From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
tests/Selenium/bootstrap.php | 148 +++++++++++++++++++++++++++++++++++-------------
1 files changed, 107 insertions(+), 41 deletions(-)
diff --git a/tests/Selenium/bootstrap.php b/tests/Selenium/bootstrap.php
index fe2d111..9baf0c0 100644
--- a/tests/Selenium/bootstrap.php
+++ b/tests/Selenium/bootstrap.php
@@ -38,7 +38,7 @@
die("Fatal error: ini_set/set_include_path does not work.");
}
-$rcmail = rcmail::get_instance('test');
+$rcmail = rcmail::get_instance(0, 'test');
define('TESTS_URL', $rcmail->config->get('tests_url'));
define('TESTS_BROWSER', $rcmail->config->get('tests_browser', 'firefox'));
@@ -54,35 +54,39 @@
*/
class bootstrap
{
+ static $imap_ready = null;
+
/**
* Wipe and re-initialize (mysql) database
*/
public static function init_db()
{
$rcmail = rcmail::get_instance();
+ $dsn = rcube_db::parse_dsn($rcmail->config->get('db_dsnw'));
- // drop all existing tables first
- $db = $rcmail->get_dbh();
- $db->query("SET FOREIGN_KEY_CHECKS=0");
- $sql_res = $db->query("SHOW TABLES");
- while ($sql_arr = $db->fetch_array($sql_res)) {
- $table = reset($sql_arr);
- $db->query("DROP TABLE $table");
- }
+ if ($dsn['phptype'] == 'mysql' || $dsn['phptype'] == 'mysqli') {
+ // drop all existing tables first
+ $db = $rcmail->get_dbh();
+ $db->query("SET FOREIGN_KEY_CHECKS=0");
+ $sql_res = $db->query("SHOW TABLES");
+ while ($sql_arr = $db->fetch_array($sql_res)) {
+ $table = reset($sql_arr);
+ $db->query("DROP TABLE $table");
+ }
- // init database with schema
- $dsn = parse_url($rcmail->config->get('db_dsnw'));
- $db_name = trim($dsn['path'], '/');
-
- if ($dsn['scheme'] == 'mysql' || $dsn['scheme'] == 'mysqli') {
+ // init database with schema
system(sprintf('cat %s %s | mysql -h %s -u %s --password=%s %s',
realpath(INSTALL_PATH . '/SQL/mysql.initial.sql'),
realpath(TESTS_DIR . 'Selenium/data/mysql.sql'),
- escapeshellarg($dsn['host']),
- escapeshellarg($dsn['user']),
- escapeshellarg($dsn['pass']),
- escapeshellarg($db_name)
+ escapeshellarg($dsn['hostspec']),
+ escapeshellarg($dsn['username']),
+ escapeshellarg($dsn['password']),
+ escapeshellarg($dsn['database'])
));
+ }
+ else if ($dsn['phptype'] == 'sqlite') {
+ // delete database file -- will be re-initialized on first access
+ system(sprintf('rm -f %s', escapeshellarg($dsn['database'])));
}
}
@@ -91,17 +95,38 @@
*/
public static function init_imap()
{
- if (!TESTS_USER)
+ if (!TESTS_USER) {
return false;
+ }
+ else if (self::$imap_ready !== null) {
+ return self::$imap_ready;
+ }
+ self::connect_imap(TESTS_USER, TESTS_PASS);
+ self::purge_mailbox('INBOX');
+ self::ensure_mailbox('Archive', true);
+
+ return self::$imap_ready;
+ }
+
+ /**
+ * Authenticate to IMAP with the given credentials
+ */
+ public static function connect_imap($username, $password, $host = null)
+ {
$rcmail = rcmail::get_instance();
$imap = $rcmail->get_storage();
- $imap_host = $rcmail->config->get('default_host');
- $a_host = parse_url($args['host']);
+ if ($imap->is_connected()) {
+ $imap->close();
+ self::$imap_ready = false;
+ }
+
+ $imap_host = $host ?: $rcmail->config->get('default_host');
+ $a_host = parse_url($imap_host);
if ($a_host['host']) {
$imap_host = $a_host['host'];
- $imap_ssl = isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'));
+ $imap_ssl = isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'));
$imap_port = isset($a_host['port']) ? $a_host['port'] : ($imap_ssl ? 993 : 143);
}
else {
@@ -109,28 +134,57 @@
$imap_ssl = false;
}
- if (!$imap->connect($imap_host, TESTS_USER, TESTS_PASS, $imap_port, $imap_ssl)) {
+ if (!$imap->connect($imap_host, $username, $password, $imap_port, $imap_ssl)) {
die("IMAP error: unable to authenticate with user " . TESTS_USER);
}
- // create Archive mailbox
+ self::$imap_ready = true;
+ }
+
+ /**
+ * Import the given file into IMAP
+ */
+ public static function import_message($filename, $mailbox = 'INBOX')
+ {
+ if (!self::init_imap()) {
+ die(__METHOD__ . ': IMAP connection unavailable');
+ }
+
+ $imap = rcmail::get_instance()->get_storage();
+ $imap->save_message($mailbox, file_get_contents($filename));
+ }
+
+ /**
+ * Delete all messages from the given mailbox
+ */
+ public static function purge_mailbox($mailbox)
+ {
+ if (!self::init_imap()) {
+ die(__METHOD__ . ': IMAP connection unavailable');
+ }
+
+ $imap = rcmail::get_instance()->get_storage();
+ $imap->delete_message('*', $mailbox);
+ }
+
+ /**
+ * Make sure the given mailbox exists in IMAP
+ */
+ public static function ensure_mailbox($mailbox, $empty = false)
+ {
+ if (!self::init_imap()) {
+ die(__METHOD__ . ': IMAP connection unavailable');
+ }
+
+ $imap = rcmail::get_instance()->get_storage();
+
$folders = $imap->list_folders();
- if (!in_array('Archive', $folders)) {
- $imap->create_folder('Archive', true);
+ if (!in_array($mailbox, $folders)) {
+ $imap->create_folder($mailbox, true);
}
- else {
- $imap->delete_message('*', 'Archive');
+ else if ($empty) {
+ $imap->delete_message('*', $mailbox);
}
-
- // empty Inbox
- $imap->delete_message('*', 'INBOX');
-
- // import email messages
- foreach (glob(TESTS_DIR . 'Selenium/data/mail/*.eml') as $f) {
- $imap->save_message('INBOX', file_get_contents($f));
- }
-
- $imap->close();
}
}
@@ -142,9 +196,12 @@
*/
class Selenium_Test extends PHPUnit_Extensions_Selenium2TestCase
{
+ protected $login_data = null;
+
protected function setUp()
{
$this->setBrowser(TESTS_BROWSER);
+ $this->login_data = array(TESTS_USER, TESTS_PASS);
// Set root to our index.html, for better performance
// See https://github.com/sebastianbergmann/phpunit-selenium/issues/217
@@ -152,8 +209,12 @@
$this->setBrowserUrl($baseurl . '/tests/Selenium');
}
- protected function login()
+ protected function login($username = null, $password = null)
{
+ if (!empty($username)) {
+ $this->login_data = array($username, $password);
+ }
+
$this->go('mail', null, true);
}
@@ -163,8 +224,8 @@
$pass_input = $this->byCssSelector('form input[name="_pass"]');
$submit = $this->byCssSelector('form input[type="submit"]');
- $user_input->value(TESTS_USER);
- $pass_input->value(TESTS_PASS);
+ $user_input->value($this->login_data[0]);
+ $pass_input->value($this->login_data[1]);
// submit login form
$submit->click();
@@ -276,6 +337,11 @@
return $response;
}
+ protected function getText($element)
+ {
+ return $element->text() ?: $element->attribute('textContent');
+ }
+
protected function assertHasClass($classname, $element)
{
$this->assertContains($classname, $element->attribute('class'));
--
Gitblit v1.9.1