From 6c9f50a6622cdc5c9f975cfb14994db1d9b3ab1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Wed, 17 Feb 2016 17:02:12 +0100 Subject: [PATCH 1/7] Demonstration mode to prevent password changes --- app/config/parameters.yml.dist | 3 +++ app/config/tests/parameters.yml.dist.mysql | 3 +++ app/config/tests/parameters.yml.dist.pgsql | 3 +++ app/config/tests/parameters.yml.dist.sqlite | 3 +++ .../Controller/ConfigController.php | 19 +++++++++++++------ 5 files changed, 25 insertions(+), 6 deletions(-) diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 7c7413fb9..dd9ec60ac 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -45,3 +45,6 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org + + # set to true to prevent changing password + demo: false diff --git a/app/config/tests/parameters.yml.dist.mysql b/app/config/tests/parameters.yml.dist.mysql index 1951f0216..3d5df6194 100644 --- a/app/config/tests/parameters.yml.dist.mysql +++ b/app/config/tests/parameters.yml.dist.mysql @@ -35,3 +35,6 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org + + # set to true to prevent changing password + demo: false diff --git a/app/config/tests/parameters.yml.dist.pgsql b/app/config/tests/parameters.yml.dist.pgsql index 36ad6cde5..dd29b7372 100644 --- a/app/config/tests/parameters.yml.dist.pgsql +++ b/app/config/tests/parameters.yml.dist.pgsql @@ -35,3 +35,6 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org + + # set to true to prevent changing password + demo: false diff --git a/app/config/tests/parameters.yml.dist.sqlite b/app/config/tests/parameters.yml.dist.sqlite index 6564014aa..0e3256e60 100644 --- a/app/config/tests/parameters.yml.dist.sqlite +++ b/app/config/tests/parameters.yml.dist.sqlite @@ -35,3 +35,6 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org + + # set to true to prevent changing password + demo: false diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 6eb621d87..04b546443 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -57,13 +57,20 @@ class ConfigController extends Controller $pwdForm->handleRequest($request); if ($pwdForm->isValid()) { - $user->setPlainPassword($pwdForm->get('new_password')->getData()); - $userManager->updateUser($user, true); + if ($this->getParameter('demo') === false) { + $user->setPlainPassword($pwdForm->get('new_password')->getData()); + $userManager->updateUser($user, true); - $this->get('session')->getFlashBag()->add( - 'notice', - 'Password updated' - ); + $this->get('session')->getFlashBag()->add( + 'notice', + 'Password updated' + ); + } else { + $this->get('session')->getFlashBag()->add( + 'notice', + 'In demonstration mode, you can`t change password.' + ); + } return $this->redirect($this->generateUrl('config').'#set4'); } From 36f20a6570c04e9de216a4d27bd2e597327477d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Wed, 17 Feb 2016 17:08:43 +0100 Subject: [PATCH 2/7] typo --- src/Wallabag/CoreBundle/Controller/ConfigController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 04b546443..31b598458 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -68,7 +68,7 @@ class ConfigController extends Controller } else { $this->get('session')->getFlashBag()->add( 'notice', - 'In demonstration mode, you can`t change password.' + 'In demonstration mode, you can\'t change password.' ); } From c3b43c8a3ee5bc65296110a8c57c037461089745 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Wed, 17 Feb 2016 17:24:00 +0100 Subject: [PATCH 3/7] change comment about demo parameter --- app/config/parameters.yml.dist | 2 +- app/config/tests/parameters.yml.dist.mysql | 2 +- app/config/tests/parameters.yml.dist.pgsql | 2 +- app/config/tests/parameters.yml.dist.sqlite | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index dd9ec60ac..b71e5393c 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -46,5 +46,5 @@ parameters: from_email: no-reply@wallabag.org - # set to true to prevent changing password + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account demo: false diff --git a/app/config/tests/parameters.yml.dist.mysql b/app/config/tests/parameters.yml.dist.mysql index 3d5df6194..1e21e26a4 100644 --- a/app/config/tests/parameters.yml.dist.mysql +++ b/app/config/tests/parameters.yml.dist.mysql @@ -36,5 +36,5 @@ parameters: from_email: no-reply@wallabag.org - # set to true to prevent changing password + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account demo: false diff --git a/app/config/tests/parameters.yml.dist.pgsql b/app/config/tests/parameters.yml.dist.pgsql index dd29b7372..3e1b0b819 100644 --- a/app/config/tests/parameters.yml.dist.pgsql +++ b/app/config/tests/parameters.yml.dist.pgsql @@ -36,5 +36,5 @@ parameters: from_email: no-reply@wallabag.org - # set to true to prevent changing password + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account demo: false diff --git a/app/config/tests/parameters.yml.dist.sqlite b/app/config/tests/parameters.yml.dist.sqlite index 0e3256e60..eedb84691 100644 --- a/app/config/tests/parameters.yml.dist.sqlite +++ b/app/config/tests/parameters.yml.dist.sqlite @@ -36,5 +36,5 @@ parameters: from_email: no-reply@wallabag.org - # set to true to prevent changing password + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account demo: false From d8d56448c993bdf4811a193f96e5ff44ed026417 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Thu, 18 Feb 2016 13:31:22 +0100 Subject: [PATCH 4/7] add a username for demonstration mode --- app/config/parameters.yml.dist | 3 ++- app/config/tests/parameters.yml.dist.mysql | 3 ++- app/config/tests/parameters.yml.dist.pgsql | 3 ++- app/config/tests/parameters.yml.dist.sqlite | 3 ++- .../CoreBundle/Controller/ConfigController.php | 12 ++++++------ 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index b71e5393c..5f22b147f 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -46,5 +46,6 @@ parameters: from_email: no-reply@wallabag.org - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account demo: false + demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.mysql b/app/config/tests/parameters.yml.dist.mysql index 1e21e26a4..126e11eb1 100644 --- a/app/config/tests/parameters.yml.dist.mysql +++ b/app/config/tests/parameters.yml.dist.mysql @@ -36,5 +36,6 @@ parameters: from_email: no-reply@wallabag.org - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account demo: false + demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.pgsql b/app/config/tests/parameters.yml.dist.pgsql index 3e1b0b819..8fc33a94c 100644 --- a/app/config/tests/parameters.yml.dist.pgsql +++ b/app/config/tests/parameters.yml.dist.pgsql @@ -36,5 +36,6 @@ parameters: from_email: no-reply@wallabag.org - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account demo: false + demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.sqlite b/app/config/tests/parameters.yml.dist.sqlite index eedb84691..8e3d49b35 100644 --- a/app/config/tests/parameters.yml.dist.sqlite +++ b/app/config/tests/parameters.yml.dist.sqlite @@ -36,5 +36,6 @@ parameters: from_email: no-reply@wallabag.org - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the default account + # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account demo: false + demo_username: wallabag diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 31b598458..9ff79ba9f 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -57,7 +57,12 @@ class ConfigController extends Controller $pwdForm->handleRequest($request); if ($pwdForm->isValid()) { - if ($this->getParameter('demo') === false) { + if ($this->getParameter('demo') === true && $this->getParameter('demo_username') === $user->getUsername()) { + $this->get('session')->getFlashBag()->add( + 'notice', + 'In demonstration mode, you can\'t change password for this user.' + ); + } else { $user->setPlainPassword($pwdForm->get('new_password')->getData()); $userManager->updateUser($user, true); @@ -65,11 +70,6 @@ class ConfigController extends Controller 'notice', 'Password updated' ); - } else { - $this->get('session')->getFlashBag()->add( - 'notice', - 'In demonstration mode, you can\'t change password.' - ); } return $this->redirect($this->generateUrl('config').'#set4'); From a4f42c59f0d8a408cf9f5d7971146866530012d3 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Mon, 22 Feb 2016 11:38:25 +0100 Subject: [PATCH 5/7] Use internal config instead for demo --- .../translations/CraueConfigBundle.en.yml | 2 ++ .../translations/CraueConfigBundle.fr.yml | 2 ++ app/config/parameters.yml.dist | 4 ---- app/config/tests/parameters.yml.dist.mysql | 4 ---- app/config/tests/parameters.yml.dist.pgsql | 4 ---- app/config/tests/parameters.yml.dist.sqlite | 4 ---- src/Wallabag/CoreBundle/Command/InstallCommand.php | 10 ++++++++++ .../CoreBundle/Controller/ConfigController.php | 2 +- .../CoreBundle/DataFixtures/ORM/LoadSettingData.php | 10 ++++++++++ 9 files changed, 25 insertions(+), 17 deletions(-) diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml index 719e51eab..b627376ec 100644 --- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml +++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml @@ -25,3 +25,5 @@ modify_settings: "apply" piwik_host: Host of your website in Piwik piwik_site_id: ID of your website in Piwik piwik_enabled: Enable Piwik +demo_mode_enabled: "Enable demo mode ? (only used for the wallabag public demo)" +demo_mode_username: "Demo user" diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml index ab5dfc721..084eb6df1 100644 --- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml +++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml @@ -25,3 +25,5 @@ modify_settings: "appliquer" piwik_host: URL de votre site dans Piwik piwik_site_id: ID de votre site dans Piwik piwik_enabled: Activer Piwik +demo_mode_enabled: "Activer le mode démo ? (utiliser uniquement pour la démo publique de wallabag)" +demo_mode_username: "Utilisateur de la démo" diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 5f22b147f..7c7413fb9 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -45,7 +45,3 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org - - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account - demo: false - demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.mysql b/app/config/tests/parameters.yml.dist.mysql index 126e11eb1..1951f0216 100644 --- a/app/config/tests/parameters.yml.dist.mysql +++ b/app/config/tests/parameters.yml.dist.mysql @@ -35,7 +35,3 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org - - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account - demo: false - demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.pgsql b/app/config/tests/parameters.yml.dist.pgsql index 8fc33a94c..36ad6cde5 100644 --- a/app/config/tests/parameters.yml.dist.pgsql +++ b/app/config/tests/parameters.yml.dist.pgsql @@ -35,7 +35,3 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org - - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account - demo: false - demo_username: wallabag diff --git a/app/config/tests/parameters.yml.dist.sqlite b/app/config/tests/parameters.yml.dist.sqlite index 8e3d49b35..6564014aa 100644 --- a/app/config/tests/parameters.yml.dist.sqlite +++ b/app/config/tests/parameters.yml.dist.sqlite @@ -35,7 +35,3 @@ parameters: fosuser_confirmation: true from_email: no-reply@wallabag.org - - # this parameter is only used for the wallabag public demo, it means user won't be able to change the password of the demo_user account - demo: false - demo_username: wallabag diff --git a/src/Wallabag/CoreBundle/Command/InstallCommand.php b/src/Wallabag/CoreBundle/Command/InstallCommand.php index 93520f9a8..2e241757d 100644 --- a/src/Wallabag/CoreBundle/Command/InstallCommand.php +++ b/src/Wallabag/CoreBundle/Command/InstallCommand.php @@ -327,6 +327,16 @@ class InstallCommand extends ContainerAwareCommand 'value' => '1', 'section' => 'analytics', ], + [ + 'name' => 'demo_mode_enabled', + 'value' => '0', + 'section' => 'misc', + ], + [ + 'name' => 'demo_mode_username', + 'value' => 'wallabag', + 'section' => 'misc', + ], ]; foreach ($settings as $setting) { diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 9ff79ba9f..87196b0ec 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -57,7 +57,7 @@ class ConfigController extends Controller $pwdForm->handleRequest($request); if ($pwdForm->isValid()) { - if ($this->getParameter('demo') === true && $this->getParameter('demo_username') === $user->getUsername()) { + if ($this->get('craue_config')->get('demo_mode_enabled') && $this->get('craue_config')->get('demo_mode_username') === $user->getUsername()) { $this->get('session')->getFlashBag()->add( 'notice', 'In demonstration mode, you can\'t change password for this user.' diff --git a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php index 10b60f300..1f4cafdfc 100644 --- a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php +++ b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php @@ -125,6 +125,16 @@ class LoadSettingData extends AbstractFixture implements OrderedFixtureInterface 'value' => '1', 'section' => 'analytics', ], + [ + 'name' => 'demo_mode_enabled', + 'value' => '0', + 'section' => 'misc', + ], + [ + 'name' => 'demo_mode_username', + 'value' => 'wallabag', + 'section' => 'misc', + ], ]; foreach ($settings as $setting) { From e5b527096220f9c94a745275a27cd4b2c106ee2c Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Mon, 22 Feb 2016 11:42:59 +0100 Subject: [PATCH 6/7] Add translation --- src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index 541616469..65280ebc9 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml @@ -175,6 +175,7 @@ Entry deleted: "Article supprimé" Tagging rule deleted: "Règle supprimée" Tagging rules updated: "Règles mises à jour" User "%username%" added: 'Utilisateur "%username%" ajouté' +In demonstration mode, you can't change password for this user.: 'En démo, vous ne pouvez pas changer le mot de passe de cet utilisateur.' # Entry Mark as read: 'Marquer comme lu' From b6c00b0b807108cd54ab32fa73f9c196f4f12d97 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Mon, 22 Feb 2016 13:33:22 +0100 Subject: [PATCH 7/7] Add tests --- .../Controller/ConfigController.php | 14 ++++----- .../Tests/Controller/ConfigControllerTest.php | 30 +++++++++++++++++++ 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 87196b0ec..1791eac23 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -58,20 +58,16 @@ class ConfigController extends Controller if ($pwdForm->isValid()) { if ($this->get('craue_config')->get('demo_mode_enabled') && $this->get('craue_config')->get('demo_mode_username') === $user->getUsername()) { - $this->get('session')->getFlashBag()->add( - 'notice', - 'In demonstration mode, you can\'t change password for this user.' - ); + $message = 'In demonstration mode, you can\'t change password for this user.'; } else { + $message = 'Password updated'; + $user->setPlainPassword($pwdForm->get('new_password')->getData()); $userManager->updateUser($user, true); - - $this->get('session')->getFlashBag()->add( - 'notice', - 'Password updated' - ); } + $this->get('session')->getFlashBag()->add('notice', $message); + return $this->redirect($this->generateUrl('config').'#set4'); } diff --git a/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php index 6c370a2d8..2af93ffec 100644 --- a/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php +++ b/src/Wallabag/CoreBundle/Tests/Controller/ConfigControllerTest.php @@ -577,4 +577,34 @@ class ConfigControllerTest extends WallabagCoreTestCase $this->assertEquals(403, $client->getResponse()->getStatusCode()); $this->assertContains('You can not access this tagging ryle', $client->getResponse()->getContent()); } + + public function testDemoMode() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $config = $client->getContainer()->get('craue_config'); + $config->set('demo_mode_enabled', 1); + $config->set('demo_mode_username', 'admin'); + + $crawler = $client->request('GET', '/config'); + + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $form = $crawler->filter('button[id=change_passwd_save]')->form(); + + $data = array( + 'change_passwd[old_password]' => 'mypassword', + 'change_passwd[new_password][first]' => 'mypassword', + 'change_passwd[new_password][second]' => 'mypassword', + ); + + $client->submit($form, $data); + + $this->assertEquals(302, $client->getResponse()->getStatusCode()); + $this->assertContains('In demonstration mode, you can\'t change password for this user.', $client->getContainer()->get('session')->getFlashBag()->get('notice')[0]); + + $config->set('demo_mode_enabled', 0); + $config->set('demo_mode_username', 'wallabag'); + } }