CsrfAccessCheckTest.php in Zircon Profile 8
File
core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php
View source
<?php
namespace Drupal\Tests\Core\Access;
use Drupal\Core\Access\AccessResult;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Route;
use Drupal\Core\Access\CsrfAccessCheck;
use Drupal\Tests\UnitTestCase;
class CsrfAccessCheckTest extends UnitTestCase {
protected $csrfToken;
protected $accessCheck;
protected $routeMatch;
protected function setUp() {
$this->csrfToken = $this
->getMockBuilder('Drupal\\Core\\Access\\CsrfTokenGenerator')
->disableOriginalConstructor()
->getMock();
$this->routeMatch = $this
->getMock('Drupal\\Core\\Routing\\RouteMatchInterface');
$this->accessCheck = new CsrfAccessCheck($this->csrfToken);
}
public function testAccessTokenPass() {
$this->csrfToken
->expects($this
->once())
->method('validate')
->with('test_query', 'test-path/42')
->will($this
->returnValue(TRUE));
$this->routeMatch
->expects($this
->once())
->method('getRawParameters')
->will($this
->returnValue(array(
'node' => 42,
)));
$route = new Route('/test-path/{node}', array(), array(
'_csrf_token' => 'TRUE',
));
$request = Request::create('/test-path/42?token=test_query');
$this
->assertEquals(AccessResult::allowed()
->setCacheMaxAge(0), $this->accessCheck
->access($route, $request, $this->routeMatch));
}
public function testAccessTokenFail() {
$this->csrfToken
->expects($this
->once())
->method('validate')
->with('test_query', 'test-path')
->will($this
->returnValue(FALSE));
$this->routeMatch
->expects($this
->once())
->method('getRawParameters')
->will($this
->returnValue(array()));
$route = new Route('/test-path', array(), array(
'_csrf_token' => 'TRUE',
));
$request = Request::create('/test-path?token=test_query');
$this
->assertEquals(AccessResult::forbidden()
->setCacheMaxAge(0), $this->accessCheck
->access($route, $request, $this->routeMatch));
}
}