Mercurial > hg > Members > shoshi > webvirt

annotate cake/tests/cases/libs/controller/components/security.test.php @ 0:261e66bd5a0c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hg init
author Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
date Sun, 24 Jul 2011 21:08:31 +0900
parents
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1 <?php
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
2 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
3 * SecurityComponentTest file
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
4 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
5 * PHP versions 4 and 5
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
6 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
7 * CakePHP(tm) Tests <http://book.cakephp.org/view/1196/Testing>
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
8 * Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
9 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
10 * Licensed under The Open Group Test Suite License
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
11 * Redistributions of files must retain the above copyright notice.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
12 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
13 * @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
14 * @link http://book.cakephp.org/view/1196/Testing CakePHP(tm) Tests
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
15 * @package cake
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
16 * @subpackage cake.tests.cases.libs.controller.components
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
17 * @since CakePHP(tm) v 1.2.0.5435
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
18 * @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
19 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
20 App::import('Component', 'Security');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
21
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
22 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
23 * TestSecurityComponent
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
24 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
25 * @package cake
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
26 * @subpackage cake.tests.cases.libs.controller.components
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
27 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
28 class TestSecurityComponent extends SecurityComponent {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
29
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
30 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
31 * validatePost method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
32 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
33 * @param Controller $controller
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
34 * @return unknown
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
35 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
36 function validatePost(&$controller) {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
37 return $this->_validatePost($controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
38 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
39 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
40
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
41 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
42 * SecurityTestController
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
43 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
44 * @package cake
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
45 * @subpackage cake.tests.cases.libs.controller.components
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
46 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
47 class SecurityTestController extends Controller {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
48
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
49 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
50 * name property
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
51 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
52 * @var string 'SecurityTest'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
53 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
54 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
55 var $name = 'SecurityTest';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
56
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
57 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
58 * components property
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
59 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
60 * @var array
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
61 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
62 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
63 var $components = array('Session', 'TestSecurity');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
64
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
65 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
66 * failed property
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
67 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
68 * @var bool false
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
69 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
70 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
71 var $failed = false;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
72
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
73 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
74 * Used for keeping track of headers in test
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
75 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
76 * @var array
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
77 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
78 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
79 var $testHeaders = array();
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
80
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
81 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
82 * fail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
83 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
84 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
85 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
86 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
87 function fail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
88 $this->failed = true;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
89 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
90
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
91 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
92 * redirect method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
93 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
94 * @param mixed $option
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
95 * @param mixed $code
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
96 * @param mixed $exit
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
97 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
98 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
99 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
100 function redirect($option, $code, $exit) {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
101 return $code;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
102 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
103
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
104 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
105 * Conveinence method for header()
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
106 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
107 * @param string $status
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
108 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
109 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
110 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
111 function header($status) {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
112 $this->testHeaders[] = $status;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
113 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
114 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
115
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
116 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
117 * SecurityComponentTest class
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
118 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
119 * @package cake
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
120 * @subpackage cake.tests.cases.libs.controller.components
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
121 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
122 class SecurityComponentTest extends CakeTestCase {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
123
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
124 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
125 * Controller property
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
126 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
127 * @var SecurityTestController
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
128 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
129 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
130 var $Controller;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
131
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
132 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
133 * oldSalt property
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
134 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
135 * @var string
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
136 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
137 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
138 var $oldSalt;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
139
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
140 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
141 * setUp method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
142 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
143 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
144 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
145 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
146 function startTest() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
147 $this->Controller =& new SecurityTestController();
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
148 $this->Controller->Component->init($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
149 $this->Controller->Security =& $this->Controller->TestSecurity;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
150 $this->Controller->Security->blackHoleCallback = 'fail';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
151 $this->oldSalt = Configure::read('Security.salt');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
152 Configure::write('Security.salt', 'foo!');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
153 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
154
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
155 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
156 * Tear-down method. Resets environment state.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
157 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
158 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
159 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
160 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
161 function endTest() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
162 Configure::write('Security.salt', $this->oldSalt);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
163 $this->Controller->Session->delete('_Token');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
164 unset($this->Controller->Security);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
165 unset($this->Controller->Component);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
166 unset($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
167 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
168
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
169 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
170 * test that initalize can set properties.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
171 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
172 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
173 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
174 function testInitialize() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
175 $settings = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
176 'requirePost' => array('edit', 'update'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
177 'requireSecure' => array('update_account'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
178 'requireGet' => array('index'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
179 'validatePost' => false,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
180 'loginUsers' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
181 'mark' => 'password'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
182 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
183 'requireLogin' => array('login'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
184 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
185 $this->Controller->Security->initialize($this->Controller, $settings);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
186 $this->assertEqual($this->Controller->Security->requirePost, $settings['requirePost']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
187 $this->assertEqual($this->Controller->Security->requireSecure, $settings['requireSecure']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
188 $this->assertEqual($this->Controller->Security->requireGet, $settings['requireGet']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
189 $this->assertEqual($this->Controller->Security->validatePost, $settings['validatePost']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
190 $this->assertEqual($this->Controller->Security->loginUsers, $settings['loginUsers']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
191 $this->assertEqual($this->Controller->Security->requireLogin, $settings['requireLogin']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
192 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
193
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
194 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
195 * testStartup method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
196 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
197 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
198 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
199 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
200 function testStartup() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
201 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
202 $result = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
203 $this->assertNotNull($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
204 $this->assertTrue($this->Controller->Session->check('_Token'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
205 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
206
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
207 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
208 * testRequirePostFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
209 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
210 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
211 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
212 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
213 function testRequirePostFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
214 $_SERVER['REQUEST_METHOD'] = 'GET';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
215 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
216 $this->Controller->Security->requirePost(array('posted'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
217 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
218 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
219 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
220
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
221 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
222 * testRequirePostSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
223 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
224 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
225 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
226 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
227 function testRequirePostSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
228 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
229 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
230 $this->Controller->Security->requirePost('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
231 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
232 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
233 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
234
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
235 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
236 * testRequireSecureFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
237 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
238 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
239 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
240 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
241 function testRequireSecureFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
242 $_SERVER['HTTPS'] = 'off';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
243 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
244 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
245 $this->Controller->Security->requireSecure(array('posted'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
246 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
247 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
248 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
249
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
250 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
251 * testRequireSecureSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
252 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
253 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
254 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
255 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
256 function testRequireSecureSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
257 $_SERVER['REQUEST_METHOD'] = 'Secure';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
258 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
259 $_SERVER['HTTPS'] = 'on';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
260 $this->Controller->Security->requireSecure('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
261 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
262 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
263 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
264
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
265 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
266 * testRequireAuthFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
267 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
268 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
269 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
270 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
271 function testRequireAuthFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
272 $_SERVER['REQUEST_METHOD'] = 'AUTH';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
273 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
274 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
275 $this->Controller->Security->requireAuth(array('posted'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
276 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
277 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
278
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
279 $this->Controller->Session->write('_Token', serialize(array('allowedControllers' => array())));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
280 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
281 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
282 $this->Controller->Security->requireAuth('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
283 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
284 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
285
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
286 $this->Controller->Session->write('_Token', serialize(array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
287 'allowedControllers' => array('SecurityTest'), 'allowedActions' => array('posted2')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
288 )));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
289 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
290 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
291 $this->Controller->Security->requireAuth('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
292 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
293 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
294 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
295
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
296 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
297 * testRequireAuthSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
298 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
299 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
300 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
301 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
302 function testRequireAuthSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
303 $_SERVER['REQUEST_METHOD'] = 'AUTH';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
304 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
305 $this->Controller->Security->requireAuth('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
306 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
307 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
308
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
309 $this->Controller->Security->Session->write('_Token', serialize(array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
310 'allowedControllers' => array('SecurityTest'), 'allowedActions' => array('posted')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
311 )));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
312 $this->Controller->params['controller'] = 'SecurityTest';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
313 $this->Controller->params['action'] = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
314
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
315 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
316 'username' => 'willy', 'password' => 'somePass', '_Token' => ''
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
317 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
318 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
319 $this->Controller->Security->requireAuth('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
320 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
321 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
322 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
323
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
324 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
325 * testRequirePostSucceedWrongMethod method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
326 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
327 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
328 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
329 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
330 function testRequirePostSucceedWrongMethod() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
331 $_SERVER['REQUEST_METHOD'] = 'GET';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
332 $this->Controller->action = 'getted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
333 $this->Controller->Security->requirePost('posted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
334 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
335 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
336 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
337
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
338 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
339 * testRequireGetFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
340 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
341 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
342 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
343 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
344 function testRequireGetFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
345 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
346 $this->Controller->action = 'getted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
347 $this->Controller->Security->requireGet(array('getted'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
348 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
349 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
350 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
351
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
352 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
353 * testRequireGetSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
354 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
355 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
356 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
357 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
358 function testRequireGetSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
359 $_SERVER['REQUEST_METHOD'] = 'GET';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
360 $this->Controller->action = 'getted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
361 $this->Controller->Security->requireGet('getted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
362 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
363 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
364 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
365
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
366 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
367 * testRequireLogin method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
368 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
369 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
370 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
371 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
372 function testRequireLogin() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
373 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
374 $this->Controller->Security->requireLogin(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
375 'posted',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
376 array('type' => 'basic', 'users' => array('admin' => 'password'))
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
377 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
378 $_SERVER['PHP_AUTH_USER'] = 'admin';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
379 $_SERVER['PHP_AUTH_PW'] = 'password';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
380 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
381 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
382
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
383
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
384 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
385 $this->Controller->Security->requireLogin(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
386 array('posted'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
387 array('type' => 'basic', 'users' => array('admin' => 'password'))
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
388 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
389 $_SERVER['PHP_AUTH_USER'] = 'admin2';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
390 $_SERVER['PHP_AUTH_PW'] = 'password';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
391 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
392 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
393
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
394 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
395 $this->Controller->Security->requireLogin(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
396 'posted',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
397 array('type' => 'basic', 'users' => array('admin' => 'password'))
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
398 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
399 $_SERVER['PHP_AUTH_USER'] = 'admin';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
400 $_SERVER['PHP_AUTH_PW'] = 'password2';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
401 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
402 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
403 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
404
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
405 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
406 * testDigestAuth method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
407 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
408 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
409 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
410 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
411 function testDigestAuth() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
412 $skip = $this->skipIf((version_compare(PHP_VERSION, '5.1') == -1) XOR (!function_exists('apache_request_headers')),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
413 "%s Cannot run Digest Auth test for PHP versions < 5.1"
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
414 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
415
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
416 if ($skip) {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
417 return;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
418 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
419
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
420 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
421 $_SERVER['PHP_AUTH_DIGEST'] = $digest = <<<DIGEST
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
422 Digest username="Mufasa",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
423 realm="testrealm@host.com",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
424 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
425 uri="/dir/index.html",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
426 qop=auth,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
427 nc=00000001,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
428 cnonce="0a4f113b",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
429 response="460d0d3c6867c2f1ab85b1ada1aece48",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
430 opaque="5ccc069c403ebaf9f0171e9517f40e41"
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
431 DIGEST;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
432 $this->Controller->Security->requireLogin('posted', array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
433 'type' => 'digest', 'users' => array('Mufasa' => 'password'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
434 'realm' => 'testrealm@host.com'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
435 ));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
436 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
437 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
438 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
439
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
440 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
441 * testRequireGetSucceedWrongMethod method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
442 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
443 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
444 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
445 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
446 function testRequireGetSucceedWrongMethod() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
447 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
448 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
449 $this->Controller->Security->requireGet('getted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
450 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
451 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
452 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
453
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
454 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
455 * testRequirePutFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
456 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
457 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
458 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
459 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
460 function testRequirePutFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
461 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
462 $this->Controller->action = 'putted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
463 $this->Controller->Security->requirePut(array('putted'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
464 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
465 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
466 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
467
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
468 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
469 * testRequirePutSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
470 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
471 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
472 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
473 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
474 function testRequirePutSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
475 $_SERVER['REQUEST_METHOD'] = 'PUT';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
476 $this->Controller->action = 'putted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
477 $this->Controller->Security->requirePut('putted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
478 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
479 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
480 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
481
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
482 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
483 * testRequirePutSucceedWrongMethod method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
484 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
485 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
486 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
487 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
488 function testRequirePutSucceedWrongMethod() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
489 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
490 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
491 $this->Controller->Security->requirePut('putted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
492 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
493 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
494 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
495
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
496 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
497 * testRequireDeleteFail method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
498 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
499 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
500 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
501 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
502 function testRequireDeleteFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
503 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
504 $this->Controller->action = 'deleted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
505 $this->Controller->Security->requireDelete(array('deleted', 'other_method'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
506 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
507 $this->assertTrue($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
508 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
509
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
510 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
511 * testRequireDeleteSucceed method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
512 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
513 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
514 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
515 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
516 function testRequireDeleteSucceed() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
517 $_SERVER['REQUEST_METHOD'] = 'DELETE';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
518 $this->Controller->action = 'deleted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
519 $this->Controller->Security->requireDelete('deleted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
520 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
521 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
522 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
523
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
524 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
525 * testRequireDeleteSucceedWrongMethod method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
526 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
527 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
528 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
529 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
530 function testRequireDeleteSucceedWrongMethod() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
531 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
532 $this->Controller->action = 'posted';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
533 $this->Controller->Security->requireDelete('deleted');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
534 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
535 $this->assertFalse($this->Controller->failed);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
536 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
537
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
538 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
539 * testRequireLoginSettings method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
540 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
541 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
542 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
543 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
544 function testRequireLoginSettings() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
545 $this->Controller->Security->requireLogin(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
546 'add', 'edit',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
547 array('type' => 'basic', 'users' => array('admin' => 'password'))
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
548 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
549 $this->assertEqual($this->Controller->Security->requireLogin, array('add', 'edit'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
550 $this->assertEqual($this->Controller->Security->loginUsers, array('admin' => 'password'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
551 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
552
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
553 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
554 * testRequireLoginAllActions method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
555 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
556 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
557 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
558 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
559 function testRequireLoginAllActions() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
560 $this->Controller->Security->requireLogin(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
561 array('type' => 'basic', 'users' => array('admin' => 'password'))
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
562 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
563 $this->assertEqual($this->Controller->Security->requireLogin, array('*'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
564 $this->assertEqual($this->Controller->Security->loginUsers, array('admin' => 'password'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
565 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
566
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
567 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
568 * Simple hash validation test
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
569 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
570 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
571 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
572 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
573 function testValidatePost() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
574 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
575 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
576 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
577
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
578 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
579 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
580 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
581 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
582 $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
583 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
584
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
585 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
586 * test that validatePost fails if any of its required fields are missing.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
587 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
588 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
589 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
590 function testValidatePostFormHacking() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
591 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
592 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
593 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
594
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
595 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
596 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
597 '_Token' => compact('key')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
598 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
599 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
600 $this->assertFalse($result, 'validatePost passed when fields were missing. %s');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
601
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
602 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
603 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
604 '_Token' => compact('fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
605 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
606 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
607 $this->assertFalse($result, 'validatePost passed when key was missing. %s');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
608 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
609
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
610 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
611 * Test that objects can't be passed into the serialized string. This was a vector for RFI and LFI
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
612 * attacks. Thanks to Felix Wilhelm
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
613 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
614 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
615 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
616 function testValidatePostObjectDeserialize() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
617 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
618 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
619 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
620
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
621 // a corrupted serialized object, so we can see if it ever gets to deserialize
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
622 $attack = 'O:3:"App":1:{s:5:"__map";a:1:{s:3:"foo";s:7:"Hacked!";s:1:"fail"}}';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
623 $fields .= urlencode(':' . str_rot13($attack));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
624
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
625 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
626 'Model' => array('username' => 'mark', 'password' => 'foo', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
627 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
628 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
629 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
630 $this->assertFalse($result, 'validatePost passed when key was missing. %s');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
631 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
632
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
633 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
634 * Tests validation of checkbox arrays
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
635 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
636 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
637 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
638 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
639 function testValidatePostArray() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
640 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
641 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
642 $fields = 'f7d573650a295b94e0938d32b323fde775e5f32b%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
643
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
644 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
645 'Model' => array('multi_field' => array('1', '3')),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
646 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
647 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
648 $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
649 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
650
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
651 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
652 * testValidatePostNoModel method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
653 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
654 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
655 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
656 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
657 function testValidatePostNoModel() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
658 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
659 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
660 $fields = '540ac9c60d323c22bafe997b72c0790f39a8bdef%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
661
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
662 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
663 'anything' => 'some_data',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
664 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
665 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
666
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
667 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
668 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
669 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
670
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
671 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
672 * testValidatePostSimple method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
673 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
674 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
675 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
676 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
677 function testValidatePostSimple() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
678 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
679 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
680 $fields = '69f493434187b867ea14b901fdf58b55d27c935d%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
681
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
682 $this->Controller->data = $data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
683 'Model' => array('username' => '', 'password' => ''),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
684 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
685 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
686
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
687 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
688 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
689 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
690
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
691 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
692 * Tests hash validation for multiple records, including locked fields
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
693 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
694 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
695 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
696 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
697 function testValidatePostComplex() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
698 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
699 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
700 $fields = 'c9118120e680a7201b543f562e5301006ccfcbe2%3AAddresses.0.id%7CAddresses.1.id';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
701
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
702 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
703 'Addresses' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
704 '0' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
705 'id' => '123456', 'title' => '', 'first_name' => '', 'last_name' => '',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
706 'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
707 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
708 '1' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
709 'id' => '654321', 'title' => '', 'first_name' => '', 'last_name' => '',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
710 'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
711 )
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
712 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
713 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
714 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
715 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
716 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
717 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
718
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
719 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
720 * test ValidatePost with multiple select elements.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
721 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
722 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
723 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
724 function testValidatePostMultipleSelect() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
725 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
726 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
727 $fields = '422cde416475abc171568be690a98cad20e66079%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
728
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
729 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
730 'Tag' => array('Tag' => array(1, 2)),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
731 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
732 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
733 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
734 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
735
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
736 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
737 'Tag' => array('Tag' => array(1, 2, 3)),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
738 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
739 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
740 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
741 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
742
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
743 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
744 'Tag' => array('Tag' => array(1, 2, 3, 4)),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
745 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
746 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
747 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
748 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
749
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
750 $fields = '19464422eafe977ee729c59222af07f983010c5f%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
751 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
752 'User.password' => 'bar', 'User.name' => 'foo', 'User.is_valid' => '1',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
753 'Tag' => array('Tag' => array(1)), '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
754 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
755 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
756 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
757 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
758
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
759 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
760 * testValidatePostCheckbox method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
761 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
762 * First block tests un-checked checkbox
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
763 * Second block tests checked checkbox
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
764 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
765 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
766 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
767 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
768 function testValidatePostCheckbox() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
769 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
770 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
771 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
772
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
773 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
774 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
775 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
776 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
777
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
778 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
779 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
780
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
781 $fields = '874439ca69f89b4c4a5f50fb9c36ff56a28f5d42%3A';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
782
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
783 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
784 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
785 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
786 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
787
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
788 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
789 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
790
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
791
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
792 $this->Controller->data = array();
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
793 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
794 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
795
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
796 $this->Controller->data = $data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
797 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
798 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
799 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
800
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
801 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
802 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
803 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
804
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
805 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
806 * testValidatePostHidden method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
807 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
808 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
809 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
810 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
811 function testValidatePostHidden() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
812 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
813 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
814 $fields = '51ccd8cb0997c7b3d4523ecde5a109318405ef8c%3AModel.hidden%7CModel.other_hidden';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
815 $fields .= '';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
816
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
817 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
818 'Model' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
819 'username' => '', 'password' => '', 'hidden' => '0',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
820 'other_hidden' => 'some hidden value'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
821 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
822 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
823 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
824 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
825 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
826 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
827
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
828 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
829 * testValidatePostWithDisabledFields method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
830 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
831 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
832 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
833 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
834 function testValidatePostWithDisabledFields() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
835 $this->Controller->Security->disabledFields = array('Model.username', 'Model.password');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
836 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
837 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
838 $fields = 'ef1082968c449397bcd849f963636864383278b1%3AModel.hidden';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
839
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
840 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
841 'Model' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
842 'username' => '', 'password' => '', 'hidden' => '0'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
843 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
844 '_Token' => compact('fields', 'key')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
845 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
846
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
847 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
848 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
849 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
850
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
851 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
852 * testValidateHiddenMultipleModel method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
853 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
854 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
855 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
856 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
857 function testValidateHiddenMultipleModel() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
858 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
859 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
860 $fields = 'a2d01072dc4660eea9d15007025f35a7a5b58e18%3AModel.valid%7CModel2.valid%7CModel3.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
861
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
862 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
863 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
864 'Model2' => array('valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
865 'Model3' => array('valid' => '0'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
866 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
867 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
868 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
869 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
870 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
871
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
872 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
873 * testLoginValidation method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
874 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
875 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
876 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
877 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
878 function testLoginValidation() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
879
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
880 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
881
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
882 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
883 * testValidateHasManyModel method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
884 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
885 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
886 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
887 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
888 function testValidateHasManyModel() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
889 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
890 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
891 $fields = '51e3b55a6edd82020b3f29c9ae200e14bbeb7ee5%3AModel.0.hidden%7CModel.0.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
892 $fields .= '%7CModel.1.hidden%7CModel.1.valid';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
893
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
894 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
895 'Model' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
896 array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
897 'username' => 'username', 'password' => 'password',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
898 'hidden' => 'value', 'valid' => '0'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
899 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
900 array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
901 'username' => 'username', 'password' => 'password',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
902 'hidden' => 'value', 'valid' => '0'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
903 )
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
904 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
905 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
906 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
907
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
908 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
909 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
910 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
911
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
912 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
913 * testValidateHasManyRecordsPass method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
914 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
915 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
916 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
917 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
918 function testValidateHasManyRecordsPass() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
919 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
920 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
921 $fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
922 $fields .= 'Address.1.id%7CAddress.1.primary';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
923
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
924 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
925 'Address' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
926 0 => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
927 'id' => '123',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
928 'title' => 'home',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
929 'first_name' => 'Bilbo',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
930 'last_name' => 'Baggins',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
931 'address' => '23 Bag end way',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
932 'city' => 'the shire',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
933 'phone' => 'N/A',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
934 'primary' => '1',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
935 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
936 1 => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
937 'id' => '124',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
938 'title' => 'home',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
939 'first_name' => 'Frodo',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
940 'last_name' => 'Baggins',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
941 'address' => '50 Bag end way',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
942 'city' => 'the shire',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
943 'phone' => 'N/A',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
944 'primary' => '1'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
945 )
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
946 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
947 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
948 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
949
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
950 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
951 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
952 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
953
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
954 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
955 * testValidateHasManyRecords method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
956 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
957 * validatePost should fail, hidden fields have been changed.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
958 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
959 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
960 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
961 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
962 function testValidateHasManyRecordsFail() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
963 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
964 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
965 $fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
966 $fields .= 'Address.1.id%7CAddress.1.primary';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
967
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
968 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
969 'Address' => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
970 0 => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
971 'id' => '123',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
972 'title' => 'home',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
973 'first_name' => 'Bilbo',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
974 'last_name' => 'Baggins',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
975 'address' => '23 Bag end way',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
976 'city' => 'the shire',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
977 'phone' => 'N/A',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
978 'primary' => '5',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
979 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
980 1 => array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
981 'id' => '124',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
982 'title' => 'home',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
983 'first_name' => 'Frodo',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
984 'last_name' => 'Baggins',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
985 'address' => '50 Bag end way',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
986 'city' => 'the shire',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
987 'phone' => 'N/A',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
988 'primary' => '1'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
989 )
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
990 ),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
991 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
992 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
993
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
994 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
995 $this->assertFalse($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
996 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
997
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
998 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
999 * testLoginRequest method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1000 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1001 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1002 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1003 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1004 function testLoginRequest() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1005 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1006 $realm = 'cakephp.org';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1007 $options = array('realm' => $realm, 'type' => 'basic');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1008 $result = $this->Controller->Security->loginRequest($options);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1009 $expected = 'WWW-Authenticate: Basic realm="'.$realm.'"';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1010 $this->assertEqual($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1011
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1012 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1013 $options = array('realm' => $realm, 'type' => 'digest');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1014 $result = $this->Controller->Security->loginRequest($options);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1015 $this->assertPattern('/realm="'.$realm.'"/', $result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1016 $this->assertPattern('/qop="auth"/', $result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1017 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1018
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1019 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1020 * testGenerateDigestResponseHash method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1021 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1022 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1023 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1024 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1025 function testGenerateDigestResponseHash() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1026 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1027 $realm = 'cakephp.org';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1028 $loginData = array('realm' => $realm, 'users' => array('Willy Smith' => 'password'));
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1029 $this->Controller->Security->requireLogin($loginData);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1030
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1031 $data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1032 'username' => 'Willy Smith',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1033 'password' => 'password',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1034 'nonce' => String::uuid(),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1035 'nc' => 1,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1036 'cnonce' => 1,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1037 'realm' => $realm,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1038 'uri' => 'path_to_identifier',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1039 'qop' => 'testme'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1040 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1041 $_SERVER['REQUEST_METHOD'] = 'POST';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1042
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1043 $result = $this->Controller->Security->generateDigestResponseHash($data);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1044 $expected = md5(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1045 md5($data['username'] . ':' . $loginData['realm'] . ':' . $data['password']) . ':' .
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1046 $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' .
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1047 md5(env('REQUEST_METHOD') . ':' . $data['uri'])
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1048 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1049 $this->assertIdentical($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1050 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1051
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1052 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1053 * testLoginCredentials method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1054 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1055 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1056 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1057 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1058 function testLoginCredentials() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1059 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1060 $_SERVER['PHP_AUTH_USER'] = $user = 'Willy Test';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1061 $_SERVER['PHP_AUTH_PW'] = $pw = 'some password for the nice test';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1062
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1063 $result = $this->Controller->Security->loginCredentials('basic');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1064 $expected = array('username' => $user, 'password' => $pw);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1065 $this->assertIdentical($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1066
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1067 if (version_compare(PHP_VERSION, '5.1') != -1) {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1068 $_SERVER['PHP_AUTH_DIGEST'] = $digest = <<<DIGEST
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1069 Digest username="Mufasa",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1070 realm="testrealm@host.com",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1071 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1072 uri="/dir/index.html",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1073 qop=auth,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1074 nc=00000001,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1075 cnonce="0a4f113b",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1076 response="6629fae49393a05397450978507c4ef1",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1077 opaque="5ccc069c403ebaf9f0171e9517f40e41"
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1078 DIGEST;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1079 $expected = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1080 'username' => 'Mufasa',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1081 'realm' => 'testrealm@host.com',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1082 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1083 'uri' => '/dir/index.html',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1084 'qop' => 'auth',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1085 'nc' => '00000001',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1086 'cnonce' => '0a4f113b',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1087 'response' => '6629fae49393a05397450978507c4ef1',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1088 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1089 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1090 $result = $this->Controller->Security->loginCredentials('digest');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1091 $this->assertIdentical($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1092 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1093 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1094
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1095 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1096 * testParseDigestAuthData method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1097 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1098 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1099 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1100 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1101 function testParseDigestAuthData() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1102 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1103 $digest = <<<DIGEST
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1104 Digest username="Mufasa",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1105 realm="testrealm@host.com",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1106 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1107 uri="/dir/index.html",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1108 qop=auth,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1109 nc=00000001,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1110 cnonce="0a4f113b",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1111 response="6629fae49393a05397450978507c4ef1",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1112 opaque="5ccc069c403ebaf9f0171e9517f40e41"
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1113 DIGEST;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1114 $expected = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1115 'username' => 'Mufasa',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1116 'realm' => 'testrealm@host.com',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1117 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1118 'uri' => '/dir/index.html',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1119 'qop' => 'auth',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1120 'nc' => '00000001',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1121 'cnonce' => '0a4f113b',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1122 'response' => '6629fae49393a05397450978507c4ef1',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1123 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1124 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1125 $result = $this->Controller->Security->parseDigestAuthData($digest);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1126 $this->assertIdentical($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1127
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1128 $result = $this->Controller->Security->parseDigestAuthData('');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1129 $this->assertNull($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1130 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1131
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1132 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1133 * test parsing digest information with email addresses
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1134 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1135 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1136 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1137 function testParseDigestAuthEmailAddress() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1138 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1139 $digest = <<<DIGEST
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1140 Digest username="mark@example.com",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1141 realm="testrealm@host.com",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1142 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1143 uri="/dir/index.html",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1144 qop=auth,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1145 nc=00000001,
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1146 cnonce="0a4f113b",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1147 response="6629fae49393a05397450978507c4ef1",
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1148 opaque="5ccc069c403ebaf9f0171e9517f40e41"
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1149 DIGEST;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1150 $expected = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1151 'username' => 'mark@example.com',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1152 'realm' => 'testrealm@host.com',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1153 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1154 'uri' => '/dir/index.html',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1155 'qop' => 'auth',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1156 'nc' => '00000001',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1157 'cnonce' => '0a4f113b',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1158 'response' => '6629fae49393a05397450978507c4ef1',
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1159 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1160 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1161 $result = $this->Controller->Security->parseDigestAuthData($digest);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1162 $this->assertIdentical($result, $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1163 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1164
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1165 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1166 * testFormDisabledFields method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1167 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1168 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1169 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1170 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1171 function testFormDisabledFields() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1172 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1173 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1174 $fields = '11842060341b9d0fc3808b90ba29fdea7054d6ad%3An%3A0%3A%7B%7D';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1175
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1176 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1177 'MyModel' => array('name' => 'some data'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1178 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1179 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1180 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1181 $this->assertFalse($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1182
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1183 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1184 $this->Controller->Security->disabledFields = array('MyModel.name');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1185 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1186
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1187 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1188 'MyModel' => array('name' => 'some data'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1189 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1190 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1191
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1192 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1193 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1194 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1195
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1196 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1197 * testRadio method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1198 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1199 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1200 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1201 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1202 function testRadio() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1203 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1204 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1205 $fields = '575ef54ca4fc8cab468d6d898e9acd3a9671c17e%3An%3A0%3A%7B%7D';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1206
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1207 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1208 '_Token' => compact('key', 'fields')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1209 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1210 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1211 $this->assertFalse($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1212
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1213 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1214 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1215 'Test' => array('test' => '')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1216 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1217 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1218 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1219
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1220 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1221 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1222 'Test' => array('test' => '1')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1223 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1224 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1225 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1226
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1227 $this->Controller->data = array(
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1228 '_Token' => compact('key', 'fields'),
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1229 'Test' => array('test' => '2')
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1230 );
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1231 $result = $this->Controller->Security->validatePost($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1232 $this->assertTrue($result);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1233 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1234
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1235 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1236 * testInvalidAuthHeaders method
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1237 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1238 * @access public
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1239 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1240 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1241 function testInvalidAuthHeaders() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1242 $this->Controller->Security->blackHoleCallback = null;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1243 $_SERVER['PHP_AUTH_USER'] = 'admin';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1244 $_SERVER['PHP_AUTH_PW'] = 'password';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1245 $realm = 'cakephp.org';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1246 $loginData = array('type' => 'basic', 'realm' => $realm);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1247 $this->Controller->Security->requireLogin($loginData);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1248 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1249
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1250 $expected = 'WWW-Authenticate: Basic realm="'.$realm.'"';
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1251 $this->assertEqual(count($this->Controller->testHeaders), 1);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1252 $this->assertEqual(current($this->Controller->testHeaders), $expected);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1253 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1254
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1255 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1256 * test that a requestAction's controller will have the _Token appended to
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1257 * the params.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1258 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1259 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1260 * @see http://cakephp.lighthouseapp.com/projects/42648/tickets/68
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1261 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1262 function testSettingTokenForRequestAction() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1263 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1264 $key = $this->Controller->params['_Token']['key'];
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1265
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1266 $this->Controller->params['requested'] = 1;
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1267 unset($this->Controller->params['_Token']);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1268
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1269 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1270 $this->assertEqual($this->Controller->params['_Token']['key'], $key);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1271 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1272
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1273 /**
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1274 * test that blackhole doesn't delete the _Token session key so repeat data submissions
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1275 * stay blackholed.
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1276 *
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1277 * @link http://cakephp.lighthouseapp.com/projects/42648/tickets/214
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1278 * @return void
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1279 */
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1280 function testBlackHoleNotDeletingSessionInformation() {
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1281 $this->Controller->Security->startup($this->Controller);
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1282
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1283 $this->Controller->Security->blackHole($this->Controller, 'auth');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1284 $this->assertTrue($this->Controller->Security->Session->check('_Token'), '_Token was deleted by blackHole %s');
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1285 }
261e66bd5a0c hg init
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff changeset
1286 }