1f95ecbbfSAngus Gratton<?php 2f95ecbbfSAngus Gratton 3f95ecbbfSAngus Gratton/** 4f95ecbbfSAngus Gratton * These tests are designed to test the capacity of pluginauth to handle 5f95ecbbfSAngus Gratton * correct escaping of colon field delimiters and backslashes in user content. 6f95ecbbfSAngus Gratton * 7f95ecbbfSAngus Gratton * (Note that these tests set some Real Names, etc. that are may not be 8f95ecbbfSAngus Gratton * valid in the broader dokuwiki context, but the tests ensure that 9f95ecbbfSAngus Gratton * authplain won't get unexpectedly surprised.) 10f95ecbbfSAngus Gratton * 11f95ecbbfSAngus Gratton * @group plugin_authplain 12f8095446SChristopher Smith * @group auth_plugins 13f95ecbbfSAngus Gratton * @group plugins 14f8095446SChristopher Smith * @group bundled_plugins 15f95ecbbfSAngus Gratton */ 16f95ecbbfSAngus Grattonclass helper_plugin_authplain_escaping_test extends DokuWikiTest { 17f95ecbbfSAngus Gratton 186c8c1f46SChristopher Smith protected $pluginsEnabled = array('authplainharness'); 198702de7fSGerrit Uitslag /** @var auth_plugin_authplain|auth_plugin_authplainharness */ 20f95ecbbfSAngus Gratton protected $auth; 21f95ecbbfSAngus Gratton 22f95ecbbfSAngus Gratton protected function reloadUsers() { 23f95ecbbfSAngus Gratton /* auth caches data loaded from file, but recreated object forces reload */ 246c8c1f46SChristopher Smith $this->auth = new auth_plugin_authplainharness(); 25f95ecbbfSAngus Gratton } 26f95ecbbfSAngus Gratton 27*1c33cec3SAndreas Gohr function setUp() : void { 28f95ecbbfSAngus Gratton global $config_cascade; 29f95ecbbfSAngus Gratton parent::setUp(); 30f95ecbbfSAngus Gratton $name = $config_cascade['plainauth.users']['default']; 31f95ecbbfSAngus Gratton copy($name, $name.".orig"); 32f95ecbbfSAngus Gratton $this->reloadUsers(); 33f95ecbbfSAngus Gratton } 34f95ecbbfSAngus Gratton 35*1c33cec3SAndreas Gohr function tearDown() : void { 36f95ecbbfSAngus Gratton global $config_cascade; 37f95ecbbfSAngus Gratton parent::tearDown(); 38f95ecbbfSAngus Gratton $name = $config_cascade['plainauth.users']['default']; 39f95ecbbfSAngus Gratton copy($name.".orig", $name); 40f95ecbbfSAngus Gratton } 41f95ecbbfSAngus Gratton 42f95ecbbfSAngus Gratton public function testMediawikiPasswordHash() { 43f95ecbbfSAngus Gratton global $conf; 44f95ecbbfSAngus Gratton $conf['passcrypt'] = 'mediawiki'; 45f95ecbbfSAngus Gratton $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); 46f95ecbbfSAngus Gratton $this->reloadUsers(); 47f95ecbbfSAngus Gratton $this->assertTrue($this->auth->checkPass("mwuser", "12345")); 48f95ecbbfSAngus Gratton $mwuser = $this->auth->getUserData("mwuser"); 49f95ecbbfSAngus Gratton $this->assertStringStartsWith(":B:",$mwuser['pass']); 50f95ecbbfSAngus Gratton $this->assertEquals("Mediawiki User",$mwuser['name']); 51f95ecbbfSAngus Gratton } 52f95ecbbfSAngus Gratton 53f95ecbbfSAngus Gratton public function testNameWithColons() { 54f95ecbbfSAngus Gratton $name = ":Colon: User:"; 55f95ecbbfSAngus Gratton $this->auth->createUser("colonuser", "password", $name, "me@example.com"); 56f95ecbbfSAngus Gratton $this->reloadUsers(); 57f95ecbbfSAngus Gratton $user = $this->auth->getUserData("colonuser"); 58f95ecbbfSAngus Gratton $this->assertEquals($name,$user['name']); 59f95ecbbfSAngus Gratton } 60f95ecbbfSAngus Gratton 61f95ecbbfSAngus Gratton public function testNameWithBackslashes() { 62f95ecbbfSAngus Gratton $name = "\\Slash\\ User\\"; 63f95ecbbfSAngus Gratton $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 64f95ecbbfSAngus Gratton $this->reloadUsers(); 65f95ecbbfSAngus Gratton $user = $this->auth->getUserData("slashuser"); 66f95ecbbfSAngus Gratton $this->assertEquals($name,$user['name']); 67f95ecbbfSAngus Gratton } 68f95ecbbfSAngus Gratton 69f95ecbbfSAngus Gratton public function testModifyUser() { 70f95ecbbfSAngus Gratton global $conf; 71f95ecbbfSAngus Gratton $conf['passcrypt'] = 'mediawiki'; 72f95ecbbfSAngus Gratton $user = $this->auth->getUserData("testuser"); 73f95ecbbfSAngus Gratton $user['name'] = "\\New:Crazy:Name\\"; 74f95ecbbfSAngus Gratton $user['pass'] = "awesome new password"; 75f95ecbbfSAngus Gratton $this->auth->modifyUser("testuser", $user); 76f95ecbbfSAngus Gratton $this->reloadUsers(); 77f95ecbbfSAngus Gratton 78f95ecbbfSAngus Gratton $saved = $this->auth->getUserData("testuser"); 79f95ecbbfSAngus Gratton $this->assertEquals($saved['name'], $user['name']); 80f95ecbbfSAngus Gratton $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); 81f95ecbbfSAngus Gratton } 82f95ecbbfSAngus Gratton 836c8c1f46SChristopher Smith // really only required for developers to ensure this plugin will 846c8c1f46SChristopher Smith // work with systems running on PCRE 6.6 and lower. 856c8c1f46SChristopher Smith public function testLineSplit(){ 866c8c1f46SChristopher Smith $this->auth->setPregsplit_safe(false); 876c8c1f46SChristopher Smith 886c8c1f46SChristopher Smith $names = array( 896c8c1f46SChristopher Smith 'plain', 906c8c1f46SChristopher Smith 'ut-fठ8', 916c8c1f46SChristopher Smith 'colon:', 926c8c1f46SChristopher Smith 'backslash\\', 936c8c1f46SChristopher Smith 'alltogether\\ठ:' 946c8c1f46SChristopher Smith ); 956c8c1f46SChristopher Smith $userpass = 'user:password_hash:'; 966c8c1f46SChristopher Smith $other_user_data = ':email@address:group1,group2'; 976c8c1f46SChristopher Smith 986c8c1f46SChristopher Smith foreach ($names as $testname) { 996c8c1f46SChristopher Smith $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ 1006c8c1f46SChristopher Smith $test_line = $userpass.$escaped.$other_user_data; 1016c8c1f46SChristopher Smith $result = $this->auth->splitUserData($test_line); 1026c8c1f46SChristopher Smith 1039d846ff4SChristopher Smith $this->assertEquals($escaped, $result[2]); 1046c8c1f46SChristopher Smith } 105f95ecbbfSAngus Gratton } 1066c8c1f46SChristopher Smith} 1076c8c1f46SChristopher Smith 10855d675c9SGerrit Uitslag/** 10955d675c9SGerrit Uitslag * Class auth_plugin_authplainharness 11055d675c9SGerrit Uitslag */ 1116c8c1f46SChristopher Smithclass auth_plugin_authplainharness extends auth_plugin_authplain { 1126c8c1f46SChristopher Smith 113276820f7SScrutinizer Auto-Fixer /** 114276820f7SScrutinizer Auto-Fixer * @param boolean $bool 115276820f7SScrutinizer Auto-Fixer */ 1166c8c1f46SChristopher Smith public function setPregsplit_safe($bool) { 1175aa905e9SAndreas Gohr $this->pregsplit_safe = $bool; 1186c8c1f46SChristopher Smith } 1196c8c1f46SChristopher Smith 12055d675c9SGerrit Uitslag /** 12155d675c9SGerrit Uitslag * @return bool|mixed 12255d675c9SGerrit Uitslag */ 1236c8c1f46SChristopher Smith public function getPregsplit_safe(){ 1245aa905e9SAndreas Gohr return $this->pregsplit_safe; 1256c8c1f46SChristopher Smith } 1266c8c1f46SChristopher Smith 127276820f7SScrutinizer Auto-Fixer /** 128276820f7SScrutinizer Auto-Fixer * @param string $line 12955d675c9SGerrit Uitslag * @return array 130276820f7SScrutinizer Auto-Fixer */ 1316c8c1f46SChristopher Smith public function splitUserData($line){ 132fdf613b0SAndreas Gohr return parent::splitUserData($line); 1336c8c1f46SChristopher Smith } 1346c8c1f46SChristopher Smith} 135