public function PasswordIsHashedWhenSavingUser() { $user = $this->imagineUserRecord(); $plaintext_password = $user->password; // 1 $user->save(); $saved_user = UserRecord::findOne($user->id); // 2 $security = new \yii\base\Security(); $this->assertInstanceOf(get_class($user), $saved_user); $this->assertTrue($security->validatePassword($plaintext_password, $saved_user->password)); }
private function passwordIsNotRehashedAfterUpdatingWithoutChangingPassword() { $user = $this->imagineUserRecord(); $user->save(); $saved_user = \app\models\user\UserRecord::findOne($user->id); $expected_hash = $saved_user->password; $saved_user->username = md5(time()); $saved_user->save(); $updated_user = \app\models\user\UserRecord::findOne($saved_user->id); $this->assertEquals($expected_hash, $saved_user->password); $this->assertEquals($expected_hash, $updated_user->password); }
public function up() { $rbac = Yii::$app->authManager; $guest = $rbac->createRole('guest'); $guest->description = 'Nobody'; $rbac->add($guest); $user = $rbac->createRole('user'); $user->description = 'Can use the query UI and nothing else'; $rbac->add($user); $manager = $rbac->createRole('manager'); $manager->description = 'Can manage entities in database but not users'; $rbac->add($manager); $admin = $rbac->createRole('admin'); $admin->description = 'Can do anything including manging users'; $rbac->add($admin); $rbac->addChild($admin, $manager); $rbac->addChild($manager, $user); $rbac->addChild($user, $guest); $rbac->assign($user, \app\models\user\UserRecord::findOne(['username' => 'user'])->id); $rbac->assign($manager, \app\models\user\UserRecord::findOne(['username' => 'manager'])->id); $rbac->assign($admin, \app\models\user\UserRecord::findOne(['username' => 'admin'])->id); }
/** * Finds the UserRecord model based on its primary key value. * If the model is not found, a 404 HTTP exception will be thrown. * @param integer $id * @return UserRecord the loaded model * @throws NotFoundHttpException if the model cannot be found */ protected function findModel($id) { if (($model = UserRecord::findOne($id)) !== null) { return $model; } else { throw new NotFoundHttpException('The requested page does not exist.'); } }
private function fetchUser($username) { return UserRecord::findOne(compact('username')); }