You are here

class CsrfAccessCheckTest in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest

@coversDefaultClass \Drupal\Core\Access\CsrfAccessCheck @group Access

Hierarchy

Expanded class hierarchy of CsrfAccessCheckTest

File

core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php, line 20
Contains \Drupal\Tests\Core\Access\CsrfAccessCheckTest.

Namespace

Drupal\Tests\Core\Access
View source
class CsrfAccessCheckTest extends UnitTestCase {

  /**
   * The mock CSRF token generator.
   *
   * @var \Drupal\Core\Access\CsrfTokenGenerator|\PHPUnit_Framework_MockObject_MockObject
   */
  protected $csrfToken;

  /**
   * The access checker.
   *
   * @var \Drupal\Core\Access\CsrfAccessCheck
   */
  protected $accessCheck;

  /**
   * The mock route match.
   *
   * @var \Drupal\Core\RouteMatch\RouteMatchInterface|\PHPUnit_Framework_MockObject_MockObject
   */
  protected $routeMatch;
  protected function setUp() {
    $this->csrfToken = $this
      ->getMockBuilder('Drupal\\Core\\Access\\CsrfTokenGenerator')
      ->disableOriginalConstructor()
      ->getMock();
    $this->routeMatch = $this
      ->getMock('Drupal\\Core\\Routing\\RouteMatchInterface');
    $this->accessCheck = new CsrfAccessCheck($this->csrfToken);
  }

  /**
   * Tests the access() method with a valid token.
   */
  public function testAccessTokenPass() {
    $this->csrfToken
      ->expects($this
      ->once())
      ->method('validate')
      ->with('test_query', 'test-path/42')
      ->will($this
      ->returnValue(TRUE));
    $this->routeMatch
      ->expects($this
      ->once())
      ->method('getRawParameters')
      ->will($this
      ->returnValue(array(
      'node' => 42,
    )));
    $route = new Route('/test-path/{node}', array(), array(
      '_csrf_token' => 'TRUE',
    ));
    $request = Request::create('/test-path/42?token=test_query');
    $this
      ->assertEquals(AccessResult::allowed()
      ->setCacheMaxAge(0), $this->accessCheck
      ->access($route, $request, $this->routeMatch));
  }

  /**
   * Tests the access() method with an invalid token.
   */
  public function testAccessTokenFail() {
    $this->csrfToken
      ->expects($this
      ->once())
      ->method('validate')
      ->with('test_query', 'test-path')
      ->will($this
      ->returnValue(FALSE));
    $this->routeMatch
      ->expects($this
      ->once())
      ->method('getRawParameters')
      ->will($this
      ->returnValue(array()));
    $route = new Route('/test-path', array(), array(
      '_csrf_token' => 'TRUE',
    ));
    $request = Request::create('/test-path?token=test_query');
    $this
      ->assertEquals(AccessResult::forbidden()
      ->setCacheMaxAge(0), $this->accessCheck
      ->access($route, $request, $this->routeMatch));
  }

}

Members

Namesort descending Modifiers Type Description Overrides
CsrfAccessCheckTest::$accessCheck protected property The access checker.
CsrfAccessCheckTest::$csrfToken protected property The mock CSRF token generator.
CsrfAccessCheckTest::$routeMatch protected property The mock route match.
CsrfAccessCheckTest::setUp protected function Overrides UnitTestCase::setUp
CsrfAccessCheckTest::testAccessTokenFail public function Tests the access() method with an invalid token.
CsrfAccessCheckTest::testAccessTokenPass public function Tests the access() method with a valid token.
UnitTestCase::$randomGenerator protected property The random generator.
UnitTestCase::$root protected property The app root.
UnitTestCase::assertArrayEquals protected function Asserts if two arrays are equal by sorting them first.
UnitTestCase::getBlockMockWithMachineName protected function Mocks a block with a block plugin.
UnitTestCase::getClassResolverStub protected function Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub public function Returns a stub config factory that behaves according to the passed in array.
UnitTestCase::getConfigStorageStub public function Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator protected function Sets up a container with a cache tags invalidator.
UnitTestCase::getRandomGenerator protected function Gets the random generator for the utility methods.
UnitTestCase::getStringTranslationStub public function Returns a stub translation manager that just returns the passed string.
UnitTestCase::randomMachineName public function Generates a unique random string containing letters and numbers.