diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index d467648..d622ea9 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -76,7 +76,7 @@ jobs: run: vendor/bin/phpstan analyse - name: Archive failed tests artifacts - test output & log - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 if: failure() with: name: test-outputs-php-${{ matrix.php-versions }} diff --git a/CHANGELOG.md b/CHANGELOG.md index c239702..9e83920 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,11 @@ - Enh: Changed exception thrown in PasswordRecoveryService from `RuntimeException` to `NotFoundException`. (eseperio) - New #553: created Da\User\AuthClient\Microsoft365 auth client (edegaudenzi) - Ehh: Added SecurityHelper to the Bootstrap classMap -- Fix #572: Correctly positioned the 'Disconnect' button in networks view +- Fix #546: The profile/show page must not be visible by default, implement configurable policy (TonisOrmisson) +- Fix #397: No more fatal Exceptions when connecting to already taken Social Network (edegaudenzi) +- Ehh: Added option to pre-fill recovery email via url parameter (TonisOrmisson) +- Ehh: Fixed pretty-url rules not initialized for console apps (TonisOrmisson) +- Fix #572: Correctly positioned the 'Disconnect' button in networks view (edegaudenzi) ## 1.6.3 Mar 18th, 2024 @@ -13,7 +17,8 @@ - Enh: Keycloak auth client (e.luhr) - Fix: Social Network Auth (eluhr) - Enh #532: /user/registration/register now shows form validation errors -- Enh: Allow/suggest new v3 releases of 2amigos 2fa dependencies: 2fa-library, qrcode-library (TonisOrmisson) +- Enh: Allow/suggest new v3 releases of 2amigos 2fa dependencies: 2fa-library, qrcode-library (TonisOrmisson) +- Ehh: Added all the classes to the Bootstrap.php classMap - Enh: Added option to disable viewing any other user's profile for non-admin users (TonisOrmisson) - Ehn: updated Estonian (et) translation by (TonisOrmisson) - Ehn: use recaptcha.net instead of google.com (Eseperio) diff --git a/docs/install/configuration-options.md b/docs/install/configuration-options.md index ed86a61..f1ffd67 100755 --- a/docs/install/configuration-options.md +++ b/docs/install/configuration-options.md @@ -241,6 +241,15 @@ simple backends with static administrators that won't change throughout time. Configures the permission name for `administrators`. See [AuthHelper](../../src/User/Helper/AuthHelper.php). +#### profileVisibility (type: `integer`, default:`0` (ProfileController::PROFILE_VISIBILITY_OWNER)) + +Configures to whom users 'profile/show' (public profile) page is shown. Constant values are defined in +[ProfileController](../../src/User/Controller/ProfileController.php) as constants. The visibility levels are: +- `0` (ProfileController::PROFILE_VISIBILITY_OWNER): The users profile page is shown ONLY to user itself, the owner of the profile. +- `1` (ProfileController::PROFILE_VISIBILITY_ADMIN): The users profile is shown ONLY to user itself (owner) AND users defined by module as admins. +- `2` (ProfileController::PROFILE_VISIBILITY_USERS): Any users profile page is shown to any other non-guest user. +- `3` (ProfileController::PROFILE_VISIBILITY_PUBLIC): Any user profile views are globally public and visible to anyone (including guests). + #### prefix (type: `string`, default: `user`) Configures the URL prefix for the module. @@ -313,11 +322,6 @@ Set to `true` to restrict user assignments to roles only. If `true` registration and last login IPs are not logged into users table, instead a dummy 127.0.0.1 is used - -#### disableProfileViewsForRegularUsers (type: `boolean`, default: `false`) - -If `true` only admin users have access to view any other user's profile. By default any user can see any other users public profile page. - #### minPasswordRequirements (type: `array`, default: `['lower' => 1, 'digit' => 1, 'upper' => 1]`) Minimum requirements when a new password is automatically generated. diff --git a/src/User/Bootstrap.php b/src/User/Bootstrap.php index e9bbc90..82eab2c 100755 --- a/src/User/Bootstrap.php +++ b/src/User/Bootstrap.php @@ -30,6 +30,7 @@ use yii\console\Application as ConsoleApplication; use yii\helpers\ArrayHelper; use yii\i18n\PhpMessageSource; use yii\web\Application as WebApplication; +use yii\web\UrlManager; /** * Bootstrap class of the yii2-usuario extension. Configures container services, initializes translations, @@ -49,10 +50,10 @@ class Bootstrap implements BootstrapInterface $this->initTranslations($app); $this->initContainer($app, $map); $this->initMailServiceConfiguration($app, $app->getModule('user')); + $this->initUrlRoutes($app); if ($app instanceof WebApplication) { $this->initControllerNamespace($app); - $this->initUrlRoutes($app); $this->initUrlRestRoutes($app); $this->initAuthCollection($app); $this->initAuthManager($app); @@ -256,11 +257,11 @@ class Bootstrap implements BootstrapInterface /** * Initializes web url routes (rules in Yii2). * - * @param WebApplication $app + * @param Application $app * * @throws InvalidConfigException */ - protected function initUrlRoutes(WebApplication $app) + protected function initUrlRoutes(Application $app) { /** @var $module Module */ $module = $app->getModule('user'); @@ -274,8 +275,13 @@ class Bootstrap implements BootstrapInterface $config['routePrefix'] = 'user'; } + $urlManager = $app->getUrlManager(); + if(!($urlManager instanceof UrlManager)) { + return; + } + $rule = Yii::createObject($config); - $app->getUrlManager()->addRules([$rule], false); + $urlManager->addRules([$rule], false); } /** @@ -399,13 +405,17 @@ class Bootstrap implements BootstrapInterface 'Assignment', 'Permission', 'Role', - 'SessionHistory' + 'SessionHistory', + 'AbstractAuthItem', + 'Rule', ], 'Da\User\Search' => [ 'UserSearch', 'PermissionSearch', 'RoleSearch', 'SessionHistorySearch', + 'RuleSearch', + 'AbstractAuthItemSearch', ], 'Da\User\Form' => [ 'RegistrationForm', @@ -413,12 +423,36 @@ class Bootstrap implements BootstrapInterface 'LoginForm', 'SettingsForm', 'RecoveryForm', + 'GdprDeleteForm', ], 'Da\User\Service' => [ + 'AccountConfirmationService', + 'AuthItemEditionService', + 'AuthRuleEditionService', + 'EmailChangeService', 'MailService', + 'PasswordExpireService', + 'PasswordRecoveryService', + 'ResendConfirmationService', + 'ResetPasswordService', + 'SocialNetworkAccountConnectService', + 'SocialNetworkAuthenticateService', + 'SwitchIdentityService', + 'TwoFactorEmailCodeGeneratorService', + 'TwoFactorQrCodeUriGeneratorService', + 'TwoFactorSmsCodeGeneratorService', + 'UpdateAuthAssignmentsService', + 'UserBlockService', + 'UserConfirmationService', + 'UserCreateService', + 'UserRegisterService', ], 'Da\User\Helper' => [ + 'AuthHelper', + 'ClassMapHelper', + 'MigrationHelper', 'SecurityHelper', + 'TimezoneHelper', ] ]; diff --git a/src/User/Controller/ProfileController.php b/src/User/Controller/ProfileController.php index 2a9e66b..da779b8 100644 --- a/src/User/Controller/ProfileController.php +++ b/src/User/Controller/ProfileController.php @@ -25,6 +25,15 @@ class ProfileController extends Controller { use ModuleAwareTrait; + /** @var int will allow only profile owner */ + const PROFILE_VISIBILITY_OWNER = 0; + /** @var int will allow profile owner and admin users */ + const PROFILE_VISIBILITY_ADMIN = 1; + /** @var int will allow any logged-in users */ + const PROFILE_VISIBILITY_USERS = 2; + /** @var int will allow anyone, including guests */ + public const PROFILE_VISIBILITY_PUBLIC = 3; + protected $profileQuery; /** @@ -73,10 +82,32 @@ class ProfileController extends Controller public function actionShow($id) { $user = Yii::$app->user; - /** @var User $identity */ + $id = (int) $id; + + /** @var ?User $identity */ $identity = $user->getIdentity(); - if($user->getId() != $id && $this->module->disableProfileViewsForRegularUsers && !$identity->getIsAdmin()) { - throw new ForbiddenHttpException(); + + switch($this->module->profileVisibility) { + case static::PROFILE_VISIBILITY_OWNER: + if($identity === null || $id !== $user->getId()) { + throw new ForbiddenHttpException(); + } + break; + case static::PROFILE_VISIBILITY_ADMIN: + if($id === $user->getId() || ($identity !== null && $identity->getIsAdmin())) { + break; + } + throw new ForbiddenHttpException(); + case static::PROFILE_VISIBILITY_USERS: + if((!$user->getIsGuest())) { + break; + } + throw new ForbiddenHttpException(); + case static::PROFILE_VISIBILITY_PUBLIC: + break; + default: + throw new ForbiddenHttpException(); + } $profile = $this->profileQuery->whereUserId($id)->one(); diff --git a/src/User/Controller/RecoveryController.php b/src/User/Controller/RecoveryController.php index 9925c87..2367ef2 100644 --- a/src/User/Controller/RecoveryController.php +++ b/src/User/Controller/RecoveryController.php @@ -89,14 +89,18 @@ class RecoveryController extends Controller throw new NotFoundHttpException(); } + $request = Yii::$app->request; + /** @var RecoveryForm $form */ $form = $this->make(RecoveryForm::class, [], ['scenario' => RecoveryForm::SCENARIO_REQUEST]); - + if(!$request->getIsPost() && !empty($request->get('email'))) { + $form->email = $request->get('email'); + } $event = $this->make(FormEvent::class, [$form]); $this->make(AjaxRequestModelValidator::class, [$form])->validate(); - if ($form->load(Yii::$app->request->post()) && $form->validate()) { + if ($form->load($request->post()) && $form->validate()) { $this->trigger(FormEvent::EVENT_BEFORE_REQUEST, $event); $mailService = MailFactory::makeRecoveryMailerService($form->email); diff --git a/src/User/Module.php b/src/User/Module.php index a27360b..0f70d5e 100755 --- a/src/User/Module.php +++ b/src/User/Module.php @@ -12,6 +12,7 @@ namespace Da\User; use Da\User\Contracts\MailChangeStrategyInterface; +use Da\User\Controller\ProfileController; use Da\User\Filter\AccessRuleFilter; use Yii; use yii\base\Module as BaseModule; @@ -181,6 +182,12 @@ class Module extends BaseModule * @var string the administrator permission name */ public $administratorPermissionName; + /** + * @var int $profileVisibility Defines the level of user's profile page visibility. + * Defaults to ProfileController::PROFILE_VISIBILITY_OWNER meaning no-one except the user itself can view + * the profile. @see ProfileController constants for possible options + */ + public $profileVisibility = ProfileController::PROFILE_VISIBILITY_OWNER; /** * @var string the route prefix */ @@ -219,6 +226,7 @@ class Module extends BaseModule '' => 'registration/', 'confirm//' => 'registration/confirm', 'forgot' => 'recovery/request', + 'forgot/' => 'recovery/request', 'recover//' => 'recovery/reset' ]; /** @@ -241,10 +249,6 @@ class Module extends BaseModule * @var boolean whether to disable IP logging into user table */ public $disableIpLogging = false; - /** - * @var boolean whether to disable viewing any user's profile for non-admin users - */ - public $disableProfileViewsForRegularUsers = false; /** * @var array Minimum requirements when a new password is automatically generated. * Array structure: `requirement => minimum number characters`. diff --git a/src/User/Service/SocialNetworkAccountConnectService.php b/src/User/Service/SocialNetworkAccountConnectService.php index 366c5f8..2c903ff 100644 --- a/src/User/Service/SocialNetworkAccountConnectService.php +++ b/src/User/Service/SocialNetworkAccountConnectService.php @@ -93,6 +93,6 @@ class SocialNetworkAccountConnectService implements ServiceInterface } } - return false; + return $account; } } diff --git a/tests/_fixtures/data/profile.php b/tests/_fixtures/data/profile.php index 7b2a40f..f1b7234 100644 --- a/tests/_fixtures/data/profile.php +++ b/tests/_fixtures/data/profile.php @@ -7,4 +7,8 @@ return [ 'user_id' => 1, 'name' => 'John Doe', ], + 'seconduser' => [ + 'user_id' => 9, + 'name' => 'John Doe 2', + ], ]; diff --git a/tests/_fixtures/data/user.php b/tests/_fixtures/data/user.php index 2f59661..01fba29 100644 --- a/tests/_fixtures/data/user.php +++ b/tests/_fixtures/data/user.php @@ -87,4 +87,30 @@ return [ 'confirmed_at' => $time, 'gdpr_consent' => false, ], + 'admin' => [ + 'id' => 8, + 'username' => 'admin', + 'email' => 'admin@example.com', + 'password_hash' => '$2y$13$qY.ImaYBppt66qez6B31QO92jc5DYVRzo5NxM1ivItkW74WsSG6Ui', + 'auth_key' => '39HU0m5lpjWtqstFVGFjj6lFb7UZDeRq', + 'auth_tf_key' => '', + 'auth_tf_enabled' => false, + 'created_at' => $time, + 'updated_at' => $time, + 'confirmed_at' => $time, + 'gdpr_consent' => false, + ], + 'seconduser' => [ + 'id' => 9, + 'username' => 'seconduser', + 'email' => 'seconduser@example.com', + 'password_hash' => '$2y$13$qY.ImaYBppt66qez6B31QO92jc5DYVRzo5NxM1ivItkW74WsSG6Ui', + 'auth_key' => '776960890cec5ac53525f0e910716f5a', + 'auth_tf_key' => '', + 'auth_tf_enabled' => false, + 'created_at' => $time, + 'updated_at' => $time, + 'confirmed_at' => $time, + 'gdpr_consent' => false, + ], ]; diff --git a/tests/functional/ProfileCept.php b/tests/functional/ProfileCept.php new file mode 100644 index 0000000..2933098 --- /dev/null +++ b/tests/functional/ProfileCept.php @@ -0,0 +1,110 @@ +haveFixtures([ + 'user' => UserFixture::class, + 'profile' => ProfileFixture::class +]); +$user = $I->grabFixture('user', 'user'); +$secondUser = $I->grabFixture('user', 'seconduser'); +$adminUser = $I->grabFixture('user', 'admin'); +$I->wantTo('Ensure that profile profile pages are shown only to when user has correct permissions and else forbidden'); + +Yii::$app->getModule('user')->profileVisibility = \Da\User\Controller\ProfileController::PROFILE_VISIBILITY_OWNER; +Yii::$app->getModule('user')->administrators = ['admin']; + +$I->amLoggedInAs($user); +$I->amGoingTo('try to open users own profile page'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +$I->amGoingTo('Profile visibility::OWNER: try to open another users profile page'); +$I->amOnRoute('/user/profile/show', ['id' => $secondUser->id]); +$I->expectTo('See the profile page'); +$I->see('Forbidden'); +$I->dontSee('Joined on'); + +Yii::$app->user->logout(); +$I->amGoingTo('Profile visibility::OWNER: try to open users profile page as guest'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->see('Forbidden'); +$I->dontSee('Joined on'); + + +Yii::$app->getModule('user')->profileVisibility = \Da\User\Controller\ProfileController::PROFILE_VISIBILITY_ADMIN; +$I->amLoggedInAs($user); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_ADMIN: try to open users own profile page'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_ADMIN: try to open another users profile page as regular user'); +$I->amOnRoute('/user/profile/show', ['id' => $secondUser->id]); +$I->expectTo('See the profile page'); +$I->see('Forbidden'); +$I->dontSee('Joined on'); + +$I->amLoggedInAs($adminUser); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_ADMIN: try to open another users profile page as admin'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +Yii::$app->user->logout(); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_ADMIN: try to open users profile page as guest'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->see('Forbidden'); +$I->dontSee('Joined on'); + + +Yii::$app->getModule('user')->profileVisibility = \Da\User\Controller\ProfileController::PROFILE_VISIBILITY_USERS; +$I->amLoggedInAs($user); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_USERS: try to open users own profile page'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_USERS: try to open another users profile page as regular user'); +$I->amOnRoute('/user/profile/show', ['id' => $secondUser->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +$I->amLoggedInAs($adminUser); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_USERS: try to open another users profile page as admin'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); + +Yii::$app->user->logout(); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_USERS: try to open users profile page as guest'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->see('Forbidden'); +$I->dontSee('Joined on'); + +Yii::$app->getModule('user')->profileVisibility = \Da\User\Controller\ProfileController::PROFILE_VISIBILITY_PUBLIC; + +Yii::$app->user->logout(); +$I->amGoingTo('Profile visibility::PROFILE_VISIBILITY_PUBLIC: try to open users profile page as guest'); +$I->amOnRoute('/user/profile/show', ['id' => $user->id]); +$I->expectTo('See the profile page'); +$I->dontSee('Forbidden'); +$I->see('Joined on'); +