modified

baserproject · Oct 24, 2024 · c61f8df · c61f8df
2 parents da04bb5 + 117c888
commit c61f8df
Show file tree

Hide file tree

Showing 26 changed files with 404 additions and 40 deletions.
diff --git a/config/bootstrap.php b/config/bootstrap.php
@@ -157,7 +157,7 @@
     $trustProxy = filter_var(env('TRUST_PROXY', false), FILTER_VALIDATE_BOOLEAN);
 
     $s = null;
-    if (env('HTTPS') || ($trustProxy && env('HTTP_X_FORWARDED_PROTO') === 'https')) {
+    if (env('HTTPS') || ($trustProxy && (env('HTTP_X_FORWARDED_PROTO') === 'https' || env('HTTP_HTTPS') === 'on'))) {
         $s = 's';
     }
 

diff --git a/plugins/baser-core/src/Controller/Admin/BcAdminAppController.php b/plugins/baser-core/src/Controller/Admin/BcAdminAppController.php
@@ -128,6 +128,7 @@ public function beforeRender(EventInterface $event): void
      * @return void
      * @checked
      * @noTodo
+     * @unitTest
      */
     private function __updateFirstAccess()
     {

diff --git a/plugins/baser-core/src/Controller/Api/Admin/JwksController.php b/plugins/baser-core/src/Controller/Api/Admin/JwksController.php
@@ -27,6 +27,7 @@ class JwksController extends BcAdminApiController
      * Initialize
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function initialize(): void
     {
@@ -41,6 +42,7 @@ public function initialize(): void
      * JWT::decode($jwt, JWK::parseKeySet($keys), [Configure::read('Jwt.algorithm')])
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function index()
     {

diff --git a/plugins/baser-core/src/Controller/Api/Admin/SiteConfigsController.php b/plugins/baser-core/src/Controller/Api/Admin/SiteConfigsController.php
@@ -44,6 +44,7 @@ public function view(SiteConfigsServiceInterface $service) {
      * @param SiteConfigsServiceInterface $service
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function edit(SiteConfigsServiceInterface $service)
     {
@@ -55,6 +56,7 @@ public function edit(SiteConfigsServiceInterface $service)
                 $message = __d('baser_core', 'システム基本設定を更新しました。');
                 $this->BcMessage->setSuccess($message, true, false);
             } else {
+                $errors = $siteConfig->getErrors();
                 $this->setResponse($this->response->withStatus(400));
                 $message = __d('baser_core', '入力エラーです。内容を修正してください。');
             }

diff --git a/plugins/baser-core/src/Controller/MaintenanceController.php b/plugins/baser-core/src/Controller/MaintenanceController.php
@@ -25,6 +25,7 @@ class MaintenanceController extends BcFrontAppController
      * メンテナンス中ページを表示する
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function index()
     {

diff --git a/plugins/baser-core/src/Middleware/BcRequestFilterMiddleware.php b/plugins/baser-core/src/Middleware/BcRequestFilterMiddleware.php
@@ -68,8 +68,20 @@ public function process(
          */
         if(filter_var(env('TRUST_PROXY', false), FILTER_VALIDATE_BOOLEAN)) {
             $request->trustProxy = true;
-            $request->addDetector('https', ['env' => 'HTTP_X_FORWARDED_SSL', 'options' => [1, 'on']]);
-            $request->addDetector('https', ['env' => 'HTTP_X_FORWARDED_PROTO', 'options' => [1, 'https']]);
+            $request->addDetector('https', function() {
+                $detectors = [
+                    ['env' => 'HTTP_X_FORWARDED_SSL', 'options' => [1, 'on']],
+                    ['env' => 'HTTP_X_FORWARDED_PROTO', 'options' => [1, 'https']],
+                    ['env' => 'HTTP_HTTPS', 'options' => [1, 'on']]
+                ];
+                foreach($detectors as $detect) {
+                    $pattern = '/' . implode('|', $detect['options']) . '/i';
+                    if(preg_match($pattern, (string)env($detect['env']))){
+                        return true;
+                    }
+                }
+                return false;
+            });
         }
 
         return $handler->handle($request);

diff --git a/plugins/baser-core/src/Model/Validation/UserValidation.php b/plugins/baser-core/src/Model/Validation/UserValidation.php
@@ -48,13 +48,22 @@ public static function willChangeSelfGroup($userGroup, $context)
         $users = TableRegistry::getTableLocator()->get('BaserCore.Users');
         /* @var User $loginUser */
         $loginUser = $users->find()->contain('UserGroups')->where(['Users.id' => $loginUserId])->first();
-        $loginGroupId = Hash::extract($loginUser->user_groups, '{n}.id');
-        if(in_array(Configure::read('BcApp.adminGroupId'), $loginGroupId)) {
-            return true;
-        }
+
+        // 自身の変更ではない
         if($context['data']['id'] !== $loginUserId) {
             return true;
         }
+
+        // スーパーユーザーはシステム管理グループが含まれていれば自身のユーザーグループも変更可能
+        if($loginUser->isSuper()) {
+            if(in_array(Configure::read('BcApp.adminGroupId'), $userGroup['_ids'])) {
+                return true;
+            }
+            return false;
+        }
+
+        // 自身のユーザーグループを変更しているかどうか
+        $loginGroupId = Hash::extract($loginUser->user_groups, '{n}.id');
         $postGroupId = array_map('intval', $userGroup['_ids']);
         return ($loginGroupId === $postGroupId);
     }

diff --git a/plugins/baser-core/src/Service/Admin/UsersAdminService.php b/plugins/baser-core/src/Service/Admin/UsersAdminService.php
@@ -99,7 +99,8 @@ public function isEditable(?int $id): bool
      */
     public function isUserGroupEditable(?int $id): bool
     {
-        return ($id === null || BcUtil::isAdminUser() || !$this->isSelf($id));
+        $user = BcUtil::loginUser();
+        return ($id === null || $user->isSuper());
     }
 
     /**

diff --git a/plugins/baser-core/tests/TestCase/Controller/Admin/BcAdminAppControllerTest.php b/plugins/baser-core/tests/TestCase/Controller/Admin/BcAdminAppControllerTest.php
@@ -252,4 +252,19 @@ public function testCheckPasswordModified()
         $this->get('/baser/admin');
         $this->assertResponseCode(200);
     }
+
+    /**
+     * test updateFirstAccess
+     */
+    public function testUpdateFirstAccess()
+    {
+        //before test
+        $siteConfigsService = $this->getService(SiteConfigsServiceInterface::class);
+        $siteConfigsService->setValue('first_access', true);
+        $this->assertEquals(1, $siteConfigsService->getValue('first_access'));
+
+        //after test
+        $this->execPrivateMethod($this->BcAdminApp, '__updateFirstAccess');
+        $this->assertEquals('', $siteConfigsService->getValue('first_access'));
+    }
 }
diff --git a/plugins/baser-core/tests/TestCase/Controller/Api/Admin/JwksControllerTest.php b/plugins/baser-core/tests/TestCase/Controller/Api/Admin/JwksControllerTest.php
@@ -0,0 +1,67 @@
+<?php
+/**
+ * baserCMS :  Based Website Development Project <https://basercms.net>
+ * Copyright (c) NPO baser foundation <https://baserfoundation.org/>
+ *
+ * @copyright     Copyright (c) NPO baser foundation
+ * @link          https://basercms.net baserCMS Project
+ * @since         5.0.0
+ * @license       https://basercms.net/license/index.html MIT License
+ */
+
+namespace BaserCore\Test\TestCase\Controller\Api\Admin;
+
+use BaserCore\Controller\Api\Admin\JwksController;
+use BaserCore\TestSuite\BcTestCase;
+use BaserCore\Utility\BcContainerTrait;
+use Cake\TestSuite\IntegrationTestTrait;
+
+/**
+ * JwksControllerTest Test Case
+ */
+class JwksControllerTest extends BcTestCase
+{
+
+    /**
+     * Trait
+     */
+    use IntegrationTestTrait;
+    use BcContainerTrait;
+
+    /**
+     * set up
+     */
+    public function setUp(): void
+    {
+        parent::setUp();
+    }
+
+    /**
+     * test initialize
+     *
+     * @return void
+     */
+    public function testInitialize()
+    {
+        $controller = new JwksController($this->getRequest());
+        $this->assertEquals(['index'], $controller->Authentication->getUnauthenticatedActions());
+    }
+
+    /**
+     * test index
+     */
+    public function testIndex()
+    {
+        $this->get('/baser/api/admin/baser-core/jwks/index.json');
+        //ステータスを確認
+        $this->assertResponseCode(200);
+        //戻り値確認
+        $vars = $this->_controller->viewBuilder()->getVars();
+        $this->assertArrayHasKey('kid', $vars['keys']['keys'][0]);
+        $this->assertArrayHasKey('kty', $vars['keys']['keys'][0]);
+        $this->assertArrayHasKey('alg', $vars['keys']['keys'][0]);
+        $this->assertArrayHasKey('use', $vars['keys']['keys'][0]);
+        $this->assertArrayHasKey('e', $vars['keys']['keys'][0]);
+        $this->assertArrayHasKey('n', $vars['keys']['keys'][0]);
+    }
+}
diff --git a/plugins/baser-core/tests/TestCase/Controller/Api/Admin/SiteConfigsControllerTest.php b/plugins/baser-core/tests/TestCase/Controller/Api/Admin/SiteConfigsControllerTest.php
@@ -88,11 +88,16 @@ public function testEdit()
     {
         $this->enableSecurityToken();
         $this->enableCsrfToken();
-        $data = [
-            'email' => '[email protected]'
-        ];
+        $data = ['email' => '[email protected]'];
         $this->post('/baser/api/admin/baser-core/site_configs/edit/1.json?token=' . $this->accessToken, $data);
         $this->assertResponseSuccess();
+
+        //エラーを発生した場合、
+        $this->post('/baser/api/admin/baser-core/site_configs/edit/1.json?token=' . $this->accessToken, ['email' => '']);
+        $this->assertResponseCode(400);
+        $result = json_decode((string)$this->_response->getBody());
+        $this->assertEquals('入力エラーです。内容を修正してください。', $result->message);
+        $this->assertEquals('管理者メールアドレスを入力してください。', $result->errors->email->_empty);
     }
 
     /**

diff --git a/plugins/baser-core/tests/TestCase/Controller/MaintenanceControllerTest.php b/plugins/baser-core/tests/TestCase/Controller/MaintenanceControllerTest.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace BaserCore\Test\TestCase\Controller;
+
+use BaserCore\Controller\MaintenanceController;
+use BaserCore\TestSuite\BcTestCase;
+
+class MaintenanceControllerTest extends BcTestCase
+{
+    public function setUp(): void
+    {
+        parent::setUp();
+        $this->MaintenanceController = new MaintenanceController($this->getRequest());
+    }
+
+    public function tearDown(): void
+    {
+        parent::tearDown();
+    }
+
+    /**
+     * test index
+     */
+    public function testIndex()
+    {
+        $this->get('/maintenance');
+        $this->assertResponseOk();
+
+        $vars = $this->_controller->viewBuilder()->getVars();
+        $this->assertEquals('メンテナンス中', $vars['title']);
+    }
+}
diff --git a/plugins/baser-core/tests/TestCase/Service/Admin/UsersAdminServiceTest.php b/plugins/baser-core/tests/TestCase/Service/Admin/UsersAdminServiceTest.php
@@ -167,7 +167,7 @@ public function testIsUserGroupEditable()
         $this->assertTrue($this->Users->isUserGroupEditable(2));
         // サイト運営ユーザーで他ユーザー更新
         $this->loginAdmin($this->getRequest('/baser/admin'), 2);
-        $this->assertTrue($this->Users->isUserGroupEditable(1));
+        $this->assertFalse($this->Users->isUserGroupEditable(1));
         // サイト運営ユーザーで自身を更新
         $this->assertFalse($this->Users->isUserGroupEditable(2));
     }

diff --git a/plugins/bc-admin-third/templates/Admin/element/Plugins/index_row_market.php b/plugins/bc-admin-third/templates/Admin/element/Plugins/index_row_market.php
@@ -39,8 +39,15 @@
   </td>
   <td class="bca-table-listup__tbody-td"><?php echo h($data['version']) ?></td>
   <td class="bca-table-listup__tbody-td"><?php echo nl2br(h($data['description'])) ?></td>
-  <td
-    class="bca-table-listup__tbody-td"><?php $this->BcBaser->link($data['author'], $data['authorLink'], ['target' => '_blank', 'escape' => true]) ?></td>
+  <td class="bca-table-listup__tbody-td">
+    <?php
+      if (!empty($data['authorLink'])) {
+        $this->BcBaser->link(strip_tags($data['author']), $data['authorLink'], ['target' => '_blank', 'escape' => true]);
+      } else {
+        echo h(strip_tags($data['author']));
+      }
+    ?>
+  </td>
   <td class="bca-table-listup__tbody-td" style="width:10%;white-space: nowrap">
     <?php echo $this->BcTime->format($data['created'], 'yyyy-MM-dd') ?><br/>
     <?php echo $this->BcTime->format($data['modified'], 'yyyy-MM-dd') ?>

diff --git a/plugins/bc-blog/src/Service/BlogContentsService.php b/plugins/bc-blog/src/Service/BlogContentsService.php
@@ -347,6 +347,9 @@ public function findByUrl(string $url): ?EntityInterface
      *
      * @param int $contentId
      * @return EntityInterface|null
+     * @checked
+     * @noTodo
+     * @unitTest
      */
     public function findByContentId(int $contentId): ?EntityInterface
     {

diff --git a/plugins/bc-blog/tests/TestCase/Service/BlogContentsServiceTest.php b/plugins/bc-blog/tests/TestCase/Service/BlogContentsServiceTest.php
@@ -324,6 +324,24 @@ public function test_getContentsTemplateRelativePath()
 
     }
 
+    /**
+     * test findByContentId
+     */
+    public function test_findByContentId()
+    {
+        //generate data
+        BlogContentFactory::make(['id' => 1])->persist();
+        ContentFactory::make(['id' => 1, 'type' => 'BlogContent', 'title' => 'test', 'description' => 'BaserCMS', 'entity_id' => 1, 'site_id' => 1])->persist();
+        SiteFactory::make(['id' => 1, 'theme' => 'BcBlog'])->persist();
+
+        $rs = $this->BlogContentsService->findByContentId(1);
+        $this->assertEquals('test', $rs->content->title);
+        $this->assertEquals('BaserCMS', $rs->content->description);
+
+        //with invalid content id
+        $rs = $this->BlogContentsService->findByContentId(999);
+        $this->assertNull($rs);
+    }
     /**
      * test findByUrl
      * @param $url
@@ -341,7 +359,7 @@ public function test_findByUrl($url, $expected)
         $rs = $this->BlogContentsService->findByUrl($url);
 
         if (empty($url)) {
-            $this->assertEmpty($expected);
+            $this->assertEquals($expected, $rs);
         }else{
             $this->assertEquals($expected, $rs->content->title);
         }

diff --git a/plugins/bc-installer/src/Service/Admin/InstallationsAdminService.php b/plugins/bc-installer/src/Service/Admin/InstallationsAdminService.php
@@ -252,6 +252,7 @@ public function deleteAllTables(ServerRequest $request): bool
      * @throws PersistenceFailedException
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function initAdmin(ServerRequest $request): void
     {

diff --git a/plugins/bc-installer/src/Service/InstallationsService.php b/plugins/bc-installer/src/Service/InstallationsService.php
@@ -165,6 +165,7 @@ public function checkEnv(): array
 	 * @return int
      * @checked
      * @noTodo
+     * @unitTest
 	 */
 	protected function _getMemoryLimit ()
 	{
@@ -254,6 +255,7 @@ public function getRealDbName(string $type, string $name)
      * @throws BcException
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function testConnectDb(array $config)
     {
@@ -397,6 +399,7 @@ public function installPlugin($name)
      * @return boolean
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function createInstallFile(array $dbConfig): bool
     {
@@ -516,6 +519,7 @@ public function deployEditorTemplateImage(): bool
      * @return array
      * @checked
      * @noTodo
+     * @unitTest
      */
     protected function _getDbSource(): array
     {
@@ -549,6 +553,7 @@ protected function _getDbSource(): array
      * @return array
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function getAllDefaultDataPatterns(): array
     {
@@ -581,6 +586,7 @@ public function getAllDefaultDataPatterns(): array
      * @param array $email
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function sendCompleteMail(array $postData)
     {
@@ -595,6 +601,7 @@ public function sendCompleteMail(array $postData)
      * アクセスルールを構築する
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function buildPermissions()
     {