Skip to content

Commit

Permalink
[BUGFIX] Broken Access Control in Usergroup Validation
Browse files Browse the repository at this point in the history
  • Loading branch information
sbusemann committed Oct 31, 2022
1 parent 9a64114 commit 827edbc
Show file tree
Hide file tree
Showing 4 changed files with 124 additions and 1 deletion.
5 changes: 4 additions & 1 deletion Classes/Domain/Validator/AbstractValidator.php
Original file line number Diff line number Diff line change
Expand Up @@ -364,8 +364,11 @@ protected function stringContainsSpaceCharacter($value)
*/
protected function validateInList($value, $validationSettingList)
{
$valueList = GeneralUtility::trimExplode(',', $value, true);
$validationSettings = GeneralUtility::trimExplode(',', $validationSettingList, true);
return in_array($value, $validationSettings);
$diff = array_diff($valueList, $validationSettings);

return empty($diff);
}

/**
Expand Down
14 changes: 14 additions & 0 deletions Classes/Domain/Validator/ServersideValidator.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use In2code\Femanager\Domain\Model\User;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Extbase\Domain\Model\FileReference;
use TYPO3\CMS\Extbase\Persistence\ObjectStorage;
use TYPO3\CMS\Extbase\Reflection\ObjectAccess;

/**
Expand Down Expand Up @@ -306,6 +307,19 @@ protected function checkAnyValidation($validation, $value, $validationSetting, $
protected function getValue($user, $fieldName)
{
$value = $this->getValueFromProperty($user, $fieldName);

if ($value instanceof ObjectStorage) {
$values = [];

foreach ($value as $object) {
if (method_exists($object, 'getUid')) {
$values[] = $object->getUid();
}
}

return implode(',', $values);
}

if (is_object($value)) {
if (method_exists($value, 'getUid')) {
$value = $value->getUid();
Expand Down
20 changes: 20 additions & 0 deletions Tests/Unit/Domain/Validator/AbstractValidatorTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -732,6 +732,16 @@ public function validateInListReturnsBoolDataProvider()
'a',
true
],
[
'1,2',
'1,2,3',
true
],
[
'1,2',
'3,2,1',
true
],
[
'23',
'1,234,3',
Expand All @@ -752,6 +762,16 @@ public function validateInListReturnsBoolDataProvider()
'bac',
false
],
[
'1,2,3',
'1,2',
false
],
[
'1,2,3',
'2,1',
false
]
];
}

Expand Down
86 changes: 86 additions & 0 deletions Tests/Unit/Domain/Validator/ServersideValidatorTest.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
<?php

namespace In2code\Femanager\Tests\Unit\Domain\Validator;

use In2code\Femanager\Domain\Model\User;
use In2code\Femanager\Domain\Model\UserGroup;
use In2code\Femanager\Domain\Validator\ServersideValidator;
use Nimut\TestingFramework\TestCase\UnitTestCase;

/**
* Class AbstractValidatorTest
* @coversDefaultClass \In2code\Femanager\Domain\Validator\ServersideValidator
*/
class ServersideValidatorTest extends UnitTestCase
{

/**
* @var \In2code\Femanager\Domain\Validator\ServersideValidator
*/
protected $generalValidatorMock;

/**
* Make object available
*/
public function setUp(): void
{
$this->generalValidatorMock = $this->getAccessibleMock(ServersideValidator::class, ['dummy']);
}

/**
* Remove object
*/
public function tearDown(): void
{
unset($this->generalValidatorMock);
}

/**
* @covers ::getValue
*/
public function testGetValueForObjectStorage(): void
{
$user = new User();

$usergroup1 = $this->getUserGroupMock(1);
$usergroup2 = $this->getUserGroupMock(2);

$user->addUsergroup($usergroup1);
$user->addUsergroup($usergroup2);

$fieldName = 'usergroup';

$result = $this->generalValidatorMock->_callRef('getValue', $user, $fieldName);

self::assertSame('1,2', $result);
}

/**
* @covers ::getValue
*/
public function testGetValueForObject(): void
{
$user = new User('testuser');

$fieldName = 'username';

$result = $this->generalValidatorMock->_callRef('getValue', $user, $fieldName);

self::assertSame('testuser', $result);
}

/**
* @param int $uid
* @return UserGroup&\PHPUnit\Framework\MockObject\MockObject|\PHPUnit\Framework\MockObject\MockObject
*/
protected function getUserGroupMock(int $uid = 1)
{
$mockClass = $this->getMockBuilder(UserGroup::class)
->disableOriginalConstructor()
->getMock();

$mockClass->method('getUid')->willReturn($uid);

return $mockClass;
}
}

0 comments on commit 827edbc

Please sign in to comment.