4 files changed, 535 insertions, 0 deletions
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php
new file mode 100644
index 00000000..a99b5444
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php
@@ -0,0 +1,81 @@
+<?php
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
+use Symfony\Component\Form\Extension\Csrf\CsrfProvider\DefaultCsrfProvider;
+/**
+ * @runTestsInSeparateProcesses
+ */
+class DefaultCsrfProviderTest extends \PHPUnit_Framework_TestCase
+{
+    protected $provider;
+    public static function setUpBeforeClass()
+    {
+        ini_set('session.save_handler', 'files');
+        ini_set('session.save_path', sys_get_temp_dir());
+    }
+    protected function setUp()
+    {
+        $this->provider = new DefaultCsrfProvider('SECRET');
+    }
+    protected function tearDown()
+    {
+        $this->provider = null;
+    }
+    public function testGenerateCsrfToken()
+    {
+        session_start();
+        $token = $this->provider->generateCsrfToken('foo');
+        $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
+    }
+    public function testGenerateCsrfTokenOnUnstartedSession()
+    {
+        session_id('touti');
+        if (!version_compare(PHP_VERSION, '5.4', '>=')) {
+            $this->markTestSkipped('This test requires PHP >= 5.4');
+        }
+        $this->assertSame(PHP_SESSION_NONE, session_status());
+        $token = $this->provider->generateCsrfToken('foo');
+        $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
+        $this->assertSame(PHP_SESSION_ACTIVE, session_status());
+    }
+    public function testIsCsrfTokenValidSucceeds()
+    {
+        session_start();
+        $token = sha1('SECRET'.'foo'.session_id());
+        $this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
+    }
+    public function testIsCsrfTokenValidFails()
+    {
+        session_start();
+        $token = sha1('SECRET'.'bar'.session_id());
+        $this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
+    }
+}
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php
new file mode 100644
index 00000000..1dcc6b4c
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php
@@ -0,0 +1,75 @@
+<?php
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
+use Symfony\Component\Form\Extension\Csrf\CsrfProvider\SessionCsrfProvider;
+class SessionCsrfProviderTest extends \PHPUnit_Framework_TestCase
+{
+    protected $provider;
+    protected $session;
+    protected function setUp()
+    {
+        if (!class_exists('Symfony\Component\HttpFoundation\Session\Session')) {
+            $this->markTestSkipped('The "HttpFoundation" component is not available');
+        }
+        $this->session = $this->getMock(
+            'Symfony\Component\HttpFoundation\Session\Session',
+            array(),
+            array(),
+            '',
+            false // don't call constructor
+        );
+        $this->provider = new SessionCsrfProvider($this->session, 'SECRET');
+    }
+    protected function tearDown()
+    {
+        $this->provider = null;
+        $this->session = null;
+    }
+    public function testGenerateCsrfToken()
+    {
+        $this->session->expects($this->once())
+                ->method('getId')
+                ->will($this->returnValue('ABCDEF'));
+        $token = $this->provider->generateCsrfToken('foo');
+        $this->assertEquals(sha1('SECRET'.'foo'.'ABCDEF'), $token);
+    }
+    public function testIsCsrfTokenValidSucceeds()
+    {
+        $this->session->expects($this->once())
+                ->method('getId')
+                ->will($this->returnValue('ABCDEF'));
+        $token = sha1('SECRET'.'foo'.'ABCDEF');
+        $this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
+    }
+    public function testIsCsrfTokenValidFails()
+    {
+        $this->session->expects($this->once())
+                ->method('getId')
+                ->will($this->returnValue('ABCDEF'));
+        $token = sha1('SECRET'.'bar'.'ABCDEF');
+        $this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
+    }
+}
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
new file mode 100644
index 00000000..0bcfe74e
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
@@ -0,0 +1,78 @@
+<?php
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Symfony\Component\Form\Tests\Extension\Csrf\EventListener;
+use Symfony\Component\Form\FormBuilder;
+use Symfony\Component\Form\FormEvent;
+use Symfony\Component\Form\Extension\Csrf\EventListener\CsrfValidationListener;
+class CsrfValidationListenerTest extends \PHPUnit_Framework_TestCase
+{
+    protected $dispatcher;
+    protected $factory;
+    protected $csrfProvider;
+    protected function setUp()
+    {
+        if (!class_exists('Symfony\Component\EventDispatcher\EventDispatcher')) {
+            $this->markTestSkipped('The "EventDispatcher" component is not available');
+        }
+        $this->dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
+        $this->factory = $this->getMock('Symfony\Component\Form\FormFactoryInterface');
+        $this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
+        $this->form = $this->getBuilder('post')
+            ->setDataMapper($this->getDataMapper())
+            ->getForm();
+    }
+    protected function tearDown()
+    {
+        $this->dispatcher = null;
+        $this->factory = null;
+        $this->csrfProvider = null;
+        $this->form = null;
+    }
+    protected function getBuilder($name = 'name')
+    {
+        return new FormBuilder($name, null, $this->dispatcher, $this->factory, array('compound' => true));
+    }
+    protected function getForm($name = 'name')
+    {
+        return $this->getBuilder($name)->getForm();
+    }
+    protected function getDataMapper()
+    {
+        return $this->getMock('Symfony\Component\Form\DataMapperInterface');
+    }
+    protected function getMockForm()
+    {
+        return $this->getMock('Symfony\Component\Form\Test\FormInterface');
+    }
+    // https://github.com/symfony/symfony/pull/5838
+    public function testStringFormData()
+    {
+        $data = "XP4HUzmHPi";
+        $event = new FormEvent($this->form, $data);
+        $validation = new CsrfValidationListener('csrf', $this->csrfProvider, 'unknown', 'Invalid.');
+        $validation->preSubmit($event);
+        // Validate accordingly
+        $this->assertSame($data, $event->getData());
+    }
+}
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
new file mode 100644
index 00000000..0a1f0dc4
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
@@ -0,0 +1,301 @@
+<?php
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+namespace Symfony\Component\Form\Tests\Extension\Csrf\Type;
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormError;
+use Symfony\Component\Form\Test\TypeTestCase;
+use Symfony\Component\Form\Extension\Csrf\CsrfExtension;
+class FormTypeCsrfExtensionTest_ChildType extends AbstractType
+{
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        // The form needs a child in order to trigger CSRF protection by
+        // default
+        $builder->add('name', 'text');
+    }
+    public function getName()
+    {
+        return 'csrf_collection_test';
+    }
+}
+class FormTypeCsrfExtensionTest extends TypeTestCase
+{
+    /**
+     * @var \PHPUnit_Framework_MockObject_MockObject
+     */
+    protected $csrfProvider;
+    /**
+     * @var \PHPUnit_Framework_MockObject_MockObject
+     */
+    protected $translator;
+    protected function setUp()
+    {
+        $this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
+        $this->translator = $this->getMock('Symfony\Component\Translation\TranslatorInterface');
+        parent::setUp();
+    }
+    protected function tearDown()
+    {
+        $this->csrfProvider = null;
+        $this->translator = null;
+        parent::tearDown();
+    }
+    protected function getExtensions()
+    {
+        return array_merge(parent::getExtensions(), array(
+            new CsrfExtension($this->csrfProvider, $this->translator),
+        ));
+    }
+    public function testCsrfProtectionByDefaultIfRootAndCompound()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertTrue(isset($view['csrf']));
+    }
+    public function testNoCsrfProtectionByDefaultIfCompoundButNotRoot()
+    {
+        $view = $this->factory
+            ->createNamedBuilder('root', 'form')
+            ->add($this->factory
+                ->createNamedBuilder('form', 'form', null, array(
+                    'csrf_field_name' => 'csrf',
+                    'compound' => true,
+                ))
+            )
+            ->getForm()
+            ->get('form')
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testNoCsrfProtectionByDefaultIfRootButNotCompound()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'compound' => false,
+            ))
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testCsrfProtectionCanBeDisabled()
+    {
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_protection' => false,
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertFalse(isset($view['csrf']));
+    }
+    public function testGenerateCsrfToken()
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('generateCsrfToken')
+            ->with('%INTENTION%')
+            ->will($this->returnValue('token'));
+        $view = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->createView();
+        $this->assertEquals('token', $view['csrf']->vars['value']);
+    }
+    public function provideBoolean()
+    {
+        return array(
+            array(true),
+            array(false),
+        );
+    }
+    /**
+     * @dataProvider provideBoolean
+     */
+    public function testValidateTokenOnSubmitIfRootAndCompound($valid)
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('isCsrfTokenValid')
+            ->with('%INTENTION%', 'token')
+            ->will($this->returnValue($valid));
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->add('child', 'text')
+            ->getForm();
+        $form->submit(array(
+            'child' => 'foobar',
+            'csrf' => 'token',
+        ));
+        // Remove token from data
+        $this->assertSame(array('child' => 'foobar'), $form->getData());
+        // Validate accordingly
+        $this->assertSame($valid, $form->isValid());
+    }
+    public function testFailIfRootAndCompoundAndTokenMissing()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->add('child', 'text')
+            ->getForm();
+        $form->submit(array(
+            'child' => 'foobar',
+            // token is missing
+        ));
+        // Remove token from data
+        $this->assertSame(array('child' => 'foobar'), $form->getData());
+        // Validate accordingly
+        $this->assertFalse($form->isValid());
+    }
+    public function testDontValidateTokenIfCompoundButNoRoot()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->createNamedBuilder('root', 'form')
+            ->add($this->factory
+                ->createNamedBuilder('form', 'form', null, array(
+                    'csrf_field_name' => 'csrf',
+                    'csrf_provider' => $this->csrfProvider,
+                    'intention' => '%INTENTION%',
+                    'compound' => true,
+                ))
+            )
+            ->getForm()
+            ->get('form');
+        $form->submit(array(
+            'child' => 'foobar',
+            'csrf' => 'token',
+        ));
+    }
+    public function testDontValidateTokenIfRootButNotCompound()
+    {
+        $this->csrfProvider->expects($this->never())
+            ->method('isCsrfTokenValid');
+        $form = $this->factory
+            ->create('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'intention' => '%INTENTION%',
+                'compound' => false,
+            ));
+        $form->submit(array(
+            'csrf' => 'token',
+        ));
+    }
+    public function testNoCsrfProtectionOnPrototype()
+    {
+        $prototypeView = $this->factory
+            ->create('collection', null, array(
+                'type' => new FormTypeCsrfExtensionTest_ChildType(),
+                'options' => array(
+                    'csrf_field_name' => 'csrf',
+                ),
+                'prototype' => true,
+                'allow_add' => true,
+            ))
+            ->createView()
+            ->vars['prototype'];
+        $this->assertFalse(isset($prototypeView['csrf']));
+        $this->assertCount(1, $prototypeView);
+    }
+    public function testsTranslateCustomErrorMessage()
+    {
+        $this->csrfProvider->expects($this->once())
+            ->method('isCsrfTokenValid')
+            ->with('%INTENTION%', 'token')
+            ->will($this->returnValue(false));
+        $this->translator->expects($this->once())
+             ->method('trans')
+             ->with('Foobar')
+             ->will($this->returnValue('[trans]Foobar[/trans]'));
+        $form = $this->factory
+            ->createBuilder('form', null, array(
+                'csrf_field_name' => 'csrf',
+                'csrf_provider' => $this->csrfProvider,
+                'csrf_message' => 'Foobar',
+                'intention' => '%INTENTION%',
+                'compound' => true,
+            ))
+            ->getForm();
+        $form->submit(array(
+            'csrf' => 'token',
+        ));
+        $errors = $form->getErrors();
+        $this->assertGreaterThan(0, count($errors));
+        $this->assertEquals(new FormError('[trans]Foobar[/trans]'), $errors[0]);
+    }
+}

diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php new file mode 100644 index 00000000..a99b5444 --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php
@@ -0,0 +1,81 @@
	1	<?php
	2
	3	/*
	4	* This file is part of the Symfony package.
	5	*
	6	* (c) Fabien Potencier <fabien@symfony.com>
	7	*
	8	* For the full copyright and license information, please view the LICENSE
	9	* file that was distributed with this source code.
	10	*/
	11
	12	namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
	13
	14	use Symfony\Component\Form\Extension\Csrf\CsrfProvider\DefaultCsrfProvider;
	15
	16	/**
	17	* @runTestsInSeparateProcesses
	18	*/
	19	class DefaultCsrfProviderTest extends \PHPUnit_Framework_TestCase
	20	{
	21	protected $provider;
	22
	23	public static function setUpBeforeClass()
	24	{
	25	ini_set('session.save_handler', 'files');
	26	ini_set('session.save_path', sys_get_temp_dir());
	27	}
	28
	29	protected function setUp()
	30	{
	31	$this->provider = new DefaultCsrfProvider('SECRET');
	32	}
	33
	34	protected function tearDown()
	35	{
	36	$this->provider = null;
	37	}
	38
	39	public function testGenerateCsrfToken()
	40	{
	41	session_start();
	42
	43	$token = $this->provider->generateCsrfToken('foo');
	44
	45	$this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
	46	}
	47
	48	public function testGenerateCsrfTokenOnUnstartedSession()
	49	{
	50	session_id('touti');
	51
	52	if (!version_compare(PHP_VERSION, '5.4', '>=')) {
	53	$this->markTestSkipped('This test requires PHP >= 5.4');
	54	}
	55
	56	$this->assertSame(PHP_SESSION_NONE, session_status());
	57
	58	$token = $this->provider->generateCsrfToken('foo');
	59
	60	$this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
	61	$this->assertSame(PHP_SESSION_ACTIVE, session_status());
	62	}
	63
	64	public function testIsCsrfTokenValidSucceeds()
	65	{
	66	session_start();
	67
	68	$token = sha1('SECRET'.'foo'.session_id());
	69
	70	$this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
	71	}
	72
	73	public function testIsCsrfTokenValidFails()
	74	{
	75	session_start();
	76
	77	$token = sha1('SECRET'.'bar'.session_id());
	78
	79	$this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
	80	}
	81	}


diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php new file mode 100644 index 00000000..1dcc6b4c --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php
@@ -0,0 +1,75 @@
	1	<?php
	2
	3	/*
	4	* This file is part of the Symfony package.
	5	*
	6	* (c) Fabien Potencier <fabien@symfony.com>
	7	*
	8	* For the full copyright and license information, please view the LICENSE
	9	* file that was distributed with this source code.
	10	*/
	11
	12	namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
	13
	14	use Symfony\Component\Form\Extension\Csrf\CsrfProvider\SessionCsrfProvider;
	15
	16	class SessionCsrfProviderTest extends \PHPUnit_Framework_TestCase
	17	{
	18	protected $provider;
	19	protected $session;
	20
	21	protected function setUp()
	22	{
	23	if (!class_exists('Symfony\Component\HttpFoundation\Session\Session')) {
	24	$this->markTestSkipped('The "HttpFoundation" component is not available');
	25	}
	26
	27	$this->session = $this->getMock(
	28	'Symfony\Component\HttpFoundation\Session\Session',
	29	array(),
	30	array(),
	31	'',
	32	false // don't call constructor
	33	);
	34	$this->provider = new SessionCsrfProvider($this->session, 'SECRET');
	35	}
	36
	37	protected function tearDown()
	38	{
	39	$this->provider = null;
	40	$this->session = null;
	41	}
	42
	43	public function testGenerateCsrfToken()
	44	{
	45	$this->session->expects($this->once())
	46	->method('getId')
	47	->will($this->returnValue('ABCDEF'));
	48
	49	$token = $this->provider->generateCsrfToken('foo');
	50
	51	$this->assertEquals(sha1('SECRET'.'foo'.'ABCDEF'), $token);
	52	}
	53
	54	public function testIsCsrfTokenValidSucceeds()
	55	{
	56	$this->session->expects($this->once())
	57	->method('getId')
	58	->will($this->returnValue('ABCDEF'));
	59
	60	$token = sha1('SECRET'.'foo'.'ABCDEF');
	61
	62	$this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
	63	}
	64
	65	public function testIsCsrfTokenValidFails()
	66	{
	67	$this->session->expects($this->once())
	68	->method('getId')
	69	->will($this->returnValue('ABCDEF'));
	70
	71	$token = sha1('SECRET'.'bar'.'ABCDEF');
	72
	73	$this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
	74	}
	75	}


diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php new file mode 100644 index 00000000..0bcfe74e --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
@@ -0,0 +1,78 @@
	1	<?php
	2
	3	/*
	4	* This file is part of the Symfony package.
	5	*
	6	* (c) Fabien Potencier <fabien@symfony.com>
	7	*
	8	* For the full copyright and license information, please view the LICENSE
	9	* file that was distributed with this source code.
	10	*/
	11
	12	namespace Symfony\Component\Form\Tests\Extension\Csrf\EventListener;
	13
	14	use Symfony\Component\Form\FormBuilder;
	15	use Symfony\Component\Form\FormEvent;
	16	use Symfony\Component\Form\Extension\Csrf\EventListener\CsrfValidationListener;
	17
	18	class CsrfValidationListenerTest extends \PHPUnit_Framework_TestCase
	19	{
	20	protected $dispatcher;
	21	protected $factory;
	22	protected $csrfProvider;
	23
	24	protected function setUp()
	25	{
	26	if (!class_exists('Symfony\Component\EventDispatcher\EventDispatcher')) {
	27	$this->markTestSkipped('The "EventDispatcher" component is not available');
	28	}
	29
	30	$this->dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
	31	$this->factory = $this->getMock('Symfony\Component\Form\FormFactoryInterface');
	32	$this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
	33	$this->form = $this->getBuilder('post')
	34	->setDataMapper($this->getDataMapper())
	35	->getForm();
	36	}
	37
	38	protected function tearDown()
	39	{
	40	$this->dispatcher = null;
	41	$this->factory = null;
	42	$this->csrfProvider = null;
	43	$this->form = null;
	44	}
	45
	46	protected function getBuilder($name = 'name')
	47	{
	48	return new FormBuilder($name, null, $this->dispatcher, $this->factory, array('compound' => true));
	49	}
	50
	51	protected function getForm($name = 'name')
	52	{
	53	return $this->getBuilder($name)->getForm();
	54	}
	55
	56	protected function getDataMapper()
	57	{
	58	return $this->getMock('Symfony\Component\Form\DataMapperInterface');
	59	}
	60
	61	protected function getMockForm()
	62	{
	63	return $this->getMock('Symfony\Component\Form\Test\FormInterface');
	64	}
	65
	66	// https://github.com/symfony/symfony/pull/5838
	67	public function testStringFormData()
	68	{
	69	$data = "XP4HUzmHPi";
	70	$event = new FormEvent($this->form, $data);
	71
	72	$validation = new CsrfValidationListener('csrf', $this->csrfProvider, 'unknown', 'Invalid.');
	73	$validation->preSubmit($event);
	74
	75	// Validate accordingly
	76	$this->assertSame($data, $event->getData());
	77	}
	78	}


diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php new file mode 100644 index 00000000..0a1f0dc4 --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/Type/FormTypeCsrfExtensionTest.php
@@ -0,0 +1,301 @@
	1	<?php
	2
	3	/*
	4	* This file is part of the Symfony package.
	5	*
	6	* (c) Fabien Potencier <fabien@symfony.com>
	7	*
	8	* For the full copyright and license information, please view the LICENSE
	9	* file that was distributed with this source code.
	10	*/
	11
	12	namespace Symfony\Component\Form\Tests\Extension\Csrf\Type;
	13
	14	use Symfony\Component\Form\AbstractType;
	15	use Symfony\Component\Form\FormBuilderInterface;
	16	use Symfony\Component\Form\FormError;
	17	use Symfony\Component\Form\Test\TypeTestCase;
	18	use Symfony\Component\Form\Extension\Csrf\CsrfExtension;
	19
	20	class FormTypeCsrfExtensionTest_ChildType extends AbstractType
	21	{
	22	public function buildForm(FormBuilderInterface $builder, array $options)
	23	{
	24	// The form needs a child in order to trigger CSRF protection by
	25	// default
	26	$builder->add('name', 'text');
	27	}
	28
	29	public function getName()
	30	{
	31	return 'csrf_collection_test';
	32	}
	33	}
	34
	35	class FormTypeCsrfExtensionTest extends TypeTestCase
	36	{
	37	/**
	38	* @var \PHPUnit_Framework_MockObject_MockObject
	39	*/
	40	protected $csrfProvider;
	41
	42	/**
	43	* @var \PHPUnit_Framework_MockObject_MockObject
	44	*/
	45	protected $translator;
	46
	47	protected function setUp()
	48	{
	49	$this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
	50	$this->translator = $this->getMock('Symfony\Component\Translation\TranslatorInterface');
	51
	52	parent::setUp();
	53	}
	54
	55	protected function tearDown()
	56	{
	57	$this->csrfProvider = null;
	58	$this->translator = null;
	59
	60	parent::tearDown();
	61	}
	62
	63	protected function getExtensions()
	64	{
	65	return array_merge(parent::getExtensions(), array(
	66	new CsrfExtension($this->csrfProvider, $this->translator),
	67	));
	68	}
	69
	70	public function testCsrfProtectionByDefaultIfRootAndCompound()
	71	{
	72	$view = $this->factory
	73	->create('form', null, array(
	74	'csrf_field_name' => 'csrf',
	75	'compound' => true,
	76	))
	77	->createView();
	78
	79	$this->assertTrue(isset($view['csrf']));
	80	}
	81
	82	public function testNoCsrfProtectionByDefaultIfCompoundButNotRoot()
	83	{
	84	$view = $this->factory
	85	->createNamedBuilder('root', 'form')
	86	->add($this->factory
	87	->createNamedBuilder('form', 'form', null, array(
	88	'csrf_field_name' => 'csrf',
	89	'compound' => true,
	90	))
	91	)
	92	->getForm()
	93	->get('form')
	94	->createView();
	95
	96	$this->assertFalse(isset($view['csrf']));
	97	}
	98
	99	public function testNoCsrfProtectionByDefaultIfRootButNotCompound()
	100	{
	101	$view = $this->factory
	102	->create('form', null, array(
	103	'csrf_field_name' => 'csrf',
	104	'compound' => false,
	105	))
	106	->createView();
	107
	108	$this->assertFalse(isset($view['csrf']));
	109	}
	110
	111	public function testCsrfProtectionCanBeDisabled()
	112	{
	113	$view = $this->factory
	114	->create('form', null, array(
	115	'csrf_field_name' => 'csrf',
	116	'csrf_protection' => false,
	117	'compound' => true,
	118	))
	119	->createView();
	120
	121	$this->assertFalse(isset($view['csrf']));
	122	}
	123
	124	public function testGenerateCsrfToken()
	125	{
	126	$this->csrfProvider->expects($this->once())
	127	->method('generateCsrfToken')
	128	->with('%INTENTION%')
	129	->will($this->returnValue('token'));
	130
	131	$view = $this->factory
	132	->create('form', null, array(
	133	'csrf_field_name' => 'csrf',
	134	'csrf_provider' => $this->csrfProvider,
	135	'intention' => '%INTENTION%',
	136	'compound' => true,
	137	))
	138	->createView();
	139
	140	$this->assertEquals('token', $view['csrf']->vars['value']);
	141	}
	142
	143	public function provideBoolean()
	144	{
	145	return array(
	146	array(true),
	147	array(false),
	148	);
	149	}
	150
	151	/**
	152	* @dataProvider provideBoolean
	153	*/
	154	public function testValidateTokenOnSubmitIfRootAndCompound($valid)
	155	{
	156	$this->csrfProvider->expects($this->once())
	157	->method('isCsrfTokenValid')
	158	->with('%INTENTION%', 'token')
	159	->will($this->returnValue($valid));
	160
	161	$form = $this->factory
	162	->createBuilder('form', null, array(
	163	'csrf_field_name' => 'csrf',
	164	'csrf_provider' => $this->csrfProvider,
	165	'intention' => '%INTENTION%',
	166	'compound' => true,
	167	))
	168	->add('child', 'text')
	169	->getForm();
	170
	171	$form->submit(array(
	172	'child' => 'foobar',
	173	'csrf' => 'token',
	174	));
	175
	176	// Remove token from data
	177	$this->assertSame(array('child' => 'foobar'), $form->getData());
	178
	179	// Validate accordingly
	180	$this->assertSame($valid, $form->isValid());
	181	}
	182
	183	public function testFailIfRootAndCompoundAndTokenMissing()
	184	{
	185	$this->csrfProvider->expects($this->never())
	186	->method('isCsrfTokenValid');
	187
	188	$form = $this->factory
	189	->createBuilder('form', null, array(
	190	'csrf_field_name' => 'csrf',
	191	'csrf_provider' => $this->csrfProvider,
	192	'intention' => '%INTENTION%',
	193	'compound' => true,
	194	))
	195	->add('child', 'text')
	196	->getForm();
	197
	198	$form->submit(array(
	199	'child' => 'foobar',
	200	// token is missing
	201	));
	202
	203	// Remove token from data
	204	$this->assertSame(array('child' => 'foobar'), $form->getData());
	205
	206	// Validate accordingly
	207	$this->assertFalse($form->isValid());
	208	}
	209
	210	public function testDontValidateTokenIfCompoundButNoRoot()
	211	{
	212	$this->csrfProvider->expects($this->never())
	213	->method('isCsrfTokenValid');
	214
	215	$form = $this->factory
	216	->createNamedBuilder('root', 'form')
	217	->add($this->factory
	218	->createNamedBuilder('form', 'form', null, array(
	219	'csrf_field_name' => 'csrf',
	220	'csrf_provider' => $this->csrfProvider,
	221	'intention' => '%INTENTION%',
	222	'compound' => true,
	223	))
	224	)
	225	->getForm()
	226	->get('form');
	227
	228	$form->submit(array(
	229	'child' => 'foobar',
	230	'csrf' => 'token',
	231	));
	232	}
	233
	234	public function testDontValidateTokenIfRootButNotCompound()
	235	{
	236	$this->csrfProvider->expects($this->never())
	237	->method('isCsrfTokenValid');
	238
	239	$form = $this->factory
	240	->create('form', null, array(
	241	'csrf_field_name' => 'csrf',
	242	'csrf_provider' => $this->csrfProvider,
	243	'intention' => '%INTENTION%',
	244	'compound' => false,
	245	));
	246
	247	$form->submit(array(
	248	'csrf' => 'token',
	249	));
	250	}
	251
	252	public function testNoCsrfProtectionOnPrototype()
	253	{
	254	$prototypeView = $this->factory
	255	->create('collection', null, array(
	256	'type' => new FormTypeCsrfExtensionTest_ChildType(),
	257	'options' => array(
	258	'csrf_field_name' => 'csrf',
	259	),
	260	'prototype' => true,
	261	'allow_add' => true,
	262	))
	263	->createView()
	264	->vars['prototype'];
	265
	266	$this->assertFalse(isset($prototypeView['csrf']));
	267	$this->assertCount(1, $prototypeView);
	268	}
	269
	270	public function testsTranslateCustomErrorMessage()
	271	{
	272	$this->csrfProvider->expects($this->once())
	273	->method('isCsrfTokenValid')
	274	->with('%INTENTION%', 'token')
	275	->will($this->returnValue(false));
	276
	277	$this->translator->expects($this->once())
	278	->method('trans')
	279	->with('Foobar')
	280	->will($this->returnValue('[trans]Foobar[/trans]'));
	281
	282	$form = $this->factory
	283	->createBuilder('form', null, array(
	284	'csrf_field_name' => 'csrf',
	285	'csrf_provider' => $this->csrfProvider,
	286	'csrf_message' => 'Foobar',
	287	'intention' => '%INTENTION%',
	288	'compound' => true,
	289	))
	290	->getForm();
	291
	292	$form->submit(array(
	293	'csrf' => 'token',
	294	));
	295
	296	$errors = $form->getErrors();
	297
	298	$this->assertGreaterThan(0, count($errors));
	299	$this->assertEquals(new FormError('[trans]Foobar[/trans]'), $errors[0]);
	300	}
	301	}