1f95ecbbfSAngus Gratton<?php 2f95ecbbfSAngus Gratton 3f95ecbbfSAngus Gratton/** 4f95ecbbfSAngus Gratton * These tests are designed to test the capacity of pluginauth to handle 5f95ecbbfSAngus Gratton * correct escaping of colon field delimiters and backslashes in user content. 6f95ecbbfSAngus Gratton * 7f95ecbbfSAngus Gratton * (Note that these tests set some Real Names, etc. that are may not be 8f95ecbbfSAngus Gratton * valid in the broader dokuwiki context, but the tests ensure that 9f95ecbbfSAngus Gratton * authplain won't get unexpectedly surprised.) 10f95ecbbfSAngus Gratton * 11f95ecbbfSAngus Gratton * @group plugin_authplain 12f95ecbbfSAngus Gratton * @group plugins 13f95ecbbfSAngus Gratton */ 14f95ecbbfSAngus Grattonclass helper_plugin_authplain_escaping_test extends DokuWikiTest { 15f95ecbbfSAngus Gratton 166c8c1f46SChristopher Smith protected $pluginsEnabled = array('authplainharness'); 178702de7fSGerrit Uitslag /** @var auth_plugin_authplain|auth_plugin_authplainharness */ 18f95ecbbfSAngus Gratton protected $auth; 19f95ecbbfSAngus Gratton 20f95ecbbfSAngus Gratton protected function reloadUsers() { 21f95ecbbfSAngus Gratton /* auth caches data loaded from file, but recreated object forces reload */ 226c8c1f46SChristopher Smith $this->auth = new auth_plugin_authplainharness(); 23f95ecbbfSAngus Gratton } 24f95ecbbfSAngus Gratton 25f95ecbbfSAngus Gratton function setUp() { 26f95ecbbfSAngus Gratton global $config_cascade; 27f95ecbbfSAngus Gratton parent::setUp(); 28f95ecbbfSAngus Gratton $name = $config_cascade['plainauth.users']['default']; 29f95ecbbfSAngus Gratton copy($name, $name.".orig"); 30f95ecbbfSAngus Gratton $this->reloadUsers(); 31f95ecbbfSAngus Gratton } 32f95ecbbfSAngus Gratton 33f95ecbbfSAngus Gratton function tearDown() { 34f95ecbbfSAngus Gratton global $config_cascade; 35f95ecbbfSAngus Gratton parent::tearDown(); 36f95ecbbfSAngus Gratton $name = $config_cascade['plainauth.users']['default']; 37f95ecbbfSAngus Gratton copy($name.".orig", $name); 38f95ecbbfSAngus Gratton } 39f95ecbbfSAngus Gratton 40f95ecbbfSAngus Gratton public function testMediawikiPasswordHash() { 41f95ecbbfSAngus Gratton global $conf; 42f95ecbbfSAngus Gratton $conf['passcrypt'] = 'mediawiki'; 43f95ecbbfSAngus Gratton $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); 44f95ecbbfSAngus Gratton $this->reloadUsers(); 45f95ecbbfSAngus Gratton $this->assertTrue($this->auth->checkPass("mwuser", "12345")); 46f95ecbbfSAngus Gratton $mwuser = $this->auth->getUserData("mwuser"); 47f95ecbbfSAngus Gratton $this->assertStringStartsWith(":B:",$mwuser['pass']); 48f95ecbbfSAngus Gratton $this->assertEquals("Mediawiki User",$mwuser['name']); 49f95ecbbfSAngus Gratton } 50f95ecbbfSAngus Gratton 51f95ecbbfSAngus Gratton public function testNameWithColons() { 52f95ecbbfSAngus Gratton $name = ":Colon: User:"; 53f95ecbbfSAngus Gratton $this->auth->createUser("colonuser", "password", $name, "me@example.com"); 54f95ecbbfSAngus Gratton $this->reloadUsers(); 55f95ecbbfSAngus Gratton $user = $this->auth->getUserData("colonuser"); 56f95ecbbfSAngus Gratton $this->assertEquals($name,$user['name']); 57f95ecbbfSAngus Gratton } 58f95ecbbfSAngus Gratton 59f95ecbbfSAngus Gratton public function testNameWithBackslashes() { 60f95ecbbfSAngus Gratton $name = "\\Slash\\ User\\"; 61f95ecbbfSAngus Gratton $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 62f95ecbbfSAngus Gratton $this->reloadUsers(); 63f95ecbbfSAngus Gratton $user = $this->auth->getUserData("slashuser"); 64f95ecbbfSAngus Gratton $this->assertEquals($name,$user['name']); 65f95ecbbfSAngus Gratton } 66f95ecbbfSAngus Gratton 67f95ecbbfSAngus Gratton public function testModifyUser() { 68f95ecbbfSAngus Gratton global $conf; 69f95ecbbfSAngus Gratton $conf['passcrypt'] = 'mediawiki'; 70f95ecbbfSAngus Gratton $user = $this->auth->getUserData("testuser"); 71f95ecbbfSAngus Gratton $user['name'] = "\\New:Crazy:Name\\"; 72f95ecbbfSAngus Gratton $user['pass'] = "awesome new password"; 73f95ecbbfSAngus Gratton $this->auth->modifyUser("testuser", $user); 74f95ecbbfSAngus Gratton $this->reloadUsers(); 75f95ecbbfSAngus Gratton 76f95ecbbfSAngus Gratton $saved = $this->auth->getUserData("testuser"); 77f95ecbbfSAngus Gratton $this->assertEquals($saved['name'], $user['name']); 78f95ecbbfSAngus Gratton $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); 79f95ecbbfSAngus Gratton } 80f95ecbbfSAngus Gratton 816c8c1f46SChristopher Smith // really only required for developers to ensure this plugin will 826c8c1f46SChristopher Smith // work with systems running on PCRE 6.6 and lower. 836c8c1f46SChristopher Smith public function testLineSplit(){ 846c8c1f46SChristopher Smith $this->auth->setPregsplit_safe(false); 856c8c1f46SChristopher Smith 866c8c1f46SChristopher Smith $names = array( 876c8c1f46SChristopher Smith 'plain', 886c8c1f46SChristopher Smith 'ut-fठ8', 896c8c1f46SChristopher Smith 'colon:', 906c8c1f46SChristopher Smith 'backslash\\', 916c8c1f46SChristopher Smith 'alltogether\\ठ:' 926c8c1f46SChristopher Smith ); 936c8c1f46SChristopher Smith $userpass = 'user:password_hash:'; 946c8c1f46SChristopher Smith $other_user_data = ':email@address:group1,group2'; 956c8c1f46SChristopher Smith 966c8c1f46SChristopher Smith foreach ($names as $testname) { 976c8c1f46SChristopher Smith $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ 986c8c1f46SChristopher Smith $test_line = $userpass.$escaped.$other_user_data; 996c8c1f46SChristopher Smith $result = $this->auth->splitUserData($test_line); 1006c8c1f46SChristopher Smith 1019d846ff4SChristopher Smith $this->assertEquals($escaped, $result[2]); 1026c8c1f46SChristopher Smith } 103f95ecbbfSAngus Gratton } 104f95ecbbfSAngus Gratton 1056c8c1f46SChristopher Smith} 1066c8c1f46SChristopher Smith 1076c8c1f46SChristopher Smithclass auth_plugin_authplainharness extends auth_plugin_authplain { 1086c8c1f46SChristopher Smith 109*276820f7SScrutinizer Auto-Fixer /** 110*276820f7SScrutinizer Auto-Fixer * @param boolean $bool 111*276820f7SScrutinizer Auto-Fixer */ 1126c8c1f46SChristopher Smith public function setPregsplit_safe($bool) { 1136c8c1f46SChristopher Smith $this->_pregsplit_safe = $bool; 1146c8c1f46SChristopher Smith } 1156c8c1f46SChristopher Smith 1166c8c1f46SChristopher Smith public function getPregsplit_safe(){ 1176c8c1f46SChristopher Smith return $this->_pregsplit_safe; 1186c8c1f46SChristopher Smith } 1196c8c1f46SChristopher Smith 120*276820f7SScrutinizer Auto-Fixer /** 121*276820f7SScrutinizer Auto-Fixer * @param string $line 122*276820f7SScrutinizer Auto-Fixer */ 1236c8c1f46SChristopher Smith public function splitUserData($line){ 1246c8c1f46SChristopher Smith return $this->_splitUserData($line); 1256c8c1f46SChristopher Smith } 1266c8c1f46SChristopher Smith} 127