public function testCRUD() { midcom::get('auth')->request_sudo('midcom.core'); $account = midcom_core_account::get(self::$_person); $this->assertTrue($account instanceof midcom_core_account); $password = '******' . time(); $account->set_password($password); $this->assertEquals(midcom_connection::prepare_password($password), $account->get_password()); $username = __CLASS__ . ' user ' . time(); $account->set_username($username); $this->assertEquals($username, $account->get_username()); $stat = $account->save(); $this->assertTrue($stat); $new_username = __CLASS__ . ' user ' . time(); $account->set_username($new_username); $stat = $account->save(); $this->assertTrue($stat); $this->assertEquals($new_username, $account->get_username()); $stat = $account->delete(); $this->assertTrue($stat); midcom::get('auth')->drop_sudo(); }
function _migrate_account($person) { $user = new midgard_user(); $db_password = $person->password; if (substr($person->password, 0, 2) == '**') { $db_password = substr($db_password, 2); } else { echo ' Legacy password detected for user ' . $person->username . ". Resetting to 'password', please change ASAP\n"; $db_password = '******'; } $user->authtype = $GLOBALS['midcom_config']['auth_type']; $user->password = midcom_connection::prepare_password($db_password); $user->login = $person->username; if ($GLOBALS['midcom_config']['person_class'] != 'midgard_person') { $mgd_person = new midgard_person($person->guid); } else { $mgd_person = $person; } $user->set_person($mgd_person); $user->active = true; try { $user->create(); } catch (midgard_error_exception $e) { return false; } return true; }
/** * Set the account's password * * @param string $password The password to set * @param boolean $encode Should the password be encoded according to the configured auth type */ public function set_password($password, $encode = true) { $this->_new_password = $password; $this->_old_password = $this->get_password(); if ($encode) { $password = midcom_connection::prepare_password($password); } if ($this->_midgard2) { $this->_user->password = $password; } else { $this->_person->password = $password; } }
/** * Sets username and password for person * * @param string $username Contains username * @param string $new_password Contains the new password to set */ public function set_account($username, $new_password) { $this->_account = midcom_core_account::get($this->_person); if (!empty($new_password)) { $new_password_encrypted = midcom_connection::prepare_password($new_password); //check if the new encrypted password was already used if ($this->check_password_reuse($new_password_encrypted) && $this->check_password_strength($new_password)) { $this->_save_old_password(); $this->_account->set_password($new_password); } else { $this->errstr = "password strength too low"; return false; } } $this->_account->set_username($username); //probably username not unique if (!$this->_account->save()) { $this->errstr = "Failed to save account"; return false; } if (!empty($new_password)) { //add timestamp of password-change $this->_person->set_parameter("org_openpsa_user_password", "last_change", time()); } //sets privilege midcom::get('auth')->request_sudo($this->_component); $this->_person->set_privilege('midgard:owner', "user:" . $this->_person->guid); midcom::get('auth')->drop_sudo(); return true; }
/** * @depends testCheck_password_strength * @depends testCheck_password_reuse * @depends testGenerate_safe_password */ public function testSet_account() { $accounthelper = new org_openpsa_user_accounthelper(self::$_user); $account = midcom_core_account::get(self::$_user); $password = $account->get_password(); $username = $account->get_username(); midcom::get('auth')->request_sudo('org.openpsa.user'); self::$_user->delete_parameter('org_openpsa_user_password', 'old_passwords'); self::$_user->delete_parameter('org_openpsa_user_password', 'last_change'); do { $new_password = $accounthelper->generate_safe_password(); } while ($password === $new_password); $new_username = $username . time(); $this->assertTrue($accounthelper->set_account($new_username, $new_password)); midcom::get('auth')->drop_sudo(); $this->assertEquals(midcom_connection::prepare_password($new_password), $account->get_password()); $this->assertEquals($new_username, $account->get_username()); $this->assertFalse(is_null(self::$_user->get_parameter('org_openpsa_user_password', 'last_change'))); $this->assertEquals(serialize(array($password)), self::$_user->get_parameter('org_openpsa_user_password', 'old_passwords')); }