Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
93cb7e0cab | ||
|
|
7fbce6529b | ||
|
|
6e086fe7b3 | ||
|
|
0ec19d5b75 | ||
|
|
8134da349f | ||
|
|
8396f7856b | ||
|
|
b18866077e | ||
|
|
a66cc09095 | ||
|
|
1cfdc45107 | ||
|
|
07e46c91ab |
@@ -12,6 +12,8 @@ Not yet covered tests:
|
||||
- loginGetLocale
|
||||
- loginGetHeaderColor
|
||||
- loginGetPages
|
||||
- loginGetPageLookupList
|
||||
- loginPageAccessAllowed
|
||||
- loginGetEuid
|
||||
*/
|
||||
|
||||
|
||||
@@ -1286,6 +1286,118 @@ final class CoreLibsCombinedArrayHandlerTest extends TestCase
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* provider for arrayModifyKey
|
||||
*
|
||||
* @return array<string,array<mixed>>
|
||||
*/
|
||||
public function providerArrayModifyKey(): array
|
||||
{
|
||||
return [
|
||||
'prefix and suffix add' => [
|
||||
'array' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar',
|
||||
],
|
||||
'prefix' => 'Prefix: ',
|
||||
'suffix' => '.suffix',
|
||||
'expected' => [
|
||||
'Prefix: a.suffix' => 'foo',
|
||||
'Prefix: b.suffix' => 'bar',
|
||||
'Prefix: c.suffix' => 'foobar',
|
||||
],
|
||||
],
|
||||
'prefix add only' => [
|
||||
'array' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar',
|
||||
],
|
||||
'prefix' => 'Prefix: ',
|
||||
'suffix' => '',
|
||||
'expected' => [
|
||||
'Prefix: a' => 'foo',
|
||||
'Prefix: b' => 'bar',
|
||||
'Prefix: c' => 'foobar',
|
||||
],
|
||||
],
|
||||
'suffix add only' => [
|
||||
'array' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar',
|
||||
],
|
||||
'prefix' => '',
|
||||
'suffix' => '.suffix',
|
||||
'expected' => [
|
||||
'a.suffix' => 'foo',
|
||||
'b.suffix' => 'bar',
|
||||
'c.suffix' => 'foobar',
|
||||
],
|
||||
],
|
||||
'empty array' => [
|
||||
'array' => [],
|
||||
'prefix' => '',
|
||||
'suffix' => '.suffix',
|
||||
'expected' => [],
|
||||
],
|
||||
'no suffix or prefix' => [
|
||||
'array' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar',
|
||||
],
|
||||
'prefix' => '',
|
||||
'suffix' => '',
|
||||
'expected' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
'c' => 'foobar',
|
||||
],
|
||||
],
|
||||
'integer index mixed' => [
|
||||
'array' => [
|
||||
'a' => 'foo',
|
||||
'b' => 'bar',
|
||||
3 => 'foobar',
|
||||
],
|
||||
'prefix' => '',
|
||||
'suffix' => '.suffix',
|
||||
'expected' => [
|
||||
'a.suffix' => 'foo',
|
||||
'b.suffix' => 'bar',
|
||||
'3.suffix' => 'foobar',
|
||||
],
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Undocumented function
|
||||
*
|
||||
* @covers ::arrayModifyKey
|
||||
* @dataProvider providerArrayModifyKey
|
||||
* @testdox arrayModifyKey check that key is correctly modified with $key_mod_prefix and $key_mod_suffix [$_dataName]
|
||||
*
|
||||
* @param array<mixed> $in_array
|
||||
* @param string $key_mod_prefix
|
||||
* @param string $key_mod_suffix
|
||||
* @param array<mixed> $expected
|
||||
* @return void
|
||||
*/
|
||||
public function testArrayModifyKey(
|
||||
array $in_array,
|
||||
string $key_mod_prefix,
|
||||
string $key_mod_suffix,
|
||||
array $expected
|
||||
): void {
|
||||
$this->assertEquals(
|
||||
\CoreLibs\Combined\ArrayHandler::arrayModifyKey($in_array, $key_mod_prefix, $key_mod_suffix),
|
||||
$expected
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -263,6 +263,8 @@ $out = array_intersect_key(
|
||||
);
|
||||
print "array intersect key: " . DgS::printAr($keys) . ": " . DgS::printAr($out) . "<br>";
|
||||
|
||||
print "array + suffix: " . DgS::printAr(ArrayHandler::arrayModifyKey($array, key_mod_suffix:'_attached')) . "<br>";
|
||||
|
||||
print "</body></html>";
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -15,6 +15,8 @@ ob_start();
|
||||
define('USE_DATABASE', true);
|
||||
// sample config
|
||||
require 'config.php';
|
||||
// for testing encryption compare
|
||||
use OpenPGP\OpenPGP;
|
||||
// define log file id
|
||||
$LOG_FILE_ID = 'classTest-db-query-encryption';
|
||||
ob_end_flush();
|
||||
@@ -50,6 +52,7 @@ print "Secret Key: " . $key . "<br>";
|
||||
|
||||
// test text
|
||||
$text_string = "I a some deep secret";
|
||||
$text_string = "I a some deep secret ABC";
|
||||
//
|
||||
$crypt = new SymmetricEncryption($key);
|
||||
$encrypted = $crypt->encrypt($text_string);
|
||||
@@ -133,11 +136,31 @@ if ($res === false) {
|
||||
if (hash_equals($string_hmac, $res['pg_hmac_text'])) {
|
||||
print "libsodium and pgcrypto hash hmac match<br>";
|
||||
}
|
||||
// do compare for PHP and pgcrypto settings
|
||||
$encryptedMessage_template = <<<TEXT
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
{BASE64}
|
||||
-----END PGP MESSAGE-----
|
||||
TEXT;
|
||||
$base64_string = base64_encode(hex2bin($res['pg_crypt_text']) ?: '');
|
||||
$encryptedMessage = str_replace(
|
||||
'{BASE64}',
|
||||
$base64_string,
|
||||
$encryptedMessage_template
|
||||
);
|
||||
try {
|
||||
$literalMessage = OpenPGP::decryptMessage($encryptedMessage, passwords: [$key]);
|
||||
$decrypted = $literalMessage->getLiteralData()->getData();
|
||||
print "Pg decrypted PHP: " . $decrypted . "<br>";
|
||||
if ($decrypted == $text_string) {
|
||||
print "Decryption worked<br>";
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
print "Error decrypting message: " . $e->getMessage() . "<br>";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// do compare for PHP and pgcrypto settings
|
||||
|
||||
print "</body></html>";
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -127,6 +127,12 @@ if (isset($login->loginGetAcl()['unit'])) {
|
||||
// IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER
|
||||
// Agent check: 'HTTP_USER_AGENT'
|
||||
|
||||
print "<hr>";
|
||||
print "PAGE lookup:<br>";
|
||||
$file_name = 'test_edit_base.php';
|
||||
print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "<br>";
|
||||
$file_name = 'i_do_not_exists.php';
|
||||
print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "<br>";
|
||||
|
||||
echo "<hr>";
|
||||
print "SESSION: " . Support::printAr($_SESSION) . "<br>";
|
||||
|
||||
@@ -24,6 +24,7 @@
|
||||
"egrajp/smarty-extended": "^5.4",
|
||||
"php": ">=8.1",
|
||||
"gullevek/dotenv": "^2.0",
|
||||
"psr/log": "^2.0 || ^3.0"
|
||||
"psr/log": "^2.0 || ^3.0",
|
||||
"php-privacy/openpgp": "^2.1"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -924,7 +924,9 @@ class Login
|
||||
$mandatory_session_vars = [
|
||||
'LOGIN_USER_NAME', 'LOGIN_GROUP_NAME', 'LOGIN_EUCUID', 'LOGIN_EUCUUID',
|
||||
'LOGIN_USER_ADDITIONAL_ACL', 'LOGIN_GROUP_ADDITIONAL_ACL',
|
||||
'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL', 'LOGIN_PAGES_ACL_LEVEL', 'LOGIN_USER_ACL_LEVEL',
|
||||
'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL',
|
||||
'LOGIN_PAGES', 'LOGIN_PAGES_LOOKUP', 'LOGIN_PAGES_ACL_LEVEL',
|
||||
'LOGIN_USER_ACL_LEVEL',
|
||||
'LOGIN_UNIT', 'LOGIN_UNIT_DEFAULT_EACUID'
|
||||
];
|
||||
$force_reauth = false;
|
||||
@@ -1152,7 +1154,7 @@ class Login
|
||||
$q
|
||||
);
|
||||
// reset any query data that might exist
|
||||
$this->db->dbCacheReset($q, $params);
|
||||
$this->db->dbCacheReset($q, $params, show_warning:false);
|
||||
// never cache return data
|
||||
$res = $this->db->dbReturnParams($q, $params, $this->db::NO_CACHE);
|
||||
// query was not run successful
|
||||
@@ -1264,6 +1266,7 @@ class Login
|
||||
}
|
||||
$edit_page_ids = [];
|
||||
$pages = [];
|
||||
$pages_lookup = [];
|
||||
$pages_acl = [];
|
||||
// set pages access
|
||||
$q = <<<SQL
|
||||
@@ -1307,6 +1310,7 @@ class Login
|
||||
'query' => [],
|
||||
'visible' => []
|
||||
];
|
||||
$pages_lookup[$res['filename']] = $res['cuid'];
|
||||
// make reference filename -> level
|
||||
$pages_acl[$res['filename']] = $res['level'];
|
||||
} // for each page
|
||||
@@ -1367,6 +1371,7 @@ class Login
|
||||
// write back the pages data to the output array
|
||||
$this->session->setMany([
|
||||
'LOGIN_PAGES' => $pages,
|
||||
'LOGIN_PAGES_LOOKUP' => $pages_lookup,
|
||||
'LOGIN_PAGES_ACL_LEVEL' => $pages_acl,
|
||||
]);
|
||||
// load the edit_access user rights
|
||||
@@ -1526,6 +1531,8 @@ class Login
|
||||
) {
|
||||
$this->acl['page'] = $_SESSION['LOGIN_PAGES_ACL_LEVEL'][$this->page_name];
|
||||
}
|
||||
$this->acl['pages_detail'] = $_SESSION['LOGIN_PAGES'];
|
||||
$this->acl['pages_lookup_cuid'] = $_SESSION['LOGIN_PAGES_LOOKUP'];
|
||||
|
||||
$this->acl['unit_cuid'] = null;
|
||||
$this->acl['unit_name'] = null;
|
||||
@@ -2728,6 +2735,31 @@ HTML;
|
||||
return $this->session->get('LOGIN_PAGES');
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the current loaded list of pages the user can access
|
||||
*
|
||||
* @return array<mixed>
|
||||
*/
|
||||
public function loginGetPageLookupList(): array
|
||||
{
|
||||
return $this->session->get('LOGIN_PAGES_LOOKUP');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check access to a file in the pages list
|
||||
*
|
||||
* @param string $filename File name to check
|
||||
* @return bool True if page in list and anything other than None access, False if failed
|
||||
*/
|
||||
public function loginPageAccessAllowed(string $filename): bool
|
||||
{
|
||||
return (
|
||||
$this->session->get('LOGIN_PAGES')[
|
||||
$this->session->get('LOGIN_PAGES_LOOKUP')[$filename] ?? ''
|
||||
] ?? 0
|
||||
) != 0 ? true : false;
|
||||
}
|
||||
|
||||
// MARK: logged in uid(pk)/eucuid/eucuuid
|
||||
|
||||
/**
|
||||
|
||||
@@ -551,6 +551,36 @@ class ArrayHandler
|
||||
ARRAY_FILTER_USE_KEY
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Modifieds the key of an array with a prefix and/or suffix and returns it with the original value
|
||||
* does not change order in array
|
||||
*
|
||||
* @param array<string|int,mixed> $in_array
|
||||
* @param string $key_mod_prefix [default=''] key prefix string
|
||||
* @param string $key_mod_suffix [default=''] key suffix string
|
||||
* @return array<string|int,mixed>
|
||||
*/
|
||||
public static function arrayModifyKey(
|
||||
array $in_array,
|
||||
string $key_mod_prefix = '',
|
||||
string $key_mod_suffix = ''
|
||||
): array {
|
||||
// skip if array is empty or neither prefix or suffix are set
|
||||
if (
|
||||
$in_array == [] ||
|
||||
($key_mod_prefix == '' && $key_mod_suffix == '')
|
||||
) {
|
||||
return $in_array;
|
||||
}
|
||||
return array_combine(
|
||||
array_map(
|
||||
fn($key) => $key_mod_prefix . $key . $key_mod_suffix,
|
||||
array_keys($in_array)
|
||||
),
|
||||
array_values($in_array)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -39,9 +39,9 @@ class ArrayIO extends \CoreLibs\DB\IO
|
||||
{
|
||||
// main calss variables
|
||||
/** @var array<mixed> */
|
||||
private array $table_array; // the array from the table to work on
|
||||
private array $table_array = []; // the array from the table to work on
|
||||
/** @var string */
|
||||
private string $table_name; // the table_name
|
||||
private string $table_name = ''; // the table_name
|
||||
/** @var string */
|
||||
private string $pk_name = ''; // the primary key from this table
|
||||
/** @var int|string|null */
|
||||
@@ -127,9 +127,9 @@ class ArrayIO extends \CoreLibs\DB\IO
|
||||
public function getTableArray(bool $reset = false): array
|
||||
{
|
||||
if (!$reset) {
|
||||
return $this->table_array ?? [];
|
||||
return $this->table_array;
|
||||
}
|
||||
$table_array = $this->table_array ?? [];
|
||||
$table_array = $this->table_array;
|
||||
reset($table_array);
|
||||
return $table_array;
|
||||
}
|
||||
@@ -194,7 +194,7 @@ class ArrayIO extends \CoreLibs\DB\IO
|
||||
*/
|
||||
public function getTableName(): string
|
||||
{
|
||||
return $this->table_name ?? '';
|
||||
return $this->table_name;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -2544,7 +2544,10 @@ class IO
|
||||
} // only go if NO cursor exists
|
||||
|
||||
// if cursor exists ...
|
||||
if ($this->cursor_ext[$query_hash]['cursor']) {
|
||||
if (
|
||||
$this->cursor_ext[$query_hash]['cursor'] instanceof \PgSql\Result ||
|
||||
$this->cursor_ext[$query_hash]['cursor'] == 1
|
||||
) {
|
||||
if ($first_call === true) {
|
||||
$this->cursor_ext[$query_hash]['log'][] = 'First call';
|
||||
// count the rows returned (if select)
|
||||
@@ -2942,12 +2945,14 @@ class IO
|
||||
* data to create a unique call one, optional
|
||||
* @return bool False if query not found, true if success
|
||||
*/
|
||||
public function dbCacheReset(string $query, array $params = []): bool
|
||||
public function dbCacheReset(string $query, array $params = [], bool $show_warning = true): bool
|
||||
{
|
||||
$this->__dbErrorReset();
|
||||
$query_hash = $this->dbBuildQueryHash($query, $params);
|
||||
// clears cache for this query
|
||||
if (empty($this->cursor_ext[$query_hash]['query'])) {
|
||||
if (
|
||||
$show_warning &&
|
||||
empty($this->cursor_ext[$query_hash]['query'])
|
||||
) {
|
||||
$this->__dbWarning(18, context: [
|
||||
'query' => $query,
|
||||
'params' => $params,
|
||||
|
||||
@@ -1371,7 +1371,7 @@ class Generate
|
||||
) {
|
||||
$this->msg .= sprintf(
|
||||
$this->l->__('Please enter a valid (%s) input for the <b>%s</b> Field!<br>'),
|
||||
$this->dba->getTableArray()[$key]['error_example'],
|
||||
$this->dba->getTableArray()[$key]['error_example'] ?? '[MISSING]',
|
||||
$this->dba->getTableArray()[$key]['output_name']
|
||||
);
|
||||
}
|
||||
@@ -2602,7 +2602,7 @@ class Generate
|
||||
}
|
||||
}
|
||||
// add lost error ones
|
||||
$this->log->error('P: ' . $data['prefix'] . ', '
|
||||
$this->log->error('Prefix: ' . $data['prefix'] . ', '
|
||||
. Support::prAr($_POST['ERROR'][$data['prefix']] ?? []));
|
||||
if ($this->error && !empty($_POST['ERROR'][$data['prefix']])) {
|
||||
$prfx = $data['prefix']; // short
|
||||
|
||||
@@ -50,7 +50,8 @@ class EditUsers implements Interface\TableArraysInterface
|
||||
'HIDDEN_value' => $_POST['HIDDEN_password'] ?? '',
|
||||
'CONFIRM_value' => $_POST['CONFIRM_password'] ?? '',
|
||||
'output_name' => 'Password',
|
||||
'mandatory' => 1,
|
||||
// make it not mandatory to create dummy accounts that can only login via login url id
|
||||
'mandatory' => 0,
|
||||
'type' => 'password', // later has to be password for encryption in database
|
||||
'update' => [ // connected field updates, and update data
|
||||
'password_change_date' => [ // db row to update
|
||||
@@ -182,6 +183,7 @@ class EditUsers implements Interface\TableArraysInterface
|
||||
'type' => 'text',
|
||||
'error_check' => 'unique|custom',
|
||||
'error_regex' => "/^[A-Za-z0-9]+$/",
|
||||
'error_example' => "ABCdef123",
|
||||
'emptynull' => 1,'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
|
||||
Reference in New Issue
Block a user