diff options
Diffstat (limited to 'tests/lib/appframework')
11 files changed, 853 insertions, 45 deletions
diff --git a/tests/lib/appframework/controller/ApiControllerTest.php b/tests/lib/appframework/controller/ApiControllerTest.php index b2e52cc0b5c..137e5950f67 100644 --- a/tests/lib/appframework/controller/ApiControllerTest.php +++ b/tests/lib/appframework/controller/ApiControllerTest.php @@ -37,7 +37,8 @@ class ApiControllerTest extends \Test\TestCase { public function testCors() { $request = new Request( ['server' => ['HTTP_ORIGIN' => 'test']], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->controller = new ChildApiController('app', $request, 'verbs', 'headers', 100); diff --git a/tests/lib/appframework/controller/ControllerTest.php b/tests/lib/appframework/controller/ControllerTest.php index 3bf63d714a0..ccc373f4d59 100644 --- a/tests/lib/appframework/controller/ControllerTest.php +++ b/tests/lib/appframework/controller/ControllerTest.php @@ -75,7 +75,8 @@ class ControllerTest extends \Test\TestCase { 'session' => ['sezession' => 'kein'], 'method' => 'hi', ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->app = $this->getMock('OC\AppFramework\DependencyInjection\DIContainer', diff --git a/tests/lib/appframework/controller/OCSControllerTest.php b/tests/lib/appframework/controller/OCSControllerTest.php index 3b4de1d7a05..11a9d45eb92 100644 --- a/tests/lib/appframework/controller/OCSControllerTest.php +++ b/tests/lib/appframework/controller/OCSControllerTest.php @@ -33,11 +33,17 @@ class ChildOCSController extends OCSController {} class OCSControllerTest extends \Test\TestCase { + private $controller; public function testCors() { $request = new Request( - array('server' => array('HTTP_ORIGIN' => 'test')), - $this->getMock('\OCP\Security\ISecureRandom') + [ + 'server' => [ + 'HTTP_ORIGIN' => 'test', + ], + ], + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $controller = new ChildOCSController('app', $request, 'verbs', 'headers', 100); @@ -57,7 +63,8 @@ class OCSControllerTest extends \Test\TestCase { public function testXML() { $controller = new ChildOCSController('app', new Request( [], - $this->getMock('\OCP\Security\ISecureRandom') + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') )); $expected = "<?xml version=\"1.0\"?>\n" . "<ocs>\n" . @@ -86,7 +93,8 @@ class OCSControllerTest extends \Test\TestCase { public function testXMLDataResponse() { $controller = new ChildOCSController('app', new Request( [], - $this->getMock('\OCP\Security\ISecureRandom') + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') )); $expected = "<?xml version=\"1.0\"?>\n" . "<ocs>\n" . @@ -115,7 +123,8 @@ class OCSControllerTest extends \Test\TestCase { public function testJSON() { $controller = new ChildOCSController('app', new Request( [], - $this->getMock('\OCP\Security\ISecureRandom') + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') )); $expected = '{"status":"OK","statuscode":400,"message":"OK",' . '"totalitems":"","itemsperpage":"","data":{"test":"hi"}}'; diff --git a/tests/lib/appframework/dependencyinjection/DIContainerTest.php b/tests/lib/appframework/dependencyinjection/DIContainerTest.php index 43309f64e63..0cbdddbb205 100644 --- a/tests/lib/appframework/dependencyinjection/DIContainerTest.php +++ b/tests/lib/appframework/dependencyinjection/DIContainerTest.php @@ -73,7 +73,8 @@ class DIContainerTest extends \Test\TestCase { public function testMiddlewareDispatcherIncludesSecurityMiddleware(){ $this->container['Request'] = new Request( ['method' => 'GET'], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $security = $this->container['SecurityMiddleware']; $dispatcher = $this->container['MiddlewareDispatcher']; diff --git a/tests/lib/appframework/http/DispatcherTest.php b/tests/lib/appframework/http/DispatcherTest.php index 832cd80e60a..02c86df8e72 100644 --- a/tests/lib/appframework/http/DispatcherTest.php +++ b/tests/lib/appframework/http/DispatcherTest.php @@ -24,7 +24,6 @@ namespace OC\AppFramework\Http; -use OC\AppFramework\Middleware\MiddlewareDispatcher; use OC\AppFramework\Utility\ControllerMethodReflector; use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; @@ -33,6 +32,10 @@ use OCP\AppFramework\Controller; class TestController extends Controller { + /** + * @param string $appName + * @param \OCP\IRequest $request + */ public function __construct($appName, $request) { parent::__construct($appName, $request); } @@ -40,6 +43,9 @@ class TestController extends Controller { /** * @param int $int * @param bool $bool + * @param int $test + * @param int $test2 + * @return array */ public function exec($int, $bool, $test=4, $test2=1) { $this->registerResponder('text', function($in) { @@ -52,6 +58,9 @@ class TestController extends Controller { /** * @param int $int * @param bool $bool + * @param int $test + * @param int $test2 + * @return DataResponse */ public function execDataResponse($int, $bool, $test=4, $test2=1) { return new DataResponse(array( @@ -67,6 +76,7 @@ class DispatcherTest extends \Test\TestCase { private $dispatcher; private $controllerMethod; private $response; + private $request; private $lastModified; private $etag; private $http; @@ -284,7 +294,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'POST' ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, @@ -310,7 +321,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'POST', ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, @@ -339,7 +351,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'GET' ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, @@ -367,7 +380,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'GET' ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, @@ -396,7 +410,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'PUT' ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, @@ -427,7 +442,8 @@ class DispatcherTest extends \Test\TestCase { ], 'method' => 'POST' ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->dispatcher = new Dispatcher( $this->http, $this->middlewareDispatcher, $this->reflector, diff --git a/tests/lib/appframework/http/RequestTest.php b/tests/lib/appframework/http/RequestTest.php index eeba64b7f69..3185a0093c4 100644 --- a/tests/lib/appframework/http/RequestTest.php +++ b/tests/lib/appframework/http/RequestTest.php @@ -1,6 +1,8 @@ <?php /** - * Copyright (c) 2013 Thomas Tanghus (thomas@tanghus.net) + * @copyright 2013 Thomas Tanghus (thomas@tanghus.net) + * @copyright 2015 Lukas Reschke lukas@owncloud.com + * * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. @@ -9,12 +11,20 @@ namespace OC\AppFramework\Http; use OCP\Security\ISecureRandom; +use OCP\IConfig; +/** + * Class RequestTest + * + * @package OC\AppFramework\Http + */ class RequestTest extends \Test\TestCase { /** @var string */ protected $stream = 'fakeinput://data'; /** @var ISecureRandom */ protected $secureRandom; + /** @var IConfig */ + protected $config; protected function setUp() { parent::setUp(); @@ -26,6 +36,7 @@ class RequestTest extends \Test\TestCase { stream_wrapper_register('fakeinput', 'RequestStream'); $this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(); + $this->config = $this->getMockBuilder('\OCP\IConfig')->getMock(); } protected function tearDown() { @@ -39,7 +50,12 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET', ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); // Countable $this->assertEquals(2, count($request)); @@ -66,7 +82,12 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET' ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); $this->assertEquals(3, count($request)); $this->assertEquals('Janey', $request->{'nickname'}); @@ -75,7 +96,7 @@ class RequestTest extends \Test\TestCase { /** - * @expectedException RuntimeException + * @expectedException \RuntimeException */ public function testImmutableArrayAccess() { $vars = array( @@ -83,12 +104,18 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET' ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $request['nickname'] = 'Janey'; } /** - * @expectedException RuntimeException + * @expectedException \RuntimeException */ public function testImmutableMagicAccess() { $vars = array( @@ -96,12 +123,18 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET' ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $request->{'nickname'} = 'Janey'; } /** - * @expectedException LogicException + * @expectedException \LogicException */ public function testGetTheMethodRight() { $vars = array( @@ -109,8 +142,14 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET', ); - $request = new Request($vars, $this->secureRandom, $this->stream); - $result = $request->post; + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + + $request->post; } public function testTheMethodIsRight() { @@ -119,7 +158,13 @@ class RequestTest extends \Test\TestCase { 'method' => 'GET', ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertEquals('GET', $request->method); $result = $request->get; $this->assertEquals('John Q. Public', $result['name']); @@ -134,7 +179,13 @@ class RequestTest extends \Test\TestCase { 'server' => array('CONTENT_TYPE' => 'application/json; utf-8') ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertEquals('POST', $request->method); $result = $request->post; $this->assertEquals('John Q. Public', $result['name']); @@ -152,7 +203,12 @@ class RequestTest extends \Test\TestCase { 'server' => array('CONTENT_TYPE' => 'application/x-www-form-urlencoded'), ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); $this->assertEquals('PATCH', $request->method); $result = $request->patch; @@ -171,7 +227,12 @@ class RequestTest extends \Test\TestCase { 'server' => array('CONTENT_TYPE' => 'application/json; utf-8'), ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); $this->assertEquals('PUT', $request->method); $result = $request->put; @@ -186,7 +247,12 @@ class RequestTest extends \Test\TestCase { 'server' => array('CONTENT_TYPE' => 'application/json; utf-8'), ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); $this->assertEquals('PATCH', $request->method); $result = $request->patch; @@ -205,7 +271,13 @@ class RequestTest extends \Test\TestCase { 'server' => array('CONTENT_TYPE' => 'image/png'), ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertEquals('PUT', $request->method); $resource = $request->put; $contents = stream_get_contents($resource); @@ -228,7 +300,12 @@ class RequestTest extends \Test\TestCase { 'urlParams' => array('id' => '2'), ); - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); $newParams = array('id' => '3', 'test' => 'test2'); $request->setUrlParameters($newParams); @@ -244,7 +321,13 @@ class RequestTest extends \Test\TestCase { ], ]; - $request = new Request($vars, $this->secureRandom, $this->stream); + $request = new Request( + $vars, + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertSame('GeneratedUniqueIdByModUnique', $request->getId()); } @@ -261,14 +344,695 @@ class RequestTest extends \Test\TestCase { ->method('getLowStrengthGenerator') ->will($this->returnValue($lowRandomSource)); - $request = new Request([], $this->secureRandom, $this->stream); + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertSame('GeneratedByOwnCloudItself', $request->getId()); } public function testGetIdWithoutModUniqueStable() { - $request = new Request([], \OC::$server->getSecureRandom(), $this->stream); + $request = new Request( + [], + \OC::$server->getSecureRandom(), + $this->config, + $this->stream + ); $firstId = $request->getId(); $secondId = $request->getId(); $this->assertSame($firstId, $secondId); } + + public function testGetRemoteAddressWithoutTrustedRemote() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('trusted_proxies') + ->will($this->returnValue([])); + + $request = new Request( + [ + 'server' => [ + 'REMOTE_ADDR' => '10.0.0.2', + 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4', + 'HTTP_X_FORWARDED_FOR' => '192.168.0.233' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('10.0.0.2', $request->getRemoteAddress()); + } + + public function testGetRemoteAddressWithNoTrustedHeader() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('trusted_proxies') + ->will($this->returnValue(['10.0.0.2'])); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('forwarded_for_headers') + ->will($this->returnValue([])); + + $request = new Request( + [ + 'server' => [ + 'REMOTE_ADDR' => '10.0.0.2', + 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4', + 'HTTP_X_FORWARDED_FOR' => '192.168.0.233' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('10.0.0.2', $request->getRemoteAddress()); + } + + public function testGetRemoteAddressWithSingleTrustedRemote() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('trusted_proxies') + ->will($this->returnValue(['10.0.0.2'])); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('forwarded_for_headers') + ->will($this->returnValue(['HTTP_X_FORWARDED'])); + + $request = new Request( + [ + 'server' => [ + 'REMOTE_ADDR' => '10.0.0.2', + 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4', + 'HTTP_X_FORWARDED_FOR' => '192.168.0.233' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('10.4.0.5', $request->getRemoteAddress()); + } + + public function testGetRemoteAddressVerifyPriorityHeader() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('trusted_proxies') + ->will($this->returnValue(['10.0.0.2'])); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('forwarded_for_headers') + ->will($this->returnValue([ + 'HTTP_CLIENT_IP', + 'HTTP_X_FORWARDED_FOR', + 'HTTP_X_FORWARDED' + ])); + + $request = new Request( + [ + 'server' => [ + 'REMOTE_ADDR' => '10.0.0.2', + 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4', + 'HTTP_X_FORWARDED_FOR' => '192.168.0.233' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('192.168.0.233', $request->getRemoteAddress()); + } + + public function testGetServerProtocolWithOverride() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('customProtocol')); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('overwritecondaddr') + ->will($this->returnValue('')); + $this->config + ->expects($this->at(2)) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('customProtocol')); + + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('customProtocol', $request->getServerProtocol()); + } + + public function testGetServerProtocolWithProtoValid() { + $this->config + ->expects($this->exactly(2)) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('')); + + $requestHttps = new Request( + [ + 'server' => [ + 'HTTP_X_FORWARDED_PROTO' => 'HtTpS' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + $requestHttp = new Request( + [ + 'server' => [ + 'HTTP_X_FORWARDED_PROTO' => 'HTTp' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + + $this->assertSame('https', $requestHttps->getServerProtocol()); + $this->assertSame('http', $requestHttp->getServerProtocol()); + } + + public function testGetServerProtocolWithHttpsServerValueOn() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('')); + + $request = new Request( + [ + 'server' => [ + 'HTTPS' => 'on' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertSame('https', $request->getServerProtocol()); + } + + public function testGetServerProtocolWithHttpsServerValueOff() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('')); + + $request = new Request( + [ + 'server' => [ + 'HTTPS' => 'off' + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertSame('http', $request->getServerProtocol()); + } + + public function testGetServerProtocolDefault() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('overwriteprotocol') + ->will($this->returnValue('')); + + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + $this->assertSame('http', $request->getServerProtocol()); + } + + /** + * @dataProvider userAgentProvider + * @param string $testAgent + * @param array $userAgent + * @param bool $matches + */ + public function testUserAgent($testAgent, $userAgent, $matches) { + $request = new Request( + [ + 'server' => [ + 'HTTP_USER_AGENT' => $testAgent, + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals($matches, $request->isUserAgent($userAgent)); + } + + /** + * @return array + */ + function userAgentProvider() { + return [ + [ + 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)', + [ + Request::USER_AGENT_IE + ], + true, + ], + [ + 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0', + [ + Request::USER_AGENT_IE + ], + false, + ], + [ + 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36', + [ + Request::USER_AGENT_ANDROID_MOBILE_CHROME + ], + true, + ], + [ + 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)', + [ + Request::USER_AGENT_ANDROID_MOBILE_CHROME + ], + false, + ], + [ + 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)', + [ + Request::USER_AGENT_IE, + Request::USER_AGENT_ANDROID_MOBILE_CHROME, + ], + true, + ], + [ + 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36', + [ + Request::USER_AGENT_IE, + Request::USER_AGENT_ANDROID_MOBILE_CHROME, + ], + true, + ], + [ + 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0', + [ + Request::USER_AGENT_FREEBOX + ], + false, + ], + [ + 'Mozilla/5.0', + [ + Request::USER_AGENT_FREEBOX + ], + true, + ], + [ + 'Fake Mozilla/5.0', + [ + Request::USER_AGENT_FREEBOX + ], + false, + ], + ]; + } + + public function testInsecureServerHostServerNameHeader() { + $request = new Request( + [ + 'server' => [ + 'SERVER_NAME' => 'from.server.name:8080', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('from.server.name:8080', $request->getInsecureServerHost()); + } + + public function testInsecureServerHostHttpHostHeader() { + $request = new Request( + [ + 'server' => [ + 'SERVER_NAME' => 'from.server.name:8080', + 'HTTP_HOST' => 'from.host.header:8080', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('from.host.header:8080', $request->getInsecureServerHost()); + } + + public function testInsecureServerHostHttpFromForwardedHeaderSingle() { + $request = new Request( + [ + 'server' => [ + 'SERVER_NAME' => 'from.server.name:8080', + 'HTTP_HOST' => 'from.host.header:8080', + 'HTTP_X_FORWARDED_HOST' => 'from.forwarded.host:8080', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('from.forwarded.host:8080', $request->getInsecureServerHost()); + } + + public function testInsecureServerHostHttpFromForwardedHeaderStacked() { + $request = new Request( + [ + 'server' => [ + 'SERVER_NAME' => 'from.server.name:8080', + 'HTTP_HOST' => 'from.host.header:8080', + 'HTTP_X_FORWARDED_HOST' => 'from.forwarded.host2:8080,another.one:9000', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('from.forwarded.host2:8080', $request->getInsecureServerHost()); + } + + public function testGetServerHost() { + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('localhost', $request->getServerHost()); + } + + public function testGetOverwriteHostDefaultNull() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('')); + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertNull(\Test_Helper::invokePrivate($request, 'getOverwriteHost')); + } + + public function testGetOverwriteHostWithOverwrite() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('www.owncloud.org')); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('overwritecondaddr') + ->will($this->returnValue('')); + $this->config + ->expects($this->at(2)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('www.owncloud.org')); + + $request = new Request( + [], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('www.owncloud.org', \Test_Helper::invokePrivate($request, 'getOverwriteHost')); + } + + public function testGetPathInfoWithSetEnv() { + $request = new Request( + [ + 'server' => [ + 'PATH_INFO' => 'apps/files/', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('apps/files/', $request->getPathInfo()); + } + + /** + * @expectedException \Exception + * @expectedExceptionMessage The requested uri(/foo.php) cannot be processed by the script '/var/www/index.php') + */ + public function testGetPathInfoNotProcessible() { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => '/foo.php', + 'SCRIPT_NAME' => '/var/www/index.php', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $request->getPathInfo(); + } + + /** + * @expectedException \Exception + * @expectedExceptionMessage The requested uri(/foo.php) cannot be processed by the script '/var/www/index.php') + */ + public function testGetRawPathInfoNotProcessible() { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => '/foo.php', + 'SCRIPT_NAME' => '/var/www/index.php', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $request->getRawPathInfo(); + } + + /** + * @dataProvider genericPathInfoProvider + * @param string $requestUri + * @param string $scriptName + * @param string $expected + */ + public function testGetPathInfoWithoutSetEnvGeneric($requestUri, $scriptName, $expected) { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => $requestUri, + 'SCRIPT_NAME' => $scriptName, + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals($expected, $request->getPathInfo()); + } + + /** + * @dataProvider genericPathInfoProvider + * @param string $requestUri + * @param string $scriptName + * @param string $expected + */ + public function testGetRawPathInfoWithoutSetEnvGeneric($requestUri, $scriptName, $expected) { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => $requestUri, + 'SCRIPT_NAME' => $scriptName, + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals($expected, $request->getRawPathInfo()); + } + + /** + * @dataProvider rawPathInfoProvider + * @param string $requestUri + * @param string $scriptName + * @param string $expected + */ + public function testGetRawPathInfoWithoutSetEnv($requestUri, $scriptName, $expected) { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => $requestUri, + 'SCRIPT_NAME' => $scriptName, + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals($expected, $request->getRawPathInfo()); + } + + /** + * @dataProvider pathInfoProvider + * @param string $requestUri + * @param string $scriptName + * @param string $expected + */ + public function testGetPathInfoWithoutSetEnv($requestUri, $scriptName, $expected) { + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => $requestUri, + 'SCRIPT_NAME' => $scriptName, + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals($expected, $request->getPathInfo()); + } + + /** + * @return array + */ + public function genericPathInfoProvider() { + return [ + ['/index.php/apps/files/', 'index.php', '/apps/files/'], + ['/index.php/apps/files/../&/&?someQueryParameter=QueryParam', 'index.php', '/apps/files/../&/&'], + ['/remote.php/漢字編碼方法 / 汉字编码方法', 'remote.php', '/漢字編碼方法 / 汉字编码方法'], + ['///removeTrailin//gSlashes///', 'remote.php', '/removeTrailin/gSlashes/'], + ['/', '/', ''], + ['', '', ''], + ]; + } + + /** + * @return array + */ + public function rawPathInfoProvider() { + return [ + ['/foo%2Fbar/subfolder', '', 'foo%2Fbar/subfolder'], + ]; + } + + /** + * @return array + */ + public function pathInfoProvider() { + return [ + ['/foo%2Fbar/subfolder', '', 'foo/bar/subfolder'], + ]; + } + + public function testGetRequestUriWithoutOverwrite() { + $this->config + ->expects($this->once()) + ->method('getSystemValue') + ->with('overwritewebroot') + ->will($this->returnValue('')); + + $request = new Request( + [ + 'server' => [ + 'REQUEST_URI' => '/test.php' + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertSame('/test.php', $request->getRequestUri()); + } + + public function testGetRequestUriWithOverwrite() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritewebroot') + ->will($this->returnValue('/owncloud/')); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('overwritecondaddr') + ->will($this->returnValue('')); + + $request = $this->getMockBuilder('\OC\AppFramework\Http\Request') + ->setMethods(['getScriptName']) + ->setConstructorArgs([ + [ + 'server' => [ + 'REQUEST_URI' => '/test.php/some/PathInfo', + 'SCRIPT_NAME' => '/test.php', + ] + ], + $this->secureRandom, + $this->config, + $this->stream + ]) + ->getMock(); + $request + ->expects($this->once()) + ->method('getScriptName') + ->will($this->returnValue('/scriptname.php')); + + $this->assertSame('/scriptname.php/some/PathInfo', $request->getRequestUri()); + } } diff --git a/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php b/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php index 078543c7b59..a8731525798 100644 --- a/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php +++ b/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php @@ -132,7 +132,8 @@ class MiddlewareDispatcherTest extends \Test\TestCase { ['app', new Request( ['method' => 'GET'], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ) ] ); diff --git a/tests/lib/appframework/middleware/MiddlewareTest.php b/tests/lib/appframework/middleware/MiddlewareTest.php index fcc0c300a8a..33f04e1383d 100644 --- a/tests/lib/appframework/middleware/MiddlewareTest.php +++ b/tests/lib/appframework/middleware/MiddlewareTest.php @@ -26,7 +26,7 @@ namespace OC\AppFramework; use OC\AppFramework\Http\Request; use OCP\AppFramework\Middleware; - +use OCP\AppFramework\Http\Response; class ChildMiddleware extends Middleware {}; @@ -40,6 +40,8 @@ class MiddlewareTest extends \Test\TestCase { private $controller; private $exception; private $api; + /** @var Response */ + private $response; protected function setUp(){ parent::setUp(); @@ -56,7 +58,11 @@ class MiddlewareTest extends \Test\TestCase { [], [ $this->api, - new Request([], $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()) + new Request( + [], + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') + ) ] ); $this->exception = new \Exception(); diff --git a/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php b/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php index 57a7c524abe..a4f3137cb11 100644 --- a/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php +++ b/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php @@ -37,7 +37,8 @@ class CORSMiddlewareTest extends \Test\TestCase { 'HTTP_ORIGIN' => 'test' ] ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector); @@ -55,7 +56,8 @@ class CORSMiddlewareTest extends \Test\TestCase { 'HTTP_ORIGIN' => 'test' ] ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $middleware = new CORSMiddleware($request, $this->reflector); @@ -69,7 +71,11 @@ class CORSMiddlewareTest extends \Test\TestCase { * @CORS */ public function testNoOriginHeaderNoCORSHEADER() { - $request = new Request([], $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()); + $request = new Request( + [], + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') + ); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector); @@ -90,14 +96,15 @@ class CORSMiddlewareTest extends \Test\TestCase { 'HTTP_ORIGIN' => 'test' ] ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector); $response = new Response(); $response->addHeader('AcCess-control-Allow-Credentials ', 'TRUE'); - $response = $middleware->afterController($this, __FUNCTION__, $response); + $middleware->afterController($this, __FUNCTION__, $response); } } diff --git a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php index 3acba7ce1d8..347a0423ea6 100644 --- a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php +++ b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php @@ -321,7 +321,8 @@ class SecurityMiddlewareTest extends \Test\TestCase { 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp' ] ], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMock('\OCP\Security\ISecureRandom'), + $this->getMock('\OCP\IConfig') ); $this->middleware = $this->getMiddleware(true, true); $response = $this->middleware->afterException($this->controller, 'test', diff --git a/tests/lib/appframework/middleware/sessionmiddlewaretest.php b/tests/lib/appframework/middleware/sessionmiddlewaretest.php index c417225d908..11c1600f515 100644 --- a/tests/lib/appframework/middleware/sessionmiddlewaretest.php +++ b/tests/lib/appframework/middleware/sessionmiddlewaretest.php @@ -35,7 +35,8 @@ class SessionMiddlewareTest extends \Test\TestCase { $this->request = new Request( [], - $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock() + $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), + $this->getMock('\OCP\IConfig') ); $this->reflector = new ControllerMethodReflector(); } |