vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 14:20:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Upgrade/Install: Introduce WP_Automatic_Updater::is_allowed_dir() method.

Browse Source 
As part of determining whether to perform automatic updates, WordPress checks if it is running within a version-controlled environment, recursively looking up the filesystem to the top of the drive, looking for a Subversion, Git, Mercurial, or Bazaar directory, erring on the side of detecting a VCS checkout somewhere.

This commit avoids a PHP warning if the `open_basedir` directive is in use and any of the directories checked in the process are not allowed:
{{{
is_dir(): open_basedir restriction in effect. File(/.git) is not within the allowed path(s)
}}}

Follow-up to [25421], [25700], [25764], [25835], [25859].

Props costdev, markjaquith, meyegui, dd32, arnolp, robin-labadie, hellofromTonya, afragen, pbiron, SergeyBiryukov.
Fixes #42619.

git-svn-id: https://develop.svn.wordpress.org/trunk@55425 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
2023-02-26 15:17:45 +00:00
parent 21d70052b6
commit 12fcc5cfac
2 changed files with 187 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
tests/phpunit/tests/admin/wpAutomaticUpdater.php
View File

@@ -572,4 +572,138 @@ class Tests_Admin_WpAutomaticUpdater extends WP_UnitTestCase {
),
);
}
/**
* Tests that `WP_Automatic_Updater::is_allowed_dir()` returns true
* when the `open_basedir` directive is not set.
*
* @ticket 42619
*
* @covers WP_Automatic_Updater::is_allowed_dir
*/
public function test_is_allowed_dir_should_return_true_if_open_basedir_is_not_set() {
$this->assertTrue( self::$updater->is_allowed_dir( ABSPATH ) );
}
/**
* Tests that `WP_Automatic_Updater::is_allowed_dir()` returns true
* when the `open_basedir` directive is set and the path is allowed.
*
* Runs in a separate process to ensure that `open_basedir` changes
* don't impact other tests should an error occur.
*
* This test does not preserve global state to prevent the exception
* "Serialization of 'Closure' is not allowed" when running in
* a separate process.
*
* @ticket 42619
*
* @covers WP_Automatic_Updater::is_allowed_dir
*
* @runInSeparateProcess
* @preserveGlobalState disabled
*/
public function test_is_allowed_dir_should_return_true_if_open_basedir_is_set_and_path_is_allowed() {
// The repository for PHPUnit and test suite resources.
$abspath_parent = trailingslashit( dirname( ABSPATH ) );
$abspath_grandparent = trailingslashit( dirname( $abspath_parent ) );
$open_basedir_backup = ini_get( 'open_basedir' );
// Allow access to the directory one level above the repository.
ini_set( 'open_basedir', wp_normalize_path( $abspath_grandparent ) );
// Checking an allowed directory should succeed.
$actual = self::$updater->is_allowed_dir( wp_normalize_path( ABSPATH ) );
ini_set( 'open_basedir', $open_basedir_backup );
$this->assertTrue( $actual );
}
/**
* Tests that `WP_Automatic_Updater::is_allowed_dir()` returns false
* when the `open_basedir` directive is set and the path is not allowed.
*
* Runs in a separate process to ensure that `open_basedir` changes
* don't impact other tests should an error occur.
*
* This test does not preserve global state to prevent the exception
* "Serialization of 'Closure' is not allowed" when running in
* a separate process.
*
* @ticket 42619
*
* @covers WP_Automatic_Updater::is_allowed_dir
*
* @runInSeparateProcess
* @preserveGlobalState disabled
*/
public function test_is_allowed_dir_should_return_false_if_open_basedir_is_set_and_path_is_not_allowed() {
// The repository for PHPUnit and test suite resources.
$abspath_parent = trailingslashit( dirname( ABSPATH ) );
$abspath_grandparent = trailingslashit( dirname( $abspath_parent ) );
$open_basedir_backup = ini_get( 'open_basedir' );
// Allow access to the directory one level above the repository.
ini_set( 'open_basedir', wp_normalize_path( $abspath_grandparent ) );
// Checking a directory not within the allowed path should trigger an `open_basedir` warning.
$actual = self::$updater->is_allowed_dir( '/.git' );
ini_set( 'open_basedir', $open_basedir_backup );
$this->assertFalse( $actual );
}
/**
* Tests that `WP_Automatic_Updater::is_allowed_dir()` throws `_doing_it_wrong()`
* when an invalid `$dir` argument is provided.
*
* @ticket 42619
*
* @covers WP_Automatic_Updater::is_allowed_dir
*
* @expectedIncorrectUsage WP_Automatic_Updater::is_allowed_dir
*
* @dataProvider data_is_allowed_dir_should_throw_doing_it_wrong_with_invalid_dir
*
* @param mixed $dir The directory to check.
*/
public function test_is_allowed_dir_should_throw_doing_it_wrong_with_invalid_dir( $dir ) {
$this->assertFalse( self::$updater->is_allowed_dir( $dir ) );
}
/**
* Data provider.
*
* @return array[]
*/
public function data_is_allowed_dir_should_throw_doing_it_wrong_with_invalid_dir() {
return array(
// Type checks and boolean comparisons.
'null' => array( 'dir' => null ),
'(bool) false' => array( 'dir' => false ),
'(bool) true' => array( 'dir' => true ),
'(int) 0' => array( 'dir' => 0 ),
'(int) -0' => array( 'dir' => -0 ),
'(int) 1' => array( 'dir' => 1 ),
'(int) -1' => array( 'dir' => -1 ),
'(float) 0.0' => array( 'dir' => 0.0 ),
'(float) -0.0' => array( 'dir' => -0.0 ),
'(float) 1.0' => array( 'dir' => 1.0 ),
'empty string' => array( 'dir' => '' ),
'empty array' => array( 'dir' => array() ),
'populated array' => array( 'dir' => array( ABSPATH ) ),
'empty object' => array( 'dir' => new stdClass() ),
'populated object' => array( 'dir' => (object) array( ABSPATH ) ),
'INF' => array( 'dir' => INF ),
'NAN' => array( 'dir' => NAN ),
// Ensures that `trim()` has been called.
'string with only spaces' => array( 'dir' => ' ' ),
'string with only tabs' => array( 'dir' => "\t\t" ),
'string with only newlines' => array( 'dir' => "\n\n" ),
'string with only carriage returns' => array( 'dir' => "\r\r" ),
);
}
}