Updating SecurityComponent tests to include the disabled field.

cakephp · Jun 15, 2011 · 046ddce · 046ddce
1 parent be6a2e0
commit 046ddce
Showing 1 changed file with 44 additions and 27 deletions.
diff --git a/lib/Cake/Test/Case/Controller/Component/SecurityComponentTest.php b/lib/Cake/Test/Case/Controller/Component/SecurityComponentTest.php
@@ -471,10 +471,11 @@ public function testValidatePost() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$this->assertTrue($this->Controller->Security->validatePost($this->Controller));
 	}
@@ -488,10 +489,11 @@ public function testValidatePostFormHacking() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->params['_Token']['key'];
 		$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
-			'_Token' => compact('key')
+			'_Token' => compact('key', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertFalse($result, 'validatePost passed when fields were missing. %s');
@@ -507,14 +509,15 @@ public function testValidatePostObjectDeserialize() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877';
+		$disabled = '';
 
 		// a corrupted serialized object, so we can see if it ever gets to deserialize
 		$attack = 'O:3:"App":1:{s:5:"__map";a:1:{s:3:"foo";s:7:"Hacked!";s:1:"fail"}}';
 		$fields .= urlencode(':' . str_rot13($attack));
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => 'mark', 'password' => 'foo', 'valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertFalse($result, 'validatePost passed when key was missing. %s');
@@ -531,10 +534,11 @@ public function testValidatePostArray() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'f7d573650a295b94e0938d32b323fde775e5f32b%3A';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array('multi_field' => array('1', '3')),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$this->assertTrue($this->Controller->Security->validatePost($this->Controller));
 	}
@@ -550,10 +554,11 @@ public function testValidatePostNoModel() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '540ac9c60d323c22bafe997b72c0790f39a8bdef%3A';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'anything' => 'some_data',
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -571,10 +576,11 @@ public function testValidatePostSimple() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '69f493434187b867ea14b901fdf58b55d27c935d%3A';
+		$disabled = '';
 
 		$this->Controller->request->data = $data = array(
 			'Model' => array('username' => '', 'password' => ''),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -592,6 +598,7 @@ public function testValidatePostComplex() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'c9118120e680a7201b543f562e5301006ccfcbe2%3AAddresses.0.id%7CAddresses.1.id';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Addresses' => array(
@@ -604,7 +611,7 @@ public function testValidatePostComplex() {
 					'address' => '', 'city' => '', 'phone' => '', 'primary' => ''
 				)
 			),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
@@ -620,32 +627,34 @@ public function testValidatePostMultipleSelect() {
 
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '422cde416475abc171568be690a98cad20e66079%3A';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Tag' => array('Tag' => array(1, 2)),
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
 
 		$this->Controller->request->data = array(
 			'Tag' => array('Tag' => array(1, 2, 3)),
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
 
 		$this->Controller->request->data = array(
 			'Tag' => array('Tag' => array(1, 2, 3, 4)),
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
 
 		$fields = '19464422eafe977ee729c59222af07f983010c5f%3A';
 		$this->Controller->request->data = array(
 			'User.password' => 'bar', 'User.name' => 'foo', 'User.is_valid' => '1',
-			'Tag' => array('Tag' => array(1)), '_Token' => compact('key', 'fields'),
+			'Tag' => array('Tag' => array(1)), 
+			'_Token' => compact('key', 'fields', 'disabled'),
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
@@ -664,10 +673,11 @@ public function testValidatePostCheckbox() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3AModel.valid';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -677,7 +687,7 @@ public function testValidatePostCheckbox() {
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -690,7 +700,7 @@ public function testValidatePostCheckbox() {
 
 		$this->Controller->request->data = $data = array(
 			'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -707,14 +717,14 @@ public function testValidatePostHidden() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '51ccd8cb0997c7b3d4523ecde5a109318405ef8c%3AModel.hidden%7CModel.other_hidden';
-		$fields .= '';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array(
 				'username' => '', 'password' => '', 'hidden' => '0',
 				'other_hidden' => 'some hidden value'
 			),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
@@ -731,12 +741,13 @@ public function testValidatePostWithDisabledFields() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'ef1082968c449397bcd849f963636864383278b1%3AModel.hidden';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array(
 				'username' => '', 'password' => '', 'hidden' => '0'
 			),
-			'_Token' => compact('fields', 'key')
+			'_Token' => compact('fields', 'key', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -753,12 +764,13 @@ public function testValidateHiddenMultipleModel() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = 'a2d01072dc4660eea9d15007025f35a7a5b58e18%3AModel.valid%7CModel2.valid%7CModel3.valid';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array('username' => '', 'password' => '', 'valid' => '0'),
 			'Model2' => array('valid' => '0'),
 			'Model3' => array('valid' => '0'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
@@ -775,6 +787,7 @@ public function testValidateHasManyModel() {
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '51e3b55a6edd82020b3f29c9ae200e14bbeb7ee5%3AModel.0.hidden%7CModel.0.valid';
 		$fields .= '%7CModel.1.hidden%7CModel.1.valid';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Model' => array(
@@ -787,7 +800,7 @@ public function testValidateHasManyModel() {
 					'hidden' => 'value', 'valid' => '0'
 				)
 			),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -805,6 +818,7 @@ public function testValidateHasManyRecordsPass() {
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
 		$fields .= 'Address.1.id%7CAddress.1.primary';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Address' => array(
@@ -829,7 +843,7 @@ public function testValidateHasManyRecordsPass() {
 					'primary' => '1'
 				)
 			),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -849,6 +863,7 @@ public function testValidateHasManyRecordsFail() {
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '7a203edb3d345bbf38fe0dccae960da8842e11d7%3AAddress.0.id%7CAddress.0.primary%7C';
 		$fields .= 'Address.1.id%7CAddress.1.primary';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'Address' => array(
@@ -873,7 +888,7 @@ public function testValidateHasManyRecordsFail() {
 					'primary' => '1'
 				)
 			),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -890,10 +905,11 @@ public function testFormDisabledFields() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '11842060341b9d0fc3808b90ba29fdea7054d6ad%3An%3A0%3A%7B%7D';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
 			'MyModel' => array('name' => 'some data'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertFalse($result);
@@ -904,7 +920,7 @@ public function testFormDisabledFields() {
 
 		$this->Controller->request->data = array(
 			'MyModel' => array('name' => 'some data'),
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 
 		$result = $this->Controller->Security->validatePost($this->Controller);
@@ -921,29 +937,30 @@ public function testRadio() {
 		$this->Controller->Security->startup($this->Controller);
 		$key = $this->Controller->request->params['_Token']['key'];
 		$fields = '575ef54ca4fc8cab468d6d898e9acd3a9671c17e%3An%3A0%3A%7B%7D';
+		$disabled = '';
 
 		$this->Controller->request->data = array(
-			'_Token' => compact('key', 'fields')
+			'_Token' => compact('key', 'fields', 'disabled')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertFalse($result);
 
 		$this->Controller->request->data = array(
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 			'Test' => array('test' => '')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
 
 		$this->Controller->request->data = array(
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 			'Test' => array('test' => '1')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);
 		$this->assertTrue($result);
 
 		$this->Controller->request->data = array(
-			'_Token' => compact('key', 'fields'),
+			'_Token' => compact('key', 'fields', 'disabled'),
 			'Test' => array('test' => '2')
 		);
 		$result = $this->Controller->Security->validatePost($this->Controller);