1<?php 2 3/** 4 * These tests are designed to test the capacity of pluginauth to handle 5 * correct escaping of colon field delimiters and backslashes in user content. 6 * 7 * (Note that these tests set some Real Names, etc. that are may not be 8 * valid in the broader dokuwiki context, but the tests ensure that 9 * authplain won't get unexpectedly surprised.) 10 * 11 * @group plugin_authplain 12 * @group plugins 13 */ 14class helper_plugin_authplain_escaping_test extends DokuWikiTest { 15 16 protected $pluginsEnabled = array('authplainharness'); 17 /** @var auth_plugin_authplain|auth_plugin_authplainharness */ 18 protected $auth; 19 20 protected function reloadUsers() { 21 /* auth caches data loaded from file, but recreated object forces reload */ 22 $this->auth = new auth_plugin_authplainharness(); 23 } 24 25 function setUp() { 26 global $config_cascade; 27 parent::setUp(); 28 $name = $config_cascade['plainauth.users']['default']; 29 copy($name, $name.".orig"); 30 $this->reloadUsers(); 31 } 32 33 function tearDown() { 34 global $config_cascade; 35 parent::tearDown(); 36 $name = $config_cascade['plainauth.users']['default']; 37 copy($name.".orig", $name); 38 } 39 40 public function testMediawikiPasswordHash() { 41 global $conf; 42 $conf['passcrypt'] = 'mediawiki'; 43 $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); 44 $this->reloadUsers(); 45 $this->assertTrue($this->auth->checkPass("mwuser", "12345")); 46 $mwuser = $this->auth->getUserData("mwuser"); 47 $this->assertStringStartsWith(":B:",$mwuser['pass']); 48 $this->assertEquals("Mediawiki User",$mwuser['name']); 49 } 50 51 public function testNameWithColons() { 52 $name = ":Colon: User:"; 53 $this->auth->createUser("colonuser", "password", $name, "me@example.com"); 54 $this->reloadUsers(); 55 $user = $this->auth->getUserData("colonuser"); 56 $this->assertEquals($name,$user['name']); 57 } 58 59 public function testNameWithBackslashes() { 60 $name = "\\Slash\\ User\\"; 61 $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 62 $this->reloadUsers(); 63 $user = $this->auth->getUserData("slashuser"); 64 $this->assertEquals($name,$user['name']); 65 } 66 67 public function testModifyUser() { 68 global $conf; 69 $conf['passcrypt'] = 'mediawiki'; 70 $user = $this->auth->getUserData("testuser"); 71 $user['name'] = "\\New:Crazy:Name\\"; 72 $user['pass'] = "awesome new password"; 73 $this->auth->modifyUser("testuser", $user); 74 $this->reloadUsers(); 75 76 $saved = $this->auth->getUserData("testuser"); 77 $this->assertEquals($saved['name'], $user['name']); 78 $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); 79 } 80 81 // really only required for developers to ensure this plugin will 82 // work with systems running on PCRE 6.6 and lower. 83 public function testLineSplit(){ 84 $this->auth->setPregsplit_safe(false); 85 86 $names = array( 87 'plain', 88 'ut-fठ8', 89 'colon:', 90 'backslash\\', 91 'alltogether\\ठ:' 92 ); 93 $userpass = 'user:password_hash:'; 94 $other_user_data = ':email@address:group1,group2'; 95 96 foreach ($names as $testname) { 97 $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ 98 $test_line = $userpass.$escaped.$other_user_data; 99 $result = $this->auth->splitUserData($test_line); 100 101 $this->assertEquals($escaped, $result[2]); 102 } 103 } 104 105} 106 107class auth_plugin_authplainharness extends auth_plugin_authplain { 108 109 /** 110 * @param boolean $bool 111 */ 112 public function setPregsplit_safe($bool) { 113 $this->_pregsplit_safe = $bool; 114 } 115 116 public function getPregsplit_safe(){ 117 return $this->_pregsplit_safe; 118 } 119 120 /** 121 * @param string $line 122 */ 123 public function splitUserData($line){ 124 return $this->_splitUserData($line); 125 } 126} 127