|
||||||
$_SESSION['Security']['Message']['message']
|
$_SESSION['SilverStripe\\Security\\Security']['Message']['message']
|
||||||
= "You need to login with developer access to make use of debugging tools.";
|
= "You need to login with developer access to make use of debugging tools.";
|
||||||
$_SESSION['Security']['Message']['type'] = 'warning';
|
$_SESSION['SilverStripe\\Security\\Security']['Message']['type'] = 'warning';
|
||||||
$_SESSION['BackURL'] = $_SERVER['REQUEST_URI'];
|
$_SESSION['BackURL'] = $_SERVER['REQUEST_URI'];
|
||||||
header($_SERVER['SERVER_PROTOCOL'] . " 302 Found");
|
header($_SERVER['SERVER_PROTOCOL'] . " 302 Found");
|
||||||
header("Location: " . Director::baseURL() . Security::login_url());
|
header("Location: " . Director::baseURL() . Security::login_url());
|
||||||
|
@ -218,7 +218,7 @@ class DebugView extends Object
|
|||||||
*
|
*
|
||||||
* @param string $title The main title
|
* @param string $title The main title
|
||||||
* @param string $subtitle The subtitle
|
* @param string $subtitle The subtitle
|
||||||
* @param string|false $description The description to show
|
* @param string|bool $description The description to show
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function renderInfo($title, $subtitle, $description = false) {
|
public function renderInfo($title, $subtitle, $description = false) {
|
||||||
@ -274,7 +274,7 @@ class DebugView extends Object
|
|||||||
* Render a fragment of the a source file
|
* Render a fragment of the a source file
|
||||||
*
|
*
|
||||||
* @param array $lines An array of file lines; the keys should be the original line numbers
|
* @param array $lines An array of file lines; the keys should be the original line numbers
|
||||||
* @param int errLine The line of the error
|
* @param int $errline The line of the error
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function renderSourceFragment($lines, $errline) {
|
public function renderSourceFragment($lines, $errline) {
|
||||||
|
@ -2,6 +2,10 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DatabaseAdmin;
|
use SilverStripe\ORM\DatabaseAdmin;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\RandomGenerator;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Base class for development tools.
|
* Base class for development tools.
|
||||||
@ -202,7 +206,7 @@ class DevelopmentAdmin extends Controller {
|
|||||||
* Returns the token and suggests PHP configuration to set it.
|
* Returns the token and suggests PHP configuration to set it.
|
||||||
*/
|
*/
|
||||||
public function generatesecuretoken() {
|
public function generatesecuretoken() {
|
||||||
$generator = Injector::inst()->create('RandomGenerator');
|
$generator = Injector::inst()->create('SilverStripe\\Security\\RandomGenerator');
|
||||||
$token = $generator->randomToken('sha1');
|
$token = $generator->randomToken('sha1');
|
||||||
$body = <<<TXT
|
$body = <<<TXT
|
||||||
Generated new token. Please add the following code to your YAML configuration:
|
Generated new token. Please add the following code to your YAML configuration:
|
||||||
|
@ -1,5 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\BasicAuth;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* SilverStripe-specific testing object designed to support functional testing of your web app. It simulates get/post
|
* SilverStripe-specific testing object designed to support functional testing of your web app. It simulates get/post
|
||||||
* requests, form submission, and can validate resulting HTML, looking up content by CSS selector.
|
* requests, form submission, and can validate resulting HTML, looking up content by CSS selector.
|
||||||
@ -362,12 +366,13 @@ class FunctionalTest extends SapphireTest {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Log in as the given member
|
* Log in as the given member
|
||||||
* @param $member The ID, fixture codename, or Member object of the member that you want to log in
|
*
|
||||||
|
* @param Member|int|string $member The ID, fixture codename, or Member object of the member that you want to log in
|
||||||
*/
|
*/
|
||||||
public function logInAs($member) {
|
public function logInAs($member) {
|
||||||
if(is_object($member)) $memberID = $member->ID;
|
if(is_object($member)) $memberID = $member->ID;
|
||||||
elseif(is_numeric($member)) $memberID = $member;
|
elseif(is_numeric($member)) $memberID = $member;
|
||||||
else $memberID = $this->idFromFixture('Member', $member);
|
else $memberID = $this->idFromFixture('SilverStripe\\Security\\Member', $member);
|
||||||
|
|
||||||
$this->session()->inst_set('loggedInAs', $memberID);
|
$this->session()->inst_set('loggedInAs', $memberID);
|
||||||
}
|
}
|
||||||
@ -377,7 +382,7 @@ class FunctionalTest extends SapphireTest {
|
|||||||
* This is helpful if you're not testing publication functionality and don't want "stage management" cluttering
|
* This is helpful if you're not testing publication functionality and don't want "stage management" cluttering
|
||||||
* your test.
|
* your test.
|
||||||
*
|
*
|
||||||
* @param bool toggle the use of the draft site
|
* @param bool $enabled toggle the use of the draft site
|
||||||
*/
|
*/
|
||||||
public function useDraftSite($enabled = true) {
|
public function useDraftSite($enabled = true) {
|
||||||
if($enabled) {
|
if($enabled) {
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
/**
|
/**
|
||||||
* Returns information about the current site instance.
|
* Returns information about the current site instance.
|
||||||
* @package framework
|
* @package framework
|
||||||
|
@ -9,6 +9,11 @@ use SilverStripe\ORM\DataModel;
|
|||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\FieldType\DBField;
|
use SilverStripe\ORM\FieldType\DBField;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -1015,7 +1020,7 @@ class SapphireTest extends PHPUnit_Framework_TestCase {
|
|||||||
$group->Permissions()->add($permission);
|
$group->Permissions()->add($permission);
|
||||||
}
|
}
|
||||||
|
|
||||||
$member = DataObject::get_one('Member', array(
|
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
'"Member"."Email"' => "$permCode@example.org"
|
'"Member"."Email"' => "$permCode@example.org"
|
||||||
));
|
));
|
||||||
if (!$member) {
|
if (!$member) {
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage dev
|
* @subpackage dev
|
||||||
@ -59,6 +62,9 @@ class TaskRunner extends Controller {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
*/
|
||||||
public function runTask($request) {
|
public function runTask($request) {
|
||||||
$name = $request->param('TaskName');
|
$name = $request->param('TaskName');
|
||||||
$tasks = $this->getTasks();
|
$tasks = $this->getTasks();
|
||||||
|
@ -31,6 +31,7 @@
|
|||||||
* `File` is now versioned, and should be published before they can be used on the frontend.
|
* `File` is now versioned, and should be published before they can be used on the frontend.
|
||||||
See section on [Migrating File DataObject from 3.x to 4.0](#migrating-file-dataobject-from-3x-to-40)
|
See section on [Migrating File DataObject from 3.x to 4.0](#migrating-file-dataobject-from-3x-to-40)
|
||||||
below for upgrade notes.
|
below for upgrade notes.
|
||||||
|
* Removed `RegenerateCachedImagesTask`
|
||||||
* Removed `dev/tests/` controller in favour of standard `vendor/bin/phpunit` command
|
* Removed `dev/tests/` controller in favour of standard `vendor/bin/phpunit` command
|
||||||
* Updated PHPUnit from 3.7 to 4.8 ([upgrade notes](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announcement-for-PHPUnit-4.0.0#backwards-compatibility-issues)).
|
* Updated PHPUnit from 3.7 to 4.8 ([upgrade notes](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announcement-for-PHPUnit-4.0.0#backwards-compatibility-issues)).
|
||||||
Please remove any PHPUnit related `require_once()` calls (e.g. in `FeatureContext`
|
Please remove any PHPUnit related `require_once()` calls (e.g. in `FeatureContext`
|
||||||
|
@ -4,13 +4,15 @@ namespace SilverStripe\Filesystem;
|
|||||||
|
|
||||||
|
|
||||||
use Injector;
|
use Injector;
|
||||||
use Member;
|
|
||||||
|
|
||||||
use SilverStripe\Filesystem\Storage\AssetStore;
|
use SilverStripe\Filesystem\Storage\AssetStore;
|
||||||
use SilverStripe\Filesystem\Storage\DBFile;
|
use SilverStripe\Filesystem\Storage\DBFile;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DataExtension;
|
use SilverStripe\ORM\DataExtension;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -9,6 +9,9 @@ use SilverStripe\ORM\Versioning\Versioned;
|
|||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -100,7 +103,7 @@ class File extends DataObject implements ShortcodeHandler, AssetContainer, Thumb
|
|||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
"Parent" => "File",
|
"Parent" => "File",
|
||||||
"Owner" => "Member"
|
"Owner" => "SilverStripe\\Security\\Member"
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $defaults = array(
|
private static $defaults = array(
|
||||||
@ -186,7 +189,7 @@ class File extends DataObject implements ShortcodeHandler, AssetContainer, Thumb
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @config
|
* @config
|
||||||
* @var If this is true, then restrictions set in {@link $allowed_max_file_size} and
|
* @var bool If this is true, then restrictions set in {@link $allowed_max_file_size} and
|
||||||
* {@link $allowed_extensions} will be applied to users with admin privileges as
|
* {@link $allowed_extensions} will be applied to users with admin privileges as
|
||||||
* well.
|
* well.
|
||||||
*/
|
*/
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A collection of static methods for manipulating the filesystem.
|
* A collection of static methods for manipulating the filesystem.
|
||||||
*
|
*
|
||||||
@ -105,9 +108,10 @@ class Filesystem extends Object {
|
|||||||
/**
|
/**
|
||||||
* Return the most recent modification time of anything in the folder.
|
* Return the most recent modification time of anything in the folder.
|
||||||
*
|
*
|
||||||
* @param $folder The folder, relative to the site root
|
* @param string $folder The folder, relative to the site root
|
||||||
* @param $extensionList An option array of file extensions to limit the search to
|
* @param array $extensionList An option array of file extensions to limit the search to
|
||||||
* @return String Same as filemtime() format.
|
* @param bool $recursiveCall Not used
|
||||||
|
* @return string Same as filemtime() format.
|
||||||
*/
|
*/
|
||||||
public static function folderModTime($folder, $extensionList = null, $recursiveCall = false) {
|
public static function folderModTime($folder, $extensionList = null, $recursiveCall = false) {
|
||||||
//$cacheID = $folder . ',' . implode(',', $extensionList);
|
//$cacheID = $folder . ',' . implode(',', $extensionList);
|
||||||
|
@ -4,6 +4,8 @@ use SilverStripe\Filesystem\Storage\AssetContainer;
|
|||||||
use SilverStripe\Filesystem\Storage\AssetNameGenerator;
|
use SilverStripe\Filesystem\Storage\AssetNameGenerator;
|
||||||
use SilverStripe\Filesystem\Storage\AssetStore;
|
use SilverStripe\Filesystem\Storage\AssetStore;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -148,8 +150,8 @@ class Upload extends Controller {
|
|||||||
/**
|
/**
|
||||||
* Save an file passed from a form post into the AssetStore directly
|
* Save an file passed from a form post into the AssetStore directly
|
||||||
*
|
*
|
||||||
* @param $tmpFile array Indexed array that PHP generated for every file it uploads.
|
* @param array $tmpFile Indexed array that PHP generated for every file it uploads.
|
||||||
* @param $folderPath string Folder path relative to /assets
|
* @param string|bool $folderPath Folder path relative to /assets
|
||||||
* @return array|false Either the tuple array, or false if the file could not be saved
|
* @return array|false Either the tuple array, or false if the file could not be saved
|
||||||
*/
|
*/
|
||||||
public function load($tmpFile, $folderPath = false) {
|
public function load($tmpFile, $folderPath = false) {
|
||||||
@ -174,7 +176,9 @@ class Upload extends Controller {
|
|||||||
*
|
*
|
||||||
* @param array $tmpFile
|
* @param array $tmpFile
|
||||||
* @param AssetContainer $file
|
* @param AssetContainer $file
|
||||||
|
* @param string|bool $folderPath
|
||||||
* @return bool True if the file was successfully saved into this record
|
* @return bool True if the file was successfully saved into this record
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function loadIntoFile($tmpFile, $file = null, $folderPath = false) {
|
public function loadIntoFile($tmpFile, $file = null, $folderPath = false) {
|
||||||
$this->file = $file;
|
$this->file = $file;
|
||||||
|
@ -10,12 +10,14 @@ use Injector;
|
|||||||
use AssetField;
|
use AssetField;
|
||||||
use File;
|
use File;
|
||||||
use Director;
|
use Director;
|
||||||
use Permission;
|
|
||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
use SilverStripe\ORM\ValidationException;
|
use SilverStripe\ORM\ValidationException;
|
||||||
use SilverStripe\ORM\FieldType\DBComposite;
|
use SilverStripe\ORM\FieldType\DBComposite;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -6,6 +6,8 @@ use SilverStripe\Filesystem\Storage\DBFile;
|
|||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\ValidationException;
|
use SilverStripe\ORM\ValidationException;
|
||||||
use SilverStripe\ORM\DataObjectInterface;
|
use SilverStripe\ORM\DataObjectInterface;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -149,7 +151,6 @@ class AssetField extends FileField {
|
|||||||
*
|
*
|
||||||
* @param string $name The internal field name, passed to forms.
|
* @param string $name The internal field name, passed to forms.
|
||||||
* @param string $title The field label.
|
* @param string $title The field label.
|
||||||
* @param Form $form Reference to the container form
|
|
||||||
*/
|
*/
|
||||||
public function __construct($name, $title = null) {
|
public function __construct($name, $title = null) {
|
||||||
$this->addExtraClass('ss-upload'); // class, used by js
|
$this->addExtraClass('ss-upload'); // class, used by js
|
||||||
@ -237,7 +238,9 @@ class AssetField extends FileField {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Force a record to be used as "Parent" for uploaded Files (eg a Page with a has_one to File)
|
* Force a record to be used as "Parent" for uploaded Files (eg a Page with a has_one to File)
|
||||||
|
*
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setRecord($record) {
|
public function setRecord($record) {
|
||||||
$this->record = $record;
|
$this->record = $record;
|
||||||
@ -444,7 +447,7 @@ class AssetField extends FileField {
|
|||||||
* Defaults to 'ss-uploadfield-uploadtemplate'
|
* Defaults to 'ss-uploadfield-uploadtemplate'
|
||||||
*
|
*
|
||||||
* @see javascript/UploadField_uploadtemplate.js
|
* @see javascript/UploadField_uploadtemplate.js
|
||||||
* @var string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getUploadTemplateName() {
|
public function getUploadTemplateName() {
|
||||||
return $this->getConfig('uploadTemplateName');
|
return $this->getConfig('uploadTemplateName');
|
||||||
@ -465,7 +468,7 @@ class AssetField extends FileField {
|
|||||||
* Defaults to 'ss-downloadfield-downloadtemplate'
|
* Defaults to 'ss-downloadfield-downloadtemplate'
|
||||||
*
|
*
|
||||||
* @see javascript/DownloadField_downloadtemplate.js
|
* @see javascript/DownloadField_downloadtemplate.js
|
||||||
* @var string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getDownloadTemplateName() {
|
public function getDownloadTemplateName() {
|
||||||
return $this->getConfig('downloadTemplateName');
|
return $this->getConfig('downloadTemplateName');
|
||||||
@ -753,7 +756,7 @@ class AssetField extends FileField {
|
|||||||
* Gets the foreign class that needs to be created, or 'File' as default if there
|
* Gets the foreign class that needs to be created, or 'File' as default if there
|
||||||
* is no relationship, or it cannot be determined.
|
* is no relationship, or it cannot be determined.
|
||||||
*
|
*
|
||||||
* @param $default Default value to return if no value could be calculated
|
* @param string $default Default value to return if no value could be calculated
|
||||||
* @return string Foreign class name.
|
* @return string Foreign class name.
|
||||||
*/
|
*/
|
||||||
public function getRelationAutosetClass($default = 'File') {
|
public function getRelationAutosetClass($default = 'File') {
|
||||||
|
@ -2,6 +2,9 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\DataObjectInterface;
|
use SilverStripe\ORM\DataObjectInterface;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Two masked input fields, checks for matching passwords.
|
* Two masked input fields, checks for matching passwords.
|
||||||
@ -141,7 +144,7 @@ class ConfirmedPasswordField extends FormField {
|
|||||||
/**
|
/**
|
||||||
* @param array $properties
|
* @param array $properties
|
||||||
*
|
*
|
||||||
* @return HTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function Field($properties = array()) {
|
public function Field($properties = array()) {
|
||||||
Requirements::javascript(FRAMEWORK_DIR . '/thirdparty/jquery/jquery.js');
|
Requirements::javascript(FRAMEWORK_DIR . '/thirdparty/jquery/jquery.js');
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A simple extension to dropdown field, pre-configured to list countries.
|
* A simple extension to dropdown field, pre-configured to list countries.
|
||||||
* It will default to the country of the current visitor.
|
* It will default to the country of the current visitor.
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Dropdown field, created from a <select> tag.
|
* Dropdown field, created from a <select> tag.
|
||||||
*
|
*
|
||||||
@ -112,7 +114,7 @@ class DropdownField extends SingleSelectField {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $properties
|
* @param array $properties
|
||||||
* @return HTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function Field($properties = array()) {
|
public function Field($properties = array()) {
|
||||||
$options = array();
|
$options = array();
|
||||||
|
@ -89,6 +89,7 @@ class FieldGroup extends CompositeField {
|
|||||||
$compositeTitle .= $subfield->getName();
|
$compositeTitle .= $subfield->getName();
|
||||||
if($subfield->getName()) $count++;
|
if($subfield->getName()) $count++;
|
||||||
}
|
}
|
||||||
|
/** @skipUpgrade */
|
||||||
if($count == 1) $compositeTitle .= 'Group';
|
if($count == 1) $compositeTitle .= 'Group';
|
||||||
return preg_replace("/[^a-zA-Z0-9]+/", "", $compositeTitle);
|
return preg_replace("/[^a-zA-Z0-9]+/", "", $compositeTitle);
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\FieldType\DBField;
|
use SilverStripe\ORM\FieldType\DBField;
|
||||||
use SilverStripe\ORM\DataObjectInterface;
|
use SilverStripe\ORM\DataObjectInterface;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
use SilverStripe\ORM\SS_List;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
use SilverStripe\Security\NullSecurityToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Base class for all forms.
|
* Base class for all forms.
|
||||||
* The form class is an extensible base for all forms on a SilverStripe application. It can be used
|
* The form class is an extensible base for all forms on a SilverStripe application. It can be used
|
||||||
@ -700,6 +706,7 @@ class Form extends RequestHandler {
|
|||||||
* Set actions that are exempt from validation
|
* Set actions that are exempt from validation
|
||||||
*
|
*
|
||||||
* @param array
|
* @param array
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setValidationExemptActions($actions) {
|
public function setValidationExemptActions($actions) {
|
||||||
$this->validationExemptActions = $actions;
|
$this->validationExemptActions = $actions;
|
||||||
@ -855,7 +862,8 @@ class Form extends RequestHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string $name
|
* @param string $name
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getAttribute($name) {
|
public function getAttribute($name) {
|
||||||
if(isset($this->attributes[$name])) return $this->attributes[$name];
|
if(isset($this->attributes[$name])) return $this->attributes[$name];
|
||||||
@ -887,7 +895,7 @@ class Form extends RequestHandler {
|
|||||||
/**
|
/**
|
||||||
* Return the attributes of the form tag - used by the templates.
|
* Return the attributes of the form tag - used by the templates.
|
||||||
*
|
*
|
||||||
* @param array Custom attributes to process. Falls back to {@link getAttributes()}.
|
* @param array $attrs Custom attributes to process. Falls back to {@link getAttributes()}.
|
||||||
* If at least one argument is passed as a string, all arguments act as excludes by name.
|
* If at least one argument is passed as a string, all arguments act as excludes by name.
|
||||||
*
|
*
|
||||||
* @return string HTML attributes, ready for insertion into an HTML tag
|
* @return string HTML attributes, ready for insertion into an HTML tag
|
||||||
@ -966,7 +974,7 @@ class Form extends RequestHandler {
|
|||||||
* Set the target of this form to any value - useful for opening the form
|
* Set the target of this form to any value - useful for opening the form
|
||||||
* contents in a new window or refreshing another frame.
|
* contents in a new window or refreshing another frame.
|
||||||
*
|
*
|
||||||
* @param target $target The value of the target
|
* @param string $target The value of the target
|
||||||
* @return $this
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTarget($target) {
|
public function setTarget($target) {
|
||||||
@ -1611,7 +1619,7 @@ class Form extends RequestHandler {
|
|||||||
* This is returned when you access a form as $FormObject rather
|
* This is returned when you access a form as $FormObject rather
|
||||||
* than <% with FormObject %>
|
* than <% with FormObject %>
|
||||||
*
|
*
|
||||||
* @return HTML
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function forTemplate() {
|
public function forTemplate() {
|
||||||
$return = $this->renderWith(array_merge(
|
$return = $this->renderWith(array_merge(
|
||||||
@ -1631,7 +1639,7 @@ class Form extends RequestHandler {
|
|||||||
* It triggers slightly different behaviour, such as disabling the rewriting
|
* It triggers slightly different behaviour, such as disabling the rewriting
|
||||||
* of # links.
|
* of # links.
|
||||||
*
|
*
|
||||||
* @return HTML
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function forAjaxTemplate() {
|
public function forAjaxTemplate() {
|
||||||
$view = new SSViewer(array(
|
$view = new SSViewer(array(
|
||||||
@ -1654,7 +1662,7 @@ class Form extends RequestHandler {
|
|||||||
* and _form_enctype. These are the attributes of the form. These fields
|
* and _form_enctype. These are the attributes of the form. These fields
|
||||||
* can be used to send the form to Ajax.
|
* can be used to send the form to Ajax.
|
||||||
*
|
*
|
||||||
* @return HTML
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function formHtmlContent() {
|
public function formHtmlContent() {
|
||||||
$this->IncludeFormTag = false;
|
$this->IncludeFormTag = false;
|
||||||
@ -1674,7 +1682,7 @@ class Form extends RequestHandler {
|
|||||||
* Render this form using the given template, and return the result as a string
|
* Render this form using the given template, and return the result as a string
|
||||||
* You can pass either an SSViewer or a template name
|
* You can pass either an SSViewer or a template name
|
||||||
* @param string|array $template
|
* @param string|array $template
|
||||||
* @return HTMLText
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function renderWithoutActionButton($template) {
|
public function renderWithoutActionButton($template) {
|
||||||
$custom = $this->customise(array(
|
$custom = $this->customise(array(
|
||||||
|
@ -1201,7 +1201,8 @@ class FormField extends RequestHandler {
|
|||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function Type() {
|
public function Type() {
|
||||||
return strtolower(preg_replace('/Field$/', '', $this->class));
|
$type = new ReflectionClass($this);
|
||||||
|
return strtolower(preg_replace('/Field$/', '', $type->getShortName()));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -41,9 +41,9 @@ class FormTemplateHelper {
|
|||||||
return Convert::raw2htmlid($id);
|
return Convert::raw2htmlid($id);
|
||||||
}
|
}
|
||||||
|
|
||||||
return Convert::raw2htmlid(
|
$reflection = new ReflectionClass($form);
|
||||||
get_class($form) . '_' . str_replace(array('.', '/'), '', $form->getName())
|
$shortName = str_replace(array('.', '/'), '', $form->getName());
|
||||||
);
|
return Convert::raw2htmlid($reflection->getShortName() . '_' . $shortName);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Dropdown-like field that allows you to select an item from a hierarchical
|
* Dropdown-like field that allows you to select an item from a hierarchical
|
||||||
* AJAX-expandable tree.
|
* AJAX-expandable tree.
|
||||||
@ -95,7 +97,7 @@ class TreeDropdownField extends FormField {
|
|||||||
* @param bool $showSearch enable the ability to search the tree by
|
* @param bool $showSearch enable the ability to search the tree by
|
||||||
* entering the text in the input field.
|
* entering the text in the input field.
|
||||||
*/
|
*/
|
||||||
public function __construct($name, $title = null, $sourceObject = 'Group', $keyField = 'ID',
|
public function __construct($name, $title = null, $sourceObject = 'SilverStripe\\Security\\Group', $keyField = 'ID',
|
||||||
$labelField = 'TreeTitle', $showSearch = true
|
$labelField = 'TreeTitle', $showSearch = true
|
||||||
) {
|
) {
|
||||||
|
|
||||||
@ -120,6 +122,7 @@ class TreeDropdownField extends FormField {
|
|||||||
* displays the whole tree.
|
* displays the whole tree.
|
||||||
*
|
*
|
||||||
* @param int $ID
|
* @param int $ID
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTreeBaseID($ID) {
|
public function setTreeBaseID($ID) {
|
||||||
$this->baseID = (int) $ID;
|
$this->baseID = (int) $ID;
|
||||||
@ -131,6 +134,7 @@ class TreeDropdownField extends FormField {
|
|||||||
* displaying to the user.
|
* displaying to the user.
|
||||||
*
|
*
|
||||||
* @param callback $callback
|
* @param callback $callback
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setFilterFunction($callback) {
|
public function setFilterFunction($callback) {
|
||||||
if(!is_callable($callback, true)) {
|
if(!is_callable($callback, true)) {
|
||||||
@ -145,6 +149,7 @@ class TreeDropdownField extends FormField {
|
|||||||
* Set a callback used to disable checkboxes for some items in the tree
|
* Set a callback used to disable checkboxes for some items in the tree
|
||||||
*
|
*
|
||||||
* @param callback $callback
|
* @param callback $callback
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setDisableFunction($callback) {
|
public function setDisableFunction($callback) {
|
||||||
if(!is_callable($callback, true)) {
|
if(!is_callable($callback, true)) {
|
||||||
@ -160,6 +165,7 @@ class TreeDropdownField extends FormField {
|
|||||||
* applying the filter.
|
* applying the filter.
|
||||||
*
|
*
|
||||||
* @param callback $callback
|
* @param callback $callback
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setSearchFunction($callback) {
|
public function setSearchFunction($callback) {
|
||||||
if(!is_callable($callback, true)) {
|
if(!is_callable($callback, true)) {
|
||||||
@ -175,7 +181,8 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Boolean
|
* @param bool $bool
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setShowSearch($bool) {
|
public function setShowSearch($bool) {
|
||||||
$this->showSearch = $bool;
|
$this->showSearch = $bool;
|
||||||
@ -183,12 +190,13 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $method The parameter to ChildrenMethod to use when calling Hierarchy->getChildrenAsUL in
|
* @param string $method The parameter to ChildrenMethod to use when calling Hierarchy->getChildrenAsUL in
|
||||||
* {@link Hierarchy}. The method specified determines the structure of the returned list. Use "ChildFolders"
|
* {@link Hierarchy}. The method specified determines the structure of the returned list. Use "ChildFolders"
|
||||||
* in place of the default to get a drop-down listing with only folders, i.e. not including the child elements in
|
* in place of the default to get a drop-down listing with only folders, i.e. not including the child elements in
|
||||||
* the currently selected folder. setNumChildrenMethod() should be used as well for proper functioning.
|
* the currently selected folder. setNumChildrenMethod() should be used as well for proper functioning.
|
||||||
*
|
*
|
||||||
* See {@link Hierarchy} for a complete list of possible methods.
|
* See {@link Hierarchy} for a complete list of possible methods.
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setChildrenMethod($method) {
|
public function setChildrenMethod($method) {
|
||||||
$this->childrenMethod = $method;
|
$this->childrenMethod = $method;
|
||||||
@ -196,9 +204,10 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $method The parameter to numChildrenMethod to use when calling Hierarchy->getChildrenAsUL in
|
* @param string $method The parameter to numChildrenMethod to use when calling Hierarchy->getChildrenAsUL in
|
||||||
* {@link Hierarchy}. Should be used in conjunction with setChildrenMethod().
|
* {@link Hierarchy}. Should be used in conjunction with setChildrenMethod().
|
||||||
*
|
*
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setNumChildrenMethod($method) {
|
public function setNumChildrenMethod($method) {
|
||||||
$this->numChildrenMethod = $method;
|
$this->numChildrenMethod = $method;
|
||||||
@ -206,7 +215,8 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return HTMLText
|
* @param array $properties
|
||||||
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function Field($properties = array()) {
|
public function Field($properties = array()) {
|
||||||
Requirements::add_i18n_javascript(FRAMEWORK_DIR . '/client/lang');
|
Requirements::add_i18n_javascript(FRAMEWORK_DIR . '/client/lang');
|
||||||
@ -263,6 +273,7 @@ class TreeDropdownField extends FormField {
|
|||||||
*
|
*
|
||||||
* @param SS_HTTPRequest $request
|
* @param SS_HTTPRequest $request
|
||||||
* @return string
|
* @return string
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function tree(SS_HTTPRequest $request) {
|
public function tree(SS_HTTPRequest $request) {
|
||||||
// Array sourceObject is an explicit list of values - construct a "flat tree"
|
// Array sourceObject is an explicit list of values - construct a "flat tree"
|
||||||
@ -387,8 +398,8 @@ class TreeDropdownField extends FormField {
|
|||||||
* Marking public function for the tree, which combines different filters sensibly.
|
* Marking public function for the tree, which combines different filters sensibly.
|
||||||
* If a filter function has been set, that will be called. And if search text is set,
|
* If a filter function has been set, that will be called. And if search text is set,
|
||||||
* filter on that too. Return true if all applicable conditions are true, false otherwise.
|
* filter on that too. Return true if all applicable conditions are true, false otherwise.
|
||||||
* @param $node
|
* @param object $node
|
||||||
* @return unknown_type
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function filterMarking($node) {
|
public function filterMarking($node) {
|
||||||
if ($this->filterCallback && !call_user_func($this->filterCallback, $node)) return false;
|
if ($this->filterCallback && !call_user_func($this->filterCallback, $node)) return false;
|
||||||
@ -409,7 +420,8 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String $field
|
* @param string $field
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setLabelField($field) {
|
public function setLabelField($field) {
|
||||||
$this->labelField = $field;
|
$this->labelField = $field;
|
||||||
@ -424,7 +436,8 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String $field
|
* @param string $field
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setKeyField($field) {
|
public function setKeyField($field) {
|
||||||
$this->keyField = $field;
|
$this->keyField = $field;
|
||||||
@ -439,7 +452,8 @@ class TreeDropdownField extends FormField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String $field
|
* @param string $class
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setSourceObject($class) {
|
public function setSourceObject($class) {
|
||||||
$this->sourceObject = $class;
|
$this->sourceObject = $class;
|
||||||
|
@ -3,6 +3,8 @@
|
|||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\DataObjectInterface;
|
use SilverStripe\ORM\DataObjectInterface;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This formfield represents many-many joins using a tree selector shown in a dropdown styled element
|
* This formfield represents many-many joins using a tree selector shown in a dropdown styled element
|
||||||
* which can be added to any form usually in the CMS.
|
* which can be added to any form usually in the CMS.
|
||||||
@ -48,7 +50,7 @@ use SilverStripe\ORM\DataObjectInterface;
|
|||||||
* @subpackage fields-relational
|
* @subpackage fields-relational
|
||||||
*/
|
*/
|
||||||
class TreeMultiselectField extends TreeDropdownField {
|
class TreeMultiselectField extends TreeDropdownField {
|
||||||
public function __construct($name, $title=null, $sourceObject="Group", $keyField="ID", $labelField="Title") {
|
public function __construct($name, $title=null, $sourceObject="SilverStripe\\Security\\Group", $keyField="ID", $labelField="Title") {
|
||||||
parent::__construct($name, $title, $sourceObject, $keyField, $labelField);
|
parent::__construct($name, $title, $sourceObject, $keyField, $labelField);
|
||||||
$this->removeExtraClass('single');
|
$this->removeExtraClass('single');
|
||||||
$this->addExtraClass('multiple');
|
$this->addExtraClass('multiple');
|
||||||
@ -88,9 +90,13 @@ class TreeMultiselectField extends TreeDropdownField {
|
|||||||
return $record->$fieldName();
|
return $record->$fieldName();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* We overwrite the field attribute to add our hidden fields, as this
|
* We overwrite the field attribute to add our hidden fields, as this
|
||||||
* formfield can contain multiple values.
|
* formfield can contain multiple values.
|
||||||
|
*
|
||||||
|
* @param array $properties
|
||||||
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function Field($properties = array()) {
|
public function Field($properties = array()) {
|
||||||
Requirements::add_i18n_javascript(FRAMEWORK_DIR . '/client/lang');
|
Requirements::add_i18n_javascript(FRAMEWORK_DIR . '/client/lang');
|
||||||
@ -146,6 +152,8 @@ class TreeMultiselectField extends TreeDropdownField {
|
|||||||
* Save the results into the form
|
* Save the results into the form
|
||||||
* Calls function $record->onChange($items) before saving to the assummed
|
* Calls function $record->onChange($items) before saving to the assummed
|
||||||
* Component set.
|
* Component set.
|
||||||
|
*
|
||||||
|
* @param DataObjectInterface $record
|
||||||
*/
|
*/
|
||||||
public function saveInto(DataObjectInterface $record) {
|
public function saveInto(DataObjectInterface $record) {
|
||||||
// Detect whether this field has actually been updated
|
// Detect whether this field has actually been updated
|
||||||
|
@ -9,6 +9,8 @@ use SilverStripe\ORM\DataObjectInterface;
|
|||||||
use SilverStripe\ORM\RelationList;
|
use SilverStripe\ORM\RelationList;
|
||||||
use SilverStripe\ORM\UnsavedRelationList;
|
use SilverStripe\ORM\UnsavedRelationList;
|
||||||
use SilverStripe\ORM\DataList;
|
use SilverStripe\ORM\DataList;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -220,7 +222,6 @@ class UploadField extends FileField {
|
|||||||
* @param string $title The field label.
|
* @param string $title The field label.
|
||||||
* @param SS_List $items If no items are defined, the field will try to auto-detect an existing relation on
|
* @param SS_List $items If no items are defined, the field will try to auto-detect an existing relation on
|
||||||
* @link $record}, with the same name as the field name.
|
* @link $record}, with the same name as the field name.
|
||||||
* @param Form $form Reference to the container form
|
|
||||||
*/
|
*/
|
||||||
public function __construct($name, $title = null, SS_List $items = null) {
|
public function __construct($name, $title = null, SS_List $items = null) {
|
||||||
|
|
||||||
@ -248,7 +249,8 @@ class UploadField extends FileField {
|
|||||||
/**
|
/**
|
||||||
* Set name of template used for Buttons on each file (replace, edit, remove, delete) (without path or extension)
|
* Set name of template used for Buttons on each file (replace, edit, remove, delete) (without path or extension)
|
||||||
*
|
*
|
||||||
* @param string
|
* @param string $template
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTemplateFileButtons($template) {
|
public function setTemplateFileButtons($template) {
|
||||||
$this->templateFileButtons = $template;
|
$this->templateFileButtons = $template;
|
||||||
@ -265,7 +267,8 @@ class UploadField extends FileField {
|
|||||||
/**
|
/**
|
||||||
* Set name of template used for the edit (inline & popup) of a file file (without path or extension)
|
* Set name of template used for the edit (inline & popup) of a file file (without path or extension)
|
||||||
*
|
*
|
||||||
* @param string
|
* @param string $template
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setTemplateFileEdit($template) {
|
public function setTemplateFileEdit($template) {
|
||||||
$this->templateFileEdit = $template;
|
$this->templateFileEdit = $template;
|
||||||
@ -328,7 +331,8 @@ class UploadField extends FileField {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param String
|
* @param string $name
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setDisplayFolderName($name) {
|
public function setDisplayFolderName($name) {
|
||||||
$this->displayFolderName = $name;
|
$this->displayFolderName = $name;
|
||||||
@ -344,7 +348,9 @@ class UploadField extends FileField {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Force a record to be used as "Parent" for uploaded Files (eg a Page with a has_one to File)
|
* Force a record to be used as "Parent" for uploaded Files (eg a Page with a has_one to File)
|
||||||
|
*
|
||||||
* @param DataObject $record
|
* @param DataObject $record
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setRecord($record) {
|
public function setRecord($record) {
|
||||||
$this->record = $record;
|
$this->record = $record;
|
||||||
@ -389,6 +395,7 @@ class UploadField extends FileField {
|
|||||||
* @param array|DataObject|SS_List $record Full source record, either as a DataObject,
|
* @param array|DataObject|SS_List $record Full source record, either as a DataObject,
|
||||||
* SS_List of items, or an array of submitted form data
|
* SS_List of items, or an array of submitted form data
|
||||||
* @return $this Self reference
|
* @return $this Self reference
|
||||||
|
* @throws ValidationException
|
||||||
*/
|
*/
|
||||||
public function setValue($value, $record = null) {
|
public function setValue($value, $record = null) {
|
||||||
|
|
||||||
@ -727,7 +734,7 @@ class UploadField extends FileField {
|
|||||||
* Defaults to 'ss-uploadfield-uploadtemplate'
|
* Defaults to 'ss-uploadfield-uploadtemplate'
|
||||||
*
|
*
|
||||||
* @see javascript/UploadField_uploadtemplate.js
|
* @see javascript/UploadField_uploadtemplate.js
|
||||||
* @var string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getUploadTemplateName() {
|
public function getUploadTemplateName() {
|
||||||
return $this->getConfig('uploadTemplateName');
|
return $this->getConfig('uploadTemplateName');
|
||||||
@ -748,7 +755,7 @@ class UploadField extends FileField {
|
|||||||
* Defaults to 'ss-downloadfield-downloadtemplate'
|
* Defaults to 'ss-downloadfield-downloadtemplate'
|
||||||
*
|
*
|
||||||
* @see javascript/DownloadField_downloadtemplate.js
|
* @see javascript/DownloadField_downloadtemplate.js
|
||||||
* @var string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getDownloadTemplateName() {
|
public function getDownloadTemplateName() {
|
||||||
return $this->getConfig('downloadTemplateName');
|
return $this->getConfig('downloadTemplateName');
|
||||||
@ -1295,6 +1302,7 @@ class UploadField extends FileField {
|
|||||||
* Determines if a specified file exists
|
* Determines if a specified file exists
|
||||||
*
|
*
|
||||||
* @param SS_HTTPRequest $request
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return SS_HTTPResponse
|
||||||
*/
|
*/
|
||||||
public function fileexists(SS_HTTPRequest $request) {
|
public function fileexists(SS_HTTPRequest $request) {
|
||||||
// Assert that requested filename doesn't attempt to escape the directory
|
// Assert that requested filename doesn't attempt to escape the directory
|
||||||
@ -1327,7 +1335,7 @@ class UploadField extends FileField {
|
|||||||
* Gets the foreign class that needs to be created, or 'File' as default if there
|
* Gets the foreign class that needs to be created, or 'File' as default if there
|
||||||
* is no relationship, or it cannot be determined.
|
* is no relationship, or it cannot be determined.
|
||||||
*
|
*
|
||||||
* @param $default Default value to return if no value could be calculated
|
* @param string $default Default value to return if no value could be calculated
|
||||||
* @return string Foreign class name.
|
* @return string Foreign class name.
|
||||||
*/
|
*/
|
||||||
public function getRelationAutosetClass($default = 'File') {
|
public function getRelationAutosetClass($default = 'File') {
|
||||||
@ -1605,7 +1613,7 @@ class UploadField_SelectHandler extends RequestHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $folderID The ID of the folder to display.
|
* @param int $folderID The ID of the folder to display.
|
||||||
* @return FormField
|
* @return FormField
|
||||||
*/
|
*/
|
||||||
protected function getListField($folderID) {
|
protected function getListField($folderID) {
|
||||||
|
@ -3,6 +3,9 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
|
use SilverStripe\ORM\FieldType\DBHTMLText;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -81,10 +84,11 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
|
|||||||
/**
|
/**
|
||||||
* Handle the print action.
|
* Handle the print action.
|
||||||
*
|
*
|
||||||
* @param GridField
|
* @param GridField $gridField
|
||||||
* @param string
|
* @param string $actionName
|
||||||
* @param array
|
* @param array $arguments
|
||||||
* @param array
|
* @param array $data
|
||||||
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function handleAction(GridField $gridField, $actionName, $arguments, $data) {
|
public function handleAction(GridField $gridField, $actionName, $arguments, $data) {
|
||||||
if($actionName == 'print') {
|
if($actionName == 'print') {
|
||||||
@ -106,6 +110,10 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Handle the print, for both the action button and the URL
|
* Handle the print, for both the action button and the URL
|
||||||
|
*
|
||||||
|
* @param GridField $gridField
|
||||||
|
* @param SS_HTTPRequest $request
|
||||||
|
* @return DBHTMLText
|
||||||
*/
|
*/
|
||||||
public function handlePrint($gridField, $request = null) {
|
public function handlePrint($gridField, $request = null) {
|
||||||
set_time_limit(60);
|
set_time_limit(60);
|
||||||
@ -172,7 +180,8 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
|
|||||||
/**
|
/**
|
||||||
* Export core.
|
* Export core.
|
||||||
*
|
*
|
||||||
* @param GridField
|
* @param GridField $gridField
|
||||||
|
* @return ArrayData
|
||||||
*/
|
*/
|
||||||
public function generatePrintData(GridField $gridField) {
|
public function generatePrintData(GridField $gridField) {
|
||||||
$printColumns = $this->getPrintColumnsForGridField($gridField);
|
$printColumns = $this->getPrintColumnsForGridField($gridField);
|
||||||
@ -234,7 +243,8 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array
|
* @param array $cols
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setPrintColumns($cols) {
|
public function setPrintColumns($cols) {
|
||||||
$this->printColumns = $cols;
|
$this->printColumns = $cols;
|
||||||
@ -250,7 +260,8 @@ class GridFieldPrintButton implements GridField_HTMLProvider, GridField_ActionPr
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param boolean
|
* @param bool $bool
|
||||||
|
* @return $this
|
||||||
*/
|
*/
|
||||||
public function setPrintHasHeader($bool) {
|
public function setPrintHasHeader($bool) {
|
||||||
$this->printHasHeader = $bool;
|
$this->printHasHeader = $bool;
|
||||||
|
5
main.php
5
main.php
@ -2,6 +2,9 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/************************************************************************************
|
/************************************************************************************
|
||||||
************************************************************************************
|
************************************************************************************
|
||||||
@ -162,7 +165,7 @@ $chain
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Fail and redirect the user to the login page
|
// Fail and redirect the user to the login page
|
||||||
$loginPage = Director::absoluteURL(Config::inst()->get('Security', 'login_url'));
|
$loginPage = Director::absoluteURL(Security::config()->login_url);
|
||||||
$loginPage .= "?BackURL=" . urlencode($_SERVER['REQUEST_URI']);
|
$loginPage .= "?BackURL=" . urlencode($_SERVER['REQUEST_URI']);
|
||||||
header('location: '.$loginPage, true, 302);
|
header('location: '.$loginPage, true, 302);
|
||||||
die;
|
die;
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
/**
|
/**
|
||||||
* Cleans up leftover databases from aborted test executions (starting with ss_tmpdb)
|
* Cleans up leftover databases from aborted test executions (starting with ss_tmpdb)
|
||||||
* Task is restricted to users with administrator rights or running through CLI.
|
* Task is restricted to users with administrator rights or running through CLI.
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encrypt all passwords
|
* Encrypt all passwords
|
||||||
*
|
*
|
||||||
@ -37,7 +41,7 @@ class EncryptAllPasswordsTask extends BuildTask {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Are there members with a clear text password?
|
// Are there members with a clear text password?
|
||||||
$members = DataObject::get("Member")->where(array(
|
$members = Member::get()->where(array(
|
||||||
'"Member"."PasswordEncryption"' => 'none',
|
'"Member"."PasswordEncryption"' => 'none',
|
||||||
'"Member"."Password" IS NOT NULL'
|
'"Member"."Password" IS NOT NULL'
|
||||||
));
|
));
|
||||||
|
@ -1,46 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
|
||||||
/**
|
|
||||||
* Regenerate all cached images that have been created as the result of a manipulation method being called on a
|
|
||||||
* {@link Image} object
|
|
||||||
*
|
|
||||||
* @package framework
|
|
||||||
* @subpackage filesystem
|
|
||||||
*/
|
|
||||||
class RegenerateCachedImagesTask extends BuildTask {
|
|
||||||
|
|
||||||
protected $title = 'Regenerate Cached Images Task';
|
|
||||||
|
|
||||||
protected $description = 'Regenerate all cached images created as the result of an image manipulation';
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check that the user has appropriate permissions to execute this task
|
|
||||||
*/
|
|
||||||
public function init() {
|
|
||||||
if(!Director::is_cli() && !Director::isDev() && !Permission::check('ADMIN')) {
|
|
||||||
return Security::permissionFailure();
|
|
||||||
}
|
|
||||||
|
|
||||||
parent::init();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Actually regenerate all the images
|
|
||||||
*/
|
|
||||||
public function run($request) {
|
|
||||||
$processedImages = 0;
|
|
||||||
$regeneratedImages = 0;
|
|
||||||
|
|
||||||
if($images = DataObject::get('Image')) foreach($images as $image) {
|
|
||||||
if($generated = $image->regenerateFormattedImages()) {
|
|
||||||
$regeneratedImages += $generated;
|
|
||||||
}
|
|
||||||
|
|
||||||
$processedImages++;
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "Regenerated $regeneratedImages cached images from $processedImages Image objects stored in the Database.";
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tasks
|
* @subpackage tasks
|
||||||
|
@ -1,14 +0,0 @@
|
|||||||
Group:
|
|
||||||
admins:
|
|
||||||
Title: Administrators
|
|
||||||
|
|
||||||
Permission:
|
|
||||||
admin:
|
|
||||||
Code: ADMIN
|
|
||||||
Group: =>Group.admins
|
|
||||||
|
|
||||||
Member:
|
|
||||||
admin:
|
|
||||||
Email: admin
|
|
||||||
Password: password
|
|
||||||
Groups: =>Group.admins
|
|
@ -42,11 +42,11 @@ class FeatureContext extends SilverStripeContext {
|
|||||||
|
|
||||||
// Use blueprints to set user name from identifier
|
// Use blueprints to set user name from identifier
|
||||||
$factory = $fixtureContext->getFixtureFactory();
|
$factory = $fixtureContext->getFixtureFactory();
|
||||||
$blueprint = \Injector::inst()->create('FixtureBlueprint', 'Member');
|
$blueprint = \Injector::inst()->create('FixtureBlueprint', 'SilverStripe\\Security\\Member');
|
||||||
$blueprint->addCallback('beforeCreate', function($identifier, &$data, &$fixtures) {
|
$blueprint->addCallback('beforeCreate', function($identifier, &$data, &$fixtures) {
|
||||||
if(!isset($data['FirstName'])) $data['FirstName'] = $identifier;
|
if(!isset($data['FirstName'])) $data['FirstName'] = $identifier;
|
||||||
});
|
});
|
||||||
$factory->define('Member', $blueprint);
|
$factory->define('SilverStripe\\Security\\Member', $blueprint);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setMinkParameters(array $parameters) {
|
public function setMinkParameters(array $parameters) {
|
||||||
|
@ -13,8 +13,8 @@ class CMSProfileControllerTest extends FunctionalTest {
|
|||||||
public $autoFollowRedirection = false;
|
public $autoFollowRedirection = false;
|
||||||
|
|
||||||
public function testMemberCantEditAnother() {
|
public function testMemberCantEditAnother() {
|
||||||
$member = $this->objFromFixture('Member', 'user1');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'user1');
|
||||||
$anotherMember = $this->objFromFixture('Member', 'user2');
|
$anotherMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'user2');
|
||||||
$this->session()->inst_set('loggedInAs', $member->ID);
|
$this->session()->inst_set('loggedInAs', $member->ID);
|
||||||
|
|
||||||
$response = $this->post('admin/myprofile/EditForm', array(
|
$response = $this->post('admin/myprofile/EditForm', array(
|
||||||
@ -28,13 +28,13 @@ class CMSProfileControllerTest extends FunctionalTest {
|
|||||||
'Password[_ConfirmPassword]' => 'password',
|
'Password[_ConfirmPassword]' => 'password',
|
||||||
));
|
));
|
||||||
|
|
||||||
$anotherMember = $this->objFromFixture('Member', 'user2');
|
$anotherMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'user2');
|
||||||
|
|
||||||
$this->assertNotEquals($anotherMember->FirstName, 'JoeEdited', 'FirstName field stays the same');
|
$this->assertNotEquals($anotherMember->FirstName, 'JoeEdited', 'FirstName field stays the same');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testMemberEditsOwnProfile() {
|
public function testMemberEditsOwnProfile() {
|
||||||
$member = $this->objFromFixture('Member', 'user3');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'user3');
|
||||||
$this->session()->inst_set('loggedInAs', $member->ID);
|
$this->session()->inst_set('loggedInAs', $member->ID);
|
||||||
|
|
||||||
$response = $this->post('admin/myprofile/EditForm', array(
|
$response = $this->post('admin/myprofile/EditForm', array(
|
||||||
@ -48,16 +48,16 @@ class CMSProfileControllerTest extends FunctionalTest {
|
|||||||
'Password[_ConfirmPassword]' => 'password',
|
'Password[_ConfirmPassword]' => 'password',
|
||||||
));
|
));
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'user3');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'user3');
|
||||||
|
|
||||||
$this->assertEquals('JoeEdited', $member->FirstName, 'FirstName field was changed');
|
$this->assertEquals('JoeEdited', $member->FirstName, 'FirstName field was changed');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testExtendedPermissionsStopEditingOwnProfile() {
|
public function testExtendedPermissionsStopEditingOwnProfile() {
|
||||||
$existingExtensions = Config::inst()->get('Member', 'extensions');
|
$existingExtensions = Config::inst()->get('SilverStripe\\Security\\Member', 'extensions');
|
||||||
Config::inst()->update('Member', 'extensions', array('CMSProfileControllerTestExtension'));
|
Config::inst()->update('SilverStripe\\Security\\Member', 'extensions', array('CMSProfileControllerTestExtension'));
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'user1');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'user1');
|
||||||
$this->session()->inst_set('loggedInAs', $member->ID);
|
$this->session()->inst_set('loggedInAs', $member->ID);
|
||||||
|
|
||||||
$response = $this->post('admin/myprofile/EditForm', array(
|
$response = $this->post('admin/myprofile/EditForm', array(
|
||||||
@ -71,13 +71,13 @@ class CMSProfileControllerTest extends FunctionalTest {
|
|||||||
'Password[_ConfirmPassword]' => 'password',
|
'Password[_ConfirmPassword]' => 'password',
|
||||||
));
|
));
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'user1');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'user1');
|
||||||
|
|
||||||
$this->assertNotEquals($member->FirstName, 'JoeEdited',
|
$this->assertNotEquals($member->FirstName, 'JoeEdited',
|
||||||
'FirstName field was NOT changed because we modified canEdit');
|
'FirstName field was NOT changed because we modified canEdit');
|
||||||
|
|
||||||
Config::inst()->remove('Member', 'extensions');
|
Config::inst()->remove('SilverStripe\\Security\\Member', 'extensions');
|
||||||
Config::inst()->update('Member', 'extensions', $existingExtensions);
|
Config::inst()->update('SilverStripe\\Security\\Member', 'extensions', $existingExtensions);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
cmsmain:
|
cmsmain:
|
||||||
@ -8,31 +8,31 @@ Permission:
|
|||||||
test:
|
test:
|
||||||
Code: CMS_ACCESS_TestController
|
Code: CMS_ACCESS_TestController
|
||||||
|
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admins:
|
admins:
|
||||||
Title: Administrators
|
Title: Administrators
|
||||||
Permissions: =>Permission.admin
|
Permissions: '=>SilverStripe\Security\Permission.admin'
|
||||||
cmsusers:
|
cmsusers:
|
||||||
Title: CMS Users
|
Title: CMS Users
|
||||||
Permissions: =>Permission.cmsmain, =>Permission.leftandmain
|
Permissions: '=>SilverStripe\Security\Permission.cmsmain, =>SilverStripe\Security\Permission.leftandmain'
|
||||||
test:
|
test:
|
||||||
Title: Test group
|
Title: Test group
|
||||||
Permissions: =>Permission.test
|
Permissions: '=>SilverStripe\Security\Permission.test'
|
||||||
|
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
admin:
|
admin:
|
||||||
FirstName: Admin
|
FirstName: Admin
|
||||||
Email: admin@user.com
|
Email: admin@user.com
|
||||||
Groups: =>Group.admins
|
Groups: '=>SilverStripe\Security\Group.admins'
|
||||||
user1:
|
user1:
|
||||||
FirstName: Joe
|
FirstName: Joe
|
||||||
Email: user1@user.com
|
Email: user1@user.com
|
||||||
Groups: =>Group.cmsusers
|
Groups: '=>SilverStripe\Security\Group.cmsusers'
|
||||||
user2:
|
user2:
|
||||||
FirstName: Steve
|
FirstName: Steve
|
||||||
Email: user2@user.com
|
Email: user2@user.com
|
||||||
Groups: =>Group.cmsusers
|
Groups: '=>SilverStripe\Security\Group.cmsusers'
|
||||||
user3:
|
user3:
|
||||||
FirstName: Files
|
FirstName: Files
|
||||||
Email: user3@example.com
|
Email: user3@example.com
|
||||||
Groups: =>Group.test
|
Groups: '=>SilverStripe\Security\Group.test'
|
||||||
|
@ -57,7 +57,7 @@ class ControllerTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testAllowedActions() {
|
public function testAllowedActions() {
|
||||||
$adminUser = $this->objFromFixture('Member', 'admin');
|
$adminUser = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
|
|
||||||
$response = $this->get("ControllerTest_UnsecuredController/");
|
$response = $this->get("ControllerTest_UnsecuredController/");
|
||||||
$this->assertEquals(200, $response->getStatusCode(),
|
$this->assertEquals(200, $response->getStatusCode(),
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admins:
|
admins:
|
||||||
Code: admins
|
Code: admins
|
||||||
Permissions: =>Permission.admin
|
Permissions: '=>SilverStripe\Security\Permission.admin'
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
admin:
|
admin:
|
||||||
Email: admin@test.com
|
Email: admin@test.com
|
||||||
Groups: =>Group.admins
|
Groups: '=>SilverStripe\Security\Group.admins'
|
||||||
|
@ -394,7 +394,7 @@ class DirectorTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testForceSSLOnSubPagesPattern() {
|
public function testForceSSLOnSubPagesPattern() {
|
||||||
$_SERVER['REQUEST_URI'] = Director::baseURL() . Config::inst()->get('Security', 'login_url');
|
$_SERVER['REQUEST_URI'] = Director::baseURL() . Config::inst()->get('SilverStripe\\Security\\Security', 'login_url');
|
||||||
$output = Director::forceSSL(array('/^Security/'));
|
$output = Director::forceSSL(array('/^Security/'));
|
||||||
$this->assertEquals($output, 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
$this->assertEquals($output, 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for RequestHandler and SS_HTTPRequest.
|
* Tests for RequestHandler and SS_HTTPRequest.
|
||||||
* We've set up a simple URL handling model based on
|
* We've set up a simple URL handling model based on
|
||||||
|
@ -8,6 +8,10 @@
|
|||||||
class NamespacedClassManifestTest extends SapphireTest {
|
class NamespacedClassManifestTest extends SapphireTest {
|
||||||
|
|
||||||
protected $base;
|
protected $base;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var SS_ClassManifest
|
||||||
|
*/
|
||||||
protected $manifest;
|
protected $manifest;
|
||||||
|
|
||||||
public function setUp() {
|
public function setUp() {
|
||||||
@ -28,13 +32,14 @@ class NamespacedClassManifestTest extends SapphireTest {
|
|||||||
$tokens = token_get_all($file);
|
$tokens = token_get_all($file);
|
||||||
$parsedTokens = SS_ClassManifest::get_imported_namespace_parser()->findAll($tokens);
|
$parsedTokens = SS_ClassManifest::get_imported_namespace_parser()->findAll($tokens);
|
||||||
|
|
||||||
|
/** @skipUpgrade */
|
||||||
$expectedItems = array(
|
$expectedItems = array(
|
||||||
array('ModelAdmin'),
|
array('ModelAdmin'),
|
||||||
array('Controller', ' ', 'as', ' ', 'Cont'),
|
array('Controller', ' ', 'as', ' ', 'Cont'),
|
||||||
array(
|
array(
|
||||||
'SS_HTTPRequest', ' ', 'as', ' ', 'Request', ',',
|
'SS_HTTPRequest', ' ', 'as', ' ', 'Request', ',',
|
||||||
'SS_HTTPResponse', ' ', 'AS', ' ', 'Response', ',',
|
'SS_HTTPResponse', ' ', 'as', ' ', 'Response', ',',
|
||||||
'PermissionProvider', ' ', 'AS', ' ', 'P',
|
'SilverStripe', '\\', 'Security', '\\', 'PermissionProvider', ' ', 'as', ' ', 'P',
|
||||||
),
|
),
|
||||||
array('silverstripe', '\\', 'test', '\\', 'ClassA'),
|
array('silverstripe', '\\', 'test', '\\', 'ClassA'),
|
||||||
array('\\', 'Object'),
|
array('\\', 'Object'),
|
||||||
@ -59,7 +64,7 @@ class NamespacedClassManifestTest extends SapphireTest {
|
|||||||
'Cont' => 'Controller',
|
'Cont' => 'Controller',
|
||||||
'Request' => 'SS_HTTPRequest',
|
'Request' => 'SS_HTTPRequest',
|
||||||
'Response' => 'SS_HTTPResponse',
|
'Response' => 'SS_HTTPResponse',
|
||||||
'P' => 'PermissionProvider',
|
'P' => 'SilverStripe\\Security\\PermissionProvider',
|
||||||
'silverstripe\test\ClassA',
|
'silverstripe\test\ClassA',
|
||||||
'\Object',
|
'\Object',
|
||||||
);
|
);
|
||||||
@ -71,7 +76,7 @@ class NamespacedClassManifestTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testClassInfoIsCorrect() {
|
public function testClassInfoIsCorrect() {
|
||||||
$this->assertContains('SilverStripe\Framework\Tests\ClassI', ClassInfo::implementorsOf('PermissionProvider'));
|
$this->assertContains('SilverStripe\Framework\Tests\ClassI', ClassInfo::implementorsOf('SilverStripe\\Security\\PermissionProvider'));
|
||||||
|
|
||||||
//because we're using a nested manifest we have to "coalesce" the descendants again to correctly populate the
|
//because we're using a nested manifest we have to "coalesce" the descendants again to correctly populate the
|
||||||
// descendants of the core classes we want to test against - this is a limitation of the test manifest not
|
// descendants of the core classes we want to test against - this is a limitation of the test manifest not
|
||||||
@ -83,20 +88,26 @@ class NamespacedClassManifestTest extends SapphireTest {
|
|||||||
$this->assertContains('SilverStripe\Framework\Tests\ClassI', ClassInfo::subclassesFor('ModelAdmin'));
|
$this->assertContains('SilverStripe\Framework\Tests\ClassI', ClassInfo::subclassesFor('ModelAdmin'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @skipUpgrade
|
||||||
|
*/
|
||||||
public function testFindClassOrInterfaceFromCandidateImports() {
|
public function testFindClassOrInterfaceFromCandidateImports() {
|
||||||
$method = new ReflectionMethod($this->manifest, 'findClassOrInterfaceFromCandidateImports');
|
$method = new ReflectionMethod($this->manifest, 'findClassOrInterfaceFromCandidateImports');
|
||||||
$method->setAccessible(true);
|
$method->setAccessible(true);
|
||||||
|
|
||||||
$this->assertTrue(ClassInfo::exists('silverstripe\test\ClassA'));
|
$this->assertTrue(ClassInfo::exists('silverstripe\test\ClassA'));
|
||||||
|
|
||||||
$this->assertEquals('PermissionProvider', $method->invokeArgs($this->manifest, array(
|
$this->assertEquals(
|
||||||
|
'PermissionProvider',
|
||||||
|
$method->invokeArgs($this->manifest, [
|
||||||
'\PermissionProvider',
|
'\PermissionProvider',
|
||||||
'Test\Namespace',
|
'Test\Namespace',
|
||||||
array(
|
array(
|
||||||
'TestOnly',
|
'TestOnly',
|
||||||
'Controller',
|
'Controller',
|
||||||
),
|
),
|
||||||
)));
|
])
|
||||||
|
);
|
||||||
|
|
||||||
$this->assertEquals('PermissionProvider', $method->invokeArgs($this->manifest, array(
|
$this->assertEquals('PermissionProvider', $method->invokeArgs($this->manifest, array(
|
||||||
'PermissionProvider',
|
'PermissionProvider',
|
||||||
@ -236,7 +247,7 @@ class NamespacedClassManifestTest extends SapphireTest {
|
|||||||
'silverstripe\test\interfacea' => array('silverstripe\test\ClassE'),
|
'silverstripe\test\interfacea' => array('silverstripe\test\ClassE'),
|
||||||
'interfacea' => array('silverstripe\test\ClassF'),
|
'interfacea' => array('silverstripe\test\ClassF'),
|
||||||
'silverstripe\test\subtest\interfacea' => array('silverstripe\test\ClassG'),
|
'silverstripe\test\subtest\interfacea' => array('silverstripe\test\ClassG'),
|
||||||
'permissionprovider' => array('SilverStripe\Framework\Tests\ClassI'),
|
'silverstripe\security\permissionprovider' => array('SilverStripe\Framework\Tests\ClassI'),
|
||||||
);
|
);
|
||||||
$this->assertEquals($expect, $this->manifest->getImplementors());
|
$this->assertEquals($expect, $this->manifest->getImplementors());
|
||||||
}
|
}
|
||||||
|
@ -4,9 +4,10 @@ namespace SilverStripe\Framework\Tests;
|
|||||||
//whitespace here is important for tests, please don't change it
|
//whitespace here is important for tests, please don't change it
|
||||||
use ModelAdmin;
|
use ModelAdmin;
|
||||||
use Controller as Cont ;
|
use Controller as Cont ;
|
||||||
use SS_HTTPRequest as Request,SS_HTTPResponse AS Response, PermissionProvider AS P;
|
use SS_HTTPRequest as Request, SS_HTTPResponse as Response, SilverStripe\Security\PermissionProvider as P;
|
||||||
use silverstripe\test\ClassA;
|
use silverstripe\test\ClassA;
|
||||||
use \Object;
|
use \Object;
|
||||||
|
|
||||||
|
|
||||||
class ClassI extends ModelAdmin implements P {
|
class ClassI extends ModelAdmin implements P {
|
||||||
}
|
}
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
use SilverStripe\Filesystem\Storage\AssetStore;
|
use SilverStripe\Filesystem\Storage\AssetStore;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -5,6 +5,8 @@ use SilverStripe\Filesystem\Storage\AssetStore;
|
|||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\ValidationException;
|
use SilverStripe\ORM\ValidationException;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -509,23 +511,23 @@ class FileTest extends SapphireTest {
|
|||||||
$this->assertFalse($file->canEdit(), "Anonymous users can't edit files");
|
$this->assertFalse($file->canEdit(), "Anonymous users can't edit files");
|
||||||
|
|
||||||
// Test permissionless user
|
// Test permissionless user
|
||||||
$this->objFromFixture('Member', 'frontend')->logIn();
|
$this->objFromFixture('SilverStripe\\Security\\Member', 'frontend')->logIn();
|
||||||
$this->assertFalse($file->canEdit(), "Permissionless users can't edit files");
|
$this->assertFalse($file->canEdit(), "Permissionless users can't edit files");
|
||||||
|
|
||||||
// Test global CMS section users
|
// Test global CMS section users
|
||||||
$this->objFromFixture('Member', 'cms')->logIn();
|
$this->objFromFixture('SilverStripe\\Security\\Member', 'cms')->logIn();
|
||||||
$this->assertTrue($file->canEdit(), "Users with all CMS section access can edit files");
|
$this->assertTrue($file->canEdit(), "Users with all CMS section access can edit files");
|
||||||
|
|
||||||
// Test cms access users without file access
|
// Test cms access users without file access
|
||||||
$this->objFromFixture('Member', 'security')->logIn();
|
$this->objFromFixture('SilverStripe\\Security\\Member', 'security')->logIn();
|
||||||
$this->assertFalse($file->canEdit(), "Security CMS users can't edit files");
|
$this->assertFalse($file->canEdit(), "Security CMS users can't edit files");
|
||||||
|
|
||||||
// Test asset-admin user
|
// Test asset-admin user
|
||||||
$this->objFromFixture('Member', 'assetadmin')->logIn();
|
$this->objFromFixture('SilverStripe\\Security\\Member', 'assetadmin')->logIn();
|
||||||
$this->assertTrue($file->canEdit(), "Asset admin users can edit files");
|
$this->assertTrue($file->canEdit(), "Asset admin users can edit files");
|
||||||
|
|
||||||
// Test admin
|
// Test admin
|
||||||
$this->objFromFixture('Member', 'admin')->logIn();
|
$this->objFromFixture('SilverStripe\\Security\\Member', 'admin')->logIn();
|
||||||
$this->assertTrue($file->canEdit(), "Admins can edit files");
|
$this->assertTrue($file->canEdit(), "Admins can edit files");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ Image:
|
|||||||
FileFilename: FileTest.png
|
FileFilename: FileTest.png
|
||||||
FileHash: 55b443b60176235ef09801153cca4e6da7494a0c
|
FileHash: 55b443b60176235ef09801153cca4e6da7494a0c
|
||||||
Name: FileTest.png
|
Name: FileTest.png
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
cmsmain:
|
cmsmain:
|
||||||
@ -54,31 +54,31 @@ Permission:
|
|||||||
Code: CMS_ACCESS_AssetAdmin
|
Code: CMS_ACCESS_AssetAdmin
|
||||||
securityadmin:
|
securityadmin:
|
||||||
Code: CMS_ACCESS_SecurityAdmin
|
Code: CMS_ACCESS_SecurityAdmin
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admins:
|
admins:
|
||||||
Title: Administrators
|
Title: Administrators
|
||||||
Permissions: =>Permission.admin
|
Permissions: '=>SilverStripe\Security\Permission.admin'
|
||||||
cmsusers:
|
cmsusers:
|
||||||
Title: 'CMS Users'
|
Title: 'CMS Users'
|
||||||
Permissions: =>Permission.cmsmain
|
Permissions: '=>SilverStripe\Security\Permission.cmsmain'
|
||||||
securityusers:
|
securityusers:
|
||||||
Title: 'Security Users'
|
Title: 'Security Users'
|
||||||
Permissions: =>Permission.securityadmin
|
Permissions: '=>SilverStripe\Security\Permission.securityadmin'
|
||||||
assetusers:
|
assetusers:
|
||||||
Title: 'Asset Users'
|
Title: 'Asset Users'
|
||||||
Permissions: =>Permission.assetadmin
|
Permissions: '=>SilverStripe\Security\Permission.assetadmin'
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
frontend:
|
frontend:
|
||||||
Email: frontend@example.com
|
Email: frontend@example.com
|
||||||
cms:
|
cms:
|
||||||
Email: cms@silverstripe.com
|
Email: cms@silverstripe.com
|
||||||
Groups: =>Group.cmsusers
|
Groups: '=>SilverStripe\Security\Group.cmsusers'
|
||||||
admin:
|
admin:
|
||||||
Email: admin@silverstripe.com
|
Email: admin@silverstripe.com
|
||||||
Groups: =>Group.admins
|
Groups: '=>SilverStripe\Security\Group.admins'
|
||||||
assetadmin:
|
assetadmin:
|
||||||
Email: assetadmin@silverstripe.com
|
Email: assetadmin@silverstripe.com
|
||||||
Groups: =>Group.assetusers
|
Groups: '=>SilverStripe\Security\Group.assetusers'
|
||||||
security:
|
security:
|
||||||
Email: security@silverstripe.com
|
Email: security@silverstripe.com
|
||||||
Groups: =>Group.securityusers
|
Groups: '=>SilverStripe\Security\Group.securityusers'
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\DataExtension;
|
use SilverStripe\ORM\DataExtension;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for DataObject FormField scaffolding
|
* Tests for DataObject FormField scaffolding
|
||||||
|
@ -2,6 +2,9 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataModel;
|
use SilverStripe\ORM\DataModel;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
use SilverStripe\Security\RandomGenerator;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -387,12 +390,12 @@ class FormTest extends FunctionalTest {
|
|||||||
SecurityToken::enable();
|
SecurityToken::enable();
|
||||||
|
|
||||||
$form1 = $this->getStubForm();
|
$form1 = $this->getStubForm();
|
||||||
$this->assertInstanceOf('SecurityToken', $form1->getSecurityToken());
|
$this->assertInstanceOf('SilverStripe\\Security\\SecurityToken', $form1->getSecurityToken());
|
||||||
|
|
||||||
SecurityToken::disable();
|
SecurityToken::disable();
|
||||||
|
|
||||||
$form2 = $this->getStubForm();
|
$form2 = $this->getStubForm();
|
||||||
$this->assertInstanceOf('NullSecurityToken', $form2->getSecurityToken());
|
$this->assertInstanceOf('SilverStripe\\Security\\NullSecurityToken', $form2->getSecurityToken());
|
||||||
|
|
||||||
SecurityToken::enable();
|
SecurityToken::enable();
|
||||||
}
|
}
|
||||||
|
@ -3,6 +3,8 @@
|
|||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\SS_List;
|
use SilverStripe\ORM\SS_List;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
class GridFieldTest extends SapphireTest {
|
class GridFieldTest extends SapphireTest {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -75,7 +77,7 @@ class GridFieldTest extends SapphireTest {
|
|||||||
*/
|
*/
|
||||||
public function testGridFieldModelClass() {
|
public function testGridFieldModelClass() {
|
||||||
$obj = new GridField('testfield', 'testfield', Member::get());
|
$obj = new GridField('testfield', 'testfield', Member::get());
|
||||||
$this->assertEquals('Member', $obj->getModelClass(), 'Should return Member');
|
$this->assertEquals('SilverStripe\\Security\\Member', $obj->getModelClass(), 'Should return Member');
|
||||||
$obj->setModelClass('SilverStripe\\ORM\\DataModel');
|
$obj->setModelClass('SilverStripe\\ORM\\DataModel');
|
||||||
$this->assertEquals('SilverStripe\\ORM\\DataModel', $obj->getModelClass(), 'Should return Member');
|
$this->assertEquals('SilverStripe\\ORM\\DataModel', $obj->getModelClass(), 'Should return Member');
|
||||||
}
|
}
|
||||||
|
@ -66,11 +66,11 @@ class LookupFieldTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testArrayValueWithSqlMapSource() {
|
public function testArrayValueWithSqlMapSource() {
|
||||||
$member1 = $this->objFromFixture('Member', 'member1');
|
$member1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'member1');
|
||||||
$member2 = $this->objFromFixture('Member', 'member2');
|
$member2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'member2');
|
||||||
$member3 = $this->objFromFixture('Member', 'member3');
|
$member3 = $this->objFromFixture('SilverStripe\\Security\\Member', 'member3');
|
||||||
|
|
||||||
$source = DataObject::get('Member');
|
$source = DataObject::get('SilverStripe\\Security\\Member');
|
||||||
$f = new LookupField('test', 'test', $source->map('ID', 'FirstName'));
|
$f = new LookupField('test', 'test', $source->map('ID', 'FirstName'));
|
||||||
$f->setValue(array($member1->ID, $member2->ID));
|
$f->setValue(array($member1->ID, $member2->ID));
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
member1:
|
member1:
|
||||||
FirstName: member1
|
FirstName: member1
|
||||||
member2:
|
member2:
|
||||||
|
@ -45,7 +45,7 @@ class MemberDatetimeOptionsetFieldTest extends SapphireTest {
|
|||||||
|
|
||||||
public function testDateFormatDefaultCheckedInFormField() {
|
public function testDateFormatDefaultCheckedInFormField() {
|
||||||
Config::inst()->update('i18n', 'date_format', 'yyyy-MM-dd');
|
Config::inst()->update('i18n', 'date_format', 'yyyy-MM-dd');
|
||||||
$field = $this->createDateFormatFieldForMember($this->objFromFixture('Member', 'noformatmember'));
|
$field = $this->createDateFormatFieldForMember($this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember'));
|
||||||
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
||||||
new FieldList())); // fake form
|
new FieldList())); // fake form
|
||||||
$parser = new CSSContentParser($field->Field());
|
$parser = new CSSContentParser($field->Field());
|
||||||
@ -55,7 +55,7 @@ class MemberDatetimeOptionsetFieldTest extends SapphireTest {
|
|||||||
|
|
||||||
public function testTimeFormatDefaultCheckedInFormField() {
|
public function testTimeFormatDefaultCheckedInFormField() {
|
||||||
Config::inst()->update('i18n', 'time_format', 'h:mm:ss a');
|
Config::inst()->update('i18n', 'time_format', 'h:mm:ss a');
|
||||||
$field = $this->createTimeFormatFieldForMember($this->objFromFixture('Member', 'noformatmember'));
|
$field = $this->createTimeFormatFieldForMember($this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember'));
|
||||||
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
||||||
new FieldList())); // fake form
|
new FieldList())); // fake form
|
||||||
$parser = new CSSContentParser($field->Field());
|
$parser = new CSSContentParser($field->Field());
|
||||||
@ -64,7 +64,7 @@ class MemberDatetimeOptionsetFieldTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testDateFormatChosenIsCheckedInFormField() {
|
public function testDateFormatChosenIsCheckedInFormField() {
|
||||||
$member = $this->objFromFixture('Member', 'noformatmember');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember');
|
||||||
$member->setField('DateFormat', 'MM/dd/yyyy');
|
$member->setField('DateFormat', 'MM/dd/yyyy');
|
||||||
$field = $this->createDateFormatFieldForMember($member);
|
$field = $this->createDateFormatFieldForMember($member);
|
||||||
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
||||||
@ -75,7 +75,7 @@ class MemberDatetimeOptionsetFieldTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testDateFormatCustomFormatAppearsInCustomInputInField() {
|
public function testDateFormatCustomFormatAppearsInCustomInputInField() {
|
||||||
$member = $this->objFromFixture('Member', 'noformatmember');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember');
|
||||||
$member->setField('DateFormat', 'dd MM yy');
|
$member->setField('DateFormat', 'dd MM yy');
|
||||||
$field = $this->createDateFormatFieldForMember($member);
|
$field = $this->createDateFormatFieldForMember($member);
|
||||||
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
$field->setForm(new Form(new MemberDatetimeOptionsetFieldTest_Controller(), 'Form', new FieldList(),
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
noformatmember:
|
noformatmember:
|
||||||
Email: noformat@test.com
|
Email: noformat@test.com
|
||||||
delocalemember:
|
delocalemember:
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
class GridFieldDataColumnsTest extends SapphireTest {
|
class GridFieldDataColumnsTest extends SapphireTest {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -6,7 +8,7 @@ class GridFieldDataColumnsTest extends SapphireTest {
|
|||||||
*/
|
*/
|
||||||
public function testGridFieldGetDefaultDisplayFields() {
|
public function testGridFieldGetDefaultDisplayFields() {
|
||||||
$obj = new GridField('testfield', 'testfield', Member::get());
|
$obj = new GridField('testfield', 'testfield', Member::get());
|
||||||
$expected = singleton('Member')->summaryFields();
|
$expected = singleton('SilverStripe\\Security\\Member')->summaryFields();
|
||||||
$columns = $obj->getConfig()->getComponentByType('GridFieldDataColumns');
|
$columns = $obj->getConfig()->getComponentByType('GridFieldDataColumns');
|
||||||
$this->assertEquals($expected, $columns->getDisplayFields($obj));
|
$this->assertEquals($expected, $columns->getDisplayFields($obj));
|
||||||
}
|
}
|
||||||
|
@ -2,6 +2,9 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataList;
|
use SilverStripe\ORM\DataList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
|
||||||
|
|
||||||
class GridFieldDeleteActionTest extends SapphireTest {
|
class GridFieldDeleteActionTest extends SapphireTest {
|
||||||
|
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataList;
|
use SilverStripe\ORM\DataList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
class GridFieldEditButtonTest extends SapphireTest {
|
class GridFieldEditButtonTest extends SapphireTest {
|
||||||
|
|
||||||
|
@ -590,15 +590,15 @@ class i18nTest_DataObject extends DataObject implements TestOnly {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_one = array(
|
private static $has_one = array(
|
||||||
'HasOneRelation' => 'Member'
|
'HasOneRelation' => 'SilverStripe\\Security\\Member'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
'HasManyRelation' => 'Member'
|
'HasManyRelation' => 'SilverStripe\\Security\\Member'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $many_many = array(
|
private static $many_many = array(
|
||||||
'ManyManyRelation' => 'Member'
|
'ManyManyRelation' => 'SilverStripe\\Security\\Member'
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -12,7 +12,7 @@ class i18nTextCollectorTestMyObject extends DataObject implements TestOnly {
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
'Relation' => 'Group'
|
'Relation' => 'SilverStripe\\Security\\Group'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $singular_name = "My Object";
|
private static $singular_name = "My Object";
|
||||||
|
@ -9,7 +9,7 @@ class i18nTextCollectorTestMySubObject extends i18nTextCollectorTestMyObject imp
|
|||||||
);
|
);
|
||||||
|
|
||||||
private static $has_many = array(
|
private static $has_many = array(
|
||||||
'SubRelation' => 'Group'
|
'SubRelation' => 'SilverStripe\\Security\\Group'
|
||||||
);
|
);
|
||||||
|
|
||||||
private static $singular_name = "My Sub Object";
|
private static $singular_name = "My Sub Object";
|
||||||
|
@ -4,6 +4,8 @@ use SilverStripe\ORM\DataObject;
|
|||||||
use SilverStripe\ORM\Versioning\ChangeSet;
|
use SilverStripe\ORM\Versioning\ChangeSet;
|
||||||
use SilverStripe\ORM\Versioning\ChangeSetItem;
|
use SilverStripe\ORM\Versioning\ChangeSetItem;
|
||||||
use SilverStripe\ORM\Versioning\Versioned;
|
use SilverStripe\ORM\Versioning\Versioned;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provides a set of targettable permissions for tested models
|
* Provides a set of targettable permissions for tested models
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -253,7 +253,7 @@ class DBDateTest extends SapphireTest {
|
|||||||
public function testFormatFromSettings() {
|
public function testFormatFromSettings() {
|
||||||
|
|
||||||
$memberID = $this->logInWithPermission();
|
$memberID = $this->logInWithPermission();
|
||||||
$member = DataObject::get_by_id('Member', $memberID);
|
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $memberID);
|
||||||
$member->DateFormat = 'dd/MM/YYYY';
|
$member->DateFormat = 'dd/MM/YYYY';
|
||||||
$member->write();
|
$member->write();
|
||||||
|
|
||||||
|
@ -120,8 +120,8 @@ class DataExtensionTest extends SapphireTest {
|
|||||||
// in SiteTree->can*() methods to test one single feature reliably with them
|
// in SiteTree->can*() methods to test one single feature reliably with them
|
||||||
|
|
||||||
$obj = $this->objFromFixture('DataExtensionTest_MyObject', 'object1');
|
$obj = $this->objFromFixture('DataExtensionTest_MyObject', 'object1');
|
||||||
$websiteuser = $this->objFromFixture('Member', 'websiteuser');
|
$websiteuser = $this->objFromFixture('SilverStripe\\Security\\Member', 'websiteuser');
|
||||||
$admin = $this->objFromFixture('Member', 'admin');
|
$admin = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
|
|
||||||
$this->assertFalse(
|
$this->assertFalse(
|
||||||
$obj->canOne($websiteuser),
|
$obj->canOne($websiteuser),
|
||||||
|
@ -3,16 +3,16 @@ DataExtensionTest_RelatedObject:
|
|||||||
FieldOne: Obj1
|
FieldOne: Obj1
|
||||||
obj2:
|
obj2:
|
||||||
FieldOne: Obj2
|
FieldOne: Obj2
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
adminpermission:
|
adminpermission:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admingroup:
|
admingroup:
|
||||||
Permissions: =>Permission.adminpermission
|
Permissions: '=>SilverStripe\Security\Permission.adminpermission'
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
admin:
|
admin:
|
||||||
Email: admin@test.com
|
Email: admin@test.com
|
||||||
Groups: =>Group.admingroup
|
Groups: '=>SilverStripe\Security\Group.admingroup'
|
||||||
websiteuser:
|
websiteuser:
|
||||||
Email: websiteuser@test.com
|
Email: websiteuser@test.com
|
||||||
DataExtensionTest_Member:
|
DataExtensionTest_Member:
|
||||||
|
@ -7,6 +7,8 @@ use SilverStripe\ORM\DB;
|
|||||||
use SilverStripe\ORM\Connect\MySQLDatabase;
|
use SilverStripe\ORM\Connect\MySQLDatabase;
|
||||||
use SilverStripe\ORM\DataExtension;
|
use SilverStripe\ORM\DataExtension;
|
||||||
use SilverStripe\ORM\ValidationResult;
|
use SilverStripe\ORM\ValidationResult;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -43,12 +43,12 @@ class DataQueryTest extends SapphireTest {
|
|||||||
* Test the leftJoin() and innerJoin method of the DataQuery object
|
* Test the leftJoin() and innerJoin method of the DataQuery object
|
||||||
*/
|
*/
|
||||||
public function testJoins() {
|
public function testJoins() {
|
||||||
$dq = new DataQuery('Member');
|
$dq = new DataQuery('SilverStripe\\Security\\Member');
|
||||||
$dq->innerJoin("Group_Members", "\"Group_Members\".\"MemberID\" = \"Member\".\"ID\"");
|
$dq->innerJoin("Group_Members", "\"Group_Members\".\"MemberID\" = \"Member\".\"ID\"");
|
||||||
$this->assertSQLContains("INNER JOIN \"Group_Members\" ON \"Group_Members\".\"MemberID\" = \"Member\".\"ID\"",
|
$this->assertSQLContains("INNER JOIN \"Group_Members\" ON \"Group_Members\".\"MemberID\" = \"Member\".\"ID\"",
|
||||||
$dq->sql($parameters));
|
$dq->sql($parameters));
|
||||||
|
|
||||||
$dq = new DataQuery('Member');
|
$dq = new DataQuery('SilverStripe\\Security\\Member');
|
||||||
$dq->leftJoin("Group_Members", "\"Group_Members\".\"MemberID\" = \"Member\".\"ID\"");
|
$dq->leftJoin("Group_Members", "\"Group_Members\".\"MemberID\" = \"Member\".\"ID\"");
|
||||||
$this->assertSQLContains("LEFT JOIN \"Group_Members\" ON \"Group_Members\".\"MemberID\" = \"Member\".\"ID\"",
|
$this->assertSQLContains("LEFT JOIN \"Group_Members\" ON \"Group_Members\".\"MemberID\" = \"Member\".\"ID\"",
|
||||||
$dq->sql($parameters));
|
$dq->sql($parameters));
|
||||||
|
@ -4,6 +4,8 @@ use SilverStripe\ORM\DB;
|
|||||||
use SilverStripe\ORM\Connect\MySQLDatabase;
|
use SilverStripe\ORM\Connect\MySQLDatabase;
|
||||||
use SilverStripe\ORM\Connect\MySQLSchemaManager;
|
use SilverStripe\ORM\Connect\MySQLSchemaManager;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\MSSQL\MSSQLDatabase;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage Testing
|
* @subpackage Testing
|
||||||
|
@ -202,7 +202,7 @@ class DBDatetimeTest extends SapphireTest {
|
|||||||
public function testFormatFromSettings() {
|
public function testFormatFromSettings() {
|
||||||
|
|
||||||
$memberID = $this->logInWithPermission();
|
$memberID = $this->logInWithPermission();
|
||||||
$member = DataObject::get_by_id('Member', $memberID);
|
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $memberID);
|
||||||
$member->DateFormat = 'dd/MM/YYYY';
|
$member->DateFormat = 'dd/MM/YYYY';
|
||||||
$member->TimeFormat = 'hh:mm:ss';
|
$member->TimeFormat = 'hh:mm:ss';
|
||||||
$member->write();
|
$member->write();
|
||||||
|
@ -4,6 +4,9 @@ use SilverStripe\ORM\DB;
|
|||||||
use SilverStripe\ORM\Connect\MySQLDatabase;
|
use SilverStripe\ORM\Connect\MySQLDatabase;
|
||||||
use SilverStripe\ORM\Queries\SQLSelect;
|
use SilverStripe\ORM\Queries\SQLSelect;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\SQLite\SQLite3Database;
|
||||||
|
use SilverStripe\PostgreSQL\PostgreSQLDatabase;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
|
@ -1,4 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\BasicAuth;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
mygroup:
|
mygroup:
|
||||||
Code: mygroup
|
Code: mygroup
|
||||||
Member:
|
SilverStripe\Security\Member:
|
||||||
user-in-mygroup:
|
user-in-mygroup:
|
||||||
Email: user-in-mygroup@test.com
|
Email: user-in-mygroup@test.com
|
||||||
Password: test
|
Password: test
|
||||||
Groups: =>Group.mygroup
|
Groups: '=>SilverStripe\Security\Group.mygroup'
|
||||||
user-without-groups:
|
user-without-groups:
|
||||||
Email: user-without-groups@test.com
|
Email: user-without-groups@test.com
|
||||||
Password: test
|
Password: test
|
||||||
@ -13,7 +13,7 @@ Member:
|
|||||||
Email: failedlogin@test.com
|
Email: failedlogin@test.com
|
||||||
Password: Password
|
Password: Password
|
||||||
FailedLoginCount: 0
|
FailedLoginCount: 0
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
mycode:
|
mycode:
|
||||||
Code: MYCODE
|
Code: MYCODE
|
||||||
Group: =>Group.mygroup
|
Group: '=>SilverStripe\Security\Group.mygroup'
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\GroupCsvBulkLoader;
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
permission1:
|
permission1:
|
||||||
Code: CODE1
|
Code: CODE1
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
existinggroup:
|
existinggroup:
|
||||||
Code: existinggroup
|
Code: existinggroup
|
||||||
Permissions: =>Permission.permission1
|
Permissions: '=>SilverStripe\Security\Permission.permission1'
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -30,9 +33,9 @@ class GroupTest extends FunctionalTest {
|
|||||||
public function testMemberGroupRelationForm() {
|
public function testMemberGroupRelationForm() {
|
||||||
Session::set('loggedInAs', $this->idFromFixture('GroupTest_Member', 'admin'));
|
Session::set('loggedInAs', $this->idFromFixture('GroupTest_Member', 'admin'));
|
||||||
|
|
||||||
$adminGroup = $this->objFromFixture('Group', 'admingroup');
|
$adminGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'admingroup');
|
||||||
$parentGroup = $this->objFromFixture('Group', 'parentgroup');
|
$parentGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'parentgroup');
|
||||||
$childGroup = $this->objFromFixture('Group', 'childgroup');
|
$childGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'childgroup');
|
||||||
|
|
||||||
// Test single group relation through checkboxsetfield
|
// Test single group relation through checkboxsetfield
|
||||||
$form = new GroupTest_MemberForm($this, 'Form');
|
$form = new GroupTest_MemberForm($this, 'Form');
|
||||||
@ -86,8 +89,8 @@ class GroupTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testCollateAncestorIDs() {
|
public function testCollateAncestorIDs() {
|
||||||
$parentGroup = $this->objFromFixture('Group', 'parentgroup');
|
$parentGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'parentgroup');
|
||||||
$childGroup = $this->objFromFixture('Group', 'childgroup');
|
$childGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'childgroup');
|
||||||
$orphanGroup = new Group();
|
$orphanGroup = new Group();
|
||||||
$orphanGroup->ParentID = 99999;
|
$orphanGroup->ParentID = 99999;
|
||||||
$orphanGroup->write();
|
$orphanGroup->write();
|
||||||
@ -110,26 +113,26 @@ class GroupTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testDelete() {
|
public function testDelete() {
|
||||||
$group = $this->objFromFixture('Group', 'parentgroup');
|
$group = $this->objFromFixture('SilverStripe\\Security\\Group', 'parentgroup');
|
||||||
$groupID = $group->ID;
|
$groupID = $group->ID;
|
||||||
$childGroupID = $this->idFromFixture('Group', 'childgroup');
|
$childGroupID = $this->idFromFixture('SilverStripe\\Security\\Group', 'childgroup');
|
||||||
$group->delete();
|
$group->delete();
|
||||||
|
|
||||||
$this->assertEquals(0, DataObject::get('Group', "\"ID\" = {$groupID}")->Count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\Group', "\"ID\" = {$groupID}")->Count(),
|
||||||
'Group is removed');
|
'Group is removed');
|
||||||
$this->assertEquals(0, DataObject::get('Permission', "\"GroupID\" = {$groupID}")->Count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\Permission', "\"GroupID\" = {$groupID}")->Count(),
|
||||||
'Permissions removed along with the group');
|
'Permissions removed along with the group');
|
||||||
$this->assertEquals(0, DataObject::get('Group', "\"ParentID\" = {$groupID}")->Count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\Group', "\"ParentID\" = {$groupID}")->Count(),
|
||||||
'Child groups are removed');
|
'Child groups are removed');
|
||||||
$this->assertEquals(0, DataObject::get('Group', "\"ParentID\" = {$childGroupID}")->Count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\Group', "\"ParentID\" = {$childGroupID}")->Count(),
|
||||||
'Grandchild groups are removed');
|
'Grandchild groups are removed');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testValidatesPrivilegeLevelOfParent() {
|
public function testValidatesPrivilegeLevelOfParent() {
|
||||||
$nonAdminUser = $this->objFromFixture('GroupTest_Member', 'childgroupuser');
|
$nonAdminUser = $this->objFromFixture('GroupTest_Member', 'childgroupuser');
|
||||||
$adminUser = $this->objFromFixture('GroupTest_Member', 'admin');
|
$adminUser = $this->objFromFixture('GroupTest_Member', 'admin');
|
||||||
$nonAdminGroup = $this->objFromFixture('Group', 'childgroup');
|
$nonAdminGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'childgroup');
|
||||||
$adminGroup = $this->objFromFixture('Group', 'admingroup');
|
$adminGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'admingroup');
|
||||||
|
|
||||||
$nonAdminValidateMethod = new ReflectionMethod($nonAdminGroup, 'validate');
|
$nonAdminValidateMethod = new ReflectionMethod($nonAdminGroup, 'validate');
|
||||||
$nonAdminValidateMethod->setAccessible(true);
|
$nonAdminValidateMethod->setAccessible(true);
|
||||||
@ -154,7 +157,7 @@ class GroupTest extends FunctionalTest {
|
|||||||
$newlyAdminGroup = $nonAdminGroup;
|
$newlyAdminGroup = $nonAdminGroup;
|
||||||
|
|
||||||
$this->logInWithPermission('ADMIN');
|
$this->logInWithPermission('ADMIN');
|
||||||
$inheritedAdminGroup = $this->objFromFixture('Group', 'group1');
|
$inheritedAdminGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'group1');
|
||||||
$inheritedAdminMethod = new ReflectionMethod($inheritedAdminGroup, 'validate');
|
$inheritedAdminMethod = new ReflectionMethod($inheritedAdminGroup, 'validate');
|
||||||
$inheritedAdminMethod->setAccessible(true);
|
$inheritedAdminMethod->setAccessible(true);
|
||||||
$inheritedAdminGroup->ParentID = $adminGroup->ID;
|
$inheritedAdminGroup->ParentID = $adminGroup->ID;
|
||||||
@ -173,7 +176,7 @@ class GroupTest extends FunctionalTest {
|
|||||||
class GroupTest_Member extends Member implements TestOnly {
|
class GroupTest_Member extends Member implements TestOnly {
|
||||||
|
|
||||||
public function getCMSFields() {
|
public function getCMSFields() {
|
||||||
$groups = DataObject::get('Group');
|
$groups = DataObject::get('SilverStripe\\Security\\Group');
|
||||||
$groupsMap = ($groups) ? $groups->map() : false;
|
$groupsMap = ($groups) ? $groups->map() : false;
|
||||||
$fields = new FieldList(
|
$fields = new FieldList(
|
||||||
new HiddenField('ID', 'ID'),
|
new HiddenField('ID', 'ID'),
|
||||||
|
@ -1,14 +1,14 @@
|
|||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admingroup:
|
admingroup:
|
||||||
Code: admingroup
|
Code: admingroup
|
||||||
parentgroup:
|
parentgroup:
|
||||||
Code: parentgroup
|
Code: parentgroup
|
||||||
childgroup:
|
childgroup:
|
||||||
Code: childgroup
|
Code: childgroup
|
||||||
Parent: =>Group.parentgroup
|
Parent: '=>SilverStripe\Security\Group.parentgroup'
|
||||||
grandchildgroup:
|
grandchildgroup:
|
||||||
Code: grandchildgroup
|
Code: grandchildgroup
|
||||||
Parent: =>Group.childgroup
|
Parent: '=>SilverStripe\Security\Group.childgroup'
|
||||||
group1:
|
group1:
|
||||||
Title: Group 1
|
Title: Group 1
|
||||||
group2:
|
group2:
|
||||||
@ -16,17 +16,17 @@ Group:
|
|||||||
GroupTest_Member:
|
GroupTest_Member:
|
||||||
admin:
|
admin:
|
||||||
FirstName: Admin
|
FirstName: Admin
|
||||||
Groups: =>Group.admingroup
|
Groups: '=>SilverStripe\Security\Group.admingroup'
|
||||||
parentgroupuser:
|
parentgroupuser:
|
||||||
FirstName: Parent Group User
|
FirstName: Parent Group User
|
||||||
Groups: =>Group.parentgroup
|
Groups: '=>SilverStripe\Security\Group.parentgroup'
|
||||||
childgroupuser:
|
childgroupuser:
|
||||||
FirstName: Child Group User
|
FirstName: Child Group User
|
||||||
Groups: =>Group.childgroup
|
Groups: '=>SilverStripe\Security\Group.childgroup'
|
||||||
allgroupuser:
|
allgroupuser:
|
||||||
FirstName: All Group User
|
FirstName: All Group User
|
||||||
Groups: =>Group.admingroup,=>Group.parentgroup,=>Group.childgroup
|
Groups: '=>SilverStripe\Security\Group.admingroup,=>SilverStripe\Security\Group.parentgroup,=>SilverStripe\Security\Group.childgroup'
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
admincode:
|
admincode:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Group: =>Group.admingroup
|
Group: '=>SilverStripe\Security\Group.admingroup'
|
||||||
|
@ -2,6 +2,12 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\MemberAuthenticator;
|
||||||
|
use SilverStripe\Security\MemberLoginForm;
|
||||||
|
use SilverStripe\Security\CMSMemberLoginForm;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -43,15 +49,18 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
);
|
);
|
||||||
MemberAuthenticator::authenticate($data);
|
MemberAuthenticator::authenticate($data);
|
||||||
|
|
||||||
$member = DataObject::get_by_id('Member', $member->ID);
|
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $member->ID);
|
||||||
$this->assertEquals($member->PasswordEncryption, "sha1_v2.4");
|
$this->assertEquals($member->PasswordEncryption, "sha1_v2.4");
|
||||||
$result = $member->checkPassword('mypassword');
|
$result = $member->checkPassword('mypassword');
|
||||||
$this->assertTrue($result->valid());
|
$this->assertTrue($result->valid());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {
|
public function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('crc32'=>array('PasswordEncryptor_PHPHash'=>'crc32')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
array('crc32' => array('SilverStripe\\Security\\PasswordEncryptor_PHPHash' => 'crc32'))
|
||||||
|
);
|
||||||
$field=Member::config()->unique_identifier_field;
|
$field=Member::config()->unique_identifier_field;
|
||||||
|
|
||||||
$member = new Member();
|
$member = new Member();
|
||||||
@ -66,7 +75,7 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
);
|
);
|
||||||
MemberAuthenticator::authenticate($data);
|
MemberAuthenticator::authenticate($data);
|
||||||
|
|
||||||
$member = DataObject::get_by_id('Member', $member->ID);
|
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $member->ID);
|
||||||
$this->assertEquals($member->PasswordEncryption, "crc32");
|
$this->assertEquals($member->PasswordEncryption, "crc32");
|
||||||
$result = $member->checkPassword('mypassword');
|
$result = $member->checkPassword('mypassword');
|
||||||
$this->assertTrue($result->valid());
|
$this->assertTrue($result->valid());
|
||||||
@ -77,7 +86,7 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
$origField = Member::config()->unique_identifier_field;
|
$origField = Member::config()->unique_identifier_field;
|
||||||
Member::config()->unique_identifier_field = 'Username';
|
Member::config()->unique_identifier_field = 'Username';
|
||||||
|
|
||||||
$label=singleton('Member')->fieldLabel(Member::config()->unique_identifier_field);
|
$label=singleton('SilverStripe\\Security\\Member')->fieldLabel(Member::config()->unique_identifier_field);
|
||||||
|
|
||||||
$this->assertEquals($label, 'Username');
|
$this->assertEquals($label, 'Username');
|
||||||
|
|
||||||
@ -170,8 +179,8 @@ class MemberAuthenticatorTest extends SapphireTest {
|
|||||||
|
|
||||||
public function testDefaultAdminLockOut()
|
public function testDefaultAdminLockOut()
|
||||||
{
|
{
|
||||||
Config::inst()->update('Member', 'lock_out_after_incorrect_logins', 1);
|
Config::inst()->update('SilverStripe\\Security\\Member', 'lock_out_after_incorrect_logins', 1);
|
||||||
Config::inst()->update('Member', 'lock_out_delay_mins', 10);
|
Config::inst()->update('SilverStripe\\Security\\Member', 'lock_out_delay_mins', 10);
|
||||||
DBDatetime::set_mock_now('2016-04-18 00:00:00');
|
DBDatetime::set_mock_now('2016-04-18 00:00:00');
|
||||||
$controller = new Security();
|
$controller = new Security();
|
||||||
$form = new Form($controller, 'Form', new FieldList(), new FieldList());
|
$form = new Form($controller, 'Form', new FieldList(), new FieldList());
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\MemberCsvBulkLoader;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -35,7 +39,7 @@ class MemberCsvBulkLoaderTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testAddToPredefinedGroups() {
|
public function testAddToPredefinedGroups() {
|
||||||
$existinggroup = $this->objFromFixture('Group', 'existinggroup');
|
$existinggroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'existinggroup');
|
||||||
|
|
||||||
$loader = new MemberCsvBulkLoader();
|
$loader = new MemberCsvBulkLoader();
|
||||||
$loader->setGroups(array($existinggroup));
|
$loader->setGroups(array($existinggroup));
|
||||||
@ -51,12 +55,12 @@ class MemberCsvBulkLoaderTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testAddToCsvColumnGroupsByCode() {
|
public function testAddToCsvColumnGroupsByCode() {
|
||||||
$existinggroup = $this->objFromFixture('Group', 'existinggroup');
|
$existinggroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'existinggroup');
|
||||||
|
|
||||||
$loader = new MemberCsvBulkLoader();
|
$loader = new MemberCsvBulkLoader();
|
||||||
$results = $loader->load($this->getCurrentRelativePath() . '/MemberCsvBulkLoaderTest_withGroups.csv');
|
$results = $loader->load($this->getCurrentRelativePath() . '/MemberCsvBulkLoaderTest_withGroups.csv');
|
||||||
|
|
||||||
$newgroup = DataObject::get_one('Group', array(
|
$newgroup = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => 'newgroup'
|
'"Group"."Code"' => 'newgroup'
|
||||||
));
|
));
|
||||||
$this->assertEquals($newgroup->Title, 'newgroup');
|
$this->assertEquals($newgroup->Title, 'newgroup');
|
||||||
@ -78,7 +82,7 @@ class MemberCsvBulkLoaderTest extends SapphireTest {
|
|||||||
$member = $results->Created()->First();
|
$member = $results->Created()->First();
|
||||||
$memberID = $member->ID;
|
$memberID = $member->ID;
|
||||||
DataObject::flush_and_destroy_cache();
|
DataObject::flush_and_destroy_cache();
|
||||||
$member = DataObject::get_by_id('Member', $memberID);
|
$member = DataObject::get_by_id('SilverStripe\\Security\\Member', $memberID);
|
||||||
|
|
||||||
// TODO Direct getter doesn't work, wtf!
|
// TODO Direct getter doesn't work, wtf!
|
||||||
$this->assertEquals(Security::config()->password_encryption_algorithm, $member->getField('PasswordEncryption'));
|
$this->assertEquals(Security::config()->password_encryption_algorithm, $member->getField('PasswordEncryption'));
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
existinggroup:
|
existinggroup:
|
||||||
Code: existinggroup
|
Code: existinggroup
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
existingauthor:
|
existingauthor:
|
||||||
Email: existingauthor@test.com
|
Email: existingauthor@test.com
|
||||||
FirstName: Existing Author
|
FirstName: Existing Author
|
||||||
|
@ -4,6 +4,16 @@ use SilverStripe\ORM\DataObject;
|
|||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\DataExtension;
|
use SilverStripe\ORM\DataExtension;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\MemberPassword;
|
||||||
|
use SilverStripe\Security\Group;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\PasswordEncryptor_Blowfish;
|
||||||
|
use SilverStripe\Security\RememberLoginHash;
|
||||||
|
use SilverStripe\Security\Member_Validator;
|
||||||
|
use SilverStripe\Security\PasswordValidator;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
@ -16,7 +26,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
protected $local = null;
|
protected $local = null;
|
||||||
|
|
||||||
protected $illegalExtensions = array(
|
protected $illegalExtensions = array(
|
||||||
'Member' => array(
|
'SilverStripe\\Security\\Member' => array(
|
||||||
// TODO Coupling with modules, this should be resolved by automatically
|
// TODO Coupling with modules, this should be resolved by automatically
|
||||||
// removing all applied extensions before a unit test
|
// removing all applied extensions before a unit test
|
||||||
'ForumRole',
|
'ForumRole',
|
||||||
@ -140,7 +150,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testSetPassword() {
|
public function testSetPassword() {
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$member->Password = "test1";
|
$member->Password = "test1";
|
||||||
$member->write();
|
$member->write();
|
||||||
$result = $member->checkPassword('test1');
|
$result = $member->checkPassword('test1');
|
||||||
@ -151,7 +161,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Test that password changes are logged properly
|
* Test that password changes are logged properly
|
||||||
*/
|
*/
|
||||||
public function testPasswordChangeLogging() {
|
public function testPasswordChangeLogging() {
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
$member->Password = "test1";
|
$member->Password = "test1";
|
||||||
$member->write();
|
$member->write();
|
||||||
@ -162,7 +172,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
$member->Password = "test3";
|
$member->Password = "test3";
|
||||||
$member->write();
|
$member->write();
|
||||||
|
|
||||||
$passwords = DataObject::get("MemberPassword", "\"MemberID\" = $member->ID", "\"Created\" DESC, \"ID\" DESC")
|
$passwords = DataObject::get("SilverStripe\\Security\\MemberPassword", "\"MemberID\" = $member->ID", "\"Created\" DESC, \"ID\" DESC")
|
||||||
->getIterator();
|
->getIterator();
|
||||||
$this->assertNotNull($passwords);
|
$this->assertNotNull($passwords);
|
||||||
$passwords->rewind();
|
$passwords->rewind();
|
||||||
@ -191,11 +201,11 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Test that changed passwords will send an email
|
* Test that changed passwords will send an email
|
||||||
*/
|
*/
|
||||||
public function testChangedPasswordEmaling() {
|
public function testChangedPasswordEmaling() {
|
||||||
Config::inst()->update('Member', 'notify_password_change', true);
|
Config::inst()->update('SilverStripe\\Security\\Member', 'notify_password_change', true);
|
||||||
|
|
||||||
$this->clearEmails();
|
$this->clearEmails();
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
$valid = $member->changePassword('32asDF##$$%%');
|
$valid = $member->changePassword('32asDF##$$%%');
|
||||||
$this->assertTrue($valid->valid());
|
$this->assertTrue($valid->valid());
|
||||||
@ -212,7 +222,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
$this->clearEmails();
|
$this->clearEmails();
|
||||||
$this->autoFollowRedirection = false;
|
$this->autoFollowRedirection = false;
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
|
|
||||||
// Initiate a password-reset
|
// Initiate a password-reset
|
||||||
@ -236,7 +246,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
* - at least 7 characters long
|
* - at least 7 characters long
|
||||||
*/
|
*/
|
||||||
public function testValidatePassword() {
|
public function testValidatePassword() {
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
|
|
||||||
Member::set_password_validator(new MemberTest_PasswordValidator());
|
Member::set_password_validator(new MemberTest_PasswordValidator());
|
||||||
@ -320,7 +330,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testPasswordExpirySetting() {
|
public function testPasswordExpirySetting() {
|
||||||
Member::config()->password_expiry_days = 90;
|
Member::config()->password_expiry_days = 90;
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
$valid = $member->changePassword("Xx?1234234");
|
$valid = $member->changePassword("Xx?1234234");
|
||||||
$this->assertTrue($valid->valid());
|
$this->assertTrue($valid->valid());
|
||||||
@ -336,15 +346,15 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testIsPasswordExpired() {
|
public function testIsPasswordExpired() {
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$this->assertNotNull($member);
|
$this->assertNotNull($member);
|
||||||
$this->assertFalse($member->isPasswordExpired());
|
$this->assertFalse($member->isPasswordExpired());
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'noexpiry');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'noexpiry');
|
||||||
$member->PasswordExpiry = null;
|
$member->PasswordExpiry = null;
|
||||||
$this->assertFalse($member->isPasswordExpired());
|
$this->assertFalse($member->isPasswordExpired());
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'expiredpassword');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'expiredpassword');
|
||||||
$this->assertTrue($member->isPasswordExpired());
|
$this->assertTrue($member->isPasswordExpired());
|
||||||
|
|
||||||
// Check the boundary conditions
|
// Check the boundary conditions
|
||||||
@ -361,21 +371,21 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testMemberWithNoDateFormatFallsbackToGlobalLocaleDefaultFormat() {
|
public function testMemberWithNoDateFormatFallsbackToGlobalLocaleDefaultFormat() {
|
||||||
Config::inst()->update('i18n', 'date_format', 'yyyy-MM-dd');
|
Config::inst()->update('i18n', 'date_format', 'yyyy-MM-dd');
|
||||||
Config::inst()->update('i18n', 'time_format', 'H:mm');
|
Config::inst()->update('i18n', 'time_format', 'H:mm');
|
||||||
$member = $this->objFromFixture('Member', 'noformatmember');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember');
|
||||||
$this->assertEquals('yyyy-MM-dd', $member->DateFormat);
|
$this->assertEquals('yyyy-MM-dd', $member->DateFormat);
|
||||||
$this->assertEquals('H:mm', $member->TimeFormat);
|
$this->assertEquals('H:mm', $member->TimeFormat);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testInGroups() {
|
public function testInGroups() {
|
||||||
$staffmember = $this->objFromFixture('Member', 'staffmember');
|
$staffmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
$managementmember = $this->objFromFixture('Member', 'managementmember');
|
$managementmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'managementmember');
|
||||||
$accountingmember = $this->objFromFixture('Member', 'accountingmember');
|
$accountingmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'accountingmember');
|
||||||
$ceomember = $this->objFromFixture('Member', 'ceomember');
|
$ceomember = $this->objFromFixture('SilverStripe\\Security\\Member', 'ceomember');
|
||||||
|
|
||||||
$staffgroup = $this->objFromFixture('Group', 'staffgroup');
|
$staffgroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'staffgroup');
|
||||||
$managementgroup = $this->objFromFixture('Group', 'managementgroup');
|
$managementgroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'managementgroup');
|
||||||
$accountinggroup = $this->objFromFixture('Group', 'accountinggroup');
|
$accountinggroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'accountinggroup');
|
||||||
$ceogroup = $this->objFromFixture('Group', 'ceogroup');
|
$ceogroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'ceogroup');
|
||||||
|
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$staffmember->inGroups(array($staffgroup, $managementgroup)),
|
$staffmember->inGroups(array($staffgroup, $managementgroup)),
|
||||||
@ -392,8 +402,8 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testAddToGroupByCode() {
|
public function testAddToGroupByCode() {
|
||||||
$grouplessMember = $this->objFromFixture('Member', 'grouplessmember');
|
$grouplessMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'grouplessmember');
|
||||||
$memberlessGroup = $this->objFromFixture('Group','memberlessgroup');
|
$memberlessGroup = $this->objFromFixture('SilverStripe\\Security\\Group','memberlessgroup');
|
||||||
|
|
||||||
$this->assertFalse($grouplessMember->Groups()->exists());
|
$this->assertFalse($grouplessMember->Groups()->exists());
|
||||||
$this->assertFalse($memberlessGroup->Members()->exists());
|
$this->assertFalse($memberlessGroup->Members()->exists());
|
||||||
@ -406,7 +416,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
$grouplessMember->addToGroupByCode('somegroupthatwouldneverexist', 'New Group');
|
$grouplessMember->addToGroupByCode('somegroupthatwouldneverexist', 'New Group');
|
||||||
$this->assertEquals($grouplessMember->Groups()->Count(), 2);
|
$this->assertEquals($grouplessMember->Groups()->Count(), 2);
|
||||||
|
|
||||||
$group = DataObject::get_one('Group', array(
|
$group = DataObject::get_one('SilverStripe\\Security\\Group', array(
|
||||||
'"Group"."Code"' => 'somegroupthatwouldneverexist'
|
'"Group"."Code"' => 'somegroupthatwouldneverexist'
|
||||||
));
|
));
|
||||||
$this->assertNotNull($group);
|
$this->assertNotNull($group);
|
||||||
@ -416,8 +426,8 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testRemoveFromGroupByCode() {
|
public function testRemoveFromGroupByCode() {
|
||||||
$grouplessMember = $this->objFromFixture('Member', 'grouplessmember');
|
$grouplessMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'grouplessmember');
|
||||||
$memberlessGroup = $this->objFromFixture('Group','memberlessgroup');
|
$memberlessGroup = $this->objFromFixture('SilverStripe\\Security\\Group','memberlessgroup');
|
||||||
|
|
||||||
$this->assertFalse($grouplessMember->Groups()->exists());
|
$this->assertFalse($grouplessMember->Groups()->exists());
|
||||||
$this->assertFalse($memberlessGroup->Members()->exists());
|
$this->assertFalse($memberlessGroup->Members()->exists());
|
||||||
@ -430,7 +440,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
$grouplessMember->addToGroupByCode('somegroupthatwouldneverexist', 'New Group');
|
$grouplessMember->addToGroupByCode('somegroupthatwouldneverexist', 'New Group');
|
||||||
$this->assertEquals($grouplessMember->Groups()->Count(), 2);
|
$this->assertEquals($grouplessMember->Groups()->Count(), 2);
|
||||||
|
|
||||||
$group = DataObject::get_one('Group', "\"Code\" = 'somegroupthatwouldneverexist'");
|
$group = DataObject::get_one('SilverStripe\\Security\\Group', "\"Code\" = 'somegroupthatwouldneverexist'");
|
||||||
$this->assertNotNull($group);
|
$this->assertNotNull($group);
|
||||||
$this->assertEquals($group->Code, 'somegroupthatwouldneverexist');
|
$this->assertEquals($group->Code, 'somegroupthatwouldneverexist');
|
||||||
$this->assertEquals($group->Title, 'New Group');
|
$this->assertEquals($group->Title, 'New Group');
|
||||||
@ -444,15 +454,15 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testInGroup() {
|
public function testInGroup() {
|
||||||
$staffmember = $this->objFromFixture('Member', 'staffmember');
|
$staffmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
$managementmember = $this->objFromFixture('Member', 'managementmember');
|
$managementmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'managementmember');
|
||||||
$accountingmember = $this->objFromFixture('Member', 'accountingmember');
|
$accountingmember = $this->objFromFixture('SilverStripe\\Security\\Member', 'accountingmember');
|
||||||
$ceomember = $this->objFromFixture('Member', 'ceomember');
|
$ceomember = $this->objFromFixture('SilverStripe\\Security\\Member', 'ceomember');
|
||||||
|
|
||||||
$staffgroup = $this->objFromFixture('Group', 'staffgroup');
|
$staffgroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'staffgroup');
|
||||||
$managementgroup = $this->objFromFixture('Group', 'managementgroup');
|
$managementgroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'managementgroup');
|
||||||
$accountinggroup = $this->objFromFixture('Group', 'accountinggroup');
|
$accountinggroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'accountinggroup');
|
||||||
$ceogroup = $this->objFromFixture('Group', 'ceogroup');
|
$ceogroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'ceogroup');
|
||||||
|
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$staffmember->inGroup($staffgroup),
|
$staffmember->inGroup($staffgroup),
|
||||||
@ -501,9 +511,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
* edit and delete their own record too.
|
* edit and delete their own record too.
|
||||||
*/
|
*/
|
||||||
public function testCanManipulateOwnRecord() {
|
public function testCanManipulateOwnRecord() {
|
||||||
$extensions = $this->removeExtensions(Object::get_extensions('Member'));
|
$extensions = $this->removeExtensions(Object::get_extensions('SilverStripe\\Security\\Member'));
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$member2 = $this->objFromFixture('Member', 'staffmember');
|
$member2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
|
|
||||||
$this->session()->inst_set('loggedInAs', null);
|
$this->session()->inst_set('loggedInAs', null);
|
||||||
|
|
||||||
@ -529,9 +539,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testAuthorisedMembersCanManipulateOthersRecords() {
|
public function testAuthorisedMembersCanManipulateOthersRecords() {
|
||||||
$extensions = $this->removeExtensions(Object::get_extensions('Member'));
|
$extensions = $this->removeExtensions(Object::get_extensions('SilverStripe\\Security\\Member'));
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$member2 = $this->objFromFixture('Member', 'staffmember');
|
$member2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
|
|
||||||
/* Group members with SecurityAdmin permissions can manipulate other records */
|
/* Group members with SecurityAdmin permissions can manipulate other records */
|
||||||
$this->session()->inst_set('loggedInAs', $member->ID);
|
$this->session()->inst_set('loggedInAs', $member->ID);
|
||||||
@ -544,8 +554,8 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testExtendedCan() {
|
public function testExtendedCan() {
|
||||||
$extensions = $this->removeExtensions(Object::get_extensions('Member'));
|
$extensions = $this->removeExtensions(Object::get_extensions('SilverStripe\\Security\\Member'));
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
|
|
||||||
/* Normal behaviour is that you can't view a member unless canView() on an extension returns true */
|
/* Normal behaviour is that you can't view a member unless canView() on an extension returns true */
|
||||||
$this->assertFalse($member->canView());
|
$this->assertFalse($member->canView());
|
||||||
@ -554,7 +564,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
|
|
||||||
/* Apply a extension that allows viewing in any case (most likely the case for member profiles) */
|
/* Apply a extension that allows viewing in any case (most likely the case for member profiles) */
|
||||||
Member::add_extension('MemberTest_ViewingAllowedExtension');
|
Member::add_extension('MemberTest_ViewingAllowedExtension');
|
||||||
$member2 = $this->objFromFixture('Member', 'staffmember');
|
$member2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
|
|
||||||
$this->assertTrue($member2->canView());
|
$this->assertTrue($member2->canView());
|
||||||
$this->assertFalse($member2->canDelete());
|
$this->assertFalse($member2->canDelete());
|
||||||
@ -563,7 +573,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
/* Apply a extension that denies viewing of the Member */
|
/* Apply a extension that denies viewing of the Member */
|
||||||
Member::remove_extension('MemberTest_ViewingAllowedExtension');
|
Member::remove_extension('MemberTest_ViewingAllowedExtension');
|
||||||
Member::add_extension('MemberTest_ViewingDeniedExtension');
|
Member::add_extension('MemberTest_ViewingDeniedExtension');
|
||||||
$member3 = $this->objFromFixture('Member', 'managementmember');
|
$member3 = $this->objFromFixture('SilverStripe\\Security\\Member', 'managementmember');
|
||||||
|
|
||||||
$this->assertFalse($member3->canView());
|
$this->assertFalse($member3->canView());
|
||||||
$this->assertFalse($member3->canDelete());
|
$this->assertFalse($member3->canDelete());
|
||||||
@ -572,7 +582,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
/* Apply a extension that allows viewing and editing but denies deletion */
|
/* Apply a extension that allows viewing and editing but denies deletion */
|
||||||
Member::remove_extension('MemberTest_ViewingDeniedExtension');
|
Member::remove_extension('MemberTest_ViewingDeniedExtension');
|
||||||
Member::add_extension('MemberTest_EditingAllowedDeletingDeniedExtension');
|
Member::add_extension('MemberTest_EditingAllowedDeletingDeniedExtension');
|
||||||
$member4 = $this->objFromFixture('Member', 'accountingmember');
|
$member4 = $this->objFromFixture('SilverStripe\\Security\\Member', 'accountingmember');
|
||||||
|
|
||||||
$this->assertTrue($member4->canView());
|
$this->assertTrue($member4->canView());
|
||||||
$this->assertFalse($member4->canDelete());
|
$this->assertFalse($member4->canDelete());
|
||||||
@ -586,7 +596,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Tests for {@link Member::getName()} and {@link Member::setName()}
|
* Tests for {@link Member::getName()} and {@link Member::setName()}
|
||||||
*/
|
*/
|
||||||
public function testName() {
|
public function testName() {
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$member->setName('Test Some User');
|
$member->setName('Test Some User');
|
||||||
$this->assertEquals('Test Some User', $member->getName());
|
$this->assertEquals('Test Some User', $member->getName());
|
||||||
$member->setName('Test');
|
$member->setName('Test');
|
||||||
@ -597,10 +607,10 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testMembersWithSecurityAdminAccessCantEditAdminsUnlessTheyreAdminsThemselves() {
|
public function testMembersWithSecurityAdminAccessCantEditAdminsUnlessTheyreAdminsThemselves() {
|
||||||
$adminMember = $this->objFromFixture('Member', 'admin');
|
$adminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$otherAdminMember = $this->objFromFixture('Member', 'other-admin');
|
$otherAdminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'other-admin');
|
||||||
$securityAdminMember = $this->objFromFixture('Member', 'test');
|
$securityAdminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$ceoMember = $this->objFromFixture('Member', 'ceomember');
|
$ceoMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'ceomember');
|
||||||
|
|
||||||
// Careful: Don't read as english language.
|
// Careful: Don't read as english language.
|
||||||
// More precisely this should read canBeEditedBy()
|
// More precisely this should read canBeEditedBy()
|
||||||
@ -615,9 +625,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testOnChangeGroups() {
|
public function testOnChangeGroups() {
|
||||||
$staffGroup = $this->objFromFixture('Group', 'staffgroup');
|
$staffGroup = $this->objFromFixture('SilverStripe\\Security\\Group', 'staffgroup');
|
||||||
$staffMember = $this->objFromFixture('Member', 'staffmember');
|
$staffMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
$adminMember = $this->objFromFixture('Member', 'admin');
|
$adminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
||||||
$newAdminGroup->write();
|
$newAdminGroup->write();
|
||||||
Permission::grant($newAdminGroup->ID, 'ADMIN');
|
Permission::grant($newAdminGroup->ID, 'ADMIN');
|
||||||
@ -654,8 +664,8 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Test Member_GroupSet::add
|
* Test Member_GroupSet::add
|
||||||
*/
|
*/
|
||||||
public function testOnChangeGroupsByAdd() {
|
public function testOnChangeGroupsByAdd() {
|
||||||
$staffMember = $this->objFromFixture('Member', 'staffmember');
|
$staffMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
$adminMember = $this->objFromFixture('Member', 'admin');
|
$adminMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
|
|
||||||
// Setup new admin group
|
// Setup new admin group
|
||||||
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
||||||
@ -704,7 +714,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Test Member_GroupSet::add
|
* Test Member_GroupSet::add
|
||||||
*/
|
*/
|
||||||
public function testOnChangeGroupsBySetIDList() {
|
public function testOnChangeGroupsBySetIDList() {
|
||||||
$staffMember = $this->objFromFixture('Member', 'staffmember');
|
$staffMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'staffmember');
|
||||||
|
|
||||||
// Setup new admin group
|
// Setup new admin group
|
||||||
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
$newAdminGroup = new Group(array('Title' => 'newadmin'));
|
||||||
@ -726,7 +736,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testUpdateCMSFields() {
|
public function testUpdateCMSFields() {
|
||||||
Member::add_extension('MemberTest_FieldsExtension');
|
Member::add_extension('MemberTest_FieldsExtension');
|
||||||
|
|
||||||
$member = singleton('Member');
|
$member = singleton('SilverStripe\\Security\\Member');
|
||||||
$fields = $member->getCMSFields();
|
$fields = $member->getCMSFields();
|
||||||
|
|
||||||
$this->assertNotNull($fields->dataFieldByName('Email'), 'Scaffolded fields are retained');
|
$this->assertNotNull($fields->dataFieldByName('Email'), 'Scaffolded fields are retained');
|
||||||
@ -748,11 +758,11 @@ class MemberTest extends FunctionalTest {
|
|||||||
* Test that only admin members are returned
|
* Test that only admin members are returned
|
||||||
*/
|
*/
|
||||||
public function testMap_in_groupsReturnsAdmins() {
|
public function testMap_in_groupsReturnsAdmins() {
|
||||||
$adminID = $this->objFromFixture('Group', 'admingroup')->ID;
|
$adminID = $this->objFromFixture('SilverStripe\\Security\\Group', 'admingroup')->ID;
|
||||||
$members = Member::map_in_groups($adminID)->toArray();
|
$members = Member::map_in_groups($adminID)->toArray();
|
||||||
|
|
||||||
$admin = $this->objFromFixture('Member', 'admin');
|
$admin = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$otherAdmin = $this->objFromFixture('Member', 'other-admin');
|
$otherAdmin = $this->objFromFixture('SilverStripe\\Security\\Member', 'other-admin');
|
||||||
|
|
||||||
$this->assertTrue(in_array($admin->getTitle(), $members),
|
$this->assertTrue(in_array($admin->getTitle(), $members),
|
||||||
$admin->getTitle().' should be in the returned list.');
|
$admin->getTitle().' should be in the returned list.');
|
||||||
@ -822,7 +832,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testRememberMeHashGeneration() {
|
public function testRememberMeHashGeneration() {
|
||||||
$m1 = $this->objFromFixture('Member', 'grouplessmember');
|
$m1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'grouplessmember');
|
||||||
|
|
||||||
$m1->login(true);
|
$m1->login(true);
|
||||||
$hashes = RememberLoginHash::get()->filter('MemberID', $m1->ID);
|
$hashes = RememberLoginHash::get()->filter('MemberID', $m1->ID);
|
||||||
@ -833,9 +843,10 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testRememberMeHashAutologin() {
|
public function testRememberMeHashAutologin() {
|
||||||
$m1 = $this->objFromFixture('Member', 'noexpiry');
|
/** @var Member $m1 */
|
||||||
|
$m1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'noexpiry');
|
||||||
|
|
||||||
$m1->login(true);
|
$m1->logIn(true);
|
||||||
$firstHash = RememberLoginHash::get()->filter('MemberID', $m1->ID)->First();
|
$firstHash = RememberLoginHash::get()->filter('MemberID', $m1->ID)->First();
|
||||||
$this->assertNotNull($firstHash);
|
$this->assertNotNull($firstHash);
|
||||||
|
|
||||||
@ -892,7 +903,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
array(
|
array(
|
||||||
'Email' => $m1->Email,
|
'Email' => $m1->Email,
|
||||||
'Password' => '1nitialPassword',
|
'Password' => '1nitialPassword',
|
||||||
'AuthenticationMethod' => 'MemberAuthenticator',
|
'AuthenticationMethod' => 'SilverStripe\\Security\\MemberAuthenticator',
|
||||||
'action_dologin' => 'action_dologin'
|
'action_dologin' => 'action_dologin'
|
||||||
),
|
),
|
||||||
null,
|
null,
|
||||||
@ -907,7 +918,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testExpiredRememberMeHashAutologin() {
|
public function testExpiredRememberMeHashAutologin() {
|
||||||
$m1 = $this->objFromFixture('Member', 'noexpiry');
|
$m1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'noexpiry');
|
||||||
|
|
||||||
$m1->login(true);
|
$m1->login(true);
|
||||||
$firstHash = RememberLoginHash::get()->filter('MemberID', $m1->ID)->First();
|
$firstHash = RememberLoginHash::get()->filter('MemberID', $m1->ID)->First();
|
||||||
@ -962,7 +973,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testRememberMeMultipleDevices() {
|
public function testRememberMeMultipleDevices() {
|
||||||
$m1 = $this->objFromFixture('Member', 'noexpiry');
|
$m1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'noexpiry');
|
||||||
|
|
||||||
// First device
|
// First device
|
||||||
$m1->login(true);
|
$m1->login(true);
|
||||||
@ -1021,10 +1032,10 @@ class MemberTest extends FunctionalTest {
|
|||||||
);
|
);
|
||||||
$this->assertContains($message, $response->getBody());
|
$this->assertContains($message, $response->getBody());
|
||||||
|
|
||||||
$logout_across_devices = Config::inst()->get('RememberLoginHash', 'logout_across_devices');
|
$logout_across_devices = Config::inst()->get('SilverStripe\\Security\\RememberLoginHash', 'logout_across_devices');
|
||||||
|
|
||||||
// Logging out from the second device - only one device being logged out
|
// Logging out from the second device - only one device being logged out
|
||||||
Config::inst()->update('RememberLoginHash', 'logout_across_devices', false);
|
Config::inst()->update('SilverStripe\\Security\\RememberLoginHash', 'logout_across_devices', false);
|
||||||
$response = $this->get(
|
$response = $this->get(
|
||||||
'Security/logout',
|
'Security/logout',
|
||||||
$this->session(),
|
$this->session(),
|
||||||
@ -1040,7 +1051,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
);
|
);
|
||||||
|
|
||||||
// Logging out from any device when all login hashes should be removed
|
// Logging out from any device when all login hashes should be removed
|
||||||
Config::inst()->update('RememberLoginHash', 'logout_across_devices', true);
|
Config::inst()->update('SilverStripe\\Security\\RememberLoginHash', 'logout_across_devices', true);
|
||||||
$m1->login(true);
|
$m1->login(true);
|
||||||
$response = $this->get('Security/logout', $this->session());
|
$response = $this->get('Security/logout', $this->session());
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
@ -1048,14 +1059,14 @@ class MemberTest extends FunctionalTest {
|
|||||||
0
|
0
|
||||||
);
|
);
|
||||||
|
|
||||||
Config::inst()->update('RememberLoginHash', 'logout_across_devices', $logout_across_devices);
|
Config::inst()->update('SilverStripe\\Security\\RememberLoginHash', 'logout_across_devices', $logout_across_devices);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testCanDelete() {
|
public function testCanDelete() {
|
||||||
$admin1 = $this->objFromFixture('Member', 'admin');
|
$admin1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$admin2 = $this->objFromFixture('Member', 'other-admin');
|
$admin2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'other-admin');
|
||||||
$member1 = $this->objFromFixture('Member', 'grouplessmember');
|
$member1 = $this->objFromFixture('SilverStripe\\Security\\Member', 'grouplessmember');
|
||||||
$member2 = $this->objFromFixture('Member', 'noformatmember');
|
$member2 = $this->objFromFixture('SilverStripe\\Security\\Member', 'noformatmember');
|
||||||
|
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$admin1->canDelete($admin2),
|
$admin1->canDelete($admin2),
|
||||||
@ -1083,9 +1094,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
$maxFailedLoginsAllowed = 3;
|
$maxFailedLoginsAllowed = 3;
|
||||||
//set up the config variables to enable login lockouts
|
//set up the config variables to enable login lockouts
|
||||||
Config::nest();
|
Config::nest();
|
||||||
Config::inst()->update('Member', 'lock_out_after_incorrect_logins', $maxFailedLoginsAllowed);
|
Config::inst()->update('SilverStripe\\Security\\Member', 'lock_out_after_incorrect_logins', $maxFailedLoginsAllowed);
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'test');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$failedLoginCount = $member->FailedLoginCount;
|
$failedLoginCount = $member->FailedLoginCount;
|
||||||
|
|
||||||
for ($i = 1; $i < $maxFailedLoginsAllowed; ++$i) {
|
for ($i = 1; $i < $maxFailedLoginsAllowed; ++$i) {
|
||||||
@ -1107,9 +1118,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testMemberValidator()
|
public function testMemberValidator()
|
||||||
{
|
{
|
||||||
// clear custom requirements for this test
|
// clear custom requirements for this test
|
||||||
Config::inst()->update('Member_Validator', 'customRequired', null);
|
Config::inst()->update('SilverStripe\\Security\\Member_Validator', 'customRequired', null);
|
||||||
$memberA = $this->objFromFixture('Member', 'admin');
|
$memberA = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
$memberB = $this->objFromFixture('Member', 'test');
|
$memberB = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
|
|
||||||
// create a blank form
|
// create a blank form
|
||||||
$form = new MemberTest_ValidatorForm();
|
$form = new MemberTest_ValidatorForm();
|
||||||
@ -1173,7 +1184,7 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testMemberValidatorWithExtensions()
|
public function testMemberValidatorWithExtensions()
|
||||||
{
|
{
|
||||||
// clear custom requirements for this test
|
// clear custom requirements for this test
|
||||||
Config::inst()->update('Member_Validator', 'customRequired', null);
|
Config::inst()->update('SilverStripe\\Security\\Member_Validator', 'customRequired', null);
|
||||||
|
|
||||||
// create a blank form
|
// create a blank form
|
||||||
$form = new MemberTest_ValidatorForm();
|
$form = new MemberTest_ValidatorForm();
|
||||||
@ -1231,9 +1242,9 @@ class MemberTest extends FunctionalTest {
|
|||||||
public function testCustomMemberValidator()
|
public function testCustomMemberValidator()
|
||||||
{
|
{
|
||||||
// clear custom requirements for this test
|
// clear custom requirements for this test
|
||||||
Config::inst()->update('Member_Validator', 'customRequired', null);
|
Config::inst()->update('SilverStripe\\Security\\Member_Validator', 'customRequired', null);
|
||||||
|
|
||||||
$member = $this->objFromFixture('Member', 'admin');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'admin');
|
||||||
|
|
||||||
$form = new MemberTest_ValidatorForm();
|
$form = new MemberTest_ValidatorForm();
|
||||||
$form->loadDataFrom($member);
|
$form->loadDataFrom($member);
|
||||||
|
@ -1,51 +1,51 @@
|
|||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
admin:
|
admin:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
security-admin:
|
security-admin:
|
||||||
Code: CMS_ACCESS_SecurityAdmin
|
Code: CMS_ACCESS_SecurityAdmin
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
admingroup:
|
admingroup:
|
||||||
Title: Admin
|
Title: Admin
|
||||||
Code: admin
|
Code: admin
|
||||||
Permissions: =>Permission.admin
|
Permissions: '=>SilverStripe\Security\Permission.admin'
|
||||||
securityadminsgroup:
|
securityadminsgroup:
|
||||||
Title: securityadminsgroup
|
Title: securityadminsgroup
|
||||||
Code: securityadminsgroup
|
Code: securityadminsgroup
|
||||||
Permissions: =>Permission.security-admin
|
Permissions: '=>SilverStripe\Security\Permission.security-admin'
|
||||||
staffgroup:
|
staffgroup:
|
||||||
Title: staffgroup
|
Title: staffgroup
|
||||||
Code: staffgroup
|
Code: staffgroup
|
||||||
managementgroup:
|
managementgroup:
|
||||||
Title: managementgroup
|
Title: managementgroup
|
||||||
Code: managementgroup
|
Code: managementgroup
|
||||||
Parent: =>Group.staffgroup
|
Parent: '=>SilverStripe\Security\Group.staffgroup'
|
||||||
accountinggroup:
|
accountinggroup:
|
||||||
Title: accountinggroup
|
Title: accountinggroup
|
||||||
Code: accountinggroup
|
Code: accountinggroup
|
||||||
Parent: =>Group.staffgroup
|
Parent: '=>SilverStripe\Security\Group.staffgroup'
|
||||||
ceogroup:
|
ceogroup:
|
||||||
Title: ceogroup
|
Title: ceogroup
|
||||||
Code: ceogroup
|
Code: ceogroup
|
||||||
Parent: =>Group.managementgroup
|
Parent: '=>SilverStripe\Security\Group.managementgroup'
|
||||||
memberlessgroup:
|
memberlessgroup:
|
||||||
Title: Memberless Group
|
Title: Memberless Group
|
||||||
code: memberless
|
code: memberless
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
admin:
|
admin:
|
||||||
FirstName: Admin
|
FirstName: Admin
|
||||||
Email: admin@silverstripe.com
|
Email: admin@silverstripe.com
|
||||||
Groups: =>Group.admingroup
|
Groups: '=>SilverStripe\Security\Group.admingroup'
|
||||||
other-admin:
|
other-admin:
|
||||||
FirstName: OtherAdmin
|
FirstName: OtherAdmin
|
||||||
Email: other-admin@silverstripe.com
|
Email: other-admin@silverstripe.com
|
||||||
Groups: =>Group.admingroup
|
Groups: '=>SilverStripe\Security\Group.admingroup'
|
||||||
test:
|
test:
|
||||||
FirstName: Test
|
FirstName: Test
|
||||||
Surname: User
|
Surname: User
|
||||||
Email: testuser@example.com
|
Email: testuser@example.com
|
||||||
Password: 1nitialPassword
|
Password: 1nitialPassword
|
||||||
PasswordExpiry: 2030-01-01
|
PasswordExpiry: 2030-01-01
|
||||||
Groups: =>Group.securityadminsgroup
|
Groups: '=>SilverStripe\Security\Group.securityadminsgroup'
|
||||||
expiredpassword:
|
expiredpassword:
|
||||||
FirstName: Test
|
FirstName: Test
|
||||||
Surname: User
|
Surname: User
|
||||||
@ -59,16 +59,16 @@ Member:
|
|||||||
Password: 1nitialPassword
|
Password: 1nitialPassword
|
||||||
staffmember:
|
staffmember:
|
||||||
Email: staffmember@test.com
|
Email: staffmember@test.com
|
||||||
Groups: =>Group.staffgroup
|
Groups: '=>SilverStripe\Security\Group.staffgroup'
|
||||||
managementmember:
|
managementmember:
|
||||||
Email: managementmember@test.com
|
Email: managementmember@test.com
|
||||||
Groups: =>Group.managementgroup
|
Groups: '=>SilverStripe\Security\Group.managementgroup'
|
||||||
accountingmember:
|
accountingmember:
|
||||||
Email: accountingmember@test.com
|
Email: accountingmember@test.com
|
||||||
Groups: =>Group.accountinggroup
|
Groups: '=>SilverStripe\Security\Group.accountinggroup'
|
||||||
ceomember:
|
ceomember:
|
||||||
Email: ceomember@test.com
|
Email: ceomember@test.com
|
||||||
Groups: =>Group.ceogroup
|
Groups: '=>SilverStripe\Security\Group.ceogroup'
|
||||||
grouplessmember:
|
grouplessmember:
|
||||||
FirstName: Groupless Member
|
FirstName: Groupless Member
|
||||||
noformatmember:
|
noformatmember:
|
||||||
|
@ -1,4 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\PasswordEncryptor_Blowfish;
|
||||||
|
use SilverStripe\Security\PasswordEncryptor;
|
||||||
|
|
||||||
class PasswordEncryptorTest extends SapphireTest {
|
class PasswordEncryptorTest extends SapphireTest {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -19,22 +23,28 @@ class PasswordEncryptorTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testCreateForCode() {
|
public function testCreateForCode() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test'=>array('PasswordEncryptorTest_TestEncryptor'=>null)));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test' => ['PasswordEncryptorTest_TestEncryptor' => null]]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test');
|
$e = PasswordEncryptor::create_for_algorithm('test');
|
||||||
$this->assertInstanceOf('PasswordEncryptorTest_TestEncryptor', $e );
|
$this->assertInstanceOf('PasswordEncryptorTest_TestEncryptor', $e );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException PasswordEncryptor_NotFoundException
|
* @expectedException SilverStripe\Security\PasswordEncryptor_NotFoundException
|
||||||
*/
|
*/
|
||||||
public function testCreateForCodeNotFound() {
|
public function testCreateForCodeNotFound() {
|
||||||
PasswordEncryptor::create_for_algorithm('unknown');
|
PasswordEncryptor::create_for_algorithm('unknown');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRegister() {
|
public function testRegister() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test'=>array('PasswordEncryptorTest_TestEncryptor'=>null)));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
array('test' => array('PasswordEncryptorTest_TestEncryptor' => null))
|
||||||
|
);
|
||||||
$encryptors = PasswordEncryptor::get_encryptors();
|
$encryptors = PasswordEncryptor::get_encryptors();
|
||||||
$this->assertContains('test', array_keys($encryptors));
|
$this->assertContains('test', array_keys($encryptors));
|
||||||
$encryptor = $encryptors['test'];
|
$encryptor = $encryptors['test'];
|
||||||
@ -42,22 +52,31 @@ class PasswordEncryptorTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testUnregister() {
|
public function testUnregister() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test'=>array('PasswordEncryptorTest_TestEncryptor'=>null)));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
Config::inst()->remove('PasswordEncryptor', 'encryptors', 'test');
|
'encryptors',
|
||||||
|
array('test' => array('PasswordEncryptorTest_TestEncryptor' => null))
|
||||||
|
);
|
||||||
|
Config::inst()->remove('SilverStripe\\Security\\PasswordEncryptor', 'encryptors', 'test');
|
||||||
$this->assertNotContains('test', array_keys(PasswordEncryptor::get_encryptors()));
|
$this->assertNotContains('test', array_keys(PasswordEncryptor::get_encryptors()));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testEncryptorPHPHashWithArguments() {
|
public function testEncryptorPHPHashWithArguments() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test_md5'=>array('PasswordEncryptor_PHPHash'=>'md5')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test_md5' => ['SilverStripe\\Security\\PasswordEncryptor_PHPHash'=>'md5']]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_md5');
|
$e = PasswordEncryptor::create_for_algorithm('test_md5');
|
||||||
$this->assertEquals('md5', $e->getAlgorithm());
|
$this->assertEquals('md5', $e->getAlgorithm());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testEncryptorPHPHash() {
|
public function testEncryptorPHPHash() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test_sha1'=>array('PasswordEncryptor_PHPHash'=>'sha1')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test_sha1' => ['SilverStripe\\Security\\PasswordEncryptor_PHPHash' => 'sha1']]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_sha1');
|
$e = PasswordEncryptor::create_for_algorithm('test_sha1');
|
||||||
$password = 'mypassword';
|
$password = 'mypassword';
|
||||||
$salt = 'mysalt';
|
$salt = 'mysalt';
|
||||||
@ -68,8 +87,11 @@ class PasswordEncryptorTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testEncryptorBlowfish() {
|
public function testEncryptorBlowfish() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test_blowfish'=>array('PasswordEncryptor_Blowfish'=>'')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test_blowfish' => ['SilverStripe\\Security\\PasswordEncryptor_Blowfish' => '']]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_blowfish');
|
$e = PasswordEncryptor::create_for_algorithm('test_blowfish');
|
||||||
|
|
||||||
$password = 'mypassword';
|
$password = 'mypassword';
|
||||||
@ -114,8 +136,11 @@ class PasswordEncryptorTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testEncryptorPHPHashCheck() {
|
public function testEncryptorPHPHashCheck() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test_sha1'=>array('PasswordEncryptor_PHPHash'=>'sha1')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test_sha1' => ['SilverStripe\\Security\\PasswordEncryptor_PHPHash' => 'sha1']]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_sha1');
|
$e = PasswordEncryptor::create_for_algorithm('test_sha1');
|
||||||
$this->assertTrue($e->check(sha1('mypassword'), 'mypassword'));
|
$this->assertTrue($e->check(sha1('mypassword'), 'mypassword'));
|
||||||
$this->assertFalse($e->check(sha1('mypassword'), 'mywrongpassword'));
|
$this->assertFalse($e->check(sha1('mypassword'), 'mywrongpassword'));
|
||||||
@ -128,8 +153,11 @@ class PasswordEncryptorTest extends SapphireTest {
|
|||||||
* php -r "echo(base_convert(sha1('mypassword'), 16, 36));"
|
* php -r "echo(base_convert(sha1('mypassword'), 16, 36));"
|
||||||
*/
|
*/
|
||||||
public function testEncryptorLegacyPHPHashCheck() {
|
public function testEncryptorLegacyPHPHashCheck() {
|
||||||
Config::inst()->update('PasswordEncryptor', 'encryptors',
|
Config::inst()->update(
|
||||||
array('test_sha1legacy'=>array('PasswordEncryptor_LegacyPHPHash'=>'sha1')));
|
'SilverStripe\\Security\\PasswordEncryptor',
|
||||||
|
'encryptors',
|
||||||
|
['test_sha1legacy' => ['SilverStripe\\Security\\PasswordEncryptor_LegacyPHPHash' => 'sha1']]
|
||||||
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_sha1legacy');
|
$e = PasswordEncryptor::create_for_algorithm('test_sha1legacy');
|
||||||
// precomputed hashes for 'mypassword' from different architectures
|
// precomputed hashes for 'mypassword' from different architectures
|
||||||
$amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s';
|
$amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s';
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\PasswordValidator;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\PermissionCheckboxSetField;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -12,7 +14,7 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
|
|||||||
$f = new PermissionCheckboxSetField(
|
$f = new PermissionCheckboxSetField(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
'Permissions',
|
'Permissions',
|
||||||
'Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID'
|
'GroupID'
|
||||||
);
|
);
|
||||||
$f->setHiddenPermissions(
|
$f->setHiddenPermissions(
|
||||||
@ -27,19 +29,19 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testSaveInto() {
|
public function testSaveInto() {
|
||||||
$group = $this->objFromFixture('Group', 'group'); // tested group
|
$group = $this->objFromFixture('SilverStripe\\Security\\Group', 'group'); // tested group
|
||||||
$untouchable = $this->objFromFixture('Group', 'untouchable'); // group that should not change
|
$untouchable = $this->objFromFixture('SilverStripe\\Security\\Group', 'untouchable'); // group that should not change
|
||||||
|
|
||||||
$field = new PermissionCheckboxSetField(
|
$field = new PermissionCheckboxSetField(
|
||||||
'Permissions',
|
'Permissions',
|
||||||
'Permissions',
|
'Permissions',
|
||||||
'Permission',
|
'SilverStripe\\Security\\Permission',
|
||||||
'GroupID',
|
'GroupID',
|
||||||
$group
|
$group
|
||||||
);
|
);
|
||||||
|
|
||||||
// get the number of permissions before we start
|
// get the number of permissions before we start
|
||||||
$baseCount = DataObject::get('Permission')->Count();
|
$baseCount = DataObject::get('SilverStripe\\Security\\Permission')->Count();
|
||||||
|
|
||||||
// there are currently no permissions, save empty checkbox
|
// there are currently no permissions, save empty checkbox
|
||||||
$field->saveInto($group);
|
$field->saveInto($group);
|
||||||
@ -51,7 +53,7 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
|
|||||||
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
||||||
'The other group has ADMIN permission');
|
'The other group has ADMIN permission');
|
||||||
|
|
||||||
$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount, 'There are no orphaned permissions');
|
$this->assertEquals(DataObject::get('SilverStripe\\Security\\Permission')->Count(), $baseCount, 'There are no orphaned permissions');
|
||||||
|
|
||||||
// add some permissions
|
// add some permissions
|
||||||
$field->setValue(array(
|
$field->setValue(array(
|
||||||
@ -74,7 +76,7 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
|
|||||||
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
||||||
'The other group has ADMIN permission');
|
'The other group has ADMIN permission');
|
||||||
|
|
||||||
$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount+2,
|
$this->assertEquals(DataObject::get('SilverStripe\\Security\\Permission')->Count(), $baseCount+2,
|
||||||
'There are no orphaned permissions');
|
'There are no orphaned permissions');
|
||||||
|
|
||||||
// remove permission
|
// remove permission
|
||||||
@ -95,7 +97,7 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
|
|||||||
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
$this->assertEquals($untouchable->Permissions()->where("\"Code\"='ADMIN'")->Count(), 1,
|
||||||
'The other group has ADMIN permission');
|
'The other group has ADMIN permission');
|
||||||
|
|
||||||
$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount+1,
|
$this->assertEquals(DataObject::get('SilverStripe\\Security\\Permission')->Count(), $baseCount+1,
|
||||||
'There are no orphaned permissions');
|
'There are no orphaned permissions');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
group:
|
group:
|
||||||
Code: group
|
Code: group
|
||||||
untouchable:
|
untouchable:
|
||||||
Code: untouchable
|
Code: untouchable
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
perm1:
|
perm1:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Group: =>Group.untouchable
|
Group: '=>SilverStripe\Security\Group.untouchable'
|
||||||
perm2:
|
perm2:
|
||||||
Code: NON-ADMIN
|
Code: NON-ADMIN
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\PermissionRoleCode;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -9,13 +11,13 @@ class PermissionRoleTest extends FunctionalTest {
|
|||||||
protected static $fixture_file = 'PermissionRoleTest.yml';
|
protected static $fixture_file = 'PermissionRoleTest.yml';
|
||||||
|
|
||||||
public function testDelete() {
|
public function testDelete() {
|
||||||
$role = $this->objFromFixture('PermissionRole', 'role');
|
$role = $this->objFromFixture('SilverStripe\\Security\\PermissionRole', 'role');
|
||||||
|
|
||||||
$role->delete();
|
$role->delete();
|
||||||
|
|
||||||
$this->assertEquals(0, DataObject::get('PermissionRole', "\"ID\"={$role->ID}")->count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\PermissionRole', "\"ID\"={$role->ID}")->count(),
|
||||||
'Role is removed');
|
'Role is removed');
|
||||||
$this->assertEquals(0, DataObject::get('PermissionRoleCode',"\"RoleID\"={$role->ID}")->count(),
|
$this->assertEquals(0, DataObject::get('SilverStripe\\Security\\PermissionRoleCode',"\"RoleID\"={$role->ID}")->count(),
|
||||||
'Permissions removed along with the role');
|
'Permissions removed along with the role');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
PermissionRole:
|
'SilverStripe\Security\PermissionRole':
|
||||||
role:
|
role:
|
||||||
Title: role
|
Title: role
|
||||||
PermissionRoleCode:
|
'SilverStripe\Security\PermissionRoleCode':
|
||||||
code:
|
code:
|
||||||
Code: ADMIN
|
Code: ADMIN
|
||||||
Role: =>PermissionRole.role
|
Role: '=>SilverStripe\Security\PermissionRole.role'
|
||||||
|
@ -1,5 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\PermissionCheckboxSetField;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -19,12 +23,12 @@ class PermissionTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testDirectlyAppliedPermissions() {
|
public function testDirectlyAppliedPermissions() {
|
||||||
$member = $this->objFromFixture('Member', 'author');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'author');
|
||||||
$this->assertTrue(Permission::checkMember($member, "SITETREE_VIEW_ALL"));
|
$this->assertTrue(Permission::checkMember($member, "SITETREE_VIEW_ALL"));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testCMSAccess() {
|
public function testCMSAccess() {
|
||||||
$members = Member::get()->byIDs($this->allFixtureIDs('Member'));
|
$members = Member::get()->byIDs($this->allFixtureIDs('SilverStripe\\Security\\Member'));
|
||||||
foreach ($members as $member) {
|
foreach ($members as $member) {
|
||||||
$this->assertTrue(Permission::checkMember($member, 'CMS_ACCESS'));
|
$this->assertTrue(Permission::checkMember($member, 'CMS_ACCESS'));
|
||||||
}
|
}
|
||||||
@ -41,7 +45,7 @@ class PermissionTest extends SapphireTest {
|
|||||||
|
|
||||||
public function testLeftAndMainAccessAll() {
|
public function testLeftAndMainAccessAll() {
|
||||||
//add user and group
|
//add user and group
|
||||||
$member = $this->objFromFixture('Member', 'leftandmain');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'leftandmain');
|
||||||
|
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
||||||
@ -49,14 +53,14 @@ class PermissionTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testPermissionAreInheritedFromOneRole() {
|
public function testPermissionAreInheritedFromOneRole() {
|
||||||
$member = $this->objFromFixture('Member', 'author');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'author');
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
||||||
$this->assertFalse(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin"));
|
$this->assertFalse(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin"));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testPermissionAreInheritedFromMultipleRoles() {
|
public function testPermissionAreInheritedFromMultipleRoles() {
|
||||||
$member = $this->objFromFixture('Member', 'access');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'access');
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_MyAdmin"));
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_AssetAdmin"));
|
||||||
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin"));
|
$this->assertTrue(Permission::checkMember($member, "CMS_ACCESS_SecurityAdmin"));
|
||||||
@ -65,7 +69,7 @@ class PermissionTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testPermissionsForMember() {
|
public function testPermissionsForMember() {
|
||||||
$member = $this->objFromFixture('Member', 'access');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'access');
|
||||||
$permissions = Permission::permissions_for_member($member->ID);
|
$permissions = Permission::permissions_for_member($member->ID);
|
||||||
$this->assertEquals(4, count($permissions));
|
$this->assertEquals(4, count($permissions));
|
||||||
$this->assertTrue(in_array('CMS_ACCESS_MyAdmin', $permissions));
|
$this->assertTrue(in_array('CMS_ACCESS_MyAdmin', $permissions));
|
||||||
@ -73,7 +77,7 @@ class PermissionTest extends SapphireTest {
|
|||||||
$this->assertTrue(in_array('CMS_ACCESS_SecurityAdmin', $permissions));
|
$this->assertTrue(in_array('CMS_ACCESS_SecurityAdmin', $permissions));
|
||||||
$this->assertTrue(in_array('EDIT_PERMISSIONS', $permissions));
|
$this->assertTrue(in_array('EDIT_PERMISSIONS', $permissions));
|
||||||
|
|
||||||
$group = $this->objFromFixture("Group", "access");
|
$group = $this->objFromFixture("SilverStripe\\Security\\Group", "access");
|
||||||
|
|
||||||
Permission::deny($group->ID, "CMS_ACCESS_MyAdmin");
|
Permission::deny($group->ID, "CMS_ACCESS_MyAdmin");
|
||||||
$permissions = Permission::permissions_for_member($member->ID);
|
$permissions = Permission::permissions_for_member($member->ID);
|
||||||
@ -82,7 +86,7 @@ class PermissionTest extends SapphireTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testRolesAndPermissionsFromParentGroupsAreInherited() {
|
public function testRolesAndPermissionsFromParentGroupsAreInherited() {
|
||||||
$member = $this->objFromFixture('Member', 'globalauthor');
|
$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'globalauthor');
|
||||||
|
|
||||||
// Check that permissions applied to the group are there
|
// Check that permissions applied to the group are there
|
||||||
$this->assertTrue(Permission::checkMember($member, "SITETREE_EDIT_ALL"));
|
$this->assertTrue(Permission::checkMember($member, "SITETREE_EDIT_ALL"));
|
||||||
@ -101,8 +105,8 @@ class PermissionTest extends SapphireTest {
|
|||||||
* Ensure the the get_*_by_permission functions are permission role aware
|
* Ensure the the get_*_by_permission functions are permission role aware
|
||||||
*/
|
*/
|
||||||
public function testGettingMembersByPermission() {
|
public function testGettingMembersByPermission() {
|
||||||
$accessMember = $this->objFromFixture('Member', 'access');
|
$accessMember = $this->objFromFixture('SilverStripe\\Security\\Member', 'access');
|
||||||
$accessAuthor = $this->objFromFixture('Member', 'author');
|
$accessAuthor = $this->objFromFixture('SilverStripe\\Security\\Member', 'author');
|
||||||
|
|
||||||
$result = Permission::get_members_by_permission(array('CMS_ACCESS_SecurityAdmin'));
|
$result = Permission::get_members_by_permission(array('CMS_ACCESS_SecurityAdmin'));
|
||||||
$resultIDs = $result ? $result->column() : array();
|
$resultIDs = $result ? $result->column() : array();
|
||||||
@ -114,14 +118,14 @@ class PermissionTest extends SapphireTest {
|
|||||||
|
|
||||||
|
|
||||||
public function testHiddenPermissions(){
|
public function testHiddenPermissions(){
|
||||||
$permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','Permission','GroupID');
|
$permissionCheckboxSet = new PermissionCheckboxSetField('Permissions','Permissions','SilverStripe\\Security\\Permission','GroupID');
|
||||||
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
||||||
|
|
||||||
Config::inst()->update('Permission', 'hidden_permissions', array('CMS_ACCESS_LeftAndMain'));
|
Config::inst()->update('SilverStripe\\Security\\Permission', 'hidden_permissions', array('CMS_ACCESS_LeftAndMain'));
|
||||||
|
|
||||||
$this->assertNotContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
$this->assertNotContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
||||||
|
|
||||||
Config::inst()->remove('Permission', 'hidden_permissions');
|
Config::inst()->remove('SilverStripe\\Security\\Permission', 'hidden_permissions');
|
||||||
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
$this->assertContains('CMS_ACCESS_LeftAndMain', $permissionCheckboxSet->Field());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,25 +1,25 @@
|
|||||||
PermissionRole:
|
'SilverStripe\Security\PermissionRole':
|
||||||
author:
|
author:
|
||||||
Title: Author
|
Title: Author
|
||||||
access:
|
access:
|
||||||
Title: Access Administrator
|
Title: Access Administrator
|
||||||
|
|
||||||
PermissionRoleCode:
|
'SilverStripe\Security\PermissionRoleCode':
|
||||||
author1:
|
author1:
|
||||||
Role: =>PermissionRole.author
|
Role: '=>SilverStripe\Security\PermissionRole.author'
|
||||||
Code: CMS_ACCESS_MyAdmin
|
Code: CMS_ACCESS_MyAdmin
|
||||||
author2:
|
author2:
|
||||||
Role: =>PermissionRole.author
|
Role: '=>SilverStripe\Security\PermissionRole.author'
|
||||||
Code: CMS_ACCESS_AssetAdmin
|
Code: CMS_ACCESS_AssetAdmin
|
||||||
access1:
|
access1:
|
||||||
Role: =>PermissionRole.access
|
Role: '=>SilverStripe\Security\PermissionRole.access'
|
||||||
Code: CMS_ACCESS_SecurityAdmin
|
Code: CMS_ACCESS_SecurityAdmin
|
||||||
access2:
|
access2:
|
||||||
Role: =>PermissionRole.access
|
Role: '=>SilverStripe\Security\PermissionRole.access'
|
||||||
Code: EDIT_PERMISSIONS
|
Code: EDIT_PERMISSIONS
|
||||||
|
|
||||||
|
|
||||||
Member:
|
'SilverStripe\Security\Member':
|
||||||
author:
|
author:
|
||||||
FirstName: Test
|
FirstName: Test
|
||||||
Surname: Author
|
Surname: Author
|
||||||
@ -34,30 +34,30 @@ Member:
|
|||||||
Surname: AndMain
|
Surname: AndMain
|
||||||
Email: leftandmain@example.com
|
Email: leftandmain@example.com
|
||||||
|
|
||||||
Group:
|
'SilverStripe\Security\Group':
|
||||||
author:
|
author:
|
||||||
Title: Authors
|
Title: Authors
|
||||||
Members: =>Member.author
|
Members: '=>SilverStripe\Security\Member.author'
|
||||||
Roles: =>PermissionRole.author
|
Roles: '=>SilverStripe\Security\PermissionRole.author'
|
||||||
access:
|
access:
|
||||||
Title: Access Administrators + Authors
|
Title: Access Administrators + Authors
|
||||||
Members: =>Member.access
|
Members: '=>SilverStripe\Security\Member.access'
|
||||||
Roles: =>PermissionRole.access,=>PermissionRole.author
|
Roles: '=>SilverStripe\Security\PermissionRole.access,=>SilverStripe\Security\PermissionRole.author'
|
||||||
globalauthor:
|
globalauthor:
|
||||||
Parent: =>Group.author
|
Parent: '=>SilverStripe\Security\Group.author'
|
||||||
Title: Global Authors
|
Title: Global Authors
|
||||||
Members: =>Member.globalauthor
|
Members: '=>SilverStripe\Security\Member.globalauthor'
|
||||||
leftandmain:
|
leftandmain:
|
||||||
Title: LeftAndMain
|
Title: LeftAndMain
|
||||||
Members: =>Member.leftandmain
|
Members: '=>SilverStripe\Security\Member.leftandmain'
|
||||||
|
|
||||||
Permission:
|
'SilverStripe\Security\Permission':
|
||||||
extra1:
|
extra1:
|
||||||
Code: SITETREE_VIEW_ALL
|
Code: SITETREE_VIEW_ALL
|
||||||
Group: =>Group.author
|
Group: '=>SilverStripe\Security\Group.author'
|
||||||
globalauthor:
|
globalauthor:
|
||||||
Code: SITETREE_EDIT_ALL
|
Code: SITETREE_EDIT_ALL
|
||||||
Group: =>Group.globalauthor
|
Group: '=>SilverStripe\Security\Group.globalauthor'
|
||||||
leftandmain:
|
leftandmain:
|
||||||
Code: CMS_ACCESS_LeftAndMain
|
Code: CMS_ACCESS_LeftAndMain
|
||||||
Group: =>Group.leftandmain
|
Group: '=>SilverStripe\Security\Group.leftandmain'
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\RandomGenerator;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
|
@ -1,4 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
class SecurityDefaultAdminTest extends SapphireTest {
|
class SecurityDefaultAdminTest extends SapphireTest {
|
||||||
|
|
||||||
protected $usesDatabase = true;
|
protected $usesDatabase = true;
|
||||||
@ -49,7 +53,7 @@ class SecurityDefaultAdminTest extends SapphireTest {
|
|||||||
|
|
||||||
$admin = Security::findAnAdministrator();
|
$admin = Security::findAnAdministrator();
|
||||||
|
|
||||||
$this->assertInstanceOf('Member', $admin);
|
$this->assertInstanceOf('SilverStripe\\Security\\Member', $admin);
|
||||||
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
||||||
$this->assertEquals($admin->Email, Security::default_admin_username());
|
$this->assertEquals($admin->Email, Security::default_admin_username());
|
||||||
$this->assertNull($admin->Password);
|
$this->assertNull($admin->Password);
|
||||||
@ -64,7 +68,7 @@ class SecurityDefaultAdminTest extends SapphireTest {
|
|||||||
|
|
||||||
$admin = Security::findAnAdministrator();
|
$admin = Security::findAnAdministrator();
|
||||||
|
|
||||||
$this->assertInstanceOf('Member', $admin);
|
$this->assertInstanceOf('SilverStripe\\Security\\Member', $admin);
|
||||||
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
||||||
|
|
||||||
// User should be blank
|
// User should be blank
|
||||||
@ -78,7 +82,7 @@ class SecurityDefaultAdminTest extends SapphireTest {
|
|||||||
|
|
||||||
$admin = Member::default_admin();
|
$admin = Member::default_admin();
|
||||||
|
|
||||||
$this->assertInstanceOf('Member', $admin);
|
$this->assertInstanceOf('SilverStripe\\Security\\Member', $admin);
|
||||||
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
|
||||||
$this->assertEquals($admin->Email, Security::default_admin_username());
|
$this->assertEquals($admin->Email, Security::default_admin_username());
|
||||||
$this->assertNull($admin->Password);
|
$this->assertNull($admin->Password);
|
||||||
|
@ -6,6 +6,11 @@ use SilverStripe\ORM\DataObject;
|
|||||||
use SilverStripe\ORM\FieldType\DBDatetime;
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
||||||
use SilverStripe\ORM\FieldType\DBClassName;
|
use SilverStripe\ORM\FieldType\DBClassName;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
use SilverStripe\Security\Authenticator;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\Security;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -35,8 +40,8 @@ class SecurityTest extends FunctionalTest {
|
|||||||
Authenticator::unregister($authenticator);
|
Authenticator::unregister($authenticator);
|
||||||
}
|
}
|
||||||
|
|
||||||
Authenticator::register('MemberAuthenticator');
|
Authenticator::register('SilverStripe\\Security\\MemberAuthenticator');
|
||||||
Authenticator::set_default_authenticator('MemberAuthenticator');
|
Authenticator::set_default_authenticator('SilverStripe\\Security\\MemberAuthenticator');
|
||||||
|
|
||||||
// And that the unique identified field is 'Email'
|
// And that the unique identified field is 'Email'
|
||||||
$this->priorUniqueIdentifierField = Member::config()->unique_identifier_field;
|
$this->priorUniqueIdentifierField = Member::config()->unique_identifier_field;
|
||||||
@ -50,8 +55,8 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// Restore selected authenticator
|
// Restore selected authenticator
|
||||||
|
|
||||||
// MemberAuthenticator might not actually be present
|
// MemberAuthenticator might not actually be present
|
||||||
if(!in_array('MemberAuthenticator', $this->priorAuthenticators)) {
|
if(!in_array('SilverStripe\\Security\\MemberAuthenticator', $this->priorAuthenticators)) {
|
||||||
Authenticator::unregister('MemberAuthenticator');
|
Authenticator::unregister('SilverStripe\\Security\\MemberAuthenticator');
|
||||||
}
|
}
|
||||||
foreach($this->priorAuthenticators as $authenticator) {
|
foreach($this->priorAuthenticators as $authenticator) {
|
||||||
Authenticator::register($authenticator);
|
Authenticator::register($authenticator);
|
||||||
@ -71,7 +76,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$response = $this->get('SecurityTest_SecuredController');
|
$response = $this->get('SecurityTest_SecuredController');
|
||||||
$this->assertEquals(302, $response->getStatusCode());
|
$this->assertEquals(302, $response->getStatusCode());
|
||||||
$this->assertContains(
|
$this->assertContains(
|
||||||
Config::inst()->get('Security', 'login_url'),
|
Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'),
|
||||||
$response->getHeader('Location')
|
$response->getHeader('Location')
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -94,13 +99,13 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$this->assertEquals('Oops, not allowed', Session::get('Security.Message.message'));
|
$this->assertEquals('Oops, not allowed', Session::get('Security.Message.message'));
|
||||||
|
|
||||||
// Test that config values are used correctly
|
// Test that config values are used correctly
|
||||||
Config::inst()->update('Security', 'default_message_set', 'stringvalue');
|
Config::inst()->update('SilverStripe\\Security\\Security', 'default_message_set', 'stringvalue');
|
||||||
Security::permissionFailure($controller);
|
Security::permissionFailure($controller);
|
||||||
$this->assertEquals('stringvalue', Session::get('Security.Message.message'),
|
$this->assertEquals('stringvalue', Session::get('Security.Message.message'),
|
||||||
'Default permission failure message value was not present');
|
'Default permission failure message value was not present');
|
||||||
|
|
||||||
Config::inst()->remove('Security', 'default_message_set');
|
Config::inst()->remove('SilverStripe\\Security\\Security', 'default_message_set');
|
||||||
Config::inst()->update('Security', 'default_message_set', array('default' => 'arrayvalue'));
|
Config::inst()->update('SilverStripe\\Security\\Security', 'default_message_set', array('default' => 'arrayvalue'));
|
||||||
Security::permissionFailure($controller);
|
Security::permissionFailure($controller);
|
||||||
$this->assertEquals('arrayvalue', Session::get('Security.Message.message'),
|
$this->assertEquals('arrayvalue', Session::get('Security.Message.message'),
|
||||||
'Default permission failure message value was not present');
|
'Default permission failure message value was not present');
|
||||||
@ -110,7 +115,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// been fetched and output as part of it, so has been removed from the session
|
// been fetched and output as part of it, so has been removed from the session
|
||||||
$this->logInWithPermission('EDITOR');
|
$this->logInWithPermission('EDITOR');
|
||||||
|
|
||||||
Config::inst()->update('Security', 'default_message_set',
|
Config::inst()->update('SilverStripe\\Security\\Security', 'default_message_set',
|
||||||
array('default' => 'default', 'alreadyLoggedIn' => 'You are already logged in!'));
|
array('default' => 'default', 'alreadyLoggedIn' => 'You are already logged in!'));
|
||||||
Security::permissionFailure($controller);
|
Security::permissionFailure($controller);
|
||||||
$this->assertContains('You are already logged in!', $controller->getResponse()->getBody(),
|
$this->assertContains('You are already logged in!', $controller->getResponse()->getBody(),
|
||||||
@ -182,13 +187,13 @@ class SecurityTest extends FunctionalTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testLogInAsSomeoneElse() {
|
public function testLogInAsSomeoneElse() {
|
||||||
$member = DataObject::get_one('Member');
|
$member = DataObject::get_one('SilverStripe\\Security\\Member');
|
||||||
|
|
||||||
/* Log in with any user that we can find */
|
/* Log in with any user that we can find */
|
||||||
$this->session()->inst_set('loggedInAs', $member->ID);
|
$this->session()->inst_set('loggedInAs', $member->ID);
|
||||||
|
|
||||||
/* View the Security/login page */
|
/* View the Security/login page */
|
||||||
$response = $this->get(Config::inst()->get('Security', 'login_url'));
|
$response = $this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'));
|
||||||
|
|
||||||
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.action');
|
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.action');
|
||||||
|
|
||||||
@ -202,7 +207,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
'MemberLoginForm_LoginForm',
|
'MemberLoginForm_LoginForm',
|
||||||
null,
|
null,
|
||||||
array(
|
array(
|
||||||
'AuthenticationMethod' => 'MemberAuthenticator',
|
'AuthenticationMethod' => 'SilverStripe\\Security\\MemberAuthenticator',
|
||||||
'action_dologout' => 1,
|
'action_dologout' => 1,
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
@ -222,7 +227,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$this->autoFollowRedirection = true;
|
$this->autoFollowRedirection = true;
|
||||||
|
|
||||||
/* Attempt to get into the admin section */
|
/* Attempt to get into the admin section */
|
||||||
$response = $this->get(Config::inst()->get('Security', 'login_url'));
|
$response = $this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'));
|
||||||
|
|
||||||
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.text');
|
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.text');
|
||||||
|
|
||||||
@ -239,7 +244,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// Test that username does not persist
|
// Test that username does not persist
|
||||||
$this->session()->inst_set('SessionForms.MemberLoginForm.Email', 'myuser@silverstripe.com');
|
$this->session()->inst_set('SessionForms.MemberLoginForm.Email', 'myuser@silverstripe.com');
|
||||||
Security::config()->remember_username = false;
|
Security::config()->remember_username = false;
|
||||||
$this->get(Config::inst()->get('Security', 'login_url'));
|
$this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'));
|
||||||
$items = $this
|
$items = $this
|
||||||
->cssParser()
|
->cssParser()
|
||||||
->getBySelector('#MemberLoginForm_LoginForm #MemberLoginForm_LoginForm_Email');
|
->getBySelector('#MemberLoginForm_LoginForm #MemberLoginForm_LoginForm_Email');
|
||||||
@ -253,7 +258,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// Test that username does persist when necessary
|
// Test that username does persist when necessary
|
||||||
$this->session()->inst_set('SessionForms.MemberLoginForm.Email', 'myuser@silverstripe.com');
|
$this->session()->inst_set('SessionForms.MemberLoginForm.Email', 'myuser@silverstripe.com');
|
||||||
Security::config()->remember_username = true;
|
Security::config()->remember_username = true;
|
||||||
$this->get(Config::inst()->get('Security', 'login_url'));
|
$this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'));
|
||||||
$items = $this
|
$items = $this
|
||||||
->cssParser()
|
->cssParser()
|
||||||
->getBySelector('#MemberLoginForm_LoginForm #MemberLoginForm_LoginForm_Email');
|
->getBySelector('#MemberLoginForm_LoginForm #MemberLoginForm_LoginForm_Email');
|
||||||
@ -322,7 +327,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
Controller::join_links(Director::absoluteBaseURL(), 'test/link'),
|
Controller::join_links(Director::absoluteBaseURL(), 'test/link'),
|
||||||
$goodResponse->getHeader('Location')
|
$goodResponse->getHeader('Location')
|
||||||
);
|
);
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
/* EXPIRED PASSWORDS ARE SENT TO THE CHANGE PASSWORD FORM */
|
/* EXPIRED PASSWORDS ARE SENT TO THE CHANGE PASSWORD FORM */
|
||||||
$expiredResponse = $this->doTestLoginForm('expired@silverstripe.com' , '1nitialPassword');
|
$expiredResponse = $this->doTestLoginForm('expired@silverstripe.com' , '1nitialPassword');
|
||||||
@ -331,7 +336,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
Controller::join_links(Director::baseURL(), 'Security/changepassword'),
|
Controller::join_links(Director::baseURL(), 'Security/changepassword'),
|
||||||
$expiredResponse->getHeader('Location')
|
$expiredResponse->getHeader('Location')
|
||||||
);
|
);
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'expiredpassword'),
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'expiredpassword'),
|
||||||
$this->session()->inst_get('loggedInAs'));
|
$this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
// Make sure it redirects correctly after the password has been changed
|
// Make sure it redirects correctly after the password has been changed
|
||||||
@ -355,7 +360,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
Controller::join_links(Director::absoluteBaseURL(), 'test/back'),
|
Controller::join_links(Director::absoluteBaseURL(), 'test/back'),
|
||||||
$changedResponse->getHeader('Location')
|
$changedResponse->getHeader('Location')
|
||||||
);
|
);
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
// Check if we can login with the new password
|
// Check if we can login with the new password
|
||||||
$goodResponse = $this->doTestLoginForm('testuser@example.com' , 'changedPassword');
|
$goodResponse = $this->doTestLoginForm('testuser@example.com' , 'changedPassword');
|
||||||
@ -364,11 +369,11 @@ class SecurityTest extends FunctionalTest {
|
|||||||
Controller::join_links(Director::absoluteBaseURL(), 'test/link'),
|
Controller::join_links(Director::absoluteBaseURL(), 'test/link'),
|
||||||
$goodResponse->getHeader('Location')
|
$goodResponse->getHeader('Location')
|
||||||
);
|
);
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testChangePasswordFromLostPassword() {
|
public function testChangePasswordFromLostPassword() {
|
||||||
$admin = $this->objFromFixture('Member', 'test');
|
$admin = $this->objFromFixture('SilverStripe\\Security\\Member', 'test');
|
||||||
$admin->FailedLoginCount = 99;
|
$admin->FailedLoginCount = 99;
|
||||||
$admin->LockedOutUntil = DBDatetime::now()->Format('Y-m-d H:i:s');
|
$admin->LockedOutUntil = DBDatetime::now()->Format('Y-m-d H:i:s');
|
||||||
$admin->write();
|
$admin->write();
|
||||||
@ -382,7 +387,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$this->assertEmailSent('testuser@example.com');
|
$this->assertEmailSent('testuser@example.com');
|
||||||
|
|
||||||
// Load password link from email
|
// Load password link from email
|
||||||
$admin = DataObject::get_by_id('Member', $admin->ID);
|
$admin = DataObject::get_by_id('SilverStripe\\Security\\Member', $admin->ID);
|
||||||
$this->assertNotNull($admin->AutoLoginHash, 'Hash has been written after lost password');
|
$this->assertNotNull($admin->AutoLoginHash, 'Hash has been written after lost password');
|
||||||
|
|
||||||
// We don't have access to the token - generate a new token and hash pair.
|
// We don't have access to the token - generate a new token and hash pair.
|
||||||
@ -396,14 +401,14 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// Follow redirection to form without hash in GET parameter
|
// Follow redirection to form without hash in GET parameter
|
||||||
$response = $this->get('Security/changepassword');
|
$response = $this->get('Security/changepassword');
|
||||||
$changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword');
|
$changedResponse = $this->doTestChangepasswordForm('1nitialPassword', 'changedPassword');
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
// Check if we can login with the new password
|
// Check if we can login with the new password
|
||||||
$goodResponse = $this->doTestLoginForm('testuser@example.com' , 'changedPassword');
|
$goodResponse = $this->doTestLoginForm('testuser@example.com' , 'changedPassword');
|
||||||
$this->assertEquals(302, $goodResponse->getStatusCode());
|
$this->assertEquals(302, $goodResponse->getStatusCode());
|
||||||
$this->assertEquals($this->idFromFixture('Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
$this->assertEquals($this->idFromFixture('SilverStripe\\Security\\Member', 'test'), $this->session()->inst_get('loggedInAs'));
|
||||||
|
|
||||||
$admin = DataObject::get_by_id('Member', $admin->ID, false);
|
$admin = DataObject::get_by_id('SilverStripe\\Security\\Member', $admin->ID, false);
|
||||||
$this->assertNull($admin->LockedOutUntil);
|
$this->assertNull($admin->LockedOutUntil);
|
||||||
$this->assertEquals(0, $admin->FailedLoginCount);
|
$this->assertEquals(0, $admin->FailedLoginCount);
|
||||||
}
|
}
|
||||||
@ -418,7 +423,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// Login with a wrong password for more than the defined threshold
|
// Login with a wrong password for more than the defined threshold
|
||||||
for($i = 1; $i <= Member::config()->lock_out_after_incorrect_logins+1; $i++) {
|
for($i = 1; $i <= Member::config()->lock_out_after_incorrect_logins+1; $i++) {
|
||||||
$this->doTestLoginForm('testuser@example.com' , 'incorrectpassword');
|
$this->doTestLoginForm('testuser@example.com' , 'incorrectpassword');
|
||||||
$member = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'test'));
|
$member = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'test'));
|
||||||
|
|
||||||
if($i < Member::config()->lock_out_after_incorrect_logins) {
|
if($i < Member::config()->lock_out_after_incorrect_logins) {
|
||||||
$this->assertNull(
|
$this->assertNull(
|
||||||
@ -454,7 +459,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
);
|
);
|
||||||
|
|
||||||
// (We fake this by re-setting LockedOutUntil)
|
// (We fake this by re-setting LockedOutUntil)
|
||||||
$member = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'test'));
|
$member = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'test'));
|
||||||
$member->LockedOutUntil = date('Y-m-d H:i:s', time() - 30);
|
$member->LockedOutUntil = date('Y-m-d H:i:s', time() - 30);
|
||||||
$member->write();
|
$member->write();
|
||||||
$this->doTestLoginForm('testuser@example.com' , '1nitialPassword');
|
$this->doTestLoginForm('testuser@example.com' , '1nitialPassword');
|
||||||
@ -499,8 +504,8 @@ class SecurityTest extends FunctionalTest {
|
|||||||
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
||||||
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
||||||
|
|
||||||
$member1 = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'test'));
|
$member1 = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'test'));
|
||||||
$member2 = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'noexpiry'));
|
$member2 = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'noexpiry'));
|
||||||
|
|
||||||
$this->assertNull($member1->LockedOutUntil);
|
$this->assertNull($member1->LockedOutUntil);
|
||||||
$this->assertNull($member2->LockedOutUntil);
|
$this->assertNull($member2->LockedOutUntil);
|
||||||
@ -509,11 +514,11 @@ class SecurityTest extends FunctionalTest {
|
|||||||
// THIS SESSION
|
// THIS SESSION
|
||||||
|
|
||||||
$this->doTestLoginForm('testuser@example.com' , 'incorrectpassword');
|
$this->doTestLoginForm('testuser@example.com' , 'incorrectpassword');
|
||||||
$member1 = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'test'));
|
$member1 = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'test'));
|
||||||
$this->assertNotNull($member1->LockedOutUntil);
|
$this->assertNotNull($member1->LockedOutUntil);
|
||||||
|
|
||||||
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
$this->doTestLoginForm('noexpiry@silverstripe.com' , 'incorrectpassword');
|
||||||
$member2 = DataObject::get_by_id("Member", $this->idFromFixture('Member', 'noexpiry'));
|
$member2 = DataObject::get_by_id("SilverStripe\\Security\\Member", $this->idFromFixture('SilverStripe\\Security\\Member', 'noexpiry'));
|
||||||
$this->assertNotNull($member2->LockedOutUntil);
|
$this->assertNotNull($member2->LockedOutUntil);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -522,11 +527,11 @@ class SecurityTest extends FunctionalTest {
|
|||||||
|
|
||||||
/* UNSUCCESSFUL ATTEMPTS WITH WRONG PASSWORD FOR EXISTING USER ARE LOGGED */
|
/* UNSUCCESSFUL ATTEMPTS WITH WRONG PASSWORD FOR EXISTING USER ARE LOGGED */
|
||||||
$this->doTestLoginForm('testuser@example.com', 'wrongpassword');
|
$this->doTestLoginForm('testuser@example.com', 'wrongpassword');
|
||||||
$attempt = DataObject::get_one('LoginAttempt', array(
|
$attempt = DataObject::get_one('SilverStripe\\Security\\LoginAttempt', array(
|
||||||
'"LoginAttempt"."Email"' => 'testuser@example.com'
|
'"LoginAttempt"."Email"' => 'testuser@example.com'
|
||||||
));
|
));
|
||||||
$this->assertTrue(is_object($attempt));
|
$this->assertTrue(is_object($attempt));
|
||||||
$member = DataObject::get_one('Member', array(
|
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
'"Member"."Email"' => 'testuser@example.com'
|
'"Member"."Email"' => 'testuser@example.com'
|
||||||
));
|
));
|
||||||
$this->assertEquals($attempt->Status, 'Failure');
|
$this->assertEquals($attempt->Status, 'Failure');
|
||||||
@ -535,7 +540,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
|
|
||||||
/* UNSUCCESSFUL ATTEMPTS WITH NONEXISTING USER ARE LOGGED */
|
/* UNSUCCESSFUL ATTEMPTS WITH NONEXISTING USER ARE LOGGED */
|
||||||
$this->doTestLoginForm('wronguser@silverstripe.com', 'wrongpassword');
|
$this->doTestLoginForm('wronguser@silverstripe.com', 'wrongpassword');
|
||||||
$attempt = DataObject::get_one('LoginAttempt', array(
|
$attempt = DataObject::get_one('SilverStripe\\Security\\LoginAttempt', array(
|
||||||
'"LoginAttempt"."Email"' => 'wronguser@silverstripe.com'
|
'"LoginAttempt"."Email"' => 'wronguser@silverstripe.com'
|
||||||
));
|
));
|
||||||
$this->assertTrue(is_object($attempt));
|
$this->assertTrue(is_object($attempt));
|
||||||
@ -551,10 +556,10 @@ class SecurityTest extends FunctionalTest {
|
|||||||
|
|
||||||
/* SUCCESSFUL ATTEMPTS ARE LOGGED */
|
/* SUCCESSFUL ATTEMPTS ARE LOGGED */
|
||||||
$this->doTestLoginForm('testuser@example.com', '1nitialPassword');
|
$this->doTestLoginForm('testuser@example.com', '1nitialPassword');
|
||||||
$attempt = DataObject::get_one('LoginAttempt', array(
|
$attempt = DataObject::get_one('SilverStripe\\Security\\LoginAttempt', array(
|
||||||
'"LoginAttempt"."Email"' => 'testuser@example.com'
|
'"LoginAttempt"."Email"' => 'testuser@example.com'
|
||||||
));
|
));
|
||||||
$member = DataObject::get_one('Member', array(
|
$member = DataObject::get_one('SilverStripe\\Security\\Member', array(
|
||||||
'"Member"."Email"' => 'testuser@example.com'
|
'"Member"."Email"' => 'testuser@example.com'
|
||||||
));
|
));
|
||||||
$this->assertTrue(is_object($attempt));
|
$this->assertTrue(is_object($attempt));
|
||||||
@ -571,6 +576,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
|
|
||||||
// Assumption: The database has been built correctly by the test runner,
|
// Assumption: The database has been built correctly by the test runner,
|
||||||
// and has all columns present in the ORM
|
// and has all columns present in the ORM
|
||||||
|
/** @skipUpgrade */
|
||||||
DB::get_schema()->renameField('Member', 'Email', 'Email_renamed');
|
DB::get_schema()->renameField('Member', 'Email', 'Email_renamed');
|
||||||
|
|
||||||
// Email column is now missing, which means we're not ready to do permission checks
|
// Email column is now missing, which means we're not ready to do permission checks
|
||||||
@ -588,9 +594,9 @@ class SecurityTest extends FunctionalTest {
|
|||||||
* Helper method for the tests above
|
* Helper method for the tests above
|
||||||
*/
|
*/
|
||||||
public function doTestLoginForm($email, $password, $backURL = 'test/link') {
|
public function doTestLoginForm($email, $password, $backURL = 'test/link') {
|
||||||
$this->get(Config::inst()->get('Security', 'logout_url'));
|
$this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'logout_url'));
|
||||||
$this->session()->inst_set('BackURL', $backURL);
|
$this->session()->inst_set('BackURL', $backURL);
|
||||||
$this->get(Config::inst()->get('Security', 'login_url'));
|
$this->get(Config::inst()->get('SilverStripe\\Security\\Security', 'login_url'));
|
||||||
|
|
||||||
return $this->submitForm(
|
return $this->submitForm(
|
||||||
"MemberLoginForm_LoginForm",
|
"MemberLoginForm_LoginForm",
|
||||||
@ -598,7 +604,7 @@ class SecurityTest extends FunctionalTest {
|
|||||||
array(
|
array(
|
||||||
'Email' => $email,
|
'Email' => $email,
|
||||||
'Password' => $password,
|
'Password' => $password,
|
||||||
'AuthenticationMethod' => 'MemberAuthenticator',
|
'AuthenticationMethod' => 'SilverStripe\\Security\\MemberAuthenticator',
|
||||||
'action_dologin' => 1,
|
'action_dologin' => 1,
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -41,7 +43,7 @@ class SecurityTokenTest extends SapphireTest {
|
|||||||
|
|
||||||
public function testInst() {
|
public function testInst() {
|
||||||
$inst1 = SecurityToken::inst();
|
$inst1 = SecurityToken::inst();
|
||||||
$this->assertInstanceOf('SecurityToken', $inst1);
|
$this->assertInstanceOf('SilverStripe\\Security\\SecurityToken', $inst1);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testInstReturnsSingleton() {
|
public function testInstReturnsSingleton() {
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @package framework
|
* @package framework
|
||||||
* @subpackage tests
|
* @subpackage tests
|
||||||
@ -15,7 +17,7 @@ class EncryptAllPasswordsTaskTest extends SapphireTest {
|
|||||||
$t = new EncryptAllPasswordsTask();
|
$t = new EncryptAllPasswordsTask();
|
||||||
$t->run(null);
|
$t->run(null);
|
||||||
|
|
||||||
$m = DataObject::get_by_id('Member', $m->ID);
|
$m = DataObject::get_by_id('SilverStripe\\Security\\Member', $m->ID);
|
||||||
$this->assertEquals($m->PasswordEncryption, 'blowfish');
|
$this->assertEquals($m->PasswordEncryption, 'blowfish');
|
||||||
$this->assertNotEquals($m->Password, 'plain');
|
$this->assertNotEquals($m->Password, 'plain');
|
||||||
$result = $m->checkPassword('plain');
|
$result = $m->checkPassword('plain');
|
||||||
|
@ -2,6 +2,10 @@
|
|||||||
|
|
||||||
use SilverStripe\ORM\ArrayList;
|
use SilverStripe\ORM\ArrayList;
|
||||||
use SilverStripe\ORM\DataObject;
|
use SilverStripe\ORM\DataObject;
|
||||||
|
use SilverStripe\Security\Member;
|
||||||
|
use SilverStripe\Security\SecurityToken;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
class SSViewerTest extends SapphireTest {
|
class SSViewerTest extends SapphireTest {
|
||||||
|
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
|
|
||||||
use SilverStripe\ORM\FieldType\DBField;
|
use SilverStripe\ORM\FieldType\DBField;
|
||||||
|
use SilverStripe\Security\Permission;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user