1 files changed, 301 insertions, 0 deletions
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
new file mode 100644
index 00000000..0a1f0dc4
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
@@ -0,0 +1,301 @@
+<?php
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Symfony\Component\Form\Tests\Extension\Csrf\Type;
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormError;
+use Symfony\Component\Form\Test\TypeTestCase;
+use Symfony\Component\Form\Extension\Csrf\CsrfExtension;
+class FormTypeCsrfExtensionTest_ChildType extends AbstractType
+{
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        // The form needs a child in order to trigger CSRF protection by
+        // default
+        $builder->add('name', 'text');
+    }
+    public function getName()
+    {
+        return 'csrf_collection_test';
+    }
+}
+class FormTypeCsrfExtensionTest extends TypeTestCase
+{
+    /**
+     * @var \PHPUnit_Framework_MockObject_MockObject
+     */
+    protected $csrfProvider;
+    /**
+     * @var \PHPUnit_Framework_MockObject_MockObject
+     */
+    protected $translator;
+    protected function setUp()
+    {
+        $this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
+        $this->translator = $this->getMock('Symfony\Component\Translation\TranslatorInterface');
+        parent::setUp();
+    }
+    protected function tearDown()
+    {
+        $this->csrfProvider = null;
+        $this->translator = null;
+        parent::tearDown();
+    }
+    protected function getExtensions()
+    {
+        return array_merge(parent::getExtensions(), array(
+            new CsrfExtension($this->csrfProvider, $this->translator),
+        ));
+    }
+    public function testCsrfProtectionByDefaultIfRootAndCompound()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertTrue(isset($view['csrf']));
+    }
+    public function testNoCsrfProtectionByDefaultIfCompoundButNotRoot()
+    {
+        $view = $this->factory
+            ->createNamedBuilder('root', 'form')
+            ->add($this->factory
+                ->createNamedBuilder('form', 'form', null, array(
+                    'csrf_field_name' => 'csrf',
+                    'compound' => true,
+                ))
+            )
+            ->getForm()
+            ->get('form')
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testNoCsrfProtectionByDefaultIfRootButNotCompound()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'compound' => false,
+            ))
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testCsrfProtectionCanBeDisabled()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_protection' => false,
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testGenerateCsrfToken()
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('generateCsrfToken')
+            ->with('%INTENTION%')
+            ->will($this->returnValue('token'));
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertEquals('token', $view['csrf']->vars['value']);
+    }
+    public function provideBoolean()
+    {
+        return array(
+            array(true),
+            array(false),
+        );
+    }
+    /**
+     * @dataProvider provideBoolean
+     */
+    public function testValidateTokenOnSubmitIfRootAndCompound($valid)
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('isCsrfTokenValid')
+            ->with('%INTENTION%', 'token')
+            ->will($this->returnValue($valid));
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->add('child', 'text')
+            ->getForm();
+        $form->submit(array(
+            'child' => 'foobar',
+            'csrf' => 'token',
+        ));
+        // Remove token from data
+        $this->assertSame(array('child' => 'foobar'), $form->getData());
+        // Validate accordingly
+        $this->assertSame($valid, $form->isValid());
+    }
+    public function testFailIfRootAndCompoundAndTokenMissing()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->add('child', 'text')
+            ->getForm();
+        $form->submit(array(
+            'child' => 'foobar',
+            // token is missing
+        ));
+        // Remove token from data
+        $this->assertSame(array('child' => 'foobar'), $form->getData());
+        // Validate accordingly
+        $this->assertFalse($form->isValid());
+    }
+    public function testDontValidateTokenIfCompoundButNoRoot()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->createNamedBuilder('root', 'form')
+            ->add($this->factory
+                ->createNamedBuilder('form', 'form', null, array(
+                    'csrf_field_name' => 'csrf',
+                    'csrf_provider' => $this->csrfProvider,
+                    'intention' => '%INTENTION%',
+                    'compound' => true,
+                ))
+            )
+            ->getForm()
+            ->get('form');
+        $form->submit(array(
+            'child' => 'foobar',
+            'csrf' => 'token',
+        ));
+    }
+    public function testDontValidateTokenIfRootButNotCompound()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => false,
+            ));
+        $form->submit(array(
+            'csrf' => 'token',
+        ));
+    }
+    public function testNoCsrfProtectionOnPrototype()
+    {
+        $prototypeView = $this->factory
+            ->create('collection', null, array(
+                'type' => new FormTypeCsrfExtensionTest_ChildType(),
+                'options' => array(
+                    'csrf_field_name' => 'csrf',
+                ),
+                'prototype' => true,
+                'allow_add' => true,
+            ))
+            ->createView()
+            ->vars['prototype'];
+        $this->assertFalse(isset($prototypeView['csrf']));
+        $this->assertCount(1, $prototypeView);
+    }
+    public function testsTranslateCustomErrorMessage()
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('isCsrfTokenValid')
+            ->with('%INTENTION%', 'token')
+            ->will($this->returnValue(false));
+        $this->translator->expects($this->once())
+             ->method('trans')
+             ->with('Foobar')
+             ->will($this->returnValue('[trans]Foobar[/trans]'));
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'csrf_message' => 'Foobar',
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->getForm();
+        $form->submit(array(
+            'csrf' => 'token',
+        ));
+        $errors = $form->getErrors();
+        $this->assertGreaterThan(0, count($errors));
+        $this->assertEquals(new FormError('[trans]Foobar[/trans]'), $errors[0]);
+    }
+}

diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php new file mode 100644 index 00000000..0a1f0dc4 --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
@@ -0,0 +1,301 @@
	1	<?php
	2
	3	/*
	4	* This file is part of the Symfony package.
	5	*
	6	* (c) Fabien Potencier <fabien@symfony.com>
	7	*
	8	* For the full copyright and license information, please view the LICENSE
	9	* file that was distributed with this source code.
	10	*/
	11
	12	namespace Symfony\Component\Form\Tests\Extension\Csrf\Type;
	13
	14	use Symfony\Component\Form\AbstractType;
	15	use Symfony\Component\Form\FormBuilderInterface;
	16	use Symfony\Component\Form\FormError;
	17	use Symfony\Component\Form\Test\TypeTestCase;
	18	use Symfony\Component\Form\Extension\Csrf\CsrfExtension;
	19
	20	class FormTypeCsrfExtensionTest_ChildType extends AbstractType
	21	{
	22	public function buildForm(FormBuilderInterface $builder, array $options)
	23	{
	24	// The form needs a child in order to trigger CSRF protection by
	25	// default
	26	$builder->add('name', 'text');
	27	}
	28
	29	public function getName()
	30	{
	31	return 'csrf_collection_test';
	32	}
	33	}
	34
	35	class FormTypeCsrfExtensionTest extends TypeTestCase
	36	{
	37	/**
	38	* @var \PHPUnit_Framework_MockObject_MockObject
	39	*/
	40	protected $csrfProvider;
	41
	42	/**
	43	* @var \PHPUnit_Framework_MockObject_MockObject
	44	*/
	45	protected $translator;
	46
	47	protected function setUp()
	48	{
	49	$this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
	50	$this->translator = $this->getMock('Symfony\Component\Translation\TranslatorInterface');
	51
	52	parent::setUp();
	53	}
	54
	55	protected function tearDown()
	56	{
	57	$this->csrfProvider = null;
	58	$this->translator = null;
	59
	60	parent::tearDown();
	61	}
	62
	63	protected function getExtensions()
	64	{
	65	return array_merge(parent::getExtensions(), array(
	66	new CsrfExtension($this->csrfProvider, $this->translator),
	67	));
	68	}
	69
	70	public function testCsrfProtectionByDefaultIfRootAndCompound()
	71	{
	72	$view = $this->factory
	73	->create('form', null, array(
	74	'csrf_field_name' => 'csrf',
	75	'compound' => true,
	76	))
	77	->createView();
	78
	79	$this->assertTrue(isset($view['csrf']));
	80	}
	81
	82	public function testNoCsrfProtectionByDefaultIfCompoundButNotRoot()
	83	{
	84	$view = $this->factory
	85	->createNamedBuilder('root', 'form')
	86	->add($this->factory
	87	->createNamedBuilder('form', 'form', null, array(
	88	'csrf_field_name' => 'csrf',
	89	'compound' => true,
	90	))
	91	)
	92	->getForm()
	93	->get('form')
	94	->createView();
	95
	96	$this->assertFalse(isset($view['csrf']));
	97	}
	98
	99	public function testNoCsrfProtectionByDefaultIfRootButNotCompound()
	100	{
	101	$view = $this->factory
	102	->create('form', null, array(
	103	'csrf_field_name' => 'csrf',
	104	'compound' => false,
	105	))
	106	->createView();
	107
	108	$this->assertFalse(isset($view['csrf']));
	109	}
	110
	111	public function testCsrfProtectionCanBeDisabled()
	112	{
	113	$view = $this->factory
	114	->create('form', null, array(
	115	'csrf_field_name' => 'csrf',
	116	'csrf_protection' => false,
	117	'compound' => true,
	118	))
	119	->createView();
	120
	121	$this->assertFalse(isset($view['csrf']));
	122	}
	123
	124	public function testGenerateCsrfToken()
	125	{
	126	$this->csrfProvider->expects($this->once())
	127	->method('generateCsrfToken')
	128	->with('%INTENTION%')
	129	->will($this->returnValue('token'));
	130
	131	$view = $this->factory
	132	->create('form', null, array(
	133	'csrf_field_name' => 'csrf',
	134	'csrf_provider' => $this->csrfProvider,
	135	'intention' => '%INTENTION%',
	136	'compound' => true,
	137	))
	138	->createView();
	139
	140	$this->assertEquals('token', $view['csrf']->vars['value']);
	141	}
	142
	143	public function provideBoolean()
	144	{
	145	return array(
	146	array(true),
	147	array(false),
	148	);
	149	}
	150
	151	/**
	152	* @dataProvider provideBoolean
	153	*/
	154	public function testValidateTokenOnSubmitIfRootAndCompound($valid)
	155	{
	156	$this->csrfProvider->expects($this->once())
	157	->method('isCsrfTokenValid')
	158	->with('%INTENTION%', 'token')
	159	->will($this->returnValue($valid));
	160
	161	$form = $this->factory
	162	->createBuilder('form', null, array(
	163	'csrf_field_name' => 'csrf',
	164	'csrf_provider' => $this->csrfProvider,
	165	'intention' => '%INTENTION%',
	166	'compound' => true,
	167	))
	168	->add('child', 'text')
	169	->getForm();
	170
	171	$form->submit(array(
	172	'child' => 'foobar',
	173	'csrf' => 'token',
	174	));
	175
	176	// Remove token from data
	177	$this->assertSame(array('child' => 'foobar'), $form->getData());
	178
	179	// Validate accordingly
	180	$this->assertSame($valid, $form->isValid());
	181	}
	182
	183	public function testFailIfRootAndCompoundAndTokenMissing()
	184	{
	185	$this->csrfProvider->expects($this->never())
	186	->method('isCsrfTokenValid');
	187
	188	$form = $this->factory
	189	->createBuilder('form', null, array(
	190	'csrf_field_name' => 'csrf',
	191	'csrf_provider' => $this->csrfProvider,
	192	'intention' => '%INTENTION%',
	193	'compound' => true,
	194	))
	195	->add('child', 'text')
	196	->getForm();
	197
	198	$form->submit(array(
	199	'child' => 'foobar',
	200	// token is missing
	201	));
	202
	203	// Remove token from data
	204	$this->assertSame(array('child' => 'foobar'), $form->getData());
	205
	206	// Validate accordingly
	207	$this->assertFalse($form->isValid());
	208	}
	209
	210	public function testDontValidateTokenIfCompoundButNoRoot()
	211	{
	212	$this->csrfProvider->expects($this->never())
	213	->method('isCsrfTokenValid');
	214
	215	$form = $this->factory
	216	->createNamedBuilder('root', 'form')
	217	->add($this->factory
	218	->createNamedBuilder('form', 'form', null, array(
	219	'csrf_field_name' => 'csrf',
	220	'csrf_provider' => $this->csrfProvider,
	221	'intention' => '%INTENTION%',
	222	'compound' => true,
	223	))
	224	)
	225	->getForm()
	226	->get('form');
	227
	228	$form->submit(array(
	229	'child' => 'foobar',
	230	'csrf' => 'token',
	231	));
	232	}
	233
	234	public function testDontValidateTokenIfRootButNotCompound()
	235	{
	236	$this->csrfProvider->expects($this->never())
	237	->method('isCsrfTokenValid');
	238
	239	$form = $this->factory
	240	->create('form', null, array(
	241	'csrf_field_name' => 'csrf',
	242	'csrf_provider' => $this->csrfProvider,
	243	'intention' => '%INTENTION%',
	244	'compound' => false,
	245	));
	246
	247	$form->submit(array(
	248	'csrf' => 'token',
	249	));
	250	}
	251
	252	public function testNoCsrfProtectionOnPrototype()
	253	{
	254	$prototypeView = $this->factory
	255	->create('collection', null, array(
	256	'type' => new FormTypeCsrfExtensionTest_ChildType(),
	257	'options' => array(
	258	'csrf_field_name' => 'csrf',
	259	),
	260	'prototype' => true,
	261	'allow_add' => true,
	262	))
	263	->createView()
	264	->vars['prototype'];
	265
	266	$this->assertFalse(isset($prototypeView['csrf']));
	267	$this->assertCount(1, $prototypeView);
	268	}
	269
	270	public function testsTranslateCustomErrorMessage()
	271	{
	272	$this->csrfProvider->expects($this->once())
	273	->method('isCsrfTokenValid')
	274	->with('%INTENTION%', 'token')
	275	->will($this->returnValue(false));
	276
	277	$this->translator->expects($this->once())
	278	->method('trans')
	279	->with('Foobar')
	280	->will($this->returnValue('[trans]Foobar[/trans]'));
	281
	282	$form = $this->factory
	283	->createBuilder('form', null, array(
	284	'csrf_field_name' => 'csrf',
	285	'csrf_provider' => $this->csrfProvider,
	286	'csrf_message' => 'Foobar',
	287	'intention' => '%INTENTION%',
	288	'compound' => true,
	289	))
	290	->getForm();
	291
	292	$form->submit(array(
	293	'csrf' => 'token',
	294	));
	295
	296	$errors = $form->getErrors();
	297
	298	$this->assertGreaterThan(0, count($errors));
	299	$this->assertEquals(new FormError('[trans]Foobar[/trans]'), $errors[0]);
	300	}
	301	}