From eafe1aca3cc2bf6f89b07013eb0e203c6cc37f6c Mon Sep 17 00:00:00 2001 From: Jose Lorenzo Rodriguez Date: Sun, 18 May 2014 20:34:08 +0200 Subject: [PATCH] Fixing AuthComponent tests --- src/Controller/Component/AuthComponent.php | 59 ++++++----- src/Network/Request.php | 11 ++- src/Network/Session.php | 6 +- .../Component/AuthComponentTest.php | 97 +++++++------------ .../Component/TestAuthComponent.php | 4 - 5 files changed, 74 insertions(+), 103 deletions(-) diff --git a/src/Controller/Component/AuthComponent.php b/src/Controller/Component/AuthComponent.php index f112906518e..24cfab8943b 100644 --- a/src/Controller/Component/AuthComponent.php +++ b/src/Controller/Component/AuthComponent.php @@ -105,10 +105,9 @@ class AuthComponent extends Component { * request is made with an invalid or expired session. * * - `flash` - Settings to use when Auth needs to do a flash message with - * SessionComponent::setFlash(). Available keys are: + * Session::flash(). Available keys are: * - * - `element` - The element to use, defaults to 'default'. - * - `key` - The key to use, defaults to 'auth' + * - `key` - The message domain to use for flashes generated by this component, defaults to 'auth'. * - `params` - The array of additional params to use, defaults to [] * * - `loginAction` - A URL (defined as a string or array) to the controller action @@ -208,18 +207,18 @@ class AuthComponent extends Component { public $response; /** - * Method list for bound controller. + * Instance of the Session object * - * @var array + * @return void */ - protected $_methods = array(); + public $session; /** - * Instance of the Session object + * Method list for bound controller. * - * @return void + * @var array */ - protected $_session; + protected $_methods = array(); /** * Initializes AuthComponent for use in the controller. @@ -232,7 +231,7 @@ public function initialize(Event $event) { $this->request = $controller->request; $this->response = $controller->response; $this->_methods = $controller->methods; - $this->_session = $controller->request->session(); + $this->session = $controller->request->session(); if (Configure::read('debug')) { Debugger::checkSecurityKeys(); @@ -331,17 +330,17 @@ protected function _unauthenticated(Controller $controller) { if ($this->_isLoginAction($controller)) { if (empty($controller->request->data) && - !$this->_session->check('Auth.redirect') && + !$this->session->check('Auth.redirect') && $this->request->env('HTTP_REFERER') ) { - $this->_session->write('Auth.redirect', $controller->referer(null, true)); + $this->session->write('Auth.redirect', $controller->referer(null, true)); } return; } if (!$controller->request->is('ajax')) { $this->flash($this->_config['authError']); - $this->_session->write('Auth.redirect', $controller->request->here(false)); + $this->session->write('Auth.redirect', $controller->request->here(false)); return $controller->redirect($this->_config['loginAction']); } @@ -583,8 +582,8 @@ public function login($user = null) { $user = $this->identify($this->request, $this->response); } if ($user) { - $this->_session->renew(); - $this->_session->write($this->_sessionKey, $user); + $this->session->renew(); + $this->session->write($this->sessionKey, $user); } return (bool)$this->user(); } @@ -610,9 +609,9 @@ public function logout() { foreach ($this->_authenticateObjects as $auth) { $auth->logout($user); } - $this->_session->delete($this->sessionKey); - $this->_session->delete('Auth.redirect'); - $this->_session->renew(); + $this->session->delete($this->sessionKey); + $this->session->delete('Auth.redirect'); + $this->session->renew(); return Router::normalize($this->_config['logoutRedirect']); } @@ -630,8 +629,8 @@ public function logout() { public function user($key = null) { if (!empty($this->_user)) { $user = $this->_user; - } elseif ($this->_sessionKey && $this->_session->check($this->sessionKey)) { - $user = $this->_session->read($this->_sessionKey); + } elseif ($this->sessionKey && $this->session->check($this->sessionKey)) { + $user = $this->session->read($this->sessionKey); } else { return null; } @@ -650,7 +649,7 @@ public function user($key = null) { protected function _getUser() { $user = $this->user(); if ($user) { - $this->_session->delete('Auth.redirect'); + $this->session->delete('Auth.redirect'); return true; } @@ -689,10 +688,10 @@ protected function _getUser() { public function redirectUrl($url = null) { if ($url !== null) { $redir = $url; - $this->_session->write('Auth.redirect', $redir); - } elseif ($this->_session->check('Auth.redirect')) { - $redir = $this->_session->read('Auth.redirect'); - $this->_session->delete('Auth.redirect'); + $this->session->write('Auth.redirect', $redir); + } elseif ($this->session->check('Auth.redirect')) { + $redir = $this->session->read('Auth.redirect'); + $this->session->delete('Auth.redirect'); if (Router::normalize($redir) === Router::normalize($this->_config['loginAction'])) { $redir = $this->_config['loginRedirect']; @@ -770,17 +769,13 @@ public function constructAuthenticate() { * @param string $message The message to set. * @return void */ - public function flash($message) { + public function flash($message, $type = 'error') { if ($message === false) { return; } $flashConfig = $this->_config['flash']; - $this->_session->setFlash( - $message, - $flashConfig['element'], - $flashConfig['params'], - $flashConfig['key'] - ); + $key = $flashConfig['key']; + $this->session->flash($message, 'error', $flashConfig['params'] + compact('key')); } } diff --git a/src/Network/Request.php b/src/Network/Request.php index 6efd19dc511..71ba79eb503 100644 --- a/src/Network/Request.php +++ b/src/Network/Request.php @@ -440,10 +440,17 @@ protected function _processFileData(&$post, $path, $data, $field) { /** * Returns the instance of the Session object for this request * + * If a session obkect is passed as first argument it will be set as + * the session to use for this request + * + * @param \Cake\Network\Session $session the session object to use * @return \Cake\Network\Session */ - public function session() { - return $this->_session; + public function session(Session $session = null) { + if ($session === null) { + return $this->_session; + } + return $this->_session = $session; } /** diff --git a/src/Network/Session.php b/src/Network/Session.php index aac514d70aa..5d6d388d856 100644 --- a/src/Network/Session.php +++ b/src/Network/Session.php @@ -486,7 +486,9 @@ public function clear() { * @return bool */ protected function _hasSession() { - return !ini_get('session.use_cookies') || isset($_COOKIE[session_name()]); + return !ini_get('session.use_cookies') + || isset($_COOKIE[session_name()]) + || php_sapi_name() === 'cli'; } /** @@ -495,7 +497,7 @@ protected function _hasSession() { * @return void */ public function renew() { - if (!$this->_hasSession()) { + if (!$this->_hasSession() || php_sapi_name() === 'cli') { return; } diff --git a/tests/TestCase/Controller/Component/AuthComponentTest.php b/tests/TestCase/Controller/Component/AuthComponentTest.php index 5a2e573a475..166cbe9b73f 100644 --- a/tests/TestCase/Controller/Component/AuthComponentTest.php +++ b/tests/TestCase/Controller/Component/AuthComponentTest.php @@ -71,7 +71,7 @@ public function setUp() { Configure::write('Security.salt', 'YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi'); Configure::write('App.namespace', 'TestApp'); - $request = new Request(); + $request = new Request(['session' => new Session()]); $response = $this->getMock('Cake\Network\Response', array('stop')); $this->Controller = new AuthTestController($request, $response); @@ -80,7 +80,8 @@ public function setUp() { $this->Auth = new TestAuthComponent($this->Controller->components()); $this->Auth->request = $request; $this->Auth->response = $response; - AuthComponent::$sessionKey = 'Auth.User'; + $this->Auth->sessionKey = 'Auth.User'; + $this->Auth->session = $request->session(); $this->initialized = true; Router::reload(); @@ -98,9 +99,7 @@ public function setUp() { public function tearDown() { parent::tearDown(); - TestAuthComponent::clearUser(); - $this->Auth->Session->delete('Auth'); - $this->Auth->Session->delete('Message.auth'); + $_SESSION = []; unset($this->Controller, $this->Auth); } @@ -145,8 +144,8 @@ public function testLogin() { 'userModel' => 'AuthUsers' ) ); - $this->Auth->Session = $this->getMock( - 'Cake\Controller\Component\SessionComponent', + $this->Auth->session = $this->getMock( + 'Cake\Network\Session', array('renew'), array(), '', false ); @@ -169,7 +168,7 @@ public function testLogin() { ->with($this->Auth->request) ->will($this->returnValue($user)); - $this->Auth->Session->expects($this->once()) + $this->Auth->session->expects($this->once()) ->method('renew'); $result = $this->Auth->login(); @@ -552,11 +551,11 @@ public function testLoginRedirect() { $expected = Router::normalize($this->Auth->config('loginRedirect')); $this->assertEquals($expected, $this->Auth->redirectUrl()); - $this->Auth->Session->delete('Auth'); + $this->Auth->session->delete('Auth'); $url = '/posts/view/1'; - $this->Auth->Session->write('Auth', array( + $this->Auth->session->write('Auth', array( 'AuthUsers' => array('id' => '1', 'username' => 'nate')) ); $this->Controller->testUrl = null; @@ -576,8 +575,8 @@ public function testLoginRedirect() { $expected = Router::normalize('/AuthTest/login'); $this->assertEquals($expected, $this->Controller->testUrl); - $this->Auth->Session->delete('Auth'); - $this->Auth->Session->write('Auth', array( + $this->Auth->session->delete('Auth'); + $this->Auth->session->write('Auth', array( 'AuthUsers' => array('id' => '1', 'username' => 'nate') )); $this->Auth->request->params['action'] = 'login'; @@ -637,6 +636,7 @@ public function testLoginRedirect() { $url = '/posts/add'; $this->Auth->request = $this->Controller->request = new Request($url); + $this->Controller->request->session(new Session()); $this->Auth->request->addParams(Router::parse($url)); $this->Auth->request->url = Router::normalize($url); @@ -658,6 +658,7 @@ public function testLoginRedirect() { $request->env('HTTP_REFERER', 'http://webmail.example.com/view/message'); $request->query = array(); $this->Auth->request = $this->Controller->request = $request; + $this->Controller->request->session(new Session()); $this->Auth->request->addParams(Router::parse($url)); $this->Auth->request->url = $this->Auth->request->here = Router::normalize($url); $event = new Event('Controller.initialize', $this->Controller); @@ -675,6 +676,7 @@ public function testLoginRedirect() { $this->Auth->request->env('HTTP_REFERER', 'http://webmail.example.com/view/message'); $this->Auth->request->addParams(Router::parse($url)); $this->Auth->request->url = Router::normalize($url); + $this->Auth->request->session(new Session()); $event = new Event('Controller.initialize', $this->Controller); $this->Auth->initialize($event); $this->Auth->config('loginAction', ['controller' => 'AuthTest', 'action' => 'login']); @@ -720,6 +722,7 @@ public function testNoLoginRedirectForAuthenticatedUser() { public function testDefaultToLoginRedirect() { $url = '/party/on'; $this->Auth->request = $Request = new Request($url); + $this->Auth->request->session(new Session()); $Request->env('HTTP_REFERER', false); $this->Auth->request->addParams(Router::parse($url)); $this->Auth->config('authorize', ['Controller']); @@ -750,7 +753,14 @@ public function testDefaultToLoginRedirect() { */ public function testRedirectToUnauthorizedRedirect() { $url = '/party/on'; - $this->Auth->request = $request = new Request($url); + $this->Auth->session = $this->getMock( + 'Cake\Network\Session', + array('flash') + ); + $this->Auth->request = $request = new Request([ + 'url' => $url, + 'session' => $this->Auth->session + ]); $this->Auth->request->addParams(Router::parse($url)); $this->Auth->config('authorize', ['Controller']); $this->Auth->login(array('username' => 'admad', 'password' => 'cake')); @@ -764,18 +774,13 @@ public function testRedirectToUnauthorizedRedirect() { array('on', 'redirect'), array($request, $response) ); - $this->Auth->Session = $this->getMock( - 'Cake\Controller\Component\SessionComponent', - array('setFlash'), - array($Controller->components()) - ); $Controller->expects($this->once()) ->method('redirect') ->with($this->equalTo($expected)); - $this->Auth->Session->expects($this->once()) - ->method('setFlash'); + $this->Auth->session->expects($this->once()) + ->method('flash'); $event = new Event('Controller.startup', $Controller); $this->Auth->startup($event); @@ -922,7 +927,8 @@ public function testAdminRoute() { public function testAjaxLogin() { $this->Controller->request = new Request([ 'url' => '/ajax_auth/add', - 'environment' => ['HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest'] + 'environment' => ['HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest'], + 'session' => new Session ]); $this->Controller->request->params['action'] = 'add'; @@ -1141,17 +1147,13 @@ public function testLoginWithUserData() { * @return void */ public function testFlashSettings() { - $this->Auth->Session = $this->getMock( - 'Cake\Controller\Component\SessionComponent', - array(), array(), '', false - ); - $this->Auth->Session->expects($this->once()) - ->method('setFlash') - ->with('Auth failure', 'custom', array(1), 'auth-key'); + $this->Auth->session = $this->getMock('Cake\Network\Session'); + $this->Auth->session->expects($this->once()) + ->method('flash') + ->with('Auth failure', 'error', array('key' => 'auth-key', 'element' => 'custom')); $this->Auth->config('flash', [ - 'element' => 'custom', - 'params' => array(1), + 'params' => array('element' => 'custom'), 'key' => 'auth-key' ]); $this->Auth->flash('Auth failure'); @@ -1299,47 +1301,16 @@ public function testUser() { * @return void */ public function testStatelessAuthNoRedirect() { - if (Session::id()) { - session_destroy(); - Session::$id = null; - } $event = new Event('Controller.startup', $this->Controller); - $_SESSION = null; + $_SESSION = []; - AuthComponent::$sessionKey = false; + $this->sessionKey = false; $this->Auth->config('authenticate', ['Basic']); $this->Controller->request['action'] = 'admin_add'; $result = $this->Auth->startup($event); } -/** - * testStatelessAuthNoSessionStart method - * - * @return void - */ - public function testStatelessAuthNoSessionStart() { - if (Session::id()) { - session_destroy(); - Session::$id = null; - } - $event = new Event('Controller.startup', $this->Controller); - - AuthComponent::$sessionKey = false; - $this->Auth->config('authenticate', [ - 'Basic' => array('userModel' => 'AuthUsers') - ]); - $this->Controller->request['action'] = 'admin_add'; - - $this->Controller->request->env('PHP_AUTH_USER', 'mariano'); - $this->Controller->request->env('PHP_AUTH_PW', 'cake'); - - $result = $this->Auth->startup($event); - $this->assertNull($result); - - $this->assertNull(Session::id()); - } - /** * testStatelessAuthRedirect method * diff --git a/tests/test_app/TestApp/Controller/Component/TestAuthComponent.php b/tests/test_app/TestApp/Controller/Component/TestAuthComponent.php index 8bc896a1876..ebf475bc02c 100644 --- a/tests/test_app/TestApp/Controller/Component/TestAuthComponent.php +++ b/tests/test_app/TestApp/Controller/Component/TestAuthComponent.php @@ -43,8 +43,4 @@ public function setAuthorizeObject($index, $object) { $this->_authorizeObjects[$index] = $object; } - public static function clearUser() { - static::$_user = array(); - } - }