TYPO3 API  SVNRelease
t3lib_formprotection_BackendFormProtectionTest.php
Go to the documentation of this file.
00001 <?php
00002 /***************************************************************
00003 * Copyright notice
00004 *
00005 * (c) 2010-2011 Oliver Klee (typo3-coding@oliverklee.de)
00006 * All rights reserved
00007 *
00008 * This script is part of the TYPO3 project. The TYPO3 project is
00009 * free software; you can redistribute it and/or modify
00010 * it under the terms of the GNU General Public License as published by
00011 * the Free Software Foundation; either version 2 of the License, or
00012 * (at your option) any later version.
00013 *
00014 * The GNU General Public License can be found at
00015 * http://www.gnu.org/copyleft/gpl.html.
00016 *
00017 * This script is distributed in the hope that it will be useful,
00018 * but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 * GNU General Public License for more details.
00021 *
00022 * This copyright notice MUST APPEAR in all copies of the script!
00023 ***************************************************************/
00024 
00025 /**
00026  * Testcase for the t3lib_formprotection_BackendFormProtection class.
00027  *
00028  * $Id$
00029  *
00030  * @package TYPO3
00031  * @subpackage t3lib
00032  *
00033  * @author Oliver Klee <typo3-coding@oliverklee.de>
00034  */
00035 class t3lib_formprotection_BackendFormProtectionTest extends tx_phpunit_testcase {
00036     /**
00037      * a backup of the current BE user
00038      *
00039      * @var t3lib_beUserAuth
00040      */
00041     private $backEndUserBackup = NULL;
00042 
00043     /**
00044      * @var t3lib_formprotection_BackendFormProtection
00045      */
00046     private $fixture;
00047 
00048     public function setUp() {
00049         $this->backEndUserBackup = $GLOBALS['BE_USER'];
00050         $GLOBALS['BE_USER'] = $this->getMock(
00051             't3lib_beUserAuth',
00052             array('getSessionData', 'setAndSaveSessionData')
00053         );
00054         $GLOBALS['BE_USER']->user['uid'] = 1;
00055 
00056         $className = $this->createAccessibleProxyClass();
00057         $this->fixture = $this->getMock($className, array('acquireLock', 'releaseLock'));
00058     }
00059 
00060     public function tearDown() {
00061         $this->fixture->__destruct();
00062         unset($this->fixture);
00063 
00064         $GLOBALS['BE_USER'] = $this->backEndUserBackup;
00065 
00066         t3lib_FlashMessageQueue::getAllMessagesAndFlush();
00067     }
00068 
00069 
00070     //////////////////////
00071     // Utility functions
00072     //////////////////////
00073 
00074     /**
00075      * Creates a subclass t3lib_formprotection_BackendFormProtection with retrieveTokens made
00076      * public.
00077      *
00078      * @return string the name of the created class, will not be empty
00079      */
00080     private function createAccessibleProxyClass() {
00081         $className = 't3lib_formprotection_BackendFormProtectionAccessibleProxy';
00082         if (!class_exists($className)) {
00083             eval(
00084                 'class ' . $className . ' extends t3lib_formprotection_BackendFormProtection {' .
00085                 '  public function createValidationErrorMessage() {' .
00086                 '    parent::createValidationErrorMessage();' .
00087                 '  }' .
00088                 '  public function updateTokens() {' .
00089                 '    return parent::updateTokens();' .
00090                 '  }' .
00091                 '  public function retrieveTokens() {' .
00092                 '    return parent::retrieveTokens();' .
00093                 '  }' .
00094                 '}'
00095             );
00096         }
00097 
00098         return $className;
00099     }
00100 
00101     /**
00102      * Mock session methods in t3lib_beUserAuth
00103      *
00104      * @return t3lib_beUserAuth Instance of BE_USER object with mocked session storage methods
00105      */
00106     private function createBackendUserSessionStorageStub() {
00107         $className = 't3lib_beUserAuthMocked';
00108         if (!class_exists($className)) {
00109             eval(
00110                 'class ' . $className . ' extends t3lib_beUserAuth {' .
00111                 '  protected $session=array();' .
00112                 '  public function getSessionData($key) {' .
00113                 '    return $this->session[$key];' .
00114                 '  }' .
00115                 '  public function setAndSaveSessionData($key,$data) {' .
00116                 '    $this->session[$key] = $data;' .
00117                 '  }' .
00118                 '}'
00119             );
00120         }
00121 
00122         return $this->getMock($className, array('foo'));// $className;
00123     }
00124 
00125     ////////////////////////////////////
00126     // Tests for the utility functions
00127     ////////////////////////////////////
00128 
00129     /**
00130      * @test
00131      */
00132     public function createAccessibleProxyCreatesBackendFormProtectionSubclass() {
00133         $className = $this->createAccessibleProxyClass();
00134 
00135         $this->assertTrue(
00136             (new $className()) instanceof t3lib_formprotection_BackendFormProtection
00137         );
00138     }
00139 
00140     /**
00141      * @test
00142      */
00143     public function createBackendUserSessionStorageStubWorkProperly() {
00144         $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
00145 
00146         $allTokens = array(
00147             '12345678' => array(
00148                     'formName' => 'foo',
00149                     'action' => 'edit',
00150                     'formInstanceName' => '42'
00151                 ),
00152         );
00153 
00154         $GLOBALS['BE_USER']->setAndSaveSessionData('tokens', $allTokens);
00155 
00156         $this->assertEquals($GLOBALS['BE_USER']->getSessionData('tokens'), $allTokens);
00157     }
00158 
00159 
00160     //////////////////////////////////////////////////////////
00161     // Tests concerning the reading and saving of the tokens
00162     //////////////////////////////////////////////////////////
00163 
00164     /**
00165      * @test
00166      */
00167     public function retrieveTokensReadsTokensFromSessionData() {
00168         $GLOBALS['BE_USER']->expects($this->once())->method('getSessionData')
00169             ->with('formTokens')->will($this->returnValue(array()));
00170 
00171         $this->fixture->retrieveTokens();
00172     }
00173 
00174     /**
00175      * @test
00176      */
00177     public function tokensFromSessionDataAreAvailableForValidateToken() {
00178         $tokenId = '51a655b55c54d54e5454c5f521f6552a';
00179         $formName = 'foo';
00180         $action = 'edit';
00181         $formInstanceName = '42';
00182 
00183         $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')
00184             ->with('formTokens')
00185             ->will($this->returnValue(array(
00186                 $tokenId => array(
00187                     'formName' => $formName,
00188                     'action' => $action,
00189                     'formInstanceName' => $formInstanceName,
00190                 ),
00191             )));
00192 
00193         $this->fixture->updateTokens();
00194 
00195         $this->assertTrue(
00196             $this->fixture->validateToken($tokenId, $formName, $action,  $formInstanceName)
00197         );
00198     }
00199 
00200     /**
00201      * @test
00202      */
00203     public function tokensStayDroppedAfterPersistingTokens() {
00204         $tokenId = '51a655b55c54d54e5454c5f521f6552a';
00205         $formName = 'foo';
00206         $action = 'edit';
00207         $formInstanceName = '42';
00208 
00209         $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')
00210             ->will($this->returnValue(array(
00211                 $tokenId => array(
00212                     'formName' => $formName,
00213                     'action' => $action,
00214                     'formInstanceName' => $formInstanceName,
00215                 ),
00216             )));
00217 
00218         $className = $this->createAccessibleProxyClass();
00219 
00220         $this->fixture->updateTokens();
00221 
00222         $this->fixture->validateToken($tokenId, $formName, $action,  $formInstanceName);
00223 
00224         $this->fixture->persistTokens();
00225 
00226         $this->assertFalse(
00227             $this->fixture->validateToken($tokenId, $formName, $action,  $formInstanceName)
00228         );
00229     }
00230 
00231     /**
00232      * @test
00233      */
00234     public function persistTokensWritesTokensToSession() {
00235         $formName = 'foo';
00236         $action = 'edit';
00237         $formInstanceName = '42';
00238 
00239         $tokenId = $this->fixture->generateToken(
00240             $formName, $action, $formInstanceName
00241         );
00242         $allTokens = array(
00243             $tokenId => array(
00244                     'formName' => $formName,
00245                     'action' => $action,
00246                     'formInstanceName' => $formInstanceName,
00247                 ),
00248         );
00249 
00250         $GLOBALS['BE_USER']->expects($this->once())
00251             ->method('setAndSaveSessionData')->with('formTokens', $allTokens);
00252 
00253         $this->fixture->persistTokens();
00254     }
00255 
00256 
00257     //////////////////////////////////////////////////
00258     // Tests concerning createValidationErrorMessage
00259     //////////////////////////////////////////////////
00260 
00261     /**
00262      * @test
00263      */
00264     public function createValidationErrorMessageAddsErrorFlashMessage() {
00265         $GLOBALS['BE_USER'] = $this->createBackendUserSessionStorageStub();
00266         $this->fixture->createValidationErrorMessage();
00267 
00268         $messages = t3lib_FlashMessageQueue::getAllMessagesAndFlush();
00269         $this->assertContains(
00270             $GLOBALS['LANG']->sL(
00271                 'LLL:EXT:lang/locallang_core.xml:error.formProtection.tokenInvalid'
00272             ),
00273             $messages[0]->render()
00274         );
00275     }
00276 }
00277 ?>
Generated on Sat May 19 2012 04:20:57 for TYPO3 API by   doxygen 1.8.0