AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Store PHP sessions in the database

This commit is contained in:
Frédéric Guillot 2017-12-06 16:19:11 -08:00 committed by Frédéric Guillot
parent 421531bd4f
commit ccd177ada6
58 changed files with 405 additions and 382 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Api/Middleware/AuthenticationMiddleware.php
View File

@ -28,7 +28,7 @@ class AuthenticationMiddleware extends Base implements MiddlewareInterface
public function execute($username, $password, $procedureName)
{
$this->dispatcher->dispatch('app.bootstrap');
$this->sessionStorage->scope = 'API';
session_set('scope', 'API');
if ($this->isUserAuthenticated($username, $password)) {
$this->userSession->initialize($this->userCacheDecorator->getByUsername($username));

2
app/Api/Procedure/MeProcedure.php
View File

@ -12,7 +12,7 @@ class MeProcedure extends BaseProcedure
{
public function getMe()
{
return $this->sessionStorage->user;
return session_get('user');
}
public function getMyDashboard()

3
app/Auth/ApiAccessTokenAuth.php
View File

@ -58,8 +58,7 @@ class ApiAccessTokenAuth extends Base implements PasswordAuthenticationProviderI
*/
public function authenticate()
{
if (! isset($this->sessionStorage->scope) || $this->sessionStorage->scope !== 'API') {
$this->logger->debug(__METHOD__.': Authentication provider skipped because invalid scope');
if (session_get('scope') !== 'API') {
return false;
}

8
app/Controller/AuthController.php
View File

@ -40,7 +40,7 @@ class AuthController extends BaseController
public function check()
{
$values = $this->request->getValues();
$this->sessionStorage->hasRememberMe = ! empty($values['remember_me']);
session_set('hasRememberMe', ! empty($values['remember_me']));
list($valid, $errors) = $this->authValidator->validateForm($values);
if ($valid) {
@ -72,9 +72,9 @@ class AuthController extends BaseController
*/
private function redirectAfterLogin()
{
if (isset($this->sessionStorage->redirectAfterLogin) && ! empty($this->sessionStorage->redirectAfterLogin) && ! filter_var($this->sessionStorage->redirectAfterLogin, FILTER_VALIDATE_URL)) {
$redirect = $this->sessionStorage->redirectAfterLogin;
unset($this->sessionStorage->redirectAfterLogin);
if (session_exists('redirectAfterLogin') && ! filter_var(session_get('redirectAfterLogin'), FILTER_VALIDATE_URL)) {
$redirect = session_get('redirectAfterLogin');
session_remove('redirectAfterLogin');
$this->response->redirect($redirect);
} else {
$this->response->redirect($this->helper->url->to('DashboardController', 'show'));

2
app/Controller/CaptchaController.php
View File

@ -23,7 +23,7 @@ class CaptchaController extends BaseController
$builder = new CaptchaBuilder;
$builder->build();
$this->sessionStorage->captcha = $builder->getPhrase();
session_set('captcha', $builder->getPhrase());
$builder->output();
}
}

4
app/Controller/TaskListController.php
View File

@ -24,9 +24,9 @@ class TaskListController extends BaseController
$search = $this->helper->projectHeader->getSearchQuery($project);
if ($this->request->getIntegerParam('show_subtasks')) {
$this->sessionStorage->subtaskListToggle = true;
session_set('subtaskListToggle', true);
} elseif ($this->request->getIntegerParam('hide_subtasks')) {
$this->sessionStorage->subtaskListToggle = false;
session_set('subtaskListToggle', false);
}
if ($this->userSession->hasSubtaskListActivated()) {

22
app/Controller/TwoFactorController.php
View File

@ -36,7 +36,7 @@ class TwoFactorController extends UserViewController
{
$user = $this->getUser();
$this->checkCurrentUser($user);
unset($this->sessionStorage->twoFactorSecret);
session_remove('twoFactorSecret');
$this->response->html($this->helper->layout->user('twofactor/index', array(
'user' => $user,
@ -57,17 +57,17 @@ class TwoFactorController extends UserViewController
$label = $user['email'] ?: $user['username'];
$provider = $this->authenticationManager->getPostAuthenticationProvider();
if (! isset($this->sessionStorage->twoFactorSecret)) {
if (! session_exists('twoFactorSecret')) {
$provider->generateSecret();
$provider->beforeCode();
$this->sessionStorage->twoFactorSecret = $provider->getSecret();
session_set('twoFactorSecret', $provider->getSecret());
} else {
$provider->setSecret($this->sessionStorage->twoFactorSecret);
$provider->setSecret(session_get('twoFactorSecret'));
}
$this->response->html($this->helper->layout->user('twofactor/show', array(
'user' => $user,
'secret' => $this->sessionStorage->twoFactorSecret,
'secret' => session_get('twoFactorSecret'),
'key_url' => $provider->getKeyUrl($label),
)));
}
@ -86,7 +86,7 @@ class TwoFactorController extends UserViewController
$provider = $this->authenticationManager->getPostAuthenticationProvider();
$provider->setCode(empty($values['code']) ? '' : $values['code']);
$provider->setSecret($this->sessionStorage->twoFactorSecret);
$provider->setSecret(session_get('twoFactorSecret'));
if ($provider->authenticate()) {
$this->flash->success(t('The two factor authentication code is valid.'));
@ -97,7 +97,7 @@ class TwoFactorController extends UserViewController
'twofactor_secret' => $this->authenticationManager->getPostAuthenticationProvider()->getSecret(),
));
unset($this->sessionStorage->twoFactorSecret);
session_remove('twoFactorSecret');
$this->userSession->disablePostAuthentication();
$this->response->redirect($this->helper->url->to('TwoFactorController', 'index', array('user_id' => $user['id'])), true);
@ -168,10 +168,10 @@ class TwoFactorController extends UserViewController
*/
public function code()
{
if (! isset($this->sessionStorage->twoFactorBeforeCodeCalled)) {
if (! session_exists('twoFactorBeforeCodeCalled')) {
$provider = $this->authenticationManager->getPostAuthenticationProvider();
$provider->beforeCode();
$this->sessionStorage->twoFactorBeforeCodeCalled = true;
session_set('twoFactorBeforeCodeCalled', true);
}
$this->response->html($this->helper->layout->app('twofactor/check', array(
@ -210,10 +210,10 @@ class TwoFactorController extends UserViewController
*/
public function qrcode()
{
if (isset($this->sessionStorage->twoFactorSecret)) {
if (session_exists('twoFactorSecret')) {
$user = $this->getUser();
$provider = $this->authenticationManager->getPostAuthenticationProvider();
$provider->setSecret($this->sessionStorage->twoFactorSecret);
$provider->setSecret(session_get('twoFactorSecret'));
$url = $provider->getKeyUrl($user['email'] ?: $user['username']);
if (! empty($url)) {

1
app/Core/Base.php
View File

@ -48,7 +48,6 @@ use Pimple\Container;
* @property \Kanboard\Core\Security\Token $token
* @property \Kanboard\Core\Session\FlashMessage $flash
* @property \Kanboard\Core\Session\SessionManager $sessionManager
* @property \Kanboard\Core\Session\SessionStorage $sessionStorage
* @property \Kanboard\Core\User\Avatar\AvatarManager $avatarManager
* @property \Kanboard\Core\User\GroupSync $groupSync
* @property \Kanboard\Core\User\UserProfile $userProfile

9
app/Core/Http/OAuth2.php
View File

@ -53,11 +53,11 @@ class OAuth2 extends Base
*/
public function getState()
{
if (! isset($this->sessionStorage->oauthState) || empty($this->sessionStorage->oauthState)) {
$this->sessionStorage->oauthState = $this->token->getToken();
if (! session_exists('oauthState')) {
session_set('oauthState', $this->token->getToken());
}
return $this->sessionStorage->oauthState;
return session_get('oauthState');
}
/**
@ -140,11 +140,12 @@ class OAuth2 extends Base
* @access public
* @param string $token
* @param string $type
* @return string
* @return $this
*/
public function setAccessToken($token, $type = 'bearer')
{
$this->accessToken = $token;
$this->tokenType = $type;
return $this;
}
}

3
app/Core/Queue/JobHandler.php
View File

@ -67,8 +67,7 @@ class JobHandler extends Base
*/
protected function prepareJobSession($user_id)
{
$session = array();
$this->sessionStorage->setStorage($session);
session_flush();
if ($user_id > 0) {
$user = $this->userModel->getById($user_id);

2
app/Core/Security/AuthenticationManager.php
View File

@ -72,7 +72,7 @@ class AuthenticationManager extends Base
foreach ($this->filterProviders('SessionCheckProviderInterface') as $provider) {
if (! $provider->isValidSession()) {
$this->logger->debug('Invalidate session for '.$this->userSession->getUsername());
$this->sessionStorage->flush();
session_flush();
$this->preAuthentication();
return false;
}

12
app/Core/Security/Token.php
View File

@ -32,12 +32,12 @@ class Token extends Base
*/
public function getCSRFToken()
{
if (! isset($this->sessionStorage->csrf)) {
$this->sessionStorage->csrf = array();
if (! session_exists('csrf')) {
session_set('csrf', []);
}
$nonce = self::getToken();
$this->sessionStorage->csrf[$nonce] = true;
session_merge('csrf', [$nonce => true]);
return $nonce;
}
@ -51,8 +51,10 @@ class Token extends Base
*/
public function validateCSRFToken($token)
{
if (isset($this->sessionStorage->csrf[$token])) {
unset($this->sessionStorage->csrf[$token]);
$tokens = session_get('csrf');
if (isset($tokens[$token])) {
unset($tokens[$token]);
session_set('csrf', $tokens);
return true;
}

19
app/Core/Session/FlashMessage.php
View File

@ -7,7 +7,7 @@ use Kanboard\Core\Base;
/**
* Session Flash Message
*
* @package session
* @package Kanboard\Core\Session
* @author Frederic Guillot
*/
class FlashMessage extends Base
@ -43,11 +43,11 @@ class FlashMessage extends Base
*/
public function setMessage($key, $message)
{
if (! isset($this->sessionStorage->flash)) {
$this->sessionStorage->flash = array();
if (! session_exists('flash')) {
session_set('flash', []);
}
$this->sessionStorage->flash[$key] = $message;
session_merge('flash', [$key => $message]);
}
/**
@ -61,9 +61,14 @@ class FlashMessage extends Base
{
$message = '';
if (isset($this->sessionStorage->flash[$key])) {
$message = $this->sessionStorage->flash[$key];
unset($this->sessionStorage->flash[$key]);
if (session_exists('flash')) {
$messages = session_get('flash');
if (isset($messages[$key])) {
$message = $messages[$key];
unset($messages[$key]);
session_set('flash', $messages);
}
}
return $message;

70
app/Core/Session/SessionHandler.php Normal file
View File

@ -0,0 +1,70 @@
<?php
namespace Kanboard\Core\Session;
use PicoDb\Database;
use SessionHandlerInterface;
/**
* Class SessionHandler
*
* @package Kanboard\Core\Session
*/
class SessionHandler implements SessionHandlerInterface
{
const TABLE = 'sessions';
/**
* @var Database
*/
private $db;
public function __construct(Database $db)
{
$this->db = $db;
}
public function close()
{
return true;
}
public function destroy($sessionID)
{
return $this->db->table(self::TABLE)->eq('id', $sessionID)->remove();
}
public function gc($maxlifetime)
{
return $this->db->table(self::TABLE)->lt('expire_at', time())->remove();
}
public function open($savePath, $name)
{
return true;
}
public function read($sessionID)
{
$result = $this->db->table(self::TABLE)->eq('id', $sessionID)->findOneColumn('data');
return $result ?: '';
}
public function write($sessionID, $data)
{
$lifetime = time() + (ini_get('session.gc_maxlifetime') ?: 1440);
if ($this->db->table(self::TABLE)->eq('id', $sessionID)->exists()) {
return $this->db->table(self::TABLE)->eq('id', $sessionID)->update(array(
'expire_at' => $lifetime,
'data' => $data,
));
}
return $this->db->table(self::TABLE)->insert(array(
'id' => $sessionID,
'expire_at' => $lifetime,
'data' => $data,
));
}
}

6
app/Core/Session/SessionManager.php
View File

@ -7,7 +7,7 @@ use Kanboard\Core\Base;
/**
* Session Manager
*
* @package session
* @package Kanboard\Core\Session
* @author Frederic Guillot
*/
class SessionManager extends Base
@ -38,6 +38,8 @@ class SessionManager extends Base
*/
public function open()
{
session_set_save_handler(new SessionHandler($this->db), true);
$this->configure();
if (ini_get('session.auto_start') == 1) {
@ -46,8 +48,6 @@ class SessionManager extends Base
session_name('KB_SID');
session_start();
$this->sessionStorage->setStorage($_SESSION);
}
/**

92
app/Core/Session/SessionStorage.php
View File

@ -1,92 +0,0 @@
<?php
namespace Kanboard\Core\Session;
/**
* Session Storage
*
* @package session
* @author Frederic Guillot
*
* @property array $user
* @property array $flash
* @property array $csrf
* @property array $postAuthenticationValidated
* @property array $filters
* @property string $redirectAfterLogin
* @property string $captcha
* @property string $commentSorting
* @property bool $hasSubtaskInProgress
* @property bool $hasRememberMe
* @property bool $subtaskListToggle
* @property string $scope
* @property bool $twoFactorBeforeCodeCalled
* @property string $twoFactorSecret
* @property string $oauthState
* @property int $smsTwoFactorSecret
*/
class SessionStorage
{
/**
* Pointer to external storage
*
* @access private
* @var array
*/
private $storage = array();
/**
* Set external storage
*
* @access public
* @param array $storage External session storage (example: $_SESSION)
*/
public function setStorage(array &$storage)
{
$this->storage =& $storage;
// Load dynamically existing session variables into object properties
foreach ($storage as $key => $value) {
$this->$key = $value;
}
}
/**
* Get all session variables
*
* @access public
* @return array
*/
public function getAll()
{
$session = get_object_vars($this);
unset($session['storage']);
return $session;
}
/**
* Flush session data
*
* @access public
*/
public function flush()
{
$session = get_object_vars($this);
unset($session['storage']);
foreach (array_keys($session) as $property) {
unset($this->$property);
}
}
/**
* Copy class properties to external storage
*
* @access public
*/
public function __destruct()
{
$this->storage = $this->getAll();
}
}

88
app/Core/User/UserSession.php
View File

@ -44,8 +44,8 @@ class UserSession extends Base
$user['is_ldap_user'] = isset($user['is_ldap_user']) ? (bool) $user['is_ldap_user'] : false;
$user['twofactor_activated'] = isset($user['twofactor_activated']) ? (bool) $user['twofactor_activated'] : false;
$this->sessionStorage->user = $user;
$this->sessionStorage->postAuthenticationValidated = false;
session_set('user', $user);
session_set('postAuthenticationValidated', false);
}
/**
@ -56,7 +56,7 @@ class UserSession extends Base
*/
public function getAll()
{
return $this->sessionStorage->user;
return session_get('user');
}
/**
@ -67,7 +67,11 @@ class UserSession extends Base
*/
public function getRole()
{
return $this->sessionStorage->user['role'];
if (! $this->isLogged()) {
return '';
}
return session_get('user')['role'];
}
/**
@ -78,7 +82,7 @@ class UserSession extends Base
*/
public function isPostAuthenticationValidated()
{
return isset($this->sessionStorage->postAuthenticationValidated) && $this->sessionStorage->postAuthenticationValidated === true;
return session_is_true('postAuthenticationValidated');
}
/**
@ -88,7 +92,7 @@ class UserSession extends Base
*/
public function validatePostAuthentication()
{
$this->sessionStorage->postAuthenticationValidated = true;
session_set('postAuthenticationValidated', true);
}
/**
@ -99,7 +103,11 @@ class UserSession extends Base
*/
public function hasPostAuthentication()
{
return isset($this->sessionStorage->user['twofactor_activated']) && $this->sessionStorage->user['twofactor_activated'] === true;
if (! $this->isLogged()) {
return false;
}
return session_get('user')['twofactor_activated'] === true;
}
/**
@ -109,7 +117,7 @@ class UserSession extends Base
*/
public function disablePostAuthentication()
{
$this->sessionStorage->user['twofactor_activated'] = false;
session_merge('user', ['twofactor_activated' => false]);
}
/**
@ -120,7 +128,7 @@ class UserSession extends Base
*/
public function isAdmin()
{
return isset($this->sessionStorage->user['role']) && $this->sessionStorage->user['role'] === Role::APP_ADMIN;
return $this->getRole() === Role::APP_ADMIN;
}
/**
@ -131,7 +139,11 @@ class UserSession extends Base
*/
public function getId()
{
return isset($this->sessionStorage->user['id']) ? (int) $this->sessionStorage->user['id'] : 0;
if (! $this->isLogged()) {
return 0;
}
return session_get('user')['id'];
}
/**
@ -142,7 +154,41 @@ class UserSession extends Base
*/
public function getUsername()
{
return isset($this->sessionStorage->user['username']) ? $this->sessionStorage->user['username'] : '';
if (! $this->isLogged()) {
return '';
}
return session_get('user')['username'];
}
/**
* Get user language
*
* @access public
* @return string
*/
public function getLanguage()
{
if (! $this->isLogged()) {
return '';
}
return session_get('user')['language'];
}
/**
* Get user timezone
*
* @access public
* @return string
*/
public function getTimezone()
{
if (! $this->isLogged()) {
return '';
}
return session_get('user')['timezone'];
}
/**
@ -153,7 +199,7 @@ class UserSession extends Base
*/
public function hasSubtaskListActivated()
{
return isset($this->sessionStorage->subtaskListToggle) && ! empty($this->sessionStorage->subtaskListToggle);
return session_is_true('subtaskListToggle');
}
/**
@ -164,30 +210,34 @@ class UserSession extends Base
*/
public function isLogged()
{
return isset($this->sessionStorage->user) && ! empty($this->sessionStorage->user);
return session_exists('user') && session_get('user') !== [];
}
/**
* Get project filters from the session
*
* @access public
* @param integer $project_id
* @param integer $projectID
* @return string
*/
public function getFilters($project_id)
public function getFilters($projectID)
{
return ! empty($this->sessionStorage->filters[$project_id]) ? $this->sessionStorage->filters[$project_id] : 'status:open';
if (! session_exists('filters:'.$projectID)) {
return 'status:open';
}
return session_get('filters:'.$projectID);
}
/**
* Save project filters in the session
*
* @access public
* @param integer $project_id
* @param integer $projectID
* @param string $filters
*/
public function setFilters($project_id, $filters)
public function setFilters($projectID, $filters)
{
$this->sessionStorage->filters[$project_id] = $filters;
session_set('filters:'.$projectID, $filters);
}
}

2
app/Helper/SubtaskHelper.php
View File

@ -20,7 +20,7 @@ class SubtaskHelper extends Base
*/
public function hasSubtaskInProgress()
{
return isset($this->sessionStorage->hasSubtaskInProgress) && $this->sessionStorage->hasSubtaskInProgress;
return session_is_true('hasSubtaskInProgress');
}
/**

2
app/Middleware/AuthenticationMiddleware.php
View File

@ -38,7 +38,7 @@ class AuthenticationMiddleware extends BaseMiddleware
if ($this->request->isAjax()) {
$this->response->text('Not Authorized', 401);
} else {
$this->sessionStorage->redirectAfterLogin = $this->request->getUri();
session_set('redirectAfterLogin', $this->request->getUri());
$this->response->redirect($this->helper->url->to('AuthController', 'login'));
}
}

6
app/Model/LanguageModel.php
View File

@ -174,11 +174,7 @@ class LanguageModel extends Base
*/
public function getCurrentLanguage()
{
if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['language'])) {
return $this->sessionStorage->user['language'];
}
return $this->configModel->get('application_language', 'en_US');
return $this->userSession->getLanguage() ?: $this->configModel->get('application_language', 'en_US');
}
/**

6
app/Model/TimezoneModel.php
View File

@ -39,11 +39,7 @@ class TimezoneModel extends Base
*/
public function getCurrentTimezone()
{
if ($this->userSession->isLogged() && ! empty($this->sessionStorage->user['timezone'])) {
return $this->sessionStorage->user['timezone'];
}
return $this->configModel->get('application_timezone', 'UTC');
return $this->userSession->getTimezone() ?: $this->configModel->get('application_timezone', 'UTC');
}
/**

12
app/Schema/Mysql.php
View File

@ -8,7 +8,17 @@ use PDO;
use Kanboard\Core\Security\Token;
use Kanboard\Core\Security\Role;
const VERSION = 126;
const VERSION = 127;
function version_127(PDO $pdo)
{
$pdo->exec("CREATE TABLE sessions (
id VARCHAR(255) NOT NULL,
expire_at INT NOT NULL,
data LONGTEXT,
PRIMARY KEY(id)
) ENGINE=InnoDB CHARSET=utf8");
}
function version_126(PDO $pdo)
{

11
app/Schema/Postgres.php
View File

@ -8,7 +8,16 @@ use PDO;
use Kanboard\Core\Security\Token;
use Kanboard\Core\Security\Role;
const VERSION = 105;
const VERSION = 106;
function version_106(PDO $pdo)
{
$pdo->exec("CREATE TABLE sessions (
id TEXT PRIMARY KEY,
expire_at INTEGER NOT NULL,
data TEXT DEFAULT ''
)");
}
function version_105(PDO $pdo)
{

11
app/Schema/Sqlite.php
View File

@ -8,7 +8,16 @@ use Kanboard\Core\Security\Token;
use Kanboard\Core\Security\Role;
use PDO;
const VERSION = 116;
const VERSION = 117;
function version_117(PDO $pdo)
{
$pdo->exec("CREATE TABLE sessions (
id TEXT PRIMARY KEY,
expire_at INTEGER NOT NULL,
data TEXT DEFAULT ''
)");
}
function version_116(PDO $pdo)
{

5
app/ServiceProvider/SessionProvider.php
View File

@ -5,7 +5,6 @@ namespace Kanboard\ServiceProvider;
use Pimple\Container;
use Pimple\ServiceProviderInterface;
use Kanboard\Core\Session\SessionManager;
use Kanboard\Core\Session\SessionStorage;
use Kanboard\Core\Session\FlashMessage;
/**
@ -25,10 +24,6 @@ class SessionProvider implements ServiceProviderInterface
*/
public function register(Container $container)
{
$container['sessionStorage'] = function() {
return new SessionStorage;
};
$container['sessionManager'] = function($c) {
return new SessionManager($c);
};

2
app/Subscriber/AuthSubscriber.php
View File

@ -58,7 +58,7 @@ class AuthSubscriber extends BaseSubscriber implements EventSubscriberInterface
$this->userSession->validatePostAuthentication();
}
if (isset($this->sessionStorage->hasRememberMe) && $this->sessionStorage->hasRememberMe) {
if (session_is_true('hasRememberMe')) {
$session = $this->rememberMeSessionModel->create($this->userSession->getId(), $ipAddress, $userAgent);
$this->rememberMeCookie->write($session['token'], $session['sequence'], $session['expiration']);
}

2
app/Subscriber/BootstrapSubscriber.php
View File

@ -21,7 +21,7 @@ class BootstrapSubscriber extends BaseSubscriber implements EventSubscriberInter
$this->actionManager->attachEvents();
if ($this->userSession->isLogged()) {
$this->sessionStorage->hasSubtaskInProgress = $this->subtaskStatusModel->hasSubtaskInProgress($this->userSession->getId());
session_set('hasSubtaskInProgress', $this->subtaskStatusModel->hasSubtaskInProgress($this->userSession->getId()));
}
}

4
app/Validator/AuthValidator.php
View File

@ -101,11 +101,11 @@ class AuthValidator extends BaseValidator
$errors = array();
if ($this->userLockingModel->hasCaptcha($values['username'])) {
if (! isset($this->sessionStorage->captcha)) {
if (! session_exists('captcha')) {
$result = false;
} else {
$builder = new CaptchaBuilder;
$builder->setPhrase($this->sessionStorage->captcha);
$builder->setPhrase(session_get('captcha'));
$result = $builder->testPhrase(isset($values['captcha']) ? $values['captcha'] : '');
if (! $result) {

6
app/Validator/PasswordResetValidator.php
View File

@ -69,17 +69,17 @@ class PasswordResetValidator extends BaseValidator
*
* @access protected
* @param array $values Form values
* @return boolean
* @return array
*/
protected function validateCaptcha(array $values)
{
$errors = array();
if (! isset($this->sessionStorage->captcha)) {
if (! session_exists('captcha')) {
$result = false;
} else {
$builder = new CaptchaBuilder;
$builder->setPhrase($this->sessionStorage->captcha);
$builder->setPhrase(session_get('captcha'));
$result = $builder->testPhrase(isset($values['captcha']) ? $values['captcha'] : '');
if (! $result) {

45
app/functions.php
View File

@ -2,9 +2,50 @@
use Kanboard\Core\Translator;
function explode_csv_field($field)
function session_get($key)
{
$fields = explode(',', $field);
return isset($_SESSION[$key]) ? $_SESSION[$key] : null;
}
function session_set($key, $value)
{
$_SESSION[$key] = $value;
}
function session_remove($key)
{
unset($_SESSION[$key]);
}
function session_exists($key)
{
return isset($_SESSION[$key]);
}
function session_is_true($key)
{
return isset($_SESSION[$key]) && $_SESSION[$key] === true;
}
function session_merge($key, array $value)
{
$_SESSION[$key] = array_merge($_SESSION[$key], $value);
}
function session_flush()
{
$_SESSION = [];
}
/**
* Split CSV string
*
* @param string $str
* @return string[]
*/
function explode_csv_field($str)
{
$fields = explode(',', $str);
array_walk($fields, function (&$value) { $value = trim($value); });
return array_filter($fields);
}

2
tests/units/Action/CommentCreationMoveTaskColumnTest.php
View File

@ -13,7 +13,7 @@ class CommentCreationMoveTaskColumnTest extends Base
{
public function testSuccess()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$commentModel = new CommentModel($this->container);

4
tests/units/Action/TaskAssignCurrentUserColumnTest.php
View File

@ -13,7 +13,7 @@ class TaskAssignCurrentUserColumnTest extends Base
{
public function testChangeUser()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$taskCreationModel = new TaskCreationModel($this->container);
@ -43,7 +43,7 @@ class TaskAssignCurrentUserColumnTest extends Base
public function testWithWrongColumn()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$taskCreationModel = new TaskCreationModel($this->container);

2
tests/units/Action/TaskAssignCurrentUserTest.php
View File

@ -13,7 +13,7 @@ class TaskAssignCurrentUserTest extends Base
{
public function testChangeUser()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$taskCreationModel = new TaskCreationModel($this->container);

2
tests/units/Auth/ApiAccessTokenAuthTest.php
View File

@ -49,7 +49,7 @@ class ApiAccessTokenAuthTest extends Base
public function testAuthenticateWithToken()
{
$this->container['sessionStorage']->scope = 'API';
$_SESSION['scope'] = 'API';
$provider = new ApiAccessTokenAuth($this->container);
$userModel = new UserModel($this->container);

6
tests/units/Auth/DatabaseAuthTest.php
View File

@ -48,15 +48,15 @@ class DatabaseAuthTest extends Base
$this->assertEquals(2, $userModel->create(array('username' => 'foobar')));
$this->container['sessionStorage']->user = array('id' => 2);
$_SESSION['user'] = array('id' => 2);
$this->assertTrue($provider->isValidSession());
$this->container['sessionStorage']->user = array('id' => 3);
$_SESSION['user'] = array('id' => 3);
$this->assertFalse($provider->isValidSession());
$this->assertTrue($userModel->disable(2));
$this->container['sessionStorage']->user = array('id' => 2);
$_SESSION['user'] = array('id' => 2);
$this->assertFalse($provider->isValidSession());
}
}

4
tests/units/Auth/ReverseProxyAuthTest.php
View File

@ -54,7 +54,7 @@ class ReverseProxyAuthTest extends Base
->method('getRemoteUser')
->will($this->returnValue('admin'));
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'username' => 'admin'
);
@ -69,7 +69,7 @@ class ReverseProxyAuthTest extends Base
->method('getRemoteUser')
->will($this->returnValue('foobar'));
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'username' => 'admin'
);

3
tests/units/Base.php
View File

@ -9,7 +9,6 @@ use Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher;
use Symfony\Component\Stopwatch\Stopwatch;
use SimpleLogger\Logger;
use Kanboard\Core\Session\FlashMessage;
use Kanboard\Core\Session\SessionStorage;
use Kanboard\ServiceProvider\ActionProvider;
abstract class Base extends PHPUnit_Framework_TestCase
@ -24,6 +23,7 @@ abstract class Base extends PHPUnit_Framework_TestCase
public function setUp()
{
date_default_timezone_set('UTC');
$_SESSION = array();
if (DB_DRIVER === 'mysql') {
$pdo = new PDO('mysql:host='.DB_HOSTNAME, DB_USERNAME, DB_PASSWORD);
@ -86,7 +86,6 @@ abstract class Base extends PHPUnit_Framework_TestCase
->setMethods(array('put', 'moveFile', 'remove', 'moveUploadedFile'))
->getMock();
$this->container['sessionStorage'] = new SessionStorage;
$this->container->register(new ActionProvider);
$this->container['flash'] = function ($c) {

2
tests/units/Core/Action/ActionManagerTest.php
View File

@ -116,7 +116,7 @@ class ActionManagerTest extends Base
public function testAttachEventsWithLoggedUser()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$projectUserRoleModel = new ProjectUserRoleModel($this->container);

4
tests/units/Core/Security/AuthenticationManagerTest.php
View File

@ -56,7 +56,7 @@ class AuthenticationManagerTest extends Base
$authManager = new AuthenticationManager($this->container);
$authManager->register(new DatabaseAuth($this->container));
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1, 'username' => 'test');
$this->assertTrue($this->container['userSession']->isLogged());
$this->assertTrue($authManager->checkCurrentSession());
@ -67,7 +67,7 @@ class AuthenticationManagerTest extends Base
$authManager = new AuthenticationManager($this->container);
$authManager->register(new DatabaseAuth($this->container));
$this->container['sessionStorage']->user = array('id' => 2);
$_SESSION['user'] = array('id' => 42, 'username' => 'test');
$this->assertTrue($this->container['userSession']->isLogged());
$this->assertFalse($authManager->checkCurrentSession());

60
tests/units/Core/Session/SessionStorageTest.php
View File

@ -1,60 +0,0 @@
<?php
require_once __DIR__.'/../../Base.php';
use Kanboard\Core\Session\SessionStorage;
class SessionStorageTest extends Base
{
public function testNotPersistentStorage()
{
$storage = new SessionStorage();
$storage->something = array('a' => 'b');
$this->assertEquals(array('a' => 'b'), $storage->something);
$this->assertTrue(isset($storage->something));
$this->assertFalse(isset($storage->something->x));
$this->assertFalse(isset($storage->notFound));
$this->assertFalse(isset($storage->notFound->x));
$this->assertFalse(isset($storage->notFound['x']));
}
public function testPersistentStorage()
{
$session = array('d' => 'e');
$storage = new SessionStorage();
$storage->setStorage($session);
$storage->something = array('a' => 'b');
$this->assertEquals(array('a' => 'b'), $storage->something);
$this->assertEquals('e', $storage->d);
$storage->something['a'] = 'c';
$this->assertEquals('c', $storage->something['a']);
$storage = null;
$this->assertEquals(array('something' => array('a' => 'c'), 'd' => 'e'), $session);
}
public function testFlush()
{
$session = array('d' => 'e');
$storage = new SessionStorage();
$storage->setStorage($session);
$storage->something = array('a' => 'b');
$this->assertEquals(array('a' => 'b'), $storage->something);
$this->assertEquals('e', $storage->d);
$storage->flush();
$this->assertFalse(isset($storage->d));
$this->assertFalse(isset($storage->something));
$storage->foo = 'bar';
$storage = null;
$this->assertEquals(array('foo' => 'bar'), $session);
}
}

32
tests/units/Core/User/UserProfileTest.php
View File

@ -15,8 +15,8 @@ class UserProfileTest extends Base
$user = new DatabaseUserProvider(array('id' => 1));
$this->assertTrue($userProfile->initialize($user));
$this->assertNotEmpty($this->container['sessionStorage']->user);
$this->assertEquals('admin', $this->container['sessionStorage']->user['username']);
$this->assertNotEmpty($_SESSION['user']);
$this->assertEquals('admin', $_SESSION['user']['username']);
}
public function testInitializeLocalUserNotFound()
@ -25,7 +25,7 @@ class UserProfileTest extends Base
$user = new DatabaseUserProvider(array('id' => 2));
$this->assertFalse($userProfile->initialize($user));
$this->assertFalse(isset($this->container['sessionStorage']->user));
$this->assertFalse(isset($_SESSION['user']));
}
public function testInitializeRemoteUser()
@ -34,17 +34,17 @@ class UserProfileTest extends Base
$user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
$this->assertTrue($userProfile->initialize($user));
$this->assertNotEmpty($this->container['sessionStorage']->user);
$this->assertEquals(2, $this->container['sessionStorage']->user['id']);
$this->assertEquals('bob', $this->container['sessionStorage']->user['username']);
$this->assertEquals(Role::APP_MANAGER, $this->container['sessionStorage']->user['role']);
$this->assertNotEmpty($_SESSION['user']);
$this->assertEquals(2, $_SESSION['user']['id']);
$this->assertEquals('bob', $_SESSION['user']['username']);
$this->assertEquals(Role::APP_MANAGER, $_SESSION['user']['role']);
$user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
$this->assertTrue($userProfile->initialize($user));
$this->assertNotEmpty($this->container['sessionStorage']->user);
$this->assertEquals(2, $this->container['sessionStorage']->user['id']);
$this->assertEquals('bob', $this->container['sessionStorage']->user['username']);
$this->assertNotEmpty($_SESSION['user']);
$this->assertEquals(2, $_SESSION['user']['id']);
$this->assertEquals('bob', $_SESSION['user']['username']);
}
public function testAssignRemoteUser()
@ -53,11 +53,11 @@ class UserProfileTest extends Base
$user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
$this->assertTrue($userProfile->assign(1, $user));
$this->assertNotEmpty($this->container['sessionStorage']->user);
$this->assertEquals(1, $this->container['sessionStorage']->user['id']);
$this->assertEquals('admin', $this->container['sessionStorage']->user['username']);
$this->assertEquals('Bob', $this->container['sessionStorage']->user['name']);
$this->assertEquals('', $this->container['sessionStorage']->user['email']);
$this->assertEquals(Role::APP_MANAGER, $this->container['sessionStorage']->user['role']);
$this->assertNotEmpty($_SESSION['user']);
$this->assertEquals(1, $_SESSION['user']['id']);
$this->assertEquals('admin', $_SESSION['user']['username']);
$this->assertEquals('Bob', $_SESSION['user']['name']);
$this->assertEquals('', $_SESSION['user']['email']);
$this->assertEquals(Role::APP_MANAGER, $_SESSION['user']['role']);
}
}

113
tests/units/Core/User/UserSessionTest.php
View File

@ -9,8 +9,7 @@ class UserSessionTest extends Base
{
public function testInitialize()
{
$us = new UserSession($this->container);
$userSession = new UserSession($this->container);
$user = array(
'id' => '123',
'username' => 'john',
@ -23,101 +22,97 @@ class UserSessionTest extends Base
'role' => Role::APP_MANAGER,
);
$us->initialize($user);
$userSession->initialize($user);
$session = $this->container['sessionStorage']->getAll();
$this->assertNotEmpty($_SESSION);
$this->assertEquals(123, $_SESSION['user']['id']);
$this->assertEquals('john', $_SESSION['user']['username']);
$this->assertEquals(Role::APP_MANAGER, $_SESSION['user']['role']);
$this->assertFalse($_SESSION['user']['is_ldap_user']);
$this->assertFalse($_SESSION['user']['twofactor_activated']);
$this->assertArrayNotHasKey('password', $_SESSION['user']);
$this->assertArrayNotHasKey('twofactor_secret', $_SESSION['user']);
$this->assertArrayNotHasKey('is_admin', $_SESSION['user']);
$this->assertArrayNotHasKey('is_project_admin', $_SESSION['user']);
$this->assertNotEmpty($session);
$this->assertEquals(123, $session['user']['id']);
$this->assertEquals('john', $session['user']['username']);
$this->assertEquals(Role::APP_MANAGER, $session['user']['role']);
$this->assertFalse($session['user']['is_ldap_user']);
$this->assertFalse($session['user']['twofactor_activated']);
$this->assertArrayNotHasKey('password', $session['user']);
$this->assertArrayNotHasKey('twofactor_secret', $session['user']);
$this->assertArrayNotHasKey('is_admin', $session['user']);
$this->assertArrayNotHasKey('is_project_admin', $session['user']);
$this->assertEquals('john', $us->getUsername());
$this->assertEquals('john', $userSession->getUsername());
}
public function testGetId()
{
$us = new UserSession($this->container);
$userSession = new UserSession($this->container);
$this->assertEquals(0, $us->getId());
$this->assertEquals(0, $userSession->getId());
$this->container['sessionStorage']->user = array('id' => 2);
$this->assertEquals(2, $us->getId());
$_SESSION['user'] = array('id' => 2);
$this->assertEquals(2, $userSession->getId());
$this->container['sessionStorage']->user = array('id' => '2');
$this->assertEquals(2, $us->getId());
$_SESSION['user'] = array('id' => '2');
$this->assertEquals(2, $userSession->getId());
}
public function testIsLogged()
{
$us = new UserSession($this->container);
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isLogged());
$this->assertFalse($us->isLogged());
$_SESSION['user'] = array();
$this->assertFalse($userSession->isLogged());
$this->container['sessionStorage']->user = array();
$this->assertFalse($us->isLogged());
$this->container['sessionStorage']->user = array('id' => 1);
$this->assertTrue($us->isLogged());
$_SESSION['user'] = array('id' => 1);
$this->assertTrue($userSession->isLogged());
}
public function testIsAdmin()
{
$us = new UserSession($this->container);
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isAdmin());
$this->assertFalse($us->isAdmin());
$_SESSION['user'] = array('role' => Role::APP_ADMIN);
$this->assertTrue($userSession->isAdmin());
$this->container['sessionStorage']->user = array('role' => Role::APP_ADMIN);
$this->assertTrue($us->isAdmin());
$_SESSION['user'] = array('role' => Role::APP_USER);
$this->assertFalse($userSession->isAdmin());
$this->container['sessionStorage']->user = array('role' => Role::APP_USER);
$this->assertFalse($us->isAdmin());
$this->container['sessionStorage']->user = array('role' => '');
$this->assertFalse($us->isAdmin());
$_SESSION['user'] = array('role' => '');
$this->assertFalse($userSession->isAdmin());
}
public function testFilters()
{
$us = new UserSession($this->container);
$this->assertEquals('status:open', $us->getFilters(1));
$userSession = new UserSession($this->container);
$this->assertEquals('status:open', $userSession->getFilters(1));
$us->setFilters(1, 'assignee:me');
$this->assertEquals('assignee:me', $us->getFilters(1));
$userSession->setFilters(1, 'assignee:me');
$this->assertEquals('assignee:me', $userSession->getFilters(1));
$this->assertEquals('status:open', $us->getFilters(2));
$this->assertEquals('status:open', $userSession->getFilters(2));
$us->setFilters(2, 'assignee:bob');
$this->assertEquals('assignee:bob', $us->getFilters(2));
$userSession->setFilters(2, 'assignee:bob');
$this->assertEquals('assignee:bob', $userSession->getFilters(2));
}
public function testPostAuthentication()
{
$us = new UserSession($this->container);
$this->assertFalse($us->isPostAuthenticationValidated());
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isPostAuthenticationValidated());
$this->container['sessionStorage']->postAuthenticationValidated = false;
$this->assertFalse($us->isPostAuthenticationValidated());
$_SESSION['postAuthenticationValidated'] = false;
$this->assertFalse($userSession->isPostAuthenticationValidated());
$us->validatePostAuthentication();
$this->assertTrue($us->isPostAuthenticationValidated());
$userSession->validatePostAuthentication();
$this->assertTrue($userSession->isPostAuthenticationValidated());
$this->container['sessionStorage']->user = array();
$this->assertFalse($us->hasPostAuthentication());
$_SESSION['user'] = array();
$this->assertFalse($userSession->hasPostAuthentication());
$this->container['sessionStorage']->user = array('twofactor_activated' => false);
$this->assertFalse($us->hasPostAuthentication());
$_SESSION['user'] = array('twofactor_activated' => false);
$this->assertFalse($userSession->hasPostAuthentication());
$this->container['sessionStorage']->user = array('twofactor_activated' => true);
$this->assertTrue($us->hasPostAuthentication());
$_SESSION['user'] = array('twofactor_activated' => true);
$this->assertTrue($userSession->hasPostAuthentication());
$us->disablePostAuthentication();
$this->assertFalse($us->hasPostAuthentication());
$userSession->disablePostAuthentication();
$this->assertFalse($userSession->hasPostAuthentication());
}
}

30
tests/units/Helper/ProjectRoleHelperTest.php
View File

@ -25,7 +25,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -44,7 +44,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -64,7 +64,7 @@ class ProjectRoleHelperTest extends Base
$userModel = new UserModel($this->container);
$projectRoleModel = new ProjectRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -88,7 +88,7 @@ class ProjectRoleHelperTest extends Base
$projectRoleRestrictionModel = new ProjectRoleRestrictionModel($this->container);
$columnRestrictionModel = new ColumnRestrictionModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -117,7 +117,7 @@ class ProjectRoleHelperTest extends Base
$taskFinderModel = new TaskFinderModel($this->container);
$projectRoleRestrictionModel = new ProjectRoleRestrictionModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -145,7 +145,7 @@ class ProjectRoleHelperTest extends Base
$taskCreationModel = new TaskCreationModel($this->container);
$taskFinderModel = new TaskFinderModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -172,7 +172,7 @@ class ProjectRoleHelperTest extends Base
$taskFinderModel = new TaskFinderModel($this->container);
$projectRoleRestrictionModel = new ProjectRoleRestrictionModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -200,7 +200,7 @@ class ProjectRoleHelperTest extends Base
$taskCreationModel = new TaskCreationModel($this->container);
$taskFinderModel = new TaskFinderModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -223,7 +223,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -242,7 +242,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -262,7 +262,7 @@ class ProjectRoleHelperTest extends Base
$userModel = new UserModel($this->container);
$projectRoleModel = new ProjectRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -286,7 +286,7 @@ class ProjectRoleHelperTest extends Base
$projectRoleRestrictionModel = new ProjectRoleRestrictionModel($this->container);
$columnRestrictionModel = new ColumnRestrictionModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -313,7 +313,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -337,7 +337,7 @@ class ProjectRoleHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$userModel = new UserModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -363,7 +363,7 @@ class ProjectRoleHelperTest extends Base
$projectRoleModel = new ProjectRoleModel($this->container);
$columnMoveRestrictionModel = new ColumnMoveRestrictionModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);

22
tests/units/Helper/UserHelperTest.php
View File

@ -57,7 +57,7 @@ class UserHelperTest extends Base
{
$helper = new UserHelper($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_ADMIN,
);
@ -71,7 +71,7 @@ class UserHelperTest extends Base
{
$helper = new UserHelper($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_MANAGER,
);
@ -85,7 +85,7 @@ class UserHelperTest extends Base
{
$helper = new UserHelper($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -109,7 +109,7 @@ class UserHelperTest extends Base
$helper = new UserHelper($this->container);
$project = new ProjectModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_ADMIN,
);
@ -125,7 +125,7 @@ class UserHelperTest extends Base
$helper = new UserHelper($this->container);
$project = new ProjectModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_MANAGER,
);
@ -141,7 +141,7 @@ class UserHelperTest extends Base
$helper = new UserHelper($this->container);
$project = new ProjectModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -159,7 +159,7 @@ class UserHelperTest extends Base
$project = new ProjectModel($this->container);
$projectUserRole = new ProjectUserRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_MANAGER,
);
@ -187,7 +187,7 @@ class UserHelperTest extends Base
$project = new ProjectModel($this->container);
$projectUserRole = new ProjectUserRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -215,7 +215,7 @@ class UserHelperTest extends Base
$project = new ProjectModel($this->container);
$projectUserRole = new ProjectUserRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -243,7 +243,7 @@ class UserHelperTest extends Base
$project = new ProjectModel($this->container);
$projectUserRole = new ProjectUserRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);
@ -272,7 +272,7 @@ class UserHelperTest extends Base
$projectUserRole = new ProjectUserRoleModel($this->container);
$projectRole = new ProjectRoleModel($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 2,
'role' => Role::APP_USER,
);

2
tests/units/Job/UserMentionJobTest.php
View File

@ -70,7 +70,7 @@ class UserMentionJobTest extends Base
public function testGetMentionedUsersWithNotficationEnabledAndUserLoggedIn()
{
$this->container['sessionStorage']->user = array('id' => 3);
$_SESSION['user'] = array('id' => 3);
$userModel = new UserModel($this->container);
$userMentionJob = new UserMentionJob($this->container);

8
tests/units/Model/LanguageTest.php
View File

@ -25,10 +25,10 @@ class LanguageTest extends Base
$languageModel = new LanguageModel($this->container);
$this->assertEquals('en', $languageModel->getJsLanguageCode());
$this->container['sessionStorage']->user = array('language' => 'fr_FR');
$_SESSION['user'] = array('language' => 'fr_FR');
$this->assertEquals('fr', $languageModel->getJsLanguageCode());
$this->container['sessionStorage']->user = array('language' => 'xx_XX');
$_SESSION['user'] = array('language' => 'xx_XX');
$this->assertEquals('en', $languageModel->getJsLanguageCode());
}
@ -37,10 +37,10 @@ class LanguageTest extends Base
$languageModel = new LanguageModel($this->container);
$this->assertEquals('en_US', $languageModel->getCurrentLanguage());
$this->container['sessionStorage']->user = array('language' => 'fr_FR');
$_SESSION['user'] = array('language' => 'fr_FR');
$this->assertEquals('fr_FR', $languageModel->getCurrentLanguage());
$this->container['sessionStorage']->user = array('language' => 'xx_XX');
$_SESSION['user'] = array('language' => 'xx_XX');
$this->assertEquals('xx_XX', $languageModel->getCurrentLanguage());
}

2
tests/units/Model/ProjectFileTest.php
View File

@ -52,7 +52,7 @@ class ProjectFileTest extends Base
public function testCreationWithSessionOpen()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$fileModel = new ProjectFileModel($this->container);

2
tests/units/Model/SubtaskStatusModelTest.php
View File

@ -71,7 +71,7 @@ class SubtaskStatusModelTest extends Base
$this->assertEquals(1, $subtask['task_id']);
// Set the current logged user
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$this->assertEquals(SubtaskModel::STATUS_INPROGRESS, $subtaskStatusModel->toggleStatus(1));

2
tests/units/Model/SubtaskTimeTrackingModelTest.php
View File

@ -73,7 +73,7 @@ class SubtaskTimeTrackingModelTest extends Base
$subtaskTimeTrackingModel = new SubtaskTimeTrackingModel($this->container);
$projectModel = new ProjectModel($this->container);
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$this->assertEquals(1, $projectModel->create(array('name' => 'test1')));
$this->assertEquals(1, $taskCreationModel->create(array('title' => 'test 1', 'project_id' => 1, 'column_id' => 1, 'owner_id' => 1)));

2
tests/units/Model/TaskCreationModelTest.php
View File

@ -159,7 +159,7 @@ class TaskCreationModelTest extends Base
$taskCreationModel = new TaskCreationModel($this->container);
$taskFinderModel = new TaskFinderModel($this->container);
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$this->assertEquals(1, $projectModel->create(array('name' => 'test')));
$this->assertEquals(1, $taskCreationModel->create(array('project_id' => 1, 'title' => 'test')));

2
tests/units/Model/TaskDuplicationModelTest.php
View File

@ -28,7 +28,7 @@ class TaskDuplicationModelTest extends Base
$this->assertEquals(1, $task['project_id']);
$this->assertEquals(0, $task['creator_id']);
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
// We duplicate our task
$this->assertEquals(2, $taskDuplicationModel->duplicate(1));

4
tests/units/Model/TaskExternalLinkTest.php
View File

@ -33,7 +33,7 @@ class TaskExternalLinkTest extends Base
public function testCreateWithUserSession()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$taskCreationModel = new TaskCreationModel($this->container);
@ -92,7 +92,7 @@ class TaskExternalLinkTest extends Base
public function testGetAll()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$this->container['externalLinkManager'] = new ExternalLinkManager($this->container);
$projectModel = new ProjectModel($this->container);

2
tests/units/Model/TaskFileModelTest.php
View File

@ -58,7 +58,7 @@ class TaskFileModelTest extends Base
public function testCreationWithSessionOpen()
{
$this->container['sessionStorage']->user = array('id' => 1);
$_SESSION['user'] = array('id' => 1);
$projectModel = new ProjectModel($this->container);
$fileModel = new TaskFileModel($this->container);

4
tests/units/Model/TimezoneTest.php
View File

@ -23,10 +23,10 @@ class TimezoneTest extends Base
$timezoneModel = new TimezoneModel($this->container);
$this->assertEquals('UTC', $timezoneModel->getCurrentTimezone());
$this->container['sessionStorage']->user = array('timezone' => 'Europe/Paris');
$_SESSION['user'] = array('timezone' => 'Europe/Paris');
$this->assertEquals('Europe/Paris', $timezoneModel->getCurrentTimezone());
$this->container['sessionStorage']->user = array('timezone' => 'Something');
$_SESSION['user'] = array('timezone' => 'Something');
$this->assertEquals('Something', $timezoneModel->getCurrentTimezone());
}
}

6
tests/units/Validator/PasswordResetValidatorTest.php
View File

@ -29,7 +29,7 @@ class PasswordResetValidatorTest extends Base
public function testValidateCreation()
{
$this->container['sessionStorage']->captcha = 'test';
$_SESSION['captcha'] = 'test';
$passwordResetValidator = new PasswordResetValidator($this->container);
list($valid,) = $passwordResetValidator->validateCreation(array('username' => 'foobar', 'captcha' => 'test'));
@ -38,7 +38,7 @@ class PasswordResetValidatorTest extends Base
public function testValidateCreationWithNoUsername()
{
$this->container['sessionStorage']->captcha = 'test';
$_SESSION['captcha'] = 'test';
$passwordResetValidator = new PasswordResetValidator($this->container);
list($valid,) = $passwordResetValidator->validateCreation(array('captcha' => 'test'));
@ -47,7 +47,7 @@ class PasswordResetValidatorTest extends Base
public function testValidateCreationWithWrongCaptcha()
{
$this->container['sessionStorage']->captcha = 'test123';
$_SESSION['captcha'] = 'test123';
$passwordResetValidator = new PasswordResetValidator($this->container);
list($valid,) = $passwordResetValidator->validateCreation(array('username' => 'foobar', 'captcha' => 'test'));

2
tests/units/Validator/UserValidatorTest.php
View File

@ -11,7 +11,7 @@ class UserValidatorTest extends Base
{
$userValidator = new UserValidator($this->container);
$this->container['sessionStorage']->user = array(
$_SESSION['user'] = array(
'id' => 1,
'role' => Role::APP_ADMIN,
'username' => 'admin',

2
vendor/composer/autoload_classmap.php vendored
View File

@ -342,8 +342,8 @@ return array(
'Kanboard\\Core\\Security\\SessionCheckProviderInterface' => $baseDir . '/app/Core/Security/SessionCheckProviderInterface.php',
'Kanboard\\Core\\Security\\Token' => $baseDir . '/app/Core/Security/Token.php',
'Kanboard\\Core\\Session\\FlashMessage' => $baseDir . '/app/Core/Session/FlashMessage.php',
'Kanboard\\Core\\Session\\SessionHandler' => $baseDir . '/app/Core/Session/SessionHandler.php',
'Kanboard\\Core\\Session\\SessionManager' => $baseDir . '/app/Core/Session/SessionManager.php',
'Kanboard\\Core\\Session\\SessionStorage' => $baseDir . '/app/Core/Session/SessionStorage.php',
'Kanboard\\Core\\Template' => $baseDir . '/app/Core/Template.php',
'Kanboard\\Core\\Thumbnail' => $baseDir . '/app/Core/Thumbnail.php',
'Kanboard\\Core\\Tool' => $baseDir . '/app/Core/Tool.php',

2
vendor/composer/autoload_static.php vendored
View File

@ -478,8 +478,8 @@ class ComposerStaticInit6edea6294a88689e3f5c56484bb70c9b
'Kanboard\\Core\\Security\\SessionCheckProviderInterface' => __DIR__ . '/../..' . '/app/Core/Security/SessionCheckProviderInterface.php',
'Kanboard\\Core\\Security\\Token' => __DIR__ . '/../..' . '/app/Core/Security/Token.php',
'Kanboard\\Core\\Session\\FlashMessage' => __DIR__ . '/../..' . '/app/Core/Session/FlashMessage.php',
'Kanboard\\Core\\Session\\SessionHandler' => __DIR__ . '/../..' . '/app/Core/Session/SessionHandler.php',
'Kanboard\\Core\\Session\\SessionManager' => __DIR__ . '/../..' . '/app/Core/Session/SessionManager.php',
'Kanboard\\Core\\Session\\SessionStorage' => __DIR__ . '/../..' . '/app/Core/Session/SessionStorage.php',
'Kanboard\\Core\\Template' => __DIR__ . '/../..' . '/app/Core/Template.php',
'Kanboard\\Core\\Thumbnail' => __DIR__ . '/../..' . '/app/Core/Thumbnail.php',
'Kanboard\\Core\\Tool' => __DIR__ . '/../..' . '/app/Core/Tool.php',