1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* tests for PhpMyAdmin\Server\Privileges |
4
|
|
|
* |
5
|
|
|
* @package PhpMyAdmin-test |
6
|
|
|
*/ |
7
|
|
|
declare(strict_types=1); |
8
|
|
|
|
9
|
|
|
namespace PhpMyAdmin\Tests\Server; |
10
|
|
|
|
11
|
|
|
use PhpMyAdmin\Config; |
12
|
|
|
use PhpMyAdmin\DatabaseInterface; |
13
|
|
|
use PhpMyAdmin\Relation; |
14
|
|
|
use PhpMyAdmin\RelationCleanup; |
15
|
|
|
use PhpMyAdmin\Server\Privileges; |
16
|
|
|
use PhpMyAdmin\Template; |
17
|
|
|
use PhpMyAdmin\Tests\Stubs\DbiDummy; |
18
|
|
|
use PhpMyAdmin\Url; |
19
|
|
|
use PhpMyAdmin\Util; |
20
|
|
|
use PHPUnit\Framework\TestCase; |
21
|
|
|
use stdClass; |
22
|
|
|
|
23
|
|
|
/** |
24
|
|
|
* PhpMyAdmin\Tests\Server\PrivilegesTest class |
25
|
|
|
* |
26
|
|
|
* this class is for testing PhpMyAdmin\Server\Privileges methods |
27
|
|
|
* |
28
|
|
|
* @package PhpMyAdmin-test |
29
|
|
|
*/ |
30
|
|
|
class PrivilegesTest extends TestCase |
31
|
|
|
{ |
32
|
|
|
/** |
33
|
|
|
* @var Privileges $serverPrivileges |
34
|
|
|
*/ |
35
|
|
|
private $serverPrivileges; |
36
|
|
|
|
37
|
|
|
/** |
38
|
|
|
* Prepares environment for the test. |
39
|
|
|
* |
40
|
|
|
* @return void |
41
|
|
|
*/ |
42
|
|
|
protected function setUp(): void |
43
|
|
|
{ |
44
|
|
|
$GLOBALS['PMA_Config'] = new Config(); |
45
|
|
|
$GLOBALS['PMA_Config']->enableBc(); |
46
|
|
|
$GLOBALS['cfg']['Server']['DisableIS'] = false; |
47
|
|
|
$GLOBALS['cfgRelation'] = []; |
48
|
|
|
$GLOBALS['cfgRelation']['menuswork'] = false; |
49
|
|
|
$GLOBALS['table'] = "table"; |
50
|
|
|
$GLOBALS['pmaThemeImage'] = 'image'; |
51
|
|
|
$GLOBALS['server'] = 1; |
52
|
|
|
$GLOBALS['db'] = 'db'; |
53
|
|
|
$GLOBALS['hostname'] = "hostname"; |
54
|
|
|
$GLOBALS['username'] = "username"; |
55
|
|
|
|
56
|
|
|
$relation = new Relation($GLOBALS['dbi']); |
57
|
|
|
$this->serverPrivileges = new Privileges( |
58
|
|
|
new Template(), |
59
|
|
|
$GLOBALS['dbi'], |
60
|
|
|
$relation, |
61
|
|
|
new RelationCleanup($GLOBALS['dbi'], $relation) |
62
|
|
|
); |
63
|
|
|
|
64
|
|
|
//$_POST |
65
|
|
|
$_POST['pred_password'] = 'none'; |
66
|
|
|
//$_SESSION |
67
|
|
|
$_SESSION['relation'][$GLOBALS['server']] = [ |
68
|
|
|
'PMA_VERSION' => PMA_VERSION, |
69
|
|
|
'db' => 'pmadb', |
70
|
|
|
'users' => 'users', |
71
|
|
|
'usergroups' => 'usergroups', |
72
|
|
|
'menuswork' => true, |
73
|
|
|
]; |
74
|
|
|
|
75
|
|
|
$pmaconfig = $this->getMockBuilder('PhpMyAdmin\Config') |
76
|
|
|
->disableOriginalConstructor() |
77
|
|
|
->getMock(); |
78
|
|
|
|
79
|
|
|
$GLOBALS['PMA_Config'] = $pmaconfig; |
80
|
|
|
|
81
|
|
|
//Mock DBI |
82
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
83
|
|
|
->disableOriginalConstructor() |
84
|
|
|
->getMock(); |
85
|
|
|
|
86
|
|
|
$dbi->expects($this->any()) |
87
|
|
|
->method('fetchResult') |
88
|
|
|
->will( |
89
|
|
|
$this->returnValue( |
90
|
|
|
[ |
91
|
|
|
'grant user1 select', |
92
|
|
|
'grant user2 delete', |
93
|
|
|
] |
94
|
|
|
) |
95
|
|
|
); |
96
|
|
|
|
97
|
|
|
$fetchSingleRow = [ |
98
|
|
|
'password' => 'pma_password', |
99
|
|
|
'Table_priv' => 'pri1, pri2', |
100
|
|
|
'Type' => 'Type', |
101
|
|
|
'@@old_passwords' => 0, |
102
|
|
|
]; |
103
|
|
|
$dbi->expects($this->any())->method('fetchSingleRow') |
104
|
|
|
->will($this->returnValue($fetchSingleRow)); |
105
|
|
|
|
106
|
|
|
$fetchValue = ['key1' => 'value1']; |
107
|
|
|
$dbi->expects($this->any())->method('fetchValue') |
108
|
|
|
->will($this->returnValue($fetchValue)); |
109
|
|
|
|
110
|
|
|
$dbi->expects($this->any())->method('tryQuery') |
111
|
|
|
->will($this->returnValue(true)); |
112
|
|
|
|
113
|
|
|
$dbi->expects($this->any())->method('escapeString') |
114
|
|
|
->will($this->returnArgument(0)); |
115
|
|
|
|
116
|
|
|
$GLOBALS['dbi'] = $dbi; |
117
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
118
|
|
|
$this->serverPrivileges->relation->dbi = $dbi; |
|
|
|
|
119
|
|
|
$GLOBALS['is_grantuser'] = true; |
120
|
|
|
$GLOBALS['is_createuser'] = true; |
121
|
|
|
$GLOBALS['is_reload_priv'] = true; |
122
|
|
|
$GLOBALS['strPrivDescDeleteHistoricalRows'] = "strPrivDescDeleteHistoricalRows"; |
123
|
|
|
} |
124
|
|
|
|
125
|
|
|
/** |
126
|
|
|
* Test for getDataForDBInfo |
127
|
|
|
* |
128
|
|
|
* @return void |
129
|
|
|
*/ |
130
|
|
|
public function testGetDataForDBInfo() |
131
|
|
|
{ |
132
|
|
|
$_REQUEST['username'] = "PMA_username"; |
133
|
|
|
$_REQUEST['hostname'] = "PMA_hostname"; |
134
|
|
|
$_REQUEST['tablename'] = "PMA_tablename"; |
135
|
|
|
$_REQUEST['dbname'] = "PMA_dbname"; |
136
|
|
|
list( |
137
|
|
|
$username, $hostname, $dbname, $tablename, $routinename, |
138
|
|
|
$db_and_table, $dbname_is_wildcard |
139
|
|
|
) = $this->serverPrivileges->getDataForDBInfo(); |
140
|
|
|
$this->assertEquals( |
141
|
|
|
"PMA_username", |
142
|
|
|
$username |
143
|
|
|
); |
144
|
|
|
$this->assertEquals( |
145
|
|
|
"PMA_hostname", |
146
|
|
|
$hostname |
147
|
|
|
); |
148
|
|
|
$this->assertEquals( |
149
|
|
|
"PMA_dbname", |
150
|
|
|
$dbname |
151
|
|
|
); |
152
|
|
|
$this->assertEquals( |
153
|
|
|
"PMA_tablename", |
154
|
|
|
$tablename |
155
|
|
|
); |
156
|
|
|
$this->assertEquals( |
157
|
|
|
"`PMA_dbname`.`PMA_tablename`", |
158
|
|
|
$db_and_table |
159
|
|
|
); |
160
|
|
|
$this->assertEquals( |
161
|
|
|
true, |
162
|
|
|
$dbname_is_wildcard |
163
|
|
|
); |
164
|
|
|
|
165
|
|
|
//pre variable have been defined |
166
|
|
|
$_POST['pred_tablename'] = "PMA_pred__tablename"; |
167
|
|
|
$_POST['pred_dbname'] = ["PMA_pred_dbname"]; |
168
|
|
|
list( |
169
|
|
|
,, $dbname, $tablename, $routinename, |
170
|
|
|
$db_and_table, $dbname_is_wildcard |
171
|
|
|
) = $this->serverPrivileges->getDataForDBInfo(); |
172
|
|
|
$this->assertEquals( |
173
|
|
|
"PMA_pred_dbname", |
174
|
|
|
$dbname |
175
|
|
|
); |
176
|
|
|
$this->assertEquals( |
177
|
|
|
"PMA_pred__tablename", |
178
|
|
|
$tablename |
179
|
|
|
); |
180
|
|
|
$this->assertEquals( |
181
|
|
|
"`PMA_pred_dbname`.`PMA_pred__tablename`", |
182
|
|
|
$db_and_table |
183
|
|
|
); |
184
|
|
|
$this->assertEquals( |
185
|
|
|
true, |
186
|
|
|
$dbname_is_wildcard |
187
|
|
|
); |
188
|
|
|
} |
189
|
|
|
|
190
|
|
|
/** |
191
|
|
|
* Test for wildcardEscapeForGrant |
192
|
|
|
* |
193
|
|
|
* @return void |
194
|
|
|
*/ |
195
|
|
|
public function testWildcardEscapeForGrant() |
196
|
|
|
{ |
197
|
|
|
$dbname = ''; |
198
|
|
|
$tablename = ''; |
199
|
|
|
$db_and_table = $this->serverPrivileges->wildcardEscapeForGrant($dbname, $tablename); |
200
|
|
|
$this->assertEquals( |
201
|
|
|
'*.*', |
202
|
|
|
$db_and_table |
203
|
|
|
); |
204
|
|
|
|
205
|
|
|
$dbname = 'dbname'; |
206
|
|
|
$tablename = ''; |
207
|
|
|
$db_and_table = $this->serverPrivileges->wildcardEscapeForGrant($dbname, $tablename); |
208
|
|
|
$this->assertEquals( |
209
|
|
|
'`dbname`.*', |
210
|
|
|
$db_and_table |
211
|
|
|
); |
212
|
|
|
|
213
|
|
|
$dbname = 'dbname'; |
214
|
|
|
$tablename = 'tablename'; |
215
|
|
|
$db_and_table = $this->serverPrivileges->wildcardEscapeForGrant($dbname, $tablename); |
216
|
|
|
$this->assertEquals( |
217
|
|
|
'`dbname`.`tablename`', |
218
|
|
|
$db_and_table |
219
|
|
|
); |
220
|
|
|
} |
221
|
|
|
|
222
|
|
|
/** |
223
|
|
|
* Test for rangeOfUsers |
224
|
|
|
* |
225
|
|
|
* @return void |
226
|
|
|
*/ |
227
|
|
|
public function testRangeOfUsers() |
228
|
|
|
{ |
229
|
|
|
$ret = $this->serverPrivileges->rangeOfUsers("INIT"); |
230
|
|
|
$this->assertEquals( |
231
|
|
|
" WHERE `User` LIKE 'INIT%' OR `User` LIKE 'init%'", |
232
|
|
|
$ret |
233
|
|
|
); |
234
|
|
|
|
235
|
|
|
$ret = $this->serverPrivileges->rangeOfUsers(); |
236
|
|
|
$this->assertEquals( |
237
|
|
|
'', |
238
|
|
|
$ret |
239
|
|
|
); |
240
|
|
|
} |
241
|
|
|
|
242
|
|
|
/** |
243
|
|
|
* Test for getTableGrantsArray |
244
|
|
|
* |
245
|
|
|
* @return void |
246
|
|
|
*/ |
247
|
|
|
public function testGetTableGrantsArray() |
248
|
|
|
{ |
249
|
|
|
$GLOBALS['strPrivDescDelete'] = "strPrivDescDelete"; |
250
|
|
|
$GLOBALS['strPrivDescCreateTbl'] = "strPrivDescCreateTbl"; |
251
|
|
|
$GLOBALS['strPrivDescDropTbl'] = "strPrivDescDropTbl"; |
252
|
|
|
$GLOBALS['strPrivDescIndex'] = "strPrivDescIndex"; |
253
|
|
|
$GLOBALS['strPrivDescAlter'] = "strPrivDescAlter"; |
254
|
|
|
$GLOBALS['strPrivDescCreateView'] = "strPrivDescCreateView"; |
255
|
|
|
$GLOBALS['strPrivDescShowView'] = "strPrivDescShowView"; |
256
|
|
|
$GLOBALS['strPrivDescTrigger'] = "strPrivDescTrigger"; |
257
|
|
|
|
258
|
|
|
$ret = $this->serverPrivileges->getTableGrantsArray(); |
259
|
|
|
$this->assertEquals( |
260
|
|
|
[ |
261
|
|
|
'Delete', |
262
|
|
|
'DELETE', |
263
|
|
|
$GLOBALS['strPrivDescDelete'], |
264
|
|
|
], |
265
|
|
|
$ret[0] |
266
|
|
|
); |
267
|
|
|
$this->assertEquals( |
268
|
|
|
[ |
269
|
|
|
'Create', |
270
|
|
|
'CREATE', |
271
|
|
|
$GLOBALS['strPrivDescCreateTbl'], |
272
|
|
|
], |
273
|
|
|
$ret[1] |
274
|
|
|
); |
275
|
|
|
} |
276
|
|
|
|
277
|
|
|
/** |
278
|
|
|
* Test for getGrantsArray |
279
|
|
|
* |
280
|
|
|
* @return void |
281
|
|
|
*/ |
282
|
|
|
public function testGetGrantsArray() |
283
|
|
|
{ |
284
|
|
|
$ret = $this->serverPrivileges->getGrantsArray(); |
285
|
|
|
$this->assertEquals( |
286
|
|
|
[ |
287
|
|
|
'Select_priv', |
288
|
|
|
'SELECT', |
289
|
|
|
__('Allows reading data.'), |
290
|
|
|
], |
291
|
|
|
$ret[0] |
292
|
|
|
); |
293
|
|
|
$this->assertEquals( |
294
|
|
|
[ |
295
|
|
|
'Insert_priv', |
296
|
|
|
'INSERT', |
297
|
|
|
__('Allows inserting and replacing data.'), |
298
|
|
|
], |
299
|
|
|
$ret[1] |
300
|
|
|
); |
301
|
|
|
} |
302
|
|
|
|
303
|
|
|
/** |
304
|
|
|
* Test for getHtmlForUserGroupDialog |
305
|
|
|
* |
306
|
|
|
* @return void |
307
|
|
|
*/ |
308
|
|
|
public function testGetHtmlForUserGroupDialog() |
309
|
|
|
{ |
310
|
|
|
$username = "pma_username"; |
311
|
|
|
$is_menuswork = true; |
312
|
|
|
$_GET['edit_user_group_dialog'] = "edit_user_group_dialog"; |
313
|
|
|
|
314
|
|
|
/* Assertion 1 */ |
315
|
|
|
$html = $this->serverPrivileges->getHtmlForUserGroupDialog($username, $is_menuswork); |
316
|
|
|
$this->assertStringContainsString( |
317
|
|
|
'<form class="ajax" id="changeUserGroupForm"', |
318
|
|
|
$html |
319
|
|
|
); |
320
|
|
|
//Url::getHiddenInputs |
321
|
|
|
$params = ['username' => $username]; |
322
|
|
|
$html_output = Url::getHiddenInputs($params); |
323
|
|
|
$this->assertStringContainsString( |
324
|
|
|
$html_output, |
325
|
|
|
$html |
326
|
|
|
); |
327
|
|
|
//__('User group') |
328
|
|
|
$this->assertStringContainsString( |
329
|
|
|
__('User group'), |
330
|
|
|
$html |
331
|
|
|
); |
332
|
|
|
|
333
|
|
|
/* Assertion 2 */ |
334
|
|
|
$oldDbi = $GLOBALS['dbi']; |
335
|
|
|
//Mock DBI |
336
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
337
|
|
|
->disableOriginalConstructor() |
338
|
|
|
->getMock(); |
339
|
|
|
|
340
|
|
|
$dbi->expects($this->any()) |
341
|
|
|
->method('fetchValue') |
342
|
|
|
->will($this->returnValue('userG')); |
343
|
|
|
$dbi->expects($this->any()) |
344
|
|
|
->method('tryQuery') |
345
|
|
|
->will($this->returnValue(true)); |
346
|
|
|
$dbi->expects($this->any()) |
347
|
|
|
->method('fetchRow') |
348
|
|
|
->willReturnOnConsecutiveCalls(['userG'], null); |
349
|
|
|
$dbi->expects($this->any())->method('escapeString') |
350
|
|
|
->will($this->returnArgument(0)); |
351
|
|
|
|
352
|
|
|
$GLOBALS['dbi'] = $dbi; |
353
|
|
|
$this->serverPrivileges->dbi = $dbi; |
354
|
|
|
|
355
|
|
|
$actualHtml = $this->serverPrivileges->getHtmlForUserGroupDialog($username, $is_menuswork); |
356
|
|
|
$this->assertStringContainsString( |
357
|
|
|
'<form class="ajax" id="changeUserGroupForm"', |
358
|
|
|
$actualHtml |
359
|
|
|
); |
360
|
|
|
//Url::getHiddenInputs |
361
|
|
|
$params = ['username' => $username]; |
362
|
|
|
$html_output = Url::getHiddenInputs($params); |
363
|
|
|
$this->assertStringContainsString( |
364
|
|
|
$html_output, |
365
|
|
|
$actualHtml |
366
|
|
|
); |
367
|
|
|
//__('User group') |
368
|
|
|
$this->assertStringContainsString( |
369
|
|
|
__('User group'), |
370
|
|
|
$actualHtml |
371
|
|
|
); |
372
|
|
|
|
373
|
|
|
// Empty default user group |
374
|
|
|
$this->assertStringContainsString( |
375
|
|
|
'<option value=""></option>', |
376
|
|
|
$actualHtml |
377
|
|
|
); |
378
|
|
|
|
379
|
|
|
// Current user's group selected |
380
|
|
|
$this->assertStringContainsString( |
381
|
|
|
'<option value="userG" selected="selected">userG</option>', |
382
|
|
|
$actualHtml |
383
|
|
|
); |
384
|
|
|
|
385
|
|
|
/* reset original dbi */ |
386
|
|
|
$GLOBALS['dbi'] = $oldDbi; |
387
|
|
|
$this->serverPrivileges->dbi = $oldDbi; |
388
|
|
|
} |
389
|
|
|
|
390
|
|
|
/** |
391
|
|
|
* Test for getHtmlToChooseUserGroup |
392
|
|
|
* |
393
|
|
|
* @return void |
394
|
|
|
*/ |
395
|
|
|
public function testGetHtmlToChooseUserGroup() |
396
|
|
|
{ |
397
|
|
|
$username = "pma_username"; |
398
|
|
|
|
399
|
|
|
$html = $this->serverPrivileges->getHtmlToChooseUserGroup($username); |
400
|
|
|
$this->assertStringContainsString( |
401
|
|
|
'<form class="ajax" id="changeUserGroupForm"', |
402
|
|
|
$html |
403
|
|
|
); |
404
|
|
|
//Url::getHiddenInputs |
405
|
|
|
$params = ['username' => $username]; |
406
|
|
|
$html_output = Url::getHiddenInputs($params); |
407
|
|
|
$this->assertStringContainsString( |
408
|
|
|
$html_output, |
409
|
|
|
$html |
410
|
|
|
); |
411
|
|
|
//__('User group') |
412
|
|
|
$this->assertStringContainsString( |
413
|
|
|
__('User group'), |
414
|
|
|
$html |
415
|
|
|
); |
416
|
|
|
} |
417
|
|
|
|
418
|
|
|
/** |
419
|
|
|
* Test for getSqlQueryForDisplayPrivTable |
420
|
|
|
* |
421
|
|
|
* @return void |
422
|
|
|
*/ |
423
|
|
|
public function testGetSqlQueryForDisplayPrivTable() |
424
|
|
|
{ |
425
|
|
|
$username = "pma_username"; |
426
|
|
|
$db = '*'; |
427
|
|
|
$table = "pma_table"; |
428
|
|
|
$hostname = "pma_hostname"; |
429
|
|
|
|
430
|
|
|
//$db == '*' |
431
|
|
|
$ret = $this->serverPrivileges->getSqlQueryForDisplayPrivTable( |
432
|
|
|
$db, |
433
|
|
|
$table, |
434
|
|
|
$username, |
435
|
|
|
$hostname |
436
|
|
|
); |
437
|
|
|
$sql = "SELECT * FROM `mysql`.`user`" |
438
|
|
|
. " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) . "'" |
439
|
|
|
. " AND `Host` = '" . $GLOBALS['dbi']->escapeString($hostname) . "';"; |
440
|
|
|
$this->assertEquals( |
441
|
|
|
$sql, |
442
|
|
|
$ret |
443
|
|
|
); |
444
|
|
|
|
445
|
|
|
//$table == '*' |
446
|
|
|
$db = "pma_db"; |
447
|
|
|
$table = "*"; |
448
|
|
|
$ret = $this->serverPrivileges->getSqlQueryForDisplayPrivTable( |
449
|
|
|
$db, |
450
|
|
|
$table, |
451
|
|
|
$username, |
452
|
|
|
$hostname |
453
|
|
|
); |
454
|
|
|
$sql = "SELECT * FROM `mysql`.`db`" |
455
|
|
|
. " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) . "'" |
456
|
|
|
. " AND `Host` = '" . $GLOBALS['dbi']->escapeString($hostname) . "'" |
457
|
|
|
. " AND '" . Util::unescapeMysqlWildcards($db) . "'" |
458
|
|
|
. " LIKE `Db`;"; |
459
|
|
|
$this->assertEquals( |
460
|
|
|
$sql, |
461
|
|
|
$ret |
462
|
|
|
); |
463
|
|
|
|
464
|
|
|
//$table == 'pma_table' |
465
|
|
|
$db = "pma_db"; |
466
|
|
|
$table = "pma_table"; |
467
|
|
|
$ret = $this->serverPrivileges->getSqlQueryForDisplayPrivTable( |
468
|
|
|
$db, |
469
|
|
|
$table, |
470
|
|
|
$username, |
471
|
|
|
$hostname |
472
|
|
|
); |
473
|
|
|
$sql = "SELECT `Table_priv`" |
474
|
|
|
. " FROM `mysql`.`tables_priv`" |
475
|
|
|
. " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) . "'" |
476
|
|
|
. " AND `Host` = '" . $GLOBALS['dbi']->escapeString($hostname) . "'" |
477
|
|
|
. " AND `Db` = '" . Util::unescapeMysqlWildcards($db) . "'" |
478
|
|
|
. " AND `Table_name` = '" . $GLOBALS['dbi']->escapeString($table) . "';"; |
479
|
|
|
$this->assertEquals( |
480
|
|
|
$sql, |
481
|
|
|
$ret |
482
|
|
|
); |
483
|
|
|
|
484
|
|
|
// SQL escaping |
485
|
|
|
$db = "db' AND"; |
486
|
|
|
$table = "pma_table"; |
487
|
|
|
$ret = $this->serverPrivileges->getSqlQueryForDisplayPrivTable( |
488
|
|
|
$db, |
489
|
|
|
$table, |
490
|
|
|
$username, |
491
|
|
|
$hostname |
492
|
|
|
); |
493
|
|
|
$this->assertEquals( |
494
|
|
|
"SELECT `Table_priv` FROM `mysql`.`tables_priv` " |
495
|
|
|
. "WHERE `User` = 'pma_username' AND " |
496
|
|
|
. "`Host` = 'pma_hostname' AND `Db` = 'db' AND' AND " |
497
|
|
|
. "`Table_name` = 'pma_table';", |
498
|
|
|
$ret |
499
|
|
|
); |
500
|
|
|
} |
501
|
|
|
|
502
|
|
|
/** |
503
|
|
|
* Test for getDataForChangeOrCopyUser |
504
|
|
|
* |
505
|
|
|
* @return void |
506
|
|
|
*/ |
507
|
|
|
public function testGetDataForChangeOrCopyUser() |
508
|
|
|
{ |
509
|
|
|
//$_POST['change_copy'] not set |
510
|
|
|
list($queries, $password) = $this->serverPrivileges->getDataForChangeOrCopyUser(); |
511
|
|
|
$this->assertEquals( |
512
|
|
|
null, |
513
|
|
|
$queries |
514
|
|
|
); |
515
|
|
|
$this->assertEquals( |
516
|
|
|
null, |
517
|
|
|
$queries |
518
|
|
|
); |
519
|
|
|
|
520
|
|
|
//$_POST['change_copy'] is set |
521
|
|
|
$_POST['change_copy'] = true; |
522
|
|
|
$_POST['old_username'] = 'PMA_old_username'; |
523
|
|
|
$_POST['old_hostname'] = 'PMA_old_hostname'; |
524
|
|
|
list($queries, $password) = $this->serverPrivileges->getDataForChangeOrCopyUser(); |
525
|
|
|
$this->assertEquals( |
526
|
|
|
'pma_password', |
527
|
|
|
$password |
528
|
|
|
); |
529
|
|
|
$this->assertEquals( |
530
|
|
|
[], |
531
|
|
|
$queries |
532
|
|
|
); |
533
|
|
|
unset($_POST['change_copy']); |
534
|
|
|
} |
535
|
|
|
|
536
|
|
|
|
537
|
|
|
/** |
538
|
|
|
* Test for getListForExportUserDefinition |
539
|
|
|
* |
540
|
|
|
* @return void |
541
|
|
|
*/ |
542
|
|
|
public function testGetHtmlForExportUserDefinition() |
543
|
|
|
{ |
544
|
|
|
$username = "PMA_username"; |
545
|
|
|
$hostname = "PMA_hostname"; |
546
|
|
|
|
547
|
|
|
list($title, $export) |
548
|
|
|
= $this->serverPrivileges->getListForExportUserDefinition($username, $hostname); |
549
|
|
|
|
550
|
|
|
//validate 1: $export |
551
|
|
|
$this->assertStringContainsString( |
552
|
|
|
'grant user2 delete', |
553
|
|
|
$export |
554
|
|
|
); |
555
|
|
|
$this->assertStringContainsString( |
556
|
|
|
'grant user1 select', |
557
|
|
|
$export |
558
|
|
|
); |
559
|
|
|
$this->assertStringContainsString( |
560
|
|
|
'<textarea class="export"', |
561
|
|
|
$export |
562
|
|
|
); |
563
|
|
|
|
564
|
|
|
//validate 2: $title |
565
|
|
|
$title_user = __('User') . ' `' . htmlspecialchars($username) |
566
|
|
|
. '`@`' . htmlspecialchars($hostname) . '`'; |
567
|
|
|
$this->assertStringContainsString( |
568
|
|
|
$title_user, |
569
|
|
|
$title |
570
|
|
|
); |
571
|
|
|
} |
572
|
|
|
|
573
|
|
|
/** |
574
|
|
|
* Test for addUser |
575
|
|
|
* |
576
|
|
|
* @return void |
577
|
|
|
*/ |
578
|
|
|
public function testAddUser() |
579
|
|
|
{ |
580
|
|
|
// Case 1 : Test with Newer version |
581
|
|
|
$GLOBALS['dbi']->expects($this->any())->method('getVersion') |
582
|
|
|
->will($this->returnValue(50706)); |
583
|
|
|
$this->serverPrivileges->dbi = $GLOBALS['dbi']; |
584
|
|
|
|
585
|
|
|
$dbname = 'pma_dbname'; |
586
|
|
|
$username = 'pma_username'; |
587
|
|
|
$hostname = 'pma_hostname'; |
588
|
|
|
$_POST['adduser_submit'] = true; |
589
|
|
|
$_POST['pred_username'] = 'any'; |
590
|
|
|
$_POST['pred_hostname'] = 'localhost'; |
591
|
|
|
$_POST['pred_password'] = 'keep'; |
592
|
|
|
$_POST['createdb-3'] = true; |
593
|
|
|
$_POST['userGroup'] = "username"; |
594
|
|
|
$_POST['authentication_plugin'] = 'mysql_native_password'; |
595
|
|
|
|
596
|
|
|
list( |
597
|
|
|
$ret_message,,, $sql_query, |
598
|
|
|
$_add_user_error |
599
|
|
|
) = $this->serverPrivileges->addUser( |
600
|
|
|
$dbname, |
601
|
|
|
$username, |
602
|
|
|
$hostname, |
603
|
|
|
$dbname, |
604
|
|
|
true |
605
|
|
|
); |
606
|
|
|
$this->assertEquals( |
607
|
|
|
'You have added a new user.', |
608
|
|
|
$ret_message->getMessage() |
609
|
|
|
); |
610
|
|
|
$this->assertEquals( |
611
|
|
|
"CREATE USER ''@'localhost' IDENTIFIED WITH mysql_native_password AS '***';" |
612
|
|
|
. "GRANT USAGE ON *.* TO ''@'localhost' REQUIRE NONE;" |
613
|
|
|
. "GRANT ALL PRIVILEGES ON `pma_dbname`.* TO ''@'localhost';", |
614
|
|
|
$sql_query |
615
|
|
|
); |
616
|
|
|
$this->assertEquals( |
617
|
|
|
false, |
618
|
|
|
$_add_user_error |
619
|
|
|
); |
620
|
|
|
} |
621
|
|
|
|
622
|
|
|
/** |
623
|
|
|
* Test for addUser |
624
|
|
|
* |
625
|
|
|
* @return void |
626
|
|
|
*/ |
627
|
|
|
public function testAddUserOld() |
628
|
|
|
{ |
629
|
|
|
$GLOBALS['dbi']->expects($this->any())->method('getVersion') |
630
|
|
|
->will($this->returnValue(50506)); |
631
|
|
|
$this->serverPrivileges->dbi = $GLOBALS['dbi']; |
632
|
|
|
|
633
|
|
|
$dbname = 'pma_dbname'; |
634
|
|
|
$username = 'pma_username'; |
635
|
|
|
$hostname = 'pma_hostname'; |
636
|
|
|
$_POST['adduser_submit'] = true; |
637
|
|
|
$_POST['pred_username'] = 'any'; |
638
|
|
|
$_POST['pred_hostname'] = 'localhost'; |
639
|
|
|
$_POST['pred_password'] = 'keep'; |
640
|
|
|
$_POST['createdb-3'] = true; |
641
|
|
|
$_POST['userGroup'] = "username"; |
642
|
|
|
$_POST['authentication_plugin'] = 'mysql_native_password'; |
643
|
|
|
|
644
|
|
|
list( |
645
|
|
|
$ret_message,,, $sql_query, |
646
|
|
|
$_add_user_error |
647
|
|
|
) = $this->serverPrivileges->addUser( |
648
|
|
|
$dbname, |
649
|
|
|
$username, |
650
|
|
|
$hostname, |
651
|
|
|
$dbname, |
652
|
|
|
true |
653
|
|
|
); |
654
|
|
|
|
655
|
|
|
$this->assertEquals( |
656
|
|
|
'You have added a new user.', |
657
|
|
|
$ret_message->getMessage() |
658
|
|
|
); |
659
|
|
|
$this->assertEquals( |
660
|
|
|
"CREATE USER ''@'localhost';" |
661
|
|
|
. "GRANT USAGE ON *.* TO ''@'localhost' REQUIRE NONE;" |
662
|
|
|
. "SET PASSWORD FOR ''@'localhost' = '***';" |
663
|
|
|
. "GRANT ALL PRIVILEGES ON `pma_dbname`.* TO ''@'localhost';", |
664
|
|
|
$sql_query |
665
|
|
|
); |
666
|
|
|
$this->assertEquals( |
667
|
|
|
false, |
668
|
|
|
$_add_user_error |
669
|
|
|
); |
670
|
|
|
} |
671
|
|
|
|
672
|
|
|
/** |
673
|
|
|
* Test for updatePassword |
674
|
|
|
* |
675
|
|
|
* @return void |
676
|
|
|
*/ |
677
|
|
|
public function testUpdatePassword() |
678
|
|
|
{ |
679
|
|
|
$username = 'pma_username'; |
680
|
|
|
$hostname = 'pma_hostname'; |
681
|
|
|
$err_url = "error.php"; |
682
|
|
|
$_POST['pma_pw'] = 'pma_pw'; |
683
|
|
|
$_POST['authentication_plugin'] = 'mysql_native_password'; |
684
|
|
|
|
685
|
|
|
$message = $this->serverPrivileges->updatePassword( |
686
|
|
|
$err_url, |
687
|
|
|
$username, |
688
|
|
|
$hostname |
689
|
|
|
); |
690
|
|
|
|
691
|
|
|
$this->assertEquals( |
692
|
|
|
"The password for 'pma_username'@'pma_hostname' " |
693
|
|
|
. "was changed successfully.", |
694
|
|
|
$message->getMessage() |
695
|
|
|
); |
696
|
|
|
} |
697
|
|
|
|
698
|
|
|
/** |
699
|
|
|
* Test for getMessageAndSqlQueryForPrivilegesRevoke |
700
|
|
|
* |
701
|
|
|
* @return void |
702
|
|
|
*/ |
703
|
|
|
public function testGetMessageAndSqlQueryForPrivilegesRevoke() |
704
|
|
|
{ |
705
|
|
|
$dbname = 'pma_dbname'; |
706
|
|
|
$username = 'pma_username'; |
707
|
|
|
$hostname = 'pma_hostname'; |
708
|
|
|
$tablename = 'pma_tablename'; |
709
|
|
|
$_POST['adduser_submit'] = true; |
710
|
|
|
$_POST['pred_username'] = 'any'; |
711
|
|
|
$_POST['pred_hostname'] = 'localhost'; |
712
|
|
|
$_POST['createdb-3'] = true; |
713
|
|
|
$_POST['Grant_priv'] = 'Y'; |
714
|
|
|
$_POST['max_questions'] = 1000; |
715
|
|
|
list ($message, $sql_query) |
716
|
|
|
= $this->serverPrivileges->getMessageAndSqlQueryForPrivilegesRevoke( |
717
|
|
|
$dbname, |
718
|
|
|
$tablename, |
719
|
|
|
$username, |
720
|
|
|
$hostname, |
721
|
|
|
'' |
722
|
|
|
); |
723
|
|
|
|
724
|
|
|
$this->assertEquals( |
725
|
|
|
"You have revoked the privileges for 'pma_username'@'pma_hostname'.", |
726
|
|
|
$message->getMessage() |
727
|
|
|
); |
728
|
|
|
$this->assertEquals( |
729
|
|
|
"REVOKE ALL PRIVILEGES ON `pma_dbname`.`pma_tablename` " |
730
|
|
|
. "FROM 'pma_username'@'pma_hostname'; " |
731
|
|
|
. "REVOKE GRANT OPTION ON `pma_dbname`.`pma_tablename` " |
732
|
|
|
. "FROM 'pma_username'@'pma_hostname';", |
733
|
|
|
$sql_query |
734
|
|
|
); |
735
|
|
|
} |
736
|
|
|
|
737
|
|
|
/** |
738
|
|
|
* Test for updatePrivileges |
739
|
|
|
* |
740
|
|
|
* @return void |
741
|
|
|
*/ |
742
|
|
|
public function testUpdatePrivileges() |
743
|
|
|
{ |
744
|
|
|
$dbname = 'pma_dbname'; |
745
|
|
|
$username = 'pma_username'; |
746
|
|
|
$hostname = 'pma_hostname'; |
747
|
|
|
$tablename = 'pma_tablename'; |
748
|
|
|
$_POST['adduser_submit'] = true; |
749
|
|
|
$_POST['pred_username'] = 'any'; |
750
|
|
|
$_POST['pred_hostname'] = 'localhost'; |
751
|
|
|
$_POST['createdb-3'] = true; |
752
|
|
|
$_POST['Grant_priv'] = 'Y'; |
753
|
|
|
$_POST['max_questions'] = 1000; |
754
|
|
|
list($sql_query, $message) = $this->serverPrivileges->updatePrivileges( |
755
|
|
|
$username, |
756
|
|
|
$hostname, |
757
|
|
|
$tablename, |
758
|
|
|
$dbname, |
759
|
|
|
'' |
760
|
|
|
); |
761
|
|
|
|
762
|
|
|
$this->assertEquals( |
763
|
|
|
"You have updated the privileges for 'pma_username'@'pma_hostname'.", |
764
|
|
|
$message->getMessage() |
765
|
|
|
); |
766
|
|
|
$this->assertEquals( |
767
|
|
|
"REVOKE ALL PRIVILEGES ON `pma_dbname`.`pma_tablename` " |
768
|
|
|
. "FROM 'pma_username'@'pma_hostname'; ", |
769
|
|
|
$sql_query |
770
|
|
|
); |
771
|
|
|
} |
772
|
|
|
|
773
|
|
|
/** |
774
|
|
|
* Test for getHtmlToDisplayPrivilegesTable |
775
|
|
|
* |
776
|
|
|
* @return void |
777
|
|
|
* @group medium |
778
|
|
|
*/ |
779
|
|
|
public function testGetHtmlToDisplayPrivilegesTable() |
780
|
|
|
{ |
781
|
|
|
$dbi_old = $GLOBALS['dbi']; |
782
|
|
|
$GLOBALS['hostname'] = "hostname"; |
783
|
|
|
$GLOBALS['username'] = "username"; |
784
|
|
|
|
785
|
|
|
//Mock DBI |
786
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
787
|
|
|
->disableOriginalConstructor() |
788
|
|
|
->getMock(); |
789
|
|
|
|
790
|
|
|
$fetchSingleRow = [ |
791
|
|
|
'password' => 'pma_password', |
792
|
|
|
'max_questions' => 'max_questions', |
793
|
|
|
'max_updates' => 'max_updates', |
794
|
|
|
'max_connections' => 'max_connections', |
795
|
|
|
'max_user_connections' => 'max_user_connections', |
796
|
|
|
'Table_priv' => 'Select,Insert,Update,Delete,File,Create,Alter,Index,' |
797
|
|
|
. 'Drop,Super,Process,Reload,Shutdown,Create_routine,Alter_routine,' |
798
|
|
|
. 'Show_db,Repl_slave,Create_tmp_table,Show_view,Execute,' |
799
|
|
|
. 'Repl_client,Lock_tables,References,Grant,dd' |
800
|
|
|
. 'Create_user,Repl_slave,Repl_client', |
801
|
|
|
'Type' => "'Super1','Select','Insert','Update','Create','Alter','Index'," |
802
|
|
|
. "'Drop','Delete','File','Super','Process','Reload','Shutdown','" |
803
|
|
|
. "Show_db','Repl_slave','Create_tmp_table'," |
804
|
|
|
. "'Show_view','Create_routine','" |
805
|
|
|
. "Repl_client','Lock_tables','References','Alter_routine','" |
806
|
|
|
. "Create_user','Repl_slave','Repl_client','Execute','Grant','ddd", |
807
|
|
|
]; |
808
|
|
|
$dbi->expects($this->any())->method('fetchSingleRow') |
809
|
|
|
->will($this->returnValue($fetchSingleRow)); |
810
|
|
|
|
811
|
|
|
$dbi->expects($this->any())->method('tryQuery') |
812
|
|
|
->will($this->returnValue(true)); |
813
|
|
|
|
814
|
|
|
$columns = [ |
815
|
|
|
'val1', |
816
|
|
|
'replace1', |
817
|
|
|
5, |
818
|
|
|
]; |
819
|
|
|
$dbi->expects($this->at(0)) |
820
|
|
|
->method('fetchRow') |
821
|
|
|
->will($this->returnValue($columns)); |
822
|
|
|
$dbi->expects($this->at(1)) |
823
|
|
|
->method('fetchRow') |
824
|
|
|
->will($this->returnValue(false)); |
825
|
|
|
$dbi->expects($this->any()) |
826
|
|
|
->method('escapeString') |
827
|
|
|
->will($this->returnArgument(0)); |
828
|
|
|
|
829
|
|
|
$GLOBALS['dbi'] = $dbi; |
830
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
831
|
|
|
|
832
|
|
|
$html = $this->serverPrivileges->getHtmlToDisplayPrivilegesTable(); |
833
|
|
|
$GLOBALS['username'] = "username"; |
834
|
|
|
|
835
|
|
|
//validate 1: fieldset |
836
|
|
|
$this->assertStringContainsString( |
837
|
|
|
'<fieldset id="fieldset_user_privtable_footer" ', |
838
|
|
|
$html |
839
|
|
|
); |
840
|
|
|
|
841
|
|
|
//validate 2: button |
842
|
|
|
$this->assertStringContainsString( |
843
|
|
|
__('Go'), |
844
|
|
|
$html |
845
|
|
|
); |
846
|
|
|
|
847
|
|
|
//validate 3: getHtmlForGlobalOrDbSpecificPrivs |
848
|
|
|
$this->assertStringContainsString( |
849
|
|
|
'<fieldset id="fieldset_user_global_rights">', |
850
|
|
|
$html |
851
|
|
|
); |
852
|
|
|
$this->assertStringContainsString( |
853
|
|
|
'<legend data-submenu-label="' . __('Global') . '">', |
854
|
|
|
$html |
855
|
|
|
); |
856
|
|
|
$this->assertStringContainsString( |
857
|
|
|
__('Global privileges'), |
858
|
|
|
$html |
859
|
|
|
); |
860
|
|
|
$this->assertStringContainsString( |
861
|
|
|
__('Check all'), |
862
|
|
|
$html |
863
|
|
|
); |
864
|
|
|
$this->assertStringContainsString( |
865
|
|
|
__('Note: MySQL privilege names are expressed in English'), |
866
|
|
|
$html |
867
|
|
|
); |
868
|
|
|
|
869
|
|
|
//validate 4: getHtmlForGlobalPrivTableWithCheckboxes items |
870
|
|
|
//Select_priv |
871
|
|
|
$this->assertStringContainsString( |
872
|
|
|
'<input type="checkbox" class="checkall" name="Select_priv"', |
873
|
|
|
$html |
874
|
|
|
); |
875
|
|
|
//Create_user_priv |
876
|
|
|
$this->assertStringContainsString( |
877
|
|
|
'<input type="checkbox" class="checkall" name="Create_user_priv"', |
878
|
|
|
$html |
879
|
|
|
); |
880
|
|
|
//Insert_priv |
881
|
|
|
$this->assertStringContainsString( |
882
|
|
|
'<input type="checkbox" class="checkall" name="Insert_priv"', |
883
|
|
|
$html |
884
|
|
|
); |
885
|
|
|
//Update_priv |
886
|
|
|
$this->assertStringContainsString( |
887
|
|
|
'<input type="checkbox" class="checkall" name="Update_priv"', |
888
|
|
|
$html |
889
|
|
|
); |
890
|
|
|
//Create_priv |
891
|
|
|
$this->assertStringContainsString( |
892
|
|
|
'<input type="checkbox" class="checkall" name="Create_priv"', |
893
|
|
|
$html |
894
|
|
|
); |
895
|
|
|
//Create_routine_priv |
896
|
|
|
$this->assertStringContainsString( |
897
|
|
|
'<input type="checkbox" class="checkall" name="Create_routine_priv"', |
898
|
|
|
$html |
899
|
|
|
); |
900
|
|
|
//Execute_priv |
901
|
|
|
$this->assertStringContainsString( |
902
|
|
|
'<input type="checkbox" class="checkall" name="Execute_priv"', |
903
|
|
|
$html |
904
|
|
|
); |
905
|
|
|
|
906
|
|
|
//validate 5: getHtmlForResourceLimits |
907
|
|
|
$this->assertStringContainsString( |
908
|
|
|
'<legend>' . __('Resource limits') . '</legend>', |
909
|
|
|
$html |
910
|
|
|
); |
911
|
|
|
$this->assertStringContainsString( |
912
|
|
|
__('Note: Setting these options to 0 (zero) removes the limit.'), |
913
|
|
|
$html |
914
|
|
|
); |
915
|
|
|
$this->assertStringContainsString( |
916
|
|
|
'MAX QUERIES PER HOUR', |
917
|
|
|
$html |
918
|
|
|
); |
919
|
|
|
$this->assertStringContainsString( |
920
|
|
|
'id="text_max_updates" value="max_updates"', |
921
|
|
|
$html |
922
|
|
|
); |
923
|
|
|
$this->assertStringContainsString( |
924
|
|
|
__('Limits the number of new connections the user may open per hour.'), |
925
|
|
|
$html |
926
|
|
|
); |
927
|
|
|
$this->assertStringContainsString( |
928
|
|
|
__('Limits the number of simultaneous connections the user may have.'), |
929
|
|
|
$html |
930
|
|
|
); |
931
|
|
|
|
932
|
|
|
$this->assertStringContainsString( |
933
|
|
|
'<legend>SSL</legend>', |
934
|
|
|
$html |
935
|
|
|
); |
936
|
|
|
$this->assertStringContainsString( |
937
|
|
|
'value="NONE"', |
938
|
|
|
$html |
939
|
|
|
); |
940
|
|
|
$this->assertStringContainsString( |
941
|
|
|
'value="ANY"', |
942
|
|
|
$html |
943
|
|
|
); |
944
|
|
|
$this->assertStringContainsString( |
945
|
|
|
'value="X509"', |
946
|
|
|
$html |
947
|
|
|
); |
948
|
|
|
$this->assertStringContainsString( |
949
|
|
|
'value="SPECIFIED"', |
950
|
|
|
$html |
951
|
|
|
); |
952
|
|
|
|
953
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
954
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
955
|
|
|
} |
956
|
|
|
|
957
|
|
|
/** |
958
|
|
|
* Test for getSqlQueriesForDisplayAndAddUser |
959
|
|
|
* |
960
|
|
|
* @return void |
961
|
|
|
*/ |
962
|
|
|
public function testGetSqlQueriesForDisplayAndAddUser() |
963
|
|
|
{ |
964
|
|
|
|
965
|
|
|
$GLOBALS['dbi']->expects($this->any())->method('getVersion') |
966
|
|
|
->will($this->returnValue(50706)); |
967
|
|
|
$this->serverPrivileges->dbi = $GLOBALS['dbi']; |
968
|
|
|
|
969
|
|
|
$username = "PMA_username"; |
970
|
|
|
$hostname = "PMA_hostname"; |
971
|
|
|
$password = "pma_password"; |
972
|
|
|
$_POST['pred_password'] = 'keep'; |
973
|
|
|
$_POST['authentication_plugin'] = 'mysql_native_password'; |
974
|
|
|
$dbname = "PMA_db"; |
975
|
|
|
|
976
|
|
|
list( |
977
|
|
|
$create_user_real, |
978
|
|
|
$create_user_show, |
979
|
|
|
$real_sql_query, |
980
|
|
|
$sql_query, |
981
|
|
|
, |
982
|
|
|
, |
983
|
|
|
$alter_real_sql_query, |
984
|
|
|
$alter_sql_query |
985
|
|
|
) = $this->serverPrivileges->getSqlQueriesForDisplayAndAddUser( |
986
|
|
|
$username, |
987
|
|
|
$hostname, |
988
|
|
|
$password |
989
|
|
|
); |
990
|
|
|
|
991
|
|
|
//validate 1: $create_user_real |
992
|
|
|
$this->assertEquals( |
993
|
|
|
"CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " |
994
|
|
|
. "WITH mysql_native_password AS 'pma_password';", |
995
|
|
|
$create_user_real |
996
|
|
|
); |
997
|
|
|
|
998
|
|
|
//validate 2: $create_user_show |
999
|
|
|
$this->assertEquals( |
1000
|
|
|
"CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " |
1001
|
|
|
. "WITH mysql_native_password AS '***';", |
1002
|
|
|
$create_user_show |
1003
|
|
|
); |
1004
|
|
|
|
1005
|
|
|
//validate 3:$real_sql_query |
1006
|
|
|
$this->assertEquals( |
1007
|
|
|
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", |
1008
|
|
|
$real_sql_query |
1009
|
|
|
); |
1010
|
|
|
|
1011
|
|
|
//validate 4:$sql_query |
1012
|
|
|
$this->assertEquals( |
1013
|
|
|
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", |
1014
|
|
|
$sql_query |
1015
|
|
|
); |
1016
|
|
|
|
1017
|
|
|
$this->assertSame( |
1018
|
|
|
'', |
1019
|
|
|
$alter_real_sql_query |
1020
|
|
|
); |
1021
|
|
|
|
1022
|
|
|
$this->assertSame( |
1023
|
|
|
'', |
1024
|
|
|
$alter_sql_query |
1025
|
|
|
); |
1026
|
|
|
|
1027
|
|
|
//Test for addUserAndCreateDatabase |
1028
|
|
|
list($sql_query, $message) = $this->serverPrivileges->addUserAndCreateDatabase( |
1029
|
|
|
false, |
1030
|
|
|
$real_sql_query, |
1031
|
|
|
$sql_query, |
1032
|
|
|
$username, |
1033
|
|
|
$hostname, |
1034
|
|
|
$dbname, |
1035
|
|
|
$alter_real_sql_query, |
1036
|
|
|
$alter_sql_query |
1037
|
|
|
); |
1038
|
|
|
|
1039
|
|
|
//validate 5: $sql_query |
1040
|
|
|
$this->assertEquals( |
1041
|
|
|
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", |
1042
|
|
|
$sql_query |
1043
|
|
|
); |
1044
|
|
|
|
1045
|
|
|
//validate 6: $message |
1046
|
|
|
$this->assertEquals( |
1047
|
|
|
"You have added a new user.", |
1048
|
|
|
$message->getMessage() |
1049
|
|
|
); |
1050
|
|
|
} |
1051
|
|
|
|
1052
|
|
|
/** |
1053
|
|
|
* Test for getHtmlForTableSpecificPrivileges |
1054
|
|
|
* |
1055
|
|
|
* @return void |
1056
|
|
|
*/ |
1057
|
|
|
public function testGetHtmlToDisplayPrivilegesTableWithTableSpecific(): void |
1058
|
|
|
{ |
1059
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1060
|
|
|
$GLOBALS['dbi'] = DatabaseInterface::load(new DbiDummy()); |
1061
|
|
|
$this->serverPrivileges->dbi = $GLOBALS['dbi']; |
1062
|
|
|
|
1063
|
|
|
$GLOBALS['username'] = 'PMA_username'; |
1064
|
|
|
$GLOBALS['hostname'] = 'PMA_hostname'; |
1065
|
|
|
$html = $this->serverPrivileges->getHtmlToDisplayPrivilegesTable( |
1066
|
|
|
'PMA_db', |
1067
|
|
|
'PMA_table' |
1068
|
|
|
); |
1069
|
|
|
|
1070
|
|
|
$this->assertStringContainsString( |
1071
|
|
|
'checkbox_Update_priv_none', |
1072
|
|
|
$html |
1073
|
|
|
); |
1074
|
|
|
$this->assertStringContainsString( |
1075
|
|
|
'<dfn title="Allows changing data.">UPDATE</dfn>', |
1076
|
|
|
$html |
1077
|
|
|
); |
1078
|
|
|
$this->assertStringContainsString( |
1079
|
|
|
'checkbox_Insert_priv_none', |
1080
|
|
|
$html |
1081
|
|
|
); |
1082
|
|
|
$this->assertStringContainsString( |
1083
|
|
|
__('Allows reading data.'), |
1084
|
|
|
$html |
1085
|
|
|
); |
1086
|
|
|
$this->assertStringContainsString( |
1087
|
|
|
__('Allows inserting and replacing data'), |
1088
|
|
|
$html |
1089
|
|
|
); |
1090
|
|
|
$this->assertStringContainsString( |
1091
|
|
|
__('Allows changing data.'), |
1092
|
|
|
$html |
1093
|
|
|
); |
1094
|
|
|
$this->assertStringContainsString( |
1095
|
|
|
__('Has no effect in this MySQL version.'), |
1096
|
|
|
$html |
1097
|
|
|
); |
1098
|
|
|
|
1099
|
|
|
$this->assertStringContainsString( |
1100
|
|
|
'title="Allows performing SHOW CREATE VIEW queries." checked>', |
1101
|
|
|
$html |
1102
|
|
|
); |
1103
|
|
|
$this->assertStringContainsString( |
1104
|
|
|
'<dfn title="Allows creating new views.">', |
1105
|
|
|
$html |
1106
|
|
|
); |
1107
|
|
|
$this->assertStringContainsString( |
1108
|
|
|
'CREATE VIEW', |
1109
|
|
|
$html |
1110
|
|
|
); |
1111
|
|
|
$this->assertStringContainsString( |
1112
|
|
|
'Create_view_priv', |
1113
|
|
|
$html |
1114
|
|
|
); |
1115
|
|
|
$this->assertStringContainsString( |
1116
|
|
|
'Show_view_priv', |
1117
|
|
|
$html |
1118
|
|
|
); |
1119
|
|
|
$this->assertStringContainsString( |
1120
|
|
|
_pgettext('None privileges', 'None'), |
1121
|
|
|
$html |
1122
|
|
|
); |
1123
|
|
|
|
1124
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1125
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1126
|
|
|
} |
1127
|
|
|
|
1128
|
|
|
/** |
1129
|
|
|
* Test for getHtmlForLoginInformationFields |
1130
|
|
|
* |
1131
|
|
|
* @return void |
1132
|
|
|
*/ |
1133
|
|
|
public function testGetHtmlForLoginInformationFields() |
1134
|
|
|
{ |
1135
|
|
|
$GLOBALS['username'] = 'pma_username'; |
1136
|
|
|
|
1137
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1138
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1139
|
|
|
->disableOriginalConstructor() |
1140
|
|
|
->getMock(); |
1141
|
|
|
$fields_info = [ |
1142
|
|
|
[ |
1143
|
|
|
'COLUMN_NAME' => 'Host', |
1144
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 80, |
1145
|
|
|
], |
1146
|
|
|
[ |
1147
|
|
|
'COLUMN_NAME' => 'User', |
1148
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 40, |
1149
|
|
|
], |
1150
|
|
|
]; |
1151
|
|
|
$dbi->expects($this->any())->method('fetchResult') |
1152
|
|
|
->will($this->returnValue($fields_info)); |
1153
|
|
|
$dbi->expects($this->any()) |
1154
|
|
|
->method('escapeString') |
1155
|
|
|
->will($this->returnArgument(0)); |
1156
|
|
|
|
1157
|
|
|
$GLOBALS['dbi'] = $dbi; |
1158
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1159
|
|
|
|
1160
|
|
|
$html = $this->serverPrivileges->getHtmlForLoginInformationFields(); |
1161
|
|
|
|
1162
|
|
|
//validate 1: __('Login Information') |
1163
|
|
|
$this->assertStringContainsString( |
1164
|
|
|
__('Login Information'), |
1165
|
|
|
$html |
1166
|
|
|
); |
1167
|
|
|
$this->assertStringContainsString( |
1168
|
|
|
__('User name:'), |
1169
|
|
|
$html |
1170
|
|
|
); |
1171
|
|
|
$this->assertStringContainsString( |
1172
|
|
|
__('Any user'), |
1173
|
|
|
$html |
1174
|
|
|
); |
1175
|
|
|
$this->assertStringContainsString( |
1176
|
|
|
__('Use text field'), |
1177
|
|
|
$html |
1178
|
|
|
); |
1179
|
|
|
|
1180
|
|
|
$output = Util::showHint( |
1181
|
|
|
__( |
1182
|
|
|
'When Host table is used, this field is ignored ' |
1183
|
|
|
. 'and values stored in Host table are used instead.' |
1184
|
|
|
) |
1185
|
|
|
); |
1186
|
|
|
$this->assertStringContainsString( |
1187
|
|
|
$output, |
1188
|
|
|
$html |
1189
|
|
|
); |
1190
|
|
|
|
1191
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1192
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1193
|
|
|
} |
1194
|
|
|
|
1195
|
|
|
/** |
1196
|
|
|
* Test for getWithClauseForAddUserAndUpdatePrivs |
1197
|
|
|
* |
1198
|
|
|
* @return void |
1199
|
|
|
*/ |
1200
|
|
|
public function testGetWithClauseForAddUserAndUpdatePrivs() |
1201
|
|
|
{ |
1202
|
|
|
$_POST['Grant_priv'] = 'Y'; |
1203
|
|
|
$_POST['max_questions'] = 10; |
1204
|
|
|
$_POST['max_connections'] = 20; |
1205
|
|
|
$_POST['max_updates'] = 30; |
1206
|
|
|
$_POST['max_user_connections'] = 40; |
1207
|
|
|
|
1208
|
|
|
$sql_query = $this->serverPrivileges->getWithClauseForAddUserAndUpdatePrivs(); |
1209
|
|
|
$expect = "WITH GRANT OPTION MAX_QUERIES_PER_HOUR 10 " |
1210
|
|
|
. "MAX_CONNECTIONS_PER_HOUR 20" |
1211
|
|
|
. " MAX_UPDATES_PER_HOUR 30 MAX_USER_CONNECTIONS 40"; |
1212
|
|
|
$this->assertStringContainsString( |
1213
|
|
|
$expect, |
1214
|
|
|
$sql_query |
1215
|
|
|
); |
1216
|
|
|
} |
1217
|
|
|
|
1218
|
|
|
/** |
1219
|
|
|
* Test for getHtmlForAddUser |
1220
|
|
|
* |
1221
|
|
|
* @return void |
1222
|
|
|
* @group medium |
1223
|
|
|
*/ |
1224
|
|
|
public function testGetHtmlForAddUser() |
1225
|
|
|
{ |
1226
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1227
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1228
|
|
|
->disableOriginalConstructor() |
1229
|
|
|
->getMock(); |
1230
|
|
|
$fields_info = [ |
1231
|
|
|
[ |
1232
|
|
|
'COLUMN_NAME' => 'Host', |
1233
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 80, |
1234
|
|
|
], |
1235
|
|
|
[ |
1236
|
|
|
'COLUMN_NAME' => 'User', |
1237
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 40, |
1238
|
|
|
], |
1239
|
|
|
]; |
1240
|
|
|
$dbi->expects($this->any())->method('fetchResult') |
1241
|
|
|
->will($this->returnValue($fields_info)); |
1242
|
|
|
$dbi->expects($this->any()) |
1243
|
|
|
->method('escapeString') |
1244
|
|
|
->will($this->returnArgument(0)); |
1245
|
|
|
|
1246
|
|
|
$GLOBALS['dbi'] = $dbi; |
1247
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1248
|
|
|
|
1249
|
|
|
$dbname = "pma_dbname"; |
1250
|
|
|
|
1251
|
|
|
$html = $this->serverPrivileges->getHtmlForAddUser($dbname); |
1252
|
|
|
|
1253
|
|
|
//validate 1: Url::getHiddenInputs |
1254
|
|
|
$this->assertStringContainsString( |
1255
|
|
|
Url::getHiddenInputs('', ''), |
1256
|
|
|
$html |
1257
|
|
|
); |
1258
|
|
|
|
1259
|
|
|
//validate 2: getHtmlForLoginInformationFields |
1260
|
|
|
$this->assertStringContainsString( |
1261
|
|
|
$this->serverPrivileges->getHtmlForLoginInformationFields('new'), |
1262
|
|
|
$html |
1263
|
|
|
); |
1264
|
|
|
|
1265
|
|
|
//validate 3: Database for user |
1266
|
|
|
$this->assertStringContainsString( |
1267
|
|
|
__('Database for user'), |
1268
|
|
|
$html |
1269
|
|
|
); |
1270
|
|
|
|
1271
|
|
|
$this->assertStringContainsString( |
1272
|
|
|
__('Grant all privileges on wildcard name (username\\_%).'), |
1273
|
|
|
$html |
1274
|
|
|
); |
1275
|
|
|
$this->assertStringContainsString( |
1276
|
|
|
'<input type="checkbox" name="createdb-2" id="createdb-2">', |
1277
|
|
|
$html |
1278
|
|
|
); |
1279
|
|
|
|
1280
|
|
|
//validate 4: getHtmlToDisplayPrivilegesTable |
1281
|
|
|
$this->assertStringContainsString( |
1282
|
|
|
$this->serverPrivileges->getHtmlToDisplayPrivilegesTable('*', '*', false), |
1283
|
|
|
$html |
1284
|
|
|
); |
1285
|
|
|
|
1286
|
|
|
//validate 5: button |
1287
|
|
|
$this->assertStringContainsString( |
1288
|
|
|
__('Go'), |
1289
|
|
|
$html |
1290
|
|
|
); |
1291
|
|
|
|
1292
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1293
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1294
|
|
|
} |
1295
|
|
|
|
1296
|
|
|
/** |
1297
|
|
|
* Test for getHtmlForSpecificDbPrivileges |
1298
|
|
|
* |
1299
|
|
|
* @return void |
1300
|
|
|
*/ |
1301
|
|
|
public function testGetHtmlForSpecificDbPrivileges() |
1302
|
|
|
{ |
1303
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1304
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1305
|
|
|
->disableOriginalConstructor() |
1306
|
|
|
->getMock(); |
1307
|
|
|
$fields_info = [ |
1308
|
|
|
[ |
1309
|
|
|
'COLUMN_NAME' => 'Host', |
1310
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 80, |
1311
|
|
|
], |
1312
|
|
|
[ |
1313
|
|
|
'COLUMN_NAME' => 'User', |
1314
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 40, |
1315
|
|
|
], |
1316
|
|
|
]; |
1317
|
|
|
$dbi->expects($this->any())->method('isSuperuser') |
1318
|
|
|
->will($this->returnValue(true)); |
1319
|
|
|
$dbi->expects($this->any())->method('fetchResult') |
1320
|
|
|
->will($this->returnValue($fields_info)); |
1321
|
|
|
$dbi->expects($this->any()) |
1322
|
|
|
->method('escapeString') |
1323
|
|
|
->will($this->returnArgument(0)); |
1324
|
|
|
|
1325
|
|
|
$GLOBALS['dbi'] = $dbi; |
1326
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1327
|
|
|
|
1328
|
|
|
$db = "pma_dbname"; |
1329
|
|
|
|
1330
|
|
|
$html = $this->serverPrivileges->getHtmlForSpecificDbPrivileges($db); |
1331
|
|
|
|
1332
|
|
|
//validate 1: Url::getCommon |
1333
|
|
|
$this->assertStringContainsString( |
1334
|
|
|
Url::getCommon(['db' => $db], ''), |
1335
|
|
|
$html |
1336
|
|
|
); |
1337
|
|
|
|
1338
|
|
|
//validate 2: htmlspecialchars |
1339
|
|
|
$this->assertStringContainsString( |
1340
|
|
|
htmlspecialchars($db), |
1341
|
|
|
$html |
1342
|
|
|
); |
1343
|
|
|
|
1344
|
|
|
//validate 3: items |
1345
|
|
|
$this->assertStringContainsString( |
1346
|
|
|
__('User'), |
1347
|
|
|
$html |
1348
|
|
|
); |
1349
|
|
|
$this->assertStringContainsString( |
1350
|
|
|
__('Host'), |
1351
|
|
|
$html |
1352
|
|
|
); |
1353
|
|
|
$this->assertStringContainsString( |
1354
|
|
|
__('Type'), |
1355
|
|
|
$html |
1356
|
|
|
); |
1357
|
|
|
$this->assertStringContainsString( |
1358
|
|
|
__('Privileges'), |
1359
|
|
|
$html |
1360
|
|
|
); |
1361
|
|
|
$this->assertStringContainsString( |
1362
|
|
|
__('Grant'), |
1363
|
|
|
$html |
1364
|
|
|
); |
1365
|
|
|
$this->assertStringContainsString( |
1366
|
|
|
__('Action'), |
1367
|
|
|
$html |
1368
|
|
|
); |
1369
|
|
|
|
1370
|
|
|
//_pgettext('Create new user', 'New') |
1371
|
|
|
$this->assertStringContainsString( |
1372
|
|
|
_pgettext('Create new user', 'New'), |
1373
|
|
|
$html |
1374
|
|
|
); |
1375
|
|
|
$this->assertStringContainsString( |
1376
|
|
|
Url::getCommon(['checkprivsdb' => $db]), |
1377
|
|
|
$html |
1378
|
|
|
); |
1379
|
|
|
|
1380
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1381
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1382
|
|
|
} |
1383
|
|
|
|
1384
|
|
|
/** |
1385
|
|
|
* Test for getHtmlForSpecificTablePrivileges |
1386
|
|
|
* |
1387
|
|
|
* @return void |
1388
|
|
|
*/ |
1389
|
|
|
public function testGetHtmlForSpecificTablePrivileges() |
1390
|
|
|
{ |
1391
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1392
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1393
|
|
|
->disableOriginalConstructor() |
1394
|
|
|
->getMock(); |
1395
|
|
|
$fields_info = [ |
1396
|
|
|
[ |
1397
|
|
|
'COLUMN_NAME' => 'Host', |
1398
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 80, |
1399
|
|
|
], |
1400
|
|
|
[ |
1401
|
|
|
'COLUMN_NAME' => 'User', |
1402
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 40, |
1403
|
|
|
], |
1404
|
|
|
]; |
1405
|
|
|
$dbi->expects($this->any())->method('fetchResult') |
1406
|
|
|
->will($this->returnValue($fields_info)); |
1407
|
|
|
$dbi->expects($this->any()) |
1408
|
|
|
->method('escapeString') |
1409
|
|
|
->will($this->returnArgument(0)); |
1410
|
|
|
$dbi->expects($this->any())->method('isSuperuser') |
1411
|
|
|
->will($this->returnValue(true)); |
1412
|
|
|
|
1413
|
|
|
$GLOBALS['dbi'] = $dbi; |
1414
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1415
|
|
|
|
1416
|
|
|
$db = "pma_dbname"; |
1417
|
|
|
$table = "pma_table"; |
1418
|
|
|
|
1419
|
|
|
$html = $this->serverPrivileges->getHtmlForSpecificTablePrivileges($db, $table); |
1420
|
|
|
|
1421
|
|
|
//validate 1: $db, $table |
1422
|
|
|
$this->assertStringContainsString( |
1423
|
|
|
htmlspecialchars($db) . '.' . htmlspecialchars($table), |
1424
|
|
|
$html |
1425
|
|
|
); |
1426
|
|
|
|
1427
|
|
|
//validate 2: Url::getCommon |
1428
|
|
|
$item = Url::getCommon([ |
1429
|
|
|
'db' => $db, |
1430
|
|
|
'table' => $table, |
1431
|
|
|
], ''); |
1432
|
|
|
$this->assertStringContainsString( |
1433
|
|
|
$item, |
1434
|
|
|
$html |
1435
|
|
|
); |
1436
|
|
|
|
1437
|
|
|
//validate 3: items |
1438
|
|
|
$this->assertStringContainsString( |
1439
|
|
|
__('User'), |
1440
|
|
|
$html |
1441
|
|
|
); |
1442
|
|
|
$this->assertStringContainsString( |
1443
|
|
|
__('Host'), |
1444
|
|
|
$html |
1445
|
|
|
); |
1446
|
|
|
$this->assertStringContainsString( |
1447
|
|
|
__('Type'), |
1448
|
|
|
$html |
1449
|
|
|
); |
1450
|
|
|
$this->assertStringContainsString( |
1451
|
|
|
__('Privileges'), |
1452
|
|
|
$html |
1453
|
|
|
); |
1454
|
|
|
$this->assertStringContainsString( |
1455
|
|
|
__('Grant'), |
1456
|
|
|
$html |
1457
|
|
|
); |
1458
|
|
|
$this->assertStringContainsString( |
1459
|
|
|
__('Action'), |
1460
|
|
|
$html |
1461
|
|
|
); |
1462
|
|
|
|
1463
|
|
|
//_pgettext('Create new user', 'New') |
1464
|
|
|
$this->assertStringContainsString( |
1465
|
|
|
_pgettext('Create new user', 'New'), |
1466
|
|
|
$html |
1467
|
|
|
); |
1468
|
|
|
$this->assertStringContainsString( |
1469
|
|
|
Url::getCommon( |
1470
|
|
|
[ |
1471
|
|
|
'checkprivsdb' => $db, |
1472
|
|
|
'checkprivstable' => $table, |
1473
|
|
|
] |
1474
|
|
|
), |
1475
|
|
|
$html |
1476
|
|
|
); |
1477
|
|
|
|
1478
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1479
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1480
|
|
|
} |
1481
|
|
|
|
1482
|
|
|
/** |
1483
|
|
|
* Test for getUserLink |
1484
|
|
|
* |
1485
|
|
|
* @return void |
1486
|
|
|
*/ |
1487
|
|
|
public function testGetUserLink() |
1488
|
|
|
{ |
1489
|
|
|
$username = "pma_username"; |
1490
|
|
|
$hostname = "pma_hostname"; |
1491
|
|
|
$dbname = "pma_dbname"; |
1492
|
|
|
$tablename = "pma_tablename"; |
1493
|
|
|
|
1494
|
|
|
$html = $this->serverPrivileges->getUserLink( |
1495
|
|
|
'edit', |
1496
|
|
|
$username, |
1497
|
|
|
$hostname, |
1498
|
|
|
$dbname, |
1499
|
|
|
$tablename, |
1500
|
|
|
'' |
1501
|
|
|
); |
1502
|
|
|
|
1503
|
|
|
$url_html = Url::getCommon([ |
1504
|
|
|
'username' => $username, |
1505
|
|
|
'hostname' => $hostname, |
1506
|
|
|
'dbname' => $dbname, |
1507
|
|
|
'tablename' => $tablename, |
1508
|
|
|
'routinename' => '', |
1509
|
|
|
], ''); |
1510
|
|
|
$this->assertStringContainsString( |
1511
|
|
|
$url_html, |
1512
|
|
|
$html |
1513
|
|
|
); |
1514
|
|
|
$this->assertStringContainsString( |
1515
|
|
|
__('Edit privileges'), |
1516
|
|
|
$html |
1517
|
|
|
); |
1518
|
|
|
|
1519
|
|
|
$html = $this->serverPrivileges->getUserLink( |
1520
|
|
|
'revoke', |
1521
|
|
|
$username, |
1522
|
|
|
$hostname, |
1523
|
|
|
$dbname, |
1524
|
|
|
$tablename, |
1525
|
|
|
'' |
1526
|
|
|
); |
1527
|
|
|
|
1528
|
|
|
$url_html = Url::getCommon( |
1529
|
|
|
[ |
1530
|
|
|
'username' => $username, |
1531
|
|
|
'hostname' => $hostname, |
1532
|
|
|
'dbname' => $dbname, |
1533
|
|
|
'tablename' => $tablename, |
1534
|
|
|
'routinename' => '', |
1535
|
|
|
'revokeall' => 1, |
1536
|
|
|
], |
1537
|
|
|
'' |
1538
|
|
|
); |
1539
|
|
|
$this->assertStringContainsString( |
1540
|
|
|
$url_html, |
1541
|
|
|
$html |
1542
|
|
|
); |
1543
|
|
|
$this->assertStringContainsString( |
1544
|
|
|
__('Revoke'), |
1545
|
|
|
$html |
1546
|
|
|
); |
1547
|
|
|
|
1548
|
|
|
$html = $this->serverPrivileges->getUserLink('export', $username, $hostname); |
1549
|
|
|
|
1550
|
|
|
$url_html = Url::getCommon([ |
1551
|
|
|
'username' => $username, |
1552
|
|
|
'hostname' => $hostname, |
1553
|
|
|
'initial' => '', |
1554
|
|
|
'export' => 1, |
1555
|
|
|
], ''); |
1556
|
|
|
$this->assertStringContainsString( |
1557
|
|
|
$url_html, |
1558
|
|
|
$html |
1559
|
|
|
); |
1560
|
|
|
$this->assertStringContainsString( |
1561
|
|
|
__('Export'), |
1562
|
|
|
$html |
1563
|
|
|
); |
1564
|
|
|
} |
1565
|
|
|
|
1566
|
|
|
/** |
1567
|
|
|
* Test for getExtraDataForAjaxBehavior |
1568
|
|
|
* |
1569
|
|
|
* @return void |
1570
|
|
|
*/ |
1571
|
|
|
public function testGetExtraDataForAjaxBehavior() |
1572
|
|
|
{ |
1573
|
|
|
$password = "pma_password"; |
1574
|
|
|
$sql_query = "pma_sql_query"; |
1575
|
|
|
$username = "pma_username"; |
1576
|
|
|
$hostname = "pma_hostname"; |
1577
|
|
|
$GLOBALS['dbname'] = "pma_dbname"; |
1578
|
|
|
$_POST['adduser_submit'] = "adduser_submit"; |
1579
|
|
|
$_POST['username'] = "username"; |
1580
|
|
|
$_POST['change_copy'] = "change_copy"; |
1581
|
|
|
$_GET['validate_username'] = "validate_username"; |
1582
|
|
|
$_GET['username'] = "username"; |
1583
|
|
|
$_POST['update_privs'] = "update_privs"; |
1584
|
|
|
|
1585
|
|
|
$extra_data = $this->serverPrivileges->getExtraDataForAjaxBehavior( |
1586
|
|
|
$password, |
1587
|
|
|
$sql_query, |
1588
|
|
|
$hostname, |
1589
|
|
|
$username |
1590
|
|
|
); |
1591
|
|
|
|
1592
|
|
|
//user_exists |
1593
|
|
|
$this->assertEquals( |
1594
|
|
|
false, |
1595
|
|
|
$extra_data['user_exists'] |
1596
|
|
|
); |
1597
|
|
|
|
1598
|
|
|
//db_wildcard_privs |
1599
|
|
|
$this->assertEquals( |
1600
|
|
|
true, |
1601
|
|
|
$extra_data['db_wildcard_privs'] |
1602
|
|
|
); |
1603
|
|
|
|
1604
|
|
|
//user_exists |
1605
|
|
|
$this->assertEquals( |
1606
|
|
|
false, |
1607
|
|
|
$extra_data['db_specific_privs'] |
1608
|
|
|
); |
1609
|
|
|
|
1610
|
|
|
//new_user_initial |
1611
|
|
|
$this->assertEquals( |
1612
|
|
|
'P', |
1613
|
|
|
$extra_data['new_user_initial'] |
1614
|
|
|
); |
1615
|
|
|
|
1616
|
|
|
//sql_query |
1617
|
|
|
$this->assertEquals( |
1618
|
|
|
Util::getMessage(null, $sql_query), |
1619
|
|
|
$extra_data['sql_query'] |
1620
|
|
|
); |
1621
|
|
|
|
1622
|
|
|
//new_user_string |
1623
|
|
|
$this->assertStringContainsString( |
1624
|
|
|
htmlspecialchars($hostname), |
1625
|
|
|
$extra_data['new_user_string'] |
1626
|
|
|
); |
1627
|
|
|
$this->assertStringContainsString( |
1628
|
|
|
htmlspecialchars($username), |
1629
|
|
|
$extra_data['new_user_string'] |
1630
|
|
|
); |
1631
|
|
|
|
1632
|
|
|
//new_privileges |
1633
|
|
|
$this->assertStringContainsString( |
1634
|
|
|
implode(', ', $this->serverPrivileges->extractPrivInfo(null, true)), |
1635
|
|
|
$extra_data['new_privileges'] |
1636
|
|
|
); |
1637
|
|
|
} |
1638
|
|
|
|
1639
|
|
|
/** |
1640
|
|
|
* Test for getChangeLoginInformationHtmlForm |
1641
|
|
|
* |
1642
|
|
|
* @return void |
1643
|
|
|
*/ |
1644
|
|
|
public function testGetChangeLoginInformationHtmlForm() |
1645
|
|
|
{ |
1646
|
|
|
$username = "pma_username"; |
1647
|
|
|
$hostname = "pma_hostname"; |
1648
|
|
|
$GLOBALS['cfgRelation']['menuswork'] = true; |
1649
|
|
|
|
1650
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1651
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1652
|
|
|
->disableOriginalConstructor() |
1653
|
|
|
->getMock(); |
1654
|
|
|
$fields_info = [ |
1655
|
|
|
[ |
1656
|
|
|
'COLUMN_NAME' => 'Host', |
1657
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 80, |
1658
|
|
|
], |
1659
|
|
|
[ |
1660
|
|
|
'COLUMN_NAME' => 'User', |
1661
|
|
|
'CHARACTER_MAXIMUM_LENGTH' => 40, |
1662
|
|
|
], |
1663
|
|
|
]; |
1664
|
|
|
$dbi->expects($this->any())->method('fetchResult') |
1665
|
|
|
->will($this->returnValue($fields_info)); |
1666
|
|
|
|
1667
|
|
|
$expected_userGroup = "pma_usergroup"; |
1668
|
|
|
|
1669
|
|
|
$dbi->expects($this->any())->method('fetchValue') |
1670
|
|
|
->will($this->returnValue($expected_userGroup)); |
1671
|
|
|
$dbi->expects($this->any()) |
1672
|
|
|
->method('escapeString') |
1673
|
|
|
->will($this->returnArgument(0)); |
1674
|
|
|
|
1675
|
|
|
$GLOBALS['dbi'] = $dbi; |
1676
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1677
|
|
|
|
1678
|
|
|
$html = $this->serverPrivileges->getChangeLoginInformationHtmlForm($username, $hostname); |
1679
|
|
|
|
1680
|
|
|
//Url::getHiddenInputs |
1681
|
|
|
$this->assertStringContainsString( |
1682
|
|
|
Url::getHiddenInputs('', ''), |
1683
|
|
|
$html |
1684
|
|
|
); |
1685
|
|
|
|
1686
|
|
|
//$username & $hostname |
1687
|
|
|
$this->assertStringContainsString( |
1688
|
|
|
htmlspecialchars($username), |
1689
|
|
|
$html |
1690
|
|
|
); |
1691
|
|
|
$this->assertStringContainsString( |
1692
|
|
|
htmlspecialchars($hostname), |
1693
|
|
|
$html |
1694
|
|
|
); |
1695
|
|
|
|
1696
|
|
|
$this->assertStringContainsString( |
1697
|
|
|
$this->serverPrivileges->getHtmlForLoginInformationFields('change', $username, $hostname), |
1698
|
|
|
$html |
1699
|
|
|
); |
1700
|
|
|
|
1701
|
|
|
$this->assertStringContainsString( |
1702
|
|
|
'<input type="hidden" name="old_usergroup" value="' |
1703
|
|
|
. $expected_userGroup . '">', |
1704
|
|
|
$html |
1705
|
|
|
); |
1706
|
|
|
|
1707
|
|
|
//Create a new user with the same privileges |
1708
|
|
|
$this->assertStringContainsString( |
1709
|
|
|
"Create a new user account with the same privileges", |
1710
|
|
|
$html |
1711
|
|
|
); |
1712
|
|
|
|
1713
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1714
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1715
|
|
|
} |
1716
|
|
|
|
1717
|
|
|
/** |
1718
|
|
|
* Test for getUserGroupForUser |
1719
|
|
|
* |
1720
|
|
|
* @return void |
1721
|
|
|
*/ |
1722
|
|
|
public function testGetUserGroupForUser() |
1723
|
|
|
{ |
1724
|
|
|
$username = "pma_username"; |
1725
|
|
|
$GLOBALS['cfgRelation']['menuswork'] = true; |
1726
|
|
|
|
1727
|
|
|
$dbi_old = $GLOBALS['dbi']; |
1728
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
1729
|
|
|
->disableOriginalConstructor() |
1730
|
|
|
->getMock(); |
1731
|
|
|
$expected_userGroup = "pma_usergroup"; |
1732
|
|
|
|
1733
|
|
|
$dbi->expects($this->any())->method('fetchValue') |
1734
|
|
|
->will($this->returnValue($expected_userGroup)); |
1735
|
|
|
$dbi->expects($this->any()) |
1736
|
|
|
->method('escapeString') |
1737
|
|
|
->will($this->returnArgument(0)); |
1738
|
|
|
|
1739
|
|
|
$GLOBALS['dbi'] = $dbi; |
1740
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
1741
|
|
|
|
1742
|
|
|
$returned_userGroup = $this->serverPrivileges->getUserGroupForUser($username); |
1743
|
|
|
|
1744
|
|
|
$this->assertEquals( |
1745
|
|
|
$expected_userGroup, |
1746
|
|
|
$returned_userGroup |
1747
|
|
|
); |
1748
|
|
|
|
1749
|
|
|
$GLOBALS['dbi'] = $dbi_old; |
1750
|
|
|
$this->serverPrivileges->dbi = $dbi_old; |
1751
|
|
|
} |
1752
|
|
|
|
1753
|
|
|
/** |
1754
|
|
|
* Test for getLinkToDbAndTable |
1755
|
|
|
* |
1756
|
|
|
* @return void |
1757
|
|
|
*/ |
1758
|
|
|
public function testGetLinkToDbAndTable() |
1759
|
|
|
{ |
1760
|
|
|
$url_dbname = "url_dbname"; |
1761
|
|
|
$dbname = "dbname"; |
1762
|
|
|
$tablename = "tablename"; |
1763
|
|
|
|
1764
|
|
|
$html = $this->serverPrivileges->getLinkToDbAndTable($url_dbname, $dbname, $tablename); |
1765
|
|
|
|
1766
|
|
|
//$dbname |
1767
|
|
|
$this->assertStringContainsString( |
1768
|
|
|
__('Database'), |
1769
|
|
|
$html |
1770
|
|
|
); |
1771
|
|
|
$this->assertStringContainsString( |
1772
|
|
|
Util::getScriptNameForOption( |
1773
|
|
|
$GLOBALS['cfg']['DefaultTabDatabase'], |
1774
|
|
|
'database' |
1775
|
|
|
), |
1776
|
|
|
$html |
1777
|
|
|
); |
1778
|
|
|
$item = Url::getCommon([ |
1779
|
|
|
'db' => $url_dbname, |
1780
|
|
|
'reload' => 1, |
1781
|
|
|
], ''); |
1782
|
|
|
$this->assertStringContainsString( |
1783
|
|
|
$item, |
1784
|
|
|
$html |
1785
|
|
|
); |
1786
|
|
|
$this->assertStringContainsString( |
1787
|
|
|
htmlspecialchars($dbname), |
1788
|
|
|
$html |
1789
|
|
|
); |
1790
|
|
|
|
1791
|
|
|
//$tablename |
1792
|
|
|
$this->assertStringContainsString( |
1793
|
|
|
__('Table'), |
1794
|
|
|
$html |
1795
|
|
|
); |
1796
|
|
|
$this->assertStringContainsString( |
1797
|
|
|
Util::getScriptNameForOption( |
1798
|
|
|
$GLOBALS['cfg']['DefaultTabTable'], |
1799
|
|
|
'table' |
1800
|
|
|
), |
1801
|
|
|
$html |
1802
|
|
|
); |
1803
|
|
|
$item = Url::getCommon([ |
1804
|
|
|
'db' => $url_dbname, |
1805
|
|
|
'table' => $tablename, |
1806
|
|
|
'reload' => 1, |
1807
|
|
|
], ''); |
1808
|
|
|
$this->assertStringContainsString( |
1809
|
|
|
$item, |
1810
|
|
|
$html |
1811
|
|
|
); |
1812
|
|
|
$this->assertStringContainsString( |
1813
|
|
|
htmlspecialchars($tablename), |
1814
|
|
|
$html |
1815
|
|
|
); |
1816
|
|
|
$item = Util::getTitleForTarget( |
1817
|
|
|
$GLOBALS['cfg']['DefaultTabTable'] |
1818
|
|
|
); |
1819
|
|
|
$this->assertStringContainsString( |
1820
|
|
|
$item, |
|
|
|
|
1821
|
|
|
$html |
1822
|
|
|
); |
1823
|
|
|
} |
1824
|
|
|
|
1825
|
|
|
/** |
1826
|
|
|
* Test for getUsersOverview |
1827
|
|
|
* |
1828
|
|
|
* @return void |
1829
|
|
|
*/ |
1830
|
|
|
public function testGetUsersOverview() |
1831
|
|
|
{ |
1832
|
|
|
$result = []; |
1833
|
|
|
$db_rights = []; |
1834
|
|
|
$pmaThemeImage = "pmaThemeImage"; |
1835
|
|
|
$text_dir = "text_dir"; |
1836
|
|
|
$GLOBALS['cfgRelation']['menuswork'] = true; |
1837
|
|
|
|
1838
|
|
|
$html = $this->serverPrivileges->getUsersOverview( |
1839
|
|
|
$result, |
1840
|
|
|
$db_rights, |
1841
|
|
|
$pmaThemeImage, |
1842
|
|
|
$text_dir |
1843
|
|
|
); |
1844
|
|
|
|
1845
|
|
|
//Url::getHiddenInputs |
1846
|
|
|
$this->assertStringContainsString( |
1847
|
|
|
Url::getHiddenInputs('', ''), |
1848
|
|
|
$html |
1849
|
|
|
); |
1850
|
|
|
|
1851
|
|
|
//items |
1852
|
|
|
$this->assertStringContainsString( |
1853
|
|
|
__('User'), |
1854
|
|
|
$html |
1855
|
|
|
); |
1856
|
|
|
$this->assertStringContainsString( |
1857
|
|
|
__('Host'), |
1858
|
|
|
$html |
1859
|
|
|
); |
1860
|
|
|
$this->assertStringContainsString( |
1861
|
|
|
__('Password'), |
1862
|
|
|
$html |
1863
|
|
|
); |
1864
|
|
|
$this->assertStringContainsString( |
1865
|
|
|
__('Global privileges'), |
1866
|
|
|
$html |
1867
|
|
|
); |
1868
|
|
|
|
1869
|
|
|
//Util::showHint |
1870
|
|
|
$this->assertStringContainsString( |
1871
|
|
|
Util::showHint( |
1872
|
|
|
__('Note: MySQL privilege names are expressed in English.') |
1873
|
|
|
), |
1874
|
|
|
$html |
1875
|
|
|
); |
1876
|
|
|
|
1877
|
|
|
//__('User group') |
1878
|
|
|
$this->assertStringContainsString( |
1879
|
|
|
__('User group'), |
1880
|
|
|
$html |
1881
|
|
|
); |
1882
|
|
|
$this->assertStringContainsString( |
1883
|
|
|
__('Grant'), |
1884
|
|
|
$html |
1885
|
|
|
); |
1886
|
|
|
$this->assertStringContainsString( |
1887
|
|
|
__('Action'), |
1888
|
|
|
$html |
1889
|
|
|
); |
1890
|
|
|
|
1891
|
|
|
//$pmaThemeImage |
1892
|
|
|
$this->assertStringContainsString( |
1893
|
|
|
$pmaThemeImage, |
1894
|
|
|
$html |
1895
|
|
|
); |
1896
|
|
|
|
1897
|
|
|
//$text_dir |
1898
|
|
|
$this->assertStringContainsString( |
1899
|
|
|
$text_dir, |
1900
|
|
|
$html |
1901
|
|
|
); |
1902
|
|
|
|
1903
|
|
|
$this->assertStringContainsString( |
1904
|
|
|
Url::getCommon(['adduser' => 1], ''), |
1905
|
|
|
$html |
1906
|
|
|
); |
1907
|
|
|
|
1908
|
|
|
//labels |
1909
|
|
|
$this->assertStringContainsString( |
1910
|
|
|
__('Add user account'), |
1911
|
|
|
$html |
1912
|
|
|
); |
1913
|
|
|
$this->assertStringContainsString( |
1914
|
|
|
__('Remove selected user accounts'), |
1915
|
|
|
$html |
1916
|
|
|
); |
1917
|
|
|
$this->assertStringContainsString( |
1918
|
|
|
__('Drop the databases that have the same names as the users.'), |
1919
|
|
|
$html |
1920
|
|
|
); |
1921
|
|
|
$this->assertStringContainsString( |
1922
|
|
|
__('Drop the databases that have the same names as the users.'), |
1923
|
|
|
$html |
1924
|
|
|
); |
1925
|
|
|
} |
1926
|
|
|
|
1927
|
|
|
/** |
1928
|
|
|
* Test for getDataForDeleteUsers |
1929
|
|
|
* |
1930
|
|
|
* @return void |
1931
|
|
|
*/ |
1932
|
|
|
public function testGetDataForDeleteUsers() |
1933
|
|
|
{ |
1934
|
|
|
$_POST['change_copy'] = "change_copy"; |
1935
|
|
|
$_POST['old_hostname'] = "old_hostname"; |
1936
|
|
|
$_POST['old_username'] = "old_username"; |
1937
|
|
|
$_SESSION['relation'][1] = [ |
1938
|
|
|
'PMA_VERSION' => PMA_VERSION, |
1939
|
|
|
'bookmarkwork' => false, |
1940
|
|
|
'historywork' => false, |
1941
|
|
|
'recentwork' => false, |
1942
|
|
|
'favoritework' => false, |
1943
|
|
|
'uiprefswork' => false, |
1944
|
|
|
'userconfigwork' => false, |
1945
|
|
|
'menuswork' => false, |
1946
|
|
|
'navwork' => false, |
1947
|
|
|
'savedsearcheswork' => false, |
1948
|
|
|
'designersettingswork' => false, |
1949
|
|
|
]; |
1950
|
|
|
|
1951
|
|
|
$queries = []; |
1952
|
|
|
|
1953
|
|
|
$ret = $this->serverPrivileges->getDataForDeleteUsers($queries); |
1954
|
|
|
|
1955
|
|
|
$item = [ |
1956
|
|
|
"# Deleting 'old_username'@'old_hostname' ...", |
1957
|
|
|
"DROP USER 'old_username'@'old_hostname';", |
1958
|
|
|
]; |
1959
|
|
|
$this->assertEquals( |
1960
|
|
|
$item, |
1961
|
|
|
$ret |
1962
|
|
|
); |
1963
|
|
|
} |
1964
|
|
|
|
1965
|
|
|
/** |
1966
|
|
|
* Test for getAddUserHtmlFieldset |
1967
|
|
|
* |
1968
|
|
|
* @return void |
1969
|
|
|
*/ |
1970
|
|
|
public function testGetAddUserHtmlFieldset() |
1971
|
|
|
{ |
1972
|
|
|
$html = $this->serverPrivileges->getAddUserHtmlFieldset(); |
1973
|
|
|
|
1974
|
|
|
$this->assertStringContainsString( |
1975
|
|
|
Url::getCommon(['adduser' => 1], ''), |
1976
|
|
|
$html |
1977
|
|
|
); |
1978
|
|
|
$this->assertStringContainsString( |
1979
|
|
|
Util::getIcon('b_usradd'), |
1980
|
|
|
$html |
1981
|
|
|
); |
1982
|
|
|
$this->assertStringContainsString( |
1983
|
|
|
__('Add user'), |
1984
|
|
|
$html |
1985
|
|
|
); |
1986
|
|
|
} |
1987
|
|
|
|
1988
|
|
|
/** |
1989
|
|
|
* Test for getHtmlHeaderForUserProperties |
1990
|
|
|
* |
1991
|
|
|
* @return void |
1992
|
|
|
*/ |
1993
|
|
|
public function testGetHtmlHeaderForUserProperties() |
1994
|
|
|
{ |
1995
|
|
|
$dbname_is_wildcard = true; |
1996
|
|
|
$url_dbname = "url_dbname"; |
1997
|
|
|
$dbname = "dbname"; |
1998
|
|
|
$username = "username"; |
1999
|
|
|
$hostname = "hostname"; |
2000
|
|
|
$tablename = "tablename"; |
2001
|
|
|
$_REQUEST['tablename'] = "tablename"; |
2002
|
|
|
|
2003
|
|
|
$html = $this->serverPrivileges->getHtmlForUserProperties( |
2004
|
|
|
$dbname_is_wildcard, |
2005
|
|
|
$url_dbname, |
2006
|
|
|
$username, |
2007
|
|
|
$hostname, |
2008
|
|
|
$tablename, |
2009
|
|
|
$_REQUEST['tablename'] |
2010
|
|
|
); |
2011
|
|
|
|
2012
|
|
|
//title |
2013
|
|
|
$this->assertStringContainsString( |
2014
|
|
|
__('Edit privileges:'), |
2015
|
|
|
$html |
2016
|
|
|
); |
2017
|
|
|
$this->assertStringContainsString( |
2018
|
|
|
__('User account'), |
2019
|
|
|
$html |
2020
|
|
|
); |
2021
|
|
|
|
2022
|
|
|
//Url::getCommon |
2023
|
|
|
$item = Url::getCommon([ |
2024
|
|
|
'username' => $username, |
2025
|
|
|
'hostname' => $hostname, |
2026
|
|
|
'dbname' => '', |
2027
|
|
|
'tablename' => '', |
2028
|
|
|
], ''); |
2029
|
|
|
$this->assertStringContainsString( |
2030
|
|
|
$item, |
2031
|
|
|
$html |
2032
|
|
|
); |
2033
|
|
|
|
2034
|
|
|
//$username & $hostname |
2035
|
|
|
$this->assertStringContainsString( |
2036
|
|
|
htmlspecialchars($username), |
2037
|
|
|
$html |
2038
|
|
|
); |
2039
|
|
|
$this->assertStringContainsString( |
2040
|
|
|
htmlspecialchars($hostname), |
2041
|
|
|
$html |
2042
|
|
|
); |
2043
|
|
|
|
2044
|
|
|
//$dbname_is_wildcard = true |
2045
|
|
|
$this->assertStringContainsString( |
2046
|
|
|
__('Databases'), |
2047
|
|
|
$html |
2048
|
|
|
); |
2049
|
|
|
|
2050
|
|
|
//$dbname_is_wildcard = true |
2051
|
|
|
$this->assertStringContainsString( |
2052
|
|
|
__('Databases'), |
2053
|
|
|
$html |
2054
|
|
|
); |
2055
|
|
|
|
2056
|
|
|
//Url::getCommon |
2057
|
|
|
$item = Url::getCommon([ |
2058
|
|
|
'username' => $username, |
2059
|
|
|
'hostname' => $hostname, |
2060
|
|
|
'dbname' => $url_dbname, |
2061
|
|
|
'tablename' => '', |
2062
|
|
|
], ''); |
2063
|
|
|
$this->assertStringContainsString( |
2064
|
|
|
$item, |
2065
|
|
|
$html |
2066
|
|
|
); |
2067
|
|
|
$this->assertStringContainsString( |
2068
|
|
|
$dbname, |
2069
|
|
|
$html |
2070
|
|
|
); |
2071
|
|
|
} |
2072
|
|
|
|
2073
|
|
|
/** |
2074
|
|
|
* Tests for getHtmlForViewUsersError |
2075
|
|
|
* |
2076
|
|
|
* @return void |
2077
|
|
|
*/ |
2078
|
|
|
public function testGetHtmlForViewUsersError() |
2079
|
|
|
{ |
2080
|
|
|
$this->assertStringContainsString( |
2081
|
|
|
'Not enough privilege to view users.', |
2082
|
|
|
$this->serverPrivileges->getHtmlForViewUsersError() |
2083
|
|
|
); |
2084
|
|
|
} |
2085
|
|
|
|
2086
|
|
|
/** |
2087
|
|
|
* Tests for getHtmlForUserProperties |
2088
|
|
|
* |
2089
|
|
|
* @return void |
2090
|
|
|
*/ |
2091
|
|
|
public function testGetHtmlForUserProperties() |
2092
|
|
|
{ |
2093
|
|
|
$actual = $this->serverPrivileges->getHtmlForUserProperties( |
2094
|
|
|
false, |
2095
|
|
|
'db', |
2096
|
|
|
'user', |
2097
|
|
|
'host', |
2098
|
|
|
'db', |
2099
|
|
|
'table' |
2100
|
|
|
); |
2101
|
|
|
$this->assertStringContainsString('addUsersForm', $actual); |
2102
|
|
|
$this->assertStringContainsString('SELECT', $actual); |
2103
|
|
|
$this->assertStringContainsString('Allows reading data.', $actual); |
2104
|
|
|
$this->assertStringContainsString('INSERT', $actual); |
2105
|
|
|
$this->assertStringContainsString('Allows inserting and replacing data.', $actual); |
2106
|
|
|
$this->assertStringContainsString('UPDATE', $actual); |
2107
|
|
|
$this->assertStringContainsString('Allows changing data.', $actual); |
2108
|
|
|
$this->assertStringContainsString('DELETE', $actual); |
2109
|
|
|
$this->assertStringContainsString('Allows deleting data.', $actual); |
2110
|
|
|
$this->assertStringContainsString('CREATE', $actual); |
2111
|
|
|
$this->assertStringContainsString('Allows creating new tables.', $actual); |
2112
|
|
|
} |
2113
|
|
|
|
2114
|
|
|
/** |
2115
|
|
|
* Tests for getHtmlForUserOverview |
2116
|
|
|
* |
2117
|
|
|
* @return void |
2118
|
|
|
*/ |
2119
|
|
|
public function testGetHtmlForUserOverview() |
2120
|
|
|
{ |
2121
|
|
|
$actual = $this->serverPrivileges->getHtmlForUserOverview('theme', ''); |
2122
|
|
|
$this->assertStringContainsString( |
2123
|
|
|
'Note: MySQL privilege names are expressed in English.', |
2124
|
|
|
$actual |
2125
|
|
|
); |
2126
|
|
|
$this->assertStringContainsString( |
2127
|
|
|
'Note: phpMyAdmin gets the users’ privileges directly ' |
2128
|
|
|
. 'from MySQL’s privilege tables.', |
2129
|
|
|
$actual |
2130
|
|
|
); |
2131
|
|
|
} |
2132
|
|
|
|
2133
|
|
|
/** |
2134
|
|
|
* Tests for getHtmlForAllTableSpecificRights |
2135
|
|
|
* |
2136
|
|
|
* @return void |
2137
|
|
|
*/ |
2138
|
|
|
public function testGetHtmlForAllTableSpecificRights() |
2139
|
|
|
{ |
2140
|
|
|
// Test case 1 |
2141
|
|
|
$actual = $this->serverPrivileges->getHtmlForAllTableSpecificRights('pma', 'host', 'table', 'pmadb'); |
2142
|
|
|
$this->assertStringContainsString( |
2143
|
|
|
'<input type="hidden" name="username" value="pma">', |
2144
|
|
|
$actual |
2145
|
|
|
); |
2146
|
|
|
$this->assertStringContainsString( |
2147
|
|
|
'<input type="hidden" name="hostname" value="host">', |
2148
|
|
|
$actual |
2149
|
|
|
); |
2150
|
|
|
$this->assertStringContainsString( |
2151
|
|
|
'<legend data-submenu-label="Table">', |
2152
|
|
|
$actual |
2153
|
|
|
); |
2154
|
|
|
$this->assertStringContainsString( |
2155
|
|
|
'Table-specific privileges', |
2156
|
|
|
$actual |
2157
|
|
|
); |
2158
|
|
|
|
2159
|
|
|
// Test case 2 |
2160
|
|
|
$GLOBALS['dblist'] = new stdClass(); |
2161
|
|
|
$GLOBALS['dblist']->databases = [ |
2162
|
|
|
'x', |
2163
|
|
|
'y', |
2164
|
|
|
'z', |
2165
|
|
|
]; |
2166
|
|
|
$actual = $this->serverPrivileges->getHtmlForAllTableSpecificRights('pma2', 'host2', 'database', ''); |
2167
|
|
|
$this->assertStringContainsString( |
2168
|
|
|
'<legend data-submenu-label="Database">', |
2169
|
|
|
$actual |
2170
|
|
|
); |
2171
|
|
|
$this->assertStringContainsString( |
2172
|
|
|
'Database-specific privileges', |
2173
|
|
|
$actual |
2174
|
|
|
); |
2175
|
|
|
} |
2176
|
|
|
|
2177
|
|
|
/** |
2178
|
|
|
* Tests for getHtmlForInitials |
2179
|
|
|
* |
2180
|
|
|
* @return void |
2181
|
|
|
*/ |
2182
|
|
|
public function testGetHtmlForInitials() |
2183
|
|
|
{ |
2184
|
|
|
// Setup for the test |
2185
|
|
|
$GLOBALS['dbi']->expects($this->any())->method('fetchRow') |
2186
|
|
|
->will($this->onConsecutiveCalls(['-'])); |
2187
|
|
|
$this->serverPrivileges->dbi = $GLOBALS['dbi']; |
2188
|
|
|
$actual = $this->serverPrivileges->getHtmlForInitials(['"' => true]); |
2189
|
|
|
$this->assertStringContainsString('<td>A</td>', $actual); |
2190
|
|
|
$this->assertStringContainsString('<td>Z</td>', $actual); |
2191
|
|
|
$this->assertStringContainsString( |
2192
|
|
|
'<a class="ajax" href="index.php?route=/server/privileges&initial=-' |
2193
|
|
|
. '&lang=en">-</a>', |
2194
|
|
|
$actual |
2195
|
|
|
); |
2196
|
|
|
$this->assertStringContainsString( |
2197
|
|
|
'<a class="ajax" href="index.php?route=/server/privileges&initial=%22' |
2198
|
|
|
. '&lang=en">"</a>', |
2199
|
|
|
$actual |
2200
|
|
|
); |
2201
|
|
|
$this->assertStringContainsString('Show all', $actual); |
2202
|
|
|
} |
2203
|
|
|
|
2204
|
|
|
/** |
2205
|
|
|
* Tests for getDbRightsForUserOverview |
2206
|
|
|
* |
2207
|
|
|
* @return void |
2208
|
|
|
*/ |
2209
|
|
|
public function testGetDbRightsForUserOverview() |
2210
|
|
|
{ |
2211
|
|
|
//Mock DBI |
2212
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
2213
|
|
|
->disableOriginalConstructor() |
2214
|
|
|
->getMock(); |
2215
|
|
|
$dbi->expects($this->any()) |
2216
|
|
|
->method('fetchResult') |
2217
|
|
|
->will($this->returnValue(['db', 'columns_priv'])); |
2218
|
|
|
$dbi->expects($this->any()) |
2219
|
|
|
->method('fetchAssoc') |
2220
|
|
|
->will( |
2221
|
|
|
$this->onConsecutiveCalls( |
2222
|
|
|
[ |
2223
|
|
|
'User' => 'pmauser', |
2224
|
|
|
'Host' => 'local', |
2225
|
|
|
] |
2226
|
|
|
) |
2227
|
|
|
); |
2228
|
|
|
$dbi->expects($this->any()) |
2229
|
|
|
->method('escapeString') |
2230
|
|
|
->will($this->returnArgument(0)); |
2231
|
|
|
|
2232
|
|
|
$_GET['initial'] = 'A'; |
2233
|
|
|
$GLOBALS['dbi'] = $dbi; |
2234
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
2235
|
|
|
|
2236
|
|
|
$expected = [ |
2237
|
|
|
'pmauser' => [ |
2238
|
|
|
'local' => [ |
2239
|
|
|
'User' => 'pmauser', |
2240
|
|
|
'Host' => 'local', |
2241
|
|
|
'Password' => '?', |
2242
|
|
|
'Grant_priv' => 'N', |
2243
|
|
|
'privs' => ['USAGE'], |
2244
|
|
|
], |
2245
|
|
|
], |
2246
|
|
|
]; |
2247
|
|
|
$actual = $this->serverPrivileges->getDbRightsForUserOverview(); |
2248
|
|
|
$this->assertEquals($expected, $actual); |
2249
|
|
|
} |
2250
|
|
|
|
2251
|
|
|
/** |
2252
|
|
|
* Test for getHtmlForAuthPluginsDropdown() |
2253
|
|
|
* |
2254
|
|
|
* @return void |
2255
|
|
|
*/ |
2256
|
|
|
public function testGetHtmlForAuthPluginsDropdown() |
2257
|
|
|
{ |
2258
|
|
|
$oldDbi = $GLOBALS['dbi']; |
2259
|
|
|
|
2260
|
|
|
//Mock DBI |
2261
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
2262
|
|
|
->disableOriginalConstructor() |
2263
|
|
|
->getMock(); |
2264
|
|
|
$dbi->expects($this->any()) |
2265
|
|
|
->method('query') |
2266
|
|
|
->will($this->onConsecutiveCalls(true, true)); |
2267
|
|
|
|
2268
|
|
|
$plugins = [ |
2269
|
|
|
[ |
2270
|
|
|
'PLUGIN_NAME' => 'mysql_native_password', |
2271
|
|
|
'PLUGIN_DESCRIPTION' => 'Native MySQL authentication', |
2272
|
|
|
], |
2273
|
|
|
[ |
2274
|
|
|
'PLUGIN_NAME' => 'sha256_password', |
2275
|
|
|
'PLUGIN_DESCRIPTION' => 'SHA256 password authentication', |
2276
|
|
|
], |
2277
|
|
|
]; |
2278
|
|
|
$dbi->expects($this->any()) |
2279
|
|
|
->method('fetchAssoc') |
2280
|
|
|
->will( |
2281
|
|
|
$this->onConsecutiveCalls( |
2282
|
|
|
$plugins[0], |
2283
|
|
|
$plugins[1], |
2284
|
|
|
null, /* For Assertion 1 */ |
2285
|
|
|
$plugins[0], |
2286
|
|
|
$plugins[1], |
2287
|
|
|
null /* For Assertion 2 */ |
2288
|
|
|
) |
2289
|
|
|
); |
2290
|
|
|
$GLOBALS['dbi'] = $dbi; |
2291
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
2292
|
|
|
|
2293
|
|
|
/* Assertion 1 */ |
2294
|
|
|
$actualHtml = $this->serverPrivileges->getHtmlForAuthPluginsDropdown( |
2295
|
|
|
'mysql_native_password', |
2296
|
|
|
'new', |
2297
|
|
|
'new' |
2298
|
|
|
); |
2299
|
|
|
$this->assertEquals( |
2300
|
|
|
'<select name="authentication_plugin" id="select_authentication_plugin">' |
2301
|
|
|
. "\n" |
2302
|
|
|
. '<option value="mysql_native_password" selected="selected">' |
2303
|
|
|
. 'Native MySQL authentication</option>' |
2304
|
|
|
. "\n" |
2305
|
|
|
. '<option value="sha256_password">' |
2306
|
|
|
. 'SHA256 password authentication</option>' . "\n" . '</select>' |
2307
|
|
|
. "\n", |
2308
|
|
|
$actualHtml |
2309
|
|
|
); |
2310
|
|
|
|
2311
|
|
|
/* Assertion 2 */ |
2312
|
|
|
$actualHtml = $this->serverPrivileges->getHtmlForAuthPluginsDropdown( |
2313
|
|
|
'mysql_native_password', |
2314
|
|
|
'change_pw', |
2315
|
|
|
'new' |
2316
|
|
|
); |
2317
|
|
|
$this->assertEquals( |
2318
|
|
|
'<select name="authentication_plugin" ' |
2319
|
|
|
. 'id="select_authentication_plugin_cp">' |
2320
|
|
|
. "\n" . '<option ' |
2321
|
|
|
. 'value="mysql_native_password" selected="selected">' |
2322
|
|
|
. 'Native MySQL authentication</option>' |
2323
|
|
|
. "\n" . '<option value="sha256_password">' |
2324
|
|
|
. 'SHA256 password authentication</option>' . "\n" . '</select>' |
2325
|
|
|
. "\n", |
2326
|
|
|
$actualHtml |
2327
|
|
|
); |
2328
|
|
|
|
2329
|
|
|
/* Assertion 3 */ |
2330
|
|
|
$actualHtml = $this->serverPrivileges->getHtmlForAuthPluginsDropdown( |
2331
|
|
|
'mysql_native_password', |
2332
|
|
|
'new', |
2333
|
|
|
'old' |
2334
|
|
|
); |
2335
|
|
|
$this->assertEquals( |
2336
|
|
|
'<select name="authentication_plugin" ' |
2337
|
|
|
. 'id="select_authentication_plugin">' |
2338
|
|
|
. "\n" . '<option ' |
2339
|
|
|
. 'value="mysql_native_password" selected="selected">' |
2340
|
|
|
. 'Native MySQL authentication</option>' . "\n" . '</select>' |
2341
|
|
|
. "\n", |
2342
|
|
|
$actualHtml |
2343
|
|
|
); |
2344
|
|
|
|
2345
|
|
|
/* Assertion 4 */ |
2346
|
|
|
$actualHtml = $this->serverPrivileges->getHtmlForAuthPluginsDropdown( |
2347
|
|
|
'mysql_native_password', |
2348
|
|
|
'change_pw', |
2349
|
|
|
'old' |
2350
|
|
|
); |
2351
|
|
|
$this->assertEquals( |
2352
|
|
|
'<select name="authentication_plugin" ' |
2353
|
|
|
. 'id="select_authentication_plugin_cp">' |
2354
|
|
|
. "\n" |
2355
|
|
|
. '<option value="mysql_native_password" selected="selected">' |
2356
|
|
|
. 'Native MySQL authentication</option>' |
2357
|
|
|
. "\n" . '</select>' |
2358
|
|
|
. "\n", |
2359
|
|
|
$actualHtml |
2360
|
|
|
); |
2361
|
|
|
|
2362
|
|
|
// Restore old DBI |
2363
|
|
|
$GLOBALS['dbi'] = $oldDbi; |
2364
|
|
|
$this->serverPrivileges->dbi = $oldDbi; |
2365
|
|
|
} |
2366
|
|
|
|
2367
|
|
|
/** |
2368
|
|
|
* Tests for deleteUser |
2369
|
|
|
* |
2370
|
|
|
* @return void |
2371
|
|
|
*/ |
2372
|
|
|
public function testDeleteUser() |
2373
|
|
|
{ |
2374
|
|
|
//Mock DBI |
2375
|
|
|
$dbi = $this->getMockBuilder('PhpMyAdmin\DatabaseInterface') |
2376
|
|
|
->disableOriginalConstructor() |
2377
|
|
|
->getMock(); |
2378
|
|
|
$dbi->expects($this->any()) |
2379
|
|
|
->method('tryQuery') |
2380
|
|
|
->will($this->onConsecutiveCalls(true, true, false)); |
2381
|
|
|
$dbi->expects($this->any()) |
2382
|
|
|
->method('getError') |
2383
|
|
|
->will($this->returnValue('Some error occurred!')); |
2384
|
|
|
$dbi->expects($this->any()) |
2385
|
|
|
->method('escapeString') |
2386
|
|
|
->will($this->returnArgument(0)); |
2387
|
|
|
|
2388
|
|
|
$GLOBALS['dbi'] = $dbi; |
2389
|
|
|
$this->serverPrivileges->dbi = $dbi; |
|
|
|
|
2390
|
|
|
|
2391
|
|
|
// Test case 1 : empty queries |
2392
|
|
|
$queries = []; |
2393
|
|
|
$actual = $this->serverPrivileges->deleteUser($queries); |
2394
|
|
|
$this->assertArrayHasKey(0, $actual); |
2395
|
|
|
$this->assertArrayHasKey(1, $actual); |
2396
|
|
|
$this->assertEquals('', $actual[0]); |
2397
|
|
|
$this->assertEquals( |
2398
|
|
|
'No users selected for deleting!', |
2399
|
|
|
$actual[1]->getMessage() |
2400
|
|
|
); |
2401
|
|
|
|
2402
|
|
|
// Test case 2 : all successful queries |
2403
|
|
|
$_POST['mode'] = 3; |
2404
|
|
|
$queries = ['foo']; |
2405
|
|
|
$actual = $this->serverPrivileges->deleteUser($queries); |
2406
|
|
|
$this->assertArrayHasKey(0, $actual); |
2407
|
|
|
$this->assertArrayHasKey(1, $actual); |
2408
|
|
|
$this->assertEquals( |
2409
|
|
|
"foo\n# Reloading the privileges …\nFLUSH PRIVILEGES;", |
2410
|
|
|
$actual[0] |
2411
|
|
|
); |
2412
|
|
|
$this->assertEquals( |
2413
|
|
|
'The selected users have been deleted successfully.', |
2414
|
|
|
$actual[1]->getMessage() |
2415
|
|
|
); |
2416
|
|
|
|
2417
|
|
|
// Test case 3 : failing queries |
2418
|
|
|
$_POST['mode'] = 1; |
2419
|
|
|
$queries = ['bar']; |
2420
|
|
|
$actual = $this->serverPrivileges->deleteUser($queries); |
2421
|
|
|
$this->assertArrayHasKey(0, $actual); |
2422
|
|
|
$this->assertArrayHasKey(1, $actual); |
2423
|
|
|
$this->assertEquals("bar", $actual[0]); |
2424
|
|
|
$this->assertEquals( |
2425
|
|
|
'Some error occurred!' . "\n", |
2426
|
|
|
$actual[1]->getMessage() |
2427
|
|
|
); |
2428
|
|
|
} |
2429
|
|
|
} |
2430
|
|
|
|
Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property.
Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property..