TYPO3 CMS  TYPO3_6-2
BackendUserAuthenticationTest.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Core\Tests\Unit\Authentication;
3 
22 class BackendUserAuthenticationTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
26  protected $defaultFilePermissions = array(
27  // File permissions
28  'addFile' => FALSE,
29  'readFile' => FALSE,
30  'writeFile' => FALSE,
31  'copyFile' => FALSE,
32  'moveFile' => FALSE,
33  'renameFile' => FALSE,
34  'unzipFile' => FALSE,
35  'deleteFile' => FALSE,
36  // Folder permissions
37  'addFolder' => FALSE,
38  'readFolder' => FALSE,
39  'writeFolder' => FALSE,
40  'copyFolder' => FALSE,
41  'moveFolder' => FALSE,
42  'renameFolder' => FALSE,
43  'deleteFolder' => FALSE,
44  'recursivedeleteFolder' => FALSE
45  );
46 
47  public function setUp() {
48  // reset hooks
49  $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'] = array();
50  }
51 
52  public function tearDown() {
53  \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::purgeInstances();
54  parent::tearDown();
55  }
56 
58  // Tests concerning the form protection
60 
63  public function logoffCleansFormProtectionIfBackendUserIsLoggedIn() {
64  $formProtection = $this->getMock(
65  'TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection',
66  array('clean'),
67  array(),
68  '',
69  FALSE
70  );
71  $formProtection->expects($this->once())->method('clean');
72 
73  \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::set(
74  'TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection',
75  $formProtection
76  );
77 
78  // logoff() call the static factory that has a dependency to a valid BE_USER object. Mock this away
79  $GLOBALS['BE_USER'] = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array(), array(), '', FALSE);
80  $GLOBALS['BE_USER']->user = array('uid' => $this->getUniqueId());
81  $GLOBALS['TYPO3_DB'] = $this->getMock('TYPO3\\CMS\\Core\\Database\\DatabaseConnection', array(), array(), '', FALSE);
82 
83  $subject = $this->getAccessibleMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('dummy'), array(), '', FALSE);
84  $subject->_set('db', $GLOBALS['TYPO3_DB']);
85  $subject->logoff();
86  }
87 
91  public function getTSConfigDataProvider() {
92  $completeConfiguration = array(
93  'value' => 'oneValue',
94  'value.' => array('oneProperty' => 'oneValue'),
95  'permissions.' => array(
96  'file.' => array(
97  'default.' => array('readAction' => '1'),
98  '1.' => array('writeAction' => '1'),
99  '0.' => array('readAction' => '0'),
100  ),
101  )
102  );
103 
104  return array(
105  'single level string' => array(
106  $completeConfiguration,
107  'permissions',
108  array(
109  'value' => NULL,
110  'properties' =>
111  array(
112  'file.' => array(
113  'default.' => array('readAction' => '1'),
114  '1.' => array('writeAction' => '1'),
115  '0.' => array('readAction' => '0'),
116  ),
117  ),
118  ),
119  ),
120  'two levels string' => array(
121  $completeConfiguration,
122  'permissions.file',
123  array(
124  'value' => NULL,
125  'properties' =>
126  array(
127  'default.' => array('readAction' => '1'),
128  '1.' => array('writeAction' => '1'),
129  '0.' => array('readAction' => '0'),
130  ),
131  ),
132  ),
133  'three levels string' => array(
134  $completeConfiguration,
135  'permissions.file.default',
136  array(
137  'value' => NULL,
138  'properties' =>
139  array('readAction' => '1'),
140  ),
141  ),
142  'three levels string with integer property' => array(
143  $completeConfiguration,
144  'permissions.file.1',
145  array(
146  'value' => NULL,
147  'properties' => array('writeAction' => '1'),
148  ),
149  ),
150  'three levels string with integer zero property' => array(
151  $completeConfiguration,
152  'permissions.file.0',
153  array(
154  'value' => NULL,
155  'properties' => array('readAction' => '0'),
156  ),
157  ),
158  'four levels string with integer zero property, value, no properties' => array(
159  $completeConfiguration,
160  'permissions.file.0.readAction',
161  array(
162  'value' => '0',
163  'properties' => NULL,
164  ),
165  ),
166  'four levels string with integer property, value, no properties' => array(
167  $completeConfiguration,
168  'permissions.file.1.writeAction',
169  array(
170  'value' => '1',
171  'properties' => NULL,
172  ),
173  ),
174  'one level, not existant string' => array(
175  $completeConfiguration,
176  'foo',
177  array(
178  'value' => NULL,
179  'properties' => NULL,
180  ),
181  ),
182  'two level, not existant string' => array(
183  $completeConfiguration,
184  'foo.bar',
185  array(
186  'value' => NULL,
187  'properties' => NULL,
188  ),
189  ),
190  'two level, where second level does not exist' => array(
191  $completeConfiguration,
192  'permissions.bar',
193  array(
194  'value' => NULL,
195  'properties' => NULL,
196  ),
197  ),
198  'three level, where third level does not exist' => array(
199  $completeConfiguration,
200  'permissions.file.foo',
201  array(
202  'value' => NULL,
203  'properties' => NULL,
204  ),
205  ),
206  'three level, where second and third level does not exist' => array(
207  $completeConfiguration,
208  'permissions.foo.bar',
209  array(
210  'value' => NULL,
211  'properties' => NULL,
212  ),
213  ),
214  'value and properties' => array(
215  $completeConfiguration,
216  'value',
217  array(
218  'value' => 'oneValue',
219  'properties' => array('oneProperty' => 'oneValue'),
220  ),
221  ),
222  );
223  }
224 
232  public function getTSConfigReturnsCorrectArrayForGivenObjectString(array $completeConfiguration, $objectString, array $expectedConfiguration) {
233  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('dummy'), array(), '', FALSE);
234  $subject->userTS = $completeConfiguration;
235 
236  $actualConfiguration = $subject->getTSConfig($objectString);
237  $this->assertSame($expectedConfiguration, $actualConfiguration);
238  }
239 
243  public function getFilePermissionsTakesUserDefaultAndStoragePermissionsIntoAccountIfUserIsNotAdminDataProvider() {
244  return array(
245  'Only read permissions' => array(
246  array(
247  'addFile' => 0,
248  'readFile' => 1,
249  'writeFile' => 0,
250  'copyFile' => 0,
251  'moveFile' => 0,
252  'renameFile' => 0,
253  'unzipFile' => 0,
254  'deleteFile' => 0,
255  'addFolder' => 0,
256  'readFolder' => 1,
257  'copyFolder' => 0,
258  'moveFolder' => 0,
259  'renameFolder' => 0,
260  'writeFolder' => 0,
261  'deleteFolder' => 0,
262  'recursivedeleteFolder' => 0,
263  )
264  ),
265  'Uploading allowed' => array(
266  array(
267  'addFile' => 1,
268  'readFile' => 1,
269  'writeFile' => 1,
270  'copyFile' => 1,
271  'moveFile' => 1,
272  'renameFile' => 1,
273  'unzipFile' => 0,
274  'deleteFile' => 1,
275  'addFolder' => 0,
276  'readFolder' => 1,
277  'copyFolder' => 0,
278  'moveFolder' => 0,
279  'renameFolder' => 0,
280  'writeFolder' => 0,
281  'deleteFolder' => 0,
282  'recursivedeleteFolder' => 0
283  )
284  ),
285  'One value is enough' => array(
286  array(
287  'addFile' => 1,
288  )
289  ),
290  );
291  }
292 
298  public function getFilePermissionsTakesUserDefaultPermissionsFromTsConfigIntoAccountIfUserIsNotAdmin(array $userTsConfiguration) {
299  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('isAdmin'));
300 
301  $subject
302  ->expects($this->any())
303  ->method('isAdmin')
304  ->will($this->returnValue(FALSE));
305 
306  $subject->userTS = array(
307  'permissions.' => array(
308  'file.' => array(
309  'default.' => $userTsConfiguration
310  ),
311  )
312  );
313 
314  $expectedPermissions = array_merge($this->defaultFilePermissions, $userTsConfiguration);
315  array_walk(
316  $expectedPermissions,
317  function(&$value) {
318  $value = (bool) $value;
319  }
320  );
321 
322  $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
323  }
324 
328  public function getFilePermissionsFromStorageDataProvider() {
329  $defaultPermissions = array(
330  'addFile' => TRUE,
331  'readFile' => TRUE,
332  'writeFile' => TRUE,
333  'copyFile' => TRUE,
334  'moveFile' => TRUE,
335  'renameFile' => TRUE,
336  'unzipFile' => TRUE,
337  'deleteFile' => TRUE,
338  'addFolder' => TRUE,
339  'readFolder' => TRUE,
340  'copyFolder' => TRUE,
341  'moveFolder' => TRUE,
342  'renameFolder' => TRUE,
343  'writeFolder' => TRUE,
344  'deleteFolder' => TRUE,
345  'recursivedeleteFolder' => TRUE
346  );
347 
348  return array(
349  'Overwrites given storage permissions with default permissions' => array(
350  $defaultPermissions,
351  1,
352  array(
353  'addFile' => 0,
354  'recursivedeleteFolder' =>0
355  ),
356  array(
357  'addFile' => 0,
358  'readFile' => 1,
359  'writeFile' => 1,
360  'copyFile' => 1,
361  'moveFile' => 1,
362  'renameFile' => 1,
363  'unzipFile' => 1,
364  'deleteFile' => 1,
365  'addFolder' => 1,
366  'readFolder' => 1,
367  'copyFolder' => 1,
368  'moveFolder' => 1,
369  'renameFolder' => 1,
370  'writeFolder' => 1,
371  'deleteFolder' => 1,
372  'recursivedeleteFolder' => 0
373  )
374  ),
375  'Overwrites given storage 0 permissions with default permissions' => array(
376  $defaultPermissions,
377  0,
378  array(
379  'addFile' => 0,
380  'recursivedeleteFolder' =>0
381  ),
382  array(
383  'addFile' => FALSE,
384  'readFile' => TRUE,
385  'writeFile' => TRUE,
386  'copyFile' => TRUE,
387  'moveFile' => TRUE,
388  'renameFile' => TRUE,
389  'unzipFile' => TRUE,
390  'deleteFile' => TRUE,
391  'addFolder' => TRUE,
392  'readFolder' => TRUE,
393  'copyFolder' => TRUE,
394  'moveFolder' => TRUE,
395  'renameFolder' => TRUE,
396  'writeFolder' => TRUE,
397  'deleteFolder' => TRUE,
398  'recursivedeleteFolder' => FALSE
399  )
400  ),
401  'Returns default permissions if no storage permissions are found' => array(
402  $defaultPermissions,
403  1,
404  array(),
405  array(
406  'addFile' => TRUE,
407  'readFile' => TRUE,
408  'writeFile' => TRUE,
409  'copyFile' => TRUE,
410  'moveFile' => TRUE,
411  'renameFile' => TRUE,
412  'unzipFile' => TRUE,
413  'deleteFile' => TRUE,
414  'addFolder' => TRUE,
415  'readFolder' => TRUE,
416  'copyFolder' => TRUE,
417  'moveFolder' => TRUE,
418  'renameFolder' => TRUE,
419  'writeFolder' => TRUE,
420  'deleteFolder' => TRUE,
421  'recursivedeleteFolder' => TRUE
422  )
423  ),
424  );
425  }
426 
435  public function getFilePermissionsFromStorageOverwritesDefaultPermissions(array $defaultPermissions, $storageUid, array $storagePermissions, array $expectedPermissions) {
436  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('isAdmin', 'getFilePermissions'));
437  $storageMock = $this->getMock('TYPO3\\CMS\\Core\\Resource\\ResourceStorage', array(), array(), '', FALSE);
438  $storageMock->expects($this->any())->method('getUid')->will($this->returnValue($storageUid));
439 
440  $subject
441  ->expects($this->any())
442  ->method('isAdmin')
443  ->will($this->returnValue(FALSE));
444 
445  $subject
446  ->expects($this->any())
447  ->method('getFilePermissions')
448  ->will($this->returnValue($defaultPermissions));
449 
450  $subject->userTS = array(
451  'permissions.' => array(
452  'file.' => array(
453  'storage.' => array(
454  $storageUid . '.' => $storagePermissions
455  ),
456  ),
457  )
458  );
459 
460  $this->assertEquals($expectedPermissions, $subject->getFilePermissionsForStorage($storageMock));
461  }
462 
470  public function getFilePermissionsFromStorageAlwaysReturnsDefaultPermissionsForAdmins(array $defaultPermissions, $storageUid, array $storagePermissions) {
471  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('isAdmin', 'getFilePermissions'));
472  $storageMock = $this->getMock('TYPO3\\CMS\\Core\\Resource\\ResourceStorage', array(), array(), '', FALSE);
473  $storageMock->expects($this->any())->method('getUid')->will($this->returnValue($storageUid));
474 
475  $subject
476  ->expects($this->any())
477  ->method('isAdmin')
478  ->will($this->returnValue(TRUE));
479 
480  $subject
481  ->expects($this->any())
482  ->method('getFilePermissions')
483  ->will($this->returnValue($defaultPermissions));
484 
485  $subject->userTS = array(
486  'permissions.' => array(
487  'file.' => array(
488  'storage.' => array(
489  $storageUid . '.' => $storagePermissions
490  ),
491  ),
492  )
493  );
494 
495  $this->assertEquals($defaultPermissions, $subject->getFilePermissionsForStorage($storageMock));
496  }
497 
501  public function getFilePermissionsTakesUserDefaultPermissionsFromRecordIntoAccountIfUserIsNotAdminDataProvider() {
502  return array(
503  'No permission' => array(
504  '',
505  array(
506  'addFile' => FALSE,
507  'readFile' => FALSE,
508  'writeFile' => FALSE,
509  'copyFile' => FALSE,
510  'moveFile' => FALSE,
511  'renameFile' => FALSE,
512  'unzipFile' => FALSE,
513  'deleteFile' => FALSE,
514  'addFolder' => FALSE,
515  'readFolder' => FALSE,
516  'copyFolder' => FALSE,
517  'moveFolder' => FALSE,
518  'renameFolder' => FALSE,
519  'writeFolder' => FALSE,
520  'deleteFolder' => FALSE,
521  'recursivedeleteFolder' => FALSE
522  )
523  ),
524  'Standard file permissions' => array(
525  'addFile,readFile,writeFile,copyFile,moveFile,renameFile,deleteFile',
526  array(
527  'addFile' => TRUE,
528  'readFile' => TRUE,
529  'writeFile' => TRUE,
530  'copyFile' => TRUE,
531  'moveFile' => TRUE,
532  'renameFile' => TRUE,
533  'unzipFile' => FALSE,
534  'deleteFile' => TRUE,
535  'addFolder' => FALSE,
536  'readFolder' => FALSE,
537  'copyFolder' => FALSE,
538  'moveFolder' => FALSE,
539  'renameFolder' => FALSE,
540  'writeFolder' => FALSE,
541  'deleteFolder' => FALSE,
542  'recursivedeleteFolder' => FALSE
543  )
544  ),
545  'Unzip allowed' => array(
546  'readFile,unzipFile',
547  array(
548  'addFile' => FALSE,
549  'readFile' => TRUE,
550  'writeFile' => FALSE,
551  'copyFile' => FALSE,
552  'moveFile' => FALSE,
553  'renameFile' => FALSE,
554  'unzipFile' => TRUE,
555  'deleteFile' => FALSE,
556  'addFolder' => FALSE,
557  'readFolder' => FALSE,
558  'writeFolder' => FALSE,
559  'copyFolder' => FALSE,
560  'moveFolder' => FALSE,
561  'renameFolder' => FALSE,
562  'deleteFolder' => FALSE,
563  'recursivedeleteFolder' => FALSE
564  )
565  ),
566  'Standard folder permissions' => array(
567  'addFolder,readFolder,moveFolder,renameFolder,writeFolder,deleteFolder',
568  array(
569  'addFile' => FALSE,
570  'readFile' => FALSE,
571  'writeFile' => FALSE,
572  'copyFile' => FALSE,
573  'moveFile' => FALSE,
574  'renameFile' => FALSE,
575  'unzipFile' => FALSE,
576  'deleteFile' => FALSE,
577  'addFolder' => TRUE,
578  'readFolder' => TRUE,
579  'writeFolder' => TRUE,
580  'copyFolder' => FALSE,
581  'moveFolder' => TRUE,
582  'renameFolder' => TRUE,
583  'deleteFolder' => TRUE,
584  'recursivedeleteFolder' => FALSE
585  )
586  ),
587  'Copy folder allowed' => array(
588  'readFolder,copyFolder',
589  array(
590  'addFile' => FALSE,
591  'readFile' => FALSE,
592  'writeFile' => FALSE,
593  'copyFile' => FALSE,
594  'moveFile' => FALSE,
595  'renameFile' => FALSE,
596  'unzipFile' => FALSE,
597  'deleteFile' => FALSE,
598  'addFolder' => FALSE,
599  'readFolder' => TRUE,
600  'writeFolder' => FALSE,
601  'copyFolder' => TRUE,
602  'moveFolder' => FALSE,
603  'renameFolder' => FALSE,
604  'deleteFolder' => FALSE,
605  'recursivedeleteFolder' => FALSE
606  )
607  ),
608  'Copy folder and remove subfolders allowed' => array(
609  'readFolder,copyFolder,recursivedeleteFolder',
610  array(
611  'addFile' => FALSE,
612  'readFile' => FALSE,
613  'writeFile' => FALSE,
614  'copyFile' => FALSE,
615  'moveFile' => FALSE,
616  'renameFile' => FALSE,
617  'unzipFile' => FALSE,
618  'deleteFile' => FALSE,
619  'addFolder' => FALSE,
620  'readFolder' => TRUE,
621  'writeFolder' => FALSE,
622  'copyFolder' => TRUE,
623  'moveFolder' => FALSE,
624  'renameFolder' => FALSE,
625  'deleteFolder' => FALSE,
626  'recursivedeleteFolder' => TRUE
627  )
628  ),
629  );
630  }
631 
636  public function getFilePermissionsTakesUserDefaultPermissionsFromRecordIntoAccountIfUserIsNotAdmin($permissionValue, $expectedPermissions) {
637  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('isAdmin'));
638 
639  $subject
640  ->expects($this->any())
641  ->method('isAdmin')
642  ->will($this->returnValue(FALSE));
643 
644  $subject->userTS = array();
645  $subject->groupData['file_permissions'] = $permissionValue;
646  $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
647  }
648 
652  public function getFilePermissionsGrantsAllPermissionsToAdminUsers() {
653  $subject = $this->getMock('TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication', array('isAdmin'));
654 
655  $subject
656  ->expects($this->any())
657  ->method('isAdmin')
658  ->will($this->returnValue(TRUE));
659 
660  $expectedPermissions = array(
661  'addFile' => TRUE,
662  'readFile' => TRUE,
663  'writeFile' => TRUE,
664  'copyFile' => TRUE,
665  'moveFile' => TRUE,
666  'renameFile' => TRUE,
667  'unzipFile' => TRUE,
668  'deleteFile' => TRUE,
669  'addFolder' => TRUE,
670  'readFolder' => TRUE,
671  'writeFolder' => TRUE,
672  'copyFolder' => TRUE,
673  'moveFolder' => TRUE,
674  'renameFolder' => TRUE,
675  'deleteFolder' => TRUE,
676  'recursivedeleteFolder' => TRUE
677  );
678 
679  $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
680  }
681 
682 }
TYPO3\CMS\Core\Tests\Unit\Authentication\BackendUserAuthenticationTest\getFilePermissionsTakesUserDefaultPermissionsFromRecordIntoAccountIfUserIsNotAdmin
getFilePermissionsTakesUserDefaultPermissionsFromRecordIntoAccountIfUserIsNotAdmin($permissionValue, $expectedPermissions)
Definition: BackendUserAuthenticationTest.php:636
TYPO3\CMS\Core\Tests\Unit\Authentication\BackendUserAuthenticationTest\getTSConfigReturnsCorrectArrayForGivenObjectString
getTSConfigReturnsCorrectArrayForGivenObjectString(array $completeConfiguration, $objectString, array $expectedConfiguration)
Definition: BackendUserAuthenticationTest.php:232
TYPO3\CMS\Core\FormProtection\FormProtectionFactory\set
static set($className, \TYPO3\CMS\Core\FormProtection\AbstractFormProtection $instance)
Definition: FormProtectionFactory.php:154
TYPO3\CMS\Core\Tests\BaseTestCase\getAccessibleMock
getAccessibleMock( $originalClassName, array $methods=array(), array $arguments=array(), $mockClassName='', $callOriginalConstructor=TRUE, $callOriginalClone=TRUE, $callAutoload=TRUE)
Definition: BaseTestCase.php:56
TYPO3\CMS\Core\Tests\Unit\Authentication\BackendUserAuthenticationTest\getFilePermissionsFromStorageAlwaysReturnsDefaultPermissionsForAdmins
getFilePermissionsFromStorageAlwaysReturnsDefaultPermissionsForAdmins(array $defaultPermissions, $storageUid, array $storagePermissions)
Definition: BackendUserAuthenticationTest.php:470
TYPO3\CMS\Core\Tests\Unit\Authentication\BackendUserAuthenticationTest\getFilePermissionsFromStorageOverwritesDefaultPermissions
getFilePermissionsFromStorageOverwritesDefaultPermissions(array $defaultPermissions, $storageUid, array $storagePermissions, array $expectedPermissions)
Definition: BackendUserAuthenticationTest.php:435
$GLOBALS
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
Definition: ext_localconf.php:5