Compare commits
1 Commits
d1c4611431
...
v9.23.3
| Author | SHA1 | Date | |
|---|---|---|---|
|
c13934de99 |
@@ -11,50 +11,34 @@ CREATE TABLE edit_log (
|
||||
euid INT, -- this is a foreign key, but I don't nedd to reference to it
|
||||
FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL,
|
||||
ecuid VARCHAR,
|
||||
ecuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table
|
||||
-- date_created equal, but can be overridden
|
||||
event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
||||
-- session ID if set
|
||||
session_id VARCHAR,
|
||||
-- username
|
||||
ecuuid UUID,
|
||||
username VARCHAR,
|
||||
-- DEPRECATED [password]
|
||||
password VARCHAR,
|
||||
ip_address JSONB, -- REMOTE_IP and all other IPs (X_FORWARD, etc) as JSON block
|
||||
-- DEPRECATED [ip]
|
||||
ip VARCHAR, -- just the REMOTE_IP, full set see ip_address
|
||||
-- string blocks, general
|
||||
event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
||||
ip VARCHAR,
|
||||
error TEXT,
|
||||
event TEXT,
|
||||
-- bytea or string type storage of any data
|
||||
data_binary BYTEA,
|
||||
data TEXT,
|
||||
-- set page name only
|
||||
page VARCHAR,
|
||||
-- various info data sets
|
||||
action VARCHAR,
|
||||
action_id VARCHAR,
|
||||
action_sub_id VARCHAR,
|
||||
action_yes VARCHAR,
|
||||
action_flag VARCHAR,
|
||||
action_menu VARCHAR,
|
||||
action_loaded VARCHAR,
|
||||
action_value VARCHAR,
|
||||
action_type VARCHAR,
|
||||
action_error VARCHAR,
|
||||
user_agent VARCHAR,
|
||||
referer VARCHAR,
|
||||
script_name VARCHAR,
|
||||
query_string VARCHAR,
|
||||
request_scheme VARCHAR, -- http or https
|
||||
server_name VARCHAR,
|
||||
http_host VARCHAR,
|
||||
http_data JSONB,
|
||||
-- DEPRECATED [http*]
|
||||
http_accept VARCHAR, -- in http_data
|
||||
http_accept_charset VARCHAR, -- in http_data
|
||||
http_accept_encoding VARCHAR, -- in http_data
|
||||
-- any action var, -> same set in action_data as JSON
|
||||
action_data JSONB,
|
||||
-- DEPRECATED [action*]
|
||||
action VARCHAR, -- in action_data
|
||||
action_id VARCHAR, -- in action_data
|
||||
action_sub_id VARCHAR, -- in action_data
|
||||
action_yes VARCHAR, -- in action_data
|
||||
action_flag VARCHAR, -- in action_data
|
||||
action_menu VARCHAR, -- in action_data
|
||||
action_loaded VARCHAR, -- in action_data
|
||||
action_value VARCHAR, -- in action_data
|
||||
action_type VARCHAR, -- in action_data
|
||||
action_error VARCHAR -- in action_data
|
||||
http_accept VARCHAR,
|
||||
http_accept_charset VARCHAR,
|
||||
http_accept_encoding VARCHAR,
|
||||
session_id VARCHAR
|
||||
) INHERITS (edit_generic) WITHOUT OIDS;
|
||||
|
||||
@@ -35,10 +35,11 @@ CREATE TABLE edit_user (
|
||||
strict SMALLINT DEFAULT 0,
|
||||
locked SMALLINT DEFAULT 0,
|
||||
protected SMALLINT NOT NULL DEFAULT 0,
|
||||
-- legacy, debug flags
|
||||
debug SMALLINT NOT NULL DEFAULT 0,
|
||||
db_debug SMALLINT NOT NULL DEFAULT 0,
|
||||
-- is admin user
|
||||
admin SMALLINT NOT NULL DEFAULT 0,
|
||||
-- force lgout counter
|
||||
force_logout INT DEFAULT 0,
|
||||
-- last login log
|
||||
last_login TIMESTAMP WITHOUT TIME ZONE,
|
||||
-- login error
|
||||
@@ -75,8 +76,9 @@ COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overri
|
||||
COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
|
||||
COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
|
||||
COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
|
||||
COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
|
||||
COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
|
||||
COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
|
||||
COMMENT ON COLUMN edit_user.force_logout IS 'Counter for forced log out, if this one is higher than the session set one the session gets terminated';
|
||||
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
|
||||
COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
|
||||
COMMENT ON COLUMN edit_user.login_error_date_last IS 'Last login error date';
|
||||
|
||||
@@ -22,12 +22,8 @@ Not yet covered tests:
|
||||
*/
|
||||
final class CoreLibsACLLoginTest extends TestCase
|
||||
{
|
||||
private static \CoreLibs\DB\IO $db;
|
||||
private static \CoreLibs\Logging\Logging $log;
|
||||
|
||||
private static string $edit_access_cuid;
|
||||
private static string $edit_user_cuid;
|
||||
private static string $edit_user_cuuid;
|
||||
private static $db;
|
||||
private static $log;
|
||||
|
||||
/**
|
||||
* start DB conneciton, setup DB, etc
|
||||
@@ -112,40 +108,14 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
self::$db->dbSetMaxQueryCall(-1);
|
||||
// insert additional content for testing (locked user, etc)
|
||||
$queries = [
|
||||
<<<SQL
|
||||
INSERT INTO edit_access_data (
|
||||
edit_access_id, name, value, enabled
|
||||
) VALUES (
|
||||
(SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess'),
|
||||
'test', 'value', 1
|
||||
)
|
||||
SQL
|
||||
"INSERT INTO edit_access_data "
|
||||
. "(edit_access_id, name, value, enabled) VALUES "
|
||||
. "((SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess'), "
|
||||
. "'test', 'value', 1)"
|
||||
];
|
||||
foreach ($queries as $query) {
|
||||
self::$db->dbExec($query);
|
||||
}
|
||||
// read edit access cuid, edit user cuid and edit user cuuid
|
||||
$row = self::$db->dbReturnRowParams(
|
||||
"SELECT cuid FROM edit_access WHERE uid = $1",
|
||||
["AdminAccess"]
|
||||
);
|
||||
self::$edit_access_cuid = $row['cuid'] ?? '';
|
||||
if (empty(self::$edit_access_cuid)) {
|
||||
self::markTestIncomplete(
|
||||
'Cannot read edit access cuid for "AdminAccess".'
|
||||
);
|
||||
}
|
||||
$row = self::$db->dbReturnRowParams(
|
||||
"SELECT cuid, cuuid FROM edit_user WHERE username = $1",
|
||||
["admin"]
|
||||
);
|
||||
self::$edit_user_cuid = $row['cuid'] ?? '';
|
||||
self::$edit_user_cuuid = $row['cuuid'] ?? '';
|
||||
if (empty(self::$edit_user_cuid) || empty(self::$edit_user_cuuid)) {
|
||||
self::markTestIncomplete(
|
||||
'Cannot read edit user cuid or cuuid for "admin".'
|
||||
);
|
||||
}
|
||||
|
||||
// define mandatory constant
|
||||
// must set
|
||||
@@ -265,25 +235,24 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'ajax_post_action' => 'login',
|
||||
],
|
||||
],
|
||||
'load, session eucuuid set only, php error' => [
|
||||
'load, session euid set only, php error' => [
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
],
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'LOGIN_EUID' => 1,
|
||||
'LOGIN_EUCUID' => 'abc',
|
||||
'LOGIN_EUCUUID' => '1233456-1234-1234-1234-123456789012',
|
||||
'EUID' => 1,
|
||||
'ECUID' => 'abc',
|
||||
'ECUUID' => '1233456-1234-1234-1234-123456789012',
|
||||
],
|
||||
2,
|
||||
[],
|
||||
],
|
||||
'load, session eucuuid set, all set' => [
|
||||
'load, session euid set, all set' => [
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -292,23 +261,22 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'LOGIN_EUID' => 1,
|
||||
'LOGIN_EUCUID' => 'abc',
|
||||
'LOGIN_EUCUUID' => 'SET_EUCUUID_IN_TEST',
|
||||
'LOGIN_USER_NAME' => '',
|
||||
'LOGIN_GROUP_NAME' => '',
|
||||
'LOGIN_ADMIN' => 1,
|
||||
'LOGIN_GROUP_ACL_LEVEL' => -1,
|
||||
'LOGIN_PAGES_ACL_LEVEL' => [],
|
||||
'LOGIN_USER_ACL_LEVEL' => -1,
|
||||
'LOGIN_USER_ADDITIONAL_ACL' => [],
|
||||
'LOGIN_GROUP_ADDITIONAL_ACL' => [],
|
||||
'LOGIN_UNIT_UID' => [
|
||||
'AdminAccess' => '123456789012',
|
||||
'EUID' => 1,
|
||||
'ECUID' => 'abc',
|
||||
'ECUUID' => '1233456-1234-1234-1234-123456789012',
|
||||
'USER_NAME' => '',
|
||||
'GROUP_NAME' => '',
|
||||
'ADMIN' => 1,
|
||||
'GROUP_ACL_LEVEL' => -1,
|
||||
'PAGES_ACL_LEVEL' => [],
|
||||
'USER_ACL_LEVEL' => -1,
|
||||
'USER_ADDITIONAL_ACL' => [],
|
||||
'GROUP_ADDITIONAL_ACL' => [],
|
||||
'UNIT_UID' => [
|
||||
'AdminAccess' => 1,
|
||||
],
|
||||
'LOGIN_UNIT' => [
|
||||
'123456789012' => [
|
||||
'id' => 1,
|
||||
'UNIT' => [
|
||||
1 => [
|
||||
'acl_level' => 80,
|
||||
'name' => 'Admin Access',
|
||||
'uid' => 'AdminAccess',
|
||||
@@ -320,8 +288,8 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'additional_acl' => []
|
||||
],
|
||||
],
|
||||
// 'LOGIN_UNIT_DEFAULT' => '',
|
||||
// 'LOGIN_DEFAULT_ACL_LIST' => [],
|
||||
// 'UNIT_DEFAULT' => '',
|
||||
// 'DEFAULT_ACL_LIST' => [],
|
||||
],
|
||||
0,
|
||||
[
|
||||
@@ -329,7 +297,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -449,7 +416,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_deleted' => true
|
||||
@@ -475,7 +441,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_enabled' => true
|
||||
@@ -501,7 +466,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_locked' => true
|
||||
@@ -527,7 +491,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_get_locked' => true,
|
||||
@@ -552,7 +515,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_locked_period_until' => 'on'
|
||||
@@ -578,7 +540,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -598,7 +559,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -609,7 +569,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_locked_period_after' => 'on'
|
||||
@@ -635,7 +594,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_locked_period_until' => 'on',
|
||||
@@ -662,7 +620,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_login_user_id_locked' => true
|
||||
@@ -688,7 +645,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -707,7 +663,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -718,7 +673,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -738,7 +692,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -749,7 +702,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -769,7 +721,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -780,7 +731,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -800,7 +750,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -832,7 +781,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -856,7 +804,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -867,7 +814,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -891,7 +837,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -902,7 +847,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_login_user_id_revalidate_after' => 'on',
|
||||
@@ -929,7 +873,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -950,7 +893,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -961,7 +903,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_login_user_id_valid_from' => 'on',
|
||||
@@ -988,7 +929,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -1009,7 +949,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -1020,7 +959,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_login_user_id_valid_until' => 'on',
|
||||
@@ -1047,7 +985,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'base_access' => 'list',
|
||||
'page_access' => 'list',
|
||||
'test_login_user_id_valid_from' => 'on',
|
||||
@@ -1075,7 +1012,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
[
|
||||
'page_name' => 'edit_users.php',
|
||||
'edit_access_id' => 1,
|
||||
'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'edit_access_uid' => 'AdminAccess',
|
||||
'edit_access_data' => 'test',
|
||||
'base_access' => 'list',
|
||||
@@ -1106,7 +1042,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
'admin_flag' => true,
|
||||
'check_access' => true,
|
||||
'check_access_id' => 1,
|
||||
'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
|
||||
'check_access_data' => 'value',
|
||||
'base_access' => true,
|
||||
'page_access' => true,
|
||||
@@ -1176,15 +1111,11 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
$_POST[$post_var] = $post_value;
|
||||
}
|
||||
|
||||
// set ingoing session cuuid if requested
|
||||
if (isset($session['LOGIN_EUCUUID']) && $session['LOGIN_EUCUUID'] == 'SET_EUCUUID_IN_TEST') {
|
||||
$session['LOGIN_EUCUUID'] = self::$edit_user_cuuid;
|
||||
}
|
||||
|
||||
// set _SESSION data
|
||||
foreach ($session as $session_var => $session_value) {
|
||||
$_SESSION[$session_var] = $session_value;
|
||||
}
|
||||
|
||||
/** @var \CoreLibs\ACL\Login&MockObject */
|
||||
$login_mock = $this->getMockBuilder(\CoreLibs\ACL\Login::class)
|
||||
->setConstructorArgs([
|
||||
@@ -1203,7 +1134,7 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
. 'locale' . DIRECTORY_SEPARATOR,
|
||||
]
|
||||
])
|
||||
->onlyMethods(['loginTerminate', 'loginReadPageName', 'loginPrintLogin', 'loginEnhanceHttpSecurity'])
|
||||
->onlyMethods(['loginTerminate', 'loginReadPageName', 'loginPrintLogin'])
|
||||
->getMock();
|
||||
$login_mock->expects($this->any())
|
||||
->method('loginTerminate')
|
||||
@@ -1221,10 +1152,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
->method('loginPrintLogin')
|
||||
->willReturnCallback(function () {
|
||||
});
|
||||
$login_mock->expects($this->any())
|
||||
->method('loginEnhanceHttpSecurity')
|
||||
->willReturnCallback(function () {
|
||||
});
|
||||
|
||||
// if mock_settings: enabled OFF
|
||||
// run DB update and set off
|
||||
@@ -1442,19 +1369,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
|
||||
// run test
|
||||
try {
|
||||
// preset, we cannot set that in the provider
|
||||
if (
|
||||
isset($expected['check_access_cuid']) &&
|
||||
$expected['check_access_cuid'] == 'SET_EDIT_ACCESS_CUID_IN_TEST'
|
||||
) {
|
||||
$expected['check_access_cuid'] = self::$edit_access_cuid;
|
||||
}
|
||||
if (
|
||||
isset($mock_settings['edit_access_cuid']) &&
|
||||
$mock_settings['edit_access_cuid'] == 'SET_EDIT_ACCESS_CUID_IN_TEST'
|
||||
) {
|
||||
$mock_settings['edit_access_cuid'] = self::$edit_access_cuid;
|
||||
}
|
||||
// if ajax call
|
||||
// check if parameter, or globals (old type)
|
||||
// else normal call
|
||||
@@ -1513,25 +1427,6 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
$login_mock->loginCheckAccessPage($mock_settings['page_access']),
|
||||
'Assert page access'
|
||||
);
|
||||
// - loginCheckEditAccessCuid
|
||||
$this->assertEquals(
|
||||
$expected['check_access'],
|
||||
$login_mock->loginCheckEditAccessCuid($mock_settings['edit_access_cuid']),
|
||||
'Assert check access'
|
||||
);
|
||||
// - loginCheckEditAccessValidCuid
|
||||
$this->assertEquals(
|
||||
$expected['check_access_cuid'],
|
||||
$login_mock->loginCheckEditAccessValidCuid($mock_settings['edit_access_cuid']),
|
||||
'Assert check access cuid valid'
|
||||
);
|
||||
// - loginGetEditAccessCuidFromUid
|
||||
$this->assertEquals(
|
||||
$expected['check_access_cuid'],
|
||||
$login_mock->loginGetEditAccessCuidFromUid($mock_settings['edit_access_uid']),
|
||||
'Assert check access uid to cuid valid'
|
||||
);
|
||||
// Deprecated
|
||||
// - loginCheckEditAccess
|
||||
$this->assertEquals(
|
||||
$expected['check_access'],
|
||||
@@ -1554,7 +1449,7 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
$this->assertEquals(
|
||||
$expected['check_access_data'],
|
||||
$login_mock->loginGetEditAccessData(
|
||||
$mock_settings['edit_access_uid'],
|
||||
$mock_settings['edit_access_id'],
|
||||
$mock_settings['edit_access_data']
|
||||
),
|
||||
'Assert check access id data value valid'
|
||||
@@ -1585,12 +1480,11 @@ final class CoreLibsACLLoginTest extends TestCase
|
||||
// - loginCheckPermissions
|
||||
// - loginGetPermissionOkay
|
||||
} catch (\Exception $e) {
|
||||
/* print "[E]: " . $e->getCode() . ", ERROR: " . $login_mock->loginGetLastErrorCode() . "/"
|
||||
. ($expected['login_error'] ?? 0) . "\n";
|
||||
print "AJAX: " . $login_mock->loginGetAjaxFlag() . "\n";
|
||||
print "AJAX GLOBAL: " . ($GLOBALS['AJAX_PAGE'] ?? '{f}') . "\n";
|
||||
print "Login error expext: " . ($expected['login_error'] ?? '{0}') . "\n";
|
||||
print "POST exit: " . ($_POST['login_exit'] ?? '{0}') . "\n"; */
|
||||
// print "[E]: " . $e->getCode() . ", ERROR: " . $login_mock->loginGetLastErrorCode() . "/"
|
||||
// . ($expected['login_error'] ?? 0) . "\n";
|
||||
// print "AJAX: " . $login_mock->loginGetAjaxFlag() . "\n";
|
||||
// print "AJAX GLOBAL: " . ($GLOBALS['AJAX_PAGE'] ?? '{f}') . "\n";
|
||||
// print "Login error expext: " . ($expected['login_error'] ?? '{0}') . "\n";
|
||||
// if this is 100, then we do further error checks
|
||||
if (
|
||||
$e->getCode() == 100 ||
|
||||
|
||||
@@ -579,10 +579,11 @@ CREATE TABLE edit_user (
|
||||
strict SMALLINT DEFAULT 0,
|
||||
locked SMALLINT DEFAULT 0,
|
||||
protected SMALLINT NOT NULL DEFAULT 0,
|
||||
-- legacy, debug flags
|
||||
debug SMALLINT NOT NULL DEFAULT 0,
|
||||
db_debug SMALLINT NOT NULL DEFAULT 0,
|
||||
-- is admin user
|
||||
admin SMALLINT NOT NULL DEFAULT 0,
|
||||
-- forced logout counter
|
||||
force_logout INT DEFAULT 0,
|
||||
-- last login log
|
||||
last_login TIMESTAMP WITHOUT TIME ZONE,
|
||||
-- login error
|
||||
@@ -619,6 +620,8 @@ COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overri
|
||||
COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
|
||||
COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
|
||||
COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
|
||||
COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
|
||||
COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
|
||||
COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
|
||||
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
|
||||
COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
|
||||
@@ -653,52 +656,36 @@ CREATE TABLE edit_log (
|
||||
euid INT, -- this is a foreign key, but I don't nedd to reference to it
|
||||
FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL,
|
||||
ecuid VARCHAR,
|
||||
ecuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table
|
||||
-- date_created equal, but can be overridden
|
||||
event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
||||
-- session ID if set
|
||||
session_id VARCHAR,
|
||||
-- username
|
||||
ecuuid UUID,
|
||||
username VARCHAR,
|
||||
-- DEPRECATED [password]
|
||||
password VARCHAR,
|
||||
ip_address JSONB, -- REMOTE_IP and all other IPs (X_FORWARD, etc) as JSON block
|
||||
-- DEPRECATED [ip]
|
||||
ip VARCHAR, -- just the REMOTE_IP, full set see ip_address
|
||||
-- string blocks, general
|
||||
event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
|
||||
ip VARCHAR,
|
||||
error TEXT,
|
||||
event TEXT,
|
||||
-- bytea or string type storage of any data
|
||||
data_binary BYTEA,
|
||||
data TEXT,
|
||||
-- set page name only
|
||||
page VARCHAR,
|
||||
-- various info data sets
|
||||
action VARCHAR,
|
||||
action_id VARCHAR,
|
||||
action_sub_id VARCHAR,
|
||||
action_yes VARCHAR,
|
||||
action_flag VARCHAR,
|
||||
action_menu VARCHAR,
|
||||
action_loaded VARCHAR,
|
||||
action_value VARCHAR,
|
||||
action_type VARCHAR,
|
||||
action_error VARCHAR,
|
||||
user_agent VARCHAR,
|
||||
referer VARCHAR,
|
||||
script_name VARCHAR,
|
||||
query_string VARCHAR,
|
||||
request_scheme VARCHAR, -- http or https
|
||||
server_name VARCHAR,
|
||||
http_host VARCHAR,
|
||||
http_data JSONB,
|
||||
-- DEPRECATED [http*]
|
||||
http_accept VARCHAR, -- in http_data
|
||||
http_accept_charset VARCHAR, -- in http_data
|
||||
http_accept_encoding VARCHAR, -- in http_data
|
||||
-- any action var, -> same set in action_data as JSON
|
||||
action_data JSONB,
|
||||
-- DEPRECATED [action*]
|
||||
action VARCHAR, -- in action_data
|
||||
action_id VARCHAR, -- in action_data
|
||||
action_sub_id VARCHAR, -- in action_data
|
||||
action_yes VARCHAR, -- in action_data
|
||||
action_flag VARCHAR, -- in action_data
|
||||
action_menu VARCHAR, -- in action_data
|
||||
action_loaded VARCHAR, -- in action_data
|
||||
action_value VARCHAR, -- in action_data
|
||||
action_type VARCHAR, -- in action_data
|
||||
action_error VARCHAR -- in action_data
|
||||
http_accept VARCHAR,
|
||||
http_accept_charset VARCHAR,
|
||||
http_accept_encoding VARCHAR,
|
||||
session_id VARCHAR
|
||||
) INHERITS (edit_generic) WITHOUT OIDS;
|
||||
-- END: table/edit_log.sql
|
||||
-- START: table/edit_log_overflow.sql
|
||||
@@ -1028,7 +1015,7 @@ INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_
|
||||
-- edit user
|
||||
-- inserts admin user so basic users can be created
|
||||
DELETE FROM edit_user;
|
||||
INSERT INTO edit_user (username, password, enabled, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 'test@tequila.jp', 1, 1,
|
||||
INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1,
|
||||
(SELECT edit_language_id FROM edit_language WHERE short_name = 'en_US'),
|
||||
(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
|
||||
(SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin'),
|
||||
|
||||
@@ -1201,91 +1201,6 @@ final class CoreLibsCombinedArrayHandlerTest extends TestCase
|
||||
'Find next key in array'
|
||||
);
|
||||
}
|
||||
|
||||
public function providerReturnMatchingKeyOnley(): array
|
||||
{
|
||||
return [
|
||||
'limited entries' => [
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar'
|
||||
],
|
||||
[
|
||||
'a', 'b'
|
||||
],
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
],
|
||||
],
|
||||
'limited entries, with one wrong key' => [
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar'
|
||||
],
|
||||
[
|
||||
'a', 'b', 'f'
|
||||
],
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
],
|
||||
],
|
||||
'wrong keys only' => [
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar'
|
||||
],
|
||||
[
|
||||
'f', 'f'
|
||||
],
|
||||
[
|
||||
],
|
||||
],
|
||||
'empty keys' => [
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar'
|
||||
],
|
||||
[],
|
||||
[
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar'
|
||||
],
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
* @covers ::arrayReturnMatchingKeyOnly
|
||||
* @dataProvider providerReturnMatchingKeyOnley
|
||||
* @testdox arrayReturnMatchingKeyOnly get only selected key entries from array [$_dataName]
|
||||
*
|
||||
* @param array $input
|
||||
* @param array $key_list
|
||||
* @param array $expected
|
||||
* @return void
|
||||
*/
|
||||
public function testArrayReturnMatchingKeyOnly(
|
||||
array $input,
|
||||
array $key_list,
|
||||
array $expected
|
||||
): void {
|
||||
$this->assertEquals(
|
||||
$expected,
|
||||
\CoreLibs\Combined\ArrayHandler::arrayReturnMatchingKeyOnly(
|
||||
$input,
|
||||
$key_list
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -54,9 +54,7 @@ final class CoreLibsCreateSessionTest extends TestCase
|
||||
'getSessionId' => '1234abcd4567'
|
||||
],
|
||||
'sessionNameGlobals',
|
||||
[
|
||||
'auto_write_close' => false,
|
||||
],
|
||||
false,
|
||||
],
|
||||
'auto write close' => [
|
||||
'sessionNameAutoWriteClose',
|
||||
@@ -68,9 +66,7 @@ final class CoreLibsCreateSessionTest extends TestCase
|
||||
'getSessionId' => '1234abcd4567'
|
||||
],
|
||||
'sessionNameAutoWriteClose',
|
||||
[
|
||||
'auto_write_close' => true,
|
||||
],
|
||||
true,
|
||||
],
|
||||
];
|
||||
}
|
||||
@@ -85,14 +81,13 @@ final class CoreLibsCreateSessionTest extends TestCase
|
||||
* @param string $input
|
||||
* @param array<mixed> $mock_data
|
||||
* @param string $expected
|
||||
* @param array<string,mixed> $options
|
||||
* @return void
|
||||
*/
|
||||
public function testStartSession(
|
||||
string $input,
|
||||
array $mock_data,
|
||||
string $expected,
|
||||
?array $options,
|
||||
?bool $auto_write_close,
|
||||
): void {
|
||||
/** @var \CoreLibs\Create\Session&MockObject $session_mock */
|
||||
$session_mock = $this->createPartialMock(
|
||||
@@ -179,14 +174,9 @@ final class CoreLibsCreateSessionTest extends TestCase
|
||||
4,
|
||||
'/^\[SESSION\] Failed to activate session/'
|
||||
],
|
||||
'expired session' => [
|
||||
\RuntimeException::class,
|
||||
5,
|
||||
'/^\[SESSION\] Expired session found/'
|
||||
],
|
||||
'not a valid session id returned' => [
|
||||
\UnexpectedValueException::class,
|
||||
6,
|
||||
5,
|
||||
'/^\[SESSION\] getSessionId did not return a session id/'
|
||||
], */
|
||||
];
|
||||
@@ -216,8 +206,7 @@ final class CoreLibsCreateSessionTest extends TestCase
|
||||
$this->expectException($exception);
|
||||
$this->expectExceptionCode($exception_code);
|
||||
$this->expectExceptionMessageMatches($expected_error);
|
||||
// cannot set ini after header sent, plus we are on command line there are no headers
|
||||
new \CoreLibs\Create\Session($session_name, ['session_strict' => false]);
|
||||
new \CoreLibs\Create\Session($session_name);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -21,6 +21,341 @@ final class CoreLibsLanguageGetLocaleTest extends TestCase
|
||||
. 'includes' . DIRECTORY_SEPARATOR
|
||||
. 'locale' . DIRECTORY_SEPARATOR;
|
||||
|
||||
/**
|
||||
* set all constant variables that must be set before call
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public static function setUpBeforeClass(): void
|
||||
{
|
||||
// default web page encoding setting
|
||||
/* if (!defined('DEFAULT_ENCODING')) {
|
||||
define('DEFAULT_ENCODING', 'UTF-8');
|
||||
}
|
||||
if (!defined('DEFAULT_LOCALE')) {
|
||||
// default lang + encoding
|
||||
define('DEFAULT_LOCALE', 'en_US.UTF-8');
|
||||
}
|
||||
// site
|
||||
if (!defined('SITE_ENCODING')) {
|
||||
define('SITE_ENCODING', DEFAULT_ENCODING);
|
||||
}
|
||||
if (!defined('SITE_LOCALE')) {
|
||||
define('SITE_LOCALE', DEFAULT_LOCALE);
|
||||
} */
|
||||
// just set
|
||||
/* if (!defined('BASE')) {
|
||||
define('BASE', str_replace('/configs', '', __DIR__) . DIRECTORY_SEPARATOR);
|
||||
}
|
||||
if (!defined('INCLUDES')) {
|
||||
define('INCLUDES', 'includes' . DIRECTORY_SEPARATOR);
|
||||
}
|
||||
if (!defined('LANG')) {
|
||||
define('LANG', 'lang' . DIRECTORY_SEPARATOR);
|
||||
}
|
||||
if (!defined('LOCALE')) {
|
||||
define('LOCALE', 'locale' . DIRECTORY_SEPARATOR);
|
||||
}
|
||||
if (!defined('CONTENT_PATH')) {
|
||||
define('CONTENT_PATH', 'frontend' . DIRECTORY_SEPARATOR);
|
||||
} */
|
||||
// array session
|
||||
$_SESSION = [];
|
||||
global $_SESSION;
|
||||
}
|
||||
|
||||
/**
|
||||
* all the test data
|
||||
*
|
||||
* @return array<mixed>
|
||||
*/
|
||||
/* public function setLocaleProvider(): array
|
||||
{
|
||||
return [
|
||||
// 0: locale
|
||||
// 1: domain
|
||||
// 2: encoding
|
||||
// 3: path
|
||||
// 4: SESSION: DEFAULT_LOCALE
|
||||
// 5: SESSION: DEFAULT_CHARSET
|
||||
// 6: expected array
|
||||
// 7: deprecation message
|
||||
'no params, all default constants' => [
|
||||
// lang, domain, encoding, path
|
||||
null, null, null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'en_US.UTF-8',
|
||||
'lang' => 'en_US',
|
||||
'domain' => 'frontend',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $locale or unset SESSION locale is deprecated',
|
||||
],
|
||||
'no params, session charset and lang' => [
|
||||
// lang, domain, encoding, path
|
||||
null, null, null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
'ja_JP', 'UTF-8',
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja_JP',
|
||||
'lang' => 'ja_JP',
|
||||
'domain' => 'frontend',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $domain is deprecated'
|
||||
],
|
||||
'no params, session charset and lang short' => [
|
||||
// lang, domain, encoding, path
|
||||
null, null, null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
'ja', 'UTF-8',
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'frontend',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $domain is deprecated',
|
||||
],
|
||||
// param lang (no sessions)
|
||||
'locale param only, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja.UTF-8', null, null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja.UTF-8',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'frontend',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $domain is deprecated',
|
||||
],
|
||||
// different locale setting
|
||||
'locale complex param only, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja_JP.SJIS', null, null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja_JP.SJIS',
|
||||
'lang' => 'ja_JP',
|
||||
'domain' => 'frontend',
|
||||
'encoding' => 'SJIS',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $domain is deprecated',
|
||||
],
|
||||
// param lang and domain (no override)
|
||||
'locale, domain params, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja.UTF-8', 'admin', null, null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja.UTF-8',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'admin',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $path is deprecated',
|
||||
],
|
||||
// param lang and domain (no override)
|
||||
'locale, domain, encoding params, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja.UTF-8', 'admin', 'UTF-8', null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja.UTF-8',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'admin',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $path is deprecated'
|
||||
],
|
||||
// lang, domain, path (no override)
|
||||
'locale, domain and path, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja.UTF-8', 'admin', '', __DIR__ . '/locale_other/',
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja.UTF-8',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'admin',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?locale_other\/$/",
|
||||
],
|
||||
null
|
||||
],
|
||||
// all params set (no override)
|
||||
'all parameter, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'ja', 'admin', 'UTF-8', __DIR__ . '/locale_other/',
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'ja',
|
||||
'lang' => 'ja',
|
||||
'domain' => 'admin',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?locale_other\/$/",
|
||||
],
|
||||
null
|
||||
],
|
||||
// param lang and domain (no override)
|
||||
'long locale, domain, encoding params, no sessions' => [
|
||||
// lang, domain, encoding, path
|
||||
'de_CH.UTF-8@euro', 'admin', 'UTF-8', null,
|
||||
// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
|
||||
null, null,
|
||||
// return array
|
||||
[
|
||||
'locale' => 'de_CH.UTF-8@euro',
|
||||
'lang' => 'de_CH',
|
||||
'domain' => 'admin',
|
||||
'encoding' => 'UTF-8',
|
||||
'path' => "/^\/(.*\/)?includes\/locale\/$/",
|
||||
],
|
||||
'setLocale: Unset $path is deprecated',
|
||||
],
|
||||
// TODO invalid params (bad path) (no override)
|
||||
// TODO param calls, but with override set
|
||||
];
|
||||
} */
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
* @covers ::setLocale
|
||||
* @dataProvider setLocaleProvider
|
||||
* @testdox lang settings lang $language, domain $domain, encoding $encoding, path $path; session lang: $SESSION_DEFAULT_LOCALE, session char: $SESSION_DEFAULT_CHARSET [$_dataName]
|
||||
*
|
||||
* @param string|null $language
|
||||
* @param string|null $domain
|
||||
* @param string|null $encoding
|
||||
* @param string|null $path
|
||||
* @param string|null $SESSION_DEFAULT_LOCALE
|
||||
* @param string|null $SESSION_DEFAULT_CHARSET
|
||||
* @param array<mixed> $expected
|
||||
* @param string|null $deprecation_message
|
||||
* @return void
|
||||
*/
|
||||
/* public function testsetLocale(
|
||||
?string $language,
|
||||
?string $domain,
|
||||
?string $encoding,
|
||||
?string $path,
|
||||
?string $SESSION_DEFAULT_LOCALE,
|
||||
?string $SESSION_DEFAULT_CHARSET,
|
||||
array $expected,
|
||||
?string $deprecation_message
|
||||
): void {
|
||||
$return_lang_settings = [];
|
||||
global $_SESSION;
|
||||
// set override
|
||||
if ($SESSION_DEFAULT_LOCALE !== null) {
|
||||
$_SESSION['DEFAULT_LOCALE'] = $SESSION_DEFAULT_LOCALE;
|
||||
}
|
||||
if ($SESSION_DEFAULT_CHARSET !== null) {
|
||||
$_SESSION['DEFAULT_CHARSET'] = $SESSION_DEFAULT_CHARSET;
|
||||
}
|
||||
if ($deprecation_message !== null) {
|
||||
set_error_handler(
|
||||
static function (int $errno, string $errstr): never {
|
||||
throw new \Exception($errstr, $errno);
|
||||
},
|
||||
E_USER_DEPRECATED
|
||||
);
|
||||
// catch this with the message
|
||||
$this->expectExceptionMessage($deprecation_message);
|
||||
}
|
||||
// function call
|
||||
if (
|
||||
$language === null && $domain === null &&
|
||||
$encoding === null && $path === null
|
||||
) {
|
||||
$return_lang_settings = \CoreLibs\Language\GetLocale::setLocale();
|
||||
} elseif (
|
||||
$language !== null && $domain === null &&
|
||||
$encoding === null && $path === null
|
||||
) {
|
||||
$return_lang_settings = \CoreLibs\Language\GetLocale::setLocale(
|
||||
$language
|
||||
);
|
||||
} elseif (
|
||||
$language !== null && $domain !== null &&
|
||||
$encoding === null && $path === null
|
||||
) {
|
||||
$return_lang_settings = \CoreLibs\Language\GetLocale::setLocale(
|
||||
$language,
|
||||
$domain
|
||||
);
|
||||
} elseif (
|
||||
$language !== null && $domain !== null &&
|
||||
$encoding !== null && $path === null
|
||||
) {
|
||||
$return_lang_settings = \CoreLibs\Language\GetLocale::setLocale(
|
||||
$language,
|
||||
$domain,
|
||||
$encoding
|
||||
);
|
||||
} else {
|
||||
$return_lang_settings = \CoreLibs\Language\GetLocale::setLocale(
|
||||
$language,
|
||||
$domain,
|
||||
$encoding,
|
||||
$path
|
||||
);
|
||||
}
|
||||
restore_error_handler();
|
||||
// print "RETURN: " . print_r($return_lang_settings, true) . "\n";
|
||||
|
||||
foreach (
|
||||
[
|
||||
'locale', 'lang', 'domain', 'encoding', 'path'
|
||||
] as $key
|
||||
) {
|
||||
$value = $expected[$key];
|
||||
if (strpos($value, "/") === 0) {
|
||||
// this is regex
|
||||
$this->assertMatchesRegularExpression(
|
||||
$value,
|
||||
$return_lang_settings[$key],
|
||||
'assert regex failed for ' . $key
|
||||
);
|
||||
} else {
|
||||
// assert equal
|
||||
$this->assertEquals(
|
||||
$value,
|
||||
$return_lang_settings[$key],
|
||||
'assert equal failed for ' . $key
|
||||
);
|
||||
}
|
||||
}
|
||||
// unset all vars
|
||||
$_SESSION = [];
|
||||
unset($GLOBALS['OVERRIDE_LANG']);
|
||||
} */
|
||||
|
||||
/**
|
||||
* all the test data
|
||||
*
|
||||
|
||||
@@ -56,7 +56,24 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
|
||||
$decrypted,
|
||||
'Class call',
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* test encrypt/decrypt produce correct output
|
||||
*
|
||||
* @covers ::generateRandomKey
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerEncryptDecryptSuccess
|
||||
* @testdox encrypt/decrypt indirect $input must be $expected [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $expected
|
||||
* @return void
|
||||
*/
|
||||
public function testEncryptDecryptSuccessIndirect(string $input, string $expected): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
// test indirect
|
||||
$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
|
||||
$decrypted = SymmetricEncryption::getInstance($key)->decrypt($encrypted);
|
||||
@@ -65,7 +82,24 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
|
||||
$decrypted,
|
||||
'Class Instance call',
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* test encrypt/decrypt produce correct output
|
||||
*
|
||||
* @covers ::generateRandomKey
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerEncryptDecryptSuccess
|
||||
* @testdox encrypt/decrypt static $input must be $expected [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $expected
|
||||
* @return void
|
||||
*/
|
||||
public function testEncryptDecryptSuccessStatic(string $input, string $expected): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
// test static
|
||||
$encrypted = SymmetricEncryption::encryptKey($input, $key);
|
||||
$decrypted = SymmetricEncryption::decryptKey($encrypted, $key);
|
||||
@@ -114,13 +148,51 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
|
||||
$crypt = new SymmetricEncryption($key);
|
||||
$encrypted = $crypt->encrypt($input);
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
$crypt->setKey($key);
|
||||
$crypt->setKey($wrong_key);
|
||||
$crypt->decrypt($encrypted);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test decryption with wrong key
|
||||
*
|
||||
* @covers ::generateRandomKey
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerEncryptFailed
|
||||
* @testdox decrypt indirect with wrong key $input throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testEncryptFailedIndirect(string $input, string $exception_message): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
$wrong_key = CreateKey::generateRandomKey();
|
||||
|
||||
// class instance
|
||||
$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::getInstance($wrong_key)->decrypt($encrypted);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test decryption with wrong key
|
||||
*
|
||||
* @covers ::generateRandomKey
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerEncryptFailed
|
||||
* @testdox decrypt static with wrong key $input throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testEncryptFailedStatic(string $input, string $exception_message): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
$wrong_key = CreateKey::generateRandomKey();
|
||||
|
||||
// class static
|
||||
$encrypted = SymmetricEncryption::encryptKey($input, $key);
|
||||
@@ -190,6 +262,56 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
|
||||
SymmetricEncryption::decryptKey($encrypted, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* test invalid key provided to decrypt or encrypt
|
||||
*
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerWrongKey
|
||||
* @testdox wrong key indirect $key throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testWrongKeyIndirect(string $key, string $exception_message): void
|
||||
{
|
||||
$enc_key = CreateKey::generateRandomKey();
|
||||
|
||||
// class instance
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::getInstance($key)->encrypt('test');
|
||||
// we must encrypt valid thing first so we can fail with the wrong key
|
||||
$encrypted = SymmetricEncryption::getInstance($enc_key)->encrypt('test');
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::getInstance($key)->decrypt($encrypted);
|
||||
}
|
||||
|
||||
/**
|
||||
* test invalid key provided to decrypt or encrypt
|
||||
*
|
||||
* @covers ::encrypt
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerWrongKey
|
||||
* @testdox wrong key static $key throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testWrongKeyStatic(string $key, string $exception_message): void
|
||||
{
|
||||
$enc_key = CreateKey::generateRandomKey();
|
||||
|
||||
// class static
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::encryptKey('test', $key);
|
||||
// we must encrypt valid thing first so we can fail with the wrong key
|
||||
$encrypted = SymmetricEncryption::encryptKey('test', $enc_key);
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::decryptKey($encrypted, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
@@ -232,6 +354,49 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::decryptKey($input, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerWrongCiphertext
|
||||
* @testdox too short ciphertext indirect $input throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testWrongCiphertextIndirect(string $input, string $exception_message): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
|
||||
// class instance
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::getInstance($key)->decrypt($input);
|
||||
|
||||
// class static
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::decryptKey($input, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
* @covers ::decrypt
|
||||
* @dataProvider providerWrongCiphertext
|
||||
* @testdox too short ciphertext static $input throws $exception_message [$_dataName]
|
||||
*
|
||||
* @param string $input
|
||||
* @param string $exception_message
|
||||
* @return void
|
||||
*/
|
||||
public function testWrongCiphertextStatic(string $input, string $exception_message): void
|
||||
{
|
||||
$key = CreateKey::generateRandomKey();
|
||||
// class static
|
||||
$this->expectExceptionMessage($exception_message);
|
||||
SymmetricEncryption::decryptKey($input, $key);
|
||||
}
|
||||
}
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -3,14 +3,6 @@ ALTER TABLE edit_generic ADD cuuid UUID DEFAULT gen_random_uuid();
|
||||
ALTER TABLE edit_log ADD ecuid VARCHAR;
|
||||
ALTER TABLE edit_log ADD ecuuid VARCHAR;
|
||||
ALTER TABLE edit_log ADD action_sub_id VARCHAR;
|
||||
ALTER TABLE edit_log ADD http_data JSONB;
|
||||
ALTER TABLE edit_log ADD ip_address JSONB;
|
||||
ALTER TABLE edit_log ADD action_data JSONB;
|
||||
ALTER TABLE edit_log ADD request_scheme VARCHAR;
|
||||
ALTER TABLE edit_user ADD force_logout INT DEFAULT 0;
|
||||
COMMENT ON COLUMN edit_user.force_logout IS 'Counter for forced log out, if this one is higher than the session set one the session gets terminated';
|
||||
ALTER TABLE edit_user ADD last_login TIMESTAMP WITHOUT TIME ZONE;
|
||||
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
|
||||
|
||||
-- update set_edit_gneric
|
||||
-- adds the created or updated date tags
|
||||
|
||||
@@ -250,19 +250,6 @@ foreach (array_keys($array) as $search) {
|
||||
}
|
||||
print "Key not exists: " . DgS::printAr(ArrayHandler::arrayGetNextKey($array, 'z')) . "<br>";
|
||||
|
||||
print "<hr>";
|
||||
$keys = ['b', 'c', 'f'];
|
||||
print "Return only: " . DgS::printAr($keys) . ": "
|
||||
. DgS::printAr(ArrayHandler::arrayReturnMatchingKeyOnly($array, $keys)) . "<br>";
|
||||
|
||||
$out = array_filter($array, fn($key) => in_array($key, $keys), ARRAY_FILTER_USE_KEY);
|
||||
print "array filter: " . DgS::printAr($keys) . ": " . DgS::printAr($out) . "<br>";
|
||||
$out = array_intersect_key(
|
||||
$array,
|
||||
array_flip($keys)
|
||||
);
|
||||
print "array intersect key: " . DgS::printAr($keys) . ": " . DgS::printAr($out) . "<br>";
|
||||
|
||||
print "</body></html>";
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -17,14 +17,8 @@ require 'config.php';
|
||||
// define log file id
|
||||
$LOG_FILE_ID = 'classTest-login';
|
||||
$SET_SESSION_NAME = EDIT_SESSION_NAME;
|
||||
|
||||
use CoreLibs\Debug\Support;
|
||||
|
||||
// init login & backend class
|
||||
$session = new CoreLibs\Create\Session($SET_SESSION_NAME, [
|
||||
'regenerate' => 'interval',
|
||||
'regenerate_interval' => 10, // every 10 seconds
|
||||
]);
|
||||
$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
|
||||
$log = new CoreLibs\Logging\Logging([
|
||||
'log_folder' => BASE . LOG,
|
||||
'log_file_id' => $LOG_FILE_ID,
|
||||
@@ -49,87 +43,23 @@ ob_end_flush();
|
||||
$login->loginMainCall();
|
||||
|
||||
$PAGE_NAME = 'TEST CLASS: LOGIN';
|
||||
print str_replace(
|
||||
'{PAGE_NAME}',
|
||||
$PAGE_NAME,
|
||||
<<<HTML
|
||||
<!DOCTYPE html>
|
||||
<html><head>
|
||||
<title>{PAGE_NAME}</title>
|
||||
</head>
|
||||
<body>
|
||||
<div><a href="class_test.php">Class Test Master</a></div>
|
||||
<div><h1>{PAGE_NAME}</h1></div>
|
||||
HTML
|
||||
);
|
||||
|
||||
// button logout
|
||||
print <<<HTML
|
||||
<script language="JavaScript">
|
||||
function loginLogout()
|
||||
{
|
||||
const form = document.createElement('form');
|
||||
form.method = 'post';
|
||||
const hiddenField = document.createElement('input');
|
||||
hiddenField.type = 'hidden';
|
||||
hiddenField.name = 'login_logout';
|
||||
hiddenField.value = 'Logout';
|
||||
form.appendChild(hiddenField);
|
||||
document.body.appendChild(form);
|
||||
form.submit();
|
||||
}
|
||||
</script>
|
||||
<div style="margin: 20px 0;">
|
||||
<button onclick="loginLogout();" type="button">Logout</button>
|
||||
</div>
|
||||
HTML;
|
||||
// string logout
|
||||
print <<<HTML
|
||||
<div style="margin: 20px 0;">
|
||||
<form method="post" name="loginlogout">
|
||||
<a href="javascript:document.loginlogout.login_logout.value=Logout;document.loginlogout.submit();">Logout</a>
|
||||
<input type="hidden" name="login_logout" value="">
|
||||
</form>
|
||||
</div>
|
||||
HTML;
|
||||
|
||||
echo "SESSION ID: " . $session->getSessionIdCall() . "<br>";
|
||||
print "<!DOCTYPE html>";
|
||||
print "<html><head><title>" . $PAGE_NAME . "</title></head>";
|
||||
print "<body>";
|
||||
print '<div><a href="class_test.php">Class Test Master</a></div>';
|
||||
print '<div><h1>' . $PAGE_NAME . '</h1></div>';
|
||||
|
||||
echo "CHECK PERMISSION: " . ($login->loginCheckPermissions() ? 'OK' : 'BAD') . "<br>";
|
||||
echo "IS ADMIN: " . ($login->loginIsAdmin() ? 'OK' : 'BAD') . "<br>";
|
||||
echo "MIN ACCESS BASE: " . ($login->loginCheckAccessBase('admin') ? 'OK' : 'BAD') . "<br>";
|
||||
echo "MIN ACCESS PAGE: " . ($login->loginCheckAccessPage('admin') ? 'OK' : 'BAD') . "<br>";
|
||||
|
||||
echo "ACL: " . Support::printAr($login->loginGetAcl()) . "<br>";
|
||||
echo "ACL (MIN): " . Support::printAr($login->loginGetAcl()['min'] ?? []) . "<br>";
|
||||
echo "LOCALE: " . Support::printAr($login->loginGetLocale()) . "<br>";
|
||||
echo "ACL: " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()) . "<br>";
|
||||
echo "ACL (MIN): " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()['min'] ?? []) . "<br>";
|
||||
echo "LOCALE: " . \CoreLibs\Debug\Support::printAr($login->loginGetLocale()) . "<br>";
|
||||
|
||||
echo "ECUID: " . $login->loginGetEuCuid() . "<br>";
|
||||
echo "ECUUID: " . $login->loginGetEuCuuid() . "<br>";
|
||||
|
||||
echo "<hr>";
|
||||
// set + check edit access id
|
||||
$edit_access_cuid = 'buRW8Gu2Lkkf';
|
||||
if (isset($login->loginGetAcl()['unit'])) {
|
||||
print "EDIT ACCESS CUID: " . $edit_access_cuid . "<br>";
|
||||
print "ACL UNIT: " . print_r(array_keys($login->loginGetAcl()['unit']), true) . "<br>";
|
||||
print "ACCESS CHECK: " . Support::prBl($login->loginCheckEditAccessCuid($edit_access_cuid)) . "<br>";
|
||||
if ($login->loginCheckEditAccessCuid($edit_access_cuid)) {
|
||||
print "Set new:" . $edit_access_cuid . "<br>";
|
||||
} else {
|
||||
print "Load default unit id: " . $login->loginGetAcl()['unit_id'] . "<br>";
|
||||
}
|
||||
} else {
|
||||
print "Something went wrong with the login<br>";
|
||||
}
|
||||
|
||||
// echo "<hr>";
|
||||
// IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER
|
||||
// Agent check: 'HTTP_USER_AGENT'
|
||||
|
||||
|
||||
echo "<hr>";
|
||||
print "SESSION: " . Support::printAr($_SESSION) . "<br>";
|
||||
echo "ECUID: " . $login->loginGetEcuid() . "<br>";
|
||||
echo "ECUUID: " . $login->loginGetEcuuid() . "<br>";
|
||||
|
||||
$login->writeLog(
|
||||
'TEST LOG',
|
||||
|
||||
@@ -149,20 +149,33 @@ foreach ($test_files as $file => $name) {
|
||||
print '<div><a href="' . $file . '">' . $name . '</a></div>';
|
||||
}
|
||||
|
||||
|
||||
print "<br>";
|
||||
print "ECUID: " . $session->get('LOGIN_EUCUID') . "<br>";
|
||||
print "ECUUID: " . $session->get('LOGIN_EUCUUID') . "<br>";
|
||||
|
||||
print "<hr>";
|
||||
print "LOCALE: " . Support::dumpVar($locale) . "<br>";
|
||||
print "L: " . Support::dumpVar($locale) . "<br>";
|
||||
// print all _ENV vars set
|
||||
print "<div>READ _ENV ARRAY:</div>";
|
||||
print Support::dumpVar(array_map('htmlentities', $_ENV));
|
||||
// set + check edit access id
|
||||
$edit_access_id = 3;
|
||||
if (isset($login->loginGetAcl()['unit'])) {
|
||||
print "ACL UNIT: " . print_r(array_keys($login->loginGetAcl()['unit']), true) . "<br>";
|
||||
print "ACCESS CHECK: " . (string)$login->loginCheckEditAccess($edit_access_id) . "<br>";
|
||||
if ($login->loginCheckEditAccess($edit_access_id)) {
|
||||
$backend->edit_access_id = $edit_access_id;
|
||||
} else {
|
||||
$backend->edit_access_id = $login->loginGetAcl()['unit_id'];
|
||||
}
|
||||
} else {
|
||||
print "Something went wrong with the login<br>";
|
||||
}
|
||||
|
||||
// $backend->log->debug('SESSION', \CoreLibs\Debug\Support::dumpVar($_SESSION));
|
||||
|
||||
print "<br>";
|
||||
print '<form method="post" name="loginlogout">';
|
||||
print '<a href="javascript:document.loginlogout.login_logout.value=\'Logou\';'
|
||||
. 'document.loginlogout.submit();">Logout</a>';
|
||||
print '<input type="hidden" name="login_logout" value="">';
|
||||
print '</form>';
|
||||
|
||||
print "Log Level: " . $backend->log->getLoggingLevel()->getName() . "<br>";
|
||||
print "Log ID: " . $backend->log->getLogFileId() . "<br>";
|
||||
print "Log Date: " . $backend->log->getLogDate() . "<br>";
|
||||
@@ -184,7 +197,26 @@ foreach (
|
||||
|
||||
$log->debug('SOME MARK', 'Some error output');
|
||||
|
||||
print "<br>";
|
||||
// INTERNAL SET
|
||||
print "EDIT ACCESS ID: " . $backend->edit_access_id . "<br>";
|
||||
// print "ACL: <br>".$backend->print_ar($login->loginGetAcl())."<br>";
|
||||
// $log->debug('ACL', "ACL: " . \CoreLibs\Debug\Support::dumpVar($login->loginGetAcl()));
|
||||
// print "DEFAULT ACL: <br>".$backend->print_ar($login->default_acl_list)."<br>";
|
||||
// print "DEFAULT ACL: <br>".$backend->print_ar($login->default_acl_list)."<br>";
|
||||
// $result = array_flip(
|
||||
// array_filter(
|
||||
// array_flip($login->default_acl_list),
|
||||
// function ($key) {
|
||||
// if (is_numeric($key)) {
|
||||
// return $key;
|
||||
// }
|
||||
// }
|
||||
// )
|
||||
// );
|
||||
// print "DEFAULT ACL: <br>".$backend->print_ar($result)."<br>";
|
||||
// DEPRICATED CALL
|
||||
// $backend->adbSetACL($login->loginGetAcl());
|
||||
|
||||
print "THIS HOST: " . HOST_NAME . ", with PROTOCOL: " . HOST_PROTOCOL . " is running SSL: " . HOST_SSL . "<br>";
|
||||
print "DIR: " . DIR . "<br>";
|
||||
print "BASE: " . BASE . "<br>";
|
||||
@@ -194,8 +226,8 @@ print "HOST: " . HOST_NAME . " => DB HOST: " . DB_CONFIG_NAME . " => " . Support
|
||||
print "DS is: " . DIRECTORY_SEPARATOR . "<br>";
|
||||
print "SERVER HOST: " . $_SERVER['HTTP_HOST'] . "<br>";
|
||||
|
||||
print "<div>READ _SERVER ARRAY:</div>";
|
||||
print Support::dumpVar(array_map('htmlentities', $_SERVER));
|
||||
print "ECUID: " . $session->get('ECUID') . "<br>";
|
||||
print "ECUUID: " . $session->get('ECUUID') . "<br>";
|
||||
|
||||
print "</body></html>";
|
||||
|
||||
|
||||
@@ -146,7 +146,7 @@ $_SESSION['this_will_be_written'] = 'not empty';
|
||||
// open again with same name
|
||||
$session_name = 'class-test-session';
|
||||
try {
|
||||
$session_alt = new Session($session_name, ['auto_write_close' => true]);
|
||||
$session_alt = new Session($session_name, auto_write_close:true);
|
||||
print "[4 SET] Current session id: " . $session_alt->getSessionId() . "<br>";
|
||||
print "[4 SET] Current session auto write close: " . ($session_alt->checkAutoWriteClose() ? 'Yes' : 'No') . "<br>";
|
||||
print "[START AGAIN] Current session id: " . $session_alt->getSessionId() . "<br>";
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -415,6 +415,8 @@ class EditBase
|
||||
$elements[] = $this->form->formCreateElement('lock_until');
|
||||
$elements[] = $this->form->formCreateElement('lock_after');
|
||||
$elements[] = $this->form->formCreateElement('admin');
|
||||
$elements[] = $this->form->formCreateElement('debug');
|
||||
$elements[] = $this->form->formCreateElement('db_debug');
|
||||
$elements[] = $this->form->formCreateElement('edit_language_id');
|
||||
$elements[] = $this->form->formCreateElement('edit_scheme_id');
|
||||
$elements[] = $this->form->formCreateElementListTable('edit_access_user');
|
||||
|
||||
@@ -525,30 +525,6 @@ class ArrayHandler
|
||||
{
|
||||
return array_diff($array, $remove);
|
||||
}
|
||||
|
||||
/**
|
||||
* From the array with key -> anything values return only the matching entries from key list
|
||||
* key list is a list[string]
|
||||
* if key list is empty, return array as is
|
||||
*
|
||||
* @param array<string,mixed> $array
|
||||
* @param array<string> $key_list
|
||||
* @return array<string,mixed>
|
||||
*/
|
||||
public static function arrayReturnMatchingKeyOnly(
|
||||
array $array,
|
||||
array $key_list
|
||||
): array {
|
||||
// on empty return as is
|
||||
if (empty($key_list)) {
|
||||
return $array;
|
||||
}
|
||||
return array_filter(
|
||||
$array,
|
||||
fn($key) => in_array($key, $key_list),
|
||||
ARRAY_FILTER_USE_KEY
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -21,107 +21,21 @@ class Session
|
||||
private string $session_id = '';
|
||||
/** @var bool flag auto write close */
|
||||
private bool $auto_write_close = false;
|
||||
/** @var string regenerate option, default never */
|
||||
private string $regenerate = 'never';
|
||||
/** @var int regenerate interval either 1 to 100 for random or 0 to 3600 for interval */
|
||||
private int $regenerate_interval = 0;
|
||||
|
||||
/** @var array<string> allowed session id regenerate (rotate) options */
|
||||
private const ALLOWED_REGENERATE_OPTIONS = ['none', 'random', 'interval'];
|
||||
/** @var int default random interval */
|
||||
public const DEFAULT_REGENERATE_RANDOM = 100;
|
||||
/** @var int default rotate internval in minutes */
|
||||
public const DEFAULT_REGENERATE_INTERVAL = 5 * 60;
|
||||
/** @var int maximum time for regenerate interval is one hour */
|
||||
public const MAX_REGENERATE_INTERAL = 60 * 60;
|
||||
|
||||
/**
|
||||
* init a session, if array is empty or array does not have session_name set
|
||||
* then no auto init is run
|
||||
*
|
||||
* @param string $session_name if set and not empty, will start session
|
||||
* @param array<string,bool> $options
|
||||
*/
|
||||
public function __construct(
|
||||
string $session_name,
|
||||
array $options = []
|
||||
) {
|
||||
$this->setOptions($options);
|
||||
public function __construct(string $session_name, bool $auto_write_close = false)
|
||||
{
|
||||
$this->initSession($session_name);
|
||||
$this->auto_write_close = $auto_write_close;
|
||||
}
|
||||
|
||||
// MARK: private methods
|
||||
|
||||
/**
|
||||
* set session class options
|
||||
*
|
||||
* @param array<string,bool> $options
|
||||
* @return void
|
||||
*/
|
||||
private function setOptions(array $options): void
|
||||
{
|
||||
if (
|
||||
!isset($options['auto_write_close']) ||
|
||||
!is_bool($options['auto_write_close'])
|
||||
) {
|
||||
$options['auto_write_close'] = false;
|
||||
}
|
||||
$this->auto_write_close = $options['auto_write_close'];
|
||||
if (
|
||||
!isset($options['session_strict']) ||
|
||||
!is_bool($options['session_strict'])
|
||||
) {
|
||||
$options['session_strict'] = true;
|
||||
}
|
||||
// set strict options, on not started sessiononly
|
||||
if (
|
||||
$options['session_strict'] &&
|
||||
$this->getSessionStatus() === PHP_SESSION_NONE
|
||||
) {
|
||||
// use cookies to store session IDs
|
||||
ini_set('session.use_cookies', 1);
|
||||
// use cookies only (do not send session IDs in URLs)
|
||||
ini_set('session.use_only_cookies', 1);
|
||||
// do not send session IDs in URLs
|
||||
ini_set('session.use_trans_sid', 0);
|
||||
}
|
||||
// session regenerate id options
|
||||
if (
|
||||
empty($options['regenerate']) ||
|
||||
!in_array($options['regenerate'], self::ALLOWED_REGENERATE_OPTIONS)
|
||||
) {
|
||||
$options['regenerate'] = 'never';
|
||||
}
|
||||
$this->regenerate = (string)$options['regenerate'];
|
||||
// for regenerate: 'random' (default 100)
|
||||
// regenerate_interval must be between (1 = always) and 100 (1 in 100)
|
||||
// for regenerate: 'interval' (default 5min)
|
||||
// regenerate_interval must be 0 = always, to 3600 (every hour)
|
||||
if (
|
||||
$options['regenerate'] == 'random' &&
|
||||
(
|
||||
!isset($options['regenerate_interval']) ||
|
||||
!is_numeric($options['regenerate_interval']) ||
|
||||
$options['regenerate_interval'] < 0 ||
|
||||
$options['regenerate_interval'] > 100
|
||||
)
|
||||
) {
|
||||
$options['regenerate_interval'] = self::DEFAULT_REGENERATE_RANDOM;
|
||||
}
|
||||
if (
|
||||
$options['regenerate'] == 'interval' &&
|
||||
(
|
||||
!isset($options['regenerate_interval']) ||
|
||||
!is_numeric($options['regenerate_interval']) ||
|
||||
$options['regenerate_interval'] < 1 ||
|
||||
$options['regenerate_interval'] > self::MAX_REGENERATE_INTERAL
|
||||
)
|
||||
) {
|
||||
$options['regenerate_interval'] = self::DEFAULT_REGENERATE_INTERVAL;
|
||||
}
|
||||
$this->regenerate_interval = (int)($options['regenerate_interval'] ?? 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* Start session
|
||||
* startSession should be called for complete check
|
||||
@@ -158,72 +72,6 @@ class Session
|
||||
return false;
|
||||
}
|
||||
|
||||
// MARK: regenerate session
|
||||
|
||||
/**
|
||||
* auto rotate session id
|
||||
*
|
||||
* @return void
|
||||
* @throws \RuntimeException failure to regenerate session id
|
||||
* @throws \UnexpectedValueException failed to get new session id
|
||||
* @throws \RuntimeException failed to set new sesson id
|
||||
* @throws \UnexpectedValueException new session id generated does not match the new set one
|
||||
*/
|
||||
private function sessionRegenerateSessionId()
|
||||
{
|
||||
// never
|
||||
if ($this->regenerate == 'never') {
|
||||
return;
|
||||
}
|
||||
// regenerate
|
||||
if (
|
||||
!(
|
||||
// is not session obsolete
|
||||
empty($_SESSION['SESSION_REGENERATE_OBSOLETE']) &&
|
||||
(
|
||||
(
|
||||
// random
|
||||
$this->regenerate == 'random' &&
|
||||
mt_rand(1, $this->regenerate_interval) == 1
|
||||
) || (
|
||||
// interval type
|
||||
$this->regenerate == 'interval' &&
|
||||
($_SESSION['SESSION_REGENERATE_TIMESTAMP'] ?? 0) + $this->regenerate_interval < time()
|
||||
)
|
||||
)
|
||||
)
|
||||
) {
|
||||
return;
|
||||
}
|
||||
// Set current session to expire in 1 minute
|
||||
$_SESSION['SESSION_REGENERATE_OBSOLETE'] = true;
|
||||
$_SESSION['SESSION_REGENERATE_EXPIRES'] = time() + 60;
|
||||
$_SESSION['SESSION_REGENERATE_TIMESTAMP'] = time();
|
||||
// Create new session without destroying the old one
|
||||
if (session_regenerate_id(false) === false) {
|
||||
throw new \RuntimeException('[SESSION] Session id regeneration failed', 1);
|
||||
}
|
||||
// Grab current session ID and close both sessions to allow other scripts to use them
|
||||
if (false === ($new_session_id = $this->getSessionIdCall())) {
|
||||
throw new \UnexpectedValueException('[SESSION] getSessionIdCall did not return a session id', 2);
|
||||
}
|
||||
$this->writeClose();
|
||||
// Set session ID to the new one, and start it back up again
|
||||
if (($get_new_session_id = session_id($new_session_id)) === false) {
|
||||
throw new \RuntimeException('[SESSION] set session_id failed', 3);
|
||||
}
|
||||
if ($get_new_session_id != $new_session_id) {
|
||||
throw new \UnexpectedValueException('[SESSION] new session id does not match the new set one', 4);
|
||||
}
|
||||
$this->session_id = $new_session_id;
|
||||
$this->startSessionCall();
|
||||
// Don't want this one to expire
|
||||
unset($_SESSION['SESSION_REGENERATE_OBSOLETE']);
|
||||
unset($_SESSION['SESSION_REGENERATE_EXPIRES']);
|
||||
}
|
||||
|
||||
// MARK: session validation
|
||||
|
||||
/**
|
||||
* check if session name is valid
|
||||
*
|
||||
@@ -303,13 +151,6 @@ class Session
|
||||
if (!$this->checkActiveSession()) {
|
||||
throw new \RuntimeException('[SESSION] Failed to activate session', 5);
|
||||
}
|
||||
if (
|
||||
!empty($_SESSION['SESSION_REGENERATE_OBSOLETE']) &&
|
||||
!empty($_SESSION['SESSION_REGENERATE_EXPIRES']) && $_SESSION['SESSION_REGENERATE_EXPIRES'] < time()
|
||||
) {
|
||||
$this->sessionDestroy();
|
||||
throw new \RuntimeException('[SESSION] Expired session found', 6);
|
||||
}
|
||||
} elseif ($session_name != $this->getSessionName()) {
|
||||
throw new \UnexpectedValueException(
|
||||
'[SESSION] Another session exists with a different name: ' . $this->getSessionName(),
|
||||
@@ -318,12 +159,10 @@ class Session
|
||||
}
|
||||
// check session id
|
||||
if (false === ($session_id = $this->getSessionIdCall())) {
|
||||
throw new \UnexpectedValueException('[SESSION] getSessionIdCall did not return a session id', 7);
|
||||
throw new \UnexpectedValueException('[SESSION] getSessionId did not return a session id', 6);
|
||||
}
|
||||
// set session id
|
||||
$this->session_id = $session_id;
|
||||
// run session id re-create from time to time
|
||||
$this->sessionRegenerateSessionId();
|
||||
// if flagged auto close, write close session
|
||||
if ($this->auto_write_close) {
|
||||
$this->writeClose();
|
||||
|
||||
@@ -135,6 +135,30 @@ class EditUsers implements Interface\TableArraysInterface
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'debug' => [
|
||||
'value' => $_POST['debug'] ?? '',
|
||||
'output_name' => 'Debug',
|
||||
'type' => 'binary',
|
||||
'int' => 1,
|
||||
'element_list' => [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'db_debug' => [
|
||||
'value' => $_POST['db_debug'] ?? '',
|
||||
'output_name' => 'DB Debug',
|
||||
'type' => 'binary',
|
||||
'int' => 1,
|
||||
'element_list' => [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'email' => [
|
||||
'value' => $_POST['email'] ?? '',
|
||||
'output_name' => 'E-Mail',
|
||||
|
||||
@@ -49,7 +49,11 @@ class SymmetricEncryption
|
||||
*/
|
||||
public static function getInstance(string|null $key = null): self
|
||||
{
|
||||
if (empty(self::$instance)) {
|
||||
// new if no instsance or key is different
|
||||
if (
|
||||
empty(self::$instance) ||
|
||||
self::$instance->key != $key
|
||||
) {
|
||||
self::$instance = new self($key);
|
||||
}
|
||||
return self::$instance;
|
||||
@@ -130,7 +134,7 @@ class SymmetricEncryption
|
||||
*/
|
||||
private function encryptData(string $message, ?string $key): string
|
||||
{
|
||||
if (empty($this->key) || $key === null) {
|
||||
if ($key === null) {
|
||||
throw new \UnexpectedValueException('Key not set');
|
||||
}
|
||||
$key = $this->createKey($key);
|
||||
|
||||
Reference in New Issue
Block a user