4847d710ec1e94376e082c3292f4a6c8ee789048
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Tests / Unit / FormProtection / BackendFormProtectionTest.php
1 <?php
2 namespace TYPO3\CMS\Core\Tests\Unit\FormProtection;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2010-2013 Oliver Klee (typo3-coding@oliverklee.de)
8 * All rights reserved
9 *
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
18 *
19 * This script is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
23 *
24 * This copyright notice MUST APPEAR in all copies of the script!
25 ***************************************************************/
26
27 /**
28 * Testcase
29 *
30 * @author Oliver Klee <typo3-coding@oliverklee.de>
31 */
32 class BackendFormProtectionTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
33
34 /**
35 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection|\PHPUnit_Framework_MockObject_MockObject|\TYPO3\CMS\Core\Tests\AccessibleObjectInterface
36 */
37 protected $subject;
38
39 /**
40 * Backup of current singleton instances
41 */
42 protected $singletonInstances;
43
44 /**
45 * Set up
46 */
47 public function setUp() {
48 $this->singletonInstances = \TYPO3\CMS\Core\Utility\GeneralUtility::getSingletonInstances();
49
50 $GLOBALS['BE_USER'] = $this->getMock(
51 'TYPO3\\CMS\\Core\\Authentication\\BackendUserAuthentication',
52 array('getSessionData', 'setAndSaveSessionData')
53 );
54 $GLOBALS['BE_USER']->user['uid'] = 1;
55
56 $this->subject = $this->getAccessibleMock(
57 'TYPO3\\CMS\\Core\\FormProtection\BackendFormProtection',
58 array('acquireLock', 'releaseLock', 'getLanguageService', 'isAjaxRequest')
59 );
60 }
61
62 public function tearDown() {
63 \TYPO3\CMS\Core\Utility\GeneralUtility::resetSingletonInstances($this->singletonInstances);
64 parent::tearDown();
65 }
66
67 //////////////////////
68 // Utility functions
69 //////////////////////
70
71 /**
72 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication|\PHPUnit_Framework_MockObject_MockObject
73 */
74 protected function getBackendUser() {
75 return $GLOBALS['BE_USER'];
76 }
77
78 ////////////////////////////////////
79 // Tests for the utility functions
80 ////////////////////////////////////
81
82 /**
83 * @test
84 */
85 public function getBackendUserReturnsInstanceOfBackendUserAuthenticationClass() {
86 $this->assertInstanceOf(
87 'TYPO3\\CMS\\Core\\Authentication\BackendUserAuthentication',
88 $this->getBackendUser()
89 );
90 }
91
92 //////////////////////////////////////////////////////////
93 // Tests concerning the reading and saving of the tokens
94 //////////////////////////////////////////////////////////
95
96 /**
97 * @test
98 */
99 public function retrieveTokenReadsTokenFromSessionData() {
100 $this->getBackendUser()
101 ->expects($this->once())
102 ->method('getSessionData')
103 ->with('formSessionToken')
104 ->will($this->returnValue(array()));
105 $this->subject->_call('retrieveSessionToken');
106 }
107
108 /**
109 * @test
110 */
111 public function tokenFromSessionDataIsAvailableForValidateToken() {
112 $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
113 $formName = 'foo';
114 $action = 'edit';
115 $formInstanceName = '42';
116
117 $tokenId = \TYPO3\CMS\Core\Utility\GeneralUtility::hmac(
118 $formName . $action . $formInstanceName . $sessionToken
119 );
120
121 $this->getBackendUser()
122 ->expects($this->atLeastOnce())
123 ->method('getSessionData')
124 ->with('formSessionToken')
125 ->will($this->returnValue($sessionToken));
126
127 $this->subject->_call('retrieveSessionToken');
128
129 $this->assertTrue(
130 $this->subject->validateToken($tokenId, $formName, $action, $formInstanceName)
131 );
132 }
133
134 /**
135 * @expectedException \UnexpectedValueException
136 * @test
137 */
138 public function restoreSessionTokenFromRegistryThrowsExceptionIfSessionTokenIsEmpty() {
139 /** @var $registryMock \TYPO3\CMS\Core\Registry */
140 $registryMock = $this->getMock('TYPO3\\CMS\\Core\\Registry');
141 $this->subject->injectRegistry($registryMock);
142 $this->subject->setSessionTokenFromRegistry();
143 }
144
145 /**
146 * @test
147 */
148 public function persistSessionTokenWritesTokenToSession() {
149 $sessionToken = uniqid('test_');
150 $this->subject->_set('sessionToken', $sessionToken);
151 $this->getBackendUser()
152 ->expects($this->once())
153 ->method('setAndSaveSessionData')
154 ->with('formSessionToken', $sessionToken);
155 $this->subject->persistSessionToken();
156 }
157
158
159 //////////////////////////////////////////////////
160 // Tests concerning createValidationErrorMessage
161 //////////////////////////////////////////////////
162
163 /**
164 * @test
165 */
166 public function createValidationErrorMessageAddsFlashMessage() {
167 /** @var $flashMessageServiceMock \TYPO3\CMS\Core\Messaging\FlashMessageService|\PHPUnit_Framework_MockObject_MockObject */
168 $flashMessageServiceMock = $this->getMock('TYPO3\\CMS\\Core\\Messaging\\FlashMessageService');
169 \TYPO3\CMS\Core\Utility\GeneralUtility::setSingletonInstance(
170 'TYPO3\\CMS\\Core\\Messaging\\FlashMessageService',
171 $flashMessageServiceMock
172 );
173 $flashMessageQueueMock = $this->getMock(
174 'TYPO3\\CMS\\Core\\Messaging\\FlashMessageQueue',
175 array(),
176 array(),
177 '',
178 FALSE
179 );
180 $flashMessageServiceMock
181 ->expects($this->once())
182 ->method('getMessageQueueByIdentifier')
183 ->will($this->returnValue($flashMessageQueueMock));
184 $flashMessageQueueMock
185 ->expects($this->once())
186 ->method('enqueue')
187 ->with($this->isInstanceOf('TYPO3\\CMS\\Core\\Messaging\\FlashMessage'))
188 ->will($this->returnCallback(array($this, 'enqueueFlashMessageCallback')));
189
190 $languageServiceMock = $this->getMock('TYPO3\CMS\Lang\LanguageService', array(), array(), '', FALSE);
191 $languageServiceMock->expects($this->once())->method('sL')->will($this->returnValue('foo'));
192 $this->subject->expects($this->once())->method('getLanguageService')->will($this->returnValue($languageServiceMock));
193
194 $this->subject->_call('createValidationErrorMessage');
195 }
196
197 /**
198 * @param \TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage
199 */
200 public function enqueueFlashMessageCallback(\TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage) {
201 $this->assertEquals(\TYPO3\CMS\Core\Messaging\FlashMessage::ERROR, $flashMessage->getSeverity());
202 }
203
204 /**
205 * @test
206 */
207 public function createValidationErrorMessageAddsErrorFlashMessageButNotInSessionInAjaxRequest() {
208 /** @var $flashMessageServiceMock \TYPO3\CMS\Core\Messaging\FlashMessageService|\PHPUnit_Framework_MockObject_MockObject */
209 $flashMessageServiceMock = $this->getMock('TYPO3\\CMS\\Core\\Messaging\\FlashMessageService');
210 \TYPO3\CMS\Core\Utility\GeneralUtility::setSingletonInstance(
211 'TYPO3\\CMS\\Core\\Messaging\\FlashMessageService',
212 $flashMessageServiceMock
213 );
214 $flashMessageQueueMock = $this->getMock(
215 'TYPO3\\CMS\\Core\\Messaging\\FlashMessageQueue',
216 array(),
217 array(),
218 '',
219 FALSE
220 );
221 $flashMessageServiceMock
222 ->expects($this->once())
223 ->method('getMessageQueueByIdentifier')
224 ->will($this->returnValue($flashMessageQueueMock));
225 $flashMessageQueueMock
226 ->expects($this->once())
227 ->method('enqueue')
228 ->with($this->isInstanceOf('TYPO3\\CMS\\Core\\Messaging\\FlashMessage'))
229 ->will($this->returnCallback(array($this, 'enqueueAjaxFlashMessageCallback')));
230
231 $languageServiceMock = $this->getMock('TYPO3\CMS\Lang\LanguageService', array(), array(), '', FALSE);
232 $languageServiceMock->expects($this->once())->method('sL')->will($this->returnValue('foo'));
233 $this->subject->expects($this->once())->method('getLanguageService')->will($this->returnValue($languageServiceMock));
234
235 $this->subject->expects($this->any())->method('isAjaxRequest')->will($this->returnValue(TRUE));
236 $this->subject->_call('createValidationErrorMessage');
237 }
238
239 /**
240 * @param \TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage
241 */
242 public function enqueueAjaxFlashMessageCallback(\TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage) {
243 $this->assertFalse($flashMessage->isSessionMessage());
244 }
245 }