composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/support/2.6' into support/2.7

Browse Source
This commit is contained in:
Pierre Goiffon
2021-12-08 17:16:33 +01:00
parent 5e61388b65 f916f9cde8
commit e6d61d1ebd
2 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
application/transaction.class.inc.php
View File

@@ -193,16 +193,19 @@ class privUITransactionSession
*/ */
class privUITransactionFile class privUITransactionFile
{ {
/** @var int Value to use when no user logged */
const UNAUTHENTICATED_USER_ID = -666;
/** /**
* @return int * @return int current user id, or {@see self::UNAUTHENTICATED_USER_ID} if no user logged
* @throws \SecurityException if no connected user
* *
* @since 2.6.5 2.7.6 3.0.0 N°4289 method creation * @since 2.6.5 2.7.6 3.0.0 N°4289 method creation
*/ */
private static function GetCurrentUserId() { private static function GetCurrentUserId()
{
$iCurrentUserId = UserRights::GetConnectedUserId(); $iCurrentUserId = UserRights::GetConnectedUserId();
if ('' === $iCurrentUserId) { if ('' === $iCurrentUserId) {
throw new SecurityException('Cannot creation transaction_id when no user logged'); $iCurrentUserId = static::UNAUTHENTICATED_USER_ID;
} }
return $iCurrentUserId; return $iCurrentUserId;

8
test/application/privUITransactionFileTest.php
View File

@@ -171,5 +171,13 @@ class privUITransactionFileTest extends ItopDataTestCase
$this->assertTrue($bUser1Login2, 'Login with user1 throw an error'); $this->assertTrue($bUser1Login2, 'Login with user1 throw an error');
$bResult = privUITransactionFile::RemoveTransaction($sTransactionIdUserSupport); $bResult = privUITransactionFile::RemoveTransaction($sTransactionIdUserSupport);
$this->assertTrue($bResult, 'Token created by support user must be removed in the support user context'); $this->assertTrue($bResult, 'Token created by support user must be removed in the support user context');
// test when no user logged (combodo-unauthenticated-form module for example)
UserRights::_ResetSessionCache();
$sTransactionIdUnauthenticatedUser = privUITransactionFile::GetNewTransactionId();
$bResult = privUITransactionFile::IsTransactionValid($sTransactionIdUnauthenticatedUser, false);
$this->assertTrue($bResult, 'Token created by unauthenticated user must be valid when no user logged');
$bResult = privUITransactionFile::RemoveTransaction($sTransactionIdUnauthenticatedUser);
$this->assertTrue($bResult, 'Token created by unauthenticated user must be removed when no user logged');
} }
} }