deblan/php-censor
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

PHP Censor fixes

Browse source
This commit is contained in:
Dmitry Khomutov 2016-12-29 12:43:02 +07:00
commit b1d5c9cec2
No known key found for this signature in database
GPG key ID: 7EB36C9576F9ECB9
15 changed files with 164 additions and 161 deletions
Download patch file Download diff file Expand all files Collapse all files

87
src/PHPCensor/Command/RegisterLdapUserCommand.php Normal file
View file

@ -0,0 +1,87 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Command;
use PHPCensor\Helper\Lang;
use PHPCensor\Service\UserService;
use PHPCensor\Store\UserStore;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
/**
* Register user command - creates an user with provider (Adirelle pluggable-auth)
*
* @author Dmitrii Zolotov (@itherz)
* @package PHPCI
* @subpackage Console
*/
class RegisterLdapUserCommand extends Command
{
/**
* @var UserStore
*/
protected $userStore;
/**
* @param UserStore $userStore
*/
public function __construct(UserStore $userStore)
{
parent::__construct();
$this->userStore = $userStore;
}
protected function configure()
{
$this
->setName('php-censor:register-ldap-user')
->setDescription(Lang::get('register_ldap_user'));
}
/**
* Creates an admin user in the existing PHPCI database
*
* {@inheritDoc}
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$userService = new UserService($this->userStore);
/** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */
$dialog = $this->getHelperSet()->get('dialog');
// Function to validate mail address.
$mailValidator = function ($answer) {
if (!filter_var($answer, FILTER_VALIDATE_EMAIL)) {
throw new \InvalidArgumentException(Lang::get('must_be_valid_email'));
}
return $answer;
};
$email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
$name = $dialog->ask($output, Lang::get('enter_name'));
$providerKey = "ldap";
$providerData = null;
$isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin')));
$isAdmin = !empty($isAdmin);
$password = "";
try {
$userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin);
$output->writeln(Lang::get('user_created'));
} catch (\Exception $e) {
$output->writeln(sprintf('<error>%s</error>', Lang::get('failed_to_create')));
$output->writeln(sprintf('<error>%s</error>', $e->getMessage()));
}
}
}

87
src/PHPCensor/Command/RegisterUserCommand.php Normal file
View file

@ -0,0 +1,87 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Command;
use PHPCensor\Helper\Lang;
use PHPCensor\Service\UserService;
use PHPCensor\Store\UserStore;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
/**
* Register user command - creates an user with provider (Adirelle pluggable-auth)
* @author Dmitrii Zolotov (@itherz)
* @package PHPCI
* @subpackage Console
*/
class RegisterUserCommand extends Command
{
/**
* @var UserStore
*/
protected $userStore;
/**
* @param UserStore $userStore
*/
public function __construct(UserStore $userStore)
{
parent::__construct();
$this->userStore = $userStore;
}
protected function configure()
{
$this
->setName('php-censor:register-user')
->setDescription(Lang::get('register_user'));
}
/**
* Creates an admin user in the existing PHPCI database
*
* {@inheritDoc}
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$userService = new UserService($this->userStore);
/** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */
$dialog = $this->getHelperSet()->get('dialog');
// Function to validate mail address.
$mailValidator = function ($answer) {
if (!filter_var($answer, FILTER_VALIDATE_EMAIL)) {
throw new \InvalidArgumentException(Lang::get('must_be_valid_email'));
}
return $answer;
};
$id = $dialog->ask($output, Lang::get('enter_id'));
$password = $dialog->askHiddenResponse($output, Lang::get('enter_password'));
$emailAddress = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
$providerKey = $dialog->ask($output, Lang::get('enter_providerkey'));
$providerData = $dialog->ask($output, Lang::get('enter_providerdata'));
$isAdmin = $dialog->ask($output, Lang::get('enter_isadmin'));
$isAdmin = !empty($isAdmin);
$name = $dialog->ask($output, Lang::get('enter_name'));
try {
$userService->createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false);
$output->writeln(Lang::get('user_created'));
} catch (\Exception $e) {
$output->writeln(sprintf('<error>%s</error>', Lang::get('failed_to_create')));
$output->writeln(sprintf('<error>%s</error>', $e->getMessage()));
}
}
}

8
src/PHPCensor/Controller/SessionController.php
View file

@ -14,6 +14,8 @@ use b8;
use PHPCensor\Helper\Email;
use PHPCensor\Helper\Lang;
use PHPCensor\Controller;
use PHPCensor\Security\Authentication\Service;
use PHPCensor\Store\UserStore;
/**
* Session Controller - Handles user login / logout.
@ -25,12 +27,12 @@ use PHPCensor\Controller;
class SessionController extends Controller
{
/**
* @var \PHPCensor\Store\UserStore
* @var UserStore
*/
protected $userStore;
/**
* @var \PHPCI\Security\Authentication\Service
* @var Service
*/
protected $authentication;
@ -41,7 +43,7 @@ class SessionController extends Controller
{
$this->response->disableLayout();
$this->userStore = b8\Store\Factory::getStore('User');
$this->authentication = \PHPCI\Security\Authentication\Service::getInstance();
$this->authentication = Service::getInstance();
}
/**

6
src/PHPCensor/Helper/Email.php
View file

@ -119,10 +119,12 @@ class Email
*
* @return integer
*/
public function send(Builder $builder)
public function send(Builder $builder = null)
{
$smtpServer = $this->config->get('php-censor.email_settings.smtp_address');
$builder->logDebug(sprintf("SMTP: '%s'", !empty($smtpServer) ? 'true' : 'false'));
if (null !== $builder) {
$builder->logDebug(sprintf("SMTP: '%s'", !empty($smtpServer) ? 'true' : 'false'));
}
$factory = new MailerFactory($this->config->get('php-censor'));
$mailer = $factory->getSwiftMailerFromConfig();

41
src/PHPCensor/Migrations/20150308074509_add_user_providers.php Normal file
View file

@ -0,0 +1,41 @@
<?php
use Phinx\Db\Adapter\MysqlAdapter;
use Phinx\Migration\AbstractMigration;
class AddUserProviders extends AbstractMigration
{
/**
* Migrate Up.
*/
public function up()
{
// Add the provider columns
$this
->table('user')
// The provider name
->addColumn('provider_key', 'string', array(
'default' => 'internal',
'limit' => MysqlAdapter::TEXT_SMALL
))
// A data used by the provider
->addColumn('provider_data', 'string', array(
'null' => true,
'limit' => MysqlAdapter::TEXT_SMALL
))
->save();
}
/**
* Migrate Down.
*/
public function down()
{
// Remove the provider columns
$this
->table('user')
->removeColumn('provider_key')
->removeColumn('provider_data')
->save();
}
}

55
src/PHPCensor/Security/Authentication/UserProvider/Ldap.php Normal file
View file

@ -0,0 +1,55 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication\UserProvider;
use b8\Config;
use PHPCensor\Model\User;
use PHPCensor\Security\Authentication\LoginPasswordProvider;
/**
* Ldap user provider.
*
* @author Dmitrii Zolotov (@itherz)
*/
class Ldap extends AbstractProvider implements LoginPasswordProvider
{
public function verifyPassword(User $user, $password)
{
$config = Config::getInstance()->get('php-censor.security.ldap', []);
$server = $config["server"];
$mailAttribute = $config["mailAttribute"];
$ldap = ldap_connect($server);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
$ls = ldap_search($ldap, $config["base"], $mailAttribute . "=" . $user->getEmail());
$le = ldap_get_entries($ldap, $ls);
if ($le["count"] == 0) {
return false;
}
$dn = $le[0]["dn"];
return ldap_bind($ldap, $dn, $password);
}
public function checkRequirements()
{
// Always fine
}
public function provisionUser($identifier)
{
return null;
}
}

30
src/PHPCensor/Security/Security/Authentication/LoginPasswordProvider.php Normal file
View file

@ -0,0 +1,30 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2015, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication;
use PHPCensor\Model\User;
/**
* User provider which authenticiation using a password.
*
* @author Adirelle <adirelle@gmail.com>
*/
interface LoginPasswordProvider extends UserProvider
{
/** Verify if the supplied password matches the user's one.
*
* @param User $user
* @param string $password
*
* @return bool
*/
public function verifyPassword(User $user, $password);
}

104
src/PHPCensor/Security/Security/Authentication/Service.php Normal file
View file

@ -0,0 +1,104 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2015, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication;
use b8\Config;
/**
* Authentication facade.
*
* @author Adirelle <adirelle@gmail.com>
*/
class Service
{
/**
*
* @var Service
*/
static private $instance;
/** Return the service singletion.
*
* @return Service
*/
public static function getInstance()
{
if (self::$instance === null) {
$config = Config::getInstance()->get(
'php-censor.security.authentication',
['internal' => ['type' => 'internal']]
);
$providers = [];
foreach ($config as $key => $providerConfig) {
$providers[$key] = self::buildProvider($key, $providerConfig);
}
self::$instance = new self($providers);
}
return self::$instance;
}
/** Create a provider from a given configuration.
*
* @param string $key
* @param string|array $config
* @return UserProvider
*/
public static function buildProvider($key, $config)
{
$class = ucfirst($config['type']);
if (class_exists('\\PHPCensor\\Security\\Authentication\\UserProvider\\' . $class)) {
$class = '\\PHPCensor\\Security\\Authentication\\UserProvider\\' . $class;
}
return new $class($key, $config);
}
/** The table of providers.
*
* @var array
*/
private $providers;
/** Initialize the service.
*
* @param array $providers
*/
public function __construct(array $providers)
{
$this->providers = $providers;
}
/** Return all providers.
*
* @return UserProvider[]
*/
public function getProviders()
{
return $this->providers;
}
/** Return the user providers that allows password authentication.
*
* @return LoginPasswordProvider[]
*/
public function getLoginPasswordProviders()
{
$providers = [];
foreach ($this->providers as $key => $provider) {
if ($provider instanceof LoginPasswordProvider) {
$providers[$key] = $provider;
}
}
return $providers;
}
}

36
src/PHPCensor/Security/Security/Authentication/UserProvider.php Normal file
View file

@ -0,0 +1,36 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2015, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication;
use PHPCensor\Model\User;
/**
* User provider interface.
*
* @author Adirelle <adirelle@gmail.com>
*/
interface UserProvider
{
/** Check if all software requirements are met (libraries, extensions, ...)
*
* @throws \Exception
*/
public function checkRequirements();
/** Provision an new user for the given identifier.
*
* @param string $identifier The user identifier.
*
* @return User|null The new user or null if the provider does not know the user.
*/
public function provisionUser($identifier);
}

40
src/PHPCensor/Security/Security/Authentication/UserProvider/AbstractProvider.php Normal file
View file

@ -0,0 +1,40 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication\UserProvider;
use PHPCensor\Security\Authentication\UserProvider;
/**
* Abstract user provider.
*
* @author Adirelle <adirelle@gmail.com>
*/
abstract class AbstractProvider implements UserProvider
{
/**
* @var string
*/
private $key;
public function __construct($key)
{
$this->key = $key;
}
/**
*
* @return string
*/
public function getKey()
{
return $this->key;
}
}

38
src/PHPCensor/Security/Security/Authentication/UserProvider/Internal.php Normal file
View file

@ -0,0 +1,38 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCensor\Security\Authentication\UserProvider;
use PHPCensor\Model\User;
use PHPCensor\Security\Authentication\LoginPasswordProvider;
/**
* Internal user provider
*
* @author Adirelle <adirelle@gmail.com>
*/
class Internal extends AbstractProvider implements LoginPasswordProvider
{
public function verifyPassword(User $user, $password)
{
return password_verify($password, $user->getHash());
}
public function checkRequirements()
{
// Always fine
}
public function provisionUser($identifier)
{
return null;
}
}