Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 13 |
|
0.00% |
0 / 2 |
CRAP | |
0.00% |
0 / 1 |
SecureDatabaseTrait | |
0.00% |
0 / 13 |
|
0.00% |
0 / 2 |
30 | |
0.00% |
0 / 1 |
getSecureAlgorithmAndKey | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
hasSecureDatabase | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
20 |
1 | <?php |
2 | |
3 | /** |
4 | * VuFind Action Feature Trait - Secure database detection trait |
5 | * |
6 | * PHP version 8 |
7 | * |
8 | * Copyright (C) Villanova University 2023. |
9 | * |
10 | * This program is free software; you can redistribute it and/or modify |
11 | * it under the terms of the GNU General Public License version 2, |
12 | * as published by the Free Software Foundation. |
13 | * |
14 | * This program is distributed in the hope that it will be useful, |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17 | * GNU General Public License for more details. |
18 | * |
19 | * You should have received a copy of the GNU General Public License |
20 | * along with this program; if not, write to the Free Software |
21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
22 | * |
23 | * @category VuFind |
24 | * @package Controller_Plugins |
25 | * @author Demian Katz <demian.katz@villanova.edu> |
26 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
27 | * @link https://vufind.org Main Page |
28 | */ |
29 | |
30 | namespace VuFind\Controller\Feature; |
31 | |
32 | use VuFind\Db\Service\UserCardServiceInterface; |
33 | use VuFind\Db\Service\UserServiceInterface; |
34 | |
35 | use function count; |
36 | |
37 | /** |
38 | * VuFind Action Feature Trait - Configuration file path methods |
39 | * |
40 | * @category VuFind |
41 | * @package Controller_Plugins |
42 | * @author Demian Katz <demian.katz@villanova.edu> |
43 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
44 | * @link https://vufind.org Main Page |
45 | */ |
46 | trait SecureDatabaseTrait |
47 | { |
48 | /** |
49 | * Get an array containing an ILS encryption algorithm and a randomly generated |
50 | * key. |
51 | * |
52 | * @return array |
53 | */ |
54 | protected function getSecureAlgorithmAndKey() |
55 | { |
56 | // Make example hash for AES |
57 | $alpha = 'abcdefghijklmnopqrstuvwxyz'; |
58 | $chars = str_repeat($alpha . strtoupper($alpha) . '0123456789,.@#%^&*', 4); |
59 | return ['aes', substr(str_shuffle($chars), 0, 32)]; |
60 | } |
61 | |
62 | /** |
63 | * Does the instance have secure database configuration and contents? |
64 | * |
65 | * @return bool |
66 | */ |
67 | protected function hasSecureDatabase(): bool |
68 | { |
69 | // Are configuration settings missing? |
70 | $config = $this->getConfig(); |
71 | $status = ($config->Authentication->hash_passwords ?? false) |
72 | && ($config->Authentication->encrypt_ils_password ?? false); |
73 | |
74 | // If we're correctly configured, check that the data in the database is ok: |
75 | if ($status) { |
76 | try { |
77 | $userRows = $this->getDbService(UserServiceInterface::class)->getInsecureRows(); |
78 | $cardRows = $this->getDbService(UserCardServiceInterface::class)->getInsecureRows(); |
79 | $status = (count($userRows) + count($cardRows) == 0); |
80 | } catch (\Exception $e) { |
81 | // Any exception means we have a problem! |
82 | $status = false; |
83 | } |
84 | } |
85 | |
86 | return $status; |
87 | } |
88 | } |