1<?php 2 3/** 4 * These tests are designed to test the capacity of pluginauth to handle 5 * correct escaping of colon field delimiters and backslashes in user content. 6 * 7 * (Note that these tests set some Real Names, etc. that are may not be 8 * valid in the broader dokuwiki context, but the tests ensure that 9 * authplain won't get unexpectedly surprised.) 10 * 11 * @group plugin_authplain 12 * @group plugins 13 */ 14class helper_plugin_authplain_escaping_test extends DokuWikiTest { 15 16 protected $pluginsEnabled = array('authplainharness'); 17 protected $auth; 18 19 protected function reloadUsers() { 20 /* auth caches data loaded from file, but recreated object forces reload */ 21 $this->auth = new auth_plugin_authplainharness(); 22 } 23 24 function setUp() { 25 global $config_cascade; 26 parent::setUp(); 27 $name = $config_cascade['plainauth.users']['default']; 28 copy($name, $name.".orig"); 29 $this->reloadUsers(); 30 } 31 32 function tearDown() { 33 global $config_cascade; 34 parent::tearDown(); 35 $name = $config_cascade['plainauth.users']['default']; 36 copy($name.".orig", $name); 37 } 38 39 public function testMediawikiPasswordHash() { 40 global $conf; 41 $conf['passcrypt'] = 'mediawiki'; 42 $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); 43 $this->reloadUsers(); 44 $this->assertTrue($this->auth->checkPass("mwuser", "12345")); 45 $mwuser = $this->auth->getUserData("mwuser"); 46 $this->assertStringStartsWith(":B:",$mwuser['pass']); 47 $this->assertEquals("Mediawiki User",$mwuser['name']); 48 } 49 50 public function testNameWithColons() { 51 $name = ":Colon: User:"; 52 $this->auth->createUser("colonuser", "password", $name, "me@example.com"); 53 $this->reloadUsers(); 54 $user = $this->auth->getUserData("colonuser"); 55 $this->assertEquals($name,$user['name']); 56 } 57 58 public function testNameWithBackslashes() { 59 $name = "\\Slash\\ User\\"; 60 $this->auth->createUser("slashuser", "password", $name, "me@example.com"); 61 $this->reloadUsers(); 62 $user = $this->auth->getUserData("slashuser"); 63 $this->assertEquals($name,$user['name']); 64 } 65 66 public function testModifyUser() { 67 global $conf; 68 $conf['passcrypt'] = 'mediawiki'; 69 $user = $this->auth->getUserData("testuser"); 70 $user['name'] = "\\New:Crazy:Name\\"; 71 $user['pass'] = "awesome new password"; 72 $this->auth->modifyUser("testuser", $user); 73 $this->reloadUsers(); 74 75 $saved = $this->auth->getUserData("testuser"); 76 $this->assertEquals($saved['name'], $user['name']); 77 $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); 78 } 79 80 // really only required for developers to ensure this plugin will 81 // work with systems running on PCRE 6.6 and lower. 82 public function testLineSplit(){ 83 $this->auth->setPregsplit_safe(false); 84 85 $names = array( 86 'plain', 87 'ut-fठ8', 88 'colon:', 89 'backslash\\', 90 'alltogether\\ठ:' 91 ); 92 $userpass = 'user:password_hash:'; 93 $other_user_data = ':email@address:group1,group2'; 94 95 foreach ($names as $testname) { 96 $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ 97 $test_line = $userpass.$escaped.$other_user_data; 98 $result = $this->auth->splitUserData($test_line); 99 100 $this->assertEquals($escaped, $result[2]); 101 } 102 } 103 104} 105 106class auth_plugin_authplainharness extends auth_plugin_authplain { 107 108 public function setPregsplit_safe($bool) { 109 $this->_pregsplit_safe = $bool; 110 } 111 112 public function getPregsplit_safe(){ 113 return $this->_pregsplit_safe; 114 } 115 116 public function splitUserData($line){ 117 return $this->_splitUserData($line); 118 } 119}