public function testGetCurrentUserWithWrongDAVUser() { $user = $this->getMockBuilder('\\OCP\\IUser')->disableOriginalConstructor()->getMock(); $user->expects($this->once())->method('getUID')->will($this->returnValue('MyWrongDavUser')); $this->userSession->expects($this->exactly(2))->method('getUser')->will($this->returnValue($user)); $this->session->expects($this->exactly(3))->method('get')->with('AUTHENTICATED_TO_DAV_BACKEND')->will($this->returnValue('AnotherUser')); $this->assertSame(null, $this->auth->getCurrentUser()); }
private function protectAgainstCSRF() { $user = $this->auth->getCurrentUser(); if ($this->auth->isDavAuthenticated($user)) { return true; } if ($this->request->passesCSRFCheck()) { return true; } throw new BadRequest(); }