You are here

public function Twig_Tests_Extension_SandboxTest::testSandboxGloballySet in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 vendor/twig/twig/test/Twig/Tests/Extension/SandboxTest.php \Twig_Tests_Extension_SandboxTest::testSandboxGloballySet()

File

vendor/twig/twig/test/Twig/Tests/Extension/SandboxTest.php, line 50

Class

Twig_Tests_Extension_SandboxTest

Code

public function testSandboxGloballySet() {
  $twig = $this
    ->getEnvironment(false, array(), self::$templates);
  $this
    ->assertEquals('FOO', $twig
    ->loadTemplate('1_basic')
    ->render(self::$params), 'Sandbox does nothing if it is disabled globally');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic1')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed method is called');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic2')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed filter is called');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic3')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed tag is used in the template');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic4')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed property is called in the template');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic5')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed method (__toString()) is called in the template');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic6')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed method (__toString()) is called in the template');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates);
  try {
    $twig
      ->loadTemplate('1_basic7')
      ->render(self::$params);
    $this
      ->fail('Sandbox throws a SecurityError exception if an unallowed function is called in the template');
  } catch (Twig_Sandbox_SecurityError $e) {
  }
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(), array(), array(
    'FooObject' => 'foo',
  ));
  FooObject::reset();
  $this
    ->assertEquals('foo', $twig
    ->loadTemplate('1_basic1')
    ->render(self::$params), 'Sandbox allow some methods');
  $this
    ->assertEquals(1, FooObject::$called['foo'], 'Sandbox only calls method once');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(), array(), array(
    'FooObject' => '__toString',
  ));
  FooObject::reset();
  $this
    ->assertEquals('foo', $twig
    ->loadTemplate('1_basic5')
    ->render(self::$params), 'Sandbox allow some methods');
  $this
    ->assertEquals(1, FooObject::$called['__toString'], 'Sandbox only calls method once');
  $twig = $this
    ->getEnvironment(false, array(), self::$templates);
  FooObject::reset();
  $this
    ->assertEquals('foo', $twig
    ->loadTemplate('1_basic5')
    ->render(self::$params), 'Sandbox allows __toString when sandbox disabled');
  $this
    ->assertEquals(1, FooObject::$called['__toString'], 'Sandbox only calls method once');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(), array(
    'upper',
  ));
  $this
    ->assertEquals('FABIEN', $twig
    ->loadTemplate('1_basic2')
    ->render(self::$params), 'Sandbox allow some filters');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(
    'if',
  ));
  $this
    ->assertEquals('foo', $twig
    ->loadTemplate('1_basic3')
    ->render(self::$params), 'Sandbox allow some tags');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(), array(), array(), array(
    'FooObject' => 'bar',
  ));
  $this
    ->assertEquals('bar', $twig
    ->loadTemplate('1_basic4')
    ->render(self::$params), 'Sandbox allow some properties');
  $twig = $this
    ->getEnvironment(true, array(), self::$templates, array(), array(), array(), array(), array(
    'cycle',
  ));
  $this
    ->assertEquals('bar', $twig
    ->loadTemplate('1_basic7')
    ->render(self::$params), 'Sandbox allow some functions');
  foreach (array(
    'getfoobar',
    'getFoobar',
    'getFooBar',
  ) as $name) {
    $twig = $this
      ->getEnvironment(true, array(), self::$templates, array(), array(), array(
      'FooObject' => $name,
    ));
    FooObject::reset();
    $this
      ->assertEquals('foobarfoobar', $twig
      ->loadTemplate('1_basic8')
      ->render(self::$params), 'Sandbox allow methods in a case-insensitive way');
    $this
      ->assertEquals(2, FooObject::$called['getFooBar'], 'Sandbox only calls method once');
    $this
      ->assertEquals('foobarfoobar', $twig
      ->loadTemplate('1_basic9')
      ->render(self::$params), 'Sandbox allow methods via shortcut names (ie. without get/set)');
  }
}