From 998ee569e7e14621b4d9934e4a82a8dcd6b0ad5c Mon Sep 17 00:00:00 2001 From: phpnut Date: Wed, 17 Oct 2007 12:51:17 +0000 Subject: [PATCH] Fixes #2902, DB_ACL::allow allowing all when $actions is not an array. Fixes #2988, AclComponent check() does not inherit permissions. Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL. Fixes #3129, Console ACL Shell ACO View Broken Fixes #3176, Problems with ACL support on Microsoft SQL Server. Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added Fixes #3312, DB_ACL::check() fail returning right permission Fixes #3344, Model->field adds incorrect condition under certain circumstances. Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice. Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter(). Closes #3401, Added form test to ensure $Form->fields array is what the security component requires. Updated AclComponentTest Merged changes in app/ to cake/console/libs/templates/skel Fixed generated link to Run More Test after running Group > All tests git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0 --- app/webroot/test.php | 5 +- cake/console/libs/acl.php | 12 +- cake/console/libs/templates/skel/.htaccess | 6 +- .../libs/templates/skel/webroot/.htaccess | 8 +- .../libs/templates/skel/webroot/css.php | 59 ++--- .../libs/templates/skel/webroot/test.php | 5 +- cake/libs/controller/components/acl.php | 28 +-- cake/libs/controller/components/cookie.php | 7 +- cake/libs/model/db_acl.php | 53 +++-- cake/libs/model/model.php | 2 +- .../libs/controller/components/acl.test.php | 214 ++++++++++++------ .../model/datasources/dbo_source.test.php | 5 + cake/tests/cases/libs/model/db_acl.test.php | 8 +- .../cases/libs/view/helpers/form.test.php | 70 +++++- 14 files changed, 336 insertions(+), 146 deletions(-) diff --git a/app/webroot/test.php b/app/webroot/test.php index 28c3b5591..5edad7f23 100644 --- a/app/webroot/test.php +++ b/app/webroot/test.php @@ -132,7 +132,7 @@ if (!vendor('simpletest' . DS . 'reporter')) { $show = '?show=cases'; } } - echo "

Run more tests

\n"; + echo "

Run more tests

\n"; break; } } @@ -181,7 +181,7 @@ if (!vendor('simpletest' . DS . 'reporter')) { switch (CAKE_TEST_OUTPUT) { case CAKE_TEST_OUTPUT_HTML: $baseUrl = BASE; - $characterSet = 'charset=utf-8'; + $characterSet = 'ISO-8859-1'; include CAKE . 'tests' . DS . 'lib' . DS . 'header.php'; break; case CAKE_TEST_OUTPUT_TEXT: @@ -212,6 +212,7 @@ if (!vendor('simpletest' . DS . 'reporter')) { CakePHPTestHeader(); CakePHPTestSuiteHeader(); + define('RUN_TEST_LINK', $_SERVER['PHP_SELF']); if (isset($_GET['group'])) { if ('all' == $_GET['group']) { diff --git a/cake/console/libs/acl.php b/cake/console/libs/acl.php index 8ff546c1c..3ff8d8f15 100644 --- a/cake/console/libs/acl.php +++ b/cake/console/libs/acl.php @@ -74,14 +74,14 @@ class AclShell extends Shell { $this->dataSource = $this->params['datasource']; } - if (ACL_CLASSNAME != 'DB_ACL') { + if (Configure::read('Acl.classname') != 'DB_ACL') { $out = "--------------------------------------------------\n"; $out .= __("Error: Your current Cake configuration is set to", true) . "\n"; $out .= __("an ACL implementation other than DB. Please change", true) . "\n"; $out .= __("your core config to reflect your decision to use", true) . "\n"; $out .= __("DB_ACL before attempting to use this script", true) . ".\n"; $out .= "--------------------------------------------------\n"; - $out .= sprintf(__("Current ACL Classname: %s", true), ACL_CLASSNAME) . "\n"; + $out .= sprintf(__("Current ACL Classname: %s", true), Configure::read('Acl.classname')) . "\n"; $out .= "--------------------------------------------------\n"; $this->err($out); exit(); @@ -284,7 +284,11 @@ class AclShell extends Shell { } $nodes = $this->Acl->{$class}->findAll($conditions, null, 'lft ASC'); if (empty($nodes)) { - $this->error(sprintf(__("%s not found", true), $this->args[1]), __("No tree returned.", true)); + if(isset($this->args[1])) { + $this->error(sprintf(__("%s not found", true), $this->args[1]), __("No tree returned.", true)); + } elseif (isset($this->args[0])) { + $this->error(sprintf(__("%s not found", true), $this->args[0]), __("No tree returned.", true)); + } } $this->out($class . " tree:"); $this->hr(); @@ -487,4 +491,4 @@ class AclShell extends Shell { return $vars; } } -?> \ No newline at end of file +?> diff --git a/cake/console/libs/templates/skel/.htaccess b/cake/console/libs/templates/skel/.htaccess index 00d12ab21..0ed8662ea 100644 --- a/cake/console/libs/templates/skel/.htaccess +++ b/cake/console/libs/templates/skel/.htaccess @@ -1,5 +1,5 @@ - RewriteEngine on - RewriteRule ^$ webroot/ [L] - RewriteRule (.*) webroot/$1 [L] + RewriteEngine on + RewriteRule ^$ webroot/ [L] + RewriteRule (.*) webroot/$1 [L] \ No newline at end of file diff --git a/cake/console/libs/templates/skel/webroot/.htaccess b/cake/console/libs/templates/skel/webroot/.htaccess index 8ca27c056..f9d8b938b 100644 --- a/cake/console/libs/templates/skel/webroot/.htaccess +++ b/cake/console/libs/templates/skel/webroot/.htaccess @@ -1,6 +1,6 @@ - RewriteEngine On - RewriteCond %{REQUEST_FILENAME} !-d - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule ^(.*)$ index.php?url=$1 [QSA,L] + RewriteEngine On + RewriteCond %{REQUEST_FILENAME} !-d + RewriteCond %{REQUEST_FILENAME} !-f + RewriteRule ^(.*)$ index.php?url=$1 [QSA,L] \ No newline at end of file diff --git a/cake/console/libs/templates/skel/webroot/css.php b/cake/console/libs/templates/skel/webroot/css.php index 2a375771f..433f13f8e 100644 --- a/cake/console/libs/templates/skel/webroot/css.php +++ b/cake/console/libs/templates/skel/webroot/css.php @@ -26,13 +26,14 @@ * @lastmodified $Date$ * @license http://www.opensource.org/licenses/mit-license.php The MIT License */ +if (!defined('CAKE_CORE_INCLUDE_PATH')) { + header('HTTP/1.1 404 Not Found'); + exit('File Not Found'); +} /** * Enter description here... */ - require(CONFIGS . 'paths.php'); - require(CAKE . 'basics.php'); - require(LIBS . 'folder.php'); - require(LIBS . 'file.php'); + uses('file'); /** * Enter description here... * @@ -41,13 +42,13 @@ * @return unknown */ function make_clean_css($path, $name) { - require(VENDORS . 'csspp' . DS . 'csspp.php'); - $data =file_get_contents($path); - $csspp =new csspp(); - $output=$csspp->compress($data); - $ratio =100 - (round(strlen($output) / strlen($data), 3) * 100); - $output=" /* file: $name, ratio: $ratio% */ " . $output; - return $output; + require(VENDORS . 'csspp' . DS . 'csspp.php'); + $data = file_get_contents($path); + $csspp = new csspp(); + $output = $csspp->compress($data); + $ratio = 100 - (round(strlen($output) / strlen($data), 3) * 100); + $output = " /* file: $name, ratio: $ratio% */ " . $output; + return $output; } /** * Enter description here... @@ -57,15 +58,15 @@ * @return unknown */ function write_css_cache($path, $content) { - if (!is_dir(dirname($path))) { - mkdir(dirname($path)); - } - $cache=new File($path); - return $cache->write($content); + if (!is_dir(dirname($path))) { + mkdir(dirname($path)); + } + $cache = new File($path); + return $cache->write($content); } if (preg_match('|\.\.|', $url) || !preg_match('|^ccss/(.+)$|i', $url, $regs)) { - die(__('Wrong file name.')); + die('Wrong file name.'); } $filename = 'css/' . $regs[1]; @@ -73,23 +74,25 @@ $cachepath = CACHE . 'css' . DS . str_replace(array('/','\\'), '-', $regs[1]); if (!file_exists($filepath)) { - die(__('Wrong file name.')); + die('Wrong file name.'); } if (file_exists($cachepath)) { - $templateModified=filemtime($filepath); - $cacheModified =filemtime($cachepath); + $templateModified = filemtime($filepath); + $cacheModified = filemtime($cachepath); - if ($templateModified > $cacheModified) { - $output=make_clean_css($filepath, $filename); - write_css_cache($cachepath, $output); - } else { - $output = file_get_contents($cachepath); - } + if ($templateModified > $cacheModified) { + $output = make_clean_css($filepath, $filename); + write_css_cache($cachepath, $output); + } else { + $output = file_get_contents($cachepath); + } } else { - $output=make_clean_css($filepath, $filename); - write_css_cache($cachepath, $output); + $output = make_clean_css($filepath, $filename); + write_css_cache($cachepath, $output); + $templateModified = time(); } + header("Date: " . date("D, j M Y G:i:s ", $templateModified) . 'GMT'); header("Content-Type: text/css"); header("Expires: " . gmdate("D, j M Y H:i:s", time() + DAY) . " GMT"); diff --git a/cake/console/libs/templates/skel/webroot/test.php b/cake/console/libs/templates/skel/webroot/test.php index 1355e9106..5edad7f23 100644 --- a/cake/console/libs/templates/skel/webroot/test.php +++ b/cake/console/libs/templates/skel/webroot/test.php @@ -27,7 +27,7 @@ * @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License */ error_reporting(E_ALL); -set_time_limit(600); +set_time_limit(0); ini_set('memory_limit','128M'); if (!defined('DS')) { define('DS', DIRECTORY_SEPARATOR); @@ -132,7 +132,7 @@ if (!vendor('simpletest' . DS . 'reporter')) { $show = '?show=cases'; } } - echo "

Run more tests

\n"; + echo "

Run more tests

\n"; break; } } @@ -212,6 +212,7 @@ if (!vendor('simpletest' . DS . 'reporter')) { CakePHPTestHeader(); CakePHPTestSuiteHeader(); + define('RUN_TEST_LINK', $_SERVER['PHP_SELF']); if (isset($_GET['group'])) { if ('all' == $_GET['group']) { diff --git a/cake/libs/controller/components/acl.php b/cake/libs/controller/components/acl.php index 7209eb00f..ecdb9a2a2 100644 --- a/cake/libs/controller/components/acl.php +++ b/cake/libs/controller/components/acl.php @@ -271,29 +271,32 @@ class DB_ACL extends AclBase { return false; } - for ($i = count($aroPath) - 1; $i >= 0; $i--) { - $perms = $this->Aro->Permission->findAll( - array( - $this->Aro->Permission->name . '.aro_id' => $aroPath[$i][$this->Aro->name]['id'], - $this->Aro->Permission->name . '.aco_id' => $acoPath->extract('{n}.' . $this->Aco->name . '.id') - ), - null, array($this->Aco->name .'.lft' => 'desc'), null, null, 0 - ); + $inherited = array(); + for ($i = 0 ; $i < count($aroPath); $i++) { + $perms = $this->Aro->Permission->findAll(array( + $this->Aro->Permission->name . '.aro_id' => $aroPath[$i][$this->Aro->name]['id'], + $this->Aro->Permission->name . '.aco_id' => $acoPath->extract('{n}.' . $this->Aco->name . '.id')), + null, array($this->Aco->name . '.lft' => 'desc'), null, null, 0); if (empty($perms)) { continue; } else { foreach (Set::extract($perms, '{n}.' . $this->Aro->Permission->name) as $perm) { if ($action == '*') { - // ARO must be cleared for ALL ACO actions + foreach ($permKeys as $key) { if (!empty($perm)) { - if ($perm[$key] != 1) { + if ($perm[$key] == -1) { return false; + } elseif ($perm[$key] == 1) { + $inherited[$key] = 1; } } } - return true; + if (count($inherited) === count($permKeys)) { + return true; + } + } else { switch($perm['_' . $action]) { case -1: @@ -339,7 +342,6 @@ class DB_ACL extends AclBase { } else { if (!is_array($actions)) { $actions = array('_' . $actions); - $actions = am($permKeys, $actions); } if (is_array($actions)) { foreach ($actions as $action) { @@ -584,4 +586,4 @@ class INI_ACL extends AclBase { return $array; } } -?> \ No newline at end of file +?> diff --git a/cake/libs/controller/components/cookie.php b/cake/libs/controller/components/cookie.php index 2386cf953..79b776839 100644 --- a/cake/libs/controller/components/cookie.php +++ b/cake/libs/controller/components/cookie.php @@ -162,6 +162,7 @@ class CookieComponent extends Object { * @deprecated use Controller::beforeFilter() to set the properties of the CookieComponent */ function initialize(&$controller) { + $this->key = Configure::read('Security.salt'); if (is_object($controller)) { if (isset($controller->cookieName)) { $this->name = $controller->cookieName; @@ -190,7 +191,6 @@ class CookieComponent extends Object { */ function startup() { $this->__expire($this->time); - $this->key = Configure::read('Security.salt'); if (isset($_COOKIE[$this->name])) { $this->__values = $this->__decrypt($_COOKIE[$this->name]); @@ -268,8 +268,9 @@ class CookieComponent extends Object { if (count($name) > 1) { if (isset($this->__values[$name[0]])) { - $value = $this->__values[$name[0]][$name[1]]; - return $value; + if(isset($this->__values[$name[0]][$name[1]])) { + return $this->__values[$name[0]][$name[1]]; + } } return null; } else { diff --git a/cake/libs/model/db_acl.php b/cake/libs/model/db_acl.php index 8b3409a45..ba376a95b 100644 --- a/cake/libs/model/db_acl.php +++ b/cake/libs/model/db_acl.php @@ -91,23 +91,36 @@ class AclNode extends AppModel { $start = $path[0]; unset($path[0]); - $i = 0; - $cond = "WHERE ({$type}.lft <= {$type}{$i}.lft AND {$type}.rght >= {$type}{$i}.rght) "; - $query = "SELECT {$type}.id, {$type}.parent_id, {$type}.model, {$type}.foreign_key, {$type}.alias FROM {$prefix}{$table} {$db->alias} {$type} "; - $query .= "LEFT JOIN {$prefix}{$table} {$db->alias} {$type}0 "; - $query .= "ON {$type}0.alias = " . $db->value($start) . " "; - + $queryData = array('conditions' => array( + $db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft"), + $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght")), + 'fields' => array('id', 'parent_id', 'model', 'foreign_key', 'alias'), + 'joins' => array(array('table' => $db->name($prefix . $table), + 'alias' => "{$type}0", + 'type' => 'LEFT', + 'conditions' => array("{$type}0.alias" => $start))), + 'order' => $db->name("{$type}.lft") . ' DESC'); foreach ($path as $i => $alias) { $j = $i - 1; - $cond .="OR "; - $query .= "LEFT JOIN {$prefix}{$table} {$db->alias} {$type}{$i} "; - $query .= "ON {$type}{$i}.lft > {$type}{$j}.lft AND {$type}{$i}.rght < {$type}{$j}.rght "; - $query .= "AND {$type}{$i}.alias = " . $db->value($alias) . " "; - $cond .="({$type}.lft <= {$type}{$i}.lft AND {$type}.rght >= {$type}{$i}.rght ) "; + + array_push($queryData['joins'], array( + 'table' => $db->name($prefix . $table), + 'alias' => "{$type}{$i}", + 'type' => 'LEFT', + 'conditions' => array( + $db->name("{$type}{$i}.lft") . ' > ' . $db->name("{$type}{$j}.lft"), + $db->name("{$type}{$i}.rght") . ' < ' . $db->name("{$type}{$j}.rght"), + $db->name("{$type}{$i}.alias") . ' = ' . $db->value($alias)))); + + $queryData['conditions'] = array('or' => array( + $db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft") . ' AND ' . $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght"), + $db->name("{$type}.lft") . ' <= ' . $db->name("{$type}{$i}.lft") . ' AND ' . $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}{$i}.rght"))); } - $result = $this->query("{$query} {$cond} ORDER BY {$type}.lft DESC", $this->cacheQueries); + $result = $db->read($this, $queryData, -1); + } elseif (is_object($ref) && is_a($ref, 'Model')) { $ref = array('model' => $ref->name, 'foreign_key' => $ref->id); + } elseif (is_array($ref) && !(isset($ref['model']) && isset($ref['foreign_key']))) { $name = key($ref); if (!ClassRegistry::isKeySet($name)) { @@ -139,10 +152,16 @@ class AclNode extends AppModel { $ref["{$type}0.{$key}"] = $val; } } - $query = "SELECT {$type}.id, {$type}.parent_id, {$type}.model, {$type}.foreign_key, {$type}.alias FROM {$prefix}{$table} {$db->alias} {$type} "; - $query .= "LEFT JOIN {$prefix}{$table} {$db->alias} {$type}0 "; - $query .= "ON {$type}.lft <= {$type}0.lft AND {$type}.rght >= {$type}0.rght "; - $result = $this->query("{$query} " . $db->conditions($ref) ." ORDER BY {$type}.lft DESC", $this->cacheQueries); + $queryData = array('conditions' => $ref, + 'fields' => array('id', 'parent_id', 'model', 'foreign_key', 'alias'), + 'joins' => array(array('table' => $db->name($prefix . $table), + 'alias' => "{$type}0", + 'type' => 'LEFT', + 'conditions' => array( + $db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft"), + $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght")))), + 'order' => $db->name("{$type}.lft") . ' DESC'); + $result = $db->read($this, $queryData, -1); if (!$result) { trigger_error("AclNode::node() - Couldn't find {$type} node identified by \"" . print_r($ref, true) . "\"", E_USER_WARNING); @@ -266,4 +285,4 @@ class Permission extends AppModel { parent::__construct(); } } -?> \ No newline at end of file +?> diff --git a/cake/libs/model/model.php b/cake/libs/model/model.php index 1b8174605..70be333a4 100644 --- a/cake/libs/model/model.php +++ b/cake/libs/model/model.php @@ -981,7 +981,7 @@ class Model extends Overloadable { * @return field contents */ function field($name, $conditions = null, $order = null) { - if ($conditions === null) { + if ($conditions === null && $this->id !== false) { $conditions = array($this->name . '.' . $this->primaryKey => $this->id); } if ($this->recursive >= 1) { diff --git a/cake/tests/cases/libs/controller/components/acl.test.php b/cake/tests/cases/libs/controller/components/acl.test.php index 7ad82efe3..ff0f7a400 100644 --- a/cake/tests/cases/libs/controller/components/acl.test.php +++ b/cake/tests/cases/libs/controller/components/acl.test.php @@ -26,9 +26,62 @@ * @lastmodified $Date$ * @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License */ +if (!defined('CAKEPHP_UNIT_TEST_EXECUTION')) { + define('CAKEPHP_UNIT_TEST_EXECUTION', 1); +} uses('controller' . DS . 'components' . DS .'acl'); uses('controller'.DS.'components'.DS.'acl', 'model'.DS.'db_acl'); + +if(!class_exists('aclnodetestbase')) { + class AclNodeTestBase extends AclNode { + var $useDbConfig = 'test_suite'; + var $cacheSources = false; + } +} +if(!class_exists('arotest')) { + class AroTest extends AclNodeTestBase { + var $name = 'AroTest'; + var $useTable = 'aros'; + var $hasAndBelongsToMany = array('AcoTest' => array('with' => 'PermissionTest')); + } +} +if(!class_exists('acotest')) { + class AcoTest extends AclNodeTestBase { + var $name = 'AcoTest'; + var $useTable = 'acos'; + var $hasAndBelongsToMany = array('AroTest' => array('with' => 'PermissionTest')); + } +} +if(!class_exists('permissiontest')) { + class PermissionTest extends CakeTestModel { + var $name = 'PermissionTest'; + var $useTable = 'aros_acos'; + var $cacheQueries = false; + var $belongsTo = array('AroTest' => array('foreignKey' => 'aro_id'), + 'AcoTest' => array('foreignKey' => 'aco_id') + ); + var $actsAs = null; + } +} +if(!class_exists('acoactiontest')) { + class AcoActionTest extends CakeTestModel { + var $name = 'AcoActionTest'; + var $useTable = 'aco_actions'; + var $belongsTo = array('AcoTest' => array('foreignKey' => 'aco_id')); + } +} +if(!class_exists('db_acl_test')) { + class DB_ACL_TEST extends DB_ACL { + + function __construct() { + $this->Aro =& new AroTest(); + $this->Aro->Permission =& new PermissionTest(); + $this->Aco =& new AcoTest(); + $this->Aro->Permission =& new PermissionTest(); + } + } +} /** * Short description for class. * @@ -38,111 +91,146 @@ uses('controller'.DS.'components'.DS.'acl', 'model'.DS.'db_acl'); class AclComponentTest extends CakeTestCase { var $fixtures = array('core.aro', 'core.aco', 'core.aros_aco', 'core.aco_action'); - - function skip() { - $this->skipif (false, 'AclComponentTest almost implemented'); - } - function startTest() { - Configure::write('Acl.classname', 'DB_ACL'); + Configure::write('Acl.classname', 'DB_ACL_TEST'); Configure::write('Acl.database', 'test_suite'); $this->Acl =& new AclComponent(); - $this->__testInitDbAcl(); } - function __testInitDbAcl() { - - $this->Acl->Aro->id = null; - $this->Acl->Aro->create(array('alias'=>'Roles')); + function testAclCreate() { + $this->Acl->Aro->create(array('alias'=>'Global')); $result = $this->Acl->Aro->save(); $this->assertTrue($result); - $this->Acl->Aro->create(array('alias'=>'Admin')); + $parent = $this->Acl->Aro->id; + + $this->Acl->Aro->create(array('parent_id' => $parent, 'alias'=>'Account')); $result = $this->Acl->Aro->save(); $this->assertTrue($result); - $this->Acl->Aro->create(array('model'=>'AuthUser', 'foreign_key'=>'1', 'alias'=> 'mariano')); + $this->Acl->Aro->create(array('parent_id' => $parent, 'alias'=>'Manager')); $result = $this->Acl->Aro->save(); $this->assertTrue($result); - $this->Acl->Aro->setParent(1, 2); - $this->Acl->Aro->setParent(2, 3); + $parent = $this->Acl->Aro->id; - $this->Acl->Aco->create(array('alias'=>'Root')); + $this->Acl->Aro->create(array('parent_id' => $parent, 'alias'=>'Secretary')); + $result = $this->Acl->Aro->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('alias'=>'Reports')); $result = $this->Acl->Aco->save(); $this->assertTrue($result); - $this->Acl->Aco->create(array('alias'=>'AuthTest')); + $report = $this->Acl->Aco->id; + + $this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Accounts')); $result = $this->Acl->Aco->save(); $this->assertTrue($result); - $this->Acl->Aco->setParent(1, 2); + $account = $this->Acl->Aco->id; + + $this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Contacts')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Messages')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'MonthView')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Links')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Numbers')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'QuickStats')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); + + $this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Bills')); + $result = $this->Acl->Aco->save(); + $this->assertTrue($result); } function testDbAclAllow() { - - $result = $this->Acl->allow('Roles/Admin', 'Root'); + $result = $this->Acl->allow('Manager','Reports',array('read','delete','update')); $this->assertTrue($result); - $result = $this->Acl->allow('Roles/Admin', 'Root/AuthTest'); + $result = $this->Acl->allow('Secretary','Links',array('create')); $this->assertTrue($result); } function testDbAclCheck() { - $aro = null; - $aco = null; - $action = "*"; + $result = $this->Acl->check('Secretary','Links','read'); + $this->assertTrue($result); - $result = $this->Acl->check('Roles/Admin', 'Root', $action); + $result = $this->Acl->check('Secretary','Links','delete'); + $this->assertTrue($result); + + $result = $this->Acl->check('Secretary','Links','update'); + $this->assertTrue($result); + + $result = $this->Acl->check('Secretary','Links','create'); + $this->assertTrue($result); + + $result = $this->Acl->check('Secretary','Links','*'); + $this->assertTrue($result); + + $result = $this->Acl->check('Secretary','Links','create'); + $this->assertTrue($result); + + $result = $this->Acl->check('Manager','Links','read'); + $this->assertTrue($result); + + $result = $this->Acl->check('Manager','Links','delete'); + $this->assertTrue($result); + + $result = $this->Acl->check('Manager','Links','create'); $this->assertFalse($result); + + $result = $this->Acl->check('Account','Links','read'); + $this->assertFalse($result); + + $result = $this->Acl->allow('Global','Reports', 'read'); + $this->assertTrue($result); + + $result = $this->Acl->check('Account','Links','create'); + $this->assertFalse($result); + + $result = $this->Acl->check('Account','Links','update'); + $this->assertFalse($result); + + $result = $this->Acl->check('Account','Links','delete'); + $this->assertFalse($result); + + $result = $this->Acl->allow('Global','Reports'); + $this->assertTrue($result); + + $result = $this->Acl->check('Account','Links','read'); + $this->assertTrue($result); } - - function testDbAclDeny() { + $this->Acl->deny('Secretary','Links',array('delete')); - $action = "*"; - - $result = $this->Acl->deny('Roles/Admin', 'Root/AuthTest', $action); - $this->assertTrue($result); - - $result = $this->Acl->check('Roles/Admin', 'Root/AuthTest', $action); + $result = $this->Acl->check('Secretary','Links','delete'); $this->assertFalse($result); - } - function testDbAclInherit() { - - $action = "*"; - - $result = $this->Acl->inherit('Roles/Admin', 'Root/AuthTest', $action); - $this->assertTrue($result); - - } - function testDbAclGrant() { - - $aro = 'Roles/Admin'; - $aco = 'Root/AuthTest'; - $action = "*"; - - $result = $this->Acl->grant($aro, $aco, $action); - $this->assertTrue($result); - - } - function testDbAclRevoke() { - - $aro = 'Roles/Admin'; - $aco = 'Root/AuthTest'; - $action = "*"; - - $result = $this->Acl->revoke($aro, $aco, $action); - $this->assertTrue($result); - + function after() { + parent::after('end'); } - function endTest() { + function tearDown() { unset($this->Acl); } } -?> \ No newline at end of file +?> diff --git a/cake/tests/cases/libs/model/datasources/dbo_source.test.php b/cake/tests/cases/libs/model/datasources/dbo_source.test.php index fbd55a940..9799a306f 100644 --- a/cake/tests/cases/libs/model/datasources/dbo_source.test.php +++ b/cake/tests/cases/libs/model/datasources/dbo_source.test.php @@ -1632,6 +1632,11 @@ class DboSourceTest extends UnitTestCase { $result = $this->db->conditions(array('MD5(CONCAT(Reg.email,Reg.id))' => 'blah')); $expected = " WHERE MD5(CONCAT(`Reg`.`email`,`Reg`.`id`)) = 'blah'"; $this->assertEqual($result, $expected); + + $conditions = array('id' => array(2, 5, 6, 9, 12, 45, 78, 43, 76)); + $result = $this->db->conditions($conditions); + $expected = " WHERE `id` IN (2, 5, 6, 9, 12, 45, 78, 43, 76) "; + $this->assertEqual($result, $expected); } function testMixedConditionsParsing() { diff --git a/cake/tests/cases/libs/model/db_acl.test.php b/cake/tests/cases/libs/model/db_acl.test.php index 3dec0a18d..d64230d38 100644 --- a/cake/tests/cases/libs/model/db_acl.test.php +++ b/cake/tests/cases/libs/model/db_acl.test.php @@ -129,7 +129,9 @@ if(!class_exists('db_acl_test')) { class AclNodeTest extends CakeTestCase { var $fixtures = array('core.aro', 'core.aco', 'core.aros_aco', 'core.aco_action'); - function testNodeNesting() { + function startTest() { + Configure::write('Acl.classname', 'DB_ACL_TEST'); + Configure::write('Acl.database', 'test_suite'); } function testNode(){ @@ -158,14 +160,10 @@ if(!class_exists('db_acl_test')) { $expected = array(8, 7, 6, 1); $this->assertEqual($result, $expected); - //action3 is an action with no ACO entry - //the default returned ACOs should be its parents $result = Set::extract($aco->node('Controller2/action3'), '{n}.AcoTest.id'); $expected = array(6, 1); $this->assertEqual($result, $expected); - //action3 and record5 have none ACO entry - //the default returned ACOs should be their parents ACO $result = Set::extract($aco->node('Controller2/action3/record5'), '{n}.AcoTest.id'); $expected = array(6, 1); $this->assertEqual($result, $expected); diff --git a/cake/tests/cases/libs/view/helpers/form.test.php b/cake/tests/cases/libs/view/helpers/form.test.php index 1d37a406b..49f6099c3 100644 --- a/cake/tests/cases/libs/view/helpers/form.test.php +++ b/cake/tests/cases/libs/view/helpers/form.test.php @@ -220,6 +220,64 @@ class FormHelperTest extends CakeTestCase { $this->assertNoPattern('/]+[^type|name|value|id]=[^<>]*>/', $result); } + function testFormSecurityFields() { + $key = 'testKey'; + $fields = array('Model' => array('password', 'username', 'valid'), + '_Model' => array('valid' => '0'), + '__Token' => array('key' => $key)); + $this->Form->params['_Token']['key'] = $key; + $result = $this->Form->secure($fields); + $expected = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt'))); + $this->assertPattern('/'.$expected.'/', $result); + $this->assertPattern('/input type="hidden" name="data\[__Token\]\[fields\]" value="'.$expected.'"/', $result); + } + + function testFormSecuredInput() { + $fields = array('Model' => array( + '0' => 'field', + '1' => 'field2', + '2' => 'field4'), + '_Model'=> array( + 'field3' => '', + 'field4' => '0'), + '__Token'=>array( + 'key' => 'testKey')); + + $fields = $this->__sortFields($fields); + $fieldsKey = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt'))); + $fields['__Token']['fields'] = $fieldsKey; + + $this->Form->params['_Token']['key'] = 'testKey'; + + $result = $this->Form->create('Contact', array('url' => '/contacts/add')); + $expected = '/^
$/'; + $this->assertPattern($expected, $result); + + $result = $this->Form->input('Model.field', array('type' => 'text')); + $expected = '
'; + $this->assertEqual($result, $expected); + + $result = $this->Form->input('Model.field2', array('type' => 'text')); + $expected = '
'; + $this->assertEqual($result, $expected); + + $result = $this->Form->hidden('Model.field3', array('type' => 'text')); + $expected = ''; + $this->assertEqual($result, $expected); + + $result = $this->Form->input('Model.field4', array('type'=>'checkbox')); + $expected = '
'; + $this->assertEqual($result, $expected); + + $result = $this->Form->secure($this->Form->fields); + $expected = '/

<\/p>$/'; + $this->assertPattern($expected, $result); + + $result = $this->Form->fields; + $result = $this->__sortFields($result); + $this->assertEqual($result, $fields); + } + function testFormValidationAssociated() { $this->UserForm =& ClassRegistry::getObject('UserForm'); $this->UserForm->OpenidUrl =& ClassRegistry::getObject('OpenidUrl'); @@ -1059,6 +1117,16 @@ class FormHelperTest extends CakeTestCase { unset($this->Form); } + + function __sortFields($fields) { + foreach ($fields as $key => $value) { + if(strpos($key, '_') !== 0) { + sort($fields[$key]); + } + } + ksort($fields); + return $fields; + } } -?> \ No newline at end of file +?>