MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: add default roles migration, remove roles fixture, fix tests accordingly

pull/9069/head
Luciano Righetti 2023-05-10 15:14:18 +02:00
parent df9e6e7d04
commit 0e8259279a
21 changed files with 309 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,6 +2,7 @@ composer.lock
config/app_local.php
config/Migrations/schema-dump-default.lock
logs/*.log
logs/*.log.*
tmp
vendor
webroot/theme/node_modules

1
config/Migrations/20230505121246_Initial.php
View File

@ -1,4 +1,5 @@
<?php
declare(strict_types=1);
use Migrations\AbstractMigration;

234
config/Migrations/20230510130042_DefaultRoles.php Normal file
View File

@ -0,0 +1,234 @@
<?php
declare(strict_types=1);
use Migrations\AbstractMigration;
class DefaultRoles extends AbstractMigration
{
public function up(): void
{
$rolesTable = $this->table('roles');
$now = date('Y-m-d H:i:s', time());
$roles = [
[
'id' => 1,
'name' => 'admin',
'created' => $now,
'modified' => $now,
'perm_add' => 1,
'perm_modify' => 1,
'perm_modify_org' => 1,
'perm_publish' => 1,
'perm_delegate' => 1,
'perm_sync' => 1,
'perm_admin' => 1,
'perm_audit' => 1,
'perm_full' => 1,
'perm_auth' => 1,
'perm_site_admin' => 1,
'perm_regexp_access' => 1,
'perm_tagger' => 1,
'perm_template' => 1,
'perm_sharing_group' => 1,
'perm_tag_editor' => 1,
'perm_sighting' => 1,
'perm_object_template' => 1,
'default_role' => 0,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 0,
'perm_publish_zmq' => 1,
'perm_publish_kafka' => 1,
'perm_decaying' => 1,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 1,
'perm_warninglist' => 0
],
[
'id' => 2,
'name' => 'Org Admin',
'created' => $now,
'modified' => $now,
'perm_add' => 1,
'perm_modify' => 1,
'perm_modify_org' => 1,
'perm_publish' => 1,
'perm_delegate' => 1,
'perm_sync' => 0,
'perm_admin' => 1,
'perm_audit' => 1,
'perm_full' => 0,
'perm_auth' => 1,
'perm_site_admin' => 0,
'perm_regexp_access' => 0,
'perm_tagger' => 1,
'perm_template' => 1,
'perm_sharing_group' => 1,
'perm_tag_editor' => 1,
'perm_sighting' => 0,
'perm_object_template' => 0,
'default_role' => 0,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 1,
'perm_publish_zmq' => 1,
'perm_publish_kafka' => 1,
'perm_decaying' => 1,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 1,
'perm_warninglist' => 0
],
[
'id' => 3,
'name' => 'User',
'created' => $now,
'modified' => $now,
'perm_add' => 1,
'perm_modify' => 1,
'perm_modify_org' => 1,
'perm_publish' => 0,
'perm_delegate' => 0,
'perm_sync' => 0,
'perm_admin' => 0,
'perm_audit' => 1,
'perm_full' => 0,
'perm_auth' => 1,
'perm_site_admin' => 0,
'perm_regexp_access' => 0,
'perm_tagger' => 1,
'perm_template' => 0,
'perm_sharing_group' => 0,
'perm_tag_editor' => 0,
'perm_sighting' => 1,
'perm_object_template' => 0,
'default_role' => 1,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 0,
'perm_publish_zmq' => 0,
'perm_publish_kafka' => 0,
'perm_decaying' => 1,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 0,
'perm_warninglist' => 0
],
[
'id' => 4,
'name' => 'Publisher',
'created' => $now,
'modified' => $now,
'perm_add' => 1,
'perm_modify' => 1,
'perm_modify_org' => 1,
'perm_publish' => 1,
'perm_delegate' => 1,
'perm_sync' => 0,
'perm_admin' => 0,
'perm_audit' => 1,
'perm_full' => 0,
'perm_auth' => 1,
'perm_site_admin' => 0,
'perm_regexp_access' => 0,
'perm_tagger' => 1,
'perm_template' => 0,
'perm_sharing_group' => 0,
'perm_tag_editor' => 0,
'perm_sighting' => 1,
'perm_object_template' => 0,
'default_role' => 0,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 0,
'perm_publish_zmq' => 1,
'perm_publish_kafka' => 1,
'perm_decaying' => 1,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 0,
'perm_warninglist' => 0
],
[
'id' => 5,
'name' => 'Sync user',
'created' => $now,
'modified' => $now,
'perm_add' => 1,
'perm_modify' => 1,
'perm_modify_org' => 1,
'perm_publish' => 1,
'perm_delegate' => 1,
'perm_sync' => 1,
'perm_admin' => 0,
'perm_audit' => 1,
'perm_full' => 0,
'perm_auth' => 1,
'perm_site_admin' => 0,
'perm_regexp_access' => 0,
'perm_tagger' => 1,
'perm_template' => 0,
'perm_sharing_group' => 1,
'perm_tag_editor' => 1,
'perm_sighting' => 1,
'perm_object_template' => 0,
'default_role' => 0,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 0,
'perm_publish_zmq' => 1,
'perm_publish_kafka' => 1,
'perm_decaying' => 1,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 1,
'perm_warninglist' => 0
],
[
'id' => 6,
'name' => 'Read Only',
'created' => $now,
'modified' => $now,
'perm_add' => 0,
'perm_modify' => 0,
'perm_modify_org' => 0,
'perm_publish' => 0,
'perm_delegate' => 0,
'perm_sync' => 0,
'perm_admin' => 0,
'perm_audit' => 1,
'perm_full' => 0,
'perm_auth' => 1,
'perm_site_admin' => 0,
'perm_regexp_access' => 0,
'perm_tagger' => 0,
'perm_template' => 0,
'perm_sharing_group' => 0,
'perm_tag_editor' => 0,
'perm_sighting' => 0,
'perm_object_template' => 0,
'default_role' => 0,
'memory_limit' => '',
'max_execution_time' => '',
'restricted_to_site_admin' => 0,
'perm_publish_zmq' => 0,
'perm_publish_kafka' => 0,
'perm_decaying' => 0,
'enforce_rate_limit' => 0,
'rate_limit_count' => 0,
'perm_galaxy_editor' => 0,
'perm_warninglist' => 0
]
];
$rolesTable->insert($roles)->saveData();
}
public function down()
{
$this->execute('DELETE FROM roles where id IN (1,2,3,4,5,6)');
}
}

8
tests/Fixture/AuthKeysFixture.php
View File

@ -11,16 +11,16 @@ class AuthKeysFixture extends TestFixture
{
public $connection = 'test';
public const ADMIN_API_ID = 1;
public const ADMIN_API_ID = 1000;
public const ADMIN_API_KEY = 'sL9hrjIyY405RyGQHLx5DoCAM92BNmmGa8P4ck1E';
public const SYNC_API_ID = 2;
public const SYNC_API_ID = 2000;
public const SYNC_API_KEY = '6b387ced110858dcbcda36edb044dc18f91a0894';
public const ORG_ADMIN_API_ID = 3;
public const ORG_ADMIN_API_ID = 3000;
public const ORG_ADMIN_API_KEY = '1c4685d281d478dbcebd494158024bc3539004d0';
public const REGULAR_USER_API_ID = 4;
public const REGULAR_USER_API_ID = 4000;
public const REGULAR_USER_API_KEY = '12dea96fec20593566ab75692c9949596833adc9';
public function init(): void

4
tests/Fixture/OrganisationsFixture.php
View File

@ -10,10 +10,10 @@ class OrganisationsFixture extends TestFixture
{
public $connection = 'test';
public const ORGANISATION_A_ID = 1;
public const ORGANISATION_A_ID = 1000;
public const ORGANISATION_A_UUID = 'dce5017e-b6a5-4d0d-a0d7-81e9af56c82c';
public const ORGANISATION_B_ID = 2;
public const ORGANISATION_B_ID = 2000;
public const ORGANISATION_B_UUID = '36d22d9a-851e-4838-a655-9999c1d19497';
public function init(): void

62
tests/Fixture/RolesFixture.php
View File

@ -1,62 +0,0 @@
<?php
declare(strict_types=1);
namespace App\Test\Fixture;
use Cake\TestSuite\Fixture\TestFixture;
class RolesFixture extends TestFixture
{
public $connection = 'test';
public const ROLE_ADMIN_ID = 1;
public const ROLE_SYNC_ID = 2;
public const ROLE_ORG_ADMIN_ID = 3;
public const ROLE_REGULAR_USER_ID = 4;
public function init(): void
{
$faker = \Faker\Factory::create();
$this->records = [
[
'id' => self::ROLE_ADMIN_ID,
'uuid' => $faker->uuid(),
'name' => 'admin',
'is_default' => false,
'perm_admin' => true,
'perm_sync' => false,
'perm_org_admin' => false
],
[
'id' => self::ROLE_SYNC_ID,
'uuid' => $faker->uuid(),
'name' => 'sync',
'is_default' => false,
'perm_admin' => false,
'perm_sync' => true,
'perm_org_admin' => false
],
[
'id' => self::ROLE_ORG_ADMIN_ID,
'uuid' => $faker->uuid(),
'name' => 'org_admin',
'is_default' => false,
'perm_admin' => false,
'perm_sync' => false,
'perm_org_admin' => true
],
[
'id' => self::ROLE_REGULAR_USER_ID,
'uuid' => $faker->uuid(),
'name' => 'user',
'is_default' => true,
'perm_admin' => false,
'perm_sync' => false,
'perm_org_admin' => false
]
];
parent::init();
}
}

23
tests/Fixture/UsersFixture.php
View File

@ -12,25 +12,32 @@ class UsersFixture extends TestFixture
public $connection = 'test';
// Admin user
public const USER_ADMIN_ID = 1;
public const USER_ADMIN_ID = 1000;
public const USER_ADMIN_EMAIL = 'admin@test.test';
public const USER_ADMIN_PASSWORD = 'AdminPassword';
// Sync user
public const USER_SYNC_ID = 2;
public const USER_SYNC_ID = 2000;
public const USER_SYNC_EMAIL = 'sync@test.test';
public const USER_SYNC_PASSWORD = 'SyncPassword';
// Org Admin user
public const USER_ORG_ADMIN_ID = 3;
public const USER_ORG_ADMIN_ID = 3000;
public const USER_ORG_ADMIN_EMAIL = 'org_admin@test.test';
public const USER_ORG_ADMIN_PASSWORD = 'OrgAdminPassword';
// Regular User user
public const USER_REGULAR_USER_ID = 4;
public const USER_REGULAR_USER_ID = 4000;
public const USER_REGULAR_USER_EMAIL = 'user@test.test';
public const USER_REGULAR_USER_PASSWORD = 'UserPassword';
// Default Roles IDs
public const ROLE_ADMIN_ID = 1;
public const ROLE_ORG_ADMIN_ID = 2;
public const ROLE_REGULAR_USER_ID = 3;
public const ROLE_PUBLISHER_ID = 4;
public const ROLE_SYNC_ID = 5;
public const ROLE_READ_ONLY_ID = 6;
public function init(): void
{
@ -43,7 +50,7 @@ class UsersFixture extends TestFixture
'uuid' => $faker->uuid(),
'email' => self::USER_ADMIN_EMAIL,
'password' => $hasher->hash(self::USER_ADMIN_PASSWORD),
'role_id' => RolesFixture::ROLE_ADMIN_ID,
'role_id' => self::ROLE_ADMIN_ID,
'disabled' => 0,
'org_id' => OrganisationsFixture::ORGANISATION_A_ID,
'date_created' => $faker->dateTime()->getTimestamp(),
@ -54,7 +61,7 @@ class UsersFixture extends TestFixture
'uuid' => $faker->uuid(),
'email' => self::USER_SYNC_EMAIL,
'password' => $hasher->hash(self::USER_SYNC_PASSWORD),
'role_id' => RolesFixture::ROLE_SYNC_ID,
'role_id' => self::ROLE_SYNC_ID,
'disabled' => 0,
'org_id' => OrganisationsFixture::ORGANISATION_A_ID,
'date_created' => $faker->dateTime()->getTimestamp(),
@ -65,7 +72,7 @@ class UsersFixture extends TestFixture
'uuid' => $faker->uuid(),
'email' => self::USER_ORG_ADMIN_EMAIL,
'password' => $hasher->hash(self::USER_ORG_ADMIN_PASSWORD),
'role_id' => RolesFixture::ROLE_ORG_ADMIN_ID,
'role_id' => self::ROLE_ORG_ADMIN_ID,
'disabled' => 0,
'org_id' => OrganisationsFixture::ORGANISATION_A_ID,
'date_created' => $faker->dateTime()->getTimestamp(),
@ -76,7 +83,7 @@ class UsersFixture extends TestFixture
'uuid' => $faker->uuid(),
'email' => self::USER_REGULAR_USER_EMAIL,
'password' => $hasher->hash(self::USER_REGULAR_USER_PASSWORD),
'role_id' => RolesFixture::ROLE_REGULAR_USER_ID,
'role_id' => self::ROLE_REGULAR_USER_ID,
'disabled' => 0,
'org_id' => OrganisationsFixture::ORGANISATION_A_ID,
'date_created' => $faker->dateTime()->getTimestamp(),

36
tests/TestCase/Api/Allowedlists/IndexAllowedlistsApiTest.php Normal file
View File

@ -0,0 +1,36 @@
<?php
declare(strict_types=1);
namespace App\Test\TestCase\Api\Users;
use Cake\TestSuite\TestCase;
use App\Test\Fixture\AuthKeysFixture;
use App\Test\Fixture\EventBlocklistsFixture;
use App\Test\Helper\ApiTestTrait;
class IndexAllowedlistsApiTest extends TestCase
{
use ApiTestTrait;
protected const ENDPOINT = '/event-blocklists/index';
protected $fixtures = [
'app.Organisations',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'
];
public function testIndexEventBlocklists(): void
{
$this->skipOpenApiValidations();
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
$this->get(self::ENDPOINT);
$this->assertResponseOk();
$this->assertResponseContains(sprintf('"event_uuid": "%s"', EventBlocklistsFixture::EVENT_BLOCK_LIST_1_EVENT_UUID));
}
}

1
tests/TestCase/Api/EventBlockLists/AddEventBlocklistApiTest.php
View File

@ -16,7 +16,6 @@ class AddEventBlocklistApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'

1
tests/TestCase/Api/EventBlockLists/DeleteEventBlocklistApiTest.php
View File

@ -17,7 +17,6 @@ class DeleteEventBlocklistApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'

1
tests/TestCase/Api/EventBlockLists/EditEventBlocklistApiTest.php
View File

@ -17,7 +17,6 @@ class EditEventBlocklistApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'

1
tests/TestCase/Api/EventBlockLists/IndexEventBlocklistsApiTest.php
View File

@ -17,7 +17,6 @@ class IndexEventBlocklistsApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'

1
tests/TestCase/Api/EventBlockLists/MassDeleteBlocklistsApiTest.php
View File

@ -17,7 +17,6 @@ class MassDeleteBlocklistsApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EventBlocklists'

5
tests/TestCase/Api/Users/AddUserApiTest.php
View File

@ -19,7 +19,6 @@ class AddUserApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys'
];
@ -33,7 +32,7 @@ class AddUserApiTest extends TestCase
[
'individual_id' => UsersFixture::USER_REGULAR_USER_ID,
'organisation_id' => OrganisationsFixture::ORGANISATION_A_ID,
'role_id' => RolesFixture::ROLE_REGULAR_USER_ID,
'role_id' => UsersFixture::ROLE_REGULAR_USER_ID,
'disabled' => false,
'username' => 'test',
'password' => 'Password123456!',
@ -54,7 +53,7 @@ class AddUserApiTest extends TestCase
[
'individual_id' => UsersFixture::USER_REGULAR_USER_ID,
'organisation_id' => OrganisationsFixture::ORGANISATION_A_ID,
'role_id' => RolesFixture::ROLE_REGULAR_USER_ID,
'role_id' => UsersFixture::ROLE_REGULAR_USER_ID,
'disabled' => false,
'username' => 'test',
'password' => 'Password123456!'

5
tests/TestCase/Api/Users/ChangePasswordApiTest.php
View File

@ -28,7 +28,6 @@ class ChangePasswordApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Individuals',
'app.Roles',
'app.Users',
'app.AuthKeys'
];
@ -64,13 +63,13 @@ class ChangePasswordApiTest extends TestCase
$request = new ServerRequest([
'url' => 'users/login',
'post' => [
'username' => UsersFixture::USER_REGULAR_USER_USERNAME,
'username' => UsersFixture::USER_REGULAR_USER_EMAIL,
'password' => $newPassword
],
]);
$result = $this->auth->authenticate($request, new Response());
$this->assertEquals(UsersFixture::USER_REGULAR_USER_ID, $result['id']);
$this->assertEquals(UsersFixture::USER_REGULAR_USER_USERNAME, $result['username']);
$this->assertEquals(UsersFixture::USER_REGULAR_USER_EMAIL, $result['username']);
}
}

1
tests/TestCase/Api/Users/DeleteUserApiTest.php
View File

@ -17,7 +17,6 @@ class DeleteUserApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys'
];

9
tests/TestCase/Api/Users/EditUserApiTest.php
View File

@ -18,7 +18,6 @@ class EditUserApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys'
];
@ -33,14 +32,14 @@ class EditUserApiTest extends TestCase
$url,
[
'id' => UsersFixture::USER_REGULAR_USER_ID,
'role_id' => RolesFixture::ROLE_ORG_ADMIN_ID,
'role_id' => UsersFixture::ROLE_ORG_ADMIN_ID,
]
);
$this->assertResponseOk();
$this->assertDbRecordExists('Users', [
'id' => UsersFixture::USER_REGULAR_USER_ID,
'role_id' => RolesFixture::ROLE_ORG_ADMIN_ID
'role_id' => UsersFixture::ROLE_ORG_ADMIN_ID
]);
}
@ -51,14 +50,14 @@ class EditUserApiTest extends TestCase
$this->put(
self::ENDPOINT,
[
'role_id' => RolesFixture::ROLE_ADMIN_ID,
'role_id' => UsersFixture::ROLE_ADMIN_ID,
]
);
$this->assertResponseOk();
$this->assertDbRecordNotExists('Users', [
'id' => UsersFixture::USER_REGULAR_USER_ID,
'role_id' => RolesFixture::ROLE_ADMIN_ID
'role_id' => UsersFixture::ROLE_ADMIN_ID
]);
}
}

1
tests/TestCase/Api/Users/IndexUsersApiTest.php
View File

@ -17,7 +17,6 @@ class IndexUsersApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys'
];

1
tests/TestCase/Api/Users/ViewUserApiTest.php
View File

@ -17,7 +17,6 @@ class ViewUserApiTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Roles',
'app.Users',
'app.AuthKeys'
];

1
tests/TestCase/Controller/Users/UsersControllerTest.php
View File

@ -13,7 +13,6 @@ class UsersControllerTest extends TestCase
use IntegrationTestTrait;
protected $fixtures = [
'app.Roles',
'app.Users'
];
public function testLogin(): void

13
tests/bootstrap.php
View File

@ -57,11 +57,14 @@ session_id('cli');
if (!$_ENV['SKIP_DB_MIGRATIONS']) {
echo "[ * ] Running DB migrations, it may take some time ...\n";
$migrator = new Migrator();
$migrator->runMany([
['connection' => 'test'],
['plugin' => 'Tags', 'connection' => 'test'],
['plugin' => 'ADmad/SocialAuth', 'connection' => 'test']
]);
$migrator->runMany(
[
['connection' => 'test'],
['plugin' => 'Tags', 'connection' => 'test'],
['plugin' => 'ADmad/SocialAuth', 'connection' => 'test']
],
false // Do not truncate tables
);
} else {
echo "[ * ] Skipping DB migrations ...\n";
}