public function onBeforeWrite()
{
if (!$this->owner->SystemID) {
$uuid = new Uuid();
$this->owner->SystemID = $uuid->get();
}
}
/**
* @return array
*/
static function _get()
{
$r[] = array('id' => Uuid::get('resource.id.apache'), 'username' => 'www-data', 'name' => 'apache', 'password' => '_upjvh-p@wAHP18D}OmY05M', 'uri' => 'http://www.apache.org/', 'complexity' => 'very strong', 'description' => 'Apache is the world\'s most used web server software.');
$r[] = array('id' => Uuid::get('resource.id.april'), 'username' => 'support', 'name' => 'april', 'password' => 'z"(-1s]3&Itdno:vPt', 'uri' => 'https://www.april.org/', 'complexity' => 'strong', 'description' => 'L\'association pionnière du logiciel libre en France');
$r[] = array('id' => Uuid::get('resource.id.bower'), 'username' => 'bower', 'name' => 'bower', 'password' => 'CL]m]x(o{sA#QW', 'uri' => 'bower.io', 'complexity' => 'fair', 'description' => 'A package manager for the web!');
$r[] = array('id' => Uuid::get('resource.id.centos'), 'username' => 'centos', 'name' => 'root', 'password' => 'this_23-04', 'uri' => 'centos.org', 'complexity' => 'very weak', 'description' => 'The CentOS Linux distribution is a platform derived from Red Hat Enterprise Linux (RHEL).');
$r[] = array('id' => Uuid::get('resource.id.canjs'), 'username' => 'yeswecan', 'name' => 'Canjs', 'password' => 'princess', 'uri' => 'canjs.com', 'complexity' => 'very weak', 'description' => 'CanJS is a JavaScript library that makes developing complex applications simple and fast.');
$r[] = array('id' => Uuid::get('resource.id.gnupg'), 'username' => 'gpg', 'name' => 'Gnupg', 'password' => 'iamgod', 'uri' => 'gnupg.org', 'complexity' => 'very weak', 'description' => 'GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880');
return $r;
}
/**
* Scenario: As a user while editing a password that had been shared with a deleted user, the application shouldn't crash silently
*
* Given I am logged in as admin in the user workspace
* And I click on the user
* And I click on delete button
* Then I should see a confirmation dialog
* When I click ok in the confirmation dialog
* Then I should see a confirmation message
*
* When I logout and I log in as Ada
* And I go on the password workspace
* And I am editing a password that was shared with betty
* When I click on name input text field
* And I empty the name input text field value
* And I enter a new value
* And I click save
* Then I can see a success notification
* And I can see that the password name have changed in the overview
* And I can see the new name value in the sidebar
* When I click edit button
* Then I can see the new name in the edit password dialog
*/
public function testEditingPasswordSharedWithDeletedUsersShouldntCrash()
{
// Reset database at the end of test.
$this->resetDatabaseWhenComplete();
// Given I am Admin
$user = User::get('admin');
$this->setClientConfig($user);
// And I am logged in on the user workspace
$this->loginAs($user);
// Go to user workspace
$this->gotoWorkspace('user');
// When I right click on a user
$user = User::get('betty');
$this->clickUser($user['id']);
// Then I select the delete option in the contextual menu
$this->click('js_user_wk_menu_deletion_button');
// Assert that the confirmation dialog is displayed.
$this->assertConfirmationDialog('Do you really want to delete user ?');
// Click ok in confirmation dialog.
$this->confirmActionInConfirmationDialog();
// Then I should see a success notification message saying the user is deleted
$this->assertNotification('app_users_delete_success');
// When I logout
$this->logout();
// And I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged in on the password workspace
$this->loginAs($user);
// And I am editing a password that was shared with betty
$this->gotoEditPassword(Uuid::get('resource.id.apache'));
// When I click on name input text field
$this->click('js_field_name');
// And I empty the name input text field value
// And I enter a new value
$newname = 'New password name';
$this->inputText('js_field_name', $newname);
// And I click save
$this->click('.edit-password-dialog input[type=submit]');
// Then I can see a success notification
$this->assertNotification('app_resources_edit_success');
// And I can see that the password name have changed in the overview
$this->assertElementContainsText('#js_wsp_pwd_browser .tableview-content', $newname);
// And I can see the new name value in the sidebar
$this->assertVisible('#js_pwd_details.panel.aside');
$this->assertElementContainsText('js_pwd_details', $newname);
// When I click edit button
$this->click('js_wk_menu_edition_button');
// Then I can see the new name in the edit password dialog
$this->assertInputValue('js_field_name', $newname);
}
/**
* Scenario : As a user I can have my passphrase remembered by the system.
*
* Given I am Ada
* And I am logged in on the password workspace
* When I click on a password in the list
* And I click on the link 'copy password'
* Then I should see the passphrase dialog.
* And I should see a checkbox remember my passphrase.
* When I enter my passphrase from keyboard only
* Then The password should have been copied to clipboard
* When I click on another password in the list
* And I click on the link 'copy password'
* Then I should see the passphrase dialog
* When I enter my passphrase from keyboard only
* And I check the remember checkbox
* Then The password should have been copied to clipboard
* When I click on another password in the list
* And I click again on the copy button in the action bar
* Then The password should have been copied to clipboard
*/
function testMasterPasswordRemember()
{
// Given I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged in on the password workspace
$this->loginAs($user);
// When I click on a password in the list
$rsA = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.apache')));
$this->clickPassword($rsA['id']);
// And I click on the link 'copy password'
$this->click('js_wk_menu_secretcopy_button');
// Then I should see the passphrase dialog.
$this->assertMasterPasswordDialog($user);
// And I should see a checkbox remember my passphrase
$this->goIntoMasterPasswordIframe();
$this->assertVisible('js_remember_master_password');
$this->goOutOfIframe();
// When I enter my passphrase from keyboard only
$this->enterMasterPassword($user['MasterPassword'], false);
// Then The password should have been copied to clipboard
$this->waitCompletion();
$this->assertClipboard($rsA['password']);
// When I click on another password in the list
$rsB = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.bower')));
$this->clickPassword($rsB['id']);
// And I click on the link 'copy password'
$this->click('js_wk_menu_secretcopy_button');
// Then I should see the passphrase dialog
$this->assertMasterPasswordDialog($user);
// When I enter my passphrase from keyboard only
// And I check the remember checkbox
$this->enterMasterPassword($user['MasterPassword'], true);
// Then The password should have been copied to clipboard
$this->waitCompletion();
$this->assertClipboard($rsB['password']);
// When I click on another password in the list
$rsC = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.centos')));
$this->clickPassword($rsC['id']);
// And I click on the link 'copy password'
$this->click('js_wk_menu_secretcopy_button');
// Then The password should have been copied to clipboard
$this->waitCompletion();
$this->assertClipboard($rsC['password']);
}
/**
* Scenario: As LU I can't select multiple passwprd
*
* Given I am Ada
* And I am logged in on the password workspace
* When I click on a password checkbox
* Then I should see the password selected
* When I click on another password checkbox
* Then I should see only the last password selected
*
*/
public function testCantSelectMultiplePasswords()
{
// Given I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged on the password workspace
$this->loginAs($user);
// When I click on a user checkbox
$rsA = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.apache')));
$this->click('multiple_select_checkbox_' . $rsA['id']);
// Then I should see it selected
$this->isPasswordSelected($rsA['id']);
// When click on another user checkbox
$rsG = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.gnupg')));
$this->click('multiple_select_checkbox_' . $rsG['id']);
// Then I should see only the last user selected
$this->assertPasswordSelected($rsG['id']);
$this->assertPasswordNotSelected($rsA['id']);
}
public function onBeforeWrite()
{
$config = SiteConfig::current_site_config();
if (!$this->owner->MasterNode) {
$this->owner->MasterNode = $config->getSyncroIdentifier();
}
if (!$this->owner->ContentID) {
$uuid = new Uuid();
$this->owner->ContentID = $uuid->get();
}
$nowUTC = gmdate('Y-m-d H:i:s');
$this->owner->UpdatedUTC = $nowUTC;
// if we're updating on the master node, change the lasteditedUTC and created UTC if needbe
if ($this->owner->MasterNode == $config->getSyncroIdentifier()) {
$this->owner->LastEditedUTC = $nowUTC;
if (!$this->owner->CreatedUTC) {
$this->owner->CreatedUTC = $nowUTC;
}
}
}
/**
* @param $name
* @return array
*/
static function get($name)
{
$conf = array('TokenColor' => '#ff3a3a', 'TokenTextColor' => '#ffffff');
switch ($name) {
default:
case 'ada':
return array_merge($conf, array('id' => Uuid::get('user.id.ada'), 'name' => 'ada', 'FirstName' => 'Ada', 'LastName' => 'Lovelace', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'ADA', 'PrivateKey' => 'ada_private.key', 'PublicKey' => 'ada_public.key'));
break;
case 'betty':
return array_merge($conf, array('id' => Uuid::get('user.id.betty'), 'name' => 'betty', 'FirstName' => 'Betty', 'LastName' => 'Holberton', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'BET', 'PrivateKey' => 'betty_private.key'));
break;
case 'carol':
return array_merge($conf, array('id' => Uuid::get('user.id.carol'), 'name' => 'carol', 'FirstName' => 'Carol', 'LastName' => 'Shaw', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'CAR', 'PrivateKey' => 'carol_private.key'));
break;
case 'frances':
return array_merge($conf, array('id' => Uuid::get('user.id.frances'), 'name' => 'frances', 'FirstName' => 'Frances', 'LastName' => 'Allen', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'FRA', 'PrivateKey' => 'frances_private.key'));
break;
case 'edith':
return array_merge($conf, array('id' => Uuid::get('user.id.edith'), 'name' => 'edith', 'FirstName' => 'Edith', 'LastName' => 'Clarke', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'EDI', 'PrivateKey' => 'edith_private.key'));
break;
case 'admin':
return array_merge($conf, array('id' => Uuid::get('user.id.admin'), 'name' => 'admin', 'FirstName' => 'Admin', 'LastName' => 'User', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'TokenCode' => 'ADM', 'PrivateKey' => 'admin_private.key'));
break;
/***************************************************
* Definition of non existing users we can
* reuse to create predictive data
***************************************************/
/***************************************************
* Definition of non existing users we can
* reuse to create predictive data
***************************************************/
case 'john':
return array_merge($conf, array('id' => Uuid::get('*****@*****.**'), 'name' => 'john', 'FirstName' => 'John', 'LastName' => 'Doe', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'PasswordStrength' => 'strong', 'TokenCode' => 'JON', 'PrivateKey' => Gpgkey::get(['name' => 'johndoe'])['filepath']));
break;
case 'curtis':
return array_merge($conf, array('id' => Uuid::get('*****@*****.**'), 'name' => 'curtis', 'FirstName' => 'Curtis', 'LastName' => 'Mayfield', 'Username' => '*****@*****.**', 'MasterPassword' => '*****@*****.**', 'PasswordStrength' => 'very strong', 'TokenCode' => 'CUR', 'PrivateKey' => Gpgkey::get(['name' => 'johndoe'])['filepath']));
break;
}
}
/**
* Wait until a notification disappears.
* @param $notificationId
*
* @throws Exception
*/
public function waitUntilNotificationDisappears($notificationId)
{
$notificationId = 'notification_' . Uuid::get($notificationId);
$this->waitUntilIDontSee($notificationId);
}
/**
* Scenario : As a user when I filter the user workspace all users should be unselected
* Given I am logged in as Ada, and I go to the user workspace
* When I select a user I own
* And I filter the workspace by keywords
* Then I should see the user unselected
*/
public function testSearchByKeywordsUnselectUsers()
{
$searchUser = '******';
$userId = Uuid::get('user.id.betty');
// Given I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged in on the user workspace
$this->loginAs($user);
$this->gotoWorkspace('user');
// When I select a user I own
$this->clickUser($userId);
// And I filter the workspace by keywords
$this->inputText('js_app_filter_keywords', $searchUser);
$this->click("#js_app_filter_form button[value='search']");
$this->waitUntilISee('js_wsp_users_breadcrumb', "/Search : {$searchUser}/");
// Then I should see the password unselected
$this->assertUserNotSelected($userId);
}
/**
* Scenario : As a user I should be able to delete a comment
* Given I am Ada
* And I am logged in
* And I click password
* And I enter and save a comment
* Then I should see the comment in the list
* And I should see a delete button
* When I log out and I log in again as betty
* And I select the same password
* Then I should see the comment posted by ada
* And I should not see the delete button
*/
public function testCommentDeleteOnlyOwner()
{
// Reset database at the end of test.
$this->resetDatabaseWhenComplete();
// Given I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged in on the password workspace
$this->loginAs($user);
// When I click the password apache
$this->clickPassword(Uuid::get('resource.id.apache'));
// Enter and post comment.
$this->postCommentInSidebar('this is a test comment');
// I should see the delete button.
$buttonDeleteSelector = '#js_rs_details_comments_list a.js_delete_comment';
$this->assertVisible($buttonDeleteSelector);
// When I logout.
$this->logout();
// And I log in again as betty.
$user = User::get('betty');
$this->setClientConfig($user);
$this->loginAs($user);
// And I select the same apache password.
$this->clickPassword(Uuid::get('resource.id.apache'));
// Check whether the comments list contain the new comment.
$this->waitUntilISee('#js_rs_details_comments_list', '/this is a test comment/');
// I should not see the delete button.
$this->assertNotVisible($buttonDeleteSelector);
}
/**
* Scenario: As a user A I can see a password that user B shared with me and deleted.
*
* Given I am Betty
* And I am logged in on the password worskpace
* Then I can see a password shared with ada in the list
* When I logout
* And I am Ada
* And I am logged in on the password workspace
* When I click on the password shared with betty
* And I click on the more button
* And I click on the delete link
* Then I should see a success notification message saying the password is deleted
* And I should not see the password deleted by ada in the list anymore
* When I logout
* And I am Betty
* And I am logged in on the password worskpace
* Then I cannot see the password in the list anymore
*/
public function testDeletePasswordShared()
{
// Reset database at the end of test.
$this->resetDatabaseWhenComplete();
// Given I am Ada
$userA = User::get('ada');
$this->setClientConfig($userA);
// And I am logged in on the password workspace
$this->loginAs($userA);
// Then I can see a password shared with ada in the list
$resource = Resource::get(array('user' => 'ada', 'id' => Uuid::get('resource.id.apache')));
$this->assertVisible('resource_' . $resource['id']);
// When I logout
$this->logout();
// And I am Betty
$userB = User::get('betty');
$this->setClientConfig($userB);
// And I am logged in on the password workspace
$this->loginAs($userB);
// When I click on the password shared with Ada
$this->assertVisible('resource_' . $resource['id']);
$this->clickPassword($resource['id']);
// And I click on the more button
$this->click('js_wk_menu_more_button');
// When I click on the delete link
$this->clickLink('delete');
// Assert that the confirmation dialog is displayed.
$this->assertConfirmationDialog('Do you really want to delete password ?');
// Click ok in confirmation dialog.
$this->confirmActionInConfirmationDialog();
// Then I should see a success notification message saying the password is deleted
$this->assertNotification('app_resources_delete_success');
// And I should not see the password in the list anymore
$this->assertNotVisible('resource_' . $resource['id']);
// When I logout
$this->logout();
// And I am Betty
$this->setClientConfig($userB);
// And I am logged in on the password worskpace
$this->loginAs($userB);
// And I should not see the password deleted by ada in the list anymore
$this->assertNotVisible('resource_' . $resource['id']);
}
/**
* Scenario : As a user when I filter the password workspace all passwords should be unselected
* Given I am logged in as Ada, and I go to the password workspace
* When I select a password I own
* And I filter the workspace by keywords
* Then I should see the password unselected
*/
public function testSearchByKeywordsUnselectPasswords()
{
$searchPwd = 'Apache';
$resourceId = Uuid::get('resource.id.apache');
// Given I am Ada
$user = User::get('ada');
$this->setClientConfig($user);
// And I am logged in on the password workspace
$this->loginAs($user);
// When I select a password I own
$this->clickPassword($resourceId);
// And I filter the workspace by keywords
$this->inputText('js_app_filter_keywords', $searchPwd);
$this->click("#js_app_filter_form button[value='search']");
$this->waitUntilISee('js_wsp_password_breadcrumb', "/Search : {$searchPwd}/");
// Then I should see the password unselected
$this->assertPasswordNotSelected($resourceId);
}
/**
* Scenario: As LU I can share a password mutliple times
*
* Given I am logged in as ada in the user workspace
*
* [LOOP]
* When I am sharing a password I own
* Then I should expect the password has been shared with success
* [END_LOOP]
*
*/
public function testSharePasswordMultipleTimes()
{
// Reset database at the end of test.
$this->resetDatabaseWhenComplete();
// Given I am logged in as ada in the user workspace
$user = User::get('ada');
$this->setClientConfig($user);
$this->loginAs($user);
$resource = Resource::get(array('id' => Uuid::get('resource.id.apache'), 'user' => 'ada'));
$shareWith = ['frances', 'edith', 'admin'];
for ($i = 0; $i < count($shareWith); $i++) {
// And I am editing the secret of a password I own
// Then I can see a success notification
$r['id'] = $resource['id'];
$r['password'] = '******' . $i;
$this->sharePassword($resource, $shareWith[$i], $user);
$this->waitUntilNotificationDisappears('app_share_update_success');
}
}
/**
* Scenario: As a user I can share a password with other users after I close and restore the passbolt tab
*
* Given I am Carol
* And I am on second tab
* And I am logged in on the password workspace
* When I close and restore the tab
* And I go to the sharing dialog of a password I own
* And I give read access to betty for a password I own
* Then I can see Betty has read access on the password
*/
public function testCloseRestoreTabAndSharePassword()
{
// Reset database at the end of test.
$this->resetDatabaseWhenComplete();
// Given I am Carol
$user = User::get('carol');
$this->setClientConfig($user);
// And I am on second tab
$this->openNewTab();
// And I am logged in on the password workspace
$this->loginAs($user);
// When I close and restore the tab
$this->closeAndRestoreTab();
$this->waitCompletion();
// And I go to the sharing dialog of a password I own
$resource = Resource::get(array('user' => 'betty', 'id' => Uuid::get('resource.id.gnupg')));
$this->gotoSharePassword(Uuid::get('resource.id.gnupg'));
// And I give read access to betty for a password I own
$this->sharePassword($resource, 'betty', $user);
// Then I can see Betty has read access on the password
$this->assertPermission($resource, '*****@*****.**', 'can read');
}