CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getAnonymousUser example
$this->drupalLogin($attacker_user);
// Perform tests using the newly created users. $this->doTestTemporaryFileRemovalExploit($victim_user, $attacker_user);
}
/** * Tests exploiting the temporary file removal for anonymous users using fid. */
public function testTemporaryFileRemovalExploitAnonymous() {
// Set up an anonymous victim user. $victim_user = User::getAnonymousUser();
// Set up an anonymous attacker user. $attacker_user = User::getAnonymousUser();
// Set up permissions for anonymous attacker user. user_role_change_permissions(RoleInterface::ANONYMOUS_ID, [
'access content' => TRUE,
'create article content' => TRUE,
'edit any article content' => TRUE,
]);
// Perform tests using the newly created users. $this->doTestTemporaryFileRemovalExploit($victim_user, $attacker_user);
}
/** * Tests exploiting the temporary file removal for anonymous users using fid. */
public function testTemporaryFileRemovalExploitAnonymous() {
// Set up an anonymous victim user. $victim_user = User::getAnonymousUser();
// Set up an anonymous attacker user. $attacker_user = User::getAnonymousUser();
// Set up permissions for anonymous attacker user. user_role_change_permissions(RoleInterface::ANONYMOUS_ID, [
'access content' => TRUE,
'create article content' => TRUE,
'edit any article content' => TRUE,
]);
$dblog = $this->database->query('SELECT [w].*, [u].[uid] FROM {watchdog} [w] LEFT JOIN {users} [u] ON [u].[uid] = [w].[uid] WHERE [w].[wid] = :id', [':id' => $event_id])->fetchObject();
if (empty($dblog)) {
throw new NotFoundHttpException();
}
$build = [];
$severity = RfcLogLevel::getLevels();
$message = $this->formatMessage($dblog);
$username = [
'#theme' => 'username',
'#account' => $dblog->uid ? $this->userStorage->load($dblog->uid) : User::getAnonymousUser(),
];
$rows = [
[
['data' => $this->t('Type'), 'header' => TRUE],
$this->t($dblog->type),
],
[
['data' => $this->t('Date'), 'header' => TRUE],
$this->dateFormatter->format($dblog->timestamp, 'long'),
],
[
[
if (empty($dblog)) {
throw new NotFoundHttpException();
}
$build = [];
$severity = RfcLogLevel::getLevels();
$message = $this->formatMessage($dblog);
$username = [
'#theme' => 'username',
'#account' => $dblog->uid ? $this->userStorage->load($dblog->uid) : User::getAnonymousUser(),
];
$rows = [
[
['data' => $this->t('Type'), 'header' => TRUE],
$this->t($dblog->type),
],
[
['data' => $this->t('Date'), 'header' => TRUE],
$this->dateFormatter->format($dblog->timestamp, 'long'),
],
[
[
$this->submitForm(['action' => 'node_assign_owner_action'], 'Create');
// Get the autocomplete URL of the owner_uid textfield. $autocomplete_field = $this->getSession()->getPage()->findField('owner_uid');
$autocomplete_url = $this->getAbsoluteUrl($autocomplete_field->getAttribute('data-autocomplete-path'));
// Make sure that autocomplete works. $user = $this->drupalCreateUser();
$data = Json::decode($this->drupalGet($autocomplete_url, ['query' => ['q' => $user->getDisplayName(), '_format' => 'json']]));
$this->assertNotEmpty($data);
$anonymous = User::getAnonymousUser();
// Ensure that the anonymous user exists. $this->assertNotNull($anonymous);
// Make sure the autocomplete does not show the anonymous user. $data = Json::decode($this->drupalGet($autocomplete_url, ['query' => ['q' => $anonymous->getDisplayName(), '_format' => 'json']]));
$this->assertEmpty($data);
}
}
// Get the autocomplete URL of the owner_uid textfield. $autocomplete_field = $this->getSession()->getPage()->findField('owner_uid');
$autocomplete_url = $this->getAbsoluteUrl($autocomplete_field->getAttribute('data-autocomplete-path'));
// Make sure that autocomplete works. $user = $this->drupalCreateUser();
$data = Json::decode($this->drupalGet($autocomplete_url, ['query' => ['q' => $user->getDisplayName(), '_format' => 'json']]));
$this->assertNotEmpty($data);
$anonymous = User::getAnonymousUser();
// Ensure that the anonymous user exists. $this->assertNotNull($anonymous);
// Make sure the autocomplete does not show the anonymous user. $data = Json::decode($this->drupalGet($autocomplete_url, ['query' => ['q' => $anonymous->getDisplayName(), '_format' => 'json']]));
$this->assertEmpty($data);
}
}
// Confirm account cancellation.
$timestamp = time();
$this->submitForm([], 'Confirm');
$this->assertSession()->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
// Confirm account cancellation request. $this->drupalGet("user/" . $account->id() . "/cancel/confirm/$timestamp/" . user_pass_rehash($account, $timestamp));
$user_storage->resetCache([$account->id()]);
$this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
// Confirm that user's content has been attributed to anonymous user. $anonymous_user = User::getAnonymousUser();
$node_storage->resetCache([$node->id()]);
$test_node = $node_storage->load($node->id());
$this->assertEquals(0, $test_node->getOwnerId(), 'Node of the user has been attributed to anonymous user.');
$this->assertTrue($test_node->isPublished());
$test_node = $node_storage->loadRevision($revision);
$this->assertEquals(0, $test_node->getRevisionUser()->id(), 'Node revision of the user has been attributed to anonymous user.');
$this->assertTrue($test_node->isPublished());
$node_storage->resetCache([$revision_node->id()]);
$test_node = $node_storage->load($revision_node->id());
$this->assertNotEquals(0, $test_node->getOwnerId(), "Current revision of the user's node was not attributed to anonymous user.");
$this->assertTrue($test_node->isPublished());
$this->submitForm([], 'Confirm');
$this->assertSession()->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
// Confirm account cancellation request. $this->drupalGet("user/" . $account->id() . "/cancel/confirm/$timestamp/" . user_pass_rehash($account, $timestamp));
$user_storage->resetCache([$account->id()]);
$this->assertNull($user_storage->load($account->id()), 'User is not found in the database.');
// Confirm that user's content has been attributed to anonymous user. $anonymous_user = User::getAnonymousUser();
$node_storage->resetCache([$node->id()]);
$test_node = $node_storage->load($node->id());
$this->assertEquals(0, $test_node->getOwnerId(), 'Node of the user has been attributed to anonymous user.');
$this->assertTrue($test_node->isPublished());
$test_node = $node_storage->loadRevision($revision);
$this->assertEquals(0, $test_node->getRevisionUser()->id(), 'Node revision of the user has been attributed to anonymous user.');
$this->assertTrue($test_node->isPublished());
$node_storage->resetCache([$revision_node->id()]);
$test_node = $node_storage->load($revision_node->id());
$this->assertNotEquals(0, $test_node->getOwnerId(), "Current revision of the user's node was not attributed to anonymous user.");
$this->assertTrue($test_node->isPublished());
public function testFileCacheability() {
$file = File::create([
'filename' => 'green-scarf',
'uri' => 'private://green-scarf',
'filemime' => 'text/plain',
]);
$file->setPermanent();
$file->save();
\Drupal::service('session')->set('anonymous_allowed_file_ids', [$file->id() => $file->id()]);
$account = User::getAnonymousUser();
$file->setOwnerId($account->id())->save();
$this->assertSame(['session', 'user'], $file->access('view', $account, TRUE)->getCacheContexts());
$this->assertSame(['session', 'user'], $file->access('download', $account, TRUE)->getCacheContexts());
$account = $this->createUser();
$file->setOwnerId($account->id())->save();
$this->assertSame(['user'], $file->access('view', $account, TRUE)->getCacheContexts());
$this->assertSame(['user'], $file->access('download', $account, TRUE)->getCacheContexts());
}
}
$this->nodeStorage->resetCache([$node->id()]);
$node = $this->nodeStorage->load($node->id());
$uid = $node->getOwnerId();
// Most SQL database drivers stringify fetches but entities are not // necessarily stored in a SQL database. At the same time, NULL/FALSE/"" // won't do. $this->assertTrue($uid === 0 || $uid === '0', 'Node authored by anonymous user.');
// Go back to the edit form and check that the correct value is displayed // in the author widget. $this->drupalGet('node/' . $node->id() . '/edit');
$anonymous_user = User::getAnonymousUser();
$expected = $anonymous_user->label() . ' (' . $anonymous_user->id() . ')';
$this->assertSession()->fieldValueEquals($form_element_name, $expected);
// Change the authored by field to another user's name (that is not // logged in). $edit[$form_element_name] = $this->webUser->getAccountName();
$this->submitForm($edit, 'Save');
$this->nodeStorage->resetCache([$node->id()]);
$node = $this->nodeStorage->load($node->id());
$this->assertSame($this->webUser->id(), $node->getOwnerId(), 'Node authored by normal user.');
}
}
$node = $this->nodeStorage->load($node->id());
$uid = $node->getOwnerId();
// Most SQL database drivers stringify fetches but entities are not // necessarily stored in a SQL database. At the same time, NULL/FALSE/"" // won't do. $this->assertTrue($uid === 0 || $uid === '0', 'Node authored by anonymous user.');
// Go back to the edit form and check that the correct value is displayed // in the author widget. $this->drupalGet('node/' . $node->id() . '/edit');
$anonymous_user = User::getAnonymousUser();
$expected = $anonymous_user->label() . ' (' . $anonymous_user->id() . ')';
$this->assertSession()->fieldValueEquals($form_element_name, $expected);
// Change the authored by field to another user's name (that is not // logged in). $edit[$form_element_name] = $this->webUser->getAccountName();
$this->submitForm($edit, 'Save');
$this->nodeStorage->resetCache([$node->id()]);
$node = $this->nodeStorage->load($node->id());
$this->assertSame($this->webUser->id(), $node->getOwnerId(), 'Node authored by normal user.');
}
}
$fields = \Drupal::service('entity_field.manager')->getFieldStorageDefinitions($values['entity_type']);
$values['comment_type'] = $fields[$values['field_name']]->getSetting('comment_type');
}
}
/** * {@inheritdoc} */
public function getOwner() {
$user = $this->get('uid')->entity;
if (!$user || $user->isAnonymous()) {
$user = User::getAnonymousUser();
$user->name = $this->getAuthorName();
$user->homepage = $this->getHomepage();
}
return $user;
}
/** * Get the comment type ID for this comment. * * @return string * The ID of the comment type. */
$values['comment_type'] = $fields[$values['field_name']]->getSetting('comment_type');
}
}
/** * {@inheritdoc} */
public function getOwner() {
$user = $this->get('uid')->entity;
if (!$user || $user->isAnonymous()) {
$user = User::getAnonymousUser();
$user->name = $this->getAuthorName();
$user->homepage = $this->getHomepage();
}
return $user;
}
/** * Get the comment type ID for this comment. * * @return string * The ID of the comment type. */
'name' => 'test name',
]);
$user->save();
$result = $user->{$this->fieldName}->view(['type' => 'user_name']);
$this->assertEquals('username', $result[0]['#theme']);
$this->assertEquals(spl_object_hash($user), spl_object_hash($result[0]['#account']));
$result = $user->{$this->fieldName}->view(['type' => 'user_name', 'settings' => ['link_to_entity' => FALSE]]);
$this->assertEquals($user->getDisplayName(), $result[0]['#markup']);
$user = User::getAnonymousUser();
$result = $user->{$this->fieldName}->view(['type' => 'user_name']);
$this->assertEquals('username', $result[0]['#theme']);
$this->assertEquals(spl_object_hash($user), spl_object_hash($result[0]['#account']));
$result = $user->{$this->fieldName}->view(['type' => 'user_name', 'settings' => ['link_to_entity' => FALSE]]);
$this->assertEquals($user->getDisplayName(), $result[0]['#markup']);
$this->assertEquals($this->config('user.settings')->get('anonymous'), $result[0]['#markup']);
}
}
]);
$user->save();
$result = $user->{$this->fieldName}->view(['type' => 'user_name']);
$this->assertEquals('username', $result[0]['#theme']);
$this->assertEquals(spl_object_hash($user), spl_object_hash($result[0]['#account']));
$result = $user->{$this->fieldName}->view(['type' => 'user_name', 'settings' => ['link_to_entity' => FALSE]]);
$this->assertEquals($user->getDisplayName(), $result[0]['#markup']);
$user = User::getAnonymousUser();
$result = $user->{$this->fieldName}->view(['type' => 'user_name']);
$this->assertEquals('username', $result[0]['#theme']);
$this->assertEquals(spl_object_hash($user), spl_object_hash($result[0]['#account']));
$result = $user->{$this->fieldName}->view(['type' => 'user_name', 'settings' => ['link_to_entity' => FALSE]]);
$this->assertEquals($user->getDisplayName(), $result[0]['#markup']);
$this->assertEquals($this->config('user.settings')->get('anonymous'), $result[0]['#markup']);
}
}
$this->assertEquals($object->access($op, $account), $result, $message);
}
}
/** * Ensures user labels are accessible for everyone. */
public function testUserLabelAccess() {
// Set up a non-admin user. \Drupal::currentUser()->setAccount($this->createUser([], NULL, FALSE, ['uid' => 2]));
$anonymous_user = User::getAnonymousUser();
$user = $this->createUser();
// The current user is allowed to view the anonymous user label. $this->assertEntityAccess([
'create' => FALSE,
'update' => FALSE,
'delete' => FALSE,
'view' => FALSE,
'view label' => TRUE,
], $anonymous_user);
}
}
/** * Ensures user labels are accessible for everyone. */
public function testUserLabelAccess() {
// Set up a non-admin user. \Drupal::currentUser()->setAccount($this->createUser([], NULL, FALSE, ['uid' => 2]));
$anonymous_user = User::getAnonymousUser();
$user = $this->createUser();
// The current user is allowed to view the anonymous user label. $this->assertEntityAccess([
'create' => FALSE,
'update' => FALSE,
'delete' => FALSE,
'view' => FALSE,
'view label' => TRUE,
], $anonymous_user);