diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-07-29 12:13:55 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-29 12:13:55 +0200 |
| commit | 51197ac62216c6ed8e18af3e0a8e8323684d6955 (patch) | |
| tree | e8982d238255e815a37cd558b5bb36603ae201f1 /tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php | |
| parent | ec7e837d6a1753cd6bbed69badd07d22bad0dffc (diff) | |
| parent | 37a4282c7ae27c518ce7143be491a00a651e4f4a (diff) | |
| download | nextcloud-server-51197ac62216c6ed8e18af3e0a8e8323684d6955.tar.gz nextcloud-server-51197ac62216c6ed8e18af3e0a8e8323684d6955.zip | |
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
Split up security middleware
Diffstat (limited to 'tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php')
| -rw-r--r-- | tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php | 97 |
1 files changed, 0 insertions, 97 deletions
diff --git a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php index ab243616be0..6a1adf03b2f 100644 --- a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php @@ -72,12 +72,6 @@ class SecurityMiddlewareTest extends \Test\TestCase { private $navigationManager; /** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */ private $urlGenerator; - /** @var ContentSecurityPolicyManager|\PHPUnit_Framework_MockObject_MockObject */ - private $contentSecurityPolicyManager; - /** @var CsrfTokenManager|\PHPUnit_Framework_MockObject_MockObject */ - private $csrfTokenManager; - /** @var ContentSecurityPolicyNonceManager|\PHPUnit_Framework_MockObject_MockObject */ - private $cspNonceManager; /** @var IAppManager|\PHPUnit_Framework_MockObject_MockObject */ private $appManager; /** @var IL10N|\PHPUnit_Framework_MockObject_MockObject */ @@ -92,9 +86,6 @@ class SecurityMiddlewareTest extends \Test\TestCase { $this->navigationManager = $this->createMock(INavigationManager::class); $this->urlGenerator = $this->createMock(IURLGenerator::class); $this->request = $this->createMock(IRequest::class); - $this->contentSecurityPolicyManager = $this->createMock(ContentSecurityPolicyManager::class); - $this->csrfTokenManager = $this->createMock(CsrfTokenManager::class); - $this->cspNonceManager = $this->createMock(ContentSecurityPolicyNonceManager::class); $this->l10n = $this->createMock(IL10N::class); $this->middleware = $this->getMiddleware(true, true, false); $this->secException = new SecurityException('hey', false); @@ -118,9 +109,6 @@ class SecurityMiddlewareTest extends \Test\TestCase { $isLoggedIn, $isAdminUser, $isSubAdmin, - $this->contentSecurityPolicyManager, - $this->csrfTokenManager, - $this->cspNonceManager, $this->appManager, $this->l10n ); @@ -611,91 +599,6 @@ class SecurityMiddlewareTest extends \Test\TestCase { $this->assertTrue($response instanceof JSONResponse); } - public function testAfterController() { - $this->cspNonceManager - ->expects($this->once()) - ->method('browserSupportsCspV3') - ->willReturn(false); - $response = $this->createMock(Response::class); - $defaultPolicy = new ContentSecurityPolicy(); - $defaultPolicy->addAllowedImageDomain('defaultpolicy'); - $currentPolicy = new ContentSecurityPolicy(); - $currentPolicy->addAllowedConnectDomain('currentPolicy'); - $mergedPolicy = new ContentSecurityPolicy(); - $mergedPolicy->addAllowedMediaDomain('mergedPolicy'); - $response - ->expects($this->exactly(2)) - ->method('getContentSecurityPolicy') - ->willReturn($currentPolicy); - $this->contentSecurityPolicyManager - ->expects($this->once()) - ->method('getDefaultPolicy') - ->willReturn($defaultPolicy); - $this->contentSecurityPolicyManager - ->expects($this->once()) - ->method('mergePolicies') - ->with($defaultPolicy, $currentPolicy) - ->willReturn($mergedPolicy); - $response->expects($this->once()) - ->method('setContentSecurityPolicy') - ->with($mergedPolicy); - - $this->middleware->afterController($this->controller, 'test', $response); - } - - public function testAfterControllerEmptyCSP() { - $response = $this->createMock(Response::class); - $emptyPolicy = new EmptyContentSecurityPolicy(); - $response->expects($this->any()) - ->method('getContentSecurityPolicy') - ->willReturn($emptyPolicy); - $response->expects($this->never()) - ->method('setContentSecurityPolicy'); - - $this->middleware->afterController($this->controller, 'test', $response); - } - - public function testAfterControllerWithContentSecurityPolicy3Support() { - $this->cspNonceManager - ->expects($this->once()) - ->method('browserSupportsCspV3') - ->willReturn(true); - $token = $this->createMock(CsrfToken::class); - $token - ->expects($this->once()) - ->method('getEncryptedValue') - ->willReturn('MyEncryptedToken'); - $this->csrfTokenManager - ->expects($this->once()) - ->method('getToken') - ->willReturn($token); - $response = $this->createMock(Response::class); - $defaultPolicy = new ContentSecurityPolicy(); - $defaultPolicy->addAllowedImageDomain('defaultpolicy'); - $currentPolicy = new ContentSecurityPolicy(); - $currentPolicy->addAllowedConnectDomain('currentPolicy'); - $mergedPolicy = new ContentSecurityPolicy(); - $mergedPolicy->addAllowedMediaDomain('mergedPolicy'); - $response - ->expects($this->exactly(2)) - ->method('getContentSecurityPolicy') - ->willReturn($currentPolicy); - $this->contentSecurityPolicyManager - ->expects($this->once()) - ->method('getDefaultPolicy') - ->willReturn($defaultPolicy); - $this->contentSecurityPolicyManager - ->expects($this->once()) - ->method('mergePolicies') - ->with($defaultPolicy, $currentPolicy) - ->willReturn($mergedPolicy); - $response->expects($this->once()) - ->method('setContentSecurityPolicy') - ->with($mergedPolicy); - - $this->assertEquals($response, $this->middleware->afterController($this->controller, 'test', $response)); - } - public function dataRestrictedApp() { return [ [false, false, false,], |