xref: /dokuwiki/lib/plugins/authplain/_test/escaping.test.php (revision fbc1c20225ff017ec7041c20e30b7d44726ec424) 
1<?php
2
3/**
4 * These tests are designed to test the capacity of pluginauth to handle
5 * correct escaping of colon field delimiters and backslashes in user content.
6 *
7 * (Note that these tests set some Real Names, etc. that are may not be
8 * valid in the broader dokuwiki context, but the tests ensure that
9 * authplain won't get unexpectedly surprised.)
10 *
11 * @group plugin_authplain
12 * @group auth_plugins
13 * @group plugins
14 * @group bundled_plugins
15 */
16class helper_plugin_authplain_escaping_test extends DokuWikiTest {
17
18    protected $pluginsEnabled = array('authplainharness');
19    /** @var  auth_plugin_authplain|auth_plugin_authplainharness */
20    protected $auth;
21
22    protected function reloadUsers() {
23        /* auth caches data loaded from file, but recreated object forces reload */
24        $this->auth = new auth_plugin_authplainharness();
25    }
26
27    function setUp() : void {
28        global $config_cascade;
29        parent::setUp();
30        $name = $config_cascade['plainauth.users']['default'];
31        copy($name, $name.".orig");
32        $this->reloadUsers();
33    }
34
35    function tearDown() : void {
36        global $config_cascade;
37        parent::tearDown();
38        $name = $config_cascade['plainauth.users']['default'];
39        copy($name.".orig", $name);
40    }
41
42    public function testMediawikiPasswordHash() {
43        global $conf;
44        $conf['passcrypt'] = 'mediawiki';
45        $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com");
46        $this->reloadUsers();
47        $this->assertTrue($this->auth->checkPass("mwuser", "12345"));
48        $mwuser = $this->auth->getUserData("mwuser");
49        $this->assertStringStartsWith(":B:",$mwuser['pass']);
50        $this->assertEquals("Mediawiki User",$mwuser['name']);
51    }
52
53    public function testNameWithColons() {
54        $name = ":Colon: User:";
55        $this->auth->createUser("colonuser", "password", $name, "me@example.com");
56        $this->reloadUsers();
57        $user = $this->auth->getUserData("colonuser");
58        $this->assertEquals($name,$user['name']);
59    }
60
61    public function testNameWithBackslashes() {
62        $name = "\\Slash\\ User\\";
63        $this->auth->createUser("slashuser", "password", $name, "me@example.com");
64        $this->reloadUsers();
65        $user = $this->auth->getUserData("slashuser");
66        $this->assertEquals($name,$user['name']);
67    }
68
69    public function testModifyUser() {
70        global $conf;
71        $conf['passcrypt'] = 'mediawiki';
72        $user = $this->auth->getUserData("testuser");
73        $user['name'] = "\\New:Crazy:Name\\";
74        $user['pass'] = "awesome new password";
75        $this->auth->modifyUser("testuser", $user);
76        $this->reloadUsers();
77
78        $saved = $this->auth->getUserData("testuser");
79        $this->assertEquals($saved['name'], $user['name']);
80        $this->assertTrue($this->auth->checkPass("testuser", $user['pass']));
81    }
82
83    // really only required for developers to ensure this plugin will
84    // work with systems running on PCRE 6.6 and lower.
85    public function testLineSplit(){
86        $this->auth->setPregsplit_safe(false);
87
88        $names = array(
89          'plain',
90          'ut-fठ8',
91          'colon:',
92          'backslash\\',
93          'alltogether\\ठ:'
94        );
95        $userpass = 'user:password_hash:';
96        $other_user_data = ':email@address:group1,group2';
97
98        foreach ($names as $testname) {
99            $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname);   // escape : & \
100            $test_line = $userpass.$escaped.$other_user_data;
101            $result = $this->auth->splitUserData($test_line);
102
103            $this->assertEquals($escaped, $result[2]);
104        }
105    }
106
107    /**
108     * @see testCleaning
109     */
110    public function provideCleaning()
111    {
112        return [
113            ['user', 'user'],
114            ['USER', 'user'],
115            [' USER ', 'user'],
116            [' US ER ', 'us_er'],
117            ['http://foo;bar', 'http_foo_bar'],
118        ];
119    }
120
121    /**
122     * @param string $input
123     * @param string $expected
124     * @dataProvider provideCleaning
125     */
126    public function testCleaning($input, $expected)
127    {
128        $this->assertEquals($expected, $this->auth->cleanUser($input));
129        $this->assertEquals($expected, $this->auth->cleanGroup($input));
130    }
131}
132
133/**
134 * Class auth_plugin_authplainharness
135 */
136class auth_plugin_authplainharness extends auth_plugin_authplain {
137
138    /**
139     * @param boolean $bool
140     */
141    public function setPregsplit_safe($bool) {
142        $this->pregsplit_safe = $bool;
143    }
144
145    /**
146     * @return bool|mixed
147     */
148    public function getPregsplit_safe(){
149        return $this->pregsplit_safe;
150    }
151
152    /**
153     * @param string $line
154     * @return array
155     */
156    public function splitUserData($line){
157        return parent::splitUserData($line);
158    }
159}
160