public function testEncryptDecrypt()
{
$this->assertEquals(Cii::decrypt(Cii::encrypt(1)), 1);
// Integer
$this->assertEquals(Cii::decrypt(Cii::encrypt("1")), "1");
// String integer
$this->assertEquals(Cii::decrypt(Cii::encrypt(3.14)), 3.14);
// Float
$this->assertEquals(Cii::decrypt(Cii::encrypt("3.14")), "3.14");
// String float
$this->assertEquals(Cii::decrypt(Cii::encrypt("string")), "string");
// String
// Test a variety of hashes of various sizes generated by Cii::generateSafeHash()
$hash1 = Cii::generateSafeHash(4);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash1)), $hash1);
$hash2 = Cii::generateSafeHash(16);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash2)), $hash2);
$hash3 = Cii::generateSafeHash(32);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash3)), $hash3);
$hash4 = Cii::generateSafeHash(64);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash4)), $hash4);
$hash5 = Cii::generateSafeHash(128);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash5)), $hash5);
$hash6 = Cii::generateSafeHash(256);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash6)), $hash6);
$hash7 = Cii::generateSafeHash(512);
$this->assertEquals(Cii::decrypt(Cii::encrypt($hash7)), $hash7);
}
/**
* Forces a password to be assigned before the user can proceed to the previous page
* @param $id - ID of the content we want to investigate
**/
public function actionPassword($id = NULL)
{
$this->setPageTitle(Yii::t('ciims.controllers.Content', '{{app_name}} | {{label}}', array('{{app_name}}' => Cii::getConfig('name', Yii::app()->name), '{{label}}' => Yii::t('ciims.controllers.Content', 'Password Required'))));
if ($id == NULL) {
$this->redirect(Yii::app()->user->returnUrl);
}
// Set some default data
if (Cii::get(Cii::get($_SESSION, 'password', array()), $id, NULL) == NULL) {
$_SESSION['password'][$id] = array('tries' => 0, 'expires' => time() + 300);
}
// If the number of attempts is >= 3
if (Cii::get(Cii::get(Cii::get($_SESSION, 'password', array()), $id, array()), 'tries', 0) >= 3) {
// If the expires time has already passed, unlock the account
if (Cii::get(Cii::get(Cii::get($_SESSION, 'password', array()), $id, array()), 'expires', 0) <= time()) {
$_SESSION['password'][$id] = array('tries' => 0, 'expires' => time() + 300);
} else {
// Otherwise prevent access to it
Yii::app()->user->setFlash('error', Yii::t('ciims.controllers.Content', 'Too many password attempts. Please try again in 5 minutes'));
unset($_POST['password']);
$_SESSION['password'][$id]['expires'] = time() + 300;
}
}
if (Cii::get($_POST, 'password', NULL) !== NULL) {
$content = Content::model()->findByPk($id);
$encrypted = Cii::encrypt(Cii::get($_POST, 'password'));
if ($encrypted == $content->attributes['password']) {
$_SESSION['password'][$id]['password'] = $encrypted;
$_SESSION['password'][$id]['tries'] = 0;
$this->redirect(Yii::app()->createUrl($content->attributes['slug']));
} else {
Yii::app()->user->setFlash('error', Yii::t('ciims.controllers.Content', 'Incorrect password'));
$_SESSION['password'][$id]['tries'] = $_SESSION['password'][$id]['tries'] + 1;
$_SESSION['password'][$id]['expires'] = time() + 300;
}
}
$this->layout = 'password';
$this->render('password', array('id' => $id));
}
/**
* Allow some override values
* @return parent::beforeSave();
*/
public function beforeSave()
{
if (($allow_api = Cii::get(Cii::getCiiConfig(), 'allow_api', true)) == false) {
$this->attributes['enableAPI'] = $this->enableAPI = (int) $allow_api;
}
// Encrypt the Openstack API Key
if ($this->attributes['openstack_apikey'] != NULL && $this->attributes['openstack_apikey'] != "") {
$this->attributes['openstack_apikey'] = $this->openstack_apikey = Cii::encrypt($this->attributes['openstack_apikey']);
}
return parent::beforeSave();
}
/**
* Handles the creation and editing of Content models.
* If no id is provided, a new model will be created. Otherwise attempt to edit
* @param int $id The ContentId of the model we want to manipulate
*/
public function actionSave($id = NULL)
{
$version = 0;
$theme = Cii::getConfig('theme', 'default');
$viewFiles = $this->getViewFiles($theme);
$layouts = $this->getLayouts($theme);
// Editor Preferences
$preferMarkdown = Cii::getConfig('preferMarkdown', false);
if ($preferMarkdown == NULL) {
$preferMarkdown = false;
} else {
$preferMarkdown = (bool) $preferMarkdown;
}
// Determine what we're doing, new model or existing one
if ($id == NULL) {
$model = new Content();
$model->savePrototype();
$this->redirect($this->createUrl('/dashboard/content/save/id/' . $model->id));
} else {
$model = Content::model()->findByPk($id);
if ($model == NULL) {
throw new CHttpException(400, Yii::t('Dashboard.main', 'We were unable to retrieve a post with that id. Please do not repeat this request again.'));
}
// Determine the version number based upon the count of existing rows
// We do this manually to make sure we have the correct data
$version = Content::model()->countByAttributes(array('id' => $id));
}
$role = Yii::app()->user->role;
if ($role != 7 && $role != 9) {
if ($model->author_id != Yii::app()->user->id) {
throw new CHttpException(401, Yii::t('Dashboard.main', 'You are not authorized to perform this action.'));
}
}
if (Cii::get($_POST, 'Content') !== NULL) {
$model2 = new Content();
$model2->attributes = Cii::get($_POST, 'Content', array());
if (Cii::get($_POST['Content'], 'password', "") != "") {
$model2->password = Cii::encrypt($_POST['Content']['password']);
} else {
$model2->password = "";
}
// For some reason this isn't setting with the other data
$model2->extract = $_POST['Content']['extract'];
$model2->id = $id;
$model2->vid = $model->vid + 1;
$model2->viewFile = Cii::get($_POST['Content'], 'view', 'blog');
$model2->layoutFile = Cii::get($_POST['Content'], 'layout', 'blog');
$model2->created = $_POST['Content']['created'];
$model2->commentable = Cii::get($_POST['Content'], 'commentable', 1);
$model2->type_id = Cii::get($_POST['Content'], 'type_id', 2);
$model2->published = Cii::get($_POST['Content'], 'published', NULL);
$time = strtotime($model2->published . $_POST['timezone']);
$published = date('Y-m-d H:i:s', $time);
$model2->published = $published;
if ($model->author_id != Yii::app()->user->id) {
$model2->author_id = $model->author_id;
}
// Prevent editors and collaborators from publishing acticles
if ($role == 5 || $role == 7) {
if ($model2->status == 1) {
$model2->status = 2;
}
}
if ($model2->save()) {
Yii::app()->user->setFlash('success', Yii::t('Dashboard.main', 'Content has been updated.'));
// TODO: This should eventually be an Ajax Request as part of an APIController rather than being baked into this.
if (Yii::app()->request->isAjaxRequest) {
echo CJSON::encode($model2->attributes);
return true;
}
$this->redirect(array('save', 'id' => $model2->id));
} else {
foreach ($model2->attributes as $k => $v) {
$model->{$k} = $v;
}
$model->vid = $model2->vid - 1;
$model->addErrors($model2->getErrors());
Yii::app()->user->setFlash('error', Yii::t('Dashboard.main', 'There was an error saving your content. Please try again.'));
}
}
$this->render('save', array('model' => $model, 'id' => $id, 'version' => $version, 'preferMarkdown' => $preferMarkdown, 'views' => $viewFiles, 'layouts' => $layouts, 'canPublish' => Yii::app()->user->role != 7 && Yii::app()->user->role != 5));
}
/**
* Validates passwords by encrypting them for storage
* @param mixed $attribute
* @param mixed $params
* @return true
*/
public function password($attribute, $params)
{
$this->attributes[$attribute] = $this->{$attribute} = Cii::encrypt($this->{$attribute});
return true;
}