Same name and namespace in other branches
  1. 8.9.x core/tests/Drupal/Tests/Core/Database/ConditionTest.php \Drupal\Tests\Core\Database\ConditionTest
  2. 9 core/tests/Drupal/Tests/Core/Database/ConditionTest.php \Drupal\Tests\Core\Database\ConditionTest

@coversDefaultClass \Drupal\Core\Database\Query\Condition

@group Database

Hierarchy

Expanded class hierarchy of ConditionTest

File

core/tests/Drupal/Tests/Core/Database/ConditionTest.php, line 21

Namespace

Drupal\Tests\Core\Database
View source
class ConditionTest extends UnitTestCase {

  /**
   * Provides a list of known operations and the expected output.
   *
   * @return array
   *   - Expected result for the string version of the condition.
   *   - The field name to input in the condition.
   */
  public static function providerSimpleCondition() {
    return [
      [
        'name = :db_condition_placeholder_0',
        'name',
      ],
      [
        'name123 = :db_condition_placeholder_0',
        'name-123',
      ],
    ];
  }

  /**
   * @covers ::compile
   * @dataProvider providerSimpleCondition
   */
  public function testSimpleCondition($expected, $field_name) {
    $connection = $this
      ->prophesize(Connection::class);
    $connection
      ->escapeField($field_name)
      ->will(function ($args) {
      return preg_replace('/[^A-Za-z0-9_.]+/', '', $args[0]);
    });
    $connection
      ->mapConditionOperator('=')
      ->willReturn([
      'operator' => '=',
    ]);
    $connection
      ->condition('AND')
      ->willReturn(new Condition('AND'));
    $connection = $connection
      ->reveal();
    $query_placeholder = $this
      ->prophesize(PlaceholderInterface::class);
    $counter = 0;
    $query_placeholder
      ->nextPlaceholder()
      ->will(function () use (&$counter) {
      return $counter++;
    });
    $query_placeholder
      ->uniqueIdentifier()
      ->willReturn(4);
    $query_placeholder = $query_placeholder
      ->reveal();
    $condition = $connection
      ->condition('AND');
    $condition
      ->condition($field_name, 'value');
    $condition
      ->compile($connection, $query_placeholder);
    $this
      ->assertEquals($expected, $condition
      ->__toString());
    $this
      ->assertEquals([
      ':db_condition_placeholder_0' => 'value',
    ], $condition
      ->arguments());
  }

  /**
   * @covers ::compile
   *
   * @dataProvider dataProviderTestCompileWithKnownOperators
   *
   * @param string $expected
   *   The expected generated SQL condition.
   * @param string $field
   *   The field to pass into the condition() method.
   * @param mixed $value
   *   The value to pass into the condition() method.
   * @param string $operator
   *   The operator to pass into the condition() method.
   * @param mixed $expected_arguments
   *   (optional) The expected set arguments.
   */
  public function testCompileWithKnownOperators($expected, $field, $value, $operator, $expected_arguments = NULL) {
    $connection = $this
      ->prophesize(Connection::class);
    $connection
      ->escapeField(Argument::any())
      ->will(function ($args) {
      return preg_replace('/[^A-Za-z0-9_.]+/', '', $args[0]);
    });
    $connection
      ->mapConditionOperator(Argument::any())
      ->willReturn(NULL);
    $connection
      ->condition('AND')
      ->willReturn(new Condition('AND'));
    $connection = $connection
      ->reveal();
    $query_placeholder = $this
      ->prophesize(PlaceholderInterface::class);
    $counter = 0;
    $query_placeholder
      ->nextPlaceholder()
      ->will(function () use (&$counter) {
      return $counter++;
    });
    $query_placeholder
      ->uniqueIdentifier()
      ->willReturn(4);
    $query_placeholder = $query_placeholder
      ->reveal();
    $condition = $connection
      ->condition('AND');
    $condition
      ->condition($field, $value, $operator);
    $condition
      ->compile($connection, $query_placeholder);
    $this
      ->assertEquals($expected, $condition
      ->__toString());
    if (isset($expected_arguments)) {
      $this
        ->assertEquals($expected_arguments, $condition
        ->arguments());
    }
  }

  /**
   * Provides a list of known operations and the expected output.
   *
   * @return array
   */
  public static function dataProviderTestCompileWithKnownOperators() {

    // Below are a list of commented out test cases, which should work but
    // aren't directly supported by core, but instead need manual handling with
    // prefix/suffix at the moment.
    $data = [];
    $data[] = [
      'name = :db_condition_placeholder_0',
      'name',
      'value',
      '=',
    ];
    $data[] = [
      'name != :db_condition_placeholder_0',
      'name',
      'value',
      '!=',
    ];
    $data[] = [
      'name <> :db_condition_placeholder_0',
      'name',
      'value',
      '<>',
    ];
    $data[] = [
      'name >= :db_condition_placeholder_0',
      'name',
      'value',
      '>=',
    ];
    $data[] = [
      'name > :db_condition_placeholder_0',
      'name',
      'value',
      '>',
    ];
    $data[] = [
      'name <= :db_condition_placeholder_0',
      'name',
      'value',
      '<=',
    ];
    $data[] = [
      'name < :db_condition_placeholder_0',
      'name',
      'value',
      '<',
    ];

    // $data[] = ['GREATEST (1, 2, 3)', '', [1, 2, 3], 'GREATEST'];
    $data[] = [
      'name IN (:db_condition_placeholder_0, :db_condition_placeholder_1, :db_condition_placeholder_2)',
      'name',
      [
        '1',
        '2',
        '3',
      ],
      'IN',
    ];
    $data[] = [
      'name NOT IN (:db_condition_placeholder_0, :db_condition_placeholder_1, :db_condition_placeholder_2)',
      'name',
      [
        '1',
        '2',
        '3',
      ],
      'NOT IN',
    ];

    // $data[] = ['INTERVAL (1, 2, 3)', '', [1, 2, 3], 'INTERVAL'];
    $data[] = [
      'name IS NULL',
      'name',
      NULL,
      'IS NULL',
    ];
    $data[] = [
      'name IS NOT NULL',
      'name',
      NULL,
      'IS NOT NULL',
    ];
    $data[] = [
      'name IS :db_condition_placeholder_0',
      'name',
      'TRUE',
      'IS',
    ];

    // $data[] = ['LEAST (1, 2, 3)', '', [1, 2, 3], 'LEAST'];
    $data[] = [
      "name LIKE :db_condition_placeholder_0 ESCAPE '\\\\'",
      'name',
      '%muh%',
      'LIKE',
      [
        ':db_condition_placeholder_0' => '%muh%',
      ],
    ];
    $data[] = [
      "name NOT LIKE :db_condition_placeholder_0 ESCAPE '\\\\'",
      'name',
      '%muh%',
      'NOT LIKE',
      [
        ':db_condition_placeholder_0' => '%muh%',
      ],
    ];
    $data[] = [
      "name BETWEEN :db_condition_placeholder_0 AND :db_condition_placeholder_1",
      'name',
      [
        1,
        2,
      ],
      'BETWEEN',
      [
        ':db_condition_placeholder_0' => 1,
        ':db_condition_placeholder_1' => 2,
      ],
    ];
    $data[] = [
      "name NOT BETWEEN :db_condition_placeholder_0 AND :db_condition_placeholder_1",
      'name',
      [
        1,
        2,
      ],
      'NOT BETWEEN',
      [
        ':db_condition_placeholder_0' => 1,
        ':db_condition_placeholder_1' => 2,
      ],
    ];

    // $data[] = ['STRCMP (name, :db_condition_placeholder_0)', '', ['test-string'], 'STRCMP', [':db_condition_placeholder_0' => 'test-string']];
    // $data[] = ['EXISTS', '', NULL, 'EXISTS'];
    // $data[] = ['name NOT EXISTS', 'name', NULL, 'NOT EXISTS'];
    return $data;
  }

  /**
   * @covers ::compile
   *
   * @dataProvider providerTestCompileWithSqlInjectionForOperator
   */
  public function testCompileWithSqlInjectionForOperator($operator) {
    $connection = $this
      ->prophesize(Connection::class);
    $connection
      ->escapeField(Argument::any())
      ->will(function ($args) {
      return preg_replace('/[^A-Za-z0-9_.]+/', '', $args[0]);
    });
    $connection
      ->mapConditionOperator(Argument::any())
      ->willReturn(NULL);
    $connection
      ->condition('AND')
      ->willReturn(new Condition('AND'));
    $connection = $connection
      ->reveal();
    $query_placeholder = $this
      ->prophesize(PlaceholderInterface::class);
    $counter = 0;
    $query_placeholder
      ->nextPlaceholder()
      ->will(function () use (&$counter) {
      return $counter++;
    });
    $query_placeholder
      ->uniqueIdentifier()
      ->willReturn(4);
    $query_placeholder = $query_placeholder
      ->reveal();
    $condition = $connection
      ->condition('AND');
    $condition
      ->condition('name', 'value', $operator);
    $this
      ->expectError();
    $condition
      ->compile($connection, $query_placeholder);
  }
  public static function providerTestCompileWithSqlInjectionForOperator() {
    $data = [];
    $data[] = [
      "IS NOT NULL) ;INSERT INTO {test} (name) VALUES ('test12345678'); -- ",
    ];
    $data[] = [
      "IS NOT NULL) UNION ALL SELECT name, pass FROM {users_field_data} -- ",
    ];
    $data[] = [
      "IS NOT NULL) UNION ALL SELECT name FROM {TEST_UPPERCASE} -- ",
    ];
    $data[] = [
      "= 1 UNION ALL SELECT password FROM user WHERE uid =",
    ];
    return $data;
  }

  /**
   * Tests that the core Condition can be overridden.
   */
  public function testContribCondition() {
    $connection = new StubConnection($this
      ->createMock(StubPDO::class), [
      'namespace' => 'Drupal\\mock\\Driver\\Database\\mock',
      'prefix' => '',
    ]);
    $condition = $connection
      ->condition('AND');
    $this
      ->assertSame(StubCondition::class, get_class($condition));
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ConditionTest::dataProviderTestCompileWithKnownOperators public static function Provides a list of known operations and the expected output.
ConditionTest::providerSimpleCondition public static function Provides a list of known operations and the expected output.
ConditionTest::providerTestCompileWithSqlInjectionForOperator public static function
ConditionTest::testCompileWithKnownOperators public function @covers ::compile
ConditionTest::testCompileWithSqlInjectionForOperator public function @covers ::compile
ConditionTest::testContribCondition public function Tests that the core Condition can be overridden.
ConditionTest::testSimpleCondition public function @covers ::compile @dataProvider providerSimpleCondition
PhpUnitWarnings::$deprecationWarnings private static property Deprecation warnings from PHPUnit to raise with @trigger_error().
PhpUnitWarnings::addWarning public function Converts PHPUnit deprecation warnings to E_USER_DEPRECATED.
RandomGeneratorTrait::getRandomGenerator protected function Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName protected function Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject public function Generates a random PHP object.
RandomGeneratorTrait::randomString public function Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate Deprecated public function Callback for random string validation.
UnitTestCase::$root protected property The app root. 1
UnitTestCase::getClassResolverStub protected function Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub public function Returns a stub config factory that behaves according to the passed array.
UnitTestCase::getConfigStorageStub public function Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator protected function Sets up a container with a cache tags invalidator.
UnitTestCase::getStringTranslationStub public function Returns a stub translation manager that just returns the passed string.
UnitTestCase::setUp protected function 306
UnitTestCase::setUpBeforeClass public static function
UnitTestCase::__get public function