[TASK] Set FE/loginSecurityLevel to normal for no ext:rsaauth loaded

Provide a silent upgrader the same way as for BE/loginSecurityLevel
to avoid FE login to fail after upgrade.

Change-Id: I8c27c370206effc1f88fd5334b9f20f01a628757
Resolves: #86417
Releases: master
Reviewed-on: https://review.typo3.org/58429
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Tested-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Josef Glatz <josef.glatz@typo3.org>
Tested-by: Josef Glatz <josef.glatz@typo3.org>
Reviewed-by: Jan Helke <typo3@helke.de>
Tested-by: Jan Helke <typo3@helke.de>

typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php

@@ -152,6 +152,7 @@ public function execute()
     {
         $this->generateEncryptionKeyIfNeeded();
         $this->configureBackendLoginSecurity();
+        $this->configureFrontendLoginSecurity();
         $this->migrateImageProcessorSetting();
         $this->transferHttpSettings();
         $this->disableImageMagickDetailSettingsIfImageMagickIsDisabled();
@@ -218,6 +219,26 @@ protected function configureBackendLoginSecurity()
         }
     }
 
+    /**
+     * Frontend login security is set to normal in case
+     * any other value is set while ext:rsaauth is not loaded.
+     *
+     * @throws ConfigurationChangedException
+     */
+    protected function configureFrontendLoginSecurity()
+    {
+        $rsaauthLoaded = ExtensionManagementUtility::isLoaded('rsaauth');
+        try {
+            $currentLoginSecurityLevelValue = $this->configurationManager->getLocalConfigurationValueByPath('FE/loginSecurityLevel');
+            if (!$rsaauthLoaded && $currentLoginSecurityLevelValue !== 'normal') {
+                $this->configurationManager->setLocalConfigurationValueByPath('FE/loginSecurityLevel', 'normal');
+                $this->throwConfigurationChangedException();
+            }
+        } catch (MissingArrayPathException $e) {
+            // no value set, just ignore
+        }
+    }
+
     /**
      * The encryption key is crucial for securing form tokens
      * and the whole TYPO3 link rendering later on. A random key is set here in

typo3/sysext/install/Tests/Unit/Service/SilentConfigurationUpgradeServiceTest.php

@@ -116,7 +116,7 @@ public function configureBackendLoginSecurity($current, $setting, $isPackageActi
             ['BE/loginSecurityLevel', $current]
         ];
         $closure = function () {
-            throw new MissingArrayPathException('Path does not exist in array', 1476109311);
+            throw new MissingArrayPathException('Path does not exist in array', 1538160231);
         };
 
         $this->createConfigurationManagerWithMockedMethods(
@@ -145,6 +145,81 @@ public function configureBackendLoginSecurity($current, $setting, $isPackageActi
         $silentConfigurationUpgradeServiceInstance->_call('configureBackendLoginSecurity');
     }
 
+    /**
+     * Dataprovider for configureBackendLoginSecurity
+     *
+     * @return array
+     */
+    public function configureFrontendLoginSecurityLocalconfiguration(): array
+    {
+        return [
+            ['', 'rsa', true, false],
+            ['normal', 'rsa', true, true],
+            ['rsa', 'normal', false, true],
+        ];
+    }
+
+    /**
+     * @test
+     * @dataProvider configureFrontendLoginSecurityLocalconfiguration
+     * @param string $current
+     * @param string $setting
+     * @param bool $isPackageActive
+     * @param bool $hasLocalConfig
+     */
+    public function configureFrontendLoginSecurity($current, $setting, $isPackageActive, $hasLocalConfig)
+    {
+        /** @var $silentConfigurationUpgradeServiceInstance SilentConfigurationUpgradeService|\PHPUnit_Framework_MockObject_MockObject|\TYPO3\TestingFramework\Core\AccessibleObjectInterface */
+        $silentConfigurationUpgradeServiceInstance = $this->getAccessibleMock(
+            SilentConfigurationUpgradeService::class,
+            ['dummy'],
+            [],
+            '',
+            false
+        );
+
+        /** @var $packageManager PackageManager|\PHPUnit_Framework_MockObject_MockObject */
+        $packageManager = $this->createMock(PackageManager::class);
+        $packageManager->expects($this->any())
+            ->method('isPackageActive')
+            ->will($this->returnValue($isPackageActive));
+        ExtensionManagementUtility::setPackageManager($packageManager);
+
+        $currentLocalConfiguration = [
+            ['FE/loginSecurityLevel', $current]
+        ];
+        $closure = function () {
+            throw new MissingArrayPathException('Path does not exist in array', 1476109311);
+        };
+
+        $this->createConfigurationManagerWithMockedMethods(
+            [
+                'getLocalConfigurationValueByPath',
+                'setLocalConfigurationValueByPath',
+            ]
+        );
+        if ($hasLocalConfig) {
+            $this->configurationManager->expects($this->once())
+                ->method('getLocalConfigurationValueByPath')
+                ->will($this->returnValueMap($currentLocalConfiguration));
+        } else {
+            $this->configurationManager->expects($this->once())
+                ->method('getLocalConfigurationValueByPath')
+                ->will($this->returnCallback($closure));
+        }
+        if ($isPackageActive === false) {
+            $this->configurationManager->expects($this->once())
+                ->method('setLocalConfigurationValueByPath')
+                ->with($this->equalTo('FE/loginSecurityLevel'), $this->equalTo($setting));
+
+            $this->expectException(ConfigurationChangedException::class);
+        }
+
+        $silentConfigurationUpgradeServiceInstance->_set('configurationManager', $this->configurationManager);
+
+        $silentConfigurationUpgradeServiceInstance->_call('configureFrontendLoginSecurity');
+    }
+
     /**
      * @test
      */