public function testCheckDefaultAdmin()
{
$this->assertTrue(Security::has_default_admin());
$this->assertTrue(Security::check_default_admin('admin', 'password'), 'Succeeds with correct username and password');
$this->assertFalse(Security::check_default_admin('wronguser', 'password'), 'Fails with incorrect username');
$this->assertFalse(Security::check_default_admin('admin', 'wrongpassword'), 'Fails with incorrect password');
}
public function show()
{
if ($member = Member::currentUser()) {
if (!$member->Email || Security::has_default_admin()) {
return true;
}
}
return false;
}
public function testCheckDefaultAdmin()
{
if (Security::has_default_admin()) {
$this->markTestSkipped('Default admin present. There\'s no way to inspect default admin state, ' . 'so we don\'t override existing settings');
}
Security::setDefaultAdmin('admin', 'password');
$this->assertTrue(Security::has_default_admin());
$this->assertTrue(Security::check_default_admin('admin', 'password'), 'Succeeds with correct username and password');
$this->assertFalse(Security::check_default_admin('wronguser', 'password'), 'Fails with incorrect username');
$this->assertFalse(Security::check_default_admin('admin', 'wrongpassword'), 'Fails with incorrect password');
Security::setDefaultAdmin(null, null);
}
function testCheckDefaultAdmin()
{
// TODO There's currently no way to inspect default admin state,
// hence we don't override existing settings
if (Security::has_default_admin()) {
return;
}
Security::setDefaultAdmin('admin', 'password');
$this->assertTrue(Security::has_default_admin());
$this->assertTrue(Security::check_default_admin('admin', 'password'), 'Succeeds with correct username and password');
$this->assertFalse(Security::check_default_admin('wronguser', 'password'), 'Fails with incorrect username');
$this->assertFalse(Security::check_default_admin('admin', 'wrongpassword'), 'Fails with incorrect password');
Security::setDefaultAdmin(null, null);
}
/**
* Get the default admin record if it exists, or creates it otherwise if enabled
*
* @return Member
*/
public static function default_admin()
{
// Check if set
if (!Security::has_default_admin()) {
return null;
}
// Find or create ADMIN group
singleton('Group')->requireDefaultRecords();
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
// Find member
$admin = Member::get()->filter('Email', Security::default_admin_username())->first();
if (!$admin) {
// 'Password' is not set to avoid creating
// persistent logins in the database. See Security::setDefaultAdmin().
// Set 'Email' to identify this as the default admin
$admin = Member::create();
$admin->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
$admin->Email = Security::default_admin_username();
$admin->write();
}
// Ensure this user is in the admin group
if (!$admin->inGroup($adminGroup)) {
$admin->Groups()->add($adminGroup);
}
return $admin;
}
<?php
/**
* User: Julian Scheuchenzuber <*****@*****.**>
* Date: 22.10.15
* Time: 12:12
*/
if (isset($GLOBALS['_DEFAULT_ADMINS'])) {
// Reset pointer and fetch data of first record
reset($GLOBALS['_DEFAULT_ADMINS']);
$email = key($GLOBALS['_DEFAULT_ADMINS']);
$pw = $GLOBALS['_DEFAULT_ADMINS'][$email];
// Set default admin if not exists
if (!Security::has_default_admin()) {
Security::setDefaultAdmin($email, $pw);
}
}
/**
* Check if this user is the currently configured default admin
*
* @return bool
*/
public function isDefaultAdmin()
{
return Security::has_default_admin() && $this->Email === Security::default_admin_username();
}
/**
* Ensures we have permissions to manipulate pages (gets around access issues with global state). Unfortunately, the
* creation of a default admin account below is necessary because SilverStripe will reference global state via
* Member::currentUser() and the only surefire way around this is to login as a default admin with full access.
*
* CAUTION: Since migrations can only be run from the command line, it's assumed that if you're accessing this, then
* you're already an admin or you've got an incorrectly configured site!
*
* TODO: This should be removed soon.
*
* @deprecated Use ::whileAdmin() instead.
*/
protected static function loginAsAdmin()
{
Deprecation::notice('0', 'Use ::whileAdmin() instead. This method will be removed soon.');
if (!Member::currentUserID()) {
// See if a default admin is setup yet.
if (!Security::has_default_admin()) {
// Generate a randomized user/pass and use that as the default administrator just for this session.
$user = substr(str_shuffle(sha1("u" . microtime())), 0, 20);
$pass = substr(str_shuffle(sha1("p" . microtime())), 0, 20);
Security::setDefaultAdmin($user, $pass);
}
$admin = Member::default_admin();
if (!$admin) {
throw new MigrationException("Cannot login: No default administrator found.");
}
Session::start();
Session::set("loggedInAs", $admin->ID);
}
}
