/** * Tests the processOutbound() method with two parameter replacements. */ public function testProcessOutboundDynamicTwo() { $this->csrfToken->expects($this->once())->method('get')->with('100/test-path/test')->will($this->returnValue('test_token')); $route = new Route('{slug_1}/test-path/{slug_2}', array(), array('_csrf_token' => 'TRUE')); $parameters = array('slug_1' => 100, 'slug_2' => 'test'); $this->assertNull($this->processor->processOutbound('test', $route, $parameters)); }
/** * Tests the access() method with an invalid token. */ public function testAccessTokenFail() { $this->csrfToken->expects($this->once())->method('validate')->with('test_query', 'test-path')->will($this->returnValue(FALSE)); $this->routeMatch->expects($this->once())->method('getRawParameters')->will($this->returnValue(array())); $route = new Route('/test-path', array(), array('_csrf_token' => 'TRUE')); $request = Request::create('/test-path?token=test_query'); $this->assertEquals(AccessResult::forbidden()->setCacheable(FALSE), $this->accessCheck->access($route, $request, $this->routeMatch)); }
/** * Tests the processOutbound() method with two parameter replacements. */ public function testProcessOutboundDynamicTwo() { $this->csrfToken->expects($this->once())->method('get')->with('100/test-path/test')->will($this->returnValue('test_token')); $route = new Route('{slug_1}/test-path/{slug_2}', array(), array('_csrf_token' => 'TRUE')); $parameters = array('slug_1' => 100, 'slug_2' => 'test'); $cacheable_metadata = new CacheableMetadata(); $this->processor->processOutbound('test', $route, $parameters, $cacheable_metadata); // Cacheability of routes with a _csrf_token route requirement is max-age=0. $this->assertEquals((new CacheableMetadata())->setCacheMaxAge(0), $cacheable_metadata); }
/** * Tests the processOutbound() method with no _csrf_token route requirement. */ public function testProcessOutboundNoRequirement() { $this->csrfToken->expects($this->never())->method('get'); $route = new Route('/test-path'); $parameters = array(); $bubbleable_metadata = new BubbleableMetadata(); $this->processor->processOutbound('test', $route, $parameters, $bubbleable_metadata); // No parameters should be added to the parameters array. $this->assertEmpty($parameters); // Cacheability of routes without a _csrf_token route requirement is // unaffected. $this->assertEquals(new BubbleableMetadata(), $bubbleable_metadata); }
/** * @covers ::setCache */ public function testSetCacheAuthUser() { $form_build_id = 'the_form_build_id'; $form = []; $form_state = new FormState(); $cache_token = 'the_cache_token'; $form_data = $form; $form_data['#cache_token'] = $cache_token; $this->formCacheStore->expects($this->once()) ->method('setWithExpire') ->with($form_build_id, $form_data, $this->isType('int')); $form_state_data = $form_state->getCacheableArray(); $form_state_data['build_info']['safe_strings'] = []; $this->formStateCacheStore->expects($this->once()) ->method('setWithExpire') ->with($form_build_id, $form_state_data, $this->isType('int')); $this->csrfToken->expects($this->once()) ->method('get') ->willReturn($cache_token); $this->account->expects($this->once()) ->method('isAuthenticated') ->willReturn(TRUE); $this->formCache->setCache($form_build_id, $form, $form_state); }
/** * Tests the access() method with no _controller_request attribute set. * * This will use the 'ALL' access conjunction. */ public function testAccessTokenMissAll() { $this->csrfToken->expects($this->never())->method('validate'); $route = new Route('/test-path', array(), array('_csrf_token' => 'TRUE'), array('_access_mode' => 'ALL')); $request = new Request(array('token' => 'test_query')); $this->assertSame(AccessInterface::ALLOW, $this->accessCheck->access($route, $request, $this->account)); }
/** * @covers ::validateForm */ public function testValidateValidFormToken() { $request_stack = new RequestStack(); $this->csrfToken->expects($this->once())->method('validate')->will($this->returnValue(TRUE)); $form_validator = $this->getMockBuilder('Drupal\\Core\\Form\\FormValidator')->setConstructorArgs([$request_stack, $this->getStringTranslationStub(), $this->csrfToken, $this->logger, $this->formErrorHandler])->setMethods(array('doValidateForm'))->getMock(); $form_validator->expects($this->once())->method('doValidateForm'); $form['#token'] = 'test_form_id'; $form_state = $this->getMockBuilder('Drupal\\Core\\Form\\FormState')->setMethods(array('setErrorByName'))->getMock(); $form_state->expects($this->never())->method('setErrorByName'); $form_state->setValue('form_token', 'some_random_token'); $form_validator->validateForm('test_form_id', $form, $form_state); $this->assertTrue($form_state->isValidationComplete()); }