public function __construct($request = null, $response = null)
{
$request->webroot = '/';
Router::setRequestInfo($request);
parent::__construct($request, $response);
}
/**
* construct method
*/
public function __construct($request = null, $response = null)
{
$request->addParams(Router::parse('/auth_test'));
$request->here = '/auth_test';
$request->webroot = '/';
Router::setRequestInfo($request);
parent::__construct($request, $response);
}
/**
* Filters the BrowserKit request to the cake one.
*
* @param \Symfony\Component\BrowserKit\Request $request BrowserKit request.
* @return \Cake\Network\Request Cake request.
*/
protected function filterRequest(\Symfony\Component\BrowserKit\Request $request)
{
$url = preg_replace('/^https?:\\/\\/[a-z0-9\\-\\.]+/', '', $request->getUri());
$_ENV = $environment = ['REQUEST_METHOD' => $request->getMethod()] + $request->getServer();
$props = ['url' => $url, 'post' => (array) $request->getParameters(), 'files' => (array) $request->getFiles(), 'cookies' => (array) $request->getCookies(), 'session' => $this->getSession(), 'environment' => $environment];
$this->cake['request'] = new Request($props);
// set params
Router::setRequestInfo($this->cake['request']);
$this->cake['request']->params = Router::parse($url);
return $this->cake['request'];
}
/**
* Applies Routing and additionalParameters to the request to be dispatched.
* If Routes have not been loaded they will be loaded, and config/routes.php will be run.
*
* @param \Cake\Event\Event $event containing the request, response and additional params
* @return void
*/
public function beforeDispatch(Event $event)
{
$request = $event->data['request'];
Router::setRequestInfo($request);
if (empty($request->params['controller'])) {
$params = Router::parse($request->url);
$request->addParams($params);
}
}
/**
* SetUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
Configure::write('App.namespace', 'TestApp');
Configure::delete('Passwordable');
Configure::write('Passwordable.auth', 'AuthTest');
$this->Users = TableRegistry::get('ToolsUsers');
$this->hasher = PasswordHasherFactory::build('Default');
Router::setRequestInfo(new Request());
}
/**
* setup create a request object to get out of router later.
*
* @return void
*/
public function setUp()
{
parent::setUp();
Router::reload();
$request = new Request();
$request->base = '';
Router::setRequestInfo($request);
Configure::write('debug', true);
$this->_logger = $this->getMock('Psr\\Log\\LoggerInterface');
Log::reset();
Log::config('error_test', ['engine' => $this->_logger]);
}
/**
* setup
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->request = new Request('posts/index');
Router::setRequestInfo($this->request);
$this->response = $this->getMock('Cake\\Network\\Response');
Security::salt('somerandomhaskeysomerandomhaskey');
$this->Registry = new ComponentRegistry(new Controller($this->request, $this->response));
$this->Registry->load('Cookie');
$this->Registry->load('Auth');
$this->auth = new CookieAuthenticate($this->Registry, ['fields' => ['username' => 'user_name', 'password' => 'password'], 'userModel' => 'MultiUsers']);
$password = password_hash('password', PASSWORD_DEFAULT);
$MultiUsers = TableRegistry::get('MultiUsers');
$MultiUsers->updateAll(['password' => $password], []);
}
/**
* SetUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
Configure::write('App.namespace', 'TestApp');
Configure::delete('Passwordable');
Configure::write('Passwordable.auth', 'AuthTest');
$this->Users = TableRegistry::get('ToolsUsers');
$this->hasher = PasswordHasherFactory::build('Default');
$user = $this->Users->newEntity();
$data = ['id' => '5', 'name' => 'admin', 'password' => $this->hasher->hash('somepwd'), 'role_id' => '1'];
$this->Users->patchEntity($user, $data);
$result = $this->Users->save($user);
$this->assertTrue((bool) $result);
Router::setRequestInfo(new Request());
}
/**
* setup
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->request = new Request('posts/index');
Router::setRequestInfo($this->request);
$this->response = $this->getMock('Cake\\Network\\Response');
Security::salt('Xety-Cake3CookieAuth_Xety-Cake3CookieAuth');
$this->registry = new ComponentRegistry(new Controller($this->request, $this->response));
$this->registry->load('Cookie');
$this->registry->load('Auth');
$this->auth = new CookieAuthenticate($this->registry);
$password = password_hash('password', PASSWORD_DEFAULT);
$Users = TableRegistry::get('Users');
$Users->updateAll(['password' => $password], []);
}
/**
* Applies Routing and additionalParameters to the request to be dispatched.
* If Routes have not been loaded they will be loaded, and config/routes.php will be run.
*
* @param \Cake\Event\Event $event containing the request, response and additional params
* @return void|Cake\Network\Response A response will be returned when a redirect route is encountered.
*/
public function beforeDispatch(Event $event)
{
$request = $event->data['request'];
Router::setRequestInfo($request);
try {
if (empty($request->params['controller'])) {
$params = Router::parse($request->url);
$request->addParams($params);
}
} catch (RedirectException $e) {
$response = $event->data['response'];
$response->statusCode($e->getCode());
$response->header('Location', $e->getMessage());
return $response;
}
}
/**
* test that the beforeRedirect callback properly converts
* array URLs into their correct string ones, and adds base => false so
* the correct URLs are generated.
*
* @link https://cakephp.lighthouseapp.com/projects/42648-cakephp-1x/tickets/276
* @return void
* @triggers Controller.beforeRender $this->Controller
*/
public function testBeforeRedirectCallbackWithArrayUrl()
{
Configure::write('App.namespace', 'TestApp');
Router::connect('/:controller/:action/*');
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';
$event = new Event('Controller.beforeRender', $this->Controller);
Router::setRequestInfo([['plugin' => null, 'controller' => 'accounts', 'action' => 'index', 'pass' => []], ['base' => '', 'here' => '/accounts/', 'webroot' => '/']]);
$RequestHandler = new RequestHandlerComponent($this->Controller->components());
$RequestHandler->request = new Request('posts/index');
$RequestHandler->response = $this->Controller->response;
ob_start();
$RequestHandler->beforeRedirect($event, ['controller' => 'RequestHandlerTest', 'action' => 'param_method', 'first', 'second'], $this->Controller->response);
$result = ob_get_clean();
$this->assertEquals('one: first two: second', $result);
}
/**
* test that the returned URL doesn't contain the base URL.
*
* @see https://cakephp.lighthouseapp.com/projects/42648/tickets/3922-authcomponentredirecturl-prepends-appbaseurl
*
* @return void This test method doesn't return anything.
*/
public function testRedirectUrlWithBaseSet()
{
$App = Configure::read('App');
Configure::write('App', ['dir' => APP_DIR, 'webroot' => 'webroot', 'base' => false, 'baseUrl' => '/cake/index.php']);
$url = '/users/login';
$this->Auth->request = $this->Controller->request = new Request($url);
$this->Auth->request->addParams(Router::parse($url));
$this->Auth->request->url = Router::normalize($url);
Router::setRequestInfo($this->Auth->request);
$this->Auth->config('loginAction', ['controller' => 'users', 'action' => 'login']);
$this->Auth->config('loginRedirect', ['controller' => 'users', 'action' => 'home']);
$result = $this->Auth->redirectUrl();
$this->assertEquals('/users/home', $result);
$this->assertFalse($this->Auth->session->check('Auth.redirect'));
Configure::write('App', $App);
Router::reload();
}
/**
* Test that Router::url() uses the first request
*/
public function testUrlWithRequestAction()
{
Router::connect('/:controller', array('action' => 'index'));
Router::connect('/:controller/:action');
$firstRequest = new Request('/posts/index');
$firstRequest->addParams(array('plugin' => null, 'controller' => 'posts', 'action' => 'index'))->addPaths(array('base' => ''));
$secondRequest = new Request('/posts/index');
$secondRequest->addParams(array('requested' => 1, 'plugin' => null, 'controller' => 'comments', 'action' => 'listing'))->addPaths(array('base' => ''));
Router::setRequestInfo($firstRequest);
Router::setRequestInfo($secondRequest);
$result = Router::url(array('_base' => false));
$this->assertEquals('/comments/listing', $result, 'with second requests, the last should win.');
Router::popRequest();
$result = Router::url(array('_base' => false));
$this->assertEquals('/posts', $result, 'with second requests, the last should win.');
// Make sure that popping an empty request doesn't fail.
Router::popRequest();
}
/**
* Test that requestAction() is populates the base and webroot properties properly
*
* @return void
*/
public function testRequestActionBaseAndWebroot()
{
$request = new Request(['base' => '/subdir', 'webroot' => '/subdir/']);
Router::setRequestInfo($request);
$result = $this->object->requestAction('/request_action/params_pass');
$result = json_decode($result, true);
$this->assertEquals($request->base, $result['base']);
$this->assertEquals($request->webroot, $result['webroot']);
}
/**
* Applies Routing and additionalParameters to the request to be dispatched.
* If Routes have not been loaded they will be loaded, and app/Config/routes.php will be run.
*
* @param \Cake\Event\Event $event containing the request, response and additional params
* @return void
*/
public function parseParams(Event $event)
{
$request = $event->data['request'];
Router::setRequestInfo($request);
if (empty($request->params['controller'])) {
$params = Router::parse($request->url);
$request->addParams($params);
}
if (!empty($event->data['additionalParams'])) {
$request->addParams($event->data['additionalParams']);
}
}
/**
* testNextLinkUsingDotNotation method
*
* @return void
*/
public function testNextLinkUsingDotNotation()
{
Router::setRequestInfo([['plugin' => null, 'controller' => 'accounts', 'action' => 'index', 'pass' => []], ['base' => '', 'here' => '/accounts/', 'webroot' => '/']]);
$this->Paginator->request->params['paging']['Article']['sort'] = 'Article.title';
$this->Paginator->request->params['paging']['Article']['direction'] = 'asc';
$this->Paginator->request->params['paging']['Article']['page'] = 1;
$test = ['url' => ['page' => '1', 'sort' => 'Article.title', 'direction' => 'asc']];
$this->Paginator->options($test);
$result = $this->Paginator->next('Next');
$expected = ['li' => ['class' => 'next'], 'a' => ['href' => '/accounts/index?page=2&sort=Article.title&direction=asc', 'rel' => 'next'], 'Next', '/a', '/li'];
$this->assertHtml($expected, $result);
}
/**
* testNextLinkUsingDotNotation method
*
* @return void
*/
public function testNextLinkUsingDotNotation()
{
Router::setRequestInfo(array(array('plugin' => null, 'controller' => 'accounts', 'action' => 'index', 'pass' => array()), array('base' => '', 'here' => '/accounts/', 'webroot' => '/')));
$this->Paginator->request->params['paging']['Article']['sort'] = 'Article.title';
$this->Paginator->request->params['paging']['Article']['direction'] = 'asc';
$this->Paginator->request->params['paging']['Article']['page'] = 1;
$test = array('url' => array('page' => '1', 'sort' => 'Article.title', 'direction' => 'asc'));
$this->Paginator->options($test);
$result = $this->Paginator->next('Next');
$expected = array('li' => array('class' => 'next'), 'a' => array('href' => '/accounts/index?page=2&sort=Article.title&direction=asc', 'rel' => 'next'), 'Next', '/a', '/li');
$this->assertTags($result, $expected);
}
/**
* test that error400 doesn't expose XSS
*
* @return void
*/
public function testError400NoInjection()
{
Router::reload();
$request = new Request('pages/<span id=333>pink</span></id><script>document.body.style.background = t=document.getElementById(333).innerHTML;window.alert(t);</script>');
Router::setRequestInfo($request);
$exception = new NotFoundException('Custom message');
$ExceptionRenderer = $this->_mockResponse(new ExceptionRenderer($exception));
$result = $ExceptionRenderer->render()->body();
$this->assertNotContains('<script>document', $result);
$this->assertNotContains('alert(t);</script>', $result);
}
