Fixed bug #17201: The unit test for t3lib_formprotection_BackendFormProtection is...
[Packages/TYPO3.CMS.git] / tests / t3lib / formprotection / t3lib_formprotection_BackendFormProtectionTest.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 /**
26 * Testcase for the t3lib_formprotection_BackendFormProtection class.
27 *
28 * $Id$
29 *
30 * @package TYPO3
31 * @subpackage t3lib
32 *
33 * @author Oliver Klee <typo3-coding@oliverklee.de>
34 */
35 class t3lib_formprotection_BackendFormProtectionTest extends tx_phpunit_testcase {
36 /**
37 * a backup of the current BE user
38 *
39 * @var t3lib_beUserAuth
40 */
41 private $backEndUserBackup = NULL;
42
43 /**
44 * @var t3lib_formprotection_BackendFormProtection
45 */
46 private $fixture;
47
48 public function setUp() {
49 $this->backEndUserBackup = $GLOBALS['BE_USER'];
50 $GLOBALS['BE_USER'] = $this->getMock(
51 't3lib_beUserAuth',
52 array('getSessionData', 'setAndSaveSessionData')
53 );
54
55 $className = $this->createAccessibleProxyClass();
56 $this->fixture = new $className;
57 }
58
59 public function tearDown() {
60 $this->fixture->__destruct();
61 unset($this->fixture);
62
63 $GLOBALS['BE_USER'] = $this->backEndUserBackup;
64
65 t3lib_FlashMessageQueue::getAllMessagesAndFlush();
66 }
67
68
69 //////////////////////
70 // Utility functions
71 //////////////////////
72
73 /**
74 * Creates a subclass t3lib_formprotection_BackendFormProtection with retrieveTokens made
75 * public.
76 *
77 * @return string the name of the created class, will not be empty
78 */
79 private function createAccessibleProxyClass() {
80 $className = 't3lib_formprotection_BackendFormProtectionAccessibleProxy';
81 if (!class_exists($className)) {
82 eval(
83 'class ' . $className . ' extends t3lib_formprotection_BackendFormProtection {' .
84 ' public function createValidationErrorMessage() {' .
85 ' parent::createValidationErrorMessage();' .
86 ' }' .
87 ' public function retrieveTokens() {' .
88 ' return parent::retrieveTokens();' .
89 ' }' .
90 '}'
91 );
92 }
93
94 return $className;
95 }
96
97 /**
98 * Mock session methods in t3lib_beUserAuth
99 *
100 * @return t3lib_beUserAuth Instance of BE_USER object with mocked session storage methods
101 */
102 private function createBackendUserSessionStorageStub() {
103 $className = 't3lib_beUserAuthMocked';
104 if (!class_exists($className)) {
105 eval(
106 'class ' . $className . ' extends t3lib_beUserAuth {' .
107 ' protected $session=array();' .
108 ' public function getSessionData($key) {' .
109 ' return $this->session[$key];' .
110 ' }' .
111 ' public function setAndSaveSessionData($key,$data) {' .
112 ' $this->session[$key] = $data;' .
113 ' }' .
114 '}'
115 );
116 }
117
118 return $this->getMock($className, array('foo'));// $className;
119 }
120
121 ////////////////////////////////////
122 // Tests for the utility functions
123 ////////////////////////////////////
124
125 /**
126 * @test
127 */
128 public function createAccessibleProxyCreatesBackendFormProtectionSubclass() {
129 $className = $this->createAccessibleProxyClass();
130
131 $this->assertTrue(
132 (new $className()) instanceof t3lib_formprotection_BackendFormProtection
133 );
134 }
135
136 /**
137 * @test
138 */
139 public function createBackendUserSessionStorageStubWorkProperly() {
140 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
141
142 $allTokens = array(
143 '12345678' => array(
144 'formName' => 'foo',
145 'action' => 'edit',
146 'formInstanceName' => '42'
147 ),
148 );
149
150 $GLOBALS['BE_USER']->setAndSaveSessionData('tokens', $allTokens);
151
152 $this->assertEquals($GLOBALS['BE_USER']->getSessionData('tokens'), $allTokens);
153 }
154
155
156 //////////////////////////////////////////////////////////
157 // Tests concerning the reading and saving of the tokens
158 //////////////////////////////////////////////////////////
159
160 /**
161 * @test
162 */
163 public function retrieveTokensReadsTokensFromSessionData() {
164 $GLOBALS['BE_USER']->expects($this->once())->method('getSessionData')
165 ->with('formTokens')->will($this->returnValue(array()));
166
167 $this->fixture->retrieveTokens();
168 }
169
170 /**
171 * @test
172 */
173 public function tokensFromSessionDataAreAvailableForValidateToken() {
174 $tokenId = '51a655b55c54d54e5454c5f521f6552a';
175 $formName = 'foo';
176 $action = 'edit';
177 $formInstanceName = '42';
178
179 $GLOBALS['BE_USER']->expects($this->once())->method('getSessionData')
180 ->with('formTokens')->will($this->returnValue(array(
181 $tokenId => array(
182 'formName' => $formName,
183 'action' => $action,
184 'formInstanceName' => $formInstanceName,
185 ),
186 )));
187
188 $this->fixture->retrieveTokens();
189
190 $this->assertTrue(
191 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
192 );
193 }
194
195 /**
196 * @test
197 */
198 public function persistTokensWritesTokensToSession() {
199 $formName = 'foo';
200 $action = 'edit';
201 $formInstanceName = '42';
202
203 $tokenId = $this->fixture->generateToken(
204 $formName, $action, $formInstanceName
205 );
206 $allTokens = array(
207 $tokenId => array(
208 'formName' => $formName,
209 'action' => $action,
210 'formInstanceName' => $formInstanceName,
211 ),
212 );
213
214 $GLOBALS['BE_USER']->expects($this->once())
215 ->method('setAndSaveSessionData')->with('formTokens', $allTokens);
216
217 $this->fixture->persistTokens();
218 }
219
220
221 //////////////////////////////////////////////////
222 // Tests concerning createValidationErrorMessage
223 //////////////////////////////////////////////////
224
225 /**
226 * @test
227 */
228 public function createValidationErrorMessageAddsErrorFlashMessage() {
229 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
230 $this->fixture->createValidationErrorMessage();
231
232 $messages = t3lib_FlashMessageQueue::getAllMessagesAndFlush();
233 $this->assertContains(
234 $GLOBALS['LANG']->sL(
235 'LLL:EXT:lang/locallang_core.xml:error.formProtection.tokenInvalid'
236 ),
237 $messages[0]->render()
238 );
239 }
240 }
241 ?>