aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php')
-rw-r--r--tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php109
1 files changed, 31 insertions, 78 deletions
diff --git a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
index 183f1aa7477..0c6fc21357d 100644
--- a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
+++ b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
@@ -1,4 +1,5 @@
<?php
+
/**
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -194,9 +195,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
];
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPage')]
public function testSetNavigationEntry(string $method): void {
$this->navigationManager->expects($this->once())
->method('setActiveEntry')
@@ -244,9 +243,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
);
}
- /**
- * @dataProvider dataNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequired')]
public function testAjaxNotAdminCheck(string $method): void {
$this->ajaxExceptionStatus(
$method,
@@ -255,9 +252,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
);
}
- /**
- * @dataProvider dataPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataPublicPage')]
public function testAjaxStatusCSRFCheck(string $method): void {
$this->ajaxExceptionStatus(
$method,
@@ -266,9 +261,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
);
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPage')]
public function testAjaxStatusAllGood(string $method): void {
$this->ajaxExceptionStatus(
$method,
@@ -287,9 +280,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
);
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPage')]
public function testNoChecks(string $method): void {
$this->request->expects($this->never())
->method('passesCSRFCheck')
@@ -328,9 +319,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
}
- /**
- * @dataProvider dataPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataPublicPage')]
public function testCsrfCheck(string $method): void {
$this->expectException(CrossSiteRequestForgeryException::class);
@@ -344,9 +333,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPage')]
public function testNoCsrfCheck(string $method): void {
$this->request->expects($this->never())
->method('passesCSRFCheck')
@@ -356,9 +343,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataPublicPage')]
public function testPassesCsrfCheck(string $method): void {
$this->request->expects($this->once())
->method('passesCSRFCheck')
@@ -371,9 +356,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataPublicPage')]
public function testFailCsrfCheck(string $method): void {
$this->expectException(CrossSiteRequestForgeryException::class);
@@ -388,9 +371,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataPublicPageStrictCookieRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataPublicPageStrictCookieRequired')]
public function testStrictCookieRequiredCheck(string $method): void {
$this->expectException(\OC\AppFramework\Middleware\Security\Exceptions\StrictCookieMissingException::class);
@@ -404,9 +385,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPage')]
public function testNoStrictCookieRequiredCheck(string $method): void {
$this->request->expects($this->never())
->method('passesStrictCookieCheck')
@@ -416,9 +395,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataNoCSRFRequiredPublicPageStrictCookieRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredPublicPageStrictCookieRequired')]
public function testPassesStrictCookieRequiredCheck(string $method): void {
$this->request
->expects($this->once())
@@ -444,12 +421,12 @@ class SecurityMiddlewareTest extends \Test\TestCase {
}
/**
- * @dataProvider dataCsrfOcsController
* @param string $controllerClass
* @param bool $hasOcsApiHeader
* @param bool $hasBearerAuth
* @param bool $exception
*/
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataCsrfOcsController')]
public function testCsrfOcsController(string $controllerClass, bool $hasOcsApiHeader, bool $hasBearerAuth, bool $exception): void {
$this->request
->method('getHeader')
@@ -476,30 +453,22 @@ class SecurityMiddlewareTest extends \Test\TestCase {
}
}
- /**
- * @dataProvider dataNoAdminRequiredNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoAdminRequiredNoCSRFRequired')]
public function testLoggedInCheck(string $method): void {
$this->securityCheck($method, 'isLoggedIn');
}
- /**
- * @dataProvider dataNoAdminRequiredNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoAdminRequiredNoCSRFRequired')]
public function testFailLoggedInCheck(string $method): void {
$this->securityCheck($method, 'isLoggedIn', true);
}
- /**
- * @dataProvider dataNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequired')]
public function testIsAdminCheck(string $method): void {
$this->securityCheck($method, 'isAdminUser');
}
- /**
- * @dataProvider dataNoCSRFRequiredSubAdminRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredSubAdminRequired')]
public function testIsNotSubAdminCheck(string $method): void {
$this->reader->reflect($this->controller, $method);
$sec = $this->getMiddleware(true, false, false);
@@ -508,9 +477,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$sec->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataNoCSRFRequiredSubAdminRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredSubAdminRequired')]
public function testIsSubAdminCheck(string $method): void {
$this->reader->reflect($this->controller, $method);
$sec = $this->getMiddleware(true, false, true);
@@ -519,9 +486,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->addToAssertionCount(1);
}
- /**
- * @dataProvider dataNoCSRFRequiredSubAdminRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequiredSubAdminRequired')]
public function testIsSubAdminAndAdminCheck(string $method): void {
$this->reader->reflect($this->controller, $method);
$sec = $this->getMiddleware(true, true, true);
@@ -530,16 +495,12 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->addToAssertionCount(1);
}
- /**
- * @dataProvider dataNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoCSRFRequired')]
public function testFailIsAdminCheck(string $method): void {
$this->securityCheck($method, 'isAdminUser', true);
}
- /**
- * @dataProvider dataNoAdminRequiredNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoAdminRequiredNoCSRFRequiredPublicPage')]
public function testRestrictedAppLoggedInPublicPage(string $method): void {
$middleware = $this->getMiddleware(true, false, false);
$this->reader->reflect($this->controller, $method);
@@ -556,9 +517,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->addToAssertionCount(1);
}
- /**
- * @dataProvider dataNoAdminRequiredNoCSRFRequiredPublicPage
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoAdminRequiredNoCSRFRequiredPublicPage')]
public function testRestrictedAppNotLoggedInPublicPage(string $method): void {
$middleware = $this->getMiddleware(false, false, false);
$this->reader->reflect($this->controller, $method);
@@ -575,9 +534,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->addToAssertionCount(1);
}
- /**
- * @dataProvider dataNoAdminRequiredNoCSRFRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataNoAdminRequiredNoCSRFRequired')]
public function testRestrictedAppLoggedIn(string $method): void {
$middleware = $this->getMiddleware(true, false, false, false);
$this->reader->reflect($this->controller, $method);
@@ -600,8 +557,8 @@ class SecurityMiddlewareTest extends \Test\TestCase {
public function testAfterExceptionReturnsRedirectForNotLoggedInUser(): void {
$this->request = new Request(
[
- 'server' =>
- [
+ 'server'
+ => [
'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp'
]
@@ -674,14 +631,14 @@ class SecurityMiddlewareTest extends \Test\TestCase {
}
/**
- * @dataProvider exceptionProvider
* @param SecurityException $exception
*/
+ #[\PHPUnit\Framework\Attributes\DataProvider('exceptionProvider')]
public function testAfterExceptionReturnsTemplateResponse(SecurityException $exception): void {
$this->request = new Request(
[
- 'server' =>
- [
+ 'server'
+ => [
'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp'
]
@@ -710,9 +667,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$this->assertTrue($response instanceof JSONResponse);
}
- /**
- * @dataProvider dataExAppRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataExAppRequired')]
public function testExAppRequired(string $method): void {
$middleware = $this->getMiddleware(true, false, false);
$this->reader->reflect($this->controller, $method);
@@ -731,9 +686,7 @@ class SecurityMiddlewareTest extends \Test\TestCase {
$middleware->beforeController($this->controller, $method);
}
- /**
- * @dataProvider dataExAppRequired
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataExAppRequired')]
public function testExAppRequiredError(string $method): void {
$middleware = $this->getMiddleware(true, false, false, false);
$this->reader->reflect($this->controller, $method);
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-03 14:34:09 +0000