10.4/_functional_2_session_2_backend_2_redis_session_backend_test_8php_source.html

<?php


declare(strict_types=1);


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


namespace ‪TYPO3\CMS\Core\Tests\Functional\Session\Backend;


use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotCreatedException;

use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;

use ‪TYPO3\CMS\Core\Session\Backend\Exception\SessionNotUpdatedException;

use ‪TYPO3\CMS\Core\Session\Backend\RedisSessionBackend;

use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;


class ‪RedisSessionBackendTest extends FunctionalTestCase

{

    protected ‪$subject;


    protected ‪$redis;


    protected ‪$testSessionRecord = [

        // RedisSessionBackend::hash('randomSessionId') with encryption key 12345

        'ses_id' => '21c0e911565a67315cdc384889c470fd291feafbfa62e31ecf7409430640bc7a',

        'ses_userid' => 1,

        // serialize(['foo' => 'bar', 'boo' => 'far'])

        'ses_data' => 'a:2:{s:3:"foo";s:3:"bar";s:3:"boo";s:3:"far";}',

    ];


    protected function ‪setUp(): void

    {

        parent::setUp();

        ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';


        if (!getenv('typo3TestingRedisHost')) {

            self::markTestSkipped('environment variable "typo3TestingRedisHost" must be set to run this test');

        }

        // Note we assume that if that typo3TestingRedisHost env is set, we can use that for testing,

        // there is no test to see if the daemon is actually up and running. Tests will fail if env

        // is set but daemon is down.


        // We know this env is set, otherwise setUp() would skip the tests

        $redisHost = getenv('typo3TestingRedisHost');

        // If typo3TestingRedisPort env is set, use it, otherwise fall back to standard port

        $env = getenv('typo3TestingRedisPort');

        $redisPort = is_string($env) ? (int)$env : 6379;


        $this->redis = new \Redis();

        $this->redis->connect($redisHost, $redisPort);

        $this->redis->select(0);

        // Clear db to ensure no sessions exist currently

        $this->redis->flushDB();


        $this->subject = new ‪RedisSessionBackend();

        $this->subject->initialize(

            'default',

            [

                'database' => 0,

                'port' => $redisPort,

                'hostname' => $redisHost

            ]

        );

    }


    public function ‪cannotUpdateNonExistingRecord()

    {

        $this->expectException(SessionNotUpdatedException::class);

        $this->expectExceptionCode(1484389971);

        $this->subject->update('iSoNotExist', []);

    }


    public function ‪canValidateSessionBackend()

    {

        $this->subject->validateConfiguration();

    }


    public function ‪sessionDataIsStoredProperly()

    {

        $record = $this->subject->set('randomSessionId', $this->testSessionRecord);


        $expected = array_merge($this->testSessionRecord, ['ses_tstamp' => ‪$GLOBALS['EXEC_TIME']]);


        self::assertEquals($record, $expected);

        $result = $this->subject->get('randomSessionId');

        self::assertSame($expected, $result);

    }


    public function ‪anonymousSessionDataIsStoredProperly()

    {

        $record = $this->subject->set('randomSessionId', array_merge($this->testSessionRecord, ['ses_anonymous' => 1]));


        $expected = array_merge($this->testSessionRecord, ['ses_anonymous' => 1, 'ses_tstamp' => ‪$GLOBALS['EXEC_TIME']]);


        self::assertEquals($record, $expected);

        self::assertSame($expected, $this->subject->get('randomSessionId'));

    }


    public function ‪throwExceptionOnNonExistingSessionId()

    {

        $this->expectException(SessionNotFoundException::class);

        $this->expectExceptionCode(1481885583);

        $this->subject->get('IDoNotExist');

    }


    public function ‪mergeSessionDataWithNewData()

    {

        $this->subject->set('randomSessionId', $this->testSessionRecord);


        $updateData = [

            'ses_data' => serialize(['foo' => 'baz', 'idontwantto' => 'set the world on fire']),

            'ses_tstamp' => ‪$GLOBALS['EXEC_TIME']

        ];

        $expectedMergedData = array_merge($this->testSessionRecord, $updateData);

        $this->subject->update('randomSessionId', $updateData);

        $fetchedRecord = $this->subject->get('randomSessionId');

        self::assertSame($expectedMergedData, $fetchedRecord);

    }


    public function ‪nonHashedSessionIdsAreUpdated()

    {

        ‪$testSessionRecord = ‪$this->testSessionRecord;

        ‪$testSessionRecord['ses_tstamp'] = 1;

        // simulate old session record by directly inserting it into redis

        $this->redis->set(

            'typo3_ses_default_' . sha1(‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']) . '_randomSessionId',

            json_encode(‪$testSessionRecord),

            ['nx']

        );


        $updateData = [

            'ses_data' => serialize(['foo' => 'baz', 'idontwantto' => 'set the world on fire']),

            'ses_tstamp' => ‪$GLOBALS['EXEC_TIME']

        ];

        $expectedMergedData = array_merge(‪$testSessionRecord, $updateData);

        $this->subject->update('randomSessionId', $updateData);

        $fetchedRecord = $this->subject->get('randomSessionId');

        self::assertSame($expectedMergedData, $fetchedRecord);

    }


    public function ‪existingSessionMustNotBeOverridden()

    {

        $this->expectException(SessionNotCreatedException::class);

        $this->expectExceptionCode(1481895647);


        $this->subject->set('randomSessionId', $this->testSessionRecord);


        $newData = array_merge($this->testSessionRecord, ['ses_data' => serialize(['foo' => 'baz', 'idontwantto' => 'set the world on fire'])]);

        $this->subject->set('randomSessionId', $newData);

    }


    public function ‪cannotChangeSessionId()

    {

        $this->subject->set('randomSessionId', $this->testSessionRecord);


        $newSessionId = 'newRandomSessionId';

        $newData = array_merge($this->testSessionRecord, ['ses_id' => $newSessionId]);


        // old session id has to exist, no exception must be thrown at this point

        $this->subject->get('randomSessionId');


        // Change session id

        $this->subject->update('randomSessionId', $newData);


        // no session with key newRandomSessionId should exist

        $this->expectException(SessionNotFoundException::class);

        $this->expectExceptionCode(1481885583);

        $this->subject->get('newRandomSessionId');

    }


    public function ‪sessionGetsDestroyed()

    {

        $this->subject->set('randomSessionId', $this->testSessionRecord);


        // Remove session

        self::assertTrue($this->subject->remove('randomSessionId'));


        // Check if session was really removed

        $this->expectException(SessionNotFoundException::class);

        $this->expectExceptionCode(1481885583);

        $this->subject->get('randomSessionId');

    }


    public function ‪canLoadAllSessions()

    {

        $this->subject->set('randomSessionId', $this->testSessionRecord);

        $this->subject->set('randomSessionId2', $this->testSessionRecord);


        // Check if session was really removed

        self::assertEquals(2, count($this->subject->getAll()));

    }


    public function ‪canCollectGarbage()

    {

        ‪$GLOBALS['EXEC_TIME'] = 150;

        $authenticatedSession = array_merge($this->testSessionRecord, ['ses_id' => 'authenticatedSession']);

        $anonymousSession = array_merge($this->testSessionRecord, ['ses_id' => 'anonymousSession', 'ses_anonymous' => 1]);


        $this->subject->set('authenticatedSession', $authenticatedSession);

        $this->subject->set('anonymousSession', $anonymousSession);


        // Assert that we set authenticated session correctly

        self::assertSame(

            $authenticatedSession['ses_data'],

            $this->subject->get('authenticatedSession')['ses_data']

        );

        self::assertSame(

            $authenticatedSession['ses_userid'],

            $this->subject->get('authenticatedSession')['ses_userid']

        );


        // assert that we set anonymous session correctly

        self::assertSame(

            $anonymousSession['ses_data'],

            $this->subject->get('anonymousSession')['ses_data']

        );


        // Run the garbage collection

        ‪$GLOBALS['EXEC_TIME'] = 200;

        // 150 + 10 < 200 but 150 + 60 >= 200

        $this->subject->collectGarbage(60, 10);


        // Authenticated session should still be there

        self::assertSame(

            $authenticatedSession['ses_data'],

            $this->subject->get('authenticatedSession')['ses_data']

        );

        self::assertSame(

            $authenticatedSession['ses_userid'],

            $this->subject->get('authenticatedSession')['ses_userid']

        );


        // Non-authenticated session should be removed

        $this->expectException(SessionNotFoundException::class);

        $this->expectExceptionCode(1481885583);

        $this->subject->get('anonymousSession');

    }


    public function ‪canPartiallyUpdateAfterGet()

    {

        $updatedRecord = array_merge(

            $this->testSessionRecord,

            ['ses_tstamp' => ‪$GLOBALS['EXEC_TIME']]

        );

        $sessionId = 'randomSessionId';

        $this->subject->set($sessionId, $this->testSessionRecord);

        $this->subject->update($sessionId, []);

        self::assertSame($updatedRecord, $this->subject->get($sessionId));

    }

}