mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-03-14 12:40:01 +01:00
Code Issues Projects Releases Wiki Activity

MDL-64385 user: Case insensitive comparison for email domains

Browse Source
This commit is contained in:
Amaia Anabitarte 2018-12-19 15:23:05 +01:00
parent c092f75791
commit 696bdd636d
2 changed files with 161 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/moodlelib.php
View File

@ -6433,8 +6433,10 @@ function send_password_change_info($user) {
function email_is_not_allowed($email) {
global $CFG;
// Comparing lowercase domains.
$email = strtolower($email);
if (!empty($CFG->allowemailaddresses)) {
$allowed = explode(' ', $CFG->allowemailaddresses);
$allowed = explode(' ', strtolower($CFG->allowemailaddresses));
foreach ($allowed as $allowedpattern) {
$allowedpattern = trim($allowedpattern);
if (!$allowedpattern) {
@ -6453,7 +6455,7 @@ function email_is_not_allowed($email) {
return get_string('emailonlyallowed', '', $CFG->allowemailaddresses);
} else if (!empty($CFG->denyemailaddresses)) {
$denied = explode(' ', $CFG->denyemailaddresses);
$denied = explode(' ', strtolower($CFG->denyemailaddresses));
foreach ($denied as $deniedpattern) {
$deniedpattern = trim($deniedpattern);
if (!$deniedpattern) {

157
lib/tests/moodlelib_test.php
View File

@ -3928,6 +3928,163 @@ class core_moodlelib_testcase extends advanced_testcase {
$this->assertTrue(validate_email(generate_email_processing_address(23, $modargs)));
}
/**
* Test allowemailaddresses setting.
*
* @param string $email Email address for the from user.
* @param string $config The CFG->allowemailaddresses config values
* @param false/string $result The expected result.
*
* @dataProvider data_email_is_not_allowed_for_allowemailaddresses
*/
public function test_email_is_not_allowed_for_allowemailaddresses($email, $config, $result) {
$this->resetAfterTest();
set_config('allowemailaddresses', $config);
$this->assertEquals($result, email_is_not_allowed($email));
}
/**
* Data provider for data_email_is_not_allowed_for_allowemailaddresses.
*
* @return array Returns an array of test data for the above function.
*/
public function data_email_is_not_allowed_for_allowemailaddresses() {
return [
// Test allowed domain empty list.
[
'email' => 'fromuser@example.com',
'config' => '',
'result' => false
],
// Test from email is in allowed domain.
[
'email' => 'fromuser@example.com',
'config' => 'example.com test.com',
'result' => false
],
// Test from email is in allowed domain but uppercase config.
[
'email' => 'fromuser@example.com',
'config' => 'EXAMPLE.com test.com',
'result' => false
],
// Test from email is in allowed domain but uppercase email.
[
'email' => 'fromuser@EXAMPLE.com',
'config' => 'example.com test.com',
'result' => false
],
// Test from email is in allowed subdomain.
[
'email' => 'fromuser@something.example.com',
'config' => '.example.com test.com',
'result' => false
],
// Test from email is in allowed subdomain but uppercase config.
[
'email' => 'fromuser@something.example.com',
'config' => '.EXAMPLE.com test.com',
'result' => false
],
// Test from email is in allowed subdomain but uppercase email.
[
'email' => 'fromuser@something.EXAMPLE.com',
'config' => '.example.com test.com',
'result' => false
],
// Test from email is not in allowed domain.
[ 'email' => 'fromuser@moodle.com',
'config' => 'example.com test.com',
'result' => get_string('emailonlyallowed', '', 'example.com test.com')
],
// Test from email is not in allowed subdomain.
[ 'email' => 'fromuser@something.example.com',
'config' => 'example.com test.com',
'result' => get_string('emailonlyallowed', '', 'example.com test.com')
],
];
}
/**
* Test denyemailaddresses setting.
*
* @param string $email Email address for the from user.
* @param string $config The CFG->denyemailaddresses config values
* @param false/string $result The expected result.
*
* @dataProvider data_email_is_not_allowed_for_denyemailaddresses
*/
public function test_email_is_not_allowed_for_denyemailaddresses($email, $config, $result) {
$this->resetAfterTest();
set_config('denyemailaddresses', $config);
$this->assertEquals($result, email_is_not_allowed($email));
}
/**
* Data provider for test_email_is_not_allowed_for_denyemailaddresses.
*
* @return array Returns an array of test data for the above function.
*/
public function data_email_is_not_allowed_for_denyemailaddresses() {
return [
// Test denied domain empty list.
[
'email' => 'fromuser@example.com',
'config' => '',
'result' => false
],
// Test from email is in denied domain.
[
'email' => 'fromuser@example.com',
'config' => 'example.com test.com',
'result' => get_string('emailnotallowed', '', 'example.com test.com')
],
// Test from email is in denied domain but uppercase config.
[
'email' => 'fromuser@example.com',
'config' => 'EXAMPLE.com test.com',
'result' => get_string('emailnotallowed', '', 'EXAMPLE.com test.com')
],
// Test from email is in denied domain but uppercase email.
[
'email' => 'fromuser@EXAMPLE.com',
'config' => 'example.com test.com',
'result' => get_string('emailnotallowed', '', 'example.com test.com')
],
// Test from email is in denied subdomain.
[
'email' => 'fromuser@something.example.com',
'config' => '.example.com test.com',
'result' => get_string('emailnotallowed', '', '.example.com test.com')
],
// Test from email is in denied subdomain but uppercase config.
[
'email' => 'fromuser@something.example.com',
'config' => '.EXAMPLE.com test.com',
'result' => get_string('emailnotallowed', '', '.EXAMPLE.com test.com')
],
// Test from email is in denied subdomain but uppercase email.
[
'email' => 'fromuser@something.EXAMPLE.com',
'config' => '.example.com test.com',
'result' => get_string('emailnotallowed', '', '.example.com test.com')
],
// Test from email is not in denied domain.
[ 'email' => 'fromuser@moodle.com',
'config' => 'example.com test.com',
'result' => false
],
// Test from email is not in denied subdomain.
[ 'email' => 'fromuser@something.example.com',
'config' => 'example.com test.com',
'result' => false
],
];
}
/**
* Test safe method unserialize_array().
*/