Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
move PasswordValidator configuration into _config
and out of _config.php i.e. use Injector rather than proceedural boot time code, as SilverStripe 4 supports this (where 3 did not). Re-introduce some security level settings that were lost at some point with no clear reason as to why.
- Loading branch information
1 parent
597980d
commit a990d37
Showing
3 changed files
with
78 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| <?php | ||
|
|
||
| namespace CWP\Core\Tests; | ||
|
|
||
| use SilverStripe\Dev\SapphireTest; | ||
| use SilverStripe\Security\Member; | ||
|
|
||
| /** | ||
| * Indeed it appears to only be testing config settings, however that isn't the main goal of this minor test suite. The | ||
| * goal is more to catch 'regressions' should someone alter the values, given that the minimums tested here are a | ||
| * requirement for compliance. The tests should still pass if passwords are strengthened with more checks or higher | ||
| * character limits, for example. The values were previously removed due to duplication. However on inspection I could | ||
| * not find where they were duplicated. I assume framework defaults - however I couldn't find where they were set there | ||
| * either. This is merely an extra layer of assurance. | ||
| * | ||
| * E.g. the TestNames have no default in the core, and are not configurable. I didn't look too hard at mid-method | ||
| * fallbacks, but it seemed a logical conclusion to add this back in via the use of Injector as seen in the | ||
| * _config/sercurity.yml section of this PR. To ensure this is set I run the test - not because it's not a config | ||
| * setting, but because it's also an Integration test - the PasswordValidator is always fetched via the way it's | ||
| * created in use (not directly with new or only with Injector via create). | ||
| * | ||
| * This is my justification for adding this wee test suite. | ||
| * | ||
| * @group integration | ||
| * @group compliance | ||
| */ | ||
| class PasswordStrengthTest extends SapphireTest | ||
| { | ||
| public function testPasswordMinLength() | ||
| { | ||
| $passwordValidator = Member::password_validator(); | ||
| $this->assertGreaterThanOrEqual(10, $passwordValidator->getMinLength()); | ||
| } | ||
|
|
||
| public function testMinTestScore() | ||
| { | ||
| $passwordValidator = Member::password_validator(); | ||
| $this->assertGreaterThanOrEqual(3, $passwordValidator->getMinTestScore()); | ||
| } | ||
|
|
||
| public function testHistoricCheckCount() | ||
| { | ||
| $passwordValidator = Member::password_validator(); | ||
| $this->assertGreaterThanOrEqual(6, $passwordValidator->getHistoricCount()); | ||
| } | ||
|
|
||
| public function testTestNamesInclude() | ||
| { | ||
| $passwordValidator = Member::password_validator(); | ||
| $this->assertContains('lowercase', $passwordValidator->getTestNames()); | ||
| $this->assertContains('uppercase', $passwordValidator->getTestNames()); | ||
| $this->assertContains('digits', $passwordValidator->getTestNames()); | ||
| $this->assertContains('punctuation', $passwordValidator->getTestNames()); | ||
| } | ||
| } |