tests/Unit/t3lib/formprotection/class.t3lib_formprotection_AbstractTest.php

   1 <?php
   2 /***************************************************************
   3  * Copyright notice
   4  *
   5  * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
   6  * All rights reserved
   7  *
   8  * This script is part of the TYPO3 project. The TYPO3 project is
   9  * free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * The GNU General Public License can be found at
  15  * http://www.gnu.org/copyleft/gpl.html.
  16  *
  17  * This script is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20  * GNU General Public License for more details.
  21  *
  22  * This copyright notice MUST APPEAR in all copies of the script!
  23  ***************************************************************/
  24 require_once 'fixtures/class.t3lib_formprotection_testing.php';
  25 /**
  26  * Testcase for the t3lib_formprotection_Abstract class.
  27  *
  28  * @package TYPO3
  29  * @subpackage t3lib
  30  * @author Oliver Klee <typo3-coding@oliverklee.de>
  31  */
  32 class t3lib_formprotection_AbstractTest extends tx_phpunit_testcase {
  33
  34         /**
  35          * @var t3lib_formProtection_Testing
  36          */
  37         private $fixture;
  38
  39         public function setUp() {
  40                 $this->fixture = new t3lib_formProtection_Testing();
  41         }
  42
  43         public function tearDown() {
  44                 $this->fixture->__destruct();
  45                 unset($this->fixture);
  46         }
  47
  48         /////////////////////////////////////////
  49         // Tests concerning the basic functions
  50         /////////////////////////////////////////
  51         /**
  52          * @test
  53          */
  54         public function constructionRetrievesToken() {
  55                 $className = uniqid('t3lib_formProtection');
  56                 eval((((((('class ' . $className) . ' extends t3lib_formProtection_Testing {') . 'public $tokenHasBeenRetrieved = FALSE; ') . 'protected function retrieveSessionToken() {') . '$this->tokenHasBeenRetrieved = TRUE;') . '}') . '}');
  57                 $fixture = new $className();
  58                 $this->assertTrue($fixture->tokenHasBeenRetrieved);
  59         }
  60
  61         /**
  62          * @test
  63          */
  64         public function cleanMakesTokenInvalid() {
  65                 $formName = 'foo';
  66                 $tokenId = $this->fixture->generateToken($formName);
  67                 $this->fixture->clean();
  68                 $this->assertFalse($this->fixture->validateToken($tokenId, $formName));
  69         }
  70
  71         /**
  72          * @test
  73          */
  74         public function cleanPersistsToken() {
  75                 $fixture = $this->getMock('t3lib_formProtection_Testing', array('persistSessionToken'));
  76                 $fixture->expects($this->once())->method('persistSessionToken');
  77                 $fixture->clean();
  78         }
  79
  80         ///////////////////////////////////
  81         // Tests concerning generateToken
  82         ///////////////////////////////////
  83         /**
  84          * @test
  85          */
  86         public function generateTokenFormForEmptyFormNameThrowsException() {
  87                 $this->setExpectedException('InvalidArgumentException', '$formName must not be empty.');
  88                 $this->fixture->generateToken('', 'edit', 'bar');
  89         }
  90
  91         /**
  92          * @test
  93          */
  94         public function generateTokenFormForEmptyActionNotThrowsException() {
  95                 $this->fixture->generateToken('foo', '', '42');
  96         }
  97
  98         /**
  99          * @test
 100          */
 101         public function generateTokenFormForEmptyFormInstanceNameNotThrowsException() {
 102                 $this->fixture->generateToken('foo', 'edit', '');
 103         }
 104
 105         /**
 106          * @test
 107          */
 108         public function generateTokenFormForOmittedActionAndFormInstanceNameNotThrowsException() {
 109                 $this->fixture->generateToken('foo');
 110         }
 111
 112         /**
 113          * @test
 114          */
 115         public function generateTokenReturns32CharacterHexToken() {
 116                 $this->assertRegexp('/^[0-9a-f]{40}$/', $this->fixture->generateToken('foo'));
 117         }
 118
 119         /**
 120          * @test
 121          */
 122         public function generateTokenCalledTwoTimesWithSameParametersReturnsSameTokens() {
 123                 $this->assertEquals($this->fixture->generateToken('foo', 'edit', 'bar'), $this->fixture->generateToken('foo', 'edit', 'bar'));
 124         }
 125
 126         ///////////////////////////////////
 127         // Tests concerning validateToken
 128         ///////////////////////////////////
 129         /**
 130          * @test
 131          */
 132         public function validateTokenWithFourEmptyParametersNotThrowsException() {
 133                 $this->fixture->validateToken('', '', '', '');
 134         }
 135
 136         /**
 137          * @test
 138          */
 139         public function validateTokenWithTwoEmptyAndTwoMissingParametersNotThrowsException() {
 140                 $this->fixture->validateToken('', '');
 141         }
 142
 143         /**
 144          * @test
 145          */
 146         public function validateTokenWithDataFromGenerateTokenWithFormInstanceNameReturnsTrue() {
 147                 $formName = 'foo';
 148                 $action = 'edit';
 149                 $formInstanceName = 'bar';
 150                 $this->assertTrue($this->fixture->validateToken($this->fixture->generateToken($formName, $action, $formInstanceName), $formName, $action, $formInstanceName));
 151         }
 152
 153         /**
 154          * @test
 155          */
 156         public function validateTokenWithDataFromGenerateTokenWithMissingActionAndFormInstanceNameReturnsTrue() {
 157                 $formName = 'foo';
 158                 $this->assertTrue($this->fixture->validateToken($this->fixture->generateToken($formName), $formName));
 159         }
 160
 161         /**
 162          * @test
 163          */
 164         public function validateTokenWithValidDataCalledTwoTimesReturnsTrueOnSecondCall() {
 165                 $formName = 'foo';
 166                 $action = 'edit';
 167                 $formInstanceName = 'bar';
 168                 $tokenId = $this->fixture->generateToken($formName, $action, $formInstanceName);
 169                 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName);
 170                 $this->assertTrue($this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName));
 171         }
 172
 173         /**
 174          * @test
 175          */
 176         public function validateTokenWithMismatchingTokenIdReturnsFalse() {
 177                 $formName = 'foo';
 178                 $action = 'edit';
 179                 $formInstanceName = 'bar';
 180                 $this->fixture->generateToken($formName, $action, $formInstanceName);
 181                 $this->assertFalse($this->fixture->validateToken('Hello world!', $formName, $action, $formInstanceName));
 182         }
 183
 184         /**
 185          * @test
 186          */
 187         public function validateTokenWithMismatchingFormNameReturnsFalse() {
 188                 $formName = 'foo';
 189                 $action = 'edit';
 190                 $formInstanceName = 'bar';
 191                 $tokenId = $this->fixture->generateToken($formName, $action, $formInstanceName);
 192                 $this->assertFalse($this->fixture->validateToken($tokenId, 'espresso', $action, $formInstanceName));
 193         }
 194
 195         /**
 196          * @test
 197          */
 198         public function validateTokenWithMismatchingActionReturnsFalse() {
 199                 $formName = 'foo';
 200                 $action = 'edit';
 201                 $formInstanceName = 'bar';
 202                 $tokenId = $this->fixture->generateToken($formName, $action, $formInstanceName);
 203                 $this->assertFalse($this->fixture->validateToken($tokenId, $formName, 'delete', $formInstanceName));
 204         }
 205
 206         /**
 207          * @test
 208          */
 209         public function validateTokenWithMismatchingFormInstanceNameReturnsFalse() {
 210                 $formName = 'foo';
 211                 $action = 'edit';
 212                 $formInstanceName = 'bar';
 213                 $tokenId = $this->fixture->generateToken($formName, $action, $formInstanceName);
 214                 $this->assertFalse($this->fixture->validateToken($tokenId, $formName, $action, 'beer'));
 215         }
 216
 217         /**
 218          * @test
 219          */
 220         public function validateTokenForValidTokenNotCallsCreateValidationErrorMessage() {
 221                 $fixture = $this->getMock('t3lib_formProtection_Testing', array('createValidationErrorMessage'));
 222                 $fixture->expects($this->never())->method('createValidationErrorMessage');
 223                 $formName = 'foo';
 224                 $action = 'edit';
 225                 $formInstanceName = 'bar';
 226                 $token = $fixture->generateToken($formName, $action, $formInstanceName);
 227                 $fixture->validateToken($token, $formName, $action, $formInstanceName);
 228                 $fixture->__destruct();
 229         }
 230
 231         /**
 232          * @test
 233          */
 234         public function validateTokenForInvalidTokenCallsCreateValidationErrorMessage() {
 235                 $fixture = $this->getMock('t3lib_formProtection_Testing', array('createValidationErrorMessage'));
 236                 $fixture->expects($this->once())->method('createValidationErrorMessage');
 237                 $formName = 'foo';
 238                 $action = 'edit';
 239                 $formInstanceName = 'bar';
 240                 $fixture->generateToken($formName, $action, $formInstanceName);
 241                 $fixture->validateToken('an invalid token ...', $formName, $action, $formInstanceName);
 242                 $fixture->__destruct();
 243         }
 244
 245         /**
 246          * @test
 247          */
 248         public function validateTokenForInvalidFormNameCallsCreateValidationErrorMessage() {
 249                 $fixture = $this->getMock('t3lib_formProtection_Testing', array('createValidationErrorMessage'));
 250                 $fixture->expects($this->once())->method('createValidationErrorMessage');
 251                 $formName = 'foo';
 252                 $action = 'edit';
 253                 $formInstanceName = 'bar';
 254                 $token = $fixture->generateToken($formName, $action, $formInstanceName);
 255                 $fixture->validateToken($token, 'another form name', $action, $formInstanceName);
 256                 $fixture->__destruct();
 257         }
 258
 259 }
 260
 261 ?>