Passed
Push — 4.1 ( 6d2665...02ad0f )
by
unknown
32:36 queued 24:09
created

testLiveFlushUnauthenticated()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 20
Code Lines 12

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
eloc 12
nc 1
nop 0
dl 0
loc 20
rs 9.8666
c 0
b 0
f 0
1
<?php
2
3
namespace SilverStripe\Core\Tests\Startup;
4
5
use SilverStripe\Control\Cookie;
6
use SilverStripe\Control\HTTPApplication;
7
use SilverStripe\Control\HTTPRequest;
8
use SilverStripe\Control\HTTPResponse;
9
use SilverStripe\Control\Session;
10
use SilverStripe\Core\Kernel;
11
use SilverStripe\Core\Startup\ErrorControlChainMiddleware;
12
use SilverStripe\Core\Tests\Startup\ErrorControlChainMiddlewareTest\BlankKernel;
13
use SilverStripe\Dev\SapphireTest;
14
use SilverStripe\Security\Security;
15
16
class ErrorControlChainMiddlewareTest extends SapphireTest
17
{
18
    protected $usesDatabase = true;
19
20
    protected function setUp()
21
    {
22
        parent::setUp();
23
        Security::force_database_is_ready(true);
24
    }
25
26
    protected function tearDown()
27
    {
28
        Security::clear_database_is_ready();
29
        parent::tearDown();
30
    }
31
32
    public function testLiveFlushAdmin()
33
    {
34
        // Mock admin
35
        $adminID = $this->logInWithPermission('ADMIN');
36
        $this->logOut();
37
38
        // Mock app
39
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
40
        $app->getKernel()->setEnvironment(Kernel::LIVE);
41
42
        // Test being logged in as admin
43
        $chain = new ErrorControlChainMiddleware($app);
44
        $request = new HTTPRequest('GET', '/', ['flush' => 1]);
45
        $request->setSession(new Session(['loggedInAs' => $adminID]));
46
        $result = $chain->process($request, function () {
47
            return null;
48
        });
49
50
        $this->assertInstanceOf(HTTPResponse::class, $result);
51
        $location = $result->getHeader('Location');
52
        $this->assertContains('?flush=1&flushtoken=', $location);
53
        $this->assertNotContains('Security/login', $location);
54
    }
55
56
    public function testLiveFlushUnauthenticated()
57
    {
58
        // Mock app
59
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
60
        $app->getKernel()->setEnvironment(Kernel::LIVE);
61
62
        // Test being logged in as no one
63
        Security::setCurrentUser(null);
64
        $chain = new ErrorControlChainMiddleware($app);
65
        $request = new HTTPRequest('GET', '/', ['flush' => 1]);
66
        $request->setSession(new Session(['loggedInAs' => 0]));
67
        $result = $chain->process($request, function () {
68
            return null;
69
        });
70
71
        // Should be directed to login, not to flush
72
        $this->assertInstanceOf(HTTPResponse::class, $result);
73
        $location = $result->getHeader('Location');
74
        $this->assertNotContains('?flush=1&flushtoken=', $location);
75
        $this->assertContains('Security/login', $location);
76
    }
77
78
    public function testLiveBuildAdmin()
79
    {
80
        // Mock admin
81
        $adminID = $this->logInWithPermission('ADMIN');
82
        $this->logOut();
83
84
        // Mock app
85
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
86
        $app->getKernel()->setEnvironment(Kernel::LIVE);
87
88
        // Test being logged in as admin
89
        $chain = new ErrorControlChainMiddleware($app);
90
        $request = new HTTPRequest('GET', '/dev/build/');
91
        $request->setSession(new Session(['loggedInAs' => $adminID]));
92
        $result = $chain->process($request, function () {
93
            return null;
94
        });
95
96
        $this->assertInstanceOf(HTTPResponse::class, $result);
97
        $location = $result->getHeader('Location');
98
        $this->assertContains('/dev/build', $location);
99
        $this->assertContains('?devbuildtoken=', $location);
100
        $this->assertNotContains('Security/login', $location);
101
    }
102
103
    public function testLiveBuildUnauthenticated()
104
    {
105
        // Mock app
106
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
107
        $app->getKernel()->setEnvironment(Kernel::LIVE);
108
109
        // Test being logged in as no one
110
        Security::setCurrentUser(null);
111
        $chain = new ErrorControlChainMiddleware($app);
112
        $request = new HTTPRequest('GET', '/dev/build');
113
        $request->setSession(new Session(['loggedInAs' => 0]));
114
        $result = $chain->process($request, function () {
115
            return null;
116
        });
117
118
        // Should be directed to login, not to flush
119
        $this->assertInstanceOf(HTTPResponse::class, $result);
120
        $location = $result->getHeader('Location');
121
        $this->assertNotContains('/dev/build', $location);
122
        $this->assertNotContains('?devbuildtoken=', $location);
123
        $this->assertContains('Security/login', $location);
124
    }
125
126
    public function testLiveBuildAndFlushAdmin()
127
    {
128
        // Mock admin
129
        $adminID = $this->logInWithPermission('ADMIN');
130
        $this->logOut();
131
132
        // Mock app
133
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
134
        $app->getKernel()->setEnvironment(Kernel::LIVE);
135
136
        // Test being logged in as admin
137
        $chain = new ErrorControlChainMiddleware($app);
138
        $request = new HTTPRequest('GET', '/dev/build/', ['flush' => '1']);
139
        $request->setSession(new Session(['loggedInAs' => $adminID]));
140
        $result = $chain->process($request, function () {
141
            return null;
142
        });
143
144
        $this->assertInstanceOf(HTTPResponse::class, $result);
145
        $location = $result->getHeader('Location');
146
        $this->assertContains('/dev/build', $location);
147
        $this->assertContains('flush=1', $location);
148
        $this->assertContains('devbuildtoken=', $location);
149
        $this->assertContains('flushtoken=', $location);
150
        $this->assertNotContains('Security/login', $location);
151
    }
152
153
    public function testLiveBuildAndFlushUnauthenticated()
154
    {
155
        // Mock app
156
        $app = new HTTPApplication(new BlankKernel(BASE_PATH));
157
        $app->getKernel()->setEnvironment(Kernel::LIVE);
158
159
        // Test being logged in as no one
160
        Security::setCurrentUser(null);
161
        $chain = new ErrorControlChainMiddleware($app);
162
        $request = new HTTPRequest('GET', '/dev/build', ['flush' => '1']);
163
        $request->setSession(new Session(['loggedInAs' => 0]));
164
        $result = $chain->process($request, function () {
165
            return null;
166
        });
167
168
        // Should be directed to login, not to flush
169
        $this->assertInstanceOf(HTTPResponse::class, $result);
170
        $location = $result->getHeader('Location');
171
        $this->assertNotContains('/dev/build', $location);
172
        $this->assertNotContains('flush=1', $location);
173
        $this->assertNotContains('devbuildtoken=', $location);
174
        $this->assertNotContains('flushtoken=', $location);
175
        $this->assertContains('Security/login', $location);
176
    }
177
}
178