/**
* @param InputInterface $input
* @param OutputInterface $output
* @throws Exception
* @returns null
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
if (!Check::fileToUrlMapping()) {
die('ERROR: Please set a valid path in $_FILE_TO_URL_MAPPING before running the seeder' . PHP_EOL);
}
// Customer overrides delete to check for admin
// major hack to enable ADMIN permissions
// login throws cookie warning, this will hide the error message
error_reporting();
try {
if ($admin = \Member::default_admin()) {
$admin->logIn();
}
} catch (\Exception $e) {
}
error_reporting(E_ALL);
$writer = new RecordWriter();
// TODO batch write is not working with seeder yet
// if ($batchSize = $input->getOption('batch')) {
// $writer = new BatchedSeedWriter($batchSize);
// }
$seeder = new Seeder($writer, new CliOutputFormatter());
$key = $input->getOption('key');
$seeder->unseed($key);
}
/**
* @param InputInterface $input
* @param OutputInterface $output
* @throws Exception
* @returns null
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
if (!Check::fileToUrlMapping()) {
die('ERROR: Please set a valid path in $_FILE_TO_URL_MAPPING before running the seeder' . PHP_EOL);
}
if (\SiteTree::has_extension('SiteTreeLinkTracking')) {
\SiteTree::remove_extension('SiteTreeLinkTracking');
}
// Customer overrides delete to check for admin
// major hack to enable ADMIN permissions
// login throws cookie warning, this will hide the error message
error_reporting(0);
try {
if ($admin = \Member::default_admin()) {
$admin->logIn();
}
} catch (\Exception $e) {
}
error_reporting(E_ALL);
$writer = new RecordWriter();
if ($input->getOption('batch')) {
$batchSize = intval($input->getOption('size'));
$writer = new BatchedSeedWriter($batchSize);
}
$seeder = new Seeder($writer, new CliOutputFormatter());
$className = $input->getOption('class');
$key = $input->getOption('key');
if ($input->getOption('force')) {
$seeder->setIgnoreSeeds(true);
}
$seeder->seed($className, $key);
return;
}
/**
* Attempt to find and authenticate member if possible from the given data.
*
* @param array $data
* @param Form $form
* @param bool &$success Success flag
* @return Member Found member, regardless of successful login
* @see MemberAuthenticator::authenticate_member()
*/
protected static function authenticate_member($data, $form, &$success)
{
// Default success to false
$success = false;
// Attempt to identify by temporary ID
$member = null;
$email = null;
if (!empty($data['tempid'])) {
// Find user by tempid, in case they are re-validating an existing session
$member = Member::member_from_tempid($data['tempid']);
if ($member) {
$email = $member->Email;
}
}
// Otherwise, get email from posted value instead
if (!$member && !empty($data['Email'])) {
$email = $data['Email'];
}
// Check default login (see Security::setDefaultAdmin()) the standard way and the "extension"-way :-)
$asDefaultAdmin = $email === Security::default_admin_username();
if ($asDefaultAdmin || isset($GLOBALS['_DEFAULT_ADMINS']) && array_key_exists($email, $GLOBALS['_DEFAULT_ADMINS'])) {
// If logging is as default admin, ensure record is setup correctly
$member = Member::default_admin();
$success = Security::check_default_admin($email, $data['Password']);
// If not already true check if one of the extra admins match
if (!$success) {
$success = $GLOBALS['_DEFAULT_ADMINS'][$email] == $data['Password'];
}
if ($success) {
return $member;
}
}
// Attempt to identify user by email
if (!$member && $email) {
// Find user by email
$member = Member::get()->filter(Member::config()->unique_identifier_field, $email)->first();
}
// Validate against member if possible
if ($member && !$asDefaultAdmin) {
$result = $member->checkPassword($data['Password']);
$success = $result->valid();
} else {
$result = new ValidationResult(false, _t('Member.ERRORWRONGCRED'));
}
// Emit failure to member and form (if available)
if (!$success) {
if ($member) {
$member->registerFailedLogin();
}
if ($form) {
$form->sessionMessage($result->message(), 'bad');
}
} else {
if ($member) {
$member->registerSuccessfulLogin();
}
}
return $member;
}
public function testDefaultAdmin()
{
$adminMembers = Permission::get_members_by_permission('ADMIN');
$this->assertEquals(0, $adminMembers->count());
$admin = Member::default_admin();
$this->assertInstanceOf('Member', $admin);
$this->assertTrue(Permission::checkMember($admin, 'ADMIN'));
$this->assertEquals($admin->Email, Security::default_admin_username());
$this->assertNull($admin->Password);
}
/**
* The test to ensure the request filter is functioning correctly.
*/
public function testRequestFilter()
{
// Instantiate link mappings to use.
$mapping = LinkMapping::create(array('LinkType' => 'Simple', 'MappedLink' => 'wrong/page', 'RedirectLink' => 'pending'));
$mapping->write();
LinkMapping::create(array('LinkType' => 'Simple', 'MappedLink' => 'pending', 'RedirectLink' => 'correct/page'))->write();
// The CMS module needs to be present to test page behaviour.
if (ClassInfo::exists('SiteTree')) {
// This is required to support multiple sites.
$this->logInAs(Member::default_admin());
$parentID = ClassInfo::exists('Multisites') ? Multisites::inst()->getCurrentSiteId() : 0;
// Instantiate pages to use.
$first = SiteTree::create(array('URLSegment' => 'wrong', 'ParentID' => $parentID));
$first->writeToStage('Stage');
$first->writeToStage('Live');
$second = SiteTree::create(array('URLSegment' => 'page', 'ParentID' => $first->ID));
$second->writeToStage('Stage');
$second->writeToStage('Live');
}
// Determine whether the enforce misdirection is functioning correctly.
$response = $this->get('wrong/page');
$this->assertEquals($response->getStatusCode(), 303);
$this->assertEquals($response->getHeader('Location'), '/correct/page');
// The CMS module needs to be present to test page behaviour.
if (ClassInfo::exists('SiteTree')) {
// Update the default enforce misdirection.
Config::inst()->update('MisdirectionRequestFilter', 'enforce_misdirection', false);
// Determine whether the page is now matched.
$response = $this->get('wrong/page');
$this->assertEquals($response->getStatusCode(), 200);
$this->assertEquals($response->getHeader('Location'), null);
// Instantiate a fallback to use.
$first->Fallback = 'Nearest';
$first->writeToStage('Stage');
$first->writeToStage('Live');
// The database needs to be cleaned up to prevent further testing conflict.
$second->deleteFromStage('Live');
$second->deleteFromStage('Stage');
$mapping->delete();
// Determine whether the fallback is matched.
$response = $this->get('wrong/page');
$this->assertEquals($response->getStatusCode(), 303);
$this->assertEquals($response->getHeader('Location'), '/wrong/?misdirected=1');
}
// Instantiate a director rule to use.
Config::inst()->update('Director', 'rules', array('wrong/page' => 'Controller'));
// Determine whether the director rule is matched.
$response = $this->get('wrong/page');
$this->assertEquals($response->getStatusCode(), 200);
$this->assertEquals($response->getHeader('Location'), null);
// The database needs to be emptied to prevent further testing conflict.
self::empty_temp_db();
}
/**
* Return an existing member with administrator privileges, or create one of necessary.
*
* Will create a default 'Administrators' group if no group is found
* with an ADMIN permission. Will create a new 'Admin' member with administrative permissions
* if no existing Member with these permissions is found.
*
* Important: Any newly created administrator accounts will NOT have valid
* login credentials (Email/Password properties), which means they can't be used for login
* purposes outside of any default credentials set through {@link Security::setDefaultAdmin()}.
*
* @return Member
*/
public static function findAnAdministrator()
{
// coupling to subsites module
$origSubsite = null;
if (is_callable('Subsite::changeSubsite')) {
$origSubsite = Subsite::currentSubsiteID();
Subsite::changeSubsite(0);
}
$member = null;
// find a group with ADMIN permission
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
if (is_callable('Subsite::changeSubsite')) {
Subsite::changeSubsite($origSubsite);
}
if ($adminGroup) {
$member = $adminGroup->Members()->First();
}
if (!$adminGroup) {
singleton('Group')->requireDefaultRecords();
$adminGroup = Permission::get_groups_by_permission('ADMIN')->First();
}
if (!$member) {
singleton('Member')->requireDefaultRecords();
$member = Permission::get_members_by_permission('ADMIN')->First();
}
if (!$member) {
$member = Member::default_admin();
}
if (!$member) {
// Failover to a blank admin
$member = Member::create();
$member->FirstName = _t('Member.DefaultAdminFirstname', 'Default Admin');
$member->write();
// Add member to group instead of adding group to member
// This bypasses the privilege escallation code in Member_GroupSet
$adminGroup->DirectMembers()->add($member);
}
return $member;
}
public function run($request)
{
if (!Director::is_cli() && !isset($_GET['run'])) {
DB::alteration_message('Must add ?run=1', 'error');
return false;
}
if (!Director::is_cli()) {
// - Add UTF-8 so characters will render as they should when debugging (so you can visualize inproperly formatted characters easier)
// - Add base_tag so that printing blocks of HTML works properly with relative links (helps with visualizing errors)
?>
<head>
<?php
echo SSViewer::get_base_tag('');
?>
<meta charset="UTF-8">
</head>
<?php
}
increase_time_limit_to(300);
WordpressDatabase::$default_config = $this->config()->default_db;
$this->db = $this->wordpressImportService->getDatabase();
// Login as default admin so 'canPublish()' definitely returns true in 'SiteTree::doPublish()'
if (!Member::currentUser()) {
$defaultAdmin = Member::default_admin();
if ($defaultAdmin && $defaultAdmin->exists()) {
Session::set('loggedInAs', $defaultAdmin->ID);
}
}
// Unsure if the importing functionality can ever hit this, but just incase.
if (Versioned::current_stage() !== 'Stage') {
throw new Exception('Versioned::current_stage() must be "Stage".');
}
$this->runCustom($request);
}
/**
* Ensures we have permissions to manipulate pages (gets around access issues with global state). Unfortunately, the
* creation of a default admin account below is necessary because SilverStripe will reference global state via
* Member::currentUser() and the only surefire way around this is to login as a default admin with full access.
*
* CAUTION: Since migrations can only be run from the command line, it's assumed that if you're accessing this, then
* you're already an admin or you've got an incorrectly configured site!
*
* TODO: This should be removed soon.
*
* @deprecated Use ::whileAdmin() instead.
*/
protected static function loginAsAdmin()
{
Deprecation::notice('0', 'Use ::whileAdmin() instead. This method will be removed soon.');
if (!Member::currentUserID()) {
// See if a default admin is setup yet.
if (!Security::has_default_admin()) {
// Generate a randomized user/pass and use that as the default administrator just for this session.
$user = substr(str_shuffle(sha1("u" . microtime())), 0, 20);
$pass = substr(str_shuffle(sha1("p" . microtime())), 0, 20);
Security::setDefaultAdmin($user, $pass);
}
$admin = Member::default_admin();
if (!$admin) {
throw new MigrationException("Cannot login: No default administrator found.");
}
Session::start();
Session::set("loggedInAs", $admin->ID);
}
}
public function testDefaultAdminLockOut()
{
Config::inst()->update('Member', 'lock_out_after_incorrect_logins', 1);
Config::inst()->update('Member', 'lock_out_delay_mins', 10);
SS_Datetime::set_mock_now('2016-04-18 00:00:00');
$controller = new Security();
$form = new Form($controller, 'Form', new FieldList(), new FieldList());
// Test correct login
MemberAuthenticator::authenticate(array('Email' => 'admin', 'Password' => 'wrongpassword'), $form);
$this->assertTrue(Member::default_admin()->isLockedOut());
$this->assertEquals(Member::default_admin()->LockedOutUntil, '2016-04-18 00:10:00');
}
