90f277c489619d8a1daa29aedff563e1e06a7b6d
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Tests / Unit / FormProtection / InstallToolFormProtectionTest.php
1 <?php
2 namespace TYPO3\CMS\Core\Tests\Unit\FormProtection;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * Testcase
19 *
20 * @author Oliver Klee <typo3-coding@oliverklee.de>
21 */
22 class InstallToolFormProtectionTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
23
24 /**
25 * @var \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection|\PHPUnit_Framework_MockObject_MockObject|\TYPO3\CMS\Core\Tests\AccessibleObjectInterface
26 */
27 protected $fixture;
28
29 /**
30 * Set up
31 */
32 protected function setUp() {
33 $this->fixture = $this->getAccessibleMock(
34 \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection::class,
35 array('dummy')
36 );
37 }
38
39 //////////////////////////////////////////////////////////
40 // Tests concerning the reading and saving of the tokens
41 //////////////////////////////////////////////////////////
42
43 /**
44 * @test
45 */
46 public function tokenFromSessionDataIsAvailableForValidateToken() {
47 $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
48 $formName = 'foo';
49 $action = 'edit';
50 $formInstanceName = '42';
51
52 $tokenId = \TYPO3\CMS\Core\Utility\GeneralUtility::hmac($formName . $action . $formInstanceName . $sessionToken);
53
54 $_SESSION['installToolFormToken'] = $sessionToken;
55
56 $this->fixture->_call('retrieveSessionToken');
57
58 $this->assertTrue(
59 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
60 );
61 }
62
63 /**
64 * @test
65 */
66 public function persistSessionTokenWritesTokensToSession() {
67 $_SESSION['installToolFormToken'] = 'foo';
68
69 $this->fixture->_set('sessionToken', '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd');
70
71 $this->fixture->persistSessionToken();
72
73 $this->assertEquals(
74 '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd',
75 $_SESSION['installToolFormToken']
76 );
77 }
78
79 }