mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-09-09 03:01:18 +02:00
d8e9af8af8
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector Creation of new DBQueryGenerator for database specific generation of SQL Support for parameterised queries, move of code base to use these over escaped conditions Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT Support for PDO Installation process upgraded to use new ORM SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data. Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn) 3.2 upgrade docs Performance Optimisation and simplification of code to use more concise API API Ability for database adapters to register extensions to ConfigureFromEnv.php
148 lines
5.2 KiB
PHP
148 lines
5.2 KiB
PHP
<?php
|
|
/**
|
|
* @package framework
|
|
* @subpackage tests
|
|
*/
|
|
|
|
class BasicAuthTest extends FunctionalTest {
|
|
|
|
static $original_unique_identifier_field;
|
|
|
|
protected static $fixture_file = 'BasicAuthTest.yml';
|
|
|
|
public function setUp() {
|
|
parent::setUp();
|
|
|
|
// Fixtures assume Email is the field used to identify the log in identity
|
|
self::$original_unique_identifier_field = Member::config()->unique_identifier_field;
|
|
Member::config()->unique_identifier_field = 'Email';
|
|
Security::$force_database_is_ready = true; // Prevents Member test subclasses breaking ready test
|
|
}
|
|
|
|
public function tearDown() {
|
|
parent::tearDown();
|
|
|
|
BasicAuth::protect_entire_site(false);
|
|
Member::config()->unique_identifier_field = self::$original_unique_identifier_field;
|
|
Security::$force_database_is_ready = null;
|
|
}
|
|
|
|
public function testBasicAuthEnabledWithoutLogin() {
|
|
$origUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
|
|
$origPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
|
|
|
|
unset($_SERVER['PHP_AUTH_USER']);
|
|
unset($_SERVER['PHP_AUTH_PW']);
|
|
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode());
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
public function testBasicAuthDoesntCallActionOrFurtherInitOnAuthFailure() {
|
|
$origUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
|
|
$origPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
|
|
|
|
unset($_SERVER['PHP_AUTH_USER']);
|
|
unset($_SERVER['PHP_AUTH_PW']);
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertFalse(BasicAuthTest_ControllerSecuredWithPermission::$index_called);
|
|
$this->assertFalse(BasicAuthTest_ControllerSecuredWithPermission::$post_init_called);
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertTrue(BasicAuthTest_ControllerSecuredWithPermission::$index_called);
|
|
$this->assertTrue(BasicAuthTest_ControllerSecuredWithPermission::$post_init_called);
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
public function testBasicAuthEnabledWithPermission() {
|
|
$origUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
|
|
$origPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'wrongpassword';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Invalid users dont have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Valid user without required permission has no access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'Valid user with required permission has access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
public function testBasicAuthEnabledWithoutPermission() {
|
|
$origUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
|
|
$origPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'wrongpassword';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(401, $response->getStatusCode(), 'Invalid users dont have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-without-groups@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'All valid users have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user-in-mygroup@test.com';
|
|
$_SERVER['PHP_AUTH_PW'] = 'test';
|
|
$response = Director::test('BasicAuthTest_ControllerSecuredWithoutPermission');
|
|
$this->assertEquals(200, $response->getStatusCode(), 'All valid users have access');
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = $origUser;
|
|
$_SERVER['PHP_AUTH_PW'] = $origPw;
|
|
}
|
|
|
|
}
|
|
|
|
class BasicAuthTest_ControllerSecuredWithPermission extends Controller implements TestOnly {
|
|
|
|
static $post_init_called = false;
|
|
|
|
static $index_called = false;
|
|
|
|
protected $template = 'BlankPage';
|
|
|
|
public function init() {
|
|
self::$post_init_called = false;
|
|
self::$index_called = false;
|
|
|
|
BasicAuth::protect_entire_site(true, 'MYCODE');
|
|
parent::init();
|
|
|
|
self::$post_init_called = true;
|
|
}
|
|
|
|
public function index() {
|
|
self::$index_called = true;
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
class BasicAuthTest_ControllerSecuredWithoutPermission extends Controller implements TestOnly {
|
|
|
|
protected $template = 'BlankPage';
|
|
|
|
public function init() {
|
|
BasicAuth::protect_entire_site(true, null);
|
|
parent::init();
|
|
}
|
|
|
|
}
|