[ Index ] |
PHP Cross Reference of DokuWiki |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * These tests are designed to test the capacity of pluginauth to handle 5 * correct escaping of colon field delimiters and backslashes in user content. 6 * 7 * (Note that these tests set some Real Names, etc. that are may not be 8 * valid in the broader dokuwiki context, but the tests ensure that 9 * authplain won't get unexpectedly surprised.) 10 * 11 * @group plugin_authplain 12 * @group auth_plugins 13 * @group plugins 14 * @group bundled_plugins 15 */ 16 class helper_plugin_authplain_escaping_test extends DokuWikiTest { 17 18 protected $pluginsEnabled = array('authplain'); 19 /** @var auth_plugin_authplain */ 20 protected $auth; 21 22 protected function reloadUsers() { 23 /* auth caches data loaded from file, but recreated object forces reload */ 24 $this->auth = new auth_plugin_authplain(); 25 } 26 27 function setUp() : void { 28 global $config_cascade; 29 parent::setUp(); 30 $name = $config_cascade['plainauth.users']['default']; 31 copy($name, $name.".orig"); 32 $this->reloadUsers(); 33 } 34 35 function tearDown() : void { 36 global $config_cascade; 37 parent::tearDown(); 38 $name = $config_cascade['plainauth.users']['default']; 39 copy($name.".orig", $name); 40 } 41 42 public function testMediawikiPasswordHash() { 43 global $conf; 44 $conf['passcrypt'] = 'mediawiki'; 45 $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); 46 $this->reloadUsers(); 47 $this->assertTrue($this->auth->checkPass("mwuser", "12345")); 48 $mwuser = $this->auth->getUserData("mwuser"); 49 $this->assertStringStartsWith(":B:",$mwuser['pass']); 50 $this->assertEquals("Mediawiki User",$mwuser['name']); 51 } 52 53 public function testNameWithColons() { 54 $name = ":Colon: User:"; 55 $this->auth->createUser("colonuser", "password", $name, "me@example.com"); 56 $this->reloadUsers(); 57 $user = $this->auth->getUserData("colonuser"); 58 $this->assertEquals($name,$user['name']); 59 } 60 61 public function testNameWithBackslashes() { 62 $name = "\\Slash\\ User\\"; 63 $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 64 $this->reloadUsers(); 65 $user = $this->auth->getUserData("slashuser"); 66 $this->assertEquals($name,$user['name']); 67 } 68 69 public function testNameWithHash() { 70 $name = "Hash # User"; 71 $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 72 $this->reloadUsers(); 73 $user = $this->auth->getUserData("slashuser"); 74 $this->assertEquals($name,$user['name']); 75 } 76 77 public function testModifyUser() { 78 global $conf; 79 $conf['passcrypt'] = 'mediawiki'; 80 $user = $this->auth->getUserData("testuser"); 81 $user['name'] = "\\New:Crazy:Name\\"; 82 $user['pass'] = "awesome new password"; 83 $this->auth->modifyUser("testuser", $user); 84 $this->reloadUsers(); 85 86 $saved = $this->auth->getUserData("testuser"); 87 $this->assertEquals($saved['name'], $user['name']); 88 $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); 89 } 90 91 // really only required for developers to ensure this plugin will 92 // work with systems running on PCRE 6.6 and lower. 93 public function testLineSplit(){ 94 $names = array( 95 'plain', 96 'ut-fठ8', 97 'colon:', 98 'backslash\\', 99 'alltogether\\ठ:' 100 ); 101 $userpass = 'user:password_hash:'; 102 $other_user_data = ':email@address:group1,group2'; 103 104 foreach ($names as $testname) { 105 $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ 106 $test_line = $userpass.$escaped.$other_user_data; 107 $result = $this->callInaccessibleMethod($this->auth, 'splitUserData', [$test_line]); 108 109 $this->assertEquals($escaped, $result[2]); 110 } 111 } 112 113 /** 114 * @see testCleaning 115 */ 116 public function provideCleaning() 117 { 118 return [ 119 ['user', 'user'], 120 ['USER', 'user'], 121 [' USER ', 'user'], 122 [' US ER ', 'us_er'], 123 ['http://foo;bar', 'http_foo_bar'], 124 ]; 125 } 126 127 /** 128 * @param string $input 129 * @param string $expected 130 * @dataProvider provideCleaning 131 */ 132 public function testCleaning($input, $expected) 133 { 134 $this->assertEquals($expected, $this->auth->cleanUser($input)); 135 $this->assertEquals($expected, $this->auth->cleanGroup($input)); 136 } 137 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body