diff options
Diffstat (limited to 'rt/t')
-rw-r--r-- | rt/t/api/date.t | 10 | ||||
-rw-r--r-- | rt/t/api/password-types.t | 11 | ||||
-rw-r--r-- | rt/t/fts/indexed_mysql.t | 2 | ||||
-rw-r--r-- | rt/t/pod.t | 2 | ||||
-rw-r--r-- | rt/t/validator/group_members.t | 116 | ||||
-rw-r--r-- | rt/t/web/path-traversal.t | 11 |
6 files changed, 69 insertions, 83 deletions
diff --git a/rt/t/api/date.t b/rt/t/api/date.t index cc1c694cc..22c6f1b58 100644 --- a/rt/t/api/date.t +++ b/rt/t/api/date.t @@ -4,7 +4,7 @@ use DateTime; use warnings; use strict; -use RT::Test tests => 173; +use RT::Test tests => 175; use RT::User; use Test::Warn; @@ -440,6 +440,14 @@ my $year = (localtime(time))[5] + 1900; $date->Unix(0); $date->AddDays(31); is($date->ISO, '1970-02-01 00:00:00', "added one month"); + + $date->Unix(0); + $date->AddDays(0); + is($date->ISO, '1970-01-01 00:00:00', "added no days"); + + $date->Unix(0); + $date->AddDays(); + is($date->ISO, '1970-01-02 00:00:00', "added one day with no argument"); } { diff --git a/rt/t/api/password-types.t b/rt/t/api/password-types.t index e5155e35b..10a874a3d 100644 --- a/rt/t/api/password-types.t +++ b/rt/t/api/password-types.t @@ -3,6 +3,8 @@ use warnings; use RT::Test; use Digest::MD5; +use Encode 'encode_utf8'; +use utf8; my $default = "sha512"; @@ -38,3 +40,12 @@ my $trunc = MIME::Base64::encode_base64( $root->_Set( Field => "Password", Value => $trunc); ok($root->IsPassword("secret"), "Unsalted MD5 base64 works"); like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default"); + +# Non-ASCII salted truncated SHA-256 +my $non_ascii_trunc = MIME::Base64::encode_base64( + "salt" . substr(Digest::SHA::sha256("salt".Digest::MD5::md5(encode_utf8("áěšý"))),0,26), + "" +); +$root->_Set( Field => "Password", Value => $non_ascii_trunc); +ok($root->IsPassword("áěšý"), "Unsalted MD5 base64 works"); +like($root->__Value("Password"), qr/^\!$default\!/, "And is now upgraded to salted $default"); diff --git a/rt/t/fts/indexed_mysql.t b/rt/t/fts/indexed_mysql.t index a54382ff8..0a4f02626 100644 --- a/rt/t/fts/indexed_mysql.t +++ b/rt/t/fts/indexed_mysql.t @@ -32,7 +32,7 @@ sub setup_indexing { command => $RT::SbinPath .'/rt-setup-fulltext-index', dba => $ENV{'RT_DBA_USER'}, 'dba-password' => $ENV{'RT_DBA_PASSWORD'}, - url => "sphinx://localhost:$port/rt", + url => "sphinx://127.0.0.1:$port/rt", ); ok(!$exit_code, "setted up index"); diag "output: $output" if $ENV{'TEST_VERBOSE'}; diff --git a/rt/t/pod.t b/rt/t/pod.t index d11a497eb..697a30b44 100644 --- a/rt/t/pod.t +++ b/rt/t/pod.t @@ -4,4 +4,4 @@ use warnings; use Test::More; eval "use Test::Pod 1.14"; plan skip_all => "Test::Pod 1.14 required for testing POD" if $@; -all_pod_files_ok(); +all_pod_files_ok( all_pod_files("lib","docs","etc","bin","sbin")); diff --git a/rt/t/validator/group_members.t b/rt/t/validator/group_members.t index fbe758017..af93c518e 100644 --- a/rt/t/validator/group_members.t +++ b/rt/t/validator/group_members.t @@ -2,104 +2,45 @@ use strict; use warnings; -use RT::Test tests => 60; - -sub load_or_create_group { - my $name = shift; - my %args = (@_); - - my $group = RT::Group->new( RT->SystemUser ); - $group->LoadUserDefinedGroup( $name ); - unless ( $group->id ) { - my ($id, $msg) = $group->CreateUserDefinedGroup( - Name => $name, - ); - die "$msg" unless $id; - } - - if ( $args{Members} ) { - my $cur = $group->MembersObj; - while ( my $entry = $cur->Next ) { - my ($status, $msg) = $entry->Delete; - die "$msg" unless $status; - } - - foreach my $new ( @{ $args{Members} } ) { - my ($status, $msg) = $group->AddMember( - ref($new)? $new->id : $new, - ); - die "$msg" unless $status; - } - } - - return $group; -} - -my $validator_path = "$RT::SbinPath/rt-validator"; -sub run_validator { - my %args = (check => 1, resolve => 0, force => 1, @_ ); - - my $cmd = $validator_path; - die "Couldn't find $cmd command" unless -f $cmd; - - while( my ($k,$v) = each %args ) { - next unless $v; - $cmd .= " --$k '$v'"; - } - $cmd .= ' 2>&1'; - - require IPC::Open2; - my ($child_out, $child_in); - my $pid = IPC::Open2::open2($child_out, $child_in, $cmd); - close $child_in; - - my $result = do { local $/; <$child_out> }; - close $child_out; - waitpid $pid, 0; - - DBIx::SearchBuilder::Record::Cachable->FlushCache - if $args{'resolve'}; - - return ($?, $result); -} +use RT::Test tests => 63; { - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } { - my $group = load_or_create_group('test', Members => [] ); + my $group = RT::Test->load_or_create_group('test', Members => [] ); ok $group, "loaded or created a group"; - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } # G1 -> G2 { - my $group1 = load_or_create_group( 'test1', Members => [] ); + my $group1 = RT::Test->load_or_create_group( 'test1', Members => [] ); ok $group1, "loaded or created a group"; - my $group2 = load_or_create_group( 'test2', Members => [ $group1 ]); + my $group2 = RT::Test->load_or_create_group( 'test2', Members => [ $group1 ]); ok $group2, "loaded or created a group"; ok $group2->HasMember( $group1->id ), "has member"; ok $group2->HasMemberRecursively( $group1->id ), "has member"; - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; $RT::Handle->dbh->do("DELETE FROM CachedGroupMembers"); DBIx::SearchBuilder::Record::Cachable->FlushCache; ok !$group2->HasMemberRecursively( $group1->id ), "has no member, broken DB"; - ($ecode, $res) = run_validator(resolve => 1); + ($ecode, $res) = RT::Test->run_validator(resolve => 1); ok $group2->HasMember( $group1->id ), "has member"; ok $group2->HasMemberRecursively( $group1->id ), "has member"; - ($ecode, $res) = run_validator(); + ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } @@ -109,7 +50,7 @@ sub run_validator { for (1..5) { my $child = @groups? $groups[-1]: undef; - my $group = load_or_create_group( 'test'. $_, Members => [ $child? ($child): () ] ); + my $group = RT::Test->load_or_create_group( 'test'. $_, Members => [ $child? ($child): () ] ); ok $group, "loaded or created a group"; ok $group->HasMember( $child->id ), "has member" @@ -120,7 +61,7 @@ sub run_validator { push @groups, $group; } - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; $RT::Handle->dbh->do("DELETE FROM CachedGroupMembers"); @@ -128,7 +69,7 @@ sub run_validator { ok !$groups[1]->HasMemberRecursively( $groups[0]->id ), "has no member, broken DB"; - ($ecode, $res) = run_validator(resolve => 1); + ($ecode, $res) = RT::Test->run_validator(resolve => 1); for ( my $i = 1; $i < @groups; $i++ ) { ok $groups[$i]->HasMember( $groups[$i-1]->id ), "has member"; @@ -136,7 +77,7 @@ sub run_validator { foreach 0..$i-1; } - ($ecode, $res) = run_validator(); + ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } @@ -144,34 +85,51 @@ sub run_validator { { my @groups; for (2..5) { - my $group = load_or_create_group( 'test'. $_, Members => [] ); + my $group = RT::Test->load_or_create_group( 'test'. $_, Members => [] ); ok $group, "loaded or created a group"; push @groups, $group; } - my $parent = load_or_create_group( 'test1', Members => \@groups ); + my $parent = RT::Test->load_or_create_group( 'test1', Members => \@groups ); ok $parent, "loaded or created a group"; - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } # G1 <- (G2, G3, G4) <- G5 { - my $gchild = load_or_create_group( 'test5', Members => [] ); + my $gchild = RT::Test->load_or_create_group( 'test5', Members => [] ); ok $gchild, "loaded or created a group"; my @groups; for (2..4) { - my $group = load_or_create_group( 'test'. $_, Members => [ $gchild ] ); + my $group = RT::Test->load_or_create_group( 'test'. $_, Members => [ $gchild ] ); ok $group, "loaded or created a group"; push @groups, $group; } - my $parent = load_or_create_group( 'test1', Members => \@groups ); + my $parent = RT::Test->load_or_create_group( 'test1', Members => \@groups ); ok $parent, "loaded or created a group"; - my ($ecode, $res) = run_validator(); + my ($ecode, $res) = RT::Test->run_validator(); is $res, '', 'empty result'; } +# group without principal record and cgm records +# was causing infinite loop as principal was not created +{ + my $group = RT::Test->load_or_create_group('Test'); + ok $group && $group->id, 'loaded or created group'; + + my $dbh = $group->_Handle->dbh; + $dbh->do('DELETE FROM Principals WHERE id = ?', {RaiseError => 1}, $group->id); + $dbh->do('DELETE FROM CachedGroupMembers WHERE GroupId = ?', {RaiseError => 1}, $group->id); + DBIx::SearchBuilder::Record::Cachable->FlushCache; + + my ($ecode, $res) = RT::Test->run_validator(resolve => 1, timeout => 30); + ok $res; + + ($ecode, $res) = RT::Test->run_validator(); + is $res, '', 'empty result'; +} diff --git a/rt/t/web/path-traversal.t b/rt/t/web/path-traversal.t index 5d5c954a1..01302e672 100644 --- a/rt/t/web/path-traversal.t +++ b/rt/t/web/path-traversal.t @@ -1,9 +1,10 @@ use strict; use warnings; -use RT::Test tests => 22; +use RT::Test tests => undef; my ($baseurl, $agent) = RT::Test->started_ok; +ok($agent->login); $agent->get("$baseurl/NoAuth/../Elements/HeaderJavascript"); is($agent->status, 400); @@ -31,6 +32,12 @@ SKIP: { $agent->warning_like(qr/Invalid request.*aborting/,); }; +# Do not reject a simple /. in the URL, for downloading uploaded +# dotfiles, for example. +$agent->get("$baseurl/Ticket/Attachment/28/9/.bashrc"); +is($agent->status, 200); # Even for a file not found, we return 200 +$agent->content_contains("Bad attachment id"); + # do not reject these URLs, even though they contain /. outside the path $agent->get("$baseurl/index.html?ignored=%2F%2E"); is($agent->status, 200); @@ -44,3 +51,5 @@ is($agent->status, 200); $agent->get("$baseurl/index.html#/."); is($agent->status, 200); +undef $agent; +done_testing; |