public function testRun()
{
$m = new Member();
$m->Password = '******';
$m->PasswordEncryption = 'none';
$m->write();
$t = new EncryptAllPasswordsTask();
$t->run(null);
$m = DataObject::get_by_id('SilverStripe\\Security\\Member', $m->ID);
$this->assertEquals($m->PasswordEncryption, 'blowfish');
$this->assertNotEquals($m->Password, 'plain');
$result = $m->checkPassword('plain');
$this->assertTrue($result->valid());
}
public function testCMSAccess()
{
$members = Member::get()->byIDs($this->allFixtureIDs('SilverStripe\\Security\\Member'));
foreach ($members as $member) {
$this->assertTrue(Permission::checkMember($member, 'CMS_ACCESS'));
$this->assertTrue(Permission::checkMember($member, array('CMS_ACCESS', 'CMS_ACCESS_Security')));
$this->assertTrue(Permission::checkMember($member, array('CMS_ACCESS_Security', 'CMS_ACCESS')));
}
$member = new Member();
$member->update(array('FirstName' => 'No CMS', 'Surname' => 'Access', 'Email' => '*****@*****.**'));
$member->write();
$this->assertFalse(Permission::checkMember($member, 'CMS_ACCESS'));
$this->assertFalse(Permission::checkMember($member, array('CMS_ACCESS', 'CMS_ACCESS_Security')));
$this->assertFalse(Permission::checkMember($member, array('CMS_ACCESS_Security', 'CMS_ACCESS')));
}
public function testOverwriteExistingImport()
{
$author1 = new Member();
$author1->FirstName = 'author1_first_old';
$author1->Email = '*****@*****.**';
$author1->write();
$loader = new MemberCsvBulkLoader();
$results = $loader->load($this->getCurrentRelativePath() . '/MemberCsvBulkLoaderTest.csv');
$created = $results->Created()->toArray();
$this->assertEquals(count($created), 1);
$updated = $results->Updated()->toArray();
$this->assertEquals(count($updated), 1);
$this->assertEquals($created[0]->Email, '*****@*****.**');
$this->assertEquals($updated[0]->Email, '*****@*****.**');
$this->assertEquals($updated[0]->FirstName, 'author1_first');
}
public function testHashHidden()
{
$field = new ConfirmedPasswordField('Password', 'Password', 'valueA');
$field->setCanBeEmpty(true);
$this->assertEquals('valueA', $field->Value());
$this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
$this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
$member = new Member();
$member->Password = "******";
$member->write();
$form = new Form($this, 'Form', new FieldList($field), new FieldList());
$form->loadDataFrom($member);
$this->assertEquals('', $field->Value());
$this->assertEquals('', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
$this->assertEquals('', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
}
public function testSafelyCast()
{
$member = new Member();
$member->FirstName = '<firstname>';
$member->Surname = '<surname>';
$member->write();
$field1 = new CheckboxSetField('Options', 'Options', array('one' => 'One', 'two' => 'Two & Three', 'three' => DBField::create_field('HTMLText', 'Four & Five & Six'), 'four' => $member->FirstName));
$fieldHTML = (string) $field1->Field();
$this->assertContains('One', $fieldHTML);
$this->assertContains('Two & Three', $fieldHTML);
$this->assertNotContains('Two & Three', $fieldHTML);
$this->assertContains('Four & Five & Six', $fieldHTML);
$this->assertNotContains('Four & Five & Six', $fieldHTML);
$this->assertContains('<firstname>', $fieldHTML);
$this->assertNotContains('<firstname>', $fieldHTML);
}
/**
* Test that a member can be authenticated via their temp id
*/
public function testAuthenticateByTempID()
{
$member = new Member();
$member->Email = '*****@*****.**';
$member->PasswordEncryption = "sha1";
$member->Password = "******";
$member->write();
// Make form
$controller = new Security();
$form = new Form($controller, 'Form', new FieldList(), new FieldList());
// If the user has never logged in, then the tempid should be empty
$tempID = $member->TempIDHash;
$this->assertEmpty($tempID);
// If the user logs in then they have a temp id
$member->logIn(true);
$tempID = $member->TempIDHash;
$this->assertNotEmpty($tempID);
// Test correct login
$result = MemberAuthenticator::authenticate(array('tempid' => $tempID, 'Password' => 'mypassword'), $form);
$this->assertNotEmpty($result);
$this->assertEquals($result->ID, $member->ID);
$this->assertEmpty($form->Message());
// Test incorrect login
$form->clearMessage();
$result = MemberAuthenticator::authenticate(array('tempid' => $tempID, 'Password' => 'notmypassword'), $form);
$this->assertEmpty($result);
$this->assertEquals('The provided details don't seem to be correct. Please try again.', $form->Message());
$this->assertEquals('bad', $form->MessageType());
}
public function testKeepsEncryptionOnEmptyPasswords()
{
$member = new Member();
$member->Password = '******';
$member->PasswordEncryption = 'sha1_v2.4';
$member->write();
$member->Password = '';
$member->write();
$this->assertEquals($member->PasswordEncryption, 'sha1_v2.4');
$result = $member->checkPassword('');
$this->assertTrue($result->valid());
}
public function testSetsOwnerOnFirstWrite()
{
Session::set('loggedInAs', null);
$member1 = new Member();
$member1->write();
$member2 = new Member();
$member2->write();
$file1 = new File();
$file1->write();
$this->assertEquals(0, $file1->OwnerID, 'Owner not written when no user is logged in');
$member1->logIn();
$file2 = new File();
$file2->write();
$this->assertEquals($member1->ID, $file2->OwnerID, 'Owner written when user is logged in');
$member2->logIn();
$file2->forceChange();
$file2->write();
$this->assertEquals($member1->ID, $file2->OwnerID, 'Owner not overwritten on existing files');
}
