public function setUp() { $this->mockSecurityContext = $this->getMockBuilder(Context::class)->disableOriginalConstructor()->getMock(); $this->mockSecurityContext->expects($this->any())->method('withoutAuthorizationChecks')->will($this->returnCallback(function ($callback) { return $callback->__invoke(); })); }
/** * @test */ public function handleSetsRequestInSecurityContext() { $this->mockHttpRequest->expects($this->any())->method('getArguments')->will($this->returnValue(array())); $this->mockPropertyMapper->expects($this->any())->method('convert')->with('', 'array', $this->mockPropertyMappingConfiguration)->will($this->returnValue(array())); $this->mockSecurityContext->expects($this->once())->method('setRequest')->with($this->mockActionRequest); $this->dispatchComponent->handle($this->mockComponentContext); }
/** * @test */ public function getUserWorkspaceNameReturnsTheUsersWorkspaceNameIfAUserIsLoggedIn() { $mockAccount = $this->getMockBuilder('TYPO3\\Flow\\Security\\Account')->disableOriginalConstructor()->getMock(); $mockAccount->expects($this->atLeastOnce())->method('getAccountIdentifier')->will($this->returnValue('The UserName')); $this->mockSecurityContext->expects($this->atLeastOnce())->method('getAccount')->will($this->returnValue($mockAccount)); $this->assertSame('user-TheUserName', $this->userService->getUserWorkspaceName()); }
/** * @test * @todo adjust when AfterInvocationInterceptor is used again */ public function enforcePolicyDoesNotInvokeInterceptorIfAuthorizationChecksAreDisabled() { $this->mockAdviceChain->expects($this->once())->method('proceed')->with($this->mockJoinPoint); $this->mockJoinPoint->expects($this->once())->method('getAdviceChain')->will($this->returnValue($this->mockAdviceChain)); $this->mockSecurityContext->expects($this->atLeastOnce())->method('areAuthorizationChecksDisabled')->will($this->returnValue(true)); $this->mockPolicyEnforcementInterceptor->expects($this->never())->method('invoke'); $this->policyEnforcementAspect->enforcePolicy($this->mockJoinPoint); }
/** * @test */ public function csrfTokenFieldIsRenderedForUnsafeRequests() { /** @var FormViewHelper|\PHPUnit_Framework_MockObject_MockObject $viewHelper */ $viewHelper = $this->getAccessibleMock(\TYPO3\Fluid\ViewHelpers\FormViewHelper::class, null, array(), '', false); $this->injectDependenciesIntoViewHelper($viewHelper); $this->securityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(true)); $this->mockAuthenticationManager->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $this->securityContext->expects($this->atLeastOnce())->method('getCsrfProtectionToken')->will($this->returnValue('CSRFTOKEN')); $this->assertEquals('<input type="hidden" name="__csrfToken" value="CSRFTOKEN" />' . chr(10), $viewHelper->_call('renderCsrfTokenField')); }
/** * @test */ public function isPrivilegeTargetGrantedReturnsTrueIfThereIsNoDenyVoteAndOneGrantVote() { $mockRole1 = $this->getMockBuilder(\TYPO3\Flow\Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole1->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->abstainPrivilege)); $mockRole2 = $this->getMockBuilder(\TYPO3\Flow\Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole2->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->grantPrivilege)); $mockRole3 = $this->getMockBuilder(\TYPO3\Flow\Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole3->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->abstainPrivilege)); $this->mockSecurityContext->expects($this->any())->method('getRoles')->will($this->returnValue(array($mockRole1, $mockRole2, $mockRole3))); $this->assertTrue($this->privilegeManager->isPrivilegeTargetGranted('somePrivilegeTargetIdentifier')); }
/** * @test */ public function logoutRefreshesTokensInSecurityContext() { $this->authenticationProviderManager = $this->getAccessibleMock(\TYPO3\Flow\Security\Authentication\AuthenticationProviderManager::class, array('emitLoggedOut'), array(), '', false); $this->inject($this->authenticationProviderManager, 'securityContext', $this->mockSecurityContext); $this->inject($this->authenticationProviderManager, 'session', $this->mockSession); $this->mockSession->expects($this->any())->method('canBeResumed')->will($this->returnValue(true)); $this->mockSession->expects($this->any())->method('isStarted')->will($this->returnValue(true)); $token = $this->createMock(\TYPO3\Flow\Security\Authentication\TokenInterface::class); $token->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $this->mockSecurityContext->expects($this->any())->method('getAuthenticationTokens')->will($this->returnValue(array($token))); $this->mockSecurityContext->expects($this->once())->method('refreshTokens'); $this->authenticationProviderManager->logout(); }
/** * @test */ public function handleInjectsActionRequestToSecurityContext() { $mockWidgetId = 'SomeWidgetId'; $mockControllerObjectName = 'SomeControllerObjectName'; $this->mockHttpRequest->expects($this->at(0))->method('hasArgument')->with('__widgetId')->will($this->returnValue(true)); $this->mockHttpRequest->expects($this->atLeastOnce())->method('getArgument')->with('__widgetId')->will($this->returnValue($mockWidgetId)); $mockWidgetContext = $this->getMockBuilder(\TYPO3\Fluid\Core\Widget\WidgetContext::class)->getMock(); $mockWidgetContext->expects($this->atLeastOnce())->method('getControllerObjectName')->will($this->returnValue($mockControllerObjectName)); $this->mockAjaxWidgetContextHolder->expects($this->atLeastOnce())->method('get')->with($mockWidgetId)->will($this->returnValue($mockWidgetContext)); $mockActionRequest = $this->getMockBuilder(\TYPO3\Flow\Mvc\ActionRequest::class)->disableOriginalConstructor()->getMock(); $this->mockObjectManager->expects($this->atLeastOnce())->method('get')->with(\TYPO3\Flow\Mvc\ActionRequest::class)->will($this->returnValue($mockActionRequest)); $this->mockSecurityContext->expects($this->once())->method('setRequest')->with($mockActionRequest); $this->ajaxWidgetComponent->handle($this->mockComponentContext); }
/** * @test */ public function renderAddsDefaultFieldNamePrefixToTemplateVariableContainerIfNoPrefixIsSpecifiedAndUseParentRequestArgumentIsSet() { $expectedPrefix = 'parentRequestsPrefix'; $mockParentRequest = $this->getMock('TYPO3\\Flow\\Mvc\\ActionRequest', array(), array(), '', FALSE); $mockParentRequest->expects($this->once())->method('getArgumentNamespace')->will($this->returnValue($expectedPrefix)); $mockSubRequest = $this->getMock('TYPO3\\Flow\\Mvc\\ActionRequest', array(), array(), '', FALSE); $mockSubRequest->expects($this->once())->method('getParentRequest')->will($this->returnValue($mockParentRequest)); $viewHelper = $this->getAccessibleMock('TYPO3\\Fluid\\ViewHelpers\\FormViewHelper', array('getFormActionUri', 'renderChildren', 'renderHiddenIdentityField', 'renderHiddenReferrerFields', 'addFormFieldNamesToViewHelperVariableContainer', 'removeFormFieldNamesFromViewHelperVariableContainer', 'addEmptyHiddenFieldNamesToViewHelperVariableContainer', 'removeEmptyHiddenFieldNamesFromViewHelperVariableContainer', 'renderEmptyHiddenFields', 'renderTrustedPropertiesField'), array(), '', FALSE); $this->arguments['useParentRequest'] = TRUE; $this->controllerContext = $this->getMock('TYPO3\\Flow\\Mvc\\Controller\\ControllerContext', array(), array(), '', FALSE); $this->controllerContext->expects($this->once())->method('getRequest')->will($this->returnValue($mockSubRequest)); $this->renderingContext->setControllerContext($this->controllerContext); $this->injectDependenciesIntoViewHelper($viewHelper); $this->securityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(FALSE)); $this->viewHelperVariableContainer->expects($this->once())->method('add')->with('TYPO3\\Fluid\\ViewHelpers\\FormViewHelper', 'fieldNamePrefix', $expectedPrefix); $viewHelper->render('index'); }
/** * @test */ public function dispatchCallsStartAuthenticationOnAllActiveEntryPoints() { $this->mockActionRequest->expects($this->any())->method('isDispatched')->will($this->returnValue(TRUE)); $mockAuthenticationToken1 = $this->getMockBuilder(\TYPO3\Flow\Security\Authentication\TokenInterface::class)->getMock(); $mockEntryPoint1 = $this->getMockBuilder(\TYPO3\Flow\Security\Authentication\EntryPointInterface::class)->getMock(); $mockAuthenticationToken1->expects($this->any())->method('getAuthenticationEntryPoint')->will($this->returnValue($mockEntryPoint1)); $mockAuthenticationToken2 = $this->getMockBuilder(\TYPO3\Flow\Security\Authentication\TokenInterface::class)->getMock(); $mockEntryPoint2 = $this->getMockBuilder(\TYPO3\Flow\Security\Authentication\EntryPointInterface::class)->getMock(); $mockAuthenticationToken2->expects($this->any())->method('getAuthenticationEntryPoint')->will($this->returnValue($mockEntryPoint2)); $this->mockSecurityContext->expects($this->atLeastOnce())->method('getAuthenticationTokens')->will($this->returnValue(array($mockAuthenticationToken1, $mockAuthenticationToken2))); $this->mockFirewall->expects($this->once())->method('blockIllegalRequests')->will($this->throwException(new AuthenticationRequiredException())); $mockEntryPoint1->expects($this->once())->method('startAuthentication')->with($this->mockHttpRequest, $this->mockHttpResponse); $mockEntryPoint2->expects($this->once())->method('startAuthentication')->with($this->mockHttpRequest, $this->mockHttpResponse); try { $this->dispatcher->dispatch($this->mockActionRequest, $this->mockHttpResponse); } catch (AuthenticationRequiredException $exception) { } }
/** * @test */ public function shutdownCreatesSpecialDataEntryForSessionWithAuthenticatedAccounts() { $session = new Session(); $this->inject($session, 'bootstrap', $this->mockBootstrap); $this->inject($session, 'objectManager', $this->mockObjectManager); $this->inject($session, 'settings', $this->settings); $this->inject($session, 'metaDataCache', $this->createCache('Meta')); $this->inject($session, 'storageCache', $this->createCache('Storage')); $session->initializeObject(); $session->start(); $account = new Account(); $account->setAccountIdentifier('admin'); $account->setAuthenticationProviderName('MyProvider'); $token = new UsernamePassword(); $token->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $token->setAccount($account); $this->mockSecurityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(TRUE)); $this->mockSecurityContext->expects($this->any())->method('getAuthenticationTokens')->will($this->returnValue(array($token))); $session->close(); $this->httpRequest->setCookie($this->httpResponse->getCookie('TYPO3_Flow_Session')); $session->resume(); $this->assertEquals(array('MyProvider:admin'), $session->getData('TYPO3_Flow_Security_Accounts')); }
/** * @test */ public function initializeSeparatesActiveAndInactiveTokens() { $this->securityContext->expects($this->once())->method('separateActiveAndInactiveTokens'); $this->securityContext->initialize(); }
/** * @test */ public function authenticatingAnUsernamePasswordTokenFetchesAccountWithDisabledAuthorization() { $this->mockToken->expects($this->once())->method('getCredentials')->will($this->returnValue(array('username' => 'admin', 'password' => 'password'))); $this->mockSecurityContext->expects($this->once())->method('withoutAuthorizationChecks'); $this->persistedUsernamePasswordProvider->authenticate($this->mockToken); }