class CsrfAccessCheckTest
Same name in other branches
- 9 core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest
- 8.9.x core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest
- 10 core/tests/Drupal/Tests/Core/Access/CsrfAccessCheckTest.php \Drupal\Tests\Core\Access\CsrfAccessCheckTest
@coversDefaultClass \Drupal\Core\Access\CsrfAccessCheck @group Access
Hierarchy
- class \Drupal\Tests\UnitTestCase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Prophecy\PhpUnit\ProphecyTrait, \Drupal\TestTools\Extension\DeprecationBridge\ExpectDeprecationTrait, \Drupal\Tests\RandomGeneratorTrait
- class \Drupal\Tests\Core\Access\CsrfAccessCheckTest extends \Drupal\Tests\UnitTestCase
Expanded class hierarchy of CsrfAccessCheckTest
File
-
core/
tests/ Drupal/ Tests/ Core/ Access/ CsrfAccessCheckTest.php, line 17
Namespace
Drupal\Tests\Core\AccessView source
class CsrfAccessCheckTest extends UnitTestCase {
/**
* The mock CSRF token generator.
*
* @var \Drupal\Core\Access\CsrfTokenGenerator|\PHPUnit\Framework\MockObject\MockObject
*/
protected $csrfToken;
/**
* The access checker.
*
* @var \Drupal\Core\Access\CsrfAccessCheck
*/
protected $accessCheck;
/**
* The mock route match.
*
* @var \Drupal\Core\Routing\RouteMatchInterface|\PHPUnit\Framework\MockObject\MockObject
*/
protected $routeMatch;
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
$this->csrfToken = $this->getMockBuilder('Drupal\\Core\\Access\\CsrfTokenGenerator')
->disableOriginalConstructor()
->getMock();
$this->routeMatch = $this->createMock('Drupal\\Core\\Routing\\RouteMatchInterface');
$this->accessCheck = new CsrfAccessCheck($this->csrfToken);
}
/**
* Tests the access() method with a valid token.
*/
public function testAccessTokenPass() : void {
$this->csrfToken
->expects($this->once())
->method('validate')
->with('test_query', 'test-path/42')
->willReturn(TRUE);
$this->routeMatch
->expects($this->once())
->method('getRawParameters')
->willReturn([
'node' => 42,
]);
$route = new Route('/test-path/{node}', [], [
'_csrf_token' => 'TRUE',
]);
$request = Request::create('/test-path/42?token=test_query');
$this->assertEquals(AccessResult::allowed()->setCacheMaxAge(0), $this->accessCheck
->access($route, $request, $this->routeMatch));
}
/**
* @covers ::access
*/
public function testCsrfTokenInvalid() : void {
$this->csrfToken
->expects($this->once())
->method('validate')
->with('test_query', 'test-path')
->willReturn(FALSE);
$this->routeMatch
->expects($this->once())
->method('getRawParameters')
->willReturn([]);
$route = new Route('/test-path', [], [
'_csrf_token' => 'TRUE',
]);
$request = Request::create('/test-path?token=test_query');
$this->assertEquals(AccessResult::forbidden("'csrf_token' URL query argument is invalid.")->setCacheMaxAge(0), $this->accessCheck
->access($route, $request, $this->routeMatch));
}
/**
* @covers ::access
*/
public function testCsrfTokenMissing() : void {
$this->csrfToken
->expects($this->once())
->method('validate')
->with('', 'test-path')
->willReturn(FALSE);
$this->routeMatch
->expects($this->once())
->method('getRawParameters')
->willReturn([]);
$route = new Route('/test-path', [], [
'_csrf_token' => 'TRUE',
]);
$request = Request::create('/test-path');
$this->assertEquals(AccessResult::forbidden("'csrf_token' URL query argument is missing.")->setCacheMaxAge(0), $this->accessCheck
->access($route, $request, $this->routeMatch));
}
}
Members
Title Sort descending | Modifiers | Object type | Summary | Overriden Title |
---|---|---|---|---|
CsrfAccessCheckTest::$accessCheck | protected | property | The access checker. | |
CsrfAccessCheckTest::$csrfToken | protected | property | The mock CSRF token generator. | |
CsrfAccessCheckTest::$routeMatch | protected | property | The mock route match. | |
CsrfAccessCheckTest::setUp | protected | function | Overrides UnitTestCase::setUp | |
CsrfAccessCheckTest::testAccessTokenPass | public | function | Tests the access() method with a valid token. | |
CsrfAccessCheckTest::testCsrfTokenInvalid | public | function | @covers ::access | |
CsrfAccessCheckTest::testCsrfTokenMissing | public | function | @covers ::access | |
ExpectDeprecationTrait::expectDeprecation | public | function | Adds an expected deprecation. | |
ExpectDeprecationTrait::getCallableName | private static | function | Returns a callable as a string suitable for inclusion in a message. | |
ExpectDeprecationTrait::setUpErrorHandler | public | function | Sets up the test error handler. | |
ExpectDeprecationTrait::tearDownErrorHandler | public | function | Tears down the test error handler. | |
RandomGeneratorTrait::getRandomGenerator | protected | function | Gets the random generator for the utility methods. | |
RandomGeneratorTrait::randomMachineName | protected | function | Generates a unique random string containing letters and numbers. | |
RandomGeneratorTrait::randomObject | public | function | Generates a random PHP object. | |
RandomGeneratorTrait::randomString | public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
UnitTestCase::$root | protected | property | The app root. | |
UnitTestCase::getClassResolverStub | protected | function | Returns a stub class resolver. | |
UnitTestCase::getConfigFactoryStub | public | function | Returns a stub config factory that behaves according to the passed array. | |
UnitTestCase::getConfigStorageStub | public | function | Returns a stub config storage that returns the supplied configuration. | |
UnitTestCase::getContainerWithCacheTagsInvalidator | protected | function | Sets up a container with a cache tags invalidator. | |
UnitTestCase::getStringTranslationStub | public | function | Returns a stub translation manager that just returns the passed string. | |
UnitTestCase::setUpBeforeClass | public static | function |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.