/** * @return void */ public function setUp() { $this->viewHelperVariableContainer = $this->getMock('TYPO3\\Fluid\\Core\\ViewHelper\\ViewHelperVariableContainer'); $this->viewHelperVariableContainer->expects($this->any())->method('exists')->will($this->returnCallback(array($this, 'viewHelperVariableContainerExistsCallback'))); $this->viewHelperVariableContainer->expects($this->any())->method('get')->will($this->returnCallback(array($this, 'viewHelperVariableContainerGetCallback'))); $this->templateVariableContainer = $this->getMock('TYPO3\\Fluid\\Core\\ViewHelper\\TemplateVariableContainer'); $this->uriBuilder = $this->getMock('TYPO3\\Flow\\Mvc\\Routing\\UriBuilder'); $this->uriBuilder->expects($this->any())->method('reset')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setArguments')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setSection')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setFormat')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setCreateAbsoluteUri')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setAddQueryString')->will($this->returnValue($this->uriBuilder)); $this->uriBuilder->expects($this->any())->method('setArgumentsToBeExcludedFromQueryString')->will($this->returnValue($this->uriBuilder)); // BACKPORTER TOKEN #1 $httpRequest = \TYPO3\Flow\Http\Request::create(new \TYPO3\Flow\Http\Uri('http://localhost/foo')); $this->request = $this->getMock('TYPO3\\Flow\\Mvc\\ActionRequest', array(), array($httpRequest)); $this->request->expects($this->any())->method('isMainRequest')->will($this->returnValue(TRUE)); $this->controllerContext = $this->getMock('TYPO3\\Flow\\Mvc\\Controller\\ControllerContext', array(), array(), '', FALSE); $this->controllerContext->expects($this->any())->method('getUriBuilder')->will($this->returnValue($this->uriBuilder)); $this->controllerContext->expects($this->any())->method('getRequest')->will($this->returnValue($this->request)); $this->tagBuilder = $this->getMock('TYPO3\\Fluid\\Core\\ViewHelper\\TagBuilder'); $this->arguments = array(); $this->renderingContext = new \TYPO3\Fluid\Core\Rendering\RenderingContext(); $this->renderingContext->injectTemplateVariableContainer($this->templateVariableContainer); $this->renderingContext->injectViewHelperVariableContainer($this->viewHelperVariableContainer); $this->renderingContext->setControllerContext($this->controllerContext); }
/** * Returns an Response object containing the OPAuth data * * @return Response */ public function getResponse() { if ($this->actionRequest instanceof \TYPO3\Flow\Mvc\ActionRequest && $this->actionRequest->hasArgument('opauth')) { $data = $this->actionRequest->getArgument('opauth'); $response = unserialize(base64_decode($data)); $this->response = new Response($response); } return $this->response; }
/** * @param Request $httpRequest * @param array $matchResults * @return ActionRequest */ protected function createActionRequest(Request $httpRequest, array $matchResults = NULL) { $actionRequest = new ActionRequest($httpRequest); if ($matchResults !== NULL) { $requestArguments = $actionRequest->getArguments(); $mergedArguments = Arrays::arrayMergeRecursiveOverrule($requestArguments, $matchResults); $actionRequest->setArguments($mergedArguments); } return $actionRequest; }
/** * Updates the authentication credentials, the authentication manager needs to authenticate this token. * This could be a username/password from a login controller. * This method is called while initializing the security context. By returning TRUE you * make sure that the authentication manager will (re-)authenticate the tokens with the current credentials. * Note: You should not persist the credentials! * * @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current request instance * * @return bool TRUE if this token needs to be (re-)authenticated */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { $httpRequest = $actionRequest->getHttpRequest(); if ($httpRequest->getMethod() !== 'GET') { return; } if ($actionRequest->getInternalArgument('__casAuthenticationProviderName') === $this->authenticationProviderName) { $this->authenticationStatus = self::AUTHENTICATION_NEEDED; } }
/** * @test */ public function actionRequestStripsParentHttpRequest() { $httpRequest = Request::create(new Uri('http://typo3.org')); $actionRequest = new ActionRequest($httpRequest); $actionRequest->setControllerActionName('foo'); $serializedActionRequest = serialize($actionRequest); /* @var $unserializedActionRequest ActionRequest */ $unserializedActionRequest = unserialize($serializedActionRequest); $this->assertNull($unserializedActionRequest->getParentRequest(), 'Parent HTTP request should be NULL after deserialization'); $this->assertSame('foo', $unserializedActionRequest->getControllerActionName()); }
/** * Updates the identifier credential from the GET/POST vars, if the GET/POST parameters * are available. Sets the authentication status to AUTHENTICATION_NEEDED, if credentials have been sent. * * Note: You need to send the password in this parameter: * __authentication[_OurBrand_][Quiz][Security][IdentifierToken][identifier] * * @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current action request * @return void */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { $postArguments = $actionRequest->getInternalArguments(); $username = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($postArguments, '__authentication._OurBrand_.Quiz.Security.IdentifierToken.username'); $password = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($postArguments, '__authentication._OurBrand_.Quiz.Security.IdentifierToken.password'); if (!empty($username) && !empty($password)) { $this->credentials['username'] = $username; $this->credentials['password'] = $password; $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } }
/** * Is called if authentication was successful. * * See the implementation in the AbstractAuthenticationController for details! * * @param \TYPO3\Flow\Mvc\ActionRequest $originalRequest The request that was intercepted by the security framework, NULL if there was none * @return string */ protected function onAuthenticationSuccess(\TYPO3\Flow\Mvc\ActionRequest $originalRequest = NULL) { // if the login attempt is authenticated, add a success flash message $this->addFlashMessage($this->translate('status_login_success', 'Login')); // basically redirect to the intercepted requiest if there's one - but never redirect // to the login form after successful login as this seems to make no sense. if ($originalRequest !== NULL && $originalRequest->getControllerActionName() != 'login') { $this->redirectToRequest($originalRequest); } else { $this->redirect('dashboard', 'Standard'); } }
/** * Updates the password credential from the POST vars, if the POST parameters * are available. Sets the authentication status to AUTHENTICATION_NEEDED, if credentials have been sent. * * Note: You need to send the password in this POST parameter: * __authentication[TYPO3][Flow][Security][Authentication][Token][PasswordToken][password] * * @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current action request * @return void */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { if ($actionRequest->getHttpRequest()->getMethod() !== 'POST') { return; } $postArguments = $actionRequest->getInternalArguments(); $password = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($postArguments, '__authentication.TYPO3.Flow.Security.Authentication.Token.PasswordToken.password'); if (!empty($password)) { $this->credentials['password'] = $password; $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } }
/** * Updates the username and password credentials from the HTTP authorization header. * Sets the authentication status to AUTHENTICATION_NEEDED, if the header has been * sent, to NO_CREDENTIALS_GIVEN if no authorization header was there. * * @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current action request instance * @return void */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { $authorizationHeader = $actionRequest->getHttpRequest()->getHeaders()->get('Authorization'); if (substr($authorizationHeader, 0, 5) === 'Basic') { $credentials = base64_decode(substr($authorizationHeader, 6)); $this->credentials['username'] = substr($credentials, 0, strpos($credentials, ':')); $this->credentials['password'] = substr($credentials, strpos($credentials, ':') + 1); $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } else { $this->credentials = array('username' => null, 'password' => null); $this->authenticationStatus = self::NO_CREDENTIALS_GIVEN; } }
/** * Updates the username and password credentials from the POST vars, if the POST parameters * are available. Sets the authentication status to REAUTHENTICATION_NEEDED, if credentials have been sent. * * @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current action request instance * @return void */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { $getArguments = $actionRequest->getArguments(); if (!empty($getArguments['user']) && !empty($getArguments['signature']) && !empty($getArguments['expires']) && !empty($getArguments['version']) && !empty($getArguments['tpa_id']) && !empty($getArguments['action']) && !empty($getArguments['flags']) && !empty($getArguments['userdata'])) { $this->credentials['username'] = $getArguments['user']; $this->credentials['signature'] = \TYPO3\Flow\Utility\TypeHandling::hex2bin($getArguments['signature']); $this->credentials['expires'] = $getArguments['expires']; $this->credentials['version'] = $getArguments['version']; $this->credentials['tpaId'] = $getArguments['tpa_id']; $this->credentials['action'] = $getArguments['action']; $this->credentials['flags'] = $getArguments['flags']; $this->credentials['userdata'] = $getArguments['userdata']; $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } }
/** * Updates the username and password credentials from the POST vars, if the POST parameters * are available. Sets the authentication status to REAUTHENTICATION_NEEDED, if credentials have been sent. * * Note: You need to send the username and password in these two POST parameters: * __authentication[TYPO3][Flow][Security][Authentication][Token][UsernamePassword][username] * and __authentication[TYPO3][Flow][Security][Authentication][Token][UsernamePassword][password] * * @param ActionRequest $actionRequest The current action request * @return void */ public function updateCredentials(ActionRequest $actionRequest) { $httpRequest = $actionRequest->getHttpRequest(); if ($httpRequest->getMethod() !== 'POST') { return; } $arguments = $actionRequest->getInternalArguments(); $username = ObjectAccess::getPropertyPath($arguments, '__authentication.TYPO3.Flow.Security.Authentication.Token.UsernamePassword.username'); $password = ObjectAccess::getPropertyPath($arguments, '__authentication.TYPO3.Flow.Security.Authentication.Token.UsernamePassword.password'); if (!empty($username) && !empty($password)) { $this->credentials['username'] = $username; $this->credentials['password'] = $password; $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } }
/** * Build the proper pluginRequest to render the PluginView * of some configured Master Plugin * * @return ActionRequest */ protected function buildPluginRequest() { /** @var $parentRequest ActionRequest */ $parentRequest = $this->tsRuntime->getControllerContext()->getRequest(); $pluginRequest = new ActionRequest($parentRequest); if (!$this->pluginViewNode instanceof NodeInterface) { $pluginRequest->setArgumentNamespace('--' . $this->getPluginNamespace()); $this->passArgumentsToPluginRequest($pluginRequest); $pluginRequest->setControllerPackageKey($this->getPackage()); $pluginRequest->setControllerSubpackageKey($this->getSubpackage()); $pluginRequest->setControllerName($this->getController()); $pluginRequest->setControllerActionName($this->getAction()); return $pluginRequest; } $pluginNodeIdentifier = $this->pluginViewNode->getProperty('plugin'); if (strlen($pluginNodeIdentifier) === 0) { return $pluginRequest; } // Set the node to render this to the master plugin node $this->node = $this->pluginViewNode->getContext()->getNodeByIdentifier($pluginNodeIdentifier); if ($this->node === null) { return $pluginRequest; } $pluginRequest->setArgument('__node', $this->node); $pluginRequest->setArgumentNamespace('--' . $this->getPluginNamespace()); $this->passArgumentsToPluginRequest($pluginRequest); if ($pluginRequest->getControllerObjectName() !== '') { return $pluginRequest; } $controllerObjectPairs = array(); $pluginViewName = $this->pluginViewNode->getProperty('view'); foreach ($this->pluginService->getPluginViewDefinitionsByPluginNodeType($this->node->getNodeType()) as $pluginViewDefinition) { /** @var PluginViewDefinition $pluginViewDefinition */ if ($pluginViewDefinition->getName() !== $pluginViewName) { continue; } $controllerObjectPairs = $pluginViewDefinition->getControllerActionPairs(); break; } if ($controllerObjectPairs === array()) { return $pluginRequest; } $defaultControllerObjectName = key($controllerObjectPairs); $defaultActionName = current($controllerObjectPairs[$defaultControllerObjectName]); $pluginRequest->setControllerObjectName($defaultControllerObjectName); $pluginRequest->setControllerActionName($defaultActionName); return $pluginRequest; }
/** * @test */ public function updateCredentialsIgnoresAnythingOtherThanPostRequests() { $arguments = array(); $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['PasswordToken']['password'] = '******'; $this->mockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('POST')); $this->mockActionRequest->expects($this->atLeastOnce())->method('getInternalArguments')->will($this->returnValue($arguments)); $this->token->updateCredentials($this->mockActionRequest); $this->assertEquals(array('password' => 'verysecurepassword'), $this->token->getCredentials()); $secondToken = new PasswordToken(); $secondMockActionRequest = $this->getMockBuilder(\TYPO3\Flow\Mvc\ActionRequest::class)->disableOriginalConstructor()->getMock(); $secondMockHttpRequest = $this->getMockBuilder(\TYPO3\Flow\Http\Request::class)->disableOriginalConstructor()->getMock(); $secondMockActionRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($secondMockHttpRequest)); $secondMockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('GET')); $secondToken->updateCredentials($secondMockActionRequest); $this->assertEquals(array('password' => ''), $secondToken->getCredentials()); }
/** * @test */ public function dispatchContinuesWithNextRequestFoundInAForwardException() { $httpRequest = Request::create(new Uri('http://localhost')); $httpResponse = new Response(); $mainRequest = $httpRequest->createActionRequest(); $subRequest = new ActionRequest($mainRequest); $nextRequest = $httpRequest->createActionRequest(); $mainRequest->setDispatched(TRUE); $mainRequest->setControllerSubPackageKey('main'); $subRequest->setControllerSubPackageKey('sub'); $nextRequest->setControllerSubPackageKey('next'); $mockController = $this->getMock('TYPO3\\Flow\\Mvc\\Controller\\ControllerInterface', array('processRequest')); $mockController->expects($this->at(0))->method('processRequest')->will($this->returnCallback(function (ActionRequest $request) use($nextRequest) { $request->setDispatched(TRUE); $forwardException = new ForwardException(); $forwardException->setNextRequest($nextRequest); throw $forwardException; })); $mockController->expects($this->at(1))->method('processRequest')->will($this->returnCallback(function (ActionRequest $request) use($nextRequest) { // NOTE: PhpUnit creates a clone of $nextRequest, thus $request is not the same instance as expected. if ($request == $nextRequest) { $nextRequest->setDispatched(TRUE); } })); $dispatcher = $this->getMock('TYPO3\\Flow\\Mvc\\Dispatcher', array('resolveController', 'emitAfterControllerInvocation'), array(), '', FALSE); $dispatcher->expects($this->any())->method('resolveController')->will($this->returnValue($mockController)); $dispatcher->dispatch($subRequest, $httpResponse); }
/** * @test */ public function handleMergesInternalArgumentsWithRoutingMatchResults() { $this->mockHttpRequest->expects($this->any())->method('getArguments')->will($this->returnValue(array('__internalArgument1' => 'request', '__internalArgument2' => 'request', '__internalArgument3' => 'request'))); $this->mockPropertyMapper->expects($this->any())->method('convert')->with('', 'array', $this->mockPropertyMappingConfiguration)->will($this->returnValue(array('__internalArgument2' => 'requestBody', '__internalArgument3' => 'requestBody'))); $this->mockComponentContext->expects($this->atLeastOnce())->method('getParameter')->with('TYPO3\\Flow\\Mvc\\Routing\\RoutingComponent', 'matchResults')->will($this->returnValue(array('__internalArgument3' => 'routing'))); $this->mockActionRequest->expects($this->once())->method('setArguments')->with(array('__internalArgument1' => 'request', '__internalArgument2' => 'requestBody', '__internalArgument3' => 'routing')); $this->dispatchComponent->handle($this->mockComponentContext); }
/** * Set the default controller and action names if none has been specified. * * @return void */ protected function setDefaultControllerAndActionNameIfNoneSpecified() { if ($this->actionRequest->getControllerName() === NULL) { $this->actionRequest->setControllerName('Standard'); } if ($this->actionRequest->getControllerActionName() === NULL) { $this->actionRequest->setControllerActionName('index'); } }
/** * @param string $path * @return string * @throws \Exception */ public function render($path = NULL) { /** @var RequestHandler $activeRequestHandler */ $activeRequestHandler = $this->bootstrap->getActiveRequestHandler(); $parentHttpRequest = $activeRequestHandler->getHttpRequest(); $httpRequest = Request::create(new Uri($parentHttpRequest->getBaseUri() . $path . '.html')); $matchingRoute = $this->router->route($httpRequest); if (!$matchingRoute) { throw new \Exception(sprintf('Uri with path "%s" could not be found.', $parentHttpRequest->getBaseUri() . $path . '.html'), 1426446160); } $request = new ActionRequest($parentHttpRequest); foreach ($matchingRoute as $argumentName => $argumentValue) { $request->setArgument($argumentName, $argumentValue); } $response = new Response($activeRequestHandler->getHttpResponse()); $this->dispatcher->dispatch($request, $response); return $response->getContent(); }
/** * @test */ public function buildAddsActionNameFromRootRequestIfRequestIsOfTypeSubRequest() { $expectedArguments = array('@action' => 'RootRequestActionName'); $this->mockMainRequest->expects($this->once())->method('getControllerActionName')->will($this->returnValue('RootRequestActionName')); $this->mockMainRequest->expects($this->any())->method('getArguments')->will($this->returnValue(array())); $this->uriBuilder->setRequest($this->mockSubRequest); $this->uriBuilder->build(); $this->assertEquals($expectedArguments, $this->uriBuilder->getLastArguments()); }
/** * @test */ public function tokenCanBeCastToString() { $arguments = array(); $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['username'] = '******'; $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['password'] = '******'; $this->mockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('POST')); $this->mockActionRequest->expects($this->atLeastOnce())->method('getInternalArguments')->will($this->returnValue($arguments)); $this->token->updateCredentials($this->mockActionRequest); $this->assertEquals('Username: "******"', (string) $this->token); }
/** * Maps arguments delivered by the request object to the local controller arguments. * * @return void * @throws \TYPO3\Flow\Mvc\Exception\RequiredArgumentMissingException * @api */ protected function mapRequestArgumentsToControllerArguments() { foreach ($this->arguments as $argument) { $argumentName = $argument->getName(); if ($this->request->hasArgument($argumentName)) { $argument->setValue($this->request->getArgument($argumentName)); } elseif ($argument->isRequired()) { throw new \TYPO3\Flow\Mvc\Exception\RequiredArgumentMissingException('Required argument "' . $argumentName . '" is not set.', 1298012500); } } }
/** * Updates the authentication credentials, the authentication manager needs to authenticate this token. * This could be a username/password from a login controller. * This method is called while initializing the security context. By returning TRUE you * make sure that the authentication manager will (re-)authenticate the tokens with the current credentials. * Note: You should not persist the credentials! * * @param \TYPO3\Flow\Mvc\ActionRequest $request The current request instance * @return boolean TRUE if this token needs to be (re-)authenticated */ public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest) { $httpRequest = $actionRequest->getHttpRequest(); if ($httpRequest->getMethod() !== 'GET') { return; } // Check if we have a callback request $arguments = $httpRequest->getArguments(); $accessTokenCipher = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($arguments, '__flowpack.singlesignon.accessToken'); $signature = \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($arguments, '__flowpack.singlesignon.signature'); if (!empty($accessTokenCipher) && !empty($signature)) { // Get callback parameters from request $this->credentials['accessToken'] = base64_decode($accessTokenCipher); $this->credentials['signature'] = base64_decode($signature); $this->callbackUri = $actionRequest->getHttpRequest()->getUri(); $arguments = $this->callbackUri->getArguments(); unset($arguments['__flowpack']); $this->callbackUri->setQuery(http_build_query($arguments)); $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED); } }
/** * Updates the authentication credentials, the authentication manager needs to authenticate this token. * This could be a username/password from a login controller. * This method is called while initializing the security context. By returning TRUE you * make sure that the authentication manager will (re-)authenticate the tokens with the current credentials. * Note: You should not persist the credentials! * * @param ActionRequest $actionRequest The current request instance * @throws \InvalidArgumentException * @return boolean TRUE if this token needs to be (re-)authenticated */ public function updateCredentials(ActionRequest $actionRequest) { if ($actionRequest->getHttpRequest()->getMethod() !== 'GET' || $actionRequest->getInternalArgument('__oauth2Provider') !== $this->authenticationProviderName) { return; } if (!$actionRequest->hasArgument('code')) { $this->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS); $this->securityLogger->log('There was no argument `code` provided.', LOG_NOTICE); return; } $code = $actionRequest->getArgument('code'); $redirectUri = $this->oauthUriBuilder->getRedirectionEndpointUri($this->authenticationProviderName); try { $this->credentials['accessToken'] = $this->tokenEndpoint->requestAuthorizationCodeGrantAccessToken($code, $redirectUri); $this->setAuthenticationStatus(TokenInterface::AUTHENTICATION_NEEDED); } catch (Exception $exception) { $this->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS); $this->securityLogger->logException($exception); return; } }
/** * Redirects the web request to another uri. * * NOTE: This method only supports web requests and will throw an exception * if used with other request types. * * @param mixed $uri Either a string representation of a URI or a \TYPO3\Flow\Http\Uri object * @param integer $delay (optional) The delay in seconds. Default is no delay. * @param integer $statusCode (optional) The HTTP status code for the redirect. Default is "303 See Other" * @return void * @throws \TYPO3\Flow\Mvc\Exception\StopActionException * @api */ protected function redirectToUri($uri, $delay = 0, $statusCode = 303) { // the parent method throws the exception, but we need to act afterwards // thus the code in catch - it's the expected state try { parent::redirectToUri($uri, $delay, $statusCode); } catch (\TYPO3\Flow\Mvc\Exception\StopActionException $exception) { if ($this->request->getFormat() === 'json') { $this->response->setContent(''); } throw $exception; } }
/** * Calculates the dimensions of the thumbnail to be generated and returns the thumbnail URI. * In case of Images this is a thumbnail of the image, in case of other assets an icon representation. * * @param AssetInterface $asset * @param ThumbnailConfiguration $configuration * @param ActionRequest $request Request argument must be provided for asynchronous thumbnails * @return array|null Array with keys "width", "height" and "src" if the thumbnail generation work or null * @throws AssetServiceException */ public function getThumbnailUriAndSizeForAsset(AssetInterface $asset, ThumbnailConfiguration $configuration, ActionRequest $request = null) { $thumbnailImage = $this->thumbnailService->getThumbnail($asset, $configuration); if (!$thumbnailImage instanceof ImageInterface) { return null; } $resource = $thumbnailImage->getResource(); if ($thumbnailImage instanceof Thumbnail) { $staticResource = $thumbnailImage->getStaticResource(); if ($configuration->isAsync() === true && $resource === null && $staticResource === null) { if ($request === null) { throw new AssetServiceException('Request argument must be provided for async thumbnails.', 1447660835); } $this->uriBuilder->setRequest($request->getMainRequest()); $uri = $this->uriBuilder->reset()->setCreateAbsoluteUri(true)->uriFor('thumbnail', array('thumbnail' => $thumbnailImage), 'Thumbnail', 'TYPO3.Media'); } else { $uri = $this->thumbnailService->getUriForThumbnail($thumbnailImage); } } else { $uri = $this->resourceManager->getPublicPersistentResourceUri($resource); } return array('width' => $thumbnailImage->getWidth(), 'height' => $thumbnailImage->getHeight(), 'src' => $uri); }
/** * @test */ public function matchRequestReturnsFalseIfAuthorizationChecksAreDisabled() { $httpRequest = Request::create(new Uri('http://localhost'), 'POST'); $this->mockActionRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest)); $mockAuthenticationManager = $this->createMock(\TYPO3\Flow\Security\Authentication\AuthenticationManagerInterface::class); $mockAuthenticationManager->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $mockSecurityContext = $this->createMock(\TYPO3\Flow\Security\Context::class); $mockSecurityContext->expects($this->atLeastOnce())->method('areAuthorizationChecksDisabled')->will($this->returnValue(true)); $mockCsrfProtectionPattern = $this->getAccessibleMock(\TYPO3\Flow\Security\RequestPattern\CsrfProtection::class, array('dummy')); $mockCsrfProtectionPattern->_set('authenticationManager', $mockAuthenticationManager); $mockCsrfProtectionPattern->_set('systemLogger', $this->mockSystemLogger); $mockCsrfProtectionPattern->_set('securityContext', $mockSecurityContext); $this->assertFalse($mockCsrfProtectionPattern->matchRequest($this->mockActionRequest)); }
/** * Sets up security test requirements * * Security is based on action requests so we need a working route for the TestingProvider. * * @return void */ protected function setupSecurity() { $this->accessDecisionManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authorization\\AccessDecisionManagerInterface'); $this->accessDecisionManager->setOverrideDecision(NULL); $this->policyService = $this->objectManager->get('TYPO3\\Flow\\Security\\Policy\\PolicyService'); $this->authenticationManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\AuthenticationProviderManager'); $this->testingProvider = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\Provider\\TestingProvider'); $this->testingProvider->setName('TestingProvider'); $this->securityContext = $this->objectManager->get('TYPO3\\Flow\\Security\\Context'); $this->securityContext->clearContext(); $httpRequest = Request::createFromEnvironment(); $this->mockActionRequest = new ActionRequest($httpRequest); $this->mockActionRequest->setControllerObjectName('TYPO3\\Flow\\Tests\\Functional\\Security\\Fixtures\\Controller\\AuthenticationController'); $this->securityContext->setRequest($this->mockActionRequest); }
/** * @test */ public function evaluateIgnoresPackagePropertyIfAResourcePathIsGiven() { $this->mockTsRuntime->expects($this->any())->method('evaluate')->will($this->returnCallback(function ($evaluatePath, $that) { $relativePath = str_replace('resourceUri/test/', '', $evaluatePath); switch ($relativePath) { case 'path': return 'resource://Some.Package/Public/SomeResource'; case 'package': return 'Specified.Package'; } return null; })); $this->mockActionRequest->expects($this->any())->method('getControllerPackageKey')->will($this->returnValue('Current.Package')); $this->mockResourceManager->expects($this->atLeastOnce())->method('getPublicPackageResourceUri')->will($this->returnValue('Static/Resources/Packages/Some.Package/SomeResource')); $this->assertSame('Static/Resources/Packages/Some.Package/SomeResource', $this->resourceUriImplementation->evaluate()); }
/** * @test */ public function processRequestInjectsSettingsToView() { $this->actionController = $this->getAccessibleMock(\TYPO3\Flow\Mvc\Controller\ActionController::class, array('resolveActionMethodName', 'initializeActionMethodArguments', 'initializeActionMethodValidators', 'resolveView', 'callActionMethod')); $this->inject($this->actionController, 'objectManager', $this->mockObjectManager); $this->inject($this->actionController, 'controllerContext', $this->mockControllerContext); $mockSettings = array('foo', 'bar'); $this->inject($this->actionController, 'settings', $mockSettings); $mockMvcPropertyMappingConfigurationService = $this->createMock(\TYPO3\Flow\Mvc\Controller\MvcPropertyMappingConfigurationService::class); $this->inject($this->actionController, 'mvcPropertyMappingConfigurationService', $mockMvcPropertyMappingConfigurationService); $mockHttpRequest = $this->getMockBuilder(\TYPO3\Flow\Http\Request::class)->disableOriginalConstructor()->getMock(); $mockHttpRequest->expects($this->any())->method('getNegotiatedMediaType')->will($this->returnValue('*/*')); $this->mockRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($mockHttpRequest)); $mockResponse = $this->createMock(\TYPO3\Flow\Http\Response::class); $mockView = $this->createMock(\TYPO3\Flow\Mvc\View\ViewInterface::class); $mockView->expects($this->once())->method('assign')->with('settings', $mockSettings); $this->actionController->expects($this->once())->method('resolveView')->will($this->returnValue($mockView)); $this->actionController->processRequest($this->mockRequest, $mockResponse); }
/** * @test * @expectedException \TYPO3\Flow\Mvc\Exception\RequiredArgumentMissingException */ public function mapRequestArgumentsToControllerArgumentsThrowsExceptionIfRequiredArgumentWasNotSet() { $mockPropertyMapper = $this->getMock('TYPO3\\Flow\\Property\\PropertyMapper', array('convert'), array(), '', FALSE); $mockPropertyMapper->expects($this->atLeastOnce())->method('convert')->will($this->returnArgument(0)); $controllerArguments = new Arguments(); $controllerArguments->addNewArgument('foo', 'string', TRUE); $controllerArguments->addNewArgument('baz', 'string', TRUE); foreach ($controllerArguments as $controllerArgument) { $this->inject($controllerArgument, 'propertyMapper', $mockPropertyMapper); } $controller = $this->getAccessibleMock('TYPO3\\Flow\\Mvc\\Controller\\AbstractController', array('processRequest')); $controller->_call('initializeController', $this->mockActionRequest, $this->mockHttpResponse); $controller->_set('arguments', $controllerArguments); $this->mockActionRequest->expects($this->at(0))->method('hasArgument')->with('foo')->will($this->returnValue(TRUE)); $this->mockActionRequest->expects($this->at(1))->method('getArgument')->with('foo')->will($this->returnValue('bar')); $this->mockActionRequest->expects($this->at(2))->method('hasArgument')->with('baz')->will($this->returnValue(FALSE)); $controller->_call('mapRequestArgumentsToControllerArguments'); }
/** * @test * @expectedException \TYPO3\Flow\Mvc\Exception\RequiredArgumentMissingException */ public function mapRequestArgumentsToControllerArgumentsThrowsExceptionIfRequiredArgumentWasNotSet() { $mockPropertyMapper = $this->getMockBuilder(\TYPO3\Flow\Property\PropertyMapper::class)->disableOriginalConstructor()->setMethods(array('convert'))->getMock(); $mockPropertyMapper->expects($this->atLeastOnce())->method('convert')->will($this->returnArgument(0)); $controllerArguments = new Arguments(); $controllerArguments->addNewArgument('foo', 'string', true); $controllerArguments->addNewArgument('baz', 'string', true); foreach ($controllerArguments as $controllerArgument) { $this->inject($controllerArgument, 'propertyMapper', $mockPropertyMapper); } $controller = $this->getAccessibleMock(\TYPO3\Flow\Mvc\Controller\AbstractController::class, array('processRequest')); $controller->_call('initializeController', $this->mockActionRequest, $this->mockHttpResponse); $controller->_set('arguments', $controllerArguments); $this->mockActionRequest->expects($this->at(0))->method('hasArgument')->with('foo')->will($this->returnValue(true)); $this->mockActionRequest->expects($this->at(1))->method('getArgument')->with('foo')->will($this->returnValue('bar')); $this->mockActionRequest->expects($this->at(2))->method('hasArgument')->with('baz')->will($this->returnValue(false)); $controller->_call('mapRequestArgumentsToControllerArguments'); }