Add InfoController to check system variables

dmetzner · dmetzner · commit ee1c5f4457c8 · 2024-05-25T17:06:26.000+02:00
Signed-off-by: Daniel Metzner &lt;daniiel.metzner@gmail.com&gt;
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
@@ -163,6 +163,7 @@ jobs:
           - web-studio
           - web-top-bar
           - web-translation
+          - web-system
 
     steps:
       - name: Checkout
diff --git a/behat.yaml.dist b/behat.yaml.dist
@@ -342,6 +342,15 @@ default:
                 - App\System\Testing\Behat\Context\CatrowebBrowserContext
                 - App\System\Testing\Behat\Context\ApiContext
 
+        web-system:
+            paths:
+                - "tests/BehatFeatures/web/system"
+            contexts:
+                - App\System\Testing\Behat\Context\RefreshEnvironmentContext
+                - App\System\Testing\Behat\Context\DataFixturesContext
+                - App\System\Testing\Behat\Context\CatrowebBrowserContext
+                - App\System\Testing\Behat\Context\ApiContext
+
 
 # --------------------------------------------------------------------------------------------------
 # Exclude specific tests based on their tags here:
diff --git a/config/packages/security.php b/config/packages/security.php
@@ -271,6 +271,14 @@
           'path' => '^.*?/api/upload/upload.json',
           'roles' => 'IS_AUTHENTICATED_FULLY',
         ],
+        [
+          'path' => '^/system/',
+          'role' => [
+            'ROLE_ADMIN',
+            'ROLE_SONATA_ADMIN',
+          ],
+          'requires_channel' => '%env(SECURE_SCHEME)%',
+        ],
         [
           'path' => '^/admin/',
           'role' => [
diff --git a/config/routes/routes.php b/config/routes/routes.php
@@ -10,6 +10,11 @@
     ->requirements(['theme' => '%themeRoutes%'])
   ;
 
+  $routingConfigurator->import('../../src/System/Controller', 'annotation')
+    ->prefix('/{theme}/')
+    ->requirements(['theme' => 'system'])
+  ;
+
   $routingConfigurator->import('../../src/Admin/', 'annotation')
     ->prefix('/admin/')
     ->requirements(['theme' => 'admin'])
diff --git a/config/services.php b/config/services.php
@@ -272,6 +272,10 @@
     ->public()
   ;
 
+  $services->load('App\System\Controller\\', __DIR__.'/../src/System/Controller')
+    ->public()
+  ;
+
   $services->load('App\Api_deprecated\Controller\\', __DIR__.'/../src/Api_deprecated/Controller')
     ->public()
   ;
diff --git a/src/System/Controller/InfoController.php b/src/System/Controller/InfoController.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace App\System\Controller;
+
+use Doctrine\DBAL\Connection;
+use Doctrine\DBAL\Exception;
+use JetBrains\PhpStorm\NoReturn;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+
+class InfoController extends AbstractController
+{
+  #[Route(path: 'info/php', methods: ['GET'])]
+  public function phpInfo(): void
+  {
+    phpinfo();
+    exit;
+  }
+
+  /**
+   * @throws Exception
+   */
+  #[Route(path: '/info/db', methods: ['GET'])]
+  public function databaseInfo(Connection $connection): Response
+  {
+    $sql = 'SHOW GLOBAL VARIABLES';
+    $stmt = $connection->prepare($sql);
+    $result = $stmt->executeQuery();
+    echo '<table style="width: 100%;">';
+    echo '<tr style="background-color: #f2f2f2;"><th>Database Variable</th><th>Value</th></tr>';
+    $i = 0;
+    while ($variable = $result->fetchAssociative()) {
+      $color = (0 == $i % 2) ? '#f2f2f2' : '#ffffff';
+      echo '<tr style="background-color: '.$color.';"><td>'.$variable['Variable_name'].'</td><td>'.$variable['Value'].'</td></tr>';
+      ++$i;
+    }
+    echo '</table>';
+    exit;
+  }
+}
diff --git a/tests/BehatFeatures/web/system/system_info.feature b/tests/BehatFeatures/web/system/system_info.feature
@@ -0,0 +1,38 @@
+@web @system
+Feature: Check system variables with admin rights
+
+  Background:
+    And there are users:
+      | id | name    |
+      | 3  | NewUser |
+    And there are admins:
+      | id | name  |
+      | 2  | Admin |
+
+  Scenario: Must not be able to see phpinfo if not logged in
+    And I am on "/system/info/php"
+    Then I should not see "PHP Version"
+
+  Scenario: Must not be able to see phpinfo if logged in as user
+    Given I log in as "NewUser"
+    And I am on "/system/info/php"
+    Then I should not see "PHP Version"
+
+  Scenario: Must be able to see phpinfo if logged in as admin
+    Given I log in as "Admin"
+    And I am on "/system/info/php"
+    Then I should see "PHP Version"
+
+  Scenario: Must not be able to see db if not logged in
+    And I am on "/system/info/db"
+    Then I should not see "Database"
+
+  Scenario: Must not be able to see db if logged in as user
+    Given I log in as "NewUser"
+    And I am on "/system/info/db"
+    Then I should not see "Database"
+
+  Scenario: Must be able to see db if logged in as admin
+    Given I log in as "Admin"
+    And I am on "/system/info/db"
+    Then I should see "Database Variable"

Original file line number	Diff line number	Diff line change
`@@ -272,6 +272,10 @@`
`272`	`272`	`->public()`
`273`	`273`	`;`
`274`	`274`
	`275`	`+ $services->load('App\System\Controller\\', __DIR__.'/../src/System/Controller')`
	`276`	`+ ->public()`
	`277`	`+ ;`
	`278`	`+`
`275`	`279`	`$services->load('App\Api_deprecated\Controller\\', __DIR__.'/../src/Api_deprecated/Controller')`
`276`	`280`	`->public()`
`277`	`281`	`;`