TYPO3 CMS  TYPO3_6-2
AbstractFormProtectionTest.php
Go to the documentation of this file.
1 <?php
3 
23 
27  protected $subject;
28 
29  public function setUp() {
30  $this->subject = new \TYPO3\CMS\Core\Tests\Unit\FormProtection\Fixtures\FormProtectionTesting();
31  }
32 
34  // Tests concerning the basic functions
36 
39  public function generateTokenRetrievesTokenOnce() {
40  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('retrieveSessionToken'));
41  $subject->expects($this->once())->method('retrieveSessionToken')->will($this->returnValue('token'));
42  $subject->generateToken('foo');
43  $subject->generateToken('foo');
44  }
45 
49  public function validateTokenRetrievesTokenOnce() {
50  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('retrieveSessionToken'));
51  $subject->expects($this->once())->method('retrieveSessionToken')->will($this->returnValue('token'));
52  $subject->validateToken('foo', 'bar');
53  $subject->validateToken('foo', 'bar');
54  }
55 
59  public function cleanMakesTokenInvalid() {
60  $formName = 'foo';
61  $tokenId = $this->subject->generateToken($formName);
62  $this->subject->clean();
63  $this->assertFalse($this->subject->validateToken($tokenId, $formName));
64  }
65 
69  public function cleanPersistsToken() {
70  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('persistSessionToken'));
71  $subject->expects($this->once())->method('persistSessionToken');
72  $subject->clean();
73  }
74 
76  // Tests concerning generateToken
78 
82  $this->setExpectedException('InvalidArgumentException', '$formName must not be empty.');
83  $this->subject->generateToken('', 'edit', 'bar');
84  }
85 
90  $this->subject->generateToken('foo', '', '42');
91  }
92 
97  $this->subject->generateToken('foo', 'edit', '');
98  }
99 
104  $this->subject->generateToken('foo');
105  }
106 
111  $this->assertRegexp('/^[0-9a-f]{40}$/', $this->subject->generateToken('foo'));
112  }
113 
118  $this->assertEquals($this->subject->generateToken('foo', 'edit', 'bar'), $this->subject->generateToken('foo', 'edit', 'bar'));
119  }
120 
122  // Tests concerning validateToken
124 
128  $this->subject->validateToken('', '', '', '');
129  }
130 
135  $this->subject->validateToken('', '');
136  }
137 
142  $formName = 'foo';
143  $action = 'edit';
144  $formInstanceName = 'bar';
145  $this->assertTrue($this->subject->validateToken($this->subject->generateToken($formName, $action, $formInstanceName), $formName, $action, $formInstanceName));
146  }
147 
152  $formName = 'foo';
153  $this->assertTrue($this->subject->validateToken($this->subject->generateToken($formName), $formName));
154  }
155 
160  $formName = 'foo';
161  $action = 'edit';
162  $formInstanceName = 'bar';
163  $tokenId = $this->subject->generateToken($formName, $action, $formInstanceName);
164  $this->subject->validateToken($tokenId, $formName, $action, $formInstanceName);
165  $this->assertTrue($this->subject->validateToken($tokenId, $formName, $action, $formInstanceName));
166  }
167 
172  $formName = 'foo';
173  $action = 'edit';
174  $formInstanceName = 'bar';
175  $this->subject->generateToken($formName, $action, $formInstanceName);
176  $this->assertFalse($this->subject->validateToken('Hello world!', $formName, $action, $formInstanceName));
177  }
178 
183  $formName = 'foo';
184  $action = 'edit';
185  $formInstanceName = 'bar';
186  $tokenId = $this->subject->generateToken($formName, $action, $formInstanceName);
187  $this->assertFalse($this->subject->validateToken($tokenId, 'espresso', $action, $formInstanceName));
188  }
189 
194  $formName = 'foo';
195  $action = 'edit';
196  $formInstanceName = 'bar';
197  $tokenId = $this->subject->generateToken($formName, $action, $formInstanceName);
198  $this->assertFalse($this->subject->validateToken($tokenId, $formName, 'delete', $formInstanceName));
199  }
200 
205  $formName = 'foo';
206  $action = 'edit';
207  $formInstanceName = 'bar';
208  $tokenId = $this->subject->generateToken($formName, $action, $formInstanceName);
209  $this->assertFalse($this->subject->validateToken($tokenId, $formName, $action, 'beer'));
210  }
211 
215  public function validateTokenForValidTokenNotCallsCreateValidationErrorMessage() {
217  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('createValidationErrorMessage'));
218  $subject->expects($this->never())->method('createValidationErrorMessage');
219  $formName = 'foo';
220  $action = 'edit';
221  $formInstanceName = 'bar';
222  $token = $subject->generateToken($formName, $action, $formInstanceName);
223  $subject->validateToken($token, $formName, $action, $formInstanceName);
224  $subject->__destruct();
225  }
226 
230  public function validateTokenForInvalidTokenCallsCreateValidationErrorMessage() {
232  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('createValidationErrorMessage'));
233  $subject->expects($this->once())->method('createValidationErrorMessage');
234  $formName = 'foo';
235  $action = 'edit';
236  $formInstanceName = 'bar';
237  $subject->generateToken($formName, $action, $formInstanceName);
238  $subject->validateToken('an invalid token ...', $formName, $action, $formInstanceName);
239  $subject->__destruct();
240  }
241 
245  public function validateTokenForInvalidFormNameCallsCreateValidationErrorMessage() {
247  $subject = $this->getMock('TYPO3\\CMS\\Core\\Tests\\Unit\\FormProtection\\Fixtures\\FormProtectionTesting', array('createValidationErrorMessage'));
248  $subject->expects($this->once())->method('createValidationErrorMessage');
249  $formName = 'foo';
250  $action = 'edit';
251  $formInstanceName = 'bar';
252  $token = $subject->generateToken($formName, $action, $formInstanceName);
253  $subject->validateToken($token, 'another form name', $action, $formInstanceName);
254  $subject->__destruct();
255  }
256 
257 }