From a29a6d61d4f88698587eae0795081f8e37d18c35 Mon Sep 17 00:00:00 2001 From: REJack Date: Fri, 29 Mar 2019 13:32:51 +0100 Subject: [PATCH] updated Tests --- .editorconfig | 32 +- .gitignore | 1 + app/Config/Aauth.php | 4 + .../20181031065240_create_perm_to_group.php | 2 +- app/Helpers/aauth_helper.php | 14 + app/Language/en/Admin.php | 4 + app/Libraries/Aauth.php | 473 ++++++++++++------ app/Libraries/Aauth/CAPTCHA.php | 10 +- app/Libraries/Aauth/TOTP.php | 9 +- app/Models/Aauth/GroupToGroupModel.php | 13 +- app/Models/Aauth/GroupToUserModel.php | 14 +- app/Models/Aauth/GroupVariableModel.php | 10 +- app/Models/Aauth/LoginTokenModel.php | 18 +- app/Models/Aauth/PermModel.php | 2 +- app/Models/Aauth/PermToGroupModel.php | 33 +- app/Models/Aauth/PermToUserModel.php | 37 +- app/Models/Aauth/UserModel.php | 8 +- app/Models/Aauth/UserSessionModel.php | 18 +- app/Models/Aauth/UserVariableModel.php | 22 +- tests/Aauth/Database/PermToGroupModelTest.php | 15 + tests/Aauth/Database/PermToUserModelTest.php | 15 + tests/Aauth/Libraries/Aauth/AccessTest.php | 99 +++- tests/Aauth/Libraries/Aauth/CallTest.php | 21 - tests/Aauth/Libraries/Aauth/LoginTest.php | 2 +- tests/Aauth/Libraries/Aauth/UtilityTest.php | 28 ++ 25 files changed, 605 insertions(+), 299 deletions(-) delete mode 100644 tests/Aauth/Libraries/Aauth/CallTest.php create mode 100644 tests/Aauth/Libraries/Aauth/UtilityTest.php diff --git a/.editorconfig b/.editorconfig index 0431ef8..880a345 100644 --- a/.editorconfig +++ b/.editorconfig @@ -1,12 +1,20 @@ -; top-most EditorConfig file -root = true - -; Unix-style newlines -[*] -end_of_line = lf - -[*.php] -indent_style = tab -charset = utf-8 -trim_trailing_whitespace = true -insert_final_newline = true +; top-most EditorConfig file +root = true + +; Unix-style newlines +[*] +end_of_line = lf + +[*.php] +indent_style = tab +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + + +[*.rst] +indent_style = space +charset = utf-8 +indent_size = 4 +trim_trailing_whitespace = true +insert_final_newline = true diff --git a/.gitignore b/.gitignore index 28eb944..8cf1583 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,7 @@ /tests/README.md /vendor/ /writable/ +/user_guide_src/build/ /app/index.html /app/.htaccess diff --git a/app/Config/Aauth.php b/app/Config/Aauth.php index 0e22f18..efce45d 100644 --- a/app/Config/Aauth.php +++ b/app/Config/Aauth.php @@ -38,6 +38,10 @@ class Aauth extends BaseConfig | | If user don't have permission to see the page he will be redirected | the page specified. + | Available Options: + | - false (control() returns booleans) + | - 'error' (control() throws an error) + | - any uri/url string (control() redirect to set value) | (default: false) | | 'linkResetPassword' diff --git a/app/Database/Migrations/20181031065240_create_perm_to_group.php b/app/Database/Migrations/20181031065240_create_perm_to_group.php index e9fe25d..12e7cde 100644 --- a/app/Database/Migrations/20181031065240_create_perm_to_group.php +++ b/app/Database/Migrations/20181031065240_create_perm_to_group.php @@ -54,7 +54,7 @@ class Migration_create_perm_to_group extends Migration 'default' => 1, ], ]); - $this->forge->addKey(['perm_id', 'user_id'], true); + $this->forge->addKey(['perm_id', 'group_id'], true); $this->forge->createTable($config->dbTablePermToGroup, true); } diff --git a/app/Helpers/aauth_helper.php b/app/Helpers/aauth_helper.php index 03257f3..671501d 100644 --- a/app/Helpers/aauth_helper.php +++ b/app/Helpers/aauth_helper.php @@ -65,6 +65,20 @@ if (! function_exists('is_allowed')) } } +if (! function_exists('is_denied')) +{ + /** + * Is denied + * + * @return boolean + */ + function is_denied($permPar, $userId) + { + $aauth = new Aauth(); + return $aauth->isDenied($permPar, $userId); + } +} + if (! function_exists('get_subgroups')) { /** diff --git a/app/Language/en/Admin.php b/app/Language/en/Admin.php index 95e979a..6bf6f1e 100644 --- a/app/Language/en/Admin.php +++ b/app/Language/en/Admin.php @@ -52,6 +52,8 @@ return [ 'usersLabelBanned' => 'Banned', 'usersLabelGroups' => 'Groups', 'usersLabelPerms' => 'Perms', + 'usersLabelAllow' => 'Allow', + 'usersLabelDeny' => 'Deny', 'usersLabelCreatedAt' => 'Created at', 'usersLabelUpdatedAt' => 'Updated at', 'usersLabelLastIPAddress' => 'Last IP-Address', @@ -74,6 +76,8 @@ return [ 'groupsLabelDefinition' => 'Definition', 'groupsLabelSubGroups' => 'Sub-Groups', 'groupsLabelPerms' => 'Perms', + 'groupsLabelAllow' => 'Allow', + 'groupsLabelDeny' => 'Deny', 'groupsLabelNameCurrent' => 'Current Name', 'groupsLabelDefinitionCurrent' => 'Current Definition', 'groupsLabelCreatedAt' => 'Created at', diff --git a/app/Libraries/Aauth.php b/app/Libraries/Aauth.php index 2cd0ab6..db76d14 100644 --- a/app/Libraries/Aauth.php +++ b/app/Libraries/Aauth.php @@ -8,7 +8,7 @@ * access management, public access etc.. * * @package CodeIgniter-Aauth - * @version 3.0.0-rc1 + * @version 3.0.0-rc2 * @author Emre Akay * @author Raphael "REJack" Jackstadt * @copyright 2014-2019 Emre Akay @@ -18,18 +18,6 @@ namespace App\Libraries; -use \App\Models\Aauth\UserModel; -use \App\Models\Aauth\UserSessionModel; -use \App\Models\Aauth\UserVariableModel; -use \App\Models\Aauth\LoginAttemptModel; -use \App\Models\Aauth\LoginTokenModel; -use \App\Models\Aauth\GroupModel; -use \App\Models\Aauth\GroupToGroupModel; -use \App\Models\Aauth\GroupToUserModel; -use \App\Models\Aauth\GroupVariableModel; -use \App\Models\Aauth\PermModel; -use \App\Models\Aauth\PermToGroupModel; -use \App\Models\Aauth\PermToUserModel; use PHPMailer\PHPMailer\PHPMailer; /** @@ -163,7 +151,7 @@ class Aauth */ private function precachePerms() { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); foreach ($permModel->asArray()->findAll() as $perm) { @@ -179,7 +167,7 @@ class Aauth */ private function precacheGroups() { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); foreach ($groupModel->asArray()->findAll() as $group) { @@ -209,9 +197,9 @@ class Aauth helper('cookie'); delete_cookie($this->config->loginRememberCookie); - $userModel = new UserModel(); - $loginAttemptModel = new LoginAttemptModel(); - $userVariableModel = new UserVariableModel(); + $userModel = $this->getModel('User'); + $loginAttemptModel = $this->getModel('LoginAttempt'); + $userVariableModel = $this->getModel('UserVariable'); if ($this->config->loginProtection && ! $loginAttemptModel->save()) { @@ -346,12 +334,12 @@ class Aauth if (password_verify($password, $user['password'])) { - $loginTokenModel = new LoginTokenModel(); + $loginTokenModel = $this->getModel('LoginToken'); if ($this->config->loginSingleMode) { $loginTokenModel->deleteAll($user['id']); - $userSessionModel = new UserSessionModel(); + $userSessionModel = $this->getModel('UserSession'); foreach ($userSessionModel->findAll() as $userSessionRow) { @@ -466,7 +454,7 @@ class Aauth */ protected function loginFast(int $userId) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $userModel->select('id, email, username'); $userModel->where('id', $userId); $userModel->where('banned', 0); @@ -516,7 +504,7 @@ class Aauth } else { - $loginTokenModel = new LoginTokenModel(); + $loginTokenModel = $this->getModel('LoginToken'); $loginTokens = $loginTokenModel->findAllByUserId($cookie[0]); foreach ($loginTokens as $loginToken) @@ -552,16 +540,19 @@ class Aauth */ public function isMember($groupPar, int $userId = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { $userId = (int) @$this->session->user['id']; } - $groupToUserModel = new GroupToUserModel(); + if (! $groupId = $this->getGroupId($groupPar)) + { + return false; + } - $groupId = $this->getGroupId($groupPar); + $groupToUserModel = $this->getModel('GroupToUser'); return $groupToUserModel->exists($groupId, $userId); } @@ -580,7 +571,7 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); return $this->isMember($this->config->groupAdmin, $userId); } @@ -602,11 +593,11 @@ class Aauth { if ($this->isTotpRequired()) { - return redirect()->to($this->config->totpLink); + return \Config\Services::response()->redirect($this->config->totpLink); } } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -628,9 +619,13 @@ class Aauth return false; } - $permToUserModel = new PermToUserModel(); + $permToUserModel = $this->getModel('PermToUser'); - if ($permToUserModel->allowed($permId, $userId)) + if ($permToUserModel->denied($permId, $userId)) + { + return false; + } + else if ($permToUserModel->allowed($permId, $userId)) { return true; } @@ -676,7 +671,7 @@ class Aauth return true; } - $permToGroupModel = new PermToGroupModel(); + $permToGroupModel = $this->getModel('PermToGroup'); $groupId = $this->getGroupId($groupPar); $groupAllowed = false; @@ -694,7 +689,11 @@ class Aauth } } - if ($groupAllowed || $permToGroupModel->allowed($permId, $groupId)) + if ($permToGroupModel->allowed($permId, $groupId)) + { + return false; + } + else if ($groupAllowed || $permToGroupModel->allowed($permId, $groupId)) { return true; } @@ -726,6 +725,63 @@ class Aauth return false; } + /** + * Control + * + * Controls if a logged or public user has permission + * + * If user does not have permission to access page, it stops script and gives + * error message, unless 'no_permission' value is set in config. If 'no_permission' is + * set in config it redirects user to the set url and passes the 'no_access' error message. + * It also updates last activity every time function called. + * + * @param string $permPar If not given just control user logged in or not + * + * @return boolean|redirect|error + */ + public function control(string $permPar = null) + { + if ($this->config->totpEnabled && $this->isTotpRequired()) + { + $this->error(lang('Aauth.requiredTOTPCode')); + return \Config\Services::response()->redirect($this->config->totpLink); + } + + $this->getModel('User')->updateLastActivity($this->getUserId()); + + if (! $permId = $this->getPermId($permPar)) + { + if (! $this->isLoggedIn()) + { + if ($this->config->linkNoPermission && $this->config->linkNoPermission !== 'error') + { + return \Config\Services::response()->redirect($this->config->linkNoPermission); + } + else if ($this->config->linkNoPermission === 'error') + { + return trigger_error(lang('Aauth.noAccess'), E_USER_ERROR); + } + + return false; + } + } + else if (! $this->isAllowed($permId)) + { + if ($this->config->linkNoPermission && $this->config->linkNoPermission !== 'error') + { + return \Config\Services::response()->redirect($this->config->linkNoPermission); + } + else if ($this->config->linkNoPermission === 'error') + { + return trigger_error(lang('Aauth.noAccess'), E_USER_ERROR); + } + + return false; + } + + return true; + } + //-------------------------------------------------------------------- // User Functions //-------------------------------------------------------------------- @@ -743,7 +799,7 @@ class Aauth */ public function createUser(string $email, string $password, string $username = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $data['email'] = $email; $data['password'] = $password; @@ -760,13 +816,15 @@ class Aauth return false; } - // if ($this->config->userVerification) - // { - // $this->sendVerification($userId, $email); - // $this->info(lang('Aauth.infoCreateVerification')); + // @codeCoverageIgnoreStart + if ($this->config->userVerification) + { + $this->sendVerification($userId, $email); + $this->info(lang('Aauth.infoCreateVerification')); - // return $userId; - // } + return $userId; + } + // @codeCoverageIgnoreEnd $this->info(lang('Aauth.infoCreateSuccess')); @@ -785,9 +843,9 @@ class Aauth * * @return boolean */ - public function updateUser(int $userId, $email = null, string $password = null, string $username = null) + public function updateUser(int $userId, string $email = null, string $password = null, string $username = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { @@ -838,9 +896,9 @@ class Aauth */ public function deleteUser(int $userId) { - $userModel = new UserModel(); - $groupToUserModel = new GroupToUserModel(); - $permToUserModel = new PermToUserModel(); + $userModel = $this->getModel('User'); + $groupToUserModel = $this->getModel('GroupToUser'); + $permToUserModel = $this->getModel('PermToUser'); if (! $userModel->existsById($userId)) { @@ -886,7 +944,7 @@ class Aauth */ public function listUsers($groupPar = null, int $limit = 0, int $offset = 0, bool $includeBanneds = null, string $orderBy = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $userModel->limit($limit, $offset); $userModel->select('id, email, username, banned, created_at, updated_at, last_activity, last_ip_address, last_login'); @@ -925,7 +983,7 @@ class Aauth */ public function listUsersPaginated($groupPar = null, int $limit = 10, bool $includeBanneds = null, string $orderBy = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $userModel->select('id, email, username, banned, created_at, updated_at, last_activity, last_ip_address, last_login'); @@ -966,7 +1024,7 @@ class Aauth protected function sendVerification(int $userId, string $email) { helper('text'); - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); // $emailService = \Config\Services::email(); $emailService = new PHPMailer; $verificationCode = sha1(strtotime('now')); @@ -1032,7 +1090,7 @@ class Aauth */ public function verifyUser(string $verificationCode) { - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); $userVariable = [ 'data_key' => 'verification_code', 'data_value' => $verificationCode, @@ -1057,16 +1115,16 @@ class Aauth * * Get user information * - * @param integer|boolean $userId User id to get or false for current user - * @param boolean $withVariables Whether to get user variables - * @param boolean $inclSystem Whether to get system user variables + * @param integer|boolean $userId User id to get or false for current user + * @param boolean $includeVariables Whether to get user variables + * @param boolean $systemVariables Whether to get system user variables * * @return object|boolean User information or false if user not found */ - public function getUser(int $userId = null, bool $withVariables = false, bool $inclSystem = false) + public function getUser(int $userId = null, bool $includeVariables = false, bool $systemVariables = false) { - $userModel = new UserModel(); - $userVariableModel = new UserVariableModel(); + $userModel = $this->getModel('User'); + $userVariableModel = $this->getModel('UserVariable'); $userModel->select('id, email, username, banned, created_at, updated_at, last_activity, last_ip_address, last_login'); @@ -1082,10 +1140,10 @@ class Aauth return false; } - if ($withVariables) + if ($includeVariables) { - $userVariableModel->select('data_key, data_value' . ($inclSystem ? ', system' : '')); - $variables = $userVariableModel->findAll($userId, $inclSystem); + $userVariableModel->select('data_key, data_value'); + $variables = $userVariableModel->findAll($userId, $systemVariables); $user['variables'] = $variables; } @@ -1104,7 +1162,7 @@ class Aauth */ public function getUserId(string $email = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $email) { @@ -1130,7 +1188,7 @@ class Aauth */ public function getActiveUsersCount() { - $userSessionModel = new UserSessionModel(); + $userSessionModel = $this->getModel('UserSession'); return count($userSessionModel->findAll()); } @@ -1146,7 +1204,7 @@ class Aauth */ public function listActiveUsers() { - $userSessionModel = new UserSessionModel(); + $userSessionModel = $this->getModel('UserSession'); $usersIds = []; @@ -1180,7 +1238,7 @@ class Aauth return []; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $userModel->select('id, email, username, banned, created_at, updated_at, last_activity, last_ip_address, last_login'); @@ -1198,7 +1256,7 @@ class Aauth */ public function isBanned(int $userId = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -1222,7 +1280,7 @@ class Aauth */ public function banUser(int $userId = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -1248,7 +1306,7 @@ class Aauth */ public function unbanUser(int $userId = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -1278,7 +1336,7 @@ class Aauth */ public function remindPassword(string $email) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $user = $userModel->where('email', $email)->getFirstRow('array')) { @@ -1287,7 +1345,7 @@ class Aauth return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); // $emailService = \Config\Services::email(); $emailService = new PHPMailer; $resetCode = sha1(strtotime('now')); @@ -1361,7 +1419,7 @@ class Aauth */ public function resetPassword(string $resetCode) { - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); $variable = [ 'data_key' => 'verification_code', 'data_value' => $resetCode, @@ -1376,7 +1434,7 @@ class Aauth } helper('text'); - $userModel = new UserModel(); + $userModel = $this->getModel('User'); $password = random_string('alnum', $this->config->passwordMin); if (! $user = $userModel->find($userVariable['user_id'])) @@ -1473,14 +1531,14 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); return $userVariableModel->save($userId, $key, $value); } @@ -1500,14 +1558,14 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); return $userVariableModel->delete($userId, $key); } @@ -1527,14 +1585,14 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); if (! $variable = $userVariableModel->find($userId, $key)) { @@ -1560,14 +1618,14 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); return $userVariableModel->findAll($userId); } @@ -1588,14 +1646,14 @@ class Aauth $userId = (int) @$this->session->user['id']; } - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); $userVariableModel->select('data_key as key'); return $userVariableModel->findAll($userId); @@ -1615,7 +1673,7 @@ class Aauth */ public function createGroup(string $name, string $definition = '') { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); $data['name'] = $name; $data['definition'] = $definition; @@ -1643,7 +1701,7 @@ class Aauth */ public function updateGroup($groupPar, string $name = null, string $definition = null) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); if (is_null($name) && is_null($definition)) { @@ -1689,10 +1747,10 @@ class Aauth */ public function deleteGroup($groupPar) { - $groupModel = new GroupModel(); - $groupToGroupModel = new GroupToGroupModel(); - $groupToUserModel = new GroupToUserModel(); - $permToGroupModel = new PermToGroupModel(); + $groupModel = $this->getModel('Group'); + $groupToGroupModel = $this->getModel('GroupToGroup'); + $groupToUserModel = $this->getModel('GroupToUser'); + $permToGroupModel = $this->getModel('PermToGroup'); if (! $groupId = $this->getGroupId($groupPar)) { @@ -1736,8 +1794,8 @@ class Aauth */ public function addMember($groupPar, int $userId) { - $userModel = new UserModel(); - $groupToUserModel = new GroupToUserModel(); + $userModel = $this->getModel('User'); + $groupToUserModel = $this->getModel('GroupToUser'); if (! $groupId = $this->getGroupId($groupPar)) { @@ -1771,7 +1829,7 @@ class Aauth */ public function removeMember($groupPar, int $userId) { - $groupToUserModel = new GroupToUserModel(); + $groupToUserModel = $this->getModel('GroupToUser'); $groupId = $this->getGroupId($groupPar); @@ -1787,14 +1845,14 @@ class Aauth */ public function getUserGroups($userId) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $groupToUserModel = new GroupToUserModel(); + $groupToUserModel = $this->getModel('GroupToUser'); return $groupToUserModel->findAllByUserId($userId); } @@ -1803,19 +1861,20 @@ class Aauth * Get User Perms * * @param integer|string $userId User id + * @param integer $state State * * @return boolean|array */ - public function getUserPerms($userId, $state = null) + public function getUserPerms($userId, int $state = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userModel->existsById($userId)) { return false; } - $permToUserModel = new PermToUserModel(); + $permToUserModel = $this->getModel('PermToUser'); return $permToUserModel->findAllByUserId($userId, $state); } @@ -1830,8 +1889,8 @@ class Aauth */ public function addSubgroup($groupPar, $subgroupPar) { - $groupModel = new GroupModel(); - $groupToGroupModel = new GroupToGroupModel(); + $groupModel = $this->getModel('Group'); + $groupToGroupModel = $this->getModel('GroupToGroup'); if (! $groupId = $this->getGroupId($groupPar)) { @@ -1891,7 +1950,7 @@ class Aauth */ public function removeSubgroup($groupPar, $subgroupPar) { - $groupToGroupModel = new GroupToGroupModel(); + $groupToGroupModel = $this->getModel('GroupToGroup'); $groupId = $this->getGroupId($groupPar); $subgroupId = $this->getGroupId($subgroupPar); @@ -1907,14 +1966,14 @@ class Aauth */ public function getSubgroups($groupPar) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupToGroupModel = new GroupToGroupModel(); + $groupToGroupModel = $this->getModel('GroupToGroup'); return $groupToGroupModel->findAllByGroupId($groupId); } @@ -1934,7 +1993,7 @@ class Aauth return false; } - $permToGroupModel = new PermToGroupModel(); + $permToGroupModel = $this->getModel('PermToGroup'); return $permToGroupModel->findAllByGroupId($groupId, $state); } @@ -1948,7 +2007,7 @@ class Aauth */ public function removeMemberFromAll(int $userId) { - $groupToUserModel = new GroupToUserModel(); + $groupToUserModel = $this->getModel('GroupToUser'); return $groupToUserModel->deleteAllByUserId($userId); } @@ -1960,7 +2019,7 @@ class Aauth */ public function listGroups() { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); return $groupModel->findAll(); } @@ -1977,7 +2036,7 @@ class Aauth */ public function listGroupsPaginated(int $limit = 10, string $orderBy = null) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); if (! is_null($orderBy)) { @@ -1997,9 +2056,9 @@ class Aauth * * @return string */ - public function getGroupName($groupId) + public function getGroupName(int $groupId) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); if (! $group = $groupModel->find($groupId)) { @@ -2016,7 +2075,7 @@ class Aauth * * @return integer */ - public function getGroupId($groupPar) + public function getGroupId(string $groupPar) { if (is_numeric($groupPar)) { @@ -2043,11 +2102,11 @@ class Aauth * * @param integer|string $groupPar Group id or name to get * - * @return integer + * @return array */ public function getGroup($groupPar) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); if (! $groupId = $this->getGroupId($groupPar)) { @@ -2066,7 +2125,7 @@ class Aauth */ public function listUserGroups(int $userId = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -2078,7 +2137,7 @@ class Aauth return false; } - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); $groupModel->select('id, name, definition'); $groupModel->join($this->config->dbTableGroupToUser, $this->config->dbTableGroups . '.id = ' . $this->config->dbTableGroupToUser . '.group_id'); @@ -2100,7 +2159,7 @@ class Aauth */ public function listUserGroupsPaginated(int $userId = null, int $limit = 10, string $orderBy = null) { - $userModel = new UserModel(); + $userModel = $this->getModel('User'); if (! $userId) { @@ -2112,7 +2171,7 @@ class Aauth return false; } - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); $groupModel->select('id, name, definition'); $groupModel->join($this->config->dbTableGroupToUser, $this->config->dbTableGroups . '.id = ' . $this->config->dbTableGroupToUser . '.group_id'); @@ -2137,20 +2196,20 @@ class Aauth * * @param string $key * @param string $value - * @param integer $groupId Group id + * @param integer $groupPar Group name or id * * @return boolean */ - public function setGroupVar(string $key, string $value, int $groupId) + public function setGroupVar(string $key, string $value, string $groupPar) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); - if (! $groupModel->existsById($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupVariableModel = new GroupVariableModel(); + $groupVariableModel = $this->getModel('GroupVariable'); return $groupVariableModel->save($groupId, $key, $value); } @@ -2159,20 +2218,20 @@ class Aauth * Unset Group Variable as key value * * @param string $key - * @param integer $groupId Group id + * @param integer $groupPar Group name or id * * @return boolean */ - public function unsetGroupVar(string $key, int $groupId) + public function unsetGroupVar(string $key, string $groupPar) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); - if (! $groupModel->existsById($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupVariableModel = new GroupVariableModel(); + $groupVariableModel = $this->getModel('GroupVariable'); return $groupVariableModel->delete($groupId, $key); } @@ -2180,21 +2239,21 @@ class Aauth /** * Get Group Variable by key * - * @param string $key Variable Key - * @param integer $groupId Group id + * @param string $key Variable Key + * @param integer $groupPar Group name or id * * @return boolean|string */ - public function getGroupVar(string $key, int $groupId) + public function getGroupVar(string $key, string $groupPar) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); - if (! $groupModel->existsById($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupVariableModel = new GroupVariableModel(); + $groupVariableModel = $this->getModel('GroupVariable'); if (! $variable = $groupVariableModel->find($groupId, $key)) { @@ -2209,20 +2268,20 @@ class Aauth * * Return array with all group keys & variables * - * @param integer $groupId Group id + * @param integer $groupPar Group name or id * * @return array */ - public function getGroupVars(int $groupId = null) + public function getGroupVars(string $groupPar = null) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); - if (! $groupModel->existsById($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupVariableModel = new GroupVariableModel(); + $groupVariableModel = $this->getModel('GroupVariable'); return $groupVariableModel->findAll($groupId); } @@ -2232,20 +2291,20 @@ class Aauth * * Return array of variable keys or false * - * @param integer $groupId Group id + * @param integer $groupPar Group name or id * * @return boolean|array */ - public function listGroupVarKeys(int $groupId = null) + public function listGroupVarKeys(string $groupPar = null) { - $groupModel = new GroupModel(); + $groupModel = $this->getModel('Group'); - if (! $groupModel->existsById($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $groupVariableModel = new GroupVariableModel(); + $groupVariableModel = $this->getModel('GroupVariable'); $groupVariableModel->select('data_key as key'); return $groupVariableModel->findAll($groupId); @@ -2267,7 +2326,7 @@ class Aauth */ public function createPerm(string $name, string $definition = '') { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); $data['name'] = $name; $data['definition'] = $definition; @@ -2297,7 +2356,7 @@ class Aauth */ public function updatePerm($permPar, string $name = null, string $definition = null) { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); if (is_null($name) && is_null($definition)) { @@ -2345,9 +2404,9 @@ class Aauth */ public function deletePerm($permPar) { - $permModel = new PermModel(); - $permToGroupModel = new PermToGroupModel(); - $permToUserModel = new PermToUserModel(); + $permModel = $this->getModel('Perm'); + $permToGroupModel = $this->getModel('PermToGroup'); + $permToUserModel = $this->getModel('PermToUser'); if (! $permId = $this->getPermId($permPar)) { @@ -2389,8 +2448,8 @@ class Aauth */ public function allowUser($permPar, int $userId) { - $userModel = new UserModel(); - $permToUserModel = new PermToUserModel(); + $userModel = $this->getModel('User'); + $permToUserModel = $this->getModel('PermToUser'); if (! $permId = $this->getPermId($permPar)) { @@ -2422,8 +2481,8 @@ class Aauth */ public function denyUser($permPar, int $userId) { - $userModel = new UserModel(); - $permToUserModel = new PermToUserModel(); + $userModel = $this->getModel('User'); + $permToUserModel = $this->getModel('PermToUser'); if (! $permId = $this->getPermId($permPar)) { @@ -2445,6 +2504,35 @@ class Aauth return $permToUserModel->save($permId, $userId, 0); } + /** + * Remove User Perm + * + * @param integer|string $permPar Permission id or perm name + * @param integer $userId User id to deny + * + * @return boolean + */ + public function removeUserPerm($permPar, int $userId) + { + $userModel = $this->getModel('User'); + $permToUserModel = $this->getModel('PermToUser'); + + if (! $permId = $this->getPermId($permPar)) + { + $this->error(lang('Aauth.notFoundPerm')); + + return false; + } + else if (! $userModel->existsById($userId)) + { + $this->error(lang('Aauth.notFoundUser')); + + return false; + } + + return $permToUserModel->delete($permId, $userId); + } + /** * Allow Group * @@ -2457,7 +2545,7 @@ class Aauth */ public function allowGroup($permPar, $groupPar) { - $permToGroupModel = new PermToGroupModel(); + $permToGroupModel = $this->getModel('PermToGroup'); if (! $permId = $this->getPermId($permPar)) { @@ -2491,7 +2579,7 @@ class Aauth */ public function denyGroup($permPar, $groupPar) { - $permToGroupModel = new PermToGroupModel(); + $permToGroupModel = $this->getModel('PermToGroup'); if (! $permId = $this->getPermId($permPar)) { @@ -2513,6 +2601,36 @@ class Aauth return $permToGroupModel->save($permId, $groupId, 0); } + /** + * Remove Group Perm + * + * Remove group from permission + * + * @param integer|string $permPar Permission id or perm name + * @param integer|string $groupPar Group id or name to deny + * + * @return boolean + */ + public function removeGroupPerm($permPar, $groupPar) + { + $permToGroupModel = $this->getModel('PermToGroup'); + + if (! $permId = $this->getPermId($permPar)) + { + $this->error(lang('Aauth.notFoundPerm')); + + return false; + } + if (! $groupId = $this->getGroupId($groupPar)) + { + $this->error(lang('Aauth.notFoundGroup')); + + return false; + } + + return $permToGroupModel->delete($permId, $groupId); + } + /** * List Permissions * @@ -2522,7 +2640,7 @@ class Aauth */ public function listPerms() { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); return $permModel->findAll(); } @@ -2539,7 +2657,7 @@ class Aauth */ public function listPermsPaginated(int $limit = 10, string $orderBy = null) { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); if (! is_null($orderBy)) { @@ -2557,7 +2675,7 @@ class Aauth * * @param integer|string $permPar Permission id or name to get * - * @return integer Permission id or NULL if perm does not exist + * @return boolean|integer Permission id or FALSE if perm does not exist */ public function getPermId($permPar) { @@ -2592,7 +2710,7 @@ class Aauth */ public function getPerm($permPar) { - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); if (! $permId = $this->getPermId($permPar)) { @@ -2616,7 +2734,7 @@ class Aauth return false; } - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); $permModel->select('id, name, definition, state'); $permModel->join($this->config->dbTablePermToGroup, $this->config->dbTablePerms . '.id = ' . $this->config->dbTablePermToGroup . '.perm_id'); @@ -2637,14 +2755,14 @@ class Aauth * * @return boolean|array */ - public function listGroupPermsPaginated(int $groupId, int $limit = 10, string $orderBy = null) + public function listGroupPermsPaginated(string $groupPar, int $limit = 10, string $orderBy = null) { - if (! $groupId = $this->getGroupId($groupId)) + if (! $groupId = $this->getGroupId($groupPar)) { return false; } - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); $permModel->select('id, name, definition, state'); $permModel->join($this->config->dbTablePermToGroup, $this->config->dbTablePerms . '.id = ' . $this->config->dbTablePermToGroup . '.perm_id'); @@ -2680,11 +2798,10 @@ class Aauth return false; } - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); $permModel->select('id, name, definition, state'); - $permModel->join($this->config->dbTablePermToUser, $this->config->dbTablePerms . '.id = ' . $this->config->dbTablePermToUser . '.perm_id'); - $permModel->where($this->config->dbTablePermToUser . '.user_id', $userId); + $permModel->join($this->config->dbTablePermToUser, '(' . $this->config->dbTablePerms . '.id = ' . $this->config->dbTablePermToUser . '.perm_id AND ' . $this->config->dbTablePermToUser . '.user_id = ' . $userId . ')', 'left'); return $permModel->get()->getResult('array'); } @@ -2713,7 +2830,7 @@ class Aauth return false; } - $permModel = new PermModel(); + $permModel = $this->getModel('Perm'); $permModel->select('id, name, definition, state'); $permModel->join($this->config->dbTablePermToUser, $this->config->dbTablePerms . '.id = ' . $this->config->dbTablePermToUser . '.perm_id'); @@ -2958,6 +3075,44 @@ class Aauth $this->session->remove('infos'); } + //-------------------------------------------------------------------- + // Utility Functions + //-------------------------------------------------------------------- + + /** + * Get Model + * + * @param string $model Model name + * + * @return object + */ + public function getModel(string $model) + { + if (strpos($model, '_')) + { + $model = str_replace('_', '', ucwords($model, '_')); + } + else if (strpos($model, ' ')) + { + $model = str_replace(' ', '', ucwords($model)); + } + if (! strpos($model, 'Model')) + { + $model .= 'Model'; + } + + $model = '\App\Models\Aauth\\' . $model; + + if (class_exists($model)) + { + return new $model(); + } + else + { + return false; + } + } + /** * Provides direct access to method in the builder (if available) * and the database connection. diff --git a/app/Libraries/Aauth/CAPTCHA.php b/app/Libraries/Aauth/CAPTCHA.php index b6e2fef..6e204d0 100644 --- a/app/Libraries/Aauth/CAPTCHA.php +++ b/app/Libraries/Aauth/CAPTCHA.php @@ -18,8 +18,6 @@ namespace App\Libraries\Aauth; -use \App\Models\Aauth\LoginAttemptModel; - /** * Aauth CAPTCHA * @@ -39,7 +37,7 @@ class CAPTCHA extends \App\Libraries\Aauth * * @return array */ - public function verifyCaptchaResponse($response) + public function verifyCaptchaResponse(string $response) { if ($response === null || strlen($response) === 0) { @@ -129,7 +127,7 @@ class CAPTCHA extends \App\Libraries\Aauth */ public function isCaptchaRequired() { - $loginAttemptModel = new LoginAttemptModel(); + $loginAttemptModel = $this->getModel('LoginAttempt'); return $loginAttemptModel->find() >= $this->config->captchaLoginAttempts; } @@ -144,7 +142,7 @@ class CAPTCHA extends \App\Libraries\Aauth * * @return string */ - private function _submitGet($url, $data) + private function _submitGet(string $url, array $data) { $client = \Config\Services::curlrequest(); $response = $client->request('GET', $url, [ @@ -164,7 +162,7 @@ class CAPTCHA extends \App\Libraries\Aauth * * @return string */ - private function _submitPost($url, $data) + private function _submitPost(string $url, array $data) { $client = \Config\Services::curlrequest(); $response = $client->request('POST', $url, [ diff --git a/app/Libraries/Aauth/TOTP.php b/app/Libraries/Aauth/TOTP.php index 131d0d5..7bbe598 100644 --- a/app/Libraries/Aauth/TOTP.php +++ b/app/Libraries/Aauth/TOTP.php @@ -18,8 +18,6 @@ namespace App\Libraries\Aauth; -use \App\Models\Aauth\UserVariableModel; - use OTPHP\TOTP as OTPHP_TOTP; /** @@ -46,7 +44,7 @@ class TOTP extends \App\Libraries\Aauth $userId = (int) @$this->session->user['id']; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); return $userVariableModel->save($userId, 'totp_secret', $secret, true); } @@ -60,7 +58,7 @@ class TOTP extends \App\Libraries\Aauth { $endSecret = false; - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); while (! $endSecret) { @@ -81,6 +79,7 @@ class TOTP extends \App\Libraries\Aauth * Generate TOTP QR Code URI by Secret * * @param string $secret Secret Key + * @param string $label Label * * @return string */ @@ -107,7 +106,7 @@ class TOTP extends \App\Libraries\Aauth $userId = (int) @$this->session->user['id']; } - $userVariableModel = new UserVariableModel(); + $userVariableModel = $this->getModel('UserVariable'); if ($totpSecret = $userVariableModel->find($userId, 'totp_secret', true)) { diff --git a/app/Models/Aauth/GroupToGroupModel.php b/app/Models/Aauth/GroupToGroupModel.php index 95885bd..fa43e6f 100644 --- a/app/Models/Aauth/GroupToGroupModel.php +++ b/app/Models/Aauth/GroupToGroupModel.php @@ -156,9 +156,7 @@ class GroupToGroupModel $data['group_id'] = $groupId; $data['subgroup_id'] = $subgroupId; - $builder->insert($data); - - return true; + return (bool) $builder->insert($data)->resultID; } /** @@ -174,9 +172,8 @@ class GroupToGroupModel $builder = $this->builder(); $builder->where('group_id', $groupId); $builder->where('subgroup_id', $subgroupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -190,9 +187,8 @@ class GroupToGroupModel { $builder = $this->builder(); $builder->where('group_id', $groupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -206,9 +202,8 @@ class GroupToGroupModel { $builder = $this->builder(); $builder->where('subgroup_id', $subgroupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** diff --git a/app/Models/Aauth/GroupToUserModel.php b/app/Models/Aauth/GroupToUserModel.php index 4c09dad..304f630 100644 --- a/app/Models/Aauth/GroupToUserModel.php +++ b/app/Models/Aauth/GroupToUserModel.php @@ -137,6 +137,7 @@ class GroupToUserModel $builder->where('group_id', $groupId); $builder->where('user_id', $userId); + return ($builder->countAllResults() ? true : false); } @@ -155,9 +156,7 @@ class GroupToUserModel $data['group_id'] = $groupId; $data['user_id'] = $userId; - $builder->insert($data); - - return true; + return (bool) $builder->insert($data)->resultID; } /** @@ -173,9 +172,8 @@ class GroupToUserModel $builder = $this->builder(); $builder->where('group_id', $groupId); $builder->where('user_id', $userId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -189,9 +187,8 @@ class GroupToUserModel { $builder = $this->builder(); $builder->where('group_id', $groupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -205,9 +202,8 @@ class GroupToUserModel { $builder = $this->builder(); $builder->where('user_id', $userId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** diff --git a/app/Models/Aauth/GroupVariableModel.php b/app/Models/Aauth/GroupVariableModel.php index 1242b79..5a6c17d 100644 --- a/app/Models/Aauth/GroupVariableModel.php +++ b/app/Models/Aauth/GroupVariableModel.php @@ -205,9 +205,7 @@ class GroupVariableModel $data['created_at'] = date('Y-m-d H:i:s'); $data['updated_at'] = date('Y-m-d H:i:s'); - $builder->insert($data); - - return true; + return $builder->insert($data)->resultID; } /** @@ -248,9 +246,8 @@ class GroupVariableModel $builder->where('group_id', $groupId); $builder->where('data_key', $dataKey); $builder->where('system', ($system ? 1 : 0)); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -264,9 +261,8 @@ class GroupVariableModel { $builder = $this->builder(); $builder->where('group_id', $groupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } //-------------------------------------------------------------------- diff --git a/app/Models/Aauth/LoginTokenModel.php b/app/Models/Aauth/LoginTokenModel.php index 7d45bb7..45b4747 100644 --- a/app/Models/Aauth/LoginTokenModel.php +++ b/app/Models/Aauth/LoginTokenModel.php @@ -92,7 +92,7 @@ class LoginTokenModel } /** - * Get all Login Tokens by User ID + * Find all Login Tokens by User ID * * @param integer $userId User id * @@ -108,7 +108,7 @@ class LoginTokenModel } /** - * Updates Login Token + * Insert Login Token * * @param array $data Array with data * @@ -122,17 +122,15 @@ class LoginTokenModel $data['expires_at'] = date('Y-m-d H:i:s', strtotime($this->config->loginRemember)); $data['updated_at'] = date('Y-m-d H:i:s'); - $builder->insert($data); - - return true; + return $builder->insert($data)->resultID; } /** - * Updates Login Token by tokenId + * Update Login Token by tokenId * * @param integer $tokenId Login Token id * - * @return BaseBuilder + * @return boolean */ public function update(int $tokenId) { @@ -157,9 +155,8 @@ class LoginTokenModel $builder = $this->builder(); $builder->where('user_id', $userId); $builder->where('expires_at <', date('Y-m-d H:i:s')); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -173,9 +170,8 @@ class LoginTokenModel { $builder = $this->builder(); $builder->where('user_id', $userId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** diff --git a/app/Models/Aauth/PermModel.php b/app/Models/Aauth/PermModel.php index aff1db1..6887973 100644 --- a/app/Models/Aauth/PermModel.php +++ b/app/Models/Aauth/PermModel.php @@ -103,7 +103,7 @@ class PermModel extends Model * * @param string $name Perm name * - * @return boolean + * @return string|boolean */ public function getByName(string $name) { diff --git a/app/Models/Aauth/PermToGroupModel.php b/app/Models/Aauth/PermToGroupModel.php index 014cb08..3d6700d 100644 --- a/app/Models/Aauth/PermToGroupModel.php +++ b/app/Models/Aauth/PermToGroupModel.php @@ -194,16 +194,29 @@ class PermToGroupModel $data['group_id'] = $groupId; $data['state'] = $state; - $builder->insert($data); + return $builder->insert($data)->resultID; } - else - { - $data['state'] = $state; - $builder->update($data, ['perm_id' => $permId, 'group_id' => $groupId]); - } + $data['state'] = $state; + + return $builder->update($data, ['perm_id' => $permId, 'group_id' => $groupId]); + } + + /** + * Deletes by Perm Id and Group Id + * + * @param integer $permId Perm Id + * @param integer $groupId Group Id + * + * @return boolean + */ + public function delete(int $permId, int $groupId) + { + $builder = $this->builder(); + $builder->where('perm_id', $permId); + $builder->where('group_id', $groupId); - return true; + return $builder->delete()->resultID; } /** @@ -217,9 +230,8 @@ class PermToGroupModel { $builder = $this->builder(); $builder->where('perm_id', $permId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -233,9 +245,8 @@ class PermToGroupModel { $builder = $this->builder(); $builder->where('group_id', $groupId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** diff --git a/app/Models/Aauth/PermToUserModel.php b/app/Models/Aauth/PermToUserModel.php index f56a723..54a6dd7 100644 --- a/app/Models/Aauth/PermToUserModel.php +++ b/app/Models/Aauth/PermToUserModel.php @@ -92,10 +92,10 @@ class PermToUserModel } /** - * Get all Perm Ids by User Id + * Get all Perm Ids by User Id and optional State * * @param integer $userId User Id - * @param integer|null $state State (0 = denied, 1 = allowed) + * @param integer|null $state Optional State (0 = denied, 1 = allowed) * * @return array|null */ @@ -194,16 +194,29 @@ class PermToUserModel $data['user_id'] = $userId; $data['state'] = $state; - $builder->insert($data); + return $builder->insert($data)->resultID; } - else - { - $data['state'] = $state; - $builder->update($data, ['perm_id' => $permId, 'user_id' => $userId]); - } + $data['state'] = $state; + + return $builder->update($data, ['perm_id' => $permId, 'user_id' => $userId]); + } + + /** + * Deletes by Perm Id and User Id + * + * @param integer $permId Perm Id + * @param integer $userId User Id + * + * @return boolean + */ + public function delete(int $permId, int $userId) + { + $builder = $this->builder(); + $builder->where('perm_id', $permId); + $builder->where('user_id', $userId); - return true; + return $builder->delete()->resultID; } /** @@ -217,9 +230,8 @@ class PermToUserModel { $builder = $this->builder(); $builder->where('perm_id', $permId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -233,9 +245,8 @@ class PermToUserModel { $builder = $this->builder(); $builder->where('user_id', $userId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** diff --git a/app/Models/Aauth/UserModel.php b/app/Models/Aauth/UserModel.php index 5acfbe5..7202236 100644 --- a/app/Models/Aauth/UserModel.php +++ b/app/Models/Aauth/UserModel.php @@ -207,12 +207,7 @@ class UserModel extends Model $builder->where($this->primaryKey, $userId); $builder->where('banned', 1); - if ($builder->get()->getFirstRow()) - { - return true; - } - - return false; + return ($builder->countAllResults() ? true : false); } /** @@ -232,6 +227,7 @@ class UserModel extends Model } $builder->where($this->primaryKey, $userId); + return ($builder->countAllResults() ? true : false); } diff --git a/app/Models/Aauth/UserSessionModel.php b/app/Models/Aauth/UserSessionModel.php index e513ba1..dbdb698 100644 --- a/app/Models/Aauth/UserSessionModel.php +++ b/app/Models/Aauth/UserSessionModel.php @@ -110,10 +110,7 @@ class UserSessionModel /** * Find all active user sessions * - * @param integer $userId User id - * @param boolean $system Whether system variable - * - * @return object + * @return array */ public function findAll() { @@ -128,17 +125,16 @@ class UserSessionModel /** * Delete User Session * - * @param integer $id Session id + * @param string $id Session id * * @return boolean */ - public function delete($id) + public function delete(string $id) { $builder = $this->builder(); $builder->where('id', $id); - $builder->delete(); - return true; + return $builder->delete()->resultID; } //-------------------------------------------------------------------- @@ -148,7 +144,7 @@ class UserSessionModel /** * Sets the return type of the results to be as an associative array. * - * @return Model + * @return UserSessionModel */ public function asArray() { @@ -165,7 +161,7 @@ class UserSessionModel * * @param string $class Class * - * @return Model + * @return UserSessionModel */ public function asObject(string $class = 'object') { @@ -220,7 +216,7 @@ class UserSessionModel * @param string $name Name * @param array $params Params * - * @return Model|null + * @return UserSessionModel|null */ public function __call(string $name, array $params) { diff --git a/app/Models/Aauth/UserVariableModel.php b/app/Models/Aauth/UserVariableModel.php index b34d784..4aedcc4 100644 --- a/app/Models/Aauth/UserVariableModel.php +++ b/app/Models/Aauth/UserVariableModel.php @@ -142,7 +142,7 @@ class UserVariableModel * @param integer $userId User id * @param boolean $system Whether system variable * - * @return object + * @return array */ public function findAll(int $userId, bool $system = null) { @@ -163,7 +163,7 @@ class UserVariableModel * @param string $dataValue Value of variable * @param boolean $system Whether system variable * - * @return BaseBuilder + * @return boolean */ public function save(int $userId, string $dataKey, string $dataValue, bool $system = null) { @@ -174,14 +174,10 @@ class UserVariableModel if ($builder->countAllResults()) { - $response = $this->update($userId, $dataKey, $dataValue, $system); - } - else - { - $response = $this->insert($userId, $dataKey, $dataValue, $system); + return $this->update($userId, $dataKey, $dataValue, $system); } - return $response; + return $this->insert($userId, $dataKey, $dataValue, $system); } /** @@ -205,9 +201,7 @@ class UserVariableModel $data['created_at'] = date('Y-m-d H:i:s'); $data['updated_at'] = date('Y-m-d H:i:s'); - $builder->insert($data); - - return true; + return $builder->insert($data)->resultID; } /** @@ -248,9 +242,8 @@ class UserVariableModel $builder->where('user_id', $userId); $builder->where('data_key', $dataKey); $builder->where('system', ($system ? 1 : 0)); - $builder->delete(); - return true; + return $builder->delete()->resultID; } /** @@ -264,9 +257,8 @@ class UserVariableModel { $builder = $this->builder(); $builder->where('user_id', $userId); - $builder->delete(); - return true; + return $builder->delete()->resultID; } //-------------------------------------------------------------------- diff --git a/tests/Aauth/Database/PermToGroupModelTest.php b/tests/Aauth/Database/PermToGroupModelTest.php index 9690c8d..a83791b 100644 --- a/tests/Aauth/Database/PermToGroupModelTest.php +++ b/tests/Aauth/Database/PermToGroupModelTest.php @@ -90,6 +90,21 @@ class PermToGroupModelTest extends CIDatabaseTestCase $this->assertCount(1, $permToGroups); } + public function testDelete() + { + $this->hasInDatabase($this->config->dbTablePermToGroup, [ + 'perm_id' => 99, + 'group_id' => 99, + ]); + $criteria = [ + 'perm_id' => 99, + 'group_id' => 99, + ]; + $this->seeNumRecords(1, $this->config->dbTablePermToGroup, $criteria); + $this->model->delete(99, 99); + $this->seeNumRecords(0, $this->config->dbTablePermToGroup, $criteria); + } + public function testDeleteAllByPermId() { $this->hasInDatabase($this->config->dbTablePermToGroup, [ diff --git a/tests/Aauth/Database/PermToUserModelTest.php b/tests/Aauth/Database/PermToUserModelTest.php index 629d87a..5b0662b 100644 --- a/tests/Aauth/Database/PermToUserModelTest.php +++ b/tests/Aauth/Database/PermToUserModelTest.php @@ -90,6 +90,21 @@ class PermToUserModelTest extends CIDatabaseTestCase $this->assertCount(1, $permToUsers); } + public function testDelete() + { + $this->hasInDatabase($this->config->dbTablePermToUser, [ + 'perm_id' => 99, + 'user_id' => 99, + ]); + $criteria = [ + 'perm_id' => 99, + 'user_id' => 99, + ]; + $this->seeNumRecords(1, $this->config->dbTablePermToUser, $criteria); + $this->model->delete(99, 99); + $this->seeNumRecords(0, $this->config->dbTablePermToUser, $criteria); + } + public function testDeleteAllByPermId() { $this->hasInDatabase($this->config->dbTablePermToUser, [ diff --git a/tests/Aauth/Libraries/Aauth/AccessTest.php b/tests/Aauth/Libraries/Aauth/AccessTest.php index 229fd54..5f56aa4 100644 --- a/tests/Aauth/Libraries/Aauth/AccessTest.php +++ b/tests/Aauth/Libraries/Aauth/AccessTest.php @@ -98,6 +98,8 @@ class AccessTest extends CIDatabaseTestCase 'loggedIn' => true, ]); $this->assertTrue($this->library->isMember($config->groupDefault)); + + $this->assertFalse($this->library->isMember('not_existing_group')); $session->remove('user'); } @@ -168,13 +170,108 @@ class AccessTest extends CIDatabaseTestCase 'loggedIn' => true, 'totp_required' => true, ]); - $this->assertTrue($this->library->isAllowed('testPerm1') instanceof \CodeIgniter\HTTP\RedirectResponse); + + $this->assertTrue($this->library->isAllowed('testPerm1') instanceof \Tests\Support\HTTP\MockResponse); $session->remove('user'); $this->assertFalse($this->library->isAllowed('testPerm99', 2)); $this->assertFalse($this->library->isAllowed('testPerm1', 99)); } + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + */ + public function testControl() + { + $config = new AauthConfig(); + $this->hasInDatabase($config->dbTablePerms, [ + 'id' => 1, + 'name' => 'testPerm1', + 'definition' => 'Test Perm 1', + ]); + + $session = $this->getInstance(); + $this->library = new Aauth(null, $session); + + $session->set('user', [ + 'id' => 1, + 'loggedIn' => true, + ]); + $this->assertTrue($this->library->control('testPerm1')); + $session->remove('user'); + + $config->linkNoPermission = '/noAccess'; + $session = $this->getInstance(); + $this->library = new Aauth($config, $session); + $session->set('user', [ + 'id' => 2, + 'loggedIn' => true, + ]); + $this->assertTrue($this->library->control('testPerm1') instanceof \Tests\Support\HTTP\MockResponse); + $session->remove('user'); + + $session = $this->getInstance(); + $config->totpEnabled = true; + $this->library = new Aauth($config, $session); + $session->set('user', [ + 'id' => 2, + 'loggedIn' => true, + 'totp_required' => true, + ]); + + $this->assertTrue($this->library->control('testPerm1') instanceof \Tests\Support\HTTP\MockResponse); + $session->remove('user'); + + $session = $this->getInstance(); + $this->library = new Aauth(null, $session); + $this->assertFalse($this->library->control('testPerm1')); + $this->assertFalse($this->library->control()); + + $config = new AauthConfig(); + $config->linkNoPermission = '/noAccess'; + $this->library = new Aauth($config, $session); + $this->assertTrue($this->library->control() instanceof \Tests\Support\HTTP\MockResponse); + } + + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + */ + public function testControlErrorNoPerm($value = '') + { + $session = $this->getInstance(); + $config = new AauthConfig(); + + $config->linkNoPermission = 'error'; + + $this->library = new Aauth($config, $session); + $this->expectException('ErrorException'); + $this->assertFalse($this->library->control()); + } + + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + */ + public function testControlErrorPermDenied($value = '') + { + $session = $this->getInstance(); + $config = new AauthConfig(); + + $this->hasInDatabase($config->dbTablePerms, [ + 'id' => 1, + 'name' => 'testPerm1', + 'definition' => 'Test Perm 1', + ]); + + $config->linkNoPermission = 'error'; + + $this->library = new Aauth($config, $session); + $this->expectException('ErrorException'); + $this->assertFalse($this->library->control('testPerm1')); + } + /** * @runInSeparateProcess * @preserveGlobalState disabled diff --git a/tests/Aauth/Libraries/Aauth/CallTest.php b/tests/Aauth/Libraries/Aauth/CallTest.php deleted file mode 100644 index ab89c01..0000000 --- a/tests/Aauth/Libraries/Aauth/CallTest.php +++ /dev/null @@ -1,21 +0,0 @@ -library = new Aauth(); - } - - //-------------------------------------------------------------------- - - public function testFailCall() - { - $this->expectException('ErrorException'); // Or whichever exception it is - $this->library->getNotExistingFunc(); - } -} diff --git a/tests/Aauth/Libraries/Aauth/LoginTest.php b/tests/Aauth/Libraries/Aauth/LoginTest.php index c2c6816..c4ac70e 100644 --- a/tests/Aauth/Libraries/Aauth/LoginTest.php +++ b/tests/Aauth/Libraries/Aauth/LoginTest.php @@ -37,7 +37,7 @@ class LoginTest extends CIDatabaseTestCase $this->request = new IncomingRequest(new App(), new URI(), null, new UserAgent()); Services::injectMock('request', $this->request); - $this->library = new Aauth(null, true); + $this->library = new Aauth(null); $_COOKIE = []; $_SESSION = []; } diff --git a/tests/Aauth/Libraries/Aauth/UtilityTest.php b/tests/Aauth/Libraries/Aauth/UtilityTest.php new file mode 100644 index 0000000..87967e0 --- /dev/null +++ b/tests/Aauth/Libraries/Aauth/UtilityTest.php @@ -0,0 +1,28 @@ +library = new Aauth(null, true); + } + + //-------------------------------------------------------------------- + + public function testFailModel() + { + $this->assertInstanceOf('\App\Models\Aauth\GroupToUserModel', $this->library->getModel('group to user')); + $this->assertInstanceOf('\App\Models\Aauth\GroupToUserModel', $this->library->getModel('group_to_user')); + $this->assertFalse($this->library->getModel('NotExisting')); + } + + public function testFailCall() + { + $this->expectException('ErrorException'); + $this->library->getNotExistingFunc(); + } +}