tests/t3lib/formprotection/class.t3lib_formprotection_InstallToolFormProtectionTest.php

   1 <?php
   2 /***************************************************************
   3 * Copyright notice
   4 *
   5 * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
   6 * All rights reserved
   7 *
   8 * This script is part of the TYPO3 project. The TYPO3 project is
   9 * free software; you can redistribute it and/or modify
  10 * it under the terms of the GNU General Public License as published by
  11 * the Free Software Foundation; either version 2 of the License, or
  12 * (at your option) any later version.
  13 *
  14 * The GNU General Public License can be found at
  15 * http://www.gnu.org/copyleft/gpl.html.
  16 *
  17 * This script is distributed in the hope that it will be useful,
  18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20 * GNU General Public License for more details.
  21 *
  22 * This copyright notice MUST APPEAR in all copies of the script!
  23 ***************************************************************/
  24
  25 require_once(t3lib_extMgm::extPath('install') . 'mod/class.tx_install.php');
  26
  27 /**
  28  * Testcase for the t3lib_formprotection_InstallToolFormProtection class.
  29  *
  30  * @package TYPO3
  31  * @subpackage t3lib
  32  *
  33  * @author Oliver Klee <typo3-coding@oliverklee.de>
  34  */
  35 class t3lib_formprotection_InstallToolFormProtectionTest extends tx_phpunit_testcase {
  36         /**
  37          * @var t3lib_formprotection_InstallToolFormProtection
  38          */
  39         private $fixture;
  40
  41         /**
  42          * backup of $_SESSION
  43          *
  44          * @var array
  45          */
  46         private $sessionBackup;
  47
  48         public function setUp() {
  49                 $this->sessionBackup = $_SESSION;
  50
  51                 $className = $this->createAccessibleProxyClass();
  52                 $this->fixture = new $className();
  53         }
  54
  55         public function tearDown() {
  56                 $this->fixture->__destruct();
  57                 unset($this->fixture);
  58
  59                 t3lib_FlashMessageQueue::getAllMessagesAndFlush();
  60
  61                 $_SESSION = $this->sessionBackup;
  62         }
  63
  64
  65         //////////////////////
  66         // Utility functions
  67         //////////////////////
  68
  69         /**
  70          * Creates a subclass t3lib_formprotection_InstallToolFormProtection with retrieveTokens made
  71          * public.
  72          *
  73          * @return string the name of the created class, will not be empty
  74          */
  75         private function createAccessibleProxyClass() {
  76                 $className = 't3lib_formprotection_InstallToolFormProtectionAccessibleProxy';
  77                 if (!class_exists($className)) {
  78                         eval(
  79                                 'class ' . $className . ' extends t3lib_formprotection_InstallToolFormProtection {' .
  80                                 '  public $sessionToken;' .
  81                                 '  public function createValidationErrorMessage() {' .
  82                                 '    parent::createValidationErrorMessage();' .
  83                                 '  }' .
  84                                 '  public function retrieveSessionToken() {' .
  85                                 '    parent::retrieveSessionToken();' .
  86                                 '  }' .
  87                                 '}'
  88                         );
  89                 }
  90
  91                 return $className;
  92         }
  93
  94
  95         ////////////////////////////////////
  96         // Tests for the utility functions
  97         ////////////////////////////////////
  98
  99         /**
 100          * @test
 101          */
 102         public function createAccessibleProxyCreatesInstallToolFormProtectionSubclass() {
 103                 $className = $this->createAccessibleProxyClass();
 104
 105                 $this->assertTrue(
 106                         (new $className()) instanceof t3lib_formprotection_InstallToolFormProtection
 107                 );
 108         }
 109
 110
 111         //////////////////////////////////////////////////////////
 112         // Tests concerning the reading and saving of the tokens
 113         //////////////////////////////////////////////////////////
 114
 115         /**
 116          * @test
 117          */
 118         public function tokenFromSessionDataIsAvailableForValidateToken() {
 119                 $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
 120                 $formName = 'foo';
 121                 $action = 'edit';
 122                 $formInstanceName = '42';
 123
 124                 $tokenId = t3lib_div::hmac($formName . $action . $formInstanceName . $sessionToken);
 125
 126                 $_SESSION['installToolFormToken'] = $sessionToken;
 127
 128                 $this->fixture->retrieveSessionToken();
 129
 130                 $this->assertTrue(
 131                         $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
 132                 );
 133         }
 134
 135         /**
 136          * @test
 137          */
 138         public function persistSessionTokenWritesTokensToSession() {
 139                 $_SESSION['installToolFormToken'] = 'foo';
 140
 141                 $this->fixture->sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
 142
 143                 $this->fixture->persistSessionToken();
 144
 145                 $this->assertEquals(
 146                         '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd',
 147                         $_SESSION['installToolFormToken']
 148                 );
 149         }
 150
 151
 152         //////////////////////////////////////////////////
 153         // Tests concerning createValidationErrorMessage
 154         //////////////////////////////////////////////////
 155
 156         /**
 157          * @test
 158          */
 159         public function createValidationErrorMessageAddsErrorMessage() {
 160                 $installTool = $this->getMock(
 161                         'tx_install', array('addErrorMessage'), array(), '', FALSE
 162                 );
 163                 $installTool->expects($this->once())->method('addErrorMessage')
 164                         ->with(
 165                                 'Validating the security token of this form has failed. ' .
 166                                         'Please reload the form and submit it again.'
 167                         );
 168                 $this->fixture->injectInstallTool($installTool);
 169
 170                 $this->fixture->createValidationErrorMessage();
 171         }
 172 }
 173 ?>