summaryrefslogtreecommitdiffstats
path: root/tests/lib/user/session.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2016-01-04 15:00:58 +0100
committerLukas Reschke <lukas@owncloud.com>2016-01-04 15:09:01 +0100
commitfec41e753926b9f98a554b99dc66b6dd7a0c96a3 (patch)
treec12929701b7e8c5cc7032be5cec9a3164a29ebd1 /tests/lib/user/session.php
parentebc52300e752c68b3f6dcc822894ad1ab85f0999 (diff)
downloadnextcloud-server-fec41e753926b9f98a554b99dc66b6dd7a0c96a3.tar.gz
nextcloud-server-fec41e753926b9f98a554b99dc66b6dd7a0c96a3.zip
Move regeneration of session ID into session classes
There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
Diffstat (limited to 'tests/lib/user/session.php')
-rw-r--r--tests/lib/user/session.php16
1 files changed, 15 insertions, 1 deletions
diff --git a/tests/lib/user/session.php b/tests/lib/user/session.php
index d9dace2ef05..ffd4f96d801 100644
--- a/tests/lib/user/session.php
+++ b/tests/lib/user/session.php
@@ -95,6 +95,8 @@ class Session extends \Test\TestCase {
public function testLoginValidPasswordEnabled() {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
+ $session->expects($this->once())
+ ->method('regenerateId');
$session->expects($this->exactly(2))
->method('set')
->with($this->callback(function ($key) {
@@ -148,6 +150,8 @@ class Session extends \Test\TestCase {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
$session->expects($this->never())
->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
$managerMethods = get_class_methods('\OC\User\Manager');
//keep following methods intact in order to ensure hooks are
@@ -179,10 +183,12 @@ class Session extends \Test\TestCase {
$userSession->login('foo', 'bar');
}
- public function testLoginInValidPassword() {
+ public function testLoginInvalidPassword() {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
$session->expects($this->never())
->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
$managerMethods = get_class_methods('\OC\User\Manager');
//keep following methods intact in order to ensure hooks are
@@ -217,6 +223,8 @@ class Session extends \Test\TestCase {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
$session->expects($this->never())
->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
$manager = $this->getMock('\OC\User\Manager');
@@ -244,6 +252,8 @@ class Session extends \Test\TestCase {
}
},
'foo'));
+ $session->expects($this->once())
+ ->method('regenerateId');
$managerMethods = get_class_methods('\OC\User\Manager');
//keep following methods intact in order to ensure hooks are
@@ -292,6 +302,8 @@ class Session extends \Test\TestCase {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
$session->expects($this->never())
->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
$managerMethods = get_class_methods('\OC\User\Manager');
//keep following methods intact in order to ensure hooks are
@@ -334,6 +346,8 @@ class Session extends \Test\TestCase {
$session = $this->getMock('\OC\Session\Memory', array(), array(''));
$session->expects($this->never())
->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
$managerMethods = get_class_methods('\OC\User\Manager');
//keep following methods intact in order to ensure hooks are