[BUGFIX] Respect casing in CommandLineBackendUserRemovalUpdate 82/55782/2
authorAnja Leichsenring <anja.leichsenring@typo3.com>
Thu, 15 Feb 2018 19:27:13 +0000 (20:27 +0100)
committerChristian Kuhn <lolli@schwarzbu.ch>
Sat, 17 Feb 2018 19:48:41 +0000 (20:48 +0100)
System extensions used to create their _cli_* users lowercased.
The wizard queries only for uppercase varieties. Adding a LOWER
command to the where-clause catches now all casings.

Change-Id: I556f0181416067479ff579d2498389a564c6a5e3
Resolves: #83927
Relates: #79276
Releases: master, 8.7
Reviewed-on: https://review.typo3.org/55782
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
typo3/sysext/install/Classes/Updates/CommandLineBackendUserRemovalUpdate.php
typo3/sysext/install/Tests/Functional/Updates/CommandLineBackendUserRemovalUpdateTest.php [new file with mode: 0644]
typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalAfter.csv [new file with mode: 0644]
typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalBefore.csv [new file with mode: 0644]

index 9492922..8283c2f 100644 (file)
@@ -19,7 +19,7 @@ use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
- * Remove all backend users starting with _CLI_
+ * Remove all backend users starting with _cli_
  */
 class CommandLineBackendUserRemovalUpdate extends AbstractUpdate
 {
@@ -43,7 +43,7 @@ class CommandLineBackendUserRemovalUpdate extends AbstractUpdate
         $usersFound = $this->getUnneededCommandLineUsers();
         if (!empty($usersFound)) {
             $needsExecution = true;
-            $description = 'The command line interface does not need to have custom _CLI_* backend users anymore. They can safely be deleted.';
+            $description = 'The command line interface does not need to have custom _cli_* backend users anymore. They can safely be deleted.';
         }
         return $needsExecution;
     }
@@ -108,13 +108,8 @@ class CommandLineBackendUserRemovalUpdate extends AbstractUpdate
             ->select('uid', 'username')
             ->from('be_users')
             ->where(
-                $queryBuilder->expr()->like(
-                    'username',
-                    $queryBuilder->createNamedParameter(
-                        $queryBuilder->escapeLikeWildcards('_CLI_') . '%',
-                        \PDO::PARAM_STR
-                    )
-                ),
+                // Using query builder is complicated in this case. Get it straight, no user input is involved.
+                'LOWER(username) LIKE \'_cli_%\'',
                 $queryBuilder->expr()->neq(
                     'username',
                     $queryBuilder->createNamedParameter('_cli_', \PDO::PARAM_STR)
diff --git a/typo3/sysext/install/Tests/Functional/Updates/CommandLineBackendUserRemovalUpdateTest.php b/typo3/sysext/install/Tests/Functional/Updates/CommandLineBackendUserRemovalUpdateTest.php
new file mode 100644 (file)
index 0000000..2ff9415
--- /dev/null
@@ -0,0 +1,42 @@
+<?php
+declare(strict_types = 1);
+namespace TYPO3\CMS\Install\Tests\Functional\Updates;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Install\Updates\CommandLineBackendUserRemovalUpdate;
+use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
+
+/**
+ * Test case
+ */
+class CommandLineBackendUserRemovalUpdateTest extends FunctionalTestCase
+{
+    /**
+     * @test
+     */
+    public function cliUsersAreMarkedAsDeleted()
+    {
+        $this->importCSVDataSet(GeneralUtility::getFileAbsFileName(
+            'typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalBefore.csv'
+        ));
+        $databaseQueries = [];
+        $customMessage = '';
+        (new CommandLineBackendUserRemovalUpdate())->performUpdate($databaseQueries, $customMessage);
+        $this->assertCSVDataSet(GeneralUtility::getFileAbsFileName(
+            'typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalAfter.csv'
+        ));
+    }
+}
diff --git a/typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalAfter.csv b/typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalAfter.csv
new file mode 100644 (file)
index 0000000..e7ba0b1
--- /dev/null
@@ -0,0 +1,7 @@
+"be_users",,,
+,"uid","username","deleted"
+,1,"_CLI_foo",1
+,15,"foo",0
+,2,"_cLi_bar",1
+,3,"_cli_BAZ",1
+,4,"_cli_",0
diff --git a/typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalBefore.csv b/typo3/sysext/install/Tests/Functional/Updates/DataSet/CommandLineBackendUserRemovalBefore.csv
new file mode 100644 (file)
index 0000000..94c0dfd
--- /dev/null
@@ -0,0 +1,7 @@
+"be_users",,,
+,"uid","username","deleted"
+,1,"_CLI_foo",0
+,15,"foo",0
+,2,"_cLi_bar",0
+,3,"_cli_BAZ",0
+,4,"_cli_",0