TYPO3 CMS  TYPO3_8-7
BackendFormProtectionTest.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
20 
24 class BackendFormProtectionTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestCase
25 {
29  protected $subject;
30 
34  protected $backendUserMock;
35 
39  protected $registryMock;
40 
44  protected function setUp()
45  {
46  $this->backendUserMock = $this->createMock(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::class);
47  $this->backendUserMock->user['uid'] = 1;
48  $this->registryMock = $this->createMock(Registry::class);
49  $this->subject = new BackendFormProtection(
50  $this->backendUserMock,
51  $this->registryMock,
52  function () {
53  throw new \Exception('Closure called', 1442592030);
54  }
55  );
56  }
57 
62  {
63  $this->backendUserMock
64  ->expects($this->once())
65  ->method('getSessionData')
66  ->with('formProtectionSessionToken')
67  ->will($this->returnValue([]));
68  $this->subject->generateToken('foo');
69  }
70 
75  {
76  $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
77  $formName = 'foo';
78  $action = 'edit';
79  $formInstanceName = '42';
80 
82  $formName . $action . $formInstanceName . $sessionToken
83  );
84 
85  $this->backendUserMock
86  ->expects($this->atLeastOnce())
87  ->method('getSessionData')
88  ->with('formProtectionSessionToken')
89  ->will($this->returnValue($sessionToken));
90 
91  $this->assertTrue(
92  $this->subject->validateToken($tokenId, $formName, $action, $formInstanceName)
93  );
94  }
95 
100  {
101  $this->expectException(\UnexpectedValueException::class);
102  $this->expectExceptionCode(1301827270);
103 
104  $this->subject->setSessionTokenFromRegistry();
105  }
106 
111  {
112  $this->backendUserMock
113  ->expects($this->once())
114  ->method('setAndSaveSessionData');
115  $this->subject->persistSessionToken();
116  }
117 
122  {
123  $this->expectException(\Exception::class);
124  $this->expectExceptionCode(1442592030);
125 
126  $this->subject->validateToken('foo', 'bar');
127  }
128 }
static hmac($input, $additionalSecret='')