aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/extension/ext/vendor2/foo/acp/a_info.php2
-rw-r--r--tests/extension/modules_test.php44
-rw-r--r--tests/functional/extension_controller_test.php28
-rw-r--r--tests/functional/fixtures/ext/foo/bar/config/routing.yml4
-rw-r--r--tests/functional/fixtures/ext/foo/bar/config/services.yml6
-rw-r--r--tests/functional/fixtures/ext/foo/bar/controller/controller.php80
-rw-r--r--tests/functional/fixtures/ext/foo/bar/styles/prosilver/template/redirect_body.html8
-rw-r--r--tests/functional/plupload_test.php4
-rw-r--r--tests/lint_test.php22
-rw-r--r--tests/path_helper/web_root_path_test.php23
-rw-r--r--tests/security/redirect_test.php101
11 files changed, 300 insertions, 22 deletions
diff --git a/tests/extension/ext/vendor2/foo/acp/a_info.php b/tests/extension/ext/vendor2/foo/acp/a_info.php
index 27e67c1556..e1eaa340b7 100644
--- a/tests/extension/ext/vendor2/foo/acp/a_info.php
+++ b/tests/extension/ext/vendor2/foo/acp/a_info.php
@@ -11,7 +11,7 @@ class a_info
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
);
}
diff --git a/tests/extension/modules_test.php b/tests/extension/modules_test.php
index 5dcb24c691..c0a136e173 100644
--- a/tests/extension/modules_test.php
+++ b/tests/extension/modules_test.php
@@ -12,6 +12,7 @@ require_once dirname(__FILE__) . '/ext/vendor2/foo/mcp/a_info.php';
require_once dirname(__FILE__) . '/ext/vendor2/foo/acp/fail_info.php';
require_once dirname(__FILE__) . '/ext/vendor2/bar/acp/a_info.php';
require_once dirname(__FILE__) . '/../../phpBB/includes/acp/acp_modules.php';
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions_module.php';
class phpbb_extension_modules_test extends phpbb_test_case
{
@@ -59,7 +60,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
),
'acp_foobar' => array(
@@ -133,7 +134,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array (
- 'config' => array ('title' => 'Config', 'auth' => '', 'cat' => array ('ACP_MODS')),
+ 'config' => array ('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array ('ACP_MODS')),
),
),
), $acp_modules);
@@ -157,7 +158,7 @@ class phpbb_extension_modules_test extends phpbb_test_case
'title' => 'Foobar',
'version' => '3.1.0-dev',
'modes' => array(
- 'config' => array('title' => 'Config', 'auth' => '', 'cat' => array('ACP_MODS')),
+ 'config' => array('title' => 'Config', 'auth' => 'ext_vendor2/foo', 'cat' => array('ACP_MODS')),
),
),
'acp_foobar' => array(
@@ -191,4 +192,41 @@ class phpbb_extension_modules_test extends phpbb_test_case
)
), $acp_modules);
}
+
+ public function module_auth_test_data()
+ {
+ return array(
+ // module_auth, expected result
+ array('ext_foo', false),
+ array('ext_foo/bar', false),
+ array('ext_vendor3/bar', false),
+ array('ext_vendor2/foo', true),
+ );
+ }
+
+ /**
+ * @dataProvider module_auth_test_data
+ */
+ public function test_modules_auth($module_auth, $expected)
+ {
+ global $phpbb_extension_manager;
+
+ $phpbb_extension_manager = $this->extension_manager = new phpbb_mock_extension_manager(
+ dirname(__FILE__) . '/',
+ array(
+ 'vendor2/foo' => array(
+ 'ext_name' => 'vendor2/foo',
+ 'ext_active' => '1',
+ 'ext_path' => 'ext/vendor2/foo/',
+ ),
+ 'vendor3/bar' => array(
+ 'ext_name' => 'vendor3/bar',
+ 'ext_active' => '0',
+ 'ext_path' => 'ext/vendor3/bar/',
+ ),
+ )
+ );
+
+ $this->assertEquals($expected, p_master::module_auth($module_auth, 0));
+ }
}
diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php
index 37752b8fbb..4725301141 100644
--- a/tests/functional/extension_controller_test.php
+++ b/tests/functional/extension_controller_test.php
@@ -111,4 +111,32 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c
$this->assert_response_html(404);
$this->assertContains('No route found for "GET /does/not/exist"', $crawler->filter('body')->text());
}
+
+ /**
+ * Check the output of a controller using the template system
+ */
+ public function test_redirect()
+ {
+ $filesystem = new \phpbb\filesystem();
+ $this->phpbb_extension_manager->enable('foo/bar');
+ $crawler = self::request('GET', 'app.php/foo/redirect');
+
+ $nodes = $crawler->filter('div')->extract(array('id'));
+
+ foreach ($nodes as $redirect)
+ {
+ if (strpos($redirect, 'redirect_expected') !== 0)
+ {
+ continue;
+ }
+
+ $row_num = str_replace('redirect_expected_', '', $redirect);
+
+ $redirect = $crawler->filter('#redirect_' . $row_num)->text();
+ $redirect = substr($redirect, 0, strpos($redirect, 'sid') - 1);
+ $this->assertEquals($crawler->filter('#redirect_expected_' . $row_num)->text(), $redirect);
+ }
+
+ $this->phpbb_extension_manager->purge('foo/bar');
+ }
}
diff --git a/tests/functional/fixtures/ext/foo/bar/config/routing.yml b/tests/functional/fixtures/ext/foo/bar/config/routing.yml
index 09a30a8c67..9b1ce3cfd7 100644
--- a/tests/functional/fixtures/ext/foo/bar/config/routing.yml
+++ b/tests/functional/fixtures/ext/foo/bar/config/routing.yml
@@ -13,3 +13,7 @@ foo_template_controller:
foo_exception_controller:
pattern: /foo/exception
defaults: { _controller: foo_bar.controller:exception }
+
+foo_redirect_controller:
+ pattern: /foo/redirect
+ defaults: { _controller: foo_bar.controller:redirect }
diff --git a/tests/functional/fixtures/ext/foo/bar/config/services.yml b/tests/functional/fixtures/ext/foo/bar/config/services.yml
index 64e1163408..cec69f7807 100644
--- a/tests/functional/fixtures/ext/foo/bar/config/services.yml
+++ b/tests/functional/fixtures/ext/foo/bar/config/services.yml
@@ -3,7 +3,12 @@ services:
class: foo\bar\controller\controller
arguments:
- @controller.helper
+ - @path_helper
- @template
+ - @config
+ - %core.root_path%
+ - %core.php_ext%
+
foo_bar.listener.permission:
class: foo\bar\event\permission
tags:
@@ -12,4 +17,3 @@ services:
class: foo\bar\event\user_setup
tags:
- { name: event.listener }
-
diff --git a/tests/functional/fixtures/ext/foo/bar/controller/controller.php b/tests/functional/fixtures/ext/foo/bar/controller/controller.php
index 259d548299..558b202948 100644
--- a/tests/functional/fixtures/ext/foo/bar/controller/controller.php
+++ b/tests/functional/fixtures/ext/foo/bar/controller/controller.php
@@ -7,11 +7,18 @@ use Symfony\Component\HttpFoundation\Response;
class controller
{
protected $template;
+ protected $helper;
+ protected $path_helper;
+ protected $config;
- public function __construct(\phpbb\controller\helper $helper, \phpbb\template\template $template)
+ public function __construct(\phpbb\controller\helper $helper, \phpbb\path_helper $path_helper, \phpbb\template\template $template, \phpbb\config\config $config, $root_path, $php_ext)
{
$this->template = $template;
$this->helper = $helper;
+ $this->path_helper = $path_helper;
+ $this->config = $config;
+ $this->root_path = $root_path;
+ $this->php_ext = $php_ext;
}
public function handle()
@@ -35,4 +42,75 @@ class controller
{
throw new \phpbb\controller\exception('Exception thrown from foo/exception route');
}
+
+ public function redirect()
+ {
+ $url_root = generate_board_url();
+
+ $rewrite_prefix = (!empty($this->config['enable_mod_rewrite'])) ? '' : 'app.php/';
+
+ $redirects = array(
+ array(
+ append_sid($this->root_path . 'index.' . $this->php_ext),
+ 'index.php',
+ ),
+ array(
+ append_sid($this->root_path . 'foo/bar/index.' . $this->php_ext),
+ 'foo/bar/index.php',
+ ),
+ array(
+ append_sid($this->root_path . 'tests/index.' . $this->php_ext),
+ 'tests/index.php',
+ ),
+ array(
+ $this->helper->url('index'),
+ $rewrite_prefix . 'index',
+ ),
+ array(
+ $this->helper->url('tests/index'),
+ $rewrite_prefix . 'tests/index',
+ ),
+ array(
+ $this->helper->url('tests/../index'),
+ $rewrite_prefix . 'index',
+ ),
+ /*
+ // helper URLs starting with ../ are prone to failure.
+ // Do not test them right now.
+ array(
+ $this->helper->url('../index'),
+ '../index',
+ ),
+ array(
+ $this->helper->url('../../index'),
+ '../index',
+ ),
+ array(
+ $this->helper->url('../tests/index'),
+ $rewrite_prefix . '../tests/index',
+ ),
+ array(
+ $this->helper->url('../tests/../index'),
+ '../index',
+ ),
+ array(
+ $this->helper->url('../../tests/index'),
+ '../tests/index',
+ ),
+ */
+ );
+
+ foreach ($redirects as $redirect)
+ {
+ $this->template->assign_block_vars('redirects', array(
+ 'URL' => redirect($redirect[0], true),
+ ));
+
+ $this->template->assign_block_vars('redirects_expected', array(
+ 'URL' => $this->path_helper->clean_url($url_root . '/' . $redirect[1]),
+ ));
+ }
+
+ return $this->helper->render('redirect_body.html');
+ }
}
diff --git a/tests/functional/fixtures/ext/foo/bar/styles/prosilver/template/redirect_body.html b/tests/functional/fixtures/ext/foo/bar/styles/prosilver/template/redirect_body.html
new file mode 100644
index 0000000000..2b70b0fe59
--- /dev/null
+++ b/tests/functional/fixtures/ext/foo/bar/styles/prosilver/template/redirect_body.html
@@ -0,0 +1,8 @@
+<!-- INCLUDE overall_header.html -->
+<!-- BEGIN redirects -->
+<div id="redirect_{redirects.S_ROW_COUNT}">{redirects.URL}</div>
+<!-- END redirects -->
+<!-- BEGIN redirects_expected -->
+<div id="redirect_expected_{redirects_expected.S_ROW_COUNT}">{redirects_expected.URL}</div>
+<!-- END redirects_expected -->
+<!-- INCLUDE overall_footer.html -->
diff --git a/tests/functional/plupload_test.php b/tests/functional/plupload_test.php
index 6dd9224839..a91e70c7bb 100644
--- a/tests/functional/plupload_test.php
+++ b/tests/functional/plupload_test.php
@@ -107,7 +107,7 @@ class phpbb_functional_plupload_test extends phpbb_functional_test_case
else
{
$response = json_decode(self::$client->getResponse()->getContent(), true);
- $this->assertEquals('valid.jpg', $response[0]['real_filename']);
+ $this->assertEquals('valid.jpg', $response['data'][0]['real_filename']);
}
unlink($this->path . 'chunk');
@@ -144,6 +144,6 @@ class phpbb_functional_plupload_test extends phpbb_functional_test_case
);
$response = json_decode(self::$client->getResponse()->getContent(), true);
- $this->assertEquals('valid.jpg', $response[0]['real_filename']);
+ $this->assertEquals('valid.jpg', $response['data'][0]['real_filename']);
}
}
diff --git a/tests/lint_test.php b/tests/lint_test.php
index eba117839b..b0149063bd 100644
--- a/tests/lint_test.php
+++ b/tests/lint_test.php
@@ -9,17 +9,30 @@
class phpbb_lint_test extends phpbb_test_case
{
+ static protected $php_binary;
static protected $exclude;
static public function setUpBeforeClass()
{
+ // Try to use PHP_BINARY constant if available so lint tests are run
+ // using the same php binary as phpunit. If not available (pre PHP
+ // 5.4), assume binary is called 'php' and is in PATH.
+ self::$php_binary = defined('PHP_BINARY') ? escapeshellcmd(PHP_BINARY) : 'php';
+
$output = array();
$status = 1;
- exec('(php -v) 2>&1', $output, $status);
+ exec(sprintf('(%s --version) 2>&1', self::$php_binary), $output, $status);
if ($status)
{
$output = implode("\n", $output);
- self::markTestSkipped("php is not in PATH or broken: $output");
+ if (self::$php_binary === 'php')
+ {
+ self::markTestSkipped(sprintf('php is not in PATH or broken. Output: %s', $output));
+ }
+ else
+ {
+ self::markTestSkipped(sprintf('Could not run PHP_BINARY %s. Output: %s', self::$php_binary, $output));
+ }
}
self::$exclude = array(
@@ -65,13 +78,12 @@ class phpbb_lint_test extends phpbb_test_case
}
else if (substr($filename, strlen($filename)-4) == '.php')
{
- // assume php binary is called php and it is in PATH
- $cmd = '(php -l ' . escapeshellarg($path) . ') 2>&1';
+ $cmd = sprintf('(%s -l %s) 2>&1', self::$php_binary, escapeshellarg($path));
$output = array();
$status = 1;
exec($cmd, $output, $status);
$output = implode("\n", $output);
- $this->assertEquals(0, $status, "php -l failed for $path:\n$output");
+ $this->assertEquals(0, $status, "PHP lint failed for $path:\n$output");
}
}
}
diff --git a/tests/path_helper/web_root_path_test.php b/tests/path_helper/web_root_path_test.php
index 2e1a37e02b..2c22511402 100644
--- a/tests/path_helper/web_root_path_test.php
+++ b/tests/path_helper/web_root_path_test.php
@@ -146,4 +146,27 @@ class phpbb_path_helper_web_root_path_test extends phpbb_test_case
$this->assertEquals($expected, $path_helper->update_web_root_path($input, $symfony_request));
}
+
+ public function clean_url_data()
+ {
+ return array(
+ array('', ''),
+ array('://', '://'),
+ array('http://', 'http://'),
+ array('http://one/two/three', 'http://one/two/three'),
+ array('http://../one/two', 'http://../one/two'),
+ array('http://one/../two/three', 'http://two/three'),
+ array('http://one/two/../three', 'http://one/three'),
+ array('http://one/two/../../three', 'http://three'),
+ array('http://one/two/../../../three', 'http://../three'),
+ );
+ }
+
+ /**
+ * @dataProvider clean_url_data
+ */
+ public function test_clean_url($input, $expected)
+ {
+ $this->assertEquals($expected, $this->path_helper->clean_url($input));
+ }
}
diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php
index 8e36780ca4..77dc955c26 100644
--- a/tests/security/redirect_test.php
+++ b/tests/security/redirect_test.php
@@ -13,19 +13,87 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
class phpbb_security_redirect_test extends phpbb_security_test_base
{
+ protected $path_helper;
+
+ protected $controller_helper;
+
public function provider()
{
+ $this->controller_helper = $this->get_controller_helper();
// array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false))
return array(
- array('data://x', false, 'http://localhost/phpBB'),
- array('bad://localhost/phpBB/index.php', 'INSECURE_REDIRECT', false),
- array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),
- array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'INSECURE_REDIRECT', false),
- array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
- array('http://localhost/phpBB/index.php;url=', 'INSECURE_REDIRECT', false),
+ array('data://x', false, false, 'http://localhost/phpBB'),
+ array('bad://localhost/phpBB/index.php', false, 'INSECURE_REDIRECT', false),
+ array('http://www.otherdomain.com/somescript.php', false, false, 'http://localhost/phpBB'),
+ array("http://localhost/phpBB/memberlist.php\n\rConnection: close", false, 'INSECURE_REDIRECT', false),
+ array('javascript:test', false, false, 'http://localhost/phpBB/javascript:test'),
+ array('http://localhost/phpBB/index.php;url=', false, 'INSECURE_REDIRECT', false),
+ array('http://localhost/phpBB/app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
+ array('./app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
+ array('app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
+ array('./../app.php/foobar', false, false, 'http://localhost/app.php/foobar'),
+ array('./../app.php/foobar', true, false, 'http://localhost/app.php/foobar'),
+ array('./../app.php/foo/bar', false, false, 'http://localhost/app.php/foo/bar'),
+ array('./../app.php/foo/bar', true, false, 'http://localhost/app.php/foo/bar'),
+ array('./../foo/bar', false, false, 'http://localhost/foo/bar'),
+ array('./../foo/bar', true, false, 'http://localhost/foo/bar'),
+ array('app.php/', false, false, 'http://localhost/phpBB/app.php/'),
+ array($this->controller_helper->url('a'), false, false, 'http://localhost/phpBB/app.php/a'),
+ array($this->controller_helper->url(''), false, false, 'http://localhost/phpBB/app.php/'),
+ array('./app.php/', false, false, 'http://localhost/phpBB/app.php/'),
+ array('foobar', false, false, 'http://localhost/phpBB/foobar'),
+ array('./foobar', false, false, 'http://localhost/phpBB/foobar'),
+ array('foo/bar', false, false, 'http://localhost/phpBB/foo/bar'),
+ array('./foo/bar', false, false, 'http://localhost/phpBB/foo/bar'),
+ array('./../index.php', false, false, 'http://localhost/index.php'),
+ array('./../index.php', true, false, 'http://localhost/index.php'),
+ array('../index.php', false, false, 'http://localhost/index.php'),
+ array('../index.php', true, false, 'http://localhost/index.php'),
+ array('./index.php', false, false, 'http://localhost/phpBB/index.php'),
);
}
+ protected function get_path_helper()
+ {
+ if (!($this->path_helper instanceof \phpbb\path_helper))
+ {
+ $this->path_helper = new \phpbb\path_helper(
+ new \phpbb\symfony_request(
+ new phpbb_mock_request()
+ ),
+ new \phpbb\filesystem(),
+ $this->phpbb_root_path,
+ 'php'
+ );
+ }
+ return $this->path_helper;
+ }
+
+ protected function get_controller_helper()
+ {
+ if (!($this->controller_helper instanceof \phpbb\controller\helper))
+ {
+ global $phpbb_dispatcher;
+
+ $phpbb_dispatcher = new phpbb_mock_event_dispatcher;
+ $this->user = $this->getMock('\phpbb\user');
+ $phpbb_path_helper = new \phpbb\path_helper(
+ new \phpbb\symfony_request(
+ new phpbb_mock_request()
+ ),
+ new \phpbb\filesystem(),
+ $phpbb_root_path,
+ $phpEx
+ );
+ $this->template = new phpbb\template\twig\twig($phpbb_path_helper, $config, $this->user, new \phpbb\template\context());
+
+ // We don't use mod_rewrite in these tests
+ $config = new \phpbb\config\config(array('enable_mod_rewrite' => '0'));
+ $this->controller_helper = new \phpbb\controller\helper($this->template, $this->user, $config, '', 'php');
+ }
+ return $this->controller_helper;
+ }
+
protected function setUp()
{
parent::setUp();
@@ -33,26 +101,41 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
$GLOBALS['config'] = array(
'force_server_vars' => '0',
);
+
+ $this->path_helper = $this->get_path_helper();
+ $this->controller_helper = $this->get_controller_helper();
}
/**
* @dataProvider provider
*/
- public function test_redirect($test, $expected_error, $expected_result)
+ public function test_redirect($test, $disable_cd_check, $expected_error, $expected_result)
{
- global $user;
+ global $user, $phpbb_root_path, $phpbb_path_helper;
+
+ $phpbb_path_helper = $this->path_helper;
+
+ $temp_phpbb_root_path = $phpbb_root_path;
+ $temp_page_dir = $user->page['page_dir'];
+ // We need to hack phpbb_root_path and the user's page_dir here
+ // so it matches the actual fileinfo of the testing script.
+ // Otherwise the paths are returned incorrectly.
+ $phpbb_root_path = '';
+ $user->page['page_dir'] = '';
if ($expected_error !== false)
{
$this->setExpectedTriggerError(E_USER_ERROR, $expected_error);
}
- $result = redirect($test, true);
+ $result = redirect($test, true, $disable_cd_check);
// only verify result if we did not expect an error
if ($expected_error === false)
{
$this->assertEquals($expected_result, $result);
}
+ $phpbb_root_path = $temp_phpbb_root_path;
+ $user->page['page_dir'] = $temp_page_dir;
}
}
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-22 03:35:16 +0000