mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
dc36725869
MINOR Checking for SiteTree class existence in Security, Translatable MINOR Checking for ContentController existence in FulltextSearchable MINOR Removed unnecessary ContentController tests from ObjectTest MINOR Replaced CMS specific examples in PermissionCheckboxSetFieldTest, DataObjectTest MINOR Changed SecurityTest to make assertions against Security/login rather than relying on redirection from admin/cms
145 lines
4.7 KiB
PHP
145 lines
4.7 KiB
PHP
<?php
|
|
/**
|
|
* @package sapphire
|
|
* @subpackage tests
|
|
*/
|
|
|
|
class BasicAuthTest extends FunctionalTest {
|
|
|
|
static $original_unique_identifier_field;
|
|
|
|
static $fixture_file = 'sapphire/tests/security/BasicAuthTest.yml';
|
|
|
|
function setUp() {
|
|
parent::setUp();
|
|
|
|
// Fixtures assume Email is the field used to identify the log in identity
|
|
self::$original_unique_identifier_field = Member::get_unique_identifier_field();
|
|
Member::set_unique_identifier_field('Email');
|
|
}
|
|
|
|
function tearDown() {
|
|
parent::tearDown();
|
|
|
|
BasicAuth::protect_entire_site(false);
|
|
Member::set_unique_identifier_field(self::$original_unique_identifier_field);
|
|
}
|
|
|
|
function testBasicAuthEnabledWithoutLogin() {
|
|
$origUser = @$_SERVER['PHP_AUTH_USER'];
|
|
$origPw = @$_SERVER['PHP_AUTH_PW'];
|
|
|
|
unset($_SERVER['PHP_AUTH_USER']);
|
|
unset($_SERVER['PHP_AUTH_PW']);
|
|
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode());
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
function testBasicAuthDoesntCallActionOrFurtherInitOnAuthFailure() {
|
|
$origUser = @$_SERVER['PHP_AUTH_USER'];
|
|
$origPw = @$_SERVER['PHP_AUTH_PW'];
|
|
|
|
unset($_SERVER['PHP_AUTH_USER']);
|
|
unset($_SERVER['PHP_AUTH_PW']);
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertFalse(BasicAuthTest_ControllerSecuredWithPermission::$index_called);
|
|
$this->assertFalse(BasicAuthTest_ControllerSecuredWithPermission::$post_init_called);
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertTrue(BasicAuthTest_ControllerSecuredWithPermission::$index_called);
|
|
$this->assertTrue(BasicAuthTest_ControllerSecuredWithPermission::$post_init_called);
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
function testBasicAuthEnabledWithPermission() {
|
|
$origUser = @$_SERVER['PHP_AUTH_USER'];
|
|
$origPw = @$_SERVER['PHP_AUTH_PW'];
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'wrongpassword';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Invalid users dont have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Valid user without required permission has no access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'Valid user with required permission has access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
function testBasicAuthEnabledWithoutPermission() {
|
|
$origUser = @$_SERVER['PHP_AUTH_USER'];
|
|
$origPw = @$_SERVER['PHP_AUTH_PW'];
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'wrongpassword';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Invalid users dont have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'All valid users have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'All valid users have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
}
|
|
|
|
class BasicAuthTest_ControllerSecuredWithPermission extends Controller implements TestOnly {
|
|
|
|
static $post_init_called = false;
|
|
|
|
static $index_called = false;
|
|
|
|
protected $template = '../sapphire/templates/BlankPage.ss';
|
|
|
|
function init() {
|
|
self::$post_init_called = false;
|
|
self::$index_called = false;
|
|
|
|
BasicAuth::protect_entire_site(true, 'MYCODE');
|
|
parent::init();
|
|
|
|
self::$post_init_called = true;
|
|
}
|
|
|
|
function index() {
|
|
self::$index_called = true;
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
class BasicAuthTest_ControllerSecuredWithoutPermission extends Controller implements TestOnly {
|
|
|
|
protected $template = '../sapphire/templates/BlankPage.ss';
|
|
|
|
function init() {
|
|
BasicAuth::protect_entire_site(true, null);
|
|
parent::init();
|
|
}
|
|
|
|
} |