class RouteProcessorCsrfTest

Same name in other branches
  1. 8.9.x core/tests/Drupal/Tests/Core/Access/RouteProcessorCsrfTest.php \Drupal\Tests\Core\Access\RouteProcessorCsrfTest
  2. 10 core/tests/Drupal/Tests/Core/Access/RouteProcessorCsrfTest.php \Drupal\Tests\Core\Access\RouteProcessorCsrfTest
  3. 11.x core/tests/Drupal/Tests/Core/Access/RouteProcessorCsrfTest.php \Drupal\Tests\Core\Access\RouteProcessorCsrfTest

@coversDefaultClass \Drupal\Core\Access\RouteProcessorCsrf @group Access

Hierarchy

Expanded class hierarchy of RouteProcessorCsrfTest

File

core/tests/Drupal/Tests/Core/Access/RouteProcessorCsrfTest.php, line 15

Namespace

Drupal\Tests\Core\Access
View source
class RouteProcessorCsrfTest extends UnitTestCase {
    
    /**
     * The mock CSRF token generator.
     *
     * @var \Drupal\Core\Access\CsrfTokenGenerator|\PHPUnit\Framework\MockObject\MockObject
     */
    protected $csrfToken;
    
    /**
     * The route processor.
     *
     * @var \Drupal\Core\Access\RouteProcessorCsrf
     */
    protected $processor;
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() : void {
        $this->csrfToken = $this->getMockBuilder('Drupal\\Core\\Access\\CsrfTokenGenerator')
            ->disableOriginalConstructor()
            ->getMock();
        $this->processor = new RouteProcessorCsrf($this->csrfToken);
    }
    
    /**
     * Tests the processOutbound() method with no _csrf_token route requirement.
     */
    public function testProcessOutboundNoRequirement() {
        $this->csrfToken
            ->expects($this->never())
            ->method('get');
        $route = new Route('/test-path');
        $parameters = [];
        $bubbleable_metadata = new BubbleableMetadata();
        $this->processor
            ->processOutbound('test', $route, $parameters, $bubbleable_metadata);
        // No parameters should be added to the parameters array.
        $this->assertEmpty($parameters);
        // Cacheability of routes without a _csrf_token route requirement is
        // unaffected.
        $this->assertEquals(new BubbleableMetadata(), $bubbleable_metadata);
    }
    
    /**
     * Tests the processOutbound() method with a _csrf_token route requirement.
     */
    public function testProcessOutbound() {
        $route = new Route('/test-path', [], [
            '_csrf_token' => 'TRUE',
        ]);
        $parameters = [];
        $bubbleable_metadata = new BubbleableMetadata();
        $this->processor
            ->processOutbound('test', $route, $parameters, $bubbleable_metadata);
        // 'token' should be added to the parameters array.
        $this->assertArrayHasKey('token', $parameters);
        // Bubbleable metadata of routes with a _csrf_token route requirement is a
        // placeholder.
        $path = 'test-path';
        $placeholder = Crypt::hashBase64($path);
        $placeholder_render_array = [
            '#lazy_builder' => [
                'route_processor_csrf:renderPlaceholderCsrfToken',
                [
                    $path,
                ],
            ],
        ];
        $this->assertSame($parameters['token'], $placeholder);
        $this->assertEquals((new BubbleableMetadata())->setAttachments([
            'placeholders' => [
                $placeholder => $placeholder_render_array,
            ],
        ]), $bubbleable_metadata);
    }
    
    /**
     * Tests the processOutbound() method with a dynamic path and one replacement.
     */
    public function testProcessOutboundDynamicOne() {
        $route = new Route('/test-path/{slug}', [], [
            '_csrf_token' => 'TRUE',
        ]);
        $parameters = [
            'slug' => 100,
        ];
        $bubbleable_metadata = new BubbleableMetadata();
        $this->processor
            ->processOutbound('test', $route, $parameters, $bubbleable_metadata);
        // Bubbleable metadata of routes with a _csrf_token route requirement is a
        // placeholder.
        $path = 'test-path/100';
        $placeholder = Crypt::hashBase64($path);
        $placeholder_render_array = [
            '#lazy_builder' => [
                'route_processor_csrf:renderPlaceholderCsrfToken',
                [
                    $path,
                ],
            ],
        ];
        $this->assertEquals((new BubbleableMetadata())->setAttachments([
            'placeholders' => [
                $placeholder => $placeholder_render_array,
            ],
        ]), $bubbleable_metadata);
    }
    
    /**
     * Tests the processOutbound() method with two parameter replacements.
     */
    public function testProcessOutboundDynamicTwo() {
        $route = new Route('{slug_1}/test-path/{slug_2}', [], [
            '_csrf_token' => 'TRUE',
        ]);
        $parameters = [
            'slug_1' => 100,
            'slug_2' => 'test',
        ];
        $bubbleable_metadata = new BubbleableMetadata();
        $this->processor
            ->processOutbound('test', $route, $parameters, $bubbleable_metadata);
        // Bubbleable metadata of routes with a _csrf_token route requirement is a
        // placeholder.
        $path = '100/test-path/test';
        $placeholder = Crypt::hashBase64($path);
        $placeholder_render_array = [
            '#lazy_builder' => [
                'route_processor_csrf:renderPlaceholderCsrfToken',
                [
                    $path,
                ],
            ],
        ];
        $this->assertEquals((new BubbleableMetadata())->setAttachments([
            'placeholders' => [
                $placeholder => $placeholder_render_array,
            ],
        ]), $bubbleable_metadata);
    }

}

Members

Title Sort descending Deprecated Modifiers Object type Summary Overriden Title Overrides
PhpUnitWarnings::$deprecationWarnings private static property Deprecation warnings from PHPUnit to raise with @trigger_error().
PhpUnitWarnings::addWarning public function Converts PHPUnit deprecation warnings to E_USER_DEPRECATED.
RouteProcessorCsrfTest::$csrfToken protected property The mock CSRF token generator.
RouteProcessorCsrfTest::$processor protected property The route processor.
RouteProcessorCsrfTest::setUp protected function Overrides UnitTestCase::setUp
RouteProcessorCsrfTest::testProcessOutbound public function Tests the processOutbound() method with a _csrf_token route requirement.
RouteProcessorCsrfTest::testProcessOutboundDynamicOne public function Tests the processOutbound() method with a dynamic path and one replacement.
RouteProcessorCsrfTest::testProcessOutboundDynamicTwo public function Tests the processOutbound() method with two parameter replacements.
RouteProcessorCsrfTest::testProcessOutboundNoRequirement public function Tests the processOutbound() method with no _csrf_token route requirement.
UnitTestCase::$randomGenerator protected property The random generator.
UnitTestCase::$root protected property The app root. 1
UnitTestCase::assertArrayEquals Deprecated protected function Asserts if two arrays are equal by sorting them first.
UnitTestCase::getClassResolverStub protected function Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub public function Returns a stub config factory that behaves according to the passed array.
UnitTestCase::getConfigStorageStub public function Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator protected function Sets up a container with a cache tags invalidator.
UnitTestCase::getRandomGenerator protected function Gets the random generator for the utility methods.
UnitTestCase::getStringTranslationStub public function Returns a stub translation manager that just returns the passed string.
UnitTestCase::randomMachineName public function Generates a unique random string containing letters and numbers.
UnitTestCase::setUpBeforeClass public static function

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.