Commit Graph

84 Commits

Author SHA1 Message Date
Ingo Schommer
d5efacbf56 BUGFIX Less fragile 'newness' check on Group->Code in Group->onBeforeWrite() (fixes #6595) 2011-04-14 21:38:07 +12:00
Ingo Schommer
2870eb9212 MINOR Changed $fixture_path to relative filenames in all sapphire test cases in order to allow easier file moving and less verbosity in tests 2011-03-30 23:04:48 +13:00
Ingo Schommer
95dcc74c10 MINOR Removed reliance of sapphire/admin unit tests on SiteTree and CMSMain 2011-03-29 18:20:10 +13:00
Ingo Schommer
65e7b83421 MINOR Made login form redirection test in SecurityTest explicit, rather than implicit through testLogInAsSomeoneElse() 2011-03-29 18:08:33 +13:00
Paul Meyrick
dc36725869 MINOR Using BlankPage template in SecurityTest, BasicAuthTest to remove ContentController dependency
MINOR Checking for SiteTree class existence in Security, Translatable
MINOR Checking for ContentController existence in FulltextSearchable
MINOR Removed unnecessary ContentController tests from ObjectTest
MINOR Replaced CMS specific examples in PermissionCheckboxSetFieldTest, DataObjectTest
MINOR Changed SecurityTest to make assertions against Security/login rather than relying on redirection from admin/cms
2011-03-29 18:07:55 +13:00
Ingo Schommer
d099c7e5ba BUGFIX Unregistering custom Authenticators in SecurityTest->setUp() 2011-03-21 18:13:01 +13:00
Ingo Schommer
a7e9be3bc4 BUGFIX Fixing SecurityTest to clear any custom settings in Security::$force_database_is_ready before making assertions 2011-03-21 18:12:59 +13:00
Ingo Schommer
2184acf17d Revert "MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10)" - cased too many problems with mixed build environments that require PHP 3.4
This reverts commit 65f6104cd6.
2011-03-11 15:06:09 +13:00
Ingo Schommer
498e5758bf BUGFIX Avoid privilege escalation from EDIT_PERMISSIONS to ADMIN through TreeMultiselectField (in Member->getCMSFields()) by checking for admin groups in Member->onChangeGroups() 2011-03-09 15:49:41 +13:00
Ingo Schommer
662c5259e5 BUGFIX Fixed Group->collateAncestorIDs() handling of orphans (fixes #6413) 2011-02-22 00:19:23 +13:00
Ingo Schommer
65f6104cd6 MINOR Replaced assertType() calls with assertInstanceOf(), deprecated in PHPUnit 3.6 (throws warnings as of 3.5.10) 2011-02-21 18:49:09 +13:00
Ingo Schommer
4b2c64c843 BUGFIX Avoid potential referer leaking in Security->changepassword() form by storing Member->AutoLoginHash in session instead of 'h' GET parameter
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114758 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-09 21:18:49 +00:00
Sam Minnee
05d6df2193 MINOR Fixed php tag in SecurityTokenTest, should be "<?php" not "<?" (from r114016)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114543 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 08:41:38 +00:00
Sam Minnee
9ec31acacb ENHANCEMENT Added SecurityToken to wrap CSRF protection via "SecurityID" request parameter (from r113272)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114525 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 08:22:57 +00:00
Ingo Schommer
c378448f19 ENHANCEMENT Added RandomGenerator for more secure CRSF tokens etc.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114497 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-12-05 00:18:19 +00:00
Ingo Schommer
ab563c1418 MINOR Using built-in ORM methods for GroupTest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114135 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-11-24 06:23:49 +00:00
Sam Minnee
1fc540c16b MINOR Fixed regression from r111843 (i18nText, MemberDatetimeFieldTest, MemberTest) (from r111844)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112929 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 05:01:35 +00:00
Sam Minnee
ef36436f75 BUGFIX Protect MemberTest from side effects caused by auth_openid and forum modules (from r110894)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112865 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 03:01:29 +00:00
Sam Minnee
d8a8635374 API CHANGE Member->canEdit() returns false if the editing member has lower permissions than the edited member, for example if a member with CMS_ACCESS_SecurityAdmin permissions tries to edit an ADMIN (fixes #5651) (from r110856)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112861 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 02:46:26 +00:00
Sam Minnee
274387f0f4 BUGFIX: BasicAuthTests fail when Member's unique_identifier_field is anything except the default of Email (from r109834)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112831 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:26:49 +00:00
Sam Minnee
38f9e74fba MINOR Tests for Member::getName() and Member::setName() (from r109333)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112823 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 01:24:04 +00:00
Sam Minnee
b7f21302bc MINOR Fixed failing test as session being set before logging out and losing BackURL (from r108518)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112759 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-19 00:47:19 +00:00
Sam Minnee
0e3693f99e BUGFIX: tests now pass when the locale is set to something other than 'en_US' in the mysite's _config.php file (from r107940)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112702 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:33:41 +00:00
Sam Minnee
93eb6214b7 ENHANCEMENT Allowing custom messages and permission codes in BasicAuth::protect_entire_site()
ENHANCEMENT Making $permissionCode argument optional for BasicAuth::requireLogin(). If not set the logic only checks for a valid account (but no group memberships)
ENHANCEMENT Using SS_HTTPResponse_Exception instead of header()/die() in BasicAuth::requireLogin() to make it more testable (from r107867)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-18 22:29:35 +00:00
Ingo Schommer
577e82a123 BUGFIX Fixed Member->PasswordEncryption defaults when writing new Member without setting a password. Fixes critical issue with MemberTableField saving in admin/security, where new members are stored with a cleartext password by default instead of using the default SHA1 (see #5772) (from r107532)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112602 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:52:38 +00:00
Ingo Schommer
47762cdf5b ENHANCEMENT #5352 Decouple date display from i18n locales, users now have access to change their date and time formats in Member::getCMSFields() using Member_DatetimeOptionsetField field (from r107326)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112568 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:23:02 +00:00
Ingo Schommer
d51627a342 MINOR Fixed hardcoded error message in PasswordValidator (fixes #5734)
MINOR Added PasswordValidatorTest (from r106687)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112534 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:03:19 +00:00
Ingo Schommer
39b056024f APICHANGE: moved Group::addToGroupByName to $member->addToGroupByCode. (from r106217)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112528 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 03:00:48 +00:00
Ingo Schommer
caa2a292bb BUGFIX: SecurityTest tests would fail on sites which had set a non-default unique identifier field for Members (from r104016)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112329 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-14 23:53:44 +00:00
Sam Minnee
51375f7cc6 ENHANCEMENT: added tests for checking the change password functionality, including the resulting redirection (from #5420) (from r103250)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112128 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 03:39:04 +00:00
Sam Minnee
890ac94a6a MINOR: Several changes merged from branches/2.4
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112060 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 01:35:19 +00:00
Sam Minnee
82f1742569 BUGFIX: results sorted alphabetically for consistency (from r101491)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@112000 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 00:46:44 +00:00
Ingo Schommer
e4dfc243b4 BUGFIX Fixed SapphireTest->loginWithPermission() and MemberAuthenticatorTest to use existing Members based on their unique_identifier_field (if existing) to accommodate recent Member->onBeforeWrite() changes (see r100705) (from r100723)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@105628 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-05-25 04:24:53 +00:00
Ingo Schommer
79b912f7b1 BUG FIX: column names quoted properly (from r100693)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@105625 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-05-25 04:23:44 +00:00
Ingo Schommer
29a778fa45 MINOR: Fixed PermissionTest assertion (from r96642) (from r98142)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102614 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-13 02:18:14 +00:00
Ingo Schommer
c045198333 MINOR: added descriptive text to test assert. (from r98115)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102600 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-13 02:14:35 +00:00
Ingo Schommer
b8ab017597 BUGFIX: fixed test that was trying to do a assertContains between a DataObjectSet and a Member object. Changed it to an assertEquals between Member and the First item in the Set. Also added an inverse test to check that Set doesn't contain the wrong Member. (from r98114)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102599 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-13 02:14:23 +00:00
Ingo Schommer
39615a4a09 MINOR unit test for getting members by permission via roles (from r88276) (from r98084)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102577 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-13 02:00:15 +00:00
Ingo Schommer
74a04df3c8 API CHANGE Removed $blankItemText parameter from Permission::get_codes()
ENHANCEMENT Allow ungrouped retrieval of Permission::get_codes() through new $grouped switch (from r97819)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102536 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 23:41:33 +00:00
Ingo Schommer
2ff50a6fe9 MINOR: Make SecurityDefaultAdminTest when you run it by itself. (from r97652)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102522 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 23:08:35 +00:00
Ingo Schommer
6450810b4c BUGFIX Checking for presence of all columns in Security::database_is_ready(). This was necessitated by an earlier change to the sapphire ORM which now selects all columns explicitly in a SQL query (instead of SELECT *) (see #4027) (from r97480)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102494 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 21:17:07 +00:00
Ingo Schommer
426190bc9e API CHANGE Security::setDefaultAdmin() no longer writes credentials to any Member database records (created through Security::findAnAdministrator(). This prevents outdated credentials when setDefaultAdmin() code changes after creating the database record (see #4271)
API CHANGE Security::findAnAdministrator() no longer sets 'Email' and 'Password' properties on newly created members. Removed the $username and $password argments from the method.
ENHANCEMENT Member->requireDefaultRecords() no longer creates a default administrator based on $_REQUEST data. Moved functionality into Installer->install()
MINOR Security::findAnAdministrator() names any default administrators 'Default Admin' instead of 'Admin' (from r97478)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102493 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 21:16:26 +00:00
Ingo Schommer
a6362eb6e0 MINOR Fixed MemberAuthenticatorTest, was setting global state in r97357 (from r97369)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102444 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 05:01:48 +00:00
Ingo Schommer
f400c28099 BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-04-12 05:01:31 +00:00
Ingo Schommer
c604341a1d API CHANGE Removed "auto-merging" of member records from Member->onBeforeWrite() due to security reasons - please use DataObject->merge() explicitly if this is desired behaviour
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@100705 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-03-09 04:10:38 +00:00
Ingo Schommer
61e27830c6 MINOR Fixed unit tests after change Member->checkPassword() to return ValidationResult instead of boolean (see r98268) (merged from r98274)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99701 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-23 04:05:34 +00:00
Ingo Schommer
d552becce8 MINOR Added MemberCsvBulkLoaderTest->testCleartextPasswordsAreHashedWithDefaultAlgo()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@98841 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-02-12 00:58:10 +00:00
Sean Harvey
c57ec36ea9 FEATURE: added several tests for PermissionCheckboxSetField, PermissionRole and Group (from r94887)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95629 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:43:59 +00:00
Sean Harvey
69cda024ab MINOR Added tests methods for Member::can*() methods to MemberTest
MINOR Added test Extension classes for testing decorated can*() methods (from r94359)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95602 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:39:57 +00:00
Sean Harvey
35628832d6 BUGFIX #4686 Fixed $member non-object error, and decorated checks from not working in Member::canView(), Member::canEdit() and Member::canDelete()
MINOR Added additional tests to MemberTest (from r94358)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95601 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-12-16 05:39:39 +00:00