0
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1 <?php
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
2 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
3 * SecurityComponentTest file
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
4 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
5 * PHP versions 4 and 5
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
6 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
7 * CakePHP(tm) Tests <http://book.cakephp.org/view/1196/Testing>
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
8 * Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
9 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
10 * Licensed under The Open Group Test Suite License
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
11 * Redistributions of files must retain the above copyright notice.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
12 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
13 * @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
14 * @link http://book.cakephp.org/view/1196/Testing CakePHP(tm) Tests
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
15 * @package cake
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
16 * @subpackage cake.tests.cases.libs.controller.components
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
17 * @since CakePHP(tm) v 1.2.0.5435
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
18 * @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
19 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
20 App::import('Component', 'Security');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
21
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
22 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
23 * TestSecurityComponent
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
24 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
25 * @package cake
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
26 * @subpackage cake.tests.cases.libs.controller.components
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
27 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
28 class TestSecurityComponent extends SecurityComponent {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
29
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
30 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
31 * validatePost method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
32 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
33 * @param Controller $controller
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
34 * @return unknown
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
35 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
36 function validatePost(&$controller) {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
37 return $this->_validatePost($controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
38 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
39 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
40
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
41 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
42 * SecurityTestController
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
43 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
44 * @package cake
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
45 * @subpackage cake.tests.cases.libs.controller.components
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
46 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
47 class SecurityTestController extends Controller {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
48
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
49 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
50 * name property
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
51 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
52 * @var string 'SecurityTest'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
53 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
54 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
55 var $name = 'SecurityTest';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
56
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
57 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
58 * components property
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
59 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
60 * @var array
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
61 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
62 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
63 var $components = array('Session', 'TestSecurity');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
64
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
65 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
66 * failed property
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
67 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
68 * @var bool false
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
69 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
70 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
71 var $failed = false;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
72
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
73 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
74 * Used for keeping track of headers in test
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
75 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
76 * @var array
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
77 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
78 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
79 var $testHeaders = array();
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
80
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
81 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
82 * fail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
83 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
84 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
85 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
86 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
87 function fail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
88 $this->failed = true;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
89 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
90
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
91 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
92 * redirect method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
93 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
94 * @param mixed $option
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
95 * @param mixed $code
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
96 * @param mixed $exit
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
97 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
98 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
99 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
100 function redirect($option, $code, $exit) {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
101 return $code;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
102 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
103
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
104 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
105 * Conveinence method for header()
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
106 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
107 * @param string $status
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
108 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
109 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
110 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
111 function header($status) {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
112 $this->testHeaders[] = $status;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
113 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
114 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
115
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
116 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
117 * SecurityComponentTest class
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
118 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
119 * @package cake
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
120 * @subpackage cake.tests.cases.libs.controller.components
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
121 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
122 class SecurityComponentTest extends CakeTestCase {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
123
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
124 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
125 * Controller property
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
126 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
127 * @var SecurityTestController
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
128 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
129 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
130 var $Controller;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
131
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
132 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
133 * oldSalt property
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
134 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
135 * @var string
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
136 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
137 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
138 var $oldSalt;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
139
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
140 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
141 * setUp method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
142 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
143 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
144 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
145 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
146 function startTest() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
147 $this->Controller =& new SecurityTestController();
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
148 $this->Controller->Component->init($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
149 $this->Controller->Security =& $this->Controller->TestSecurity;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
150 $this->Controller->Security->blackHoleCallback = 'fail';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
151 $this->oldSalt = Configure::read('Security.salt');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
152 Configure::write('Security.salt', 'foo!');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
153 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
154
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
155 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
156 * Tear-down method. Resets environment state.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
157 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
158 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
159 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
160 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
161 function endTest() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
162 Configure::write('Security.salt', $this->oldSalt);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
163 $this->Controller->Session->delete('_Token');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
164 unset($this->Controller->Security);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
165 unset($this->Controller->Component);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
166 unset($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
167 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
168
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
169 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
170 * test that initalize can set properties.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
171 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
172 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
173 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
174 function testInitialize() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
175 $settings = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
176 'requirePost' => array('edit', 'update'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
177 'requireSecure' => array('update_account'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
178 'requireGet' => array('index'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
179 'validatePost' => false,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
180 'loginUsers' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
181 'mark' => 'password'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
182 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
183 'requireLogin' => array('login'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
184 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
185 $this->Controller->Security->initialize($this->Controller, $settings);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
186 $this->assertEqual($this->Controller->Security->requirePost, $settings['requirePost']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
187 $this->assertEqual($this->Controller->Security->requireSecure, $settings['requireSecure']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
188 $this->assertEqual($this->Controller->Security->requireGet, $settings['requireGet']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
189 $this->assertEqual($this->Controller->Security->validatePost, $settings['validatePost']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
190 $this->assertEqual($this->Controller->Security->loginUsers, $settings['loginUsers']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
191 $this->assertEqual($this->Controller->Security->requireLogin, $settings['requireLogin']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
192 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
193
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
194 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
195 * testStartup method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
196 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
197 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
198 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
199 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
200 function testStartup() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
201 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
202 $result = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
203 $this->assertNotNull($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
204 $this->assertTrue($this->Controller->Session->check('_Token'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
205 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
206
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
207 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
208 * testRequirePostFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
209 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
210 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
211 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
212 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
213 function testRequirePostFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
214 $_SERVER['REQUEST_METHOD'] = 'GET';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
215 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
216 $this->Controller->Security->requirePost(array('posted'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
217 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
218 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
219 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
220
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
221 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
222 * testRequirePostSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
223 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
224 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
225 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
226 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
227 function testRequirePostSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
228 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
229 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
230 $this->Controller->Security->requirePost('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
231 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
232 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
233 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
234
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
235 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
236 * testRequireSecureFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
237 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
238 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
239 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
240 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
241 function testRequireSecureFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
242 $_SERVER['HTTPS'] = 'off';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
243 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
244 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
245 $this->Controller->Security->requireSecure(array('posted'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
246 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
247 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
248 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
249
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
250 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
251 * testRequireSecureSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
252 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
253 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
254 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
255 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
256 function testRequireSecureSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
257 $_SERVER['REQUEST_METHOD'] = 'Secure';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
258 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
259 $_SERVER['HTTPS'] = 'on';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
260 $this->Controller->Security->requireSecure('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
261 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
262 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
263 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
264
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
265 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
266 * testRequireAuthFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
267 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
268 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
269 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
270 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
271 function testRequireAuthFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
272 $_SERVER['REQUEST_METHOD'] = 'AUTH';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
273 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
274 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
275 $this->Controller->Security->requireAuth(array('posted'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
276 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
277 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
278
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
279 $this->Controller->Session->write('_Token', serialize(array('allowedControllers' => array())));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
280 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
281 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
282 $this->Controller->Security->requireAuth('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
283 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
284 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
285
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
286 $this->Controller->Session->write('_Token', serialize(array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
287 'allowedControllers' => array('SecurityTest'), 'allowedActions' => array('posted2')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
288 )));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
289 $this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
290 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
291 $this->Controller->Security->requireAuth('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
292 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
293 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
294 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
295
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
296 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
297 * testRequireAuthSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
298 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
299 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
300 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
301 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
302 function testRequireAuthSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
303 $_SERVER['REQUEST_METHOD'] = 'AUTH';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
304 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
305 $this->Controller->Security->requireAuth('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
306 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
307 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
308
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
309 $this->Controller->Security->Session->write('_Token', serialize(array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
310 'allowedControllers' => array('SecurityTest'), 'allowedActions' => array('posted')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
311 )));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
312 $this->Controller->params['controller'] = 'SecurityTest';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
313 $this->Controller->params['action'] = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
314
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
315 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
316 'username' => 'willy', 'password' => 'somePass', '_Token' => ''
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
317 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
318 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
319 $this->Controller->Security->requireAuth('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
320 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
321 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
322 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
323
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
324 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
325 * testRequirePostSucceedWrongMethod method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
326 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
327 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
328 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
329 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
330 function testRequirePostSucceedWrongMethod() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
331 $_SERVER['REQUEST_METHOD'] = 'GET';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
332 $this->Controller->action = 'getted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
333 $this->Controller->Security->requirePost('posted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
334 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
335 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
336 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
337
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
338 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
339 * testRequireGetFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
340 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
341 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
342 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
343 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
344 function testRequireGetFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
345 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
346 $this->Controller->action = 'getted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
347 $this->Controller->Security->requireGet(array('getted'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
348 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
349 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
350 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
351
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
352 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
353 * testRequireGetSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
354 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
355 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
356 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
357 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
358 function testRequireGetSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
359 $_SERVER['REQUEST_METHOD'] = 'GET';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
360 $this->Controller->action = 'getted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
361 $this->Controller->Security->requireGet('getted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
362 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
363 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
364 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
365
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
366 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
367 * testRequireLogin method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
368 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
369 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
370 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
371 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
372 function testRequireLogin() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
373 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
374 $this->Controller->Security->requireLogin(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
375 'posted',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
376 array('type' => 'basic', 'users' => array('admin' => 'password'))
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
377 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
378 $_SERVER['PHP_AUTH_USER'] = 'admin';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
379 $_SERVER['PHP_AUTH_PW'] = 'password';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
380 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
381 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
382
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
383
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
384 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
385 $this->Controller->Security->requireLogin(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
386 array('posted'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
387 array('type' => 'basic', 'users' => array('admin' => 'password'))
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
388 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
389 $_SERVER['PHP_AUTH_USER'] = 'admin2';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
390 $_SERVER['PHP_AUTH_PW'] = 'password';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
391 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
392 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
393
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
394 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
395 $this->Controller->Security->requireLogin(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
396 'posted',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
397 array('type' => 'basic', 'users' => array('admin' => 'password'))
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
398 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
399 $_SERVER['PHP_AUTH_USER'] = 'admin';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
400 $_SERVER['PHP_AUTH_PW'] = 'password2';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
401 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
402 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
403 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
404
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
405 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
406 * testDigestAuth method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
407 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
408 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
409 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
410 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
411 function testDigestAuth() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
412 $skip = $this->skipIf((version_compare(PHP_VERSION, '5.1') == -1) XOR (!function_exists('apache_request_headers')),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
413 "%s Cannot run Digest Auth test for PHP versions < 5.1"
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
414 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
415
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
416 if ($skip) {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
417 return;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
418 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
419
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
420 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
421 $_SERVER['PHP_AUTH_DIGEST'] = $digest = <<<DIGEST
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
422 Digest username="Mufasa",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
423 realm="testrealm@host.com",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
424 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
425 uri="/dir/index.html",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
426 qop=auth,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
427 nc=00000001,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
428 cnonce="0a4f113b",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
429 response="460d0d3c6867c2f1ab85b1ada1aece48",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
430 opaque="5ccc069c403ebaf9f0171e9517f40e41"
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
431 DIGEST;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
432 $this->Controller->Security->requireLogin('posted', array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
433 'type' => 'digest', 'users' => array('Mufasa' => 'password'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
434 'realm' => 'testrealm@host.com'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
435 ));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
436 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
437 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
438 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
439
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
440 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
441 * testRequireGetSucceedWrongMethod method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
442 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
443 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
444 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
445 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
446 function testRequireGetSucceedWrongMethod() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
447 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
448 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
449 $this->Controller->Security->requireGet('getted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
450 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
451 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
452 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
453
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
454 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
455 * testRequirePutFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
456 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
457 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
458 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
459 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
460 function testRequirePutFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
461 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
462 $this->Controller->action = 'putted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
463 $this->Controller->Security->requirePut(array('putted'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
464 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
465 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
466 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
467
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
468 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
469 * testRequirePutSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
470 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
471 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
472 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
473 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
474 function testRequirePutSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
475 $_SERVER['REQUEST_METHOD'] = 'PUT';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
476 $this->Controller->action = 'putted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
477 $this->Controller->Security->requirePut('putted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
478 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
479 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
480 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
481
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
482 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
483 * testRequirePutSucceedWrongMethod method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
484 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
485 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
486 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
487 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
488 function testRequirePutSucceedWrongMethod() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
489 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
490 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
491 $this->Controller->Security->requirePut('putted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
492 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
493 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
494 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
495
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
496 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
497 * testRequireDeleteFail method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
498 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
499 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
500 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
501 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
502 function testRequireDeleteFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
503 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
504 $this->Controller->action = 'deleted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
505 $this->Controller->Security->requireDelete(array('deleted', 'other_method'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
506 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
507 $this->assertTrue($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
508 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
509
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
510 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
511 * testRequireDeleteSucceed method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
512 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
513 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
514 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
515 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
516 function testRequireDeleteSucceed() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
517 $_SERVER['REQUEST_METHOD'] = 'DELETE';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
518 $this->Controller->action = 'deleted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
519 $this->Controller->Security->requireDelete('deleted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
520 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
521 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
522 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
523
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
524 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
525 * testRequireDeleteSucceedWrongMethod method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
526 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
527 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
528 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
529 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
530 function testRequireDeleteSucceedWrongMethod() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
531 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
532 $this->Controller->action = 'posted';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
533 $this->Controller->Security->requireDelete('deleted');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
534 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
535 $this->assertFalse($this->Controller->failed);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
536 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
537
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
538 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
539 * testRequireLoginSettings method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
540 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
541 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
542 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
543 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
544 function testRequireLoginSettings() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
545 $this->Controller->Security->requireLogin(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
546 'add', 'edit',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
547 array('type' => 'basic', 'users' => array('admin' => 'password'))
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
548 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
549 $this->assertEqual($this->Controller->Security->requireLogin, array('add', 'edit'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
550 $this->assertEqual($this->Controller->Security->loginUsers, array('admin' => 'password'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
551 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
552
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
553 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
554 * testRequireLoginAllActions method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
555 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
556 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
557 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
558 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
559 function testRequireLoginAllActions() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
560 $this->Controller->Security->requireLogin(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
561 array('type' => 'basic', 'users' => array('admin' => 'password'))
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
562 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
563 $this->assertEqual($this->Controller->Security->requireLogin, array('*'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
564 $this->assertEqual($this->Controller->Security->loginUsers, array('admin' => 'password'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
565 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
566
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
567 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
568 * Simple hash validation test
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
569 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
570 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
571 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
572 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
573 function testValidatePost() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
574 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
575 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
576 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
577
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
578 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
579 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
580 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
581 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
582 $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
583 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
584
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
585 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
586 * test that validatePost fails if any of its required fields are missing.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
587 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
588 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
589 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
590 function testValidatePostFormHacking() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
591 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
592 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
593 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
594
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
595 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
596 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
597 '_Token' => compact('key')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
598 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
599 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
600 $this->assertFalse($result, 'validatePost passed when fields were missing. %s');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
601
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
602 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
603 'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
604 '_Token' => compact('fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
605 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
606 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
607 $this->assertFalse($result, 'validatePost passed when key was missing. %s');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
608 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
609
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
610 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
611 * Test that objects can't be passed into the serialized string. This was a vector for RFI and LFI
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
612 * attacks. Thanks to Felix Wilhelm
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
613 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
614 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
615 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
616 function testValidatePostObjectDeserialize() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
617 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
618 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
619 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
620
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
621 // a corrupted serialized object, so we can see if it ever gets to deserialize
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
622 $attack = 'O:3:"App":1:{s:5:"__map";a:1:{s:3:"foo";s:7:"Hacked!";s:1:"fail"}}';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
623 $fields .= urlencode(':' . str_rot13($attack));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
624
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
625 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
626 'Model' => array('username' => 'mark', 'password' => 'foo', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
627 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
628 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
629 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
630 $this->assertFalse($result, 'validatePost passed when key was missing. %s');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
631 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
632
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
633 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
634 * Tests validation of checkbox arrays
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
635 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
636 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
637 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
638 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
639 function testValidatePostArray() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
640 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
641 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
642 $fields = 'f7d573650a295b94e0938d32b323fde775e5f32b%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
643
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
644 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
645 'Model' => array('multi_field' => array('1', '3')),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
646 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
647 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
648 $this->assertTrue($this->Controller->Security->validatePost($this->Controller));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
649 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
650
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
651 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
652 * testValidatePostNoModel method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
653 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
654 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
655 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
656 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
657 function testValidatePostNoModel() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
658 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
659 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
660 $fields = '540ac9c60d323c22bafe997b72c0790f39a8bdef%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
661
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
662 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
663 'anything' => 'some_data',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
664 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
665 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
666
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
667 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
668 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
669 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
670
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
671 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
672 * testValidatePostSimple method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
673 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
674 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
675 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
676 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
677 function testValidatePostSimple() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
678 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
679 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
680 $fields = '69f493434187b867ea14b901fdf58b55d27c935d%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
681
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
682 $this->Controller->data = $data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
683 'Model' => array('username' => '', 'password' => ''),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
684 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
685 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
686
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
687 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
688 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
689 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
690
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
691 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
692 * Tests hash validation for multiple records, including locked fields
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
693 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
694 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
695 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
696 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
697 function testValidatePostComplex() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
698 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
699 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
700 $fields = 'c9118120e680a7201b543f562e5301006ccfcbe2%3AAddresses.0.id%7CAddresses.1.id';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
701
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
702 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
703 'Addresses' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
704 '0' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
705 'id' => '123456', 'title' => '', 'first_name' => '', 'last_name' => '',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
706 'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
707 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
708 '1' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
709 'id' => '654321', 'title' => '', 'first_name' => '', 'last_name' => '',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
710 'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
711 )
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
712 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
713 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
714 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
715 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
716 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
717 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
718
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
719 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
720 * test ValidatePost with multiple select elements.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
721 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
722 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
723 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
724 function testValidatePostMultipleSelect() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
725 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
726 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
727 $fields = '422cde416475abc171568be690a98cad20e66079%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
728
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
729 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
730 'Tag' => array('Tag' => array(1, 2)),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
731 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
732 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
733 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
734 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
735
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
736 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
737 'Tag' => array('Tag' => array(1, 2, 3)),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
738 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
739 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
740 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
741 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
742
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
743 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
744 'Tag' => array('Tag' => array(1, 2, 3, 4)),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
745 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
746 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
747 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
748 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
749
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
750 $fields = '19464422eafe977ee729c59222af07f983010c5f%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
751 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
752 'User.password' => 'bar', 'User.name' => 'foo', 'User.is_valid' => '1',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
753 'Tag' => array('Tag' => array(1)), '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
754 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
755 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
756 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
757 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
758
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
759 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
760 * testValidatePostCheckbox method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
761 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
762 * First block tests un-checked checkbox
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
763 * Second block tests checked checkbox
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
764 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
765 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
766 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
767 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
768 function testValidatePostCheckbox() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
769 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
770 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
771 $fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
772
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
773 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
774 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
775 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
776 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
777
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
778 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
779 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
780
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
781 $fields = '874439ca69f89b4c4a5f50fb9c36ff56a28f5d42%3A';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
782
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
783 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
784 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
785 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
786 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
787
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
788 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
789 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
790
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
791
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
792 $this->Controller->data = array();
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
793 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
794 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
795
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
796 $this->Controller->data = $data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
797 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
798 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
799 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
800
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
801 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
802 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
803 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
804
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
805 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
806 * testValidatePostHidden method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
807 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
808 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
809 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
810 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
811 function testValidatePostHidden() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
812 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
813 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
814 $fields = '51ccd8cb0997c7b3d4523ecde5a109318405ef8c%3AModel.hidden%7CModel.other_hidden';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
815 $fields .= '';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
816
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
817 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
818 'Model' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
819 'username' => '', 'password' => '', 'hidden' => '0',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
820 'other_hidden' => 'some hidden value'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
821 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
822 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
823 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
824 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
825 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
826 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
827
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
828 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
829 * testValidatePostWithDisabledFields method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
830 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
831 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
832 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
833 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
834 function testValidatePostWithDisabledFields() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
835 $this->Controller->Security->disabledFields = array('Model.username', 'Model.password');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
836 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
837 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
838 $fields = 'ef1082968c449397bcd849f963636864383278b1%3AModel.hidden';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
839
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
840 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
841 'Model' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
842 'username' => '', 'password' => '', 'hidden' => '0'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
843 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
844 '_Token' => compact('fields', 'key')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
845 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
846
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
847 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
848 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
849 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
850
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
851 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
852 * testValidateHiddenMultipleModel method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
853 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
854 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
855 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
856 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
857 function testValidateHiddenMultipleModel() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
858 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
859 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
860 $fields = 'a2d01072dc4660eea9d15007025f35a7a5b58e18%3AModel.valid%7CModel2.valid%7CModel3.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
861
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
862 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
863 'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
864 'Model2' => array('valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
865 'Model3' => array('valid' => '0'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
866 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
867 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
868 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
869 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
870 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
871
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
872 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
873 * testLoginValidation method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
874 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
875 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
876 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
877 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
878 function testLoginValidation() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
879
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
880 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
881
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
882 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
883 * testValidateHasManyModel method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
884 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
885 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
886 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
887 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
888 function testValidateHasManyModel() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
889 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
890 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
891 $fields = '51e3b55a6edd82020b3f29c9ae200e14bbeb7ee5%3AModel.0.hidden%7CModel.0.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
892 $fields .= '%7CModel.1.hidden%7CModel.1.valid';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
893
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
894 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
895 'Model' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
896 array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
897 'username' => 'username', 'password' => 'password',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
898 'hidden' => 'value', 'valid' => '0'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
899 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
900 array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
901 'username' => 'username', 'password' => 'password',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
902 'hidden' => 'value', 'valid' => '0'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
903 )
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
904 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
905 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
906 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
907
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
908 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
909 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
910 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
911
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
912 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
913 * testValidateHasManyRecordsPass method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
914 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
915 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
916 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
917 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
918 function testValidateHasManyRecordsPass() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
919 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
920 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
921 $fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
922 $fields .= 'Address.1.id%7CAddress.1.primary';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
923
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
924 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
925 'Address' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
926 0 => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
927 'id' => '123',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
928 'title' => 'home',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
929 'first_name' => 'Bilbo',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
930 'last_name' => 'Baggins',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
931 'address' => '23 Bag end way',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
932 'city' => 'the shire',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
933 'phone' => 'N/A',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
934 'primary' => '1',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
935 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
936 1 => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
937 'id' => '124',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
938 'title' => 'home',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
939 'first_name' => 'Frodo',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
940 'last_name' => 'Baggins',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
941 'address' => '50 Bag end way',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
942 'city' => 'the shire',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
943 'phone' => 'N/A',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
944 'primary' => '1'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
945 )
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
946 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
947 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
948 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
949
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
950 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
951 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
952 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
953
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
954 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
955 * testValidateHasManyRecords method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
956 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
957 * validatePost should fail, hidden fields have been changed.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
958 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
959 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
960 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
961 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
962 function testValidateHasManyRecordsFail() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
963 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
964 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
965 $fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
966 $fields .= 'Address.1.id%7CAddress.1.primary';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
967
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
968 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
969 'Address' => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
970 0 => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
971 'id' => '123',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
972 'title' => 'home',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
973 'first_name' => 'Bilbo',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
974 'last_name' => 'Baggins',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
975 'address' => '23 Bag end way',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
976 'city' => 'the shire',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
977 'phone' => 'N/A',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
978 'primary' => '5',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
979 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
980 1 => array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
981 'id' => '124',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
982 'title' => 'home',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
983 'first_name' => 'Frodo',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
984 'last_name' => 'Baggins',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
985 'address' => '50 Bag end way',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
986 'city' => 'the shire',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
987 'phone' => 'N/A',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
988 'primary' => '1'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
989 )
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
990 ),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
991 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
992 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
993
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
994 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
995 $this->assertFalse($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
996 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
997
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
998 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
999 * testLoginRequest method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1000 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1001 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1002 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1003 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1004 function testLoginRequest() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1005 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1006 $realm = 'cakephp.org';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1007 $options = array('realm' => $realm, 'type' => 'basic');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1008 $result = $this->Controller->Security->loginRequest($options);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1009 $expected = 'WWW-Authenticate: Basic realm="'.$realm.'"';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1010 $this->assertEqual($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1011
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1012 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1013 $options = array('realm' => $realm, 'type' => 'digest');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1014 $result = $this->Controller->Security->loginRequest($options);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1015 $this->assertPattern('/realm="'.$realm.'"/', $result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1016 $this->assertPattern('/qop="auth"/', $result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1017 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1018
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1019 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1020 * testGenerateDigestResponseHash method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1021 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1022 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1023 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1024 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1025 function testGenerateDigestResponseHash() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1026 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1027 $realm = 'cakephp.org';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1028 $loginData = array('realm' => $realm, 'users' => array('Willy Smith' => 'password'));
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1029 $this->Controller->Security->requireLogin($loginData);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1030
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1031 $data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1032 'username' => 'Willy Smith',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1033 'password' => 'password',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1034 'nonce' => String::uuid(),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1035 'nc' => 1,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1036 'cnonce' => 1,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1037 'realm' => $realm,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1038 'uri' => 'path_to_identifier',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1039 'qop' => 'testme'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1040 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1041 $_SERVER['REQUEST_METHOD'] = 'POST';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1042
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1043 $result = $this->Controller->Security->generateDigestResponseHash($data);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1044 $expected = md5(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1045 md5($data['username'] . ':' . $loginData['realm'] . ':' . $data['password']) . ':' .
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1046 $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' .
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1047 md5(env('REQUEST_METHOD') . ':' . $data['uri'])
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1048 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1049 $this->assertIdentical($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1050 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1051
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1052 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1053 * testLoginCredentials method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1054 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1055 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1056 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1057 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1058 function testLoginCredentials() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1059 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1060 $_SERVER['PHP_AUTH_USER'] = $user = 'Willy Test';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1061 $_SERVER['PHP_AUTH_PW'] = $pw = 'some password for the nice test';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1062
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1063 $result = $this->Controller->Security->loginCredentials('basic');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1064 $expected = array('username' => $user, 'password' => $pw);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1065 $this->assertIdentical($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1066
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1067 if (version_compare(PHP_VERSION, '5.1') != -1) {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1068 $_SERVER['PHP_AUTH_DIGEST'] = $digest = <<<DIGEST
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1069 Digest username="Mufasa",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1070 realm="testrealm@host.com",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1071 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1072 uri="/dir/index.html",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1073 qop=auth,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1074 nc=00000001,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1075 cnonce="0a4f113b",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1076 response="6629fae49393a05397450978507c4ef1",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1077 opaque="5ccc069c403ebaf9f0171e9517f40e41"
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1078 DIGEST;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1079 $expected = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1080 'username' => 'Mufasa',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1081 'realm' => 'testrealm@host.com',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1082 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1083 'uri' => '/dir/index.html',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1084 'qop' => 'auth',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1085 'nc' => '00000001',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1086 'cnonce' => '0a4f113b',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1087 'response' => '6629fae49393a05397450978507c4ef1',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1088 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1089 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1090 $result = $this->Controller->Security->loginCredentials('digest');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1091 $this->assertIdentical($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1092 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1093 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1094
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1095 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1096 * testParseDigestAuthData method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1097 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1098 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1099 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1100 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1101 function testParseDigestAuthData() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1102 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1103 $digest = <<<DIGEST
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1104 Digest username="Mufasa",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1105 realm="testrealm@host.com",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1106 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1107 uri="/dir/index.html",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1108 qop=auth,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1109 nc=00000001,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1110 cnonce="0a4f113b",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1111 response="6629fae49393a05397450978507c4ef1",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1112 opaque="5ccc069c403ebaf9f0171e9517f40e41"
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1113 DIGEST;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1114 $expected = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1115 'username' => 'Mufasa',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1116 'realm' => 'testrealm@host.com',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1117 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1118 'uri' => '/dir/index.html',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1119 'qop' => 'auth',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1120 'nc' => '00000001',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1121 'cnonce' => '0a4f113b',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1122 'response' => '6629fae49393a05397450978507c4ef1',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1123 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1124 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1125 $result = $this->Controller->Security->parseDigestAuthData($digest);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1126 $this->assertIdentical($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1127
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1128 $result = $this->Controller->Security->parseDigestAuthData('');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1129 $this->assertNull($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1130 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1131
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1132 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1133 * test parsing digest information with email addresses
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1134 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1135 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1136 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1137 function testParseDigestAuthEmailAddress() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1138 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1139 $digest = <<<DIGEST
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1140 Digest username="mark@example.com",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1141 realm="testrealm@host.com",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1142 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1143 uri="/dir/index.html",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1144 qop=auth,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1145 nc=00000001,
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1146 cnonce="0a4f113b",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1147 response="6629fae49393a05397450978507c4ef1",
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1148 opaque="5ccc069c403ebaf9f0171e9517f40e41"
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1149 DIGEST;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1150 $expected = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1151 'username' => 'mark@example.com',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1152 'realm' => 'testrealm@host.com',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1153 'nonce' => 'dcd98b7102dd2f0e8b11d0f600bfb0c093',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1154 'uri' => '/dir/index.html',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1155 'qop' => 'auth',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1156 'nc' => '00000001',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1157 'cnonce' => '0a4f113b',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1158 'response' => '6629fae49393a05397450978507c4ef1',
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1159 'opaque' => '5ccc069c403ebaf9f0171e9517f40e41'
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1160 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1161 $result = $this->Controller->Security->parseDigestAuthData($digest);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1162 $this->assertIdentical($result, $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1163 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1164
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1165 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1166 * testFormDisabledFields method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1167 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1168 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1169 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1170 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1171 function testFormDisabledFields() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1172 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1173 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1174 $fields = '11842060341b9d0fc3808b90ba29fdea7054d6ad%3An%3A0%3A%7B%7D';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1175
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1176 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1177 'MyModel' => array('name' => 'some data'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1178 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1179 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1180 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1181 $this->assertFalse($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1182
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1183 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1184 $this->Controller->Security->disabledFields = array('MyModel.name');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1185 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1186
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1187 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1188 'MyModel' => array('name' => 'some data'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1189 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1190 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1191
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1192 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1193 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1194 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1195
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1196 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1197 * testRadio method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1198 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1199 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1200 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1201 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1202 function testRadio() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1203 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1204 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1205 $fields = '575ef54ca4fc8cab468d6d898e9acd3a9671c17e%3An%3A0%3A%7B%7D';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1206
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1207 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1208 '_Token' => compact('key', 'fields')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1209 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1210 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1211 $this->assertFalse($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1212
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1213 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1214 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1215 'Test' => array('test' => '')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1216 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1217 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1218 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1219
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1220 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1221 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1222 'Test' => array('test' => '1')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1223 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1224 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1225 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1226
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1227 $this->Controller->data = array(
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1228 '_Token' => compact('key', 'fields'),
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1229 'Test' => array('test' => '2')
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1230 );
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1231 $result = $this->Controller->Security->validatePost($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1232 $this->assertTrue($result);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1233 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1234
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1235 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1236 * testInvalidAuthHeaders method
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1237 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1238 * @access public
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1239 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1240 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1241 function testInvalidAuthHeaders() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1242 $this->Controller->Security->blackHoleCallback = null;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1243 $_SERVER['PHP_AUTH_USER'] = 'admin';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1244 $_SERVER['PHP_AUTH_PW'] = 'password';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1245 $realm = 'cakephp.org';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1246 $loginData = array('type' => 'basic', 'realm' => $realm);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1247 $this->Controller->Security->requireLogin($loginData);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1248 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1249
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1250 $expected = 'WWW-Authenticate: Basic realm="'.$realm.'"';
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1251 $this->assertEqual(count($this->Controller->testHeaders), 1);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1252 $this->assertEqual(current($this->Controller->testHeaders), $expected);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1253 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1254
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1255 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1256 * test that a requestAction's controller will have the _Token appended to
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1257 * the params.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1258 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1259 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1260 * @see http://cakephp.lighthouseapp.com/projects/42648/tickets/68
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1261 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1262 function testSettingTokenForRequestAction() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1263 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1264 $key = $this->Controller->params['_Token']['key'];
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1265
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1266 $this->Controller->params['requested'] = 1;
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1267 unset($this->Controller->params['_Token']);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1268
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1269 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1270 $this->assertEqual($this->Controller->params['_Token']['key'], $key);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1271 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1272
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1273 /**
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1274 * test that blackhole doesn't delete the _Token session key so repeat data submissions
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1275 * stay blackholed.
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1276 *
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1277 * @link http://cakephp.lighthouseapp.com/projects/42648/tickets/214
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1278 * @return void
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1279 */
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1280 function testBlackHoleNotDeletingSessionInformation() {
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1281 $this->Controller->Security->startup($this->Controller);
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1282
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1283 $this->Controller->Security->blackHole($this->Controller, 'auth');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1284 $this->assertTrue($this->Controller->Security->Session->check('_Token'), '_Token was deleted by blackHole %s');
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1285 }
|
Shoshi TAMAKI <shoshi@cr.ie.u-ryukyu.ac.jp>
parents:
diff
changeset
|
1286 }
|