From cfc3345db4c3e9fb3d7d8cac0a29748bab816f6b Mon Sep 17 00:00:00 2001
From: Patrick Barroca <pbarroca@afi-sa.fr>
Date: Mon, 12 Jul 2021 15:41:03 +0200
Subject: [PATCH] hotline #138333 : fix cosmogramme login detection
---
VERSIONS_HOTLINE/138333 | 1 +
.../cosmo/controllers/IdentityTest.php | 72 +++++++++++++++++++
cosmogramme/php/_init.php | 4 +-
library/Class/CosmoAuth.php | 12 +++-
.../ZendAfi/Controller/Plugin/CosmoAuth.php | 5 +-
5 files changed, 87 insertions(+), 7 deletions(-)
create mode 100644 VERSIONS_HOTLINE/138333
create mode 100644 cosmogramme/cosmozend/tests/application/modules/cosmo/controllers/IdentityTest.php
diff --git a/VERSIONS_HOTLINE/138333 b/VERSIONS_HOTLINE/138333
new file mode 100644
index 00000000000..d351f2852fa
--- /dev/null
+++ b/VERSIONS_HOTLINE/138333
@@ -0,0 +1 @@
+ - ticket #138333 : Cosmogramme : Correction de la vérification de l'identification
\ No newline at end of file
diff --git a/cosmogramme/cosmozend/tests/application/modules/cosmo/controllers/IdentityTest.php b/cosmogramme/cosmozend/tests/application/modules/cosmo/controllers/IdentityTest.php
new file mode 100644
index 00000000000..28c0b05769d
--- /dev/null
+++ b/cosmogramme/cosmozend/tests/application/modules/cosmo/controllers/IdentityTest.php
@@ -0,0 +1,72 @@
+<?php
+/**
+ * Copyright (c) 2012-2021, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+abstract class Cosmo_IdentityTestCase extends CosmoControllerTestCase {
+ public function setUp() {
+ parent::setUp();
+
+ $this->_prepareLogin()
+ ->dispatch('/cosmo/annexe');
+ }
+
+
+ protected function _prepareLogin() {
+ return $this;
+ }
+
+
+ /** @test */
+ public function controllerShouldBeAuth() {
+ $this->assertEquals('auth', $this->_request->getControllerName());
+ }
+
+
+ /** @test */
+ public function actionShouldBeNotLogged() {
+ $this->assertEquals('not-logged', $this->_request->getActionName());
+ }
+
+
+ /** @test */
+ public function pageShouldContainsVousNEtesPlusConnecte() {
+ $this->assertXPathContentContains('//body', 'Vous n\'êtes plus connecté');
+ }
+}
+
+
+
+
+class Cosmo_IdentityNotLoggedTest extends Cosmo_IdentityTestCase {
+ protected function _prepareLogin() {
+ unset($_SESSION[Class_CosmoAuth::SESSION_KEY]);
+ return $this;
+ }
+}
+
+
+
+
+class Cosmo_IdentityFailedLoginTest extends Cosmo_IdentityTestCase {
+ protected function _prepareLogin() {
+ Class_CosmoAuth::fail();
+ return $this;
+ }
+}
diff --git a/cosmogramme/php/_init.php b/cosmogramme/php/_init.php
index 954976b27bc..d056534a5fd 100644
--- a/cosmogramme/php/_init.php
+++ b/cosmogramme/php/_init.php
@@ -57,6 +57,4 @@ if (!session_id())
// Controle login
if (isset($_REQUEST["action"]) && $_REQUEST['action'] == "logout") unset($_SESSION["passe"]);
-if (!isset($_SESSION["passe"])) include("_identification.php");
-
-?>
+if (!Class_CosmoAuth::isLogged()) include("_identification.php");
diff --git a/library/Class/CosmoAuth.php b/library/Class/CosmoAuth.php
index 626cc9983d6..327d4eaed20 100644
--- a/library/Class/CosmoAuth.php
+++ b/library/Class/CosmoAuth.php
@@ -51,6 +51,16 @@ class Class_CosmoAuth {
}
+ public static function isLogged() {
+ return
+ isset($_SESSION[static::SESSION_KEY])
+ && in_array($_SESSION[static::SESSION_KEY],
+ [static::ROLE_CATALOG,
+ static::ROLE_ADMIN,
+ static::ROLE_SYSTEM]);
+ }
+
+
public static function beSystem() {
return $_SESSION[static::SESSION_KEY] = static::ROLE_SYSTEM;
}
@@ -72,6 +82,6 @@ class Class_CosmoAuth {
public static function fail() {
- return $_SESSION[static::SESSION_KEY] = '';
+ return $_SESSION[static::SESSION_KEY] = null;
}
}
diff --git a/library/ZendAfi/Controller/Plugin/CosmoAuth.php b/library/ZendAfi/Controller/Plugin/CosmoAuth.php
index 04d1c038495..dcbb00737ef 100644
--- a/library/ZendAfi/Controller/Plugin/CosmoAuth.php
+++ b/library/ZendAfi/Controller/Plugin/CosmoAuth.php
@@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
* along with BOKEH; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
@@ -26,10 +26,9 @@ class ZendAfi_Controller_Plugin_CosmoAuth extends Zend_Controller_Plugin_Abstrac
|| 'auth' == $request->getControllerName())
return;
- if (!isset($_SESSION['passe'])) {
+ if (!Class_CosmoAuth::isLogged()) {
$request->setControllerName('auth');
$request->setActionName('not-logged');
}
}
}
-?>
\ No newline at end of file
--
GitLab