silverstripe /
silverstripe-contentreview
This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
| 1 | <?php |
||
| 50 | $page->ContentReviewType = "Custom"; |
||
| 51 | |||
| 52 | $page->ContentReviewUsers()->push($editor); |
||
| 53 | $page->write(); |
||
|
|
|||
| 54 | |||
| 55 | $this->assertTrue($page->canPublish()); |
||
| 56 | $this->assertTrue($page->doPublish()); |
||
| 57 | $this->assertEquals($page->OwnerNames, "Test Editor", "Test Editor should be the owner"); |
||
| 58 | |||
| 59 | /** @var Page|SiteTreeContentReview $page */ |
||
| 60 | $page = $this->objFromFixture(Page::class, "about"); |
||
| 61 | |||
| 62 | $page->OwnerUsers()->removeAll(); |
||
| 63 | $page->write(); |
||
| 64 | |||
| 65 | $this->assertTrue($page->canPublish()); |
||
| 66 | $this->assertTrue($page->doPublish()); |
||
| 67 | $this->assertEquals("", $page->OwnerNames); |
||
| 68 | } |
||
| 69 | |||
| 74 | $this->assertTrue(isset($perms["EDIT_CONTENT_REVIEW_FIELDS"])); |
||
| 75 | } |
||
| 76 | |||
| 77 | View Code Duplication | public function testUserWithPermissionCanEdit() |
|
| 78 | { |
||
| 79 | /** @var Member $editor */ |
||
| 80 | $editor = $this->objFromFixture(Member::class, "editor"); |
||
| 84 | /** @var Page|SiteTreeContentReview $page */ |
||
| 85 | $page = new Page(); |
||
| 86 | |||
| 87 | $fields = $page->getSettingsFields(); |
||
| 88 | |||
| 89 | $this->assertNotNull($fields->dataFieldByName("NextReviewDate")); |
||
| 90 | } |
||
| 91 | |||
| 92 | View Code Duplication | public function testUserWithoutPermissionCannotEdit() |
|
| 93 | { |
||
| 94 | /** @var Member $author */ |
||
| 95 | $author = $this->objFromFixture(Member::class, "author"); |
||
| 99 | /** @var Page|SiteTreeContentReview $page */ |
||
| 100 | $page = new Page(); |
||
| 101 | |||
| 102 | $fields = $page->getSettingsFields(); |
||
| 103 | |||
| 104 | $this->assertNull($fields->dataFieldByName("NextReviewDate")); |
||
| 105 | } |
||
| 115 | $page = new Page(); |
||
| 116 | |||
| 117 | $page->ReviewPeriodDays = 10; |
||
| 118 | $page->write(); |
||
| 119 | |||
| 120 | $this->assertTrue($page->doPublish()); |
||
| 121 | $this->assertEquals(null, $page->NextReviewDate); |
||
| 122 | } |
||
| 123 | |||
| 149 | $this->assertEquals("[email protected]", $owners->first()->Email); |
||
| 150 | } |
||
| 151 | |||
| 152 | View Code Duplication | public function testCanNotBeReviewBecauseNoReviewDate() |
|
| 153 | { |
||
| 154 | DBDatetime::set_mock_now("2010-01-01 12:00:00"); |
||
| 155 | |||
| 164 | DBDatetime::clear_mock_now(); |
||
| 165 | } |
||
| 166 | |||
| 167 | View Code Duplication | public function testCanNotBeReviewedBecauseInFuture() |
|
| 168 | { |
||
| 169 | DBDatetime::set_mock_now("2010-01-01 12:00:00"); |
||
| 170 | |||
| 179 | DBDatetime::clear_mock_now(); |
||
| 180 | } |
||
| 181 | |||
| 182 | View Code Duplication | public function testCanNotBeReviewedByUser() |
|
| 183 | { |
||
| 184 | DBDatetime::set_mock_now("2010-03-01 12:00:00"); |
||
| 185 | |||
| 194 | DBDatetime::clear_mock_now(); |
||
| 195 | } |
||
| 196 | |||
| 197 | View Code Duplication | public function testCanBeReviewedByUser() |
|
| 198 | { |
||
| 199 | DBDatetime::set_mock_now("2010-03-01 12:00:00"); |
||
| 200 | |||
| 209 | DBDatetime::clear_mock_now(); |
||
| 210 | } |
||
| 211 | |||
| 212 | View Code Duplication | public function testCanNotBeReviewedByGroup() |
|
| 213 | { |
||
| 214 | DBDatetime::set_mock_now("2010-03-01 12:00:00"); |
||
| 215 | |||
| 224 | DBDatetime::clear_mock_now(); |
||
| 225 | } |
||
| 226 | |||
| 227 | View Code Duplication | public function testCanBeReviewedByGroup() |
|
| 228 | { |
||
| 229 | DBDatetime::set_mock_now("2010-03-01 12:00:00"); |
||
| 230 | |||
| 239 | DBDatetime::clear_mock_now(); |
||
| 240 | } |
||
| 241 | |||
| 242 | View Code Duplication | public function testCanBeReviewedFromInheritedSetting() |
|
| 243 | { |
||
| 244 | DBDatetime::set_mock_now("2013-03-01 12:00:00"); |
||
| 245 | |||
| 250 | $parentPage = $this->objFromFixture(Page::class, "contact"); |
||
| 251 | |||
| 252 | $parentPage->NextReviewDate = "2013-01-01"; |
||
| 253 | $parentPage->write(); |
||
| 254 | |||
| 255 | /** @var Page|SiteTreeContentReview $page */ |
||
| 256 | $page = $this->objFromFixture(Page::class, "contact-child"); |
||
| 272 | $contactPage = $this->objFromFixture(Page::class, "contact"); |
||
| 273 | $contactPageVersion = $contactPage->Version; |
||
| 274 | $contactPage->write(); |
||
| 275 | $this->assertEmpty($contactPage->LastEditedByName); |
||
| 276 | $this->assertEquals( |
||
| 277 | $contactPageVersion, |
||
| 278 | Versioned::get_versionnumber_by_stage(SiteTree::class, 'Stage', $contactPage->ID, false) |
||
| 283 | $homePageVersion = $homePage->Version; |
||
| 284 | $homePage->Content = '<p>Welcome!</p>'; |
||
| 285 | $homePage->write(); |
||
| 286 | $this->assertNotEmpty($homePage->LastEditedByName); |
||
| 287 | $this->assertEquals($author->getTitle(), $homePage->LastEditedByName); |
||
| 288 | $this->assertGreaterThan( |
||
| 289 | $homePageVersion, |
||
| 290 | Versioned::get_versionnumber_by_stage(SiteTree::class, 'Stage', $homePage->ID, false) |
||
| 305 | |||
| 306 | $this->logInAs($author); |
||
| 307 | |||
| 308 | $fields = $page->getCMSActions(); |
||
| 309 | |||
| 310 | $this->assertInstanceOf(LiteralField::class, $fields->fieldByName('ContentReviewButton')); |
||
| 311 | |||
| 312 | DBDatetime::clear_mock_now(); |
||
| 313 | } |
||
| 314 | |||
| 315 | View Code Duplication | public function testReviewActionNotVisibleForEditor() |
|
| 316 | { |
||
| 317 | DBDatetime::set_mock_now("2020-03-01 12:00:00"); |
||
| 318 | |||
| 324 | |||
| 325 | $this->logInAs($author); |
||
| 326 | |||
| 327 | $fields = $page->getCMSActions(); |
||
| 328 | |||
| 329 | $this->assertNull($fields->fieldByName("ActionMenus.ReviewContent")); |
||
| 330 | |||
| 355 |
Christopher Pitt
Damian Mooyman
Loading history...
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.
This is most likely a typographical error or the method has been renamed.