BUGFIX] Wrong renaming of DBAL dbPostgresqlTest
[Packages/TYPO3.CMS.git] / tests / Unit / t3lib / formprotection / class.t3lib_formprotection_BackendFormProtectionTest.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 /**
26 * Testcase for the \TYPO3\CMS\Core\FormProtection\BackendFormProtection class.
27 *
28 * @package TYPO3
29 * @subpackage t3lib
30 *
31 * @author Oliver Klee <typo3-coding@oliverklee.de>
32 */
33 class t3lib_formprotection_BackendFormProtectionTest extends tx_phpunit_testcase {
34 /**
35 * Enable backup of global and system variables
36 *
37 * @var boolean
38 */
39 protected $backupGlobals = TRUE;
40
41 /**
42 * Exclude TYPO3_DB from backup/ restore of $GLOBALS
43 * because resource types cannot be handled during serializing
44 *
45 * @var array
46 */
47 protected $backupGlobalsBlacklist = array('TYPO3_DB');
48
49
50 /**
51 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
52 */
53 private $fixture;
54
55 public function setUp() {
56 $GLOBALS['BE_USER'] = $this->getMock(
57 't3lib_beUserAuth',
58 array('getSessionData', 'setAndSaveSessionData')
59 );
60 $GLOBALS['BE_USER']->user['uid'] = 1;
61
62 $className = $this->createAccessibleProxyClass();
63 $this->fixture = $this->getMock($className, array('acquireLock', 'releaseLock'));
64 }
65
66 public function tearDown() {
67 $this->fixture->__destruct();
68 unset($this->fixture);
69 \TYPO3\CMS\Core\Messaging\FlashMessageQueue::getAllMessagesAndFlush();
70 }
71
72
73 //////////////////////
74 // Utility functions
75 //////////////////////
76
77 /**
78 * Creates a subclass \TYPO3\CMS\Core\FormProtection\BackendFormProtection with retrieveTokens made
79 * public.
80 *
81 * @return string the name of the created class, will not be empty
82 */
83 private function createAccessibleProxyClass() {
84 $namespace = 'TYPO3\\CMS\\Core\\FormProtection';
85 $className = 'BackendFormProtectionAccessibleProxy';
86 if (!class_exists($namespace . '\\' .$className)) {
87 eval(
88 'namespace ' . $namespace . ';' .
89 'class ' . $className . ' extends \\TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection {' .
90 ' public function createValidationErrorMessage() {' .
91 ' parent::createValidationErrorMessage();' .
92 ' }' .
93 ' public function retrieveSessionToken() {' .
94 ' return parent::retrieveSessionToken();' .
95 ' }' .
96 ' public function setSessionToken($sessionToken) {' .
97 ' $this->sessionToken = $sessionToken;' .
98 ' }' .
99 '}'
100 );
101 }
102 $className = $namespace . '\\' . $className;
103 return $className;
104 }
105
106 /**
107 * Mock session methods in t3lib_beUserAuth
108 *
109 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication Instance of BE_USER object with mocked session storage methods
110 */
111 private function createBackendUserSessionStorageStub() {
112 $namespace = 'TYPO3\\CMS\\Core\\Authentication';
113 $className = 'BackendUserAuthenticationMocked';
114 if (!class_exists($namespace . '\\' .$className)) {
115 eval(
116 'namespace ' . $namespace . ';' .
117 'class ' . $className . ' extends \\TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication {' .
118 ' protected $session=array();' .
119 ' public function getSessionData($key) {' .
120 ' return $this->session[$key];' .
121 ' }' .
122 ' public function setAndSaveSessionData($key, $data) {' .
123 ' $this->session[$key] = $data;' .
124 ' }' .
125 '}'
126 );
127 }
128 $className = $namespace . '\\' . $className;
129 return $this->getMock($className, array('foo'));// $className;
130 }
131
132 ////////////////////////////////////
133 // Tests for the utility functions
134 ////////////////////////////////////
135
136 /**
137 * @test
138 */
139 public function createAccessibleProxyCreatesBackendFormProtectionSubclass() {
140 $className = $this->createAccessibleProxyClass();
141
142 $this->assertTrue(
143 (new $className()) instanceof \TYPO3\CMS\Core\FormProtection\BackendFormProtection
144 );
145 }
146
147 /**
148 * @test
149 */
150 public function createBackendUserSessionStorageStubWorkProperly() {
151 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
152
153 $allTokens = array(
154 '12345678' => array(
155 'formName' => 'foo',
156 'action' => 'edit',
157 'formInstanceName' => '42'
158 ),
159 );
160
161 $GLOBALS['BE_USER']->setAndSaveSessionData('tokens', $allTokens);
162
163 $this->assertEquals($GLOBALS['BE_USER']->getSessionData('tokens'), $allTokens);
164 }
165
166
167 //////////////////////////////////////////////////////////
168 // Tests concerning the reading and saving of the tokens
169 //////////////////////////////////////////////////////////
170
171 /**
172 * @test
173 */
174 public function retrieveTokenReadsTokenFromSessionData() {
175 $GLOBALS['BE_USER']->expects($this->once())->method('getSessionData')
176 ->with('formSessionToken')->will($this->returnValue(array()));
177
178 $this->fixture->retrieveSessionToken();
179 }
180
181 /**
182 * @test
183 */
184 public function tokenFromSessionDataIsAvailableForValidateToken() {
185 $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
186 $formName = 'foo';
187 $action = 'edit';
188 $formInstanceName = '42';
189
190 $tokenId = \t3lib_div::hmac($formName . $action . $formInstanceName . $sessionToken);
191
192 $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')
193 ->with('formSessionToken')
194 ->will($this->returnValue($sessionToken));
195
196 $this->fixture->retrieveSessionToken();
197
198 $this->assertTrue(
199 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
200 );
201 }
202
203 /**
204 * @expectedException UnexpectedValueException
205 * @test
206 */
207 public function restoreSessionTokenFromRegistryThrowsExceptionIfSessionTokenIsEmpty() {
208 $this->fixture->injectRegistry(
209 $this->getMock('t3lib_Registry')
210 );
211 $this->fixture->setSessionTokenFromRegistry();
212 }
213
214 /**
215 * @test
216 */
217 public function persistSessionTokenWritesTokenToSession() {
218 $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
219 $this->fixture->setSessionToken($sessionToken);
220
221 $GLOBALS['BE_USER']->expects($this->once())
222 ->method('setAndSaveSessionData')->with('formSessionToken', $sessionToken);
223
224 $this->fixture->persistSessionToken();
225 }
226
227
228 //////////////////////////////////////////////////
229 // Tests concerning createValidationErrorMessage
230 //////////////////////////////////////////////////
231
232 /**
233 * @test
234 */
235 public function createValidationErrorMessageAddsErrorFlashMessage() {
236 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
237 $this->fixture->createValidationErrorMessage();
238
239 $messages = \TYPO3\CMS\Core\Messaging\FlashMessageQueue::getAllMessagesAndFlush();
240
241 $this->assertNotEmpty($messages);
242 $this->assertContains(
243 $GLOBALS['LANG']->sL(
244 'LLL:EXT:lang/locallang_core.xml:error.formProtection.tokenInvalid'
245 ),
246 $messages[0]->render()
247 );
248 }
249
250 /**
251 * @test
252 */
253 public function createValidationErrorMessageAddsErrorFlashMessageButNotInSessionInAjaxRequest() {
254 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
255 $GLOBALS['TYPO3_AJAX'] = TRUE;
256 $this->fixture->createValidationErrorMessage();
257
258 $messages = \TYPO3\CMS\Core\Messaging\FlashMessageQueue::$messages;
259
260 $this->assertNotEmpty($messages);
261 $this->assertContains(
262 $GLOBALS['LANG']->sL(
263 'LLL:EXT:lang/locallang_core.xml:error.formProtection.tokenInvalid'
264 ),
265 $messages[0]->render()
266 );
267 }
268 }
269 ?>