/** * Sets up this test case */ public function setUp() { $this->securityContext = $this->getAccessibleMock(\TYPO3\Flow\Security\Context::class, array('separateActiveAndInactiveTokens')); $this->mockAuthenticationManager = $this->getMock(\TYPO3\Flow\Security\Authentication\AuthenticationManagerInterface::class); $this->mockAuthenticationManager->expects($this->any())->method('getTokens')->will($this->returnValue(array())); $this->securityContext->injectAuthenticationManager($this->mockAuthenticationManager); $this->mockActionRequest = $this->getMockBuilder(\TYPO3\Flow\Mvc\ActionRequest::class)->disableOriginalConstructor()->getMock(); $this->securityContext->setRequest($this->mockActionRequest); }
/** * @test */ public function csrfTokenFieldIsRenderedForUnsafeRequests() { /** @var FormViewHelper|\PHPUnit_Framework_MockObject_MockObject $viewHelper */ $viewHelper = $this->getAccessibleMock(\TYPO3\Fluid\ViewHelpers\FormViewHelper::class, null, array(), '', false); $this->injectDependenciesIntoViewHelper($viewHelper); $this->securityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(true)); $this->mockAuthenticationManager->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $this->securityContext->expects($this->atLeastOnce())->method('getCsrfProtectionToken')->will($this->returnValue('CSRFTOKEN')); $this->assertEquals('<input type="hidden" name="__csrfToken" value="CSRFTOKEN" />' . chr(10), $viewHelper->_call('renderCsrfTokenField')); }