From 2046a6546c8ed62b9a7b33305b6201458f2f8291 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Wed, 12 Mar 2014 15:38:28 +0000 Subject: Allow user info to be retrieved without groups Some parts of dokuwiki (e.g. recent changes, old revisions) can requests lots of user info (to provide editor names) without requiring any group information. This change also implements caching of user info by authmysql & authpgsql plugins to avoid repeated querying of the DB to retrieve the same user information. --- lib/plugins/authplain/auth.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index 8c4ce0dd9..16ecaa147 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -76,9 +76,10 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * * @author Andreas Gohr * @param string $user + * @param bool $requireGroups (optional) ignored by this plugin, grps info always supplied * @return array|bool */ - public function getUserData($user) { + public function getUserData($user, $requireGroups=true) { if($this->users === null) $this->_loadUserData(); return isset($this->users[$user]) ? $this->users[$user] : false; } -- cgit v1.2.3 From f95ecbbf8b1de8bc1270d3cf91dfdf055ea5c78c Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Tue, 1 Jul 2014 08:35:07 +1000 Subject: authplain: Escape ':' in any data field as '\:' ':' is the field delimiter in the authplain flat text conf/users.auth.php file, but it's also used as an internal delimiter for the 'mediawiki' password hash format. Currently using this hash format corrupts the file This change escapes ':' as '\:' in any field in the users.auth.php file, and any '\' as '\\'. Also adds test cases for escaping modes. --- lib/plugins/authplain/_test/escaping.test.php | 82 +++++++++++++++++++++++++++ lib/plugins/authplain/auth.php | 33 +++++++++-- 2 files changed, 110 insertions(+), 5 deletions(-) create mode 100644 lib/plugins/authplain/_test/escaping.test.php (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php new file mode 100644 index 000000000..cd5294157 --- /dev/null +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -0,0 +1,82 @@ +auth = new auth_plugin_authplain(); + } + + function setUp() { + global $config_cascade; + parent::setUp(); + $name = $config_cascade['plainauth.users']['default']; + copy($name, $name.".orig"); + $this->reloadUsers(); + } + + function tearDown() { + global $config_cascade; + parent::tearDown(); + $name = $config_cascade['plainauth.users']['default']; + copy($name.".orig", $name); + } + + public function testMediawikiPasswordHash() { + global $conf; + $conf['passcrypt'] = 'mediawiki'; + $this->auth->createUser("mwuser", "12345", "Mediawiki User", "me@example.com"); + $this->reloadUsers(); + $this->assertTrue($this->auth->checkPass("mwuser", "12345")); + $mwuser = $this->auth->getUserData("mwuser"); + $this->assertStringStartsWith(":B:",$mwuser['pass']); + $this->assertEquals("Mediawiki User",$mwuser['name']); + } + + public function testNameWithColons() { + $name = ":Colon: User:"; + $this->auth->createUser("colonuser", "password", $name, "me@example.com"); + $this->reloadUsers(); + $user = $this->auth->getUserData("colonuser"); + $this->assertEquals($name,$user['name']); + } + + public function testNameWithBackslashes() { + $name = "\\Slash\\ User\\"; + $this->auth->createUser("slashuser", "password", $name, "me@example.com"); + $this->reloadUsers(); + $user = $this->auth->getUserData("slashuser"); + $this->assertEquals($name,$user['name']); + } + + public function testModifyUser() { + global $conf; + $conf['passcrypt'] = 'mediawiki'; + $user = $this->auth->getUserData("testuser"); + $user['name'] = "\\New:Crazy:Name\\"; + $user['pass'] = "awesome new password"; + $this->auth->modifyUser("testuser", $user); + $this->reloadUsers(); + + $saved = $this->auth->getUserData("testuser"); + $this->assertEquals($saved['name'], $user['name']); + $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); + } + +} + +?> \ No newline at end of file diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index 8c4ce0dd9..e53f56667 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -83,6 +83,27 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { return isset($this->users[$user]) ? $this->users[$user] : false; } + /** + * Creates a string suitable for saving as a line + * in the file database + * (delimiters escaped, etc.) + * + * @param string $user + * @param string $pass + * @param string $name + * @param string $mail + * @param array $grps list of groups the user is in + * @return string + */ + protected function _createUserLine($user, $pass, $name, $mail, $grps) { + $groups = join(',', $grps); + $userline = array($user, $pass, $name, $mail, $groups); + $userline = str_replace('\\', '\\\\', $userline); // escape \ as \\ + $userline = str_replace(':', '\\:', $userline); // escape : as \: + $userline = join(':', $userline)."\n"; + return $userline; + } + /** * Create a new User * @@ -115,8 +136,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { if(!is_array($grps)) $grps = array($conf['defaultgroup']); // prepare user line - $groups = join(',', $grps); - $userline = join(':', array($user, $pass, $name, $mail, $groups))."\n"; + $userline = $this->_createUserLine($user, $pass, $name, $mail, $grps); if(io_saveFile($config_cascade['plainauth.users']['default'], $userline, true)) { $this->users[$user] = compact('pass', 'name', 'mail', 'grps'); @@ -157,8 +177,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $userinfo[$field] = $value; } - $groups = join(',', $userinfo['grps']); - $userline = join(':', array($newuser, $userinfo['pass'], $userinfo['name'], $userinfo['mail'], $groups))."\n"; + $userline = $this->_createUserLine($newuser, $userinfo['pass'], $userinfo['name'], $userinfo['mail'], $userinfo['grps']); if(!$this->deleteUsers(array($user))) { msg('Unable to modify user data. Please inform the Wiki-Admin', -1); @@ -308,7 +327,11 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $line = trim($line); if(empty($line)) continue; - $row = explode(":", $line, 5); + /* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */ + $row = preg_split('/(?users[$row[0]]['pass'] = $row[1]; -- cgit v1.2.3 From 75112fc56c5237220d4fe1b104317f62eda8a561 Mon Sep 17 00:00:00 2001 From: Anika Henke Date: Sat, 2 Aug 2014 12:19:38 +0100 Subject: updated dates in info.txt of various plugins and template --- lib/plugins/authplain/plugin.info.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/plugin.info.txt b/lib/plugins/authplain/plugin.info.txt index b63ee53e4..2659ac7ad 100644 --- a/lib/plugins/authplain/plugin.info.txt +++ b/lib/plugins/authplain/plugin.info.txt @@ -1,7 +1,7 @@ base authplain author Andreas Gohr email andi@splitbrain.org -date 2012-11-09 +date 2014-07-01 name Plain Auth Plugin desc Provides user authentication against DokuWiki's local password storage url http://www.dokuwiki.org/plugin:authplain -- cgit v1.2.3 From 253d4b48ec708eb42033862dc15c8576f44a48ed Mon Sep 17 00:00:00 2001 From: Gerrit Uitslag Date: Wed, 1 Oct 2014 15:32:05 +0200 Subject: more PHPDocs, unused var, small bit code reformatting --- lib/plugins/authplain/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index b3ca988b9..1ea75b100 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -77,7 +77,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { * @author Andreas Gohr * @param string $user * @param bool $requireGroups (optional) ignored by this plugin, grps info always supplied - * @return array|bool + * @return array|false */ public function getUserData($user, $requireGroups=true) { if($this->users === null) $this->_loadUserData(); -- cgit v1.2.3 From 7e8500eea1e53b1de0e0f70400664afa442cd08d Mon Sep 17 00:00:00 2001 From: Gerrit Uitslag Date: Thu, 2 Oct 2014 14:55:24 +0200 Subject: PHPDocs and some improvements --- lib/plugins/authplain/_test/escaping.test.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index cd5294157..5cf631508 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -12,10 +12,11 @@ * @group plugins */ class helper_plugin_authplain_escaping_test extends DokuWikiTest { - + protected $pluginsEnabled = array('authplain'); + /** @var auth_plugin_authplain */ protected $auth; - + protected function reloadUsers() { /* auth caches data loaded from file, but recreated object forces reload */ $this->auth = new auth_plugin_authplain(); -- cgit v1.2.3 From 6c8c1f4632a82459236200e9264c40ecebd4b162 Mon Sep 17 00:00:00 2001 From: Christopher Smith Date: Fri, 3 Oct 2014 17:41:14 +0100 Subject: Fix for issues 877 & 885 related to a bug in PCRE 6.6 --- lib/plugins/authplain/_test/escaping.test.php | 43 +++++++++++++++++++++++++-- lib/plugins/authplain/auth.php | 31 ++++++++++++++++++- 2 files changed, 70 insertions(+), 4 deletions(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index cd5294157..5a5f67c82 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -13,12 +13,12 @@ */ class helper_plugin_authplain_escaping_test extends DokuWikiTest { - protected $pluginsEnabled = array('authplain'); + protected $pluginsEnabled = array('authplainharness'); protected $auth; protected function reloadUsers() { /* auth caches data loaded from file, but recreated object forces reload */ - $this->auth = new auth_plugin_authplain(); + $this->auth = new auth_plugin_authplainharness(); } function setUp() { @@ -76,7 +76,44 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { $this->assertEquals($saved['name'], $user['name']); $this->assertTrue($this->auth->checkPass("testuser", $user['pass'])); } + + // really only required for developers to ensure this plugin will + // work with systems running on PCRE 6.6 and lower. + public function testLineSplit(){ + $this->auth->setPregsplit_safe(false); + + $names = array( + 'plain', + 'ut-fठ8', + 'colon:', + 'backslash\\', + 'alltogether\\ठ:' + ); + $userpass = 'user:password_hash:'; + $other_user_data = ':email@address:group1,group2'; + + foreach ($names as $testname) { + $escaped = str_replace(array('\\',':'),array('\\\\','\\:'),$testname); // escape : & \ + $test_line = $userpass.$escaped.$other_user_data; + $result = $this->auth->splitUserData($test_line); + + $this->assertEquals($testname, $result[2]); + } + } } -?> \ No newline at end of file +class auth_plugin_authplainharness extends auth_plugin_authplain { + + public function setPregsplit_safe($bool) { + $this->_pregsplit_safe = $bool; + } + + public function getPregsplit_safe(){ + return $this->_pregsplit_safe; + } + + public function splitUserData($line){ + return $this->_splitUserData($line); + } +} \ No newline at end of file diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index b3ca988b9..ec5d16e9d 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -17,6 +17,9 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { /** @var array filter pattern */ protected $_pattern = array(); + /** @var bool safe version of preg_split */ + protected $_pregsplit_safe = false; + /** * Constructor * @@ -44,6 +47,8 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $this->cando['getUsers'] = true; $this->cando['getUserCount'] = true; } + + $this->_pregsplit_safe = version_compare(PCRE_VERSION,'6.7','>='); } /** @@ -329,7 +334,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { if(empty($line)) continue; /* NB: preg_split can be deprecated/replaced with str_getcsv once dokuwiki is min php 5.3 */ - $row = preg_split('/(?_splitUserData($line); $row = str_replace('\\:', ':', $row); $row = str_replace('\\\\', '\\', $row); @@ -342,6 +347,30 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { } } + protected function _splitUserData($line){ + // due to a bug in PCRE 6.6, preg_split will fail with the regex we use here + // refer github issues 877 & 885 + if ($this->_pregsplit_safe){ + return preg_split('/(? Date: Sat, 4 Oct 2014 11:59:42 +0100 Subject: escaping backslash should be included in split items --- lib/plugins/authplain/_test/escaping.test.php | 2 +- lib/plugins/authplain/auth.php | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index 5a5f67c82..cbfbbc587 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -97,7 +97,7 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { $test_line = $userpass.$escaped.$other_user_data; $result = $this->auth->splitUserData($test_line); - $this->assertEquals($testname, $result[2]); + $this->assertEquals($escaped, $result[2]); } } diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index ec5d16e9d..3d303597c 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -356,9 +356,12 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $row = array(); $piece = ''; - for($i=0; $i=$len) break; } else if ($line[$i]==':'){ $row[] = $piece; $piece = ''; -- cgit v1.2.3 From 79e79377626799a77c11aa7849cb9c64305590c8 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 7 Jan 2015 10:47:45 +0100 Subject: Remove error supression for file_exists() In an older version of PHP a file_exists() call would issue a warning when the file did not exist. This was fixed in later PHP releases. Since we require PHP 5.3 now, there's no need to supress any error here anymore. This might even give a minor performance boost. --- lib/plugins/authplain/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/auth.php b/lib/plugins/authplain/auth.php index fd2d0b249..b31c02fc8 100644 --- a/lib/plugins/authplain/auth.php +++ b/lib/plugins/authplain/auth.php @@ -325,7 +325,7 @@ class auth_plugin_authplain extends DokuWiki_Auth_Plugin { $this->users = array(); - if(!@file_exists($config_cascade['plainauth.users']['default'])) return; + if(!file_exists($config_cascade['plainauth.users']['default'])) return; $lines = file($config_cascade['plainauth.users']['default']); foreach($lines as $line) { -- cgit v1.2.3 From 276820f70d7e96ee375735c1a15bdc0a8331a5a7 Mon Sep 17 00:00:00 2001 From: Scrutinizer Auto-Fixer Date: Sat, 10 Jan 2015 14:47:51 +0000 Subject: Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com --- lib/plugins/authplain/_test/escaping.test.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib/plugins/authplain') diff --git a/lib/plugins/authplain/_test/escaping.test.php b/lib/plugins/authplain/_test/escaping.test.php index 9df96389a..e1eade8d4 100644 --- a/lib/plugins/authplain/_test/escaping.test.php +++ b/lib/plugins/authplain/_test/escaping.test.php @@ -106,6 +106,9 @@ class helper_plugin_authplain_escaping_test extends DokuWikiTest { class auth_plugin_authplainharness extends auth_plugin_authplain { + /** + * @param boolean $bool + */ public function setPregsplit_safe($bool) { $this->_pregsplit_safe = $bool; } @@ -114,6 +117,9 @@ class auth_plugin_authplainharness extends auth_plugin_authplain { return $this->_pregsplit_safe; } + /** + * @param string $line + */ public function splitUserData($line){ return $this->_splitUserData($line); } -- cgit v1.2.3