示例#1
0
 /**
  * @covers Alchemy\Phrasea\Authentication\PersistentCookie\Manager::getSession
  */
 public function testGetSessionReturnFalse()
 {
     $encoder = $this->getPasswordEncoderMock();
     $browser = $this->getBrowserMock();
     $tokenValue = 'encrypted-persistent-value';
     $browser->expects($this->once())->method('getBrowser')->will($this->returnValue('Firefox'));
     $browser->expects($this->once())->method('getPlatform')->will($this->returnValue('Linux'));
     $session = new Session();
     $session->setNonce('prettyN0nce');
     $repo = $this->getMockBuilder('Doctrine\\ORM\\EntityRepository')->disableOriginalConstructor()->getMock();
     $repo->expects($this->once())->method('findOneBy')->with($this->equalTo(['token' => $tokenValue]))->will($this->returnValue($session));
     $manager = new Manager($encoder, $repo, $browser);
     $encoder->expects($this->once())->method('isPasswordValid')->with($this->anything(), 'Firefox_Linux', 'prettyN0nce')->will($this->returnValue(false));
     $this->assertFalse($manager->getSession($tokenValue));
 }
示例#2
0
 public function refreshAccount(Session $session)
 {
     if (!$this->app['repo.sessions']->find($session->getId())) {
         throw new RuntimeException('Unable to refresh the session, it does not exist anymore');
     }
     if (null === ($user = $session->getUser())) {
         throw new RuntimeException('Unable to refresh the session');
     }
     $this->session->clear();
     $this->populateSession($session);
     foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) {
         \cache_databox::insertClient($this->app, $databox);
     }
     $this->reinitUser();
     return $session;
 }
示例#3
0
 /**
  * {@inheritdoc}
  */
 public function apply(base $appbox, Application $app)
 {
     try {
         $sql = 'SELECT usr_id, user_agent, ip, platform, browser, app,
                     browser_version, screen, token, nonce, lastaccess, created_on
                 FROM cache';
         $stmt = $appbox->get_connection()->prepare($sql);
         $stmt->execute();
         $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC);
         $stmt->closeCursor();
     } catch (DBALException $e) {
         // this may fail on oldest versions
         return false;
     }
     foreach ($rs as $row) {
         if (null === ($user = $this->loadUser($app['EM'], $row['usr_id']))) {
             continue;
         }
         $created = $updated = null;
         if ('0000-00-00 00:00:00' !== $row['created_on']) {
             $created = \DateTime::createFromFormat('Y-m-d H:i:s', $row['created_on']);
         }
         if ('0000-00-00 00:00:00' !== $row['lastaccess']) {
             $updated = \DateTime::createFromFormat('Y-m-d H:i:s', $row['lastaccess']);
         }
         $session = new Session();
         $session->setUser($user)->setUserAgent($row['user_agent'])->setUpdated($updated)->setToken($row['token'])->setPlatform($row['platform'])->setNonce($row['nonce'])->setIpAddress($row['ip'])->setCreated($created)->setBrowserVersion($row['browser_version'])->setBrowserName($row['browser']);
         $sizes = explode('x', $row['screen']);
         if (2 === count($sizes)) {
             $session->setScreenWidth($sizes[0])->setScreenHeight($sizes[1]);
         }
         if (false !== ($apps = @unserialize($row['app']))) {
             foreach ($apps as $appli) {
                 $module = new SessionModule();
                 $module->setModuleId($appli)->setCreated($created)->setSession($session)->setUpdated($updated);
                 $session->addModule($module);
                 $app['EM']->persist($module);
             }
         }
         $app['EM']->persist($session);
     }
     $app['EM']->flush();
     return true;
 }
 /**
  * @covers Alchemy\Phrasea\Authentication\Authenticator::isAuthenticated
  */
 public function testIsAuthenticated()
 {
     $app = $this->loadApp();
     $sessionEntity = new Session();
     $sessionEntity->setUser(self::$DI['user']);
     $sessionEntity->setUserAgent('');
     $app['browser'] = $browser = $this->getBrowserMock();
     $app['session'] = $session = $this->getSessionMock();
     $app['EM'] = $em = $this->getEntityManagerMock();
     $app['EM']->expects($this->any())->method('find')->with($this->equalTo('Phraseanet:Session'), $this->equalTo(1))->will($this->returnValue($sessionEntity));
     $userRepository = $this->getMockBuilder('Alchemy\\Phrasea\\Model\\Repositories\\UserRepository')->disableOriginalConstructor()->getMock();
     $userRepository->expects($this->once())->method('find')->with($this->equalTo(self::$DI['user']->getId()))->will($this->returnValue(self::$DI['user']));
     $app['manipulator.user'] = $this->getMockBuilder('Alchemy\\Phrasea\\Model\\Manipulator\\UserManipulator')->disableOriginalConstructor()->getMock();
     $app['manipulator.user']->expects($this->once())->method('getRepository')->will($this->returnValue($userRepository));
     $session->set('usr_id', self::$DI['user']->getId());
     $session->set('session_id', 1);
     $authenticator = new Authenticator($app, $browser, $session, $app['EM']);
     $this->assertTrue($authenticator->isAuthenticated());
     $this->assertEquals(self::$DI['user'], $authenticator->getUser());
 }
 /**
  * Authenticates self::['user'] against application.
  *
  * @param Application $app
  * @param User        $user
  */
 protected function authenticate(Application $app, $user = null)
 {
     $user = $user ?: self::$DI['user'];
     $app['session']->clear();
     $app['session']->set('usr_id', self::$DI['user']->getId());
     $session = new Session();
     $session->setUser(self::$DI['user']);
     $session->setUserAgent('');
     self::$DI['app']['EM']->persist($session);
     self::$DI['app']['EM']->flush();
     $app['session']->set('session_id', $session->getId());
     self::$DI['app']['authentication']->reinitUser();
 }
 public function testEndSessionAuthenticatedWithOutdatedIdleXmlHttpRequest()
 {
     $app = new Application('test');
     $app['dispatcher']->addSubscriber(new SessionManagerSubscriber($app));
     $app['authentication'] = $this->getMockBuilder('Alchemy\\Phrasea\\Authentication\\Authenticator')->disableOriginalConstructor()->getMock();
     $app['authentication']->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true));
     $app['authentication']->expects($this->once())->method('closeAccount')->will($this->returnValue(null));
     $session = new Session();
     $session->setUpdated(new \DateTime('-1 hour'));
     $app['EM'] = $this->getMockBuilder('Doctrine\\ORM\\EntityManager')->disableOriginalConstructor()->getMock();
     $app['repo.sessions'] = $this->getMockBuilder('Doctrine\\Common\\Persistence\\ObjectRepository')->getMock();
     $app['repo.sessions']->expects($this->once())->method('find')->will($this->returnValue($session));
     $app['EM']->expects($this->any())->method('persist')->will($this->returnValue(null));
     $app['EM']->expects($this->any())->method('flush')->will($this->returnValue(null));
     $app['phraseanet.configuration']['session'] = ['idle' => 10, 'lifetime' => 60475];
     $app->get('/login', function () {
         return '';
     })->bind("homepage");
     $app->get('/prod', function () {
         return '';
     });
     $client = new Client($app);
     $client->request('GET', '/prod', [], [], ['HTTP_ACCEPT' => 'application/json', 'HTTP_X-Requested-With' => 'XMLHttpRequest']);
     $this->assertTrue($client->getResponse()->isClientError());
     $this->assertNotNUll($client->getResponse()->headers->get('x-phraseanet-end-session'));
 }
 /**
  * Authenticates self::['user'] against application.
  *
  * @param Application $app
  * @param User        $user
  */
 protected function authenticate(Application $app, User $user = null)
 {
     /** @var User $user */
     $user = $user ?: self::$DI['user'];
     $app['session']->clear();
     $app['session']->set('usr_id', $user->getId());
     $session = new Session();
     $session->setUser($user);
     $session->setUserAgent('');
     $app['orm.em']->persist($session);
     $app['orm.em']->flush();
     $app['session']->set('session_id', $session->getId());
     $app->getAuthenticator()->reinitUser();
 }
 /**
  * {@inheritDoc}
  */
 public function hasModuleId($moduleId)
 {
     $this->__initializer__ && $this->__initializer__->__invoke($this, 'hasModuleId', array($moduleId));
     return parent::hasModuleId($moduleId);
 }