Merge branch 'master_MDL-35332' of git://github.com/totara/moodle
authorDamyon Wiese <damyon@moodle.com>
Mon, 11 Feb 2013 06:51:11 +0000 (14:51 +0800)
committerDamyon Wiese <damyon@moodle.com>
Mon, 11 Feb 2013 06:51:11 +0000 (14:51 +0800)
Conflicts:
lib/tests/moodlelib_test.php
version.php

1  2 
admin/tool/uploaduser/index.php
lib/db/upgrade.php
lib/moodlelib.php
lib/setuplib.php
lib/tests/moodlelib_test.php
version.php

Simple merge
@@@ -1564,6 -1564,18 +1564,18 @@@ function xmldb_main_upgrade($oldversion
          upgrade_main_savepoint(true, 2012120300.07);
      }
  
 -    if ($oldversion < 2013020900.00) {
++    if ($oldversion < 2013021100.01) {
+         // Changing precision of field password on table user to (255).
+         $table = new xmldb_table('user');
+         $field = new xmldb_field('password', XMLDB_TYPE_CHAR, '255', null, XMLDB_NOTNULL, null, null, 'username');
+         // Launch change of precision for field password.
+         $dbman->change_field_precision($table, $field);
+         // Main savepoint reached.
 -        upgrade_main_savepoint(true, 2013020900.00);
++        upgrade_main_savepoint(true, 2013021100.01);
+     }
  
      return true;
  }
Simple merge
@@@ -1140,8 -1140,8 +1140,8 @@@ function disable_output_buffering() 
   */
  function redirect_if_major_upgrade_required() {
      global $CFG;
-     $lastmajordbchanges = 2012110201;
 -    $lastmajordbchanges = 2013020900;
--    if (empty($CFG->version) or (int)$CFG->version < $lastmajordbchanges or
++    $lastmajordbchanges = 2013021100.01;
++    if (empty($CFG->version) or (float)$CFG->version < $lastmajordbchanges or
              during_initial_install() or !empty($CFG->adminsetuppending)) {
          try {
              @session_get_instance()->terminate_current();
@@@ -2246,94 -2246,117 +2246,208 @@@ class moodlelib_testcase extends advanc
          $this->assertFalse($cache->get('mod_forum'));
      }
  
 +    function test_get_max_upload_sizes() {
 +        // Test with very low limits so we are not affected by php upload limits.
 +        // Test activity limit smallest.
 +        $sitebytes = 102400;
 +        $coursebytes = 51200;
 +        $modulebytes = 10240;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals('Activity upload limit (10KB)', $result['0']);
 +        $this->assertEquals(2, count($result));
 +
 +        // Test course limit smallest.
 +        $sitebytes = 102400;
 +        $coursebytes = 10240;
 +        $modulebytes = 51200;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals('Course upload limit (10KB)', $result['0']);
 +        $this->assertEquals(2, count($result));
 +
 +        // Test site limit smallest.
 +        $sitebytes = 10240;
 +        $coursebytes = 102400;
 +        $modulebytes = 51200;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals('Site upload limit (10KB)', $result['0']);
 +        $this->assertEquals(2, count($result));
 +
 +        // Test site limit not set.
 +        $sitebytes = 0;
 +        $coursebytes = 102400;
 +        $modulebytes = 51200;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals('Activity upload limit (50KB)', $result['0']);
 +        $this->assertEquals(3, count($result));
 +
 +        $sitebytes = 0;
 +        $coursebytes = 51200;
 +        $modulebytes = 102400;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals('Course upload limit (50KB)', $result['0']);
 +        $this->assertEquals(3, count($result));
 +
 +        // Test no limits.
 +        $sitebytes = 0;
 +        $coursebytes = 0;
 +        $modulebytes = 0;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes);
 +
 +        $this->assertEquals(6, count($result));
 +
 +        // Test custom bytes in range.
 +        $sitebytes = 102400;
 +        $coursebytes = 51200;
 +        $modulebytes = 51200;
 +        $custombytes = 10240;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes, $custombytes);
 +
 +        $this->assertEquals(3, count($result));
 +
 +        // Test custom bytes in range but non-standard.
 +        $sitebytes = 102400;
 +        $coursebytes = 51200;
 +        $modulebytes = 51200;
 +        $custombytes = 25600;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes, $custombytes);
 +
 +        $this->assertEquals(4, count($result));
 +
 +        // Test custom bytes out of range.
 +        $sitebytes = 102400;
 +        $coursebytes = 51200;
 +        $modulebytes = 51200;
 +        $custombytes = 102400;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes, $custombytes);
 +
 +        $this->assertEquals(3, count($result));
 +
 +        // Test custom bytes out of range and non-standard.
 +        $sitebytes = 102400;
 +        $coursebytes = 51200;
 +        $modulebytes = 51200;
 +        $custombytes = 256000;
 +        $result = get_max_upload_sizes($sitebytes, $coursebytes, $modulebytes, $custombytes);
 +
 +        $this->assertEquals(3, count($result));
 +    }
++
+     /**
+      * Test function password_is_legacy_hash().
+      */
+     public function test_password_is_legacy_hash() {
+         // Well formed md5s should be matched.
+         foreach (array('some', 'strings', 'to_check!') as $string) {
+             $md5 = md5($string);
+             $this->assertTrue(password_is_legacy_hash($md5));
+         }
+         // Strings that are not md5s should not be matched.
+         foreach (array('', AUTH_PASSWORD_NOT_CACHED, 'IPW8WTcsWNgAWcUS1FBVHegzJnw5M2jOmYkmfc8z.xdBOyC4Caeum') as $notmd5) {
+             $this->assertFalse(password_is_legacy_hash($notmd5));
+         }
+     }
+     /**
+      * Test function validate_internal_user_password().
+      */
+     public function test_validate_internal_user_password() {
+         if (password_compat_not_supported()) {
+             // If bcrypt is not properly supported test legacy md5 hashes instead.
+             // Can't hardcode these as we don't know the site's password salt.
+             $validhashes = array(
+                 'pw' => hash_internal_user_password('pw'),
+                 'abc' => hash_internal_user_password('abc'),
+                 'C0mP1eX_&}<?@*&%` |\"' => hash_internal_user_password('C0mP1eX_&}<?@*&%` |\"'),
+                 'ĩńťėŕňăţĩōŋāĹ' => hash_internal_user_password('ĩńťėŕňăţĩōŋāĹ')
+             );
+         } else {
+             // Otherwise test bcrypt hashes.
+             $validhashes = array(
+                 'pw' => '$2y$10$LOSDi5eaQJhutSRun.OVJ.ZSxQZabCMay7TO1KmzMkDMPvU40zGXK',
+                 'abc' => '$2y$10$VWTOhVdsBbWwtdWNDRHSpewjd3aXBQlBQf5rBY/hVhw8hciarFhXa',
+                 'C0mP1eX_&}<?@*&%` |\"' => '$2y$10$3PJf.q.9ywNJlsInPbqc8.IFeSsvXrGvQLKRFBIhVu1h1I3vpIry6',
+                 'ĩńťėŕňăţĩōŋāĹ' => '$2y$10$3A2Y8WpfRAnP3czJiSv6N.6Xp0T8hW3QZz2hUCYhzyWr1kGP1yUve'
+             );
+         }
+         foreach ($validhashes as $password => $hash) {
+             $user = new stdClass();
+             $user->auth = 'manual';
+             $user->password = $hash;
+             // The correct password should be validated.
+             $this->assertTrue(validate_internal_user_password($user, $password));
+             // An incorrect password should not be validated.
+             $this->assertFalse(validate_internal_user_password($user, 'badpw'));
+         }
+     }
+     /**
+      * Test function hash_internal_user_password().
+      */
+     public function test_hash_internal_user_password() {
+         $passwords = array('pw', 'abc123', 'C0mP1eX_&}<?@*&%` |\"', 'ĩńťėŕňăţĩōŋāĹ');
+         // Check that some passwords that we convert to hashes can
+         // be validated.
+         foreach ($passwords as $password) {
+             $hash = hash_internal_user_password($password);
+             $fasthash = hash_internal_user_password($password, true);
+             $user = new stdClass();
+             $user->auth = 'manual';
+             $user->password = $hash;
+             $this->assertTrue(validate_internal_user_password($user, $password));
+             if (password_compat_not_supported()) {
+                 // If bcrypt is not properly supported make sure the passwords are in md5 format.
+                 $this->assertTrue(password_is_legacy_hash($hash));
+             } else {
+                 // Otherwise they should not be in md5 format.
+                 $this->assertFalse(password_is_legacy_hash($hash));
+                 // Check that cost factor in hash is correctly set.
+                 $this->assertRegExp('/\$10\$/', $hash);
+                 $this->assertRegExp('/\$04\$/', $fasthash);
+             }
+         }
+     }
+     /**
+      * Test function update_internal_user_password().
+      */
+     public function test_update_internal_user_password() {
+         global $DB;
+         $this->resetAfterTest();
+         $passwords = array('password', '1234', 'changeme', '****');
+         foreach ($passwords as $password) {
+             $user = $this->getDataGenerator()->create_user(array('auth'=>'manual'));
+             update_internal_user_password($user, $password);
+             // The user object should have been updated.
+             $this->assertTrue(validate_internal_user_password($user, $password));
+             // The database field for the user should also have been updated to the
+             // same value.
+             $this->assertEquals($user->password, $DB->get_field('user', 'password', array('id' => $user->id)));
+         }
+         $user = $this->getDataGenerator()->create_user(array('auth'=>'manual'));
+         // Manually set the user's password to the md5 of the string 'password'.
+         $DB->set_field('user', 'password', '5f4dcc3b5aa765d61d8327deb882cf99', array('id' => $user->id));
+         // Update the password.
+         update_internal_user_password($user, 'password');
+         if (password_compat_not_supported()) {
+             // If bcrypt not properly supported the password should remain as an md5 hash.
+             $expected_hash = hash_internal_user_password('password', true);
+             $this->assertEquals($user->password, $expected_hash);
+             $this->assertTrue(password_is_legacy_hash($user->password));
+         } else {
+             // Otherwise password should have been updated to a bcrypt hash.
+             $this->assertFalse(password_is_legacy_hash($user->password));
+         }
+     }
  }
diff --cc version.php
@@@ -30,7 -30,7 +30,7 @@@
  defined('MOODLE_INTERNAL') || die();
  
  
- $version  = 2013021100.00;              // YYYYMMDD      = weekly release date of this DEV branch
 -$version  = 2013020900.00;              // YYYYMMDD      = weekly release date of this DEV branch
++$version  = 2013021100.01;              // YYYYMMDD      = weekly release date of this DEV branch
                                          //         RR    = release increments - 00 in DEV branches
                                          //           .XX = incremental changes