From 44526b435c85620d0fb4cff6858f3ef7fc615ca6 Mon Sep 17 00:00:00 2001 From: camer0n Date: Fri, 8 Sep 2023 14:18:06 -0700 Subject: [PATCH] Issue #5064 - Draft fix for user impersonation (getperms()) --- class2.php | 18 +++++- e107_handlers/user_model.php | 63 ++++++++++++++++++++- e107_languages/English/admin/help/menus.php | 2 +- e107_tests/tests/unit/class2Test.php | 25 ++++++++ e107_tests/tests/unit/languageTest.php | 2 +- 5 files changed, 104 insertions(+), 6 deletions(-) diff --git a/class2.php b/class2.php index 6c66db9f4..fbb46154b 100755 --- a/class2.php +++ b/class2.php @@ -1317,8 +1317,17 @@ function check_class($var, $userclass = null, $uid = 0) function getperms($arg, $ap = ADMINPERMS, $path = e_SELF) { // $ap = "4"; // Just for testing. + if(trim($ap) === '') + { + return false; + } - if(!deftrue('ADMIN') || trim($ap) === '') + if(deftrue('USE_NEW_GETPERMS')) // Add to e107_config.php. + { + return e107::getUser()->checkAdminPerms($arg,$ap,$path); + } + + if(!deftrue('ADMIN')) { return false; } @@ -1630,6 +1639,13 @@ function init_session() define('USERJOINED', ''); define('e_CLASS_REGEXP', '(^|,)(253|254|250|251|0)(,|$)'); define('e_NOBODY_REGEXP', '(^|,)255(,|$)'); + + /* $user->set('user_id', 1); + $user->set('user_name','e107-cli'); + $user->set('user_admin', 1); + $user->set('user_perms', '0'); + $user->set('user_class', ''); + $user->set('user_join', '');*/ return; } diff --git a/e107_handlers/user_model.php b/e107_handlers/user_model.php index 316062e22..8da02d057 100644 --- a/e107_handlers/user_model.php +++ b/e107_handlers/user_model.php @@ -646,13 +646,70 @@ class e_user_model extends e_admin_model } /** - * @param $perm_str + * @param str $arg + * @param str $ap + * @param str $path * @return bool */ - final public function checkAdminPerms($perm_str) + final public function checkAdminPerms($arg, $ap = null, $path = null) { // FIXME - method to replace getperms() - return ($this->isAdmin() && getperms($perm_str, $this->getAdminPerms())); + + if(!$this->isAdmin()) + { + return false; + } + + if($ap === null) + { + $ap = $this->getAdminPerms(); + } + + if($arg === 0) // Common-error avoidance with getperms(0) + { + $arg = '0'; + } + + if ($ap === '0' || $ap === '0.') // BC fix. + { + return true; + } + + if ($arg === 'P' && !empty($path) && preg_match('#(.*?)/' .e107::getInstance()->getFolder('plugins'). '(.*?)/(.*?)#', $path, $matches)) + { + $sql = e107::getDb('psql'); + /* $id = e107::getPlug()->load($matches[2])->getId(); + $arg = 'P'.$id;*/ + + if ($sql->select('plugin', 'plugin_id', "plugin_path = '".$matches[2]."' LIMIT 1 ")) + { + $row = $sql->fetch(); + $arg = 'P'.$row['plugin_id']; + } + } + + $ap_array = explode('.',$ap); + + if (in_array($arg,$ap_array,false)) + { + return true; + } + + if(strpos($arg, "|")) + { + $tmp = explode("|", $arg); + foreach($tmp as $val) + { + if(in_array($val,$ap_array)) + { + return true; + } + } + } + + + return false; + //return ($this->isAdmin() && getperms($perm_str, $this->getAdminPerms())); } /** diff --git a/e107_languages/English/admin/help/menus.php b/e107_languages/English/admin/help/menus.php index 1dfec241f..04ac5dab2 100644 --- a/e107_languages/English/admin/help/menus.php +++ b/e107_languages/English/admin/help/menus.php @@ -10,7 +10,7 @@ if(!defined('e107_INIT')){ exit; } -if (!getperms("2")) +if (!getperms("2") && !e107::isCli()) { e107::redirect(); exit; diff --git a/e107_tests/tests/unit/class2Test.php b/e107_tests/tests/unit/class2Test.php index f7daa8d3c..0a663c1ac 100644 --- a/e107_tests/tests/unit/class2Test.php +++ b/e107_tests/tests/unit/class2Test.php @@ -11,8 +11,22 @@ class class2Test extends \Codeception\Test\Unit { + public $usr; + /*protected function _before() + { + try + { + $this->usr = $this->make('e_user_model'); + } + catch(Exception $e) + { + $this->fail( "Couldn't load e_user_model object"); + } + e107::getUser()->load(1); // load user_id = 1. + + }*/ function testLoadClass2() { @@ -23,6 +37,11 @@ function testGetPerms() { + // $this->markTestSkipped("Skipped - CLI mode changes behavior."); + // See class2.php Line 1643 + + $result = getperms('N', '5'); + $this->assertFalse($result); $result = getperms('N', '0'); $this->assertTrue($result); @@ -47,6 +66,12 @@ } + function testUserModel() + { + $result = e107::getUser(); + var_dump($result); + } + function testCheckClass() diff --git a/e107_tests/tests/unit/languageTest.php b/e107_tests/tests/unit/languageTest.php index 93b017f0a..b8798829c 100644 --- a/e107_tests/tests/unit/languageTest.php +++ b/e107_tests/tests/unit/languageTest.php @@ -17,7 +17,7 @@ catch(Exception $e) { - $this->assertTrue(false, $e->getMessage()); + $this->fail( $e->getMessage()); } }