joshtronic/pickles
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Finished up security class testing.

Browse source
This commit is contained in:
Joshua Sherman 2014-01-18 11:43:23 -05:00
parent 30b9616b12
commit 72be314073
3 changed files with 12 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

68
classes/Security.php
View file

@ -225,73 +225,11 @@ class Security
{ {
return $_SESSION['__pickles']['security']['level']; return $_SESSION['__pickles']['security']['level'];
} }
// Hits the database to determine the user's level // Used to hit the database to determine the user's level, found it
// to be overkill and just opted for a simple logout.
else else
{ {
// Checks the session cache instead of hitting the database Security::logout();
if (isset($_SESSION['__pickles']['security']['user_id'], self::$cache[(int)$_SESSION['__pickles']['security']['user_id']]))
{
return self::$cache[(int)$_SESSION['__pickles']['security']['user_id']];
}
else
{
// Pulls the config and defaults where necessary
$config = Config::getInstance();
if ($config->security === false)
{
$config = [];
}
else
{
$config = $config->security;
}
$defaults = [
'login' => 'login',
'model' => 'User',
'column' => 'level',
];
foreach ($defaults as $variable => $value)
{
if (!isset($config[$variable]))
{
$config[$variable] = $value;
}
}
// Uses the model to pull the user's access level
$class = $config['model'];
$model = new $class([
'fields' => $config['column'],
'conditions' => [
'id' => (int)$_SESSION['__pickles']['security']['user_id'],
],
]);
if ($model->count() == 0)
{
Security::logout();
}
else
{
$constant = 'SECURITY_LEVEL_' . $model->record[$config['column']];
if (defined($constant))
{
$constant = constant($constant);
self::$cache[(int)$_SESSION['__pickles']['security']['user_id']] = $constant;
return $constant;
}
else
{
throw new Exception('Security level constant is not defined');
}
}
}
} }
} }

11
tests/classes/SecurityTest.php
View file

@ -100,7 +100,6 @@ class SecurityTest extends PHPUnit_Framework_TestCase
$this->assertFalse(Security::isLevel(SECURITY_LEVEL_USER)); $this->assertFalse(Security::isLevel(SECURITY_LEVEL_USER));
} }
/*
public function testIsLevelDB() public function testIsLevelDB()
{ {
$config = Config::getInstance(); $config = Config::getInstance();
@ -127,6 +126,7 @@ class SecurityTest extends PHPUnit_Framework_TestCase
'namespace' => '', 'namespace' => '',
], ],
], ],
'security' => ['model' => 'MockUserModel'],
]; ];
$model = new MockUserModel(); $model = new MockUserModel();
@ -141,9 +141,14 @@ class SecurityTest extends PHPUnit_Framework_TestCase
Security::login(1, 10, 'USER'); Security::login(1, 10, 'USER');
//$this->assertTrue(Security::isLevel([SECURITY_LEVEL_USER, SECURITY_LEVEL_ADMIN])); unset(
$_SESSION['__pickles']['security']['token'],
$_COOKIE['pickles_security_token'],
$_SESSION['__pickles']['security']['level']
);
$this->assertFalse(Security::isLevel([SECURITY_LEVEL_USER, SECURITY_LEVEL_ADMIN]));
} }
*/
} }
?> ?>

2
tests/schema.sql
View file

@ -23,7 +23,7 @@ DROP TABLE IF EXISTS users;
CREATE TABLE `users` ( CREATE TABLE `users` (
`id` int(1) unsigned NOT NULL AUTO_INCREMENT, `id` int(1) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `username` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`role` varchar(10) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'USER', `level` varchar(10) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'USER',
`created_id` int(1) unsigned DEFAULT NULL, `created_id` int(1) unsigned DEFAULT NULL,
`created_at` datetime NOT NULL, `created_at` datetime NOT NULL,
`updated_id` int(1) unsigned DEFAULT NULL, `updated_id` int(1) unsigned DEFAULT NULL,