diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2019-10-22 15:48:21 +0300 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2019-10-23 11:01:52 +0300 |
commit | 0de99acd68c40c86d90d9b2450f0f9eadc0ff87e (patch) | |
tree | 30aa9f597686fad4e5aa9f808f926ef53db3de1d /tests | |
parent | 6c0de415c26d03f7eb5caa7eed16f958494b68ec (diff) |
Improve redirect check
Since we don't set the referer header by default now the redirect window
always showed.
This is now moved to the strict cookie check which is only send if you
come from the same domain.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/Controller/ProxyControllerTest.php | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/tests/Controller/ProxyControllerTest.php b/tests/Controller/ProxyControllerTest.php index c78eb3f1a..5b8c80f17 100644 --- a/tests/Controller/ProxyControllerTest.php +++ b/tests/Controller/ProxyControllerTest.php @@ -27,22 +27,37 @@ use Exception; use OCA\Mail\Controller\ProxyController; use OCA\Mail\Http\ProxyDownloadResponse; use OCP\AppFramework\Http\TemplateResponse; +use OCP\Http\Client\IClient; use OCP\Http\Client\IClientService; use OCP\Http\Client\IResponse; use OCP\IRequest; use OCP\ISession; use OCP\IURLGenerator; +use PHPUnit\Framework\MockObject\MockObject; class ProxyControllerTest extends TestCase { + /** @var string */ private $appName; + + /** @var IRequest|MockObject */ private $request; + + /** @var IURLGenerator|MockObject */ private $urlGenerator; + + /** @var ISession|MockObject */ private $session; - private $controller; - private $hostname; + + /** @var IClientService|MockObject */ private $clientService; + /** @var string */ + private $hostname; + + /** @var ProxyController */ + private $controller; + protected function setUp() { parent::setUp(); @@ -58,32 +73,32 @@ class ProxyControllerTest extends TestCase { return [ [ 'http://nextcloud.com', - 'http://anotherhostname.com', + false, false ], [ 'https://nextcloud.com', - 'http://anotherhostname.com', + false, false ], [ 'http://nextcloud.com', - 'https://example.com', + true, true ], [ 'http://example.com', - 'https://example.com', - true + false, + false ], [ 'https://example.com', - 'https://example.com', + true, true ], [ 'ftp://example.com', - 'https://example.com', + true, true ], ]; @@ -93,15 +108,15 @@ class ProxyControllerTest extends TestCase { * @dataProvider redirectDataProvider */ public function testRedirect(string $url, - string $referrer, + bool $passesTest, bool $authorized) { $this->urlGenerator->expects($this->once()) ->method('linkToRoute') ->with('mail.page.index') ->will($this->returnValue('mail-route')); - $this->request->server = [ - 'HTTP_REFERER' => $referrer, - ]; + $this->request->expects($this->once()) + ->method('passesStrictCookieCheck') + ->willReturn($passesTest); $this->controller = new ProxyController( $this->appName, $this->request, @@ -149,7 +164,7 @@ class ProxyControllerTest extends TestCase { $this->session->expects($this->once()) ->method('close'); - $client = $this->getMockBuilder('\OCP\Http\Client\IClient')->getMock(); + $client = $this->getMockBuilder(IClient::class)->getMock(); $this->clientService->expects($this->once()) ->method('newClient') ->will($this->returnValue($client)); |