D3Public/oxtotp
8
0
Fork 1
Code Pull Requests Releases Activity

change session admin auth variable to constant

Browse Source
This commit is contained in:
Daniel Seifert 2022-11-24 20:17:50 +01:00
parent 331a05b080
commit 77eca02079
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
5 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Application/Controller/Admin/d3force_2fa.php
View File

@ -4,6 +4,7 @@ declare(strict_types=1);
namespace D3\Totp\Application\Controller\Admin; namespace D3\Totp\Application\Controller\Admin;
use D3\Totp\Application\Model\d3totp_conf;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session; use OxidEsales\Eshop\Core\Session;
@ -13,7 +14,7 @@ class d3force_2fa extends d3user_totp
{ {
$this->addTplParam('force2FA', true); $this->addTplParam('force2FA', true);
$userID = $this->d3TotpGetSessionObject()->getVariable("auth"); $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
$this->_sEditObjectId = $userID; $this->_sEditObjectId = $userID;
return parent::render(); return parent::render();
@ -22,7 +23,7 @@ class d3force_2fa extends d3user_totp
protected function _authorize() protected function _authorize()
{ {
$userID = $this->d3TotpGetSessionObject()->getVariable("auth"); $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
return ($this->d3IsAdminForce2FA() && !empty($userID)); return ($this->d3IsAdminForce2FA() && !empty($userID));
} }

2
src/Modules/Core/d3_totp_utils.php
View File

@ -34,7 +34,7 @@ class d3_totp_utils extends d3_totp_utils_parent
{ {
$blAuth = parent::checkAccessRights(); $blAuth = parent::checkAccessRights();
$blAuth = $this->d3AuthHook($blAuth); $blAuth = $this->d3AuthHook($blAuth);
$userID = $this->d3TotpGetSessionObject()->getVariable("auth"); $userID = $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
$totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH); $totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH);
/** @var d3totp $totp */ /** @var d3totp $totp */
$totp = $this->d3GetTotpObject(); $totp = $this->d3GetTotpObject();

2
src/Modules/Core/totpSystemEventHandler.php
View File

@ -34,7 +34,7 @@ class totpSystemEventHandler extends totpSystemEventHandler_parent
protected function d3requestTotp() protected function d3requestTotp()
{ {
$totp = $this->d3GetTotpObject(); $totp = $this->d3GetTotpObject();
$userId = $this->d3TotpGetSession()->getVariable('auth'); $userId = $this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH);
$totp->loadByUserId($userId); $totp->loadByUserId($userId);
if ($this->d3TotpLoginMissing($totp)) { if ($this->d3TotpLoginMissing($totp)) {

5
src/tests/unit/Application/Controller/Admin/d3force_2faTest.php
View File

@ -3,6 +3,7 @@
namespace D3\Totp\tests\unit\Application\Controller\Admin; namespace D3\Totp\tests\unit\Application\Controller\Admin;
use D3\Totp\Application\Controller\Admin\d3force_2fa; use D3\Totp\Application\Controller\Admin\d3force_2fa;
use D3\Totp\Application\Model\d3totp_conf;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session; use OxidEsales\Eshop\Core\Session;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
@ -27,7 +28,7 @@ class d3force_2faTest extends d3user_totpTest
{ {
$expected = 'fixture'; $expected = 'fixture';
Registry::getSession()->setVariable('auth', $expected); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $expected);
$this->callMethod( $this->callMethod(
$this->_oController, $this->_oController,
@ -64,7 +65,7 @@ class d3force_2faTest extends d3user_totpTest
Registry::getConfig()->setConfigParam('D3_TOTP_ADMIN_FORCE_2FA', $force2FA); Registry::getConfig()->setConfigParam('D3_TOTP_ADMIN_FORCE_2FA', $force2FA);
Registry::getSession()->setVariable('auth', $givenUserId); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $givenUserId);
$this->assertSame( $this->assertSame(
$expected, $expected,

11
src/tests/unit/Modules/Core/d3_totp_utilsTest.php
View File

@ -15,6 +15,7 @@ namespace D3\Totp\tests\unit\Modules\Core;
use D3\TestingTools\Development\CanAccessRestricted; use D3\TestingTools\Development\CanAccessRestricted;
use D3\Totp\Application\Model\d3totp; use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Modules\Core\d3_totp_utils; use D3\Totp\Modules\Core\d3_totp_utils;
use D3\Totp\tests\unit\d3TotpUnitTestCase; use D3\Totp\tests\unit\d3TotpUnitTestCase;
use OxidEsales\Eshop\Core\Config; use OxidEsales\Eshop\Core\Config;
@ -55,7 +56,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
*/ */
public function checkAccessRightsNoAuth() public function checkAccessRightsNoAuth()
{ {
Registry::getSession()->setVariable("auth", false); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */ /** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class) $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -88,7 +89,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
*/ */
public function checkAccessRightsForce2FA() public function checkAccessRightsForce2FA()
{ {
Registry::getSession()->setVariable("auth", false); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */ /** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class) $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -125,7 +126,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
*/ */
public function checkAccessRightsTotpNotActive() public function checkAccessRightsTotpNotActive()
{ {
Registry::getSession()->setVariable("auth", 'foo'); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');
/** @var d3totp|MockObject $oTotpMock */ /** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class) $oTotpMock = $this->getMockBuilder(d3totp::class)
@ -162,7 +163,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
*/ */
public function checkAccessRightsTotpFinished() public function checkAccessRightsTotpFinished()
{ {
Registry::getSession()->setVariable("auth", 'foo'); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');
/** @var Session|MockObject $oSessionMock */ /** @var Session|MockObject $oSessionMock */
$oSessionMock = $this->getMockBuilder(Session::class) $oSessionMock = $this->getMockBuilder(Session::class)
@ -209,7 +210,7 @@ class d3_totp_utilsTest extends d3TotpUnitTestCase
*/ */
public function checkAccessRightsTotpUnfinished() public function checkAccessRightsTotpUnfinished()
{ {
Registry::getSession()->setVariable("auth", 'foo'); Registry::getSession()->setVariable(d3totp_conf::OXID_ADMIN_AUTH, 'foo');
/** @var Session|MockObject $oSessionMock */ /** @var Session|MockObject $oSessionMock */
$oSessionMock = $this->getMockBuilder(Session::class) $oSessionMock = $this->getMockBuilder(Session::class)