public function setUp() { $this->mockSecurityContext = $this->getMockBuilder(Context::class)->disableOriginalConstructor()->getMock(); $this->mockSecurityContext->expects($this->any())->method('withoutAuthorizationChecks')->will($this->returnCallback(function ($callback) { return $callback->__invoke(); })); }
/** * @test */ public function handleSetsRequestInSecurityContext() { $this->mockHttpRequest->expects($this->any())->method('getArguments')->will($this->returnValue([])); $this->mockPropertyMapper->expects($this->any())->method('convert')->with('', 'array', $this->mockPropertyMappingConfiguration)->will($this->returnValue([])); $this->mockSecurityContext->expects($this->once())->method('setRequest')->with($this->mockActionRequest); $this->dispatchComponent->handle($this->mockComponentContext); }
/** * @test * @todo adjust when AfterInvocationInterceptor is used again */ public function enforcePolicyDoesNotInvokeInterceptorIfAuthorizationChecksAreDisabled() { $this->mockAdviceChain->expects($this->once())->method('proceed')->with($this->mockJoinPoint); $this->mockJoinPoint->expects($this->once())->method('getAdviceChain')->will($this->returnValue($this->mockAdviceChain)); $this->mockSecurityContext->expects($this->atLeastOnce())->method('areAuthorizationChecksDisabled')->will($this->returnValue(true)); $this->mockPolicyEnforcementInterceptor->expects($this->never())->method('invoke'); $this->policyEnforcementAspect->enforcePolicy($this->mockJoinPoint); }
/** * @test */ public function csrfTokenFieldIsRenderedForUnsafeRequests() { /** @var FormViewHelper|\PHPUnit_Framework_MockObject_MockObject $viewHelper */ $viewHelper = $this->getAccessibleMock(\Neos\FluidAdaptor\ViewHelpers\FormViewHelper::class, null, array(), '', false); $this->injectDependenciesIntoViewHelper($viewHelper); $this->securityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(true)); $this->mockAuthenticationManager->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $this->securityContext->expects($this->atLeastOnce())->method('getCsrfProtectionToken')->will($this->returnValue('CSRFTOKEN')); $this->assertEquals('<input type="hidden" name="__csrfToken" value="CSRFTOKEN" />' . chr(10), $viewHelper->_call('renderCsrfTokenField')); }
/** * @test */ public function isPrivilegeTargetGrantedReturnsTrueIfThereIsNoDenyVoteAndOneGrantVote() { $mockRole1 = $this->getMockBuilder(Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole1->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->abstainPrivilege)); $mockRole2 = $this->getMockBuilder(Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole2->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->grantPrivilege)); $mockRole3 = $this->getMockBuilder(Security\Policy\Role::class)->disableOriginalConstructor()->getMock(); $mockRole3->expects($this->any())->method('getPrivilegeForTarget')->will($this->returnValue($this->abstainPrivilege)); $this->mockSecurityContext->expects($this->any())->method('getRoles')->will($this->returnValue([$mockRole1, $mockRole2, $mockRole3])); $this->assertTrue($this->privilegeManager->isPrivilegeTargetGranted('somePrivilegeTargetIdentifier')); }
/** * @test */ public function logoutRefreshesTokensInSecurityContext() { $this->authenticationProviderManager = $this->getAccessibleMock(AuthenticationProviderManager::class, ['emitLoggedOut'], [], '', false); $this->inject($this->authenticationProviderManager, 'securityContext', $this->mockSecurityContext); $this->inject($this->authenticationProviderManager, 'session', $this->mockSession); $this->mockSession->expects($this->any())->method('canBeResumed')->will($this->returnValue(true)); $this->mockSession->expects($this->any())->method('isStarted')->will($this->returnValue(true)); $token = $this->getMockBuilder(TokenInterface::class)->disableOriginalConstructor()->getMock(); $token->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $this->mockSecurityContext->expects($this->any())->method('getAuthenticationTokens')->will($this->returnValue([$token])); $this->mockSecurityContext->expects($this->once())->method('refreshTokens'); $this->authenticationProviderManager->logout(); }
/** * @test */ public function handleInjectsActionRequestToSecurityContext() { $mockWidgetId = 'SomeWidgetId'; $mockControllerObjectName = 'SomeControllerObjectName'; $this->mockHttpRequest->expects($this->at(0))->method('hasArgument')->with('__widgetId')->will($this->returnValue(true)); $this->mockHttpRequest->expects($this->atLeastOnce())->method('getArgument')->with('__widgetId')->will($this->returnValue($mockWidgetId)); $mockWidgetContext = $this->getMockBuilder(\Neos\FluidAdaptor\Core\Widget\WidgetContext::class)->getMock(); $mockWidgetContext->expects($this->atLeastOnce())->method('getControllerObjectName')->will($this->returnValue($mockControllerObjectName)); $this->mockAjaxWidgetContextHolder->expects($this->atLeastOnce())->method('get')->with($mockWidgetId)->will($this->returnValue($mockWidgetContext)); $mockActionRequest = $this->getMockBuilder(\Neos\Flow\Mvc\ActionRequest::class)->disableOriginalConstructor()->getMock(); $this->mockObjectManager->expects($this->atLeastOnce())->method('get')->with(\Neos\Flow\Mvc\ActionRequest::class)->will($this->returnValue($mockActionRequest)); $this->mockSecurityContext->expects($this->once())->method('setRequest')->with($mockActionRequest); $this->ajaxWidgetComponent->handle($this->mockComponentContext); }
/** * @test */ public function dispatchCallsStartAuthenticationOnAllActiveEntryPoints() { $this->mockActionRequest->expects($this->any())->method('isDispatched')->will($this->returnValue(true)); $mockAuthenticationToken1 = $this->getMockBuilder(TokenInterface::class)->getMock(); $mockEntryPoint1 = $this->getMockBuilder(EntryPointInterface::class)->getMock(); $mockAuthenticationToken1->expects($this->any())->method('getAuthenticationEntryPoint')->will($this->returnValue($mockEntryPoint1)); $mockAuthenticationToken2 = $this->getMockBuilder(TokenInterface::class)->getMock(); $mockEntryPoint2 = $this->getMockBuilder(EntryPointInterface::class)->getMock(); $mockAuthenticationToken2->expects($this->any())->method('getAuthenticationEntryPoint')->will($this->returnValue($mockEntryPoint2)); $this->mockSecurityContext->expects($this->atLeastOnce())->method('getAuthenticationTokens')->will($this->returnValue([$mockAuthenticationToken1, $mockAuthenticationToken2])); $this->mockFirewall->expects($this->once())->method('blockIllegalRequests')->will($this->throwException(new AuthenticationRequiredException())); $mockEntryPoint1->expects($this->once())->method('startAuthentication')->with($this->mockHttpRequest, $this->mockHttpResponse); $mockEntryPoint2->expects($this->once())->method('startAuthentication')->with($this->mockHttpRequest, $this->mockHttpResponse); try { $this->dispatcher->dispatch($this->mockActionRequest, $this->mockHttpResponse); } catch (AuthenticationRequiredException $exception) { } }
/** * @test */ public function viewHelperHandlesPackageKeyAttributeCorrectly() { $this->mockSecurityContext->expects($this->any())->method('hasRole')->will($this->returnCallback(function ($role) { switch ($role) { case 'Neos.FluidAdaptor:Administrator': return true; case 'Neos.FluidAdaptor:User': return false; } })); $this->mockViewHelper->expects($this->any())->method('renderThenChild')->will($this->returnValue('true')); $this->mockViewHelper->expects($this->any())->method('renderElseChild')->will($this->returnValue('false')); $arguments = ['role' => new Role('Neos.FluidAdaptor:Administrator'), 'account' => null]; $this->mockViewHelper->setArguments($arguments); $actualResult = $this->mockViewHelper->render(); $this->assertEquals('true', $actualResult, 'Full role identifier in role argument is accepted'); $arguments = ['role' => new Role('Neos.FluidAdaptor:User'), 'packageKey' => 'Neos.FluidAdaptor', 'account' => null]; $this->mockViewHelper->setArguments($arguments); $actualResult = $this->mockViewHelper->render(); $this->assertEquals('false', $actualResult); }
/** * @test */ public function shutdownCreatesSpecialDataEntryForSessionWithAuthenticatedAccounts() { $session = new Session(); $this->inject($session, 'bootstrap', $this->mockBootstrap); $this->inject($session, 'objectManager', $this->mockObjectManager); $this->inject($session, 'settings', $this->settings); $this->inject($session, 'metaDataCache', $this->createCache('Meta')); $this->inject($session, 'storageCache', $this->createCache('Storage')); $session->initializeObject(); $session->start(); $account = new Account(); $account->setAccountIdentifier('admin'); $account->setAuthenticationProviderName('MyProvider'); $token = new UsernamePassword(); $token->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $token->setAccount($account); $this->mockSecurityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(true)); $this->mockSecurityContext->expects($this->any())->method('getAuthenticationTokens')->will($this->returnValue([$token])); $session->close(); $this->httpRequest->setCookie($this->httpResponse->getCookie('TYPO3_Flow_Session')); $session->resume(); $this->assertEquals(['MyProvider:admin'], $session->getData('TYPO3_Flow_Security_Accounts')); }
/** * @test */ public function initializeSeparatesActiveAndInactiveTokens() { $this->securityContext->expects($this->once())->method('separateActiveAndInactiveTokens'); $this->securityContext->initialize(); }
/** * @test */ public function authenticatingAnUsernamePasswordTokenFetchesAccountWithDisabledAuthorization() { $this->mockToken->expects($this->once())->method('getCredentials')->will($this->returnValue(array('username' => 'admin', 'password' => 'password'))); $this->mockSecurityContext->expects($this->once())->method('withoutAuthorizationChecks'); $this->persistedUsernamePasswordProvider->authenticate($this->mockToken); }