adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updating SecurityComponent tests to include the disabled field.

Browse source
This commit is contained in:
mark_story 2011-06-09 22:10:43 -04:00
parent be6a2e096f
commit 046ddceb9a
1 changed files with 44 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
lib/Cake/Test/Case/Controller/Component/SecurityComponentTest.php
View file

@ -471,10 +471,11 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$this->assertTrue($this->Controller->Security->validatePost($this->Controller));
}
@ -488,10 +489,11 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->params['_Token']['key'];
$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
'_Token' => compact('key')
'_Token' => compact('key', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result, 'validatePost passed when fields were missing. %s');
@ -507,6 +509,7 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877';
$disabled = '';
// a corrupted serialized object, so we can see if it ever gets to deserialize
$attack = 'O:3:"App":1:{s:5:"__map";a:1:{s:3:"foo";s:7:"Hacked!";s:1:"fail"}}';
@ -514,7 +517,7 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->request->data = array(
'Model' => array('username' => 'mark', 'password' => 'foo', 'valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result, 'validatePost passed when key was missing. %s');
@ -531,10 +534,11 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'f7d573650a295b94e0938d32b323fde775e5f32b%3A';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array('multi_field' => array('1', '3')),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$this->assertTrue($this->Controller->Security->validatePost($this->Controller));
}
@ -550,10 +554,11 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '540ac9c60d323c22bafe997b72c0790f39a8bdef%3A';
$disabled = '';
$this->Controller->request->data = array(
'anything' => 'some_data',
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -571,10 +576,11 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '69f493434187b867ea14b901fdf58b55d27c935d%3A';
$disabled = '';
$this->Controller->request->data = $data = array(
'Model' => array('username' => '', 'password' => ''),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -592,6 +598,7 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'c9118120e680a7201b543f562e5301006ccfcbe2%3AAddresses.0.id%7CAddresses.1.id';
$disabled = '';
$this->Controller->request->data = array(
'Addresses' => array(
@ -604,7 +611,7 @@ class SecurityComponentTest extends CakeTestCase {
'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
)
),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
@ -620,24 +627,25 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '422cde416475abc171568be690a98cad20e66079%3A';
$disabled = '';
$this->Controller->request->data = array(
'Tag' => array('Tag' => array(1, 2)),
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
$this->Controller->request->data = array(
'Tag' => array('Tag' => array(1, 2, 3)),
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
$this->Controller->request->data = array(
'Tag' => array('Tag' => array(1, 2, 3, 4)),
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
@ -645,7 +653,8 @@ class SecurityComponentTest extends CakeTestCase {
$fields = '19464422eafe977ee729c59222af07f983010c5f%3A';
$this->Controller->request->data = array(
'User.password' => 'bar', 'User.name' => 'foo', 'User.is_valid' => '1',
'Tag' => array('Tag' => array(1)), '_Token' => compact('key', 'fields'),
'Tag' => array('Tag' => array(1)),
'_Token' => compact('key', 'fields', 'disabled'),
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
@ -664,10 +673,11 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -677,7 +687,7 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->request->data = array(
'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -690,7 +700,7 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->request->data = $data = array(
'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -707,14 +717,14 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = '51ccd8cb0997c7b3d4523ecde5a109318405ef8c%3AModel.hidden%7CModel.other_hidden';
$fields .= '';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array(
'username' => '', 'password' => '', 'hidden' => '0',
'other_hidden' => 'some hidden value'
),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
@ -731,12 +741,13 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'ef1082968c449397bcd849f963636864383278b1%3AModel.hidden';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array(
'username' => '', 'password' => '', 'hidden' => '0'
),
'_Token' => compact('fields', 'key')
'_Token' => compact('fields', 'key', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -753,12 +764,13 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = 'a2d01072dc4660eea9d15007025f35a7a5b58e18%3AModel.valid%7CModel2.valid%7CModel3.valid';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
'Model2' => array('valid' => '0'),
'Model3' => array('valid' => '0'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
@ -775,6 +787,7 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '51e3b55a6edd82020b3f29c9ae200e14bbeb7ee5%3AModel.0.hidden%7CModel.0.valid';
$fields .= '%7CModel.1.hidden%7CModel.1.valid';
$disabled = '';
$this->Controller->request->data = array(
'Model' => array(
@ -787,7 +800,7 @@ class SecurityComponentTest extends CakeTestCase {
'hidden' => 'value', 'valid' => '0'
)
),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -805,6 +818,7 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
$fields .= 'Address.1.id%7CAddress.1.primary';
$disabled = '';
$this->Controller->request->data = array(
'Address' => array(
@ -829,7 +843,7 @@ class SecurityComponentTest extends CakeTestCase {
'primary' => '1'
)
),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -849,6 +863,7 @@ class SecurityComponentTest extends CakeTestCase {
$key = $this->Controller->request->params['_Token']['key'];
$fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
$fields .= 'Address.1.id%7CAddress.1.primary';
$disabled = '';
$this->Controller->request->data = array(
'Address' => array(
@ -873,7 +888,7 @@ class SecurityComponentTest extends CakeTestCase {
'primary' => '1'
)
),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -890,10 +905,11 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = '11842060341b9d0fc3808b90ba29fdea7054d6ad%3An%3A0%3A%7B%7D';
$disabled = '';
$this->Controller->request->data = array(
'MyModel' => array('name' => 'some data'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result);
@ -904,7 +920,7 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->request->data = array(
'MyModel' => array('name' => 'some data'),
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
@ -921,29 +937,30 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->request->params['_Token']['key'];
$fields = '575ef54ca4fc8cab468d6d898e9acd3a9671c17e%3An%3A0%3A%7B%7D';
$disabled = '';
$this->Controller->request->data = array(
'_Token' => compact('key', 'fields')
'_Token' => compact('key', 'fields', 'disabled')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result);
$this->Controller->request->data = array(
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
'Test' => array('test' => '')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
$this->Controller->request->data = array(
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
'Test' => array('test' => '1')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertTrue($result);
$this->Controller->request->data = array(
'_Token' => compact('key', 'fields'),
'_Token' => compact('key', 'fields', 'disabled'),
'Test' => array('test' => '2')
);
$result = $this->Controller->Security->validatePost($this->Controller);