[TASK] Remove trailing newlines from EOF
[Packages/TYPO3.CMS.git] / tests / t3lib / formprotection / class.t3lib_formprotection_BackendFormProtectionTest.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 /**
26 * Testcase for the t3lib_formprotection_BackendFormProtection class.
27 *
28 * @package TYPO3
29 * @subpackage t3lib
30 *
31 * @author Oliver Klee <typo3-coding@oliverklee.de>
32 */
33 class t3lib_formprotection_BackendFormProtectionTest extends tx_phpunit_testcase {
34 /**
35 * a backup of the current BE user
36 *
37 * @var t3lib_beUserAuth
38 */
39 private $backEndUserBackup = NULL;
40
41 /**
42 * @var t3lib_formprotection_BackendFormProtection
43 */
44 private $fixture;
45
46 public function setUp() {
47 $this->backEndUserBackup = $GLOBALS['BE_USER'];
48 $GLOBALS['BE_USER'] = $this->getMock(
49 't3lib_beUserAuth',
50 array('getSessionData', 'setAndSaveSessionData')
51 );
52 $GLOBALS['BE_USER']->user['uid'] = 1;
53
54 $className = $this->createAccessibleProxyClass();
55 $this->fixture = $this->getMock($className, array('acquireLock', 'releaseLock'));
56 }
57
58 public function tearDown() {
59 $this->fixture->__destruct();
60 unset($this->fixture);
61
62 $GLOBALS['BE_USER'] = $this->backEndUserBackup;
63
64 t3lib_FlashMessageQueue::getAllMessagesAndFlush();
65 }
66
67
68 //////////////////////
69 // Utility functions
70 //////////////////////
71
72 /**
73 * Creates a subclass t3lib_formprotection_BackendFormProtection with retrieveTokens made
74 * public.
75 *
76 * @return string the name of the created class, will not be empty
77 */
78 private function createAccessibleProxyClass() {
79 $className = 't3lib_formprotection_BackendFormProtectionAccessibleProxy';
80 if (!class_exists($className)) {
81 eval(
82 'class ' . $className . ' extends t3lib_formprotection_BackendFormProtection {' .
83 ' public function createValidationErrorMessage() {' .
84 ' parent::createValidationErrorMessage();' .
85 ' }' .
86 ' public function updateTokens() {' .
87 ' return parent::updateTokens();' .
88 ' }' .
89 ' public function retrieveTokens() {' .
90 ' return parent::retrieveTokens();' .
91 ' }' .
92 '}'
93 );
94 }
95
96 return $className;
97 }
98
99 /**
100 * Mock session methods in t3lib_beUserAuth
101 *
102 * @return t3lib_beUserAuth Instance of BE_USER object with mocked session storage methods
103 */
104 private function createBackendUserSessionStorageStub() {
105 $className = 't3lib_beUserAuthMocked';
106 if (!class_exists($className)) {
107 eval(
108 'class ' . $className . ' extends t3lib_beUserAuth {' .
109 ' protected $session=array();' .
110 ' public function getSessionData($key) {' .
111 ' return $this->session[$key];' .
112 ' }' .
113 ' public function setAndSaveSessionData($key,$data) {' .
114 ' $this->session[$key] = $data;' .
115 ' }' .
116 '}'
117 );
118 }
119
120 return $this->getMock($className, array('foo'));// $className;
121 }
122
123 ////////////////////////////////////
124 // Tests for the utility functions
125 ////////////////////////////////////
126
127 /**
128 * @test
129 */
130 public function createAccessibleProxyCreatesBackendFormProtectionSubclass() {
131 $className = $this->createAccessibleProxyClass();
132
133 $this->assertTrue(
134 (new $className()) instanceof t3lib_formprotection_BackendFormProtection
135 );
136 }
137
138 /**
139 * @test
140 */
141 public function createBackendUserSessionStorageStubWorkProperly() {
142 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
143
144 $allTokens = array(
145 '12345678' => array(
146 'formName' => 'foo',
147 'action' => 'edit',
148 'formInstanceName' => '42'
149 ),
150 );
151
152 $GLOBALS['BE_USER']->setAndSaveSessionData('tokens', $allTokens);
153
154 $this->assertEquals($GLOBALS['BE_USER']->getSessionData('tokens'), $allTokens);
155 }
156
157
158 //////////////////////////////////////////////////////////
159 // Tests concerning the reading and saving of the tokens
160 //////////////////////////////////////////////////////////
161
162 /**
163 * @test
164 */
165 public function retrieveTokensReadsTokensFromSessionData() {
166 $GLOBALS['BE_USER']->expects($this->once())->method('getSessionData')
167 ->with('formTokens')->will($this->returnValue(array()));
168
169 $this->fixture->retrieveTokens();
170 }
171
172 /**
173 * @test
174 */
175 public function tokensFromSessionDataAreAvailableForValidateToken() {
176 $tokenId = '51a655b55c54d54e5454c5f521f6552a';
177 $formName = 'foo';
178 $action = 'edit';
179 $formInstanceName = '42';
180
181 $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')
182 ->with('formTokens')
183 ->will($this->returnValue(array(
184 $tokenId => array(
185 'formName' => $formName,
186 'action' => $action,
187 'formInstanceName' => $formInstanceName,
188 ),
189 )));
190
191 $this->fixture->updateTokens();
192
193 $this->assertTrue(
194 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
195 );
196 }
197
198 /**
199 * @test
200 */
201 public function tokensStayDroppedAfterPersistingTokens() {
202 $tokenId = '51a655b55c54d54e5454c5f521f6552a';
203 $formName = 'foo';
204 $action = 'edit';
205 $formInstanceName = '42';
206
207 $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')
208 ->will($this->returnValue(array(
209 $tokenId => array(
210 'formName' => $formName,
211 'action' => $action,
212 'formInstanceName' => $formInstanceName,
213 ),
214 )));
215
216 $className = $this->createAccessibleProxyClass();
217
218 $this->fixture->updateTokens();
219
220 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName);
221
222 $this->fixture->persistTokens();
223
224 $this->assertFalse(
225 $this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName)
226 );
227 }
228
229 /**
230 * @test
231 */
232 public function persistTokensWritesTokensToSession() {
233 $formName = 'foo';
234 $action = 'edit';
235 $formInstanceName = '42';
236
237 $tokenId = $this->fixture->generateToken(
238 $formName, $action, $formInstanceName
239 );
240 $allTokens = array(
241 $tokenId => array(
242 'formName' => $formName,
243 'action' => $action,
244 'formInstanceName' => $formInstanceName,
245 ),
246 );
247
248 $GLOBALS['BE_USER']->expects($this->once())
249 ->method('setAndSaveSessionData')->with('formTokens', $allTokens);
250
251 $this->fixture->persistTokens();
252 }
253
254
255 //////////////////////////////////////////////////
256 // Tests concerning createValidationErrorMessage
257 //////////////////////////////////////////////////
258
259 /**
260 * @test
261 */
262 public function createValidationErrorMessageAddsErrorFlashMessage() {
263 $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
264 $this->fixture->createValidationErrorMessage();
265
266 $messages = t3lib_FlashMessageQueue::getAllMessagesAndFlush();
267 $this->assertContains(
268 $GLOBALS['LANG']->sL(
269 'LLL:EXT:lang/locallang_core.xml:error.formProtection.tokenInvalid'
270 ),
271 $messages[0]->render()
272 );
273 }
274 }
275 ?>