change session admin auth variable to constant

2022-11-24 20:17:50 +01:00 · 2022-11-24 20:17:50 +01:00 · 77eca02079
Parent 331a05b080
--- a/src/Application/Controller/Admin/d3force_2fa.php
+++ b/src/Application/Controller/Admin/d3force_2fa.php
@ -4,6 +4,7 @@ declare(strict_types=1);

 namespace D3\Totp\Application\Controller\Admin;

+use D3\Totp\Application\Model\d3totp_conf;
 use OxidEsales\Eshop\Core\Registry;
 use OxidEsales\Eshop\Core\Session;

@ -13,7 +14,7 @@ class d3force_2fa extends d3user_totp
    {
        $this->addTplParam('force2FA', true);

-        $userID = $this->d3TotpGetSessionObject()->getVariable("auth");
+        $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
        $this->_sEditObjectId = $userID;

        return parent::render();
@ -22,7 +23,7 @@ class d3force_2fa extends d3user_totp

    protected function _authorize()
    {
-        $userID = $this->d3TotpGetSessionObject()->getVariable("auth");
+        $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);

        return ($this->d3IsAdminForce2FA() && !empty($userID));
    }
--- a/src/Modules/Core/d3_totp_utils.php
+++ b/src/Modules/Core/d3_totp_utils.php
@ -34,7 +34,7 @@ class d3_totp_utils extends d3_totp_utils_parent
    {
        $blAuth = parent::checkAccessRights();
        $blAuth = $this->d3AuthHook($blAuth);
-        $userID = $this->d3TotpGetSessionObject()->getVariable("auth");
+        $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
        $totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH);
        /** @var d3totp $totp */
        $totp = $this->d3GetTotpObject();
--- a/src/Modules/Core/totpSystemEventHandler.php
+++ b/src/Modules/Core/totpSystemEventHandler.php
@ -34,7 +34,7 @@ class totpSystemEventHandler extends totpSystemEventHandler_parent
    protected function d3requestTotp()
    {
        $totp = $this->d3GetTotpObject();
-        $userId = $this->d3TotpGetSession()->getVariable('auth');
+        $userId = $this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
        $totp->loadByUserId($userId);

        if ($this->d3TotpLoginMissing($totp)) {
--- a/src/tests/unit/Application/Controller/Admin/d3force_2faTest.php
+++ b/src/tests/unit/Application/Controller/Admin/d3force_2faTest.php
@ -3,6 +3,7 @@
 namespace D3\Totp\tests\unit\Application\Controller\Admin;

 use D3\Totp\Application\Controller\Admin\d3force_2fa;
+use D3\Totp\Application\Model\d3totp_conf;
 use OxidEsales\Eshop\Core\Registry;
 use OxidEsales\Eshop\Core\Session;
 use PHPUnit\Framework\MockObject\MockObject;
@ -27,7 +28,7 @@ class d3force_2faTest extends d3user_totpTest
    {
        $expected = 'fixture';

-        Registry::getSession()->setVariable('auth', $expected);
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $expected);

        $this->callMethod(
            $this->_oController,
@ -64,7 +65,7 @@ class d3force_2faTest extends d3user_totpTest

        Registry::getConfig()->setConfigParam('D3_TOTP_ADMIN_FORCE_2FA', $force2FA);

-        Registry::getSession()->setVariable('auth', $givenUserId);
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $givenUserId);

        $this->assertSame(
            $expected,
--- a/src/tests/unit/Modules/Core/d3_totp_utilsTest.php
+++ b/src/tests/unit/Modules/Core/d3_totp_utilsTest.php
@ -15,6 +15,7 @@ namespace D3\Totp\tests\unit\Modules\Core;

 use D3\TestingTools\Development\CanAccessRestricted;
 use D3\Totp\Application\Model\d3totp;
+use D3\Totp\Application\Model\d3totp_conf;
 use D3\Totp\Modules\Core\d3_totp_utils;
 use D3\Totp\tests\unit\d3TotpUnitTestCase;
 use OxidEsales\Eshop\Core\Config;
@ -55,7 +56,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
     */
    public function checkAccessRightsNoAuth()
    {
-        Registry::getSession()->setVariable("auth", false);
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, false);

        /** @var d3totp|MockObject $oTotpMock */
        $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -88,7 +89,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
     */
    public function checkAccessRightsForce2FA()
    {
-        Registry::getSession()->setVariable("auth", false);
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, false);

        /** @var d3totp|MockObject $oTotpMock */
        $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -125,7 +126,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
     */
    public function checkAccessRightsTotpNotActive()
    {
-        Registry::getSession()->setVariable("auth", 'foo');
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');

        /** @var d3totp|MockObject $oTotpMock */
        $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -162,7 +163,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
     */
    public function checkAccessRightsTotpFinished()
    {
-        Registry::getSession()->setVariable("auth", 'foo');
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');

        /** @var Session|MockObject $oSessionMock */
        $oSessionMock = $this->getMockBuilder(Session::class)
@ -209,7 +210,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
     */
    public function checkAccessRightsTotpUnfinished()
    {
-        Registry::getSession()->setVariable("auth", 'foo');
+        Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');

        /** @var Session|MockObject $oSessionMock */
        $oSessionMock = $this->getMockBuilder(Session::class)