Browse files

Update tests for FormHelper::postButton()

Since this method just combines fixed methods it can continue to pass.
I've decided to remove random id attributes from the CSRF and
SecurityComponent fields. Because the ID values are random they are
impossible to use for scripting which is the main utility ID attributes
provide.
  • Loading branch information...
1 parent 555a376 commit 865a3feaf0ce8b8911ed220c5e0c4c37343a94ce @markstory markstory committed Feb 16, 2014
Showing with 19 additions and 23 deletions.
  1. +0 −3 src/View/Helper/FormHelper.php
  2. +19 −20 tests/TestCase/View/Helper/FormHelperTest.php
View
3 src/View/Helper/FormHelper.php
@@ -436,7 +436,6 @@ protected function _csrfField() {
}
return $this->hidden('_csrfToken', array(
'value' => $this->request->params['_csrfToken'],
- 'id' => 'Token' . mt_rand(),
'secure' => static::SECURE_SKIP
));
}
@@ -525,11 +524,9 @@ public function secure($fields = array()) {
$out = $this->hidden('_Token.fields', array(
'value' => urlencode($fields . ':' . $locked),
- 'id' => 'TokenFields' . mt_rand()
));
$out .= $this->hidden('_Token.unlocked', array(
'value' => urlencode($unlocked),
- 'id' => 'TokenUnlocked' . mt_rand()
));
return $this->Html->useTag('hiddenblock', $out);
}
View
39 tests/TestCase/View/Helper/FormHelperTest.php
@@ -1124,7 +1124,7 @@ public function testCreateWithSecurity() {
'div' => array('style' => 'display:none;'),
array('input' => array('type' => 'hidden', 'name' => '_method', 'value' => 'POST')),
array('input' => array(
- 'type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testKey', 'id'
+ 'type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testKey'
)),
'/div'
);
@@ -1244,7 +1244,7 @@ public function testFormSecurityFields() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1261,7 +1261,7 @@ public function testFormSecurityFields() {
'div' => array('class' => 'hidden'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1408,7 +1408,7 @@ public function testFormSecurityMultipleFields() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1455,7 +1455,7 @@ public function testFormSecurityMultipleSubmitButtons() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => 'preg:/.+/', 'id' => 'preg:/TokenFields\d+/'
+ 'value' => 'preg:/.+/'
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1579,7 +1579,7 @@ public function testFormSecurityMultipleInputFields() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1646,7 +1646,7 @@ public function testFormSecurityMultipleInputDisabledFields() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1696,7 +1696,7 @@ public function testFormSecurityInputUnlockedFields() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -1845,7 +1845,7 @@ public function testFormSecuredInput() {
'div' => array('style' => 'display:none;'),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[fields]',
- 'value' => $hash, 'id' => 'preg:/TokenFields\d+/'
+ 'value' => $hash
)),
array('input' => array(
'type' => 'hidden', 'name' => '_Token[unlocked]',
@@ -7220,7 +7220,6 @@ public function testButtonUnlockedByDefault() {
* @return void
*/
public function testPostButton() {
- $this->markTestIncomplete('Need to revisit once models work again.');
$result = $this->Form->postButton('Hi', '/controller/action');
$this->assertTags($result, array(
'form' => array('method' => 'post', 'action' => '/controller/action', 'accept-charset' => 'utf-8'),
@@ -7234,7 +7233,7 @@ public function testPostButton() {
));
$result = $this->Form->postButton('Send', '/', array('data' => array('extra' => 'value')));
- $this->assertTrue(strpos($result, '<input type="hidden" name="extra" value="value"/>') !== false);
+ $this->assertTrue(strpos($result, '<input type="hidden" name="extra" value="value"') !== false);
}
/**
@@ -7243,8 +7242,8 @@ public function testPostButton() {
* @return void
*/
public function testSecurePostButton() {
- $this->markTestIncomplete('Need to revisit once models work again.');
$this->Form->request->params['_csrfToken'] = 'testkey';
+ $this->Form->request->params['_Token'] = ['unlockedFields' => []];
$result = $this->Form->postButton('Delete', '/posts/delete/1');
$expected = array(
@@ -7253,14 +7252,14 @@ public function testSecurePostButton() {
),
array('div' => array('style' => 'display:none;')),
array('input' => array('type' => 'hidden', 'name' => '_method', 'value' => 'POST')),
- array('input' => array('type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testkey', 'id' => 'preg:/Token\d+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testkey')),
'/div',
'button' => array('type' => 'submit'),
'Delete',
'/button',
array('div' => array('style' => 'display:none;')),
- array('input' => array('type' => 'hidden', 'name' => '_Token[fields]', 'value' => 'preg:/[\w\d%]+/', 'id' => 'preg:/TokenFields\d+/')),
- array('input' => array('type' => 'hidden', 'name' => '_Token[unlocked]', 'value' => '', 'id' => 'preg:/TokenUnlocked\d+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_Token[fields]', 'value' => 'preg:/[\w\d%]+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_Token[unlocked]', 'value' => '')),
'/div',
'/form',
);
@@ -7380,8 +7379,8 @@ public function testPostLinkAfterGetForm() {
array('input' => array('type' => 'hidden', 'name' => '_method', 'value' => 'POST')),
array('input' => array('type' => 'hidden', 'name' => 'data[_Token][key]', 'value' => 'testkey', 'id' => 'preg:/Token\d+/')),
'div' => array('style' => 'display:none;'),
- array('input' => array('type' => 'hidden', 'name' => 'data[_Token][fields]', 'value' => 'preg:/[\w\d%]+/', 'id' => 'preg:/TokenFields\d+/')),
- array('input' => array('type' => 'hidden', 'name' => 'data[_Token][unlocked]', 'value' => '', 'id' => 'preg:/TokenUnlocked\d+/')),
+ array('input' => array('type' => 'hidden', 'name' => 'data[_Token][fields]', 'value' => 'preg:/[\w\d%]+/')),
+ array('input' => array('type' => 'hidden', 'name' => 'data[_Token][unlocked]', 'value' => '')),
'/div',
'/form',
'a' => array('href' => '#', 'onclick' => 'preg:/document\.post_\w+\.submit\(\); event\.returnValue = false; return false;/'),
@@ -7406,10 +7405,10 @@ public function testSecurePostLink() {
'name' => 'preg:/post_\w+/', 'id' => 'preg:/post_\w+/', 'style' => 'display:none;'
),
array('input' => array('type' => 'hidden', 'name' => '_method', 'value' => 'POST')),
- array('input' => array('type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testkey', 'id' => 'preg:/Token\d+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_csrfToken', 'value' => 'testkey')),
'div' => array('style' => 'display:none;'),
- array('input' => array('type' => 'hidden', 'name' => '_Token[fields]', 'value' => 'preg:/[\w\d%]+/', 'id' => 'preg:/TokenFields\d+/')),
- array('input' => array('type' => 'hidden', 'name' => '_Token[unlocked]', 'value' => '', 'id' => 'preg:/TokenUnlocked\d+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_Token[fields]', 'value' => 'preg:/[\w\d%]+/')),
+ array('input' => array('type' => 'hidden', 'name' => '_Token[unlocked]', 'value' => '')),
'/div',
'/form',
'a' => array('href' => '#', 'onclick' => 'preg:/document\.post_\w+\.submit\(\); event\.returnValue = false; return false;/'),

0 comments on commit 865a3fe

Please sign in to comment.