BackendUserAuthenticationTest.php 5.42 KB
Newer Older
1
<?php
2

3
declare(strict_types=1);
4
5
6
7
8
9
10
11
12
13
14
15
16
17

/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */

18
19
namespace TYPO3\CMS\Core\Tests\Functional\Authentication;

20
21
use TYPO3\CMS\Core\Authentication\AuthenticationService;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
22
23
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Core\Utility\GeneralUtility;
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;

/**
 * Testcase for class \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
 */
class BackendUserAuthenticationTest extends FunctionalTestCase
{
    /**
     * The fixture which is used when initializing a backend user
     *
     * @var string
     */
    protected $backendUserFixture = __DIR__ . '/Fixtures/be_users.xml';

    /**
     * @var AuthenticationService
     */
    protected $authenticationService;

    /**
     * @var BackendUserAuthentication
     */
    protected $subject;

    /**
     * @throws \Doctrine\DBAL\DBALException
     * @throws \TYPO3\TestingFramework\Core\Exception
     */
    protected function setUp(): void
    {
        $GLOBALS['TYPO3_CONF_VARS']['BE']['cookieName'] = 'be_typo_user';
        $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'] = '';
        $GLOBALS['TYPO3_CONF_VARS']['BE']['lockIP'] = 4;
57
        $GLOBALS['TYPO3_CONF_VARS']['BE']['lockIPv6'] = 8;
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
        $GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] = 28800;

        $this->subject = new BackendUserAuthentication();
        parent::setUp();
        $this->importDataSet(__DIR__ . '/Fixtures/be_groups.xml');
        $this->importDataSet(__DIR__ . '/Fixtures/pages.xml');
        $this->setUpBackendUserFromFixture(2);
        /** @var $GLOBALS['BE_USER'] BackendUserAuthentication */
        $this->subject = $GLOBALS['BE_USER'];
    }

    /**
     * @test
     */
    public function getTranslatedPageOnWebMountIsInWebMountForNonAdminUser(): void
    {
        $result = $this->subject->isInWebMount(2);
75
        self::assertNotNull($result);
76
    }
77
78
79
80
81
82
83
84
85

    /**
     * @test
     */
    public function userTsConfigIsResolvedProperlyWithPrioritization(): void
    {
        $GLOBALS['TYPO3_CONF_VARS']['BE']['defaultUserTSconfig'] = "custom.generic = installation-wide-configuration\ncustom.property = from configuration";
        $this->subject->user['realName'] = 'Test user';
        $this->subject->user['TSconfig'] = 'custom.property = from user';
86
        $this->subject->userGroupsUID[] = 13;
87
88
89
90
91
92
93
94
        $this->subject->userGroups[13]['TSconfig'] = "custom.property = from group\ncustom.groupProperty = 13";
        $this->subject->fetchGroupData();
        $result = $this->subject->getTSConfig();
        self::assertEquals($this->subject->user['realName'], $result['TCAdefaults.']['sys_note.']['author']);
        self::assertEquals('from user', $result['custom.']['property']);
        self::assertEquals('13', $result['custom.']['groupProperty']);
        self::assertEquals('installation-wide-configuration', $result['custom.']['generic']);
    }
95
96
97
98
99
100
101
102
103
104
105
106
107
108

    /**
     * @test
     */
    public function returnWebmountsFilterOutInaccessiblePages(): void
    {
        $result = $this->subject->returnWebmounts();

        self::assertNotContains('3', $result, 'Deleted page is not filtered out');
        self::assertNotContains('4', $result, 'Page user has no permission to read is not filtered out');
        self::assertNotContains('5', $result, 'Not existing page is not filtered out');
        self::assertContains('40', $result, 'Accessible db mount page, child of a not accessible page is not shown');
        self::assertEquals(['1', '40'], $result);
    }
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

    /**
     * @test
     */
    public function getDefaultUploadFolderFallsBackToDefaultStorage(): void
    {
        $this->importDataSet('PACKAGE:typo3/testing-framework/Resources/Core/Functional/Fixtures/sys_file_storage.xml');
        $path = 'user_upload/some-folder-that-does-not-exist';
        $fullPathToStorageBase = Environment::getPublicPath() . '/fileadmin/' . $path;
        GeneralUtility::rmdir($fullPathToStorageBase);
        // Skip access permissions, as this is not checked here
        $this->subject->user['admin'] = 1;
        $this->subject->user['TSconfig'] = 'options.defaultUploadFolder = 1:/' . $path;
        $this->subject->fetchGroupData();
        $folder = $this->subject->getDefaultUploadFolder();
        self::assertEquals('/user_upload/', $folder->getIdentifier());
        // Now create the folder and check again
        GeneralUtility::mkdir_deep($fullPathToStorageBase);
        $folder = $this->subject->getDefaultUploadFolder();
        self::assertEquals('/' . $path . '/', $folder->getIdentifier());
    }
130
131
132
133
134
135
136
137
138
139
140
141

    /**
     * @test
     */
    public function loadGroupsWithProperSettingsAndOrder(): void
    {
        $subject = $this->setUpBackendUser(3);
        $subject->fetchGroupData();
        self::assertEquals('web_info,web_layout,web_list,file_filelist', $subject->groupData['modules']);
        self::assertEquals(['1', '4', '5', '3', '2', '6'], $subject->userGroupsUID);
        self::assertEquals(['groupValue' => 'from_group_6', 'userValue' => 'from_user_3'], $subject->getTSConfig()['test.']['default.']);
    }
142
}