|
0
|
1 |
<?php |
|
|
2 |
|
|
|
3 |
/* |
|
|
4 |
* This file is part of the Symfony framework. |
|
|
5 |
* |
|
|
6 |
* (c) Fabien Potencier <fabien@symfony.com> |
|
|
7 |
* |
|
|
8 |
* This source file is subject to the MIT license that is bundled |
|
|
9 |
* with this source code in the file LICENSE. |
|
|
10 |
*/ |
|
|
11 |
|
|
|
12 |
namespace Symfony\Bundle\SecurityBundle\Tests\Functional; |
|
|
13 |
|
|
|
14 |
class SecurityRoutingIntegrationTest extends WebTestCase |
|
|
15 |
{ |
|
|
16 |
/** |
|
|
17 |
* @dataProvider getConfigs |
|
|
18 |
*/ |
|
|
19 |
public function testRoutingErrorIsNotExposedForProtectedResourceWhenAnonymous($config) |
|
|
20 |
{ |
|
|
21 |
$client = $this->createClient(array('test_case' => 'StandardFormLogin', 'root_config' => $config)); |
|
|
22 |
$client->insulate(); |
|
|
23 |
$client->request('GET', '/protected_resource'); |
|
|
24 |
|
|
|
25 |
$this->assertRedirect($client->getResponse(), '/login'); |
|
|
26 |
} |
|
|
27 |
|
|
|
28 |
/** |
|
|
29 |
* @dataProvider getConfigs |
|
|
30 |
*/ |
|
|
31 |
public function testRoutingErrorIsExposedWhenNotProtected($config) |
|
|
32 |
{ |
|
|
33 |
$client = $this->createClient(array('test_case' => 'StandardFormLogin', 'root_config' => $config)); |
|
|
34 |
$client->insulate(); |
|
|
35 |
$client->request('GET', '/unprotected_resource'); |
|
|
36 |
|
|
|
37 |
$this->assertEquals(404, $client->getResponse()->getStatusCode(), (string) $client->getResponse()); |
|
|
38 |
} |
|
|
39 |
|
|
|
40 |
/** |
|
|
41 |
* @dataProvider getConfigs |
|
|
42 |
*/ |
|
|
43 |
public function testRoutingErrorIsNotExposedForProtectedResourceWhenLoggedInWithInsufficientRights($config) |
|
|
44 |
{ |
|
|
45 |
$client = $this->createClient(array('test_case' => 'StandardFormLogin', 'root_config' => $config)); |
|
|
46 |
$client->insulate(); |
|
|
47 |
|
|
|
48 |
$form = $client->request('GET', '/login')->selectButton('login')->form(); |
|
|
49 |
$form['_username'] = 'johannes'; |
|
|
50 |
$form['_password'] = 'test'; |
|
|
51 |
$client->submit($form); |
|
|
52 |
|
|
|
53 |
$client->request('GET', '/highly_protected_resource'); |
|
|
54 |
|
|
|
55 |
$this->assertNotEquals(404, $client->getResponse()->getStatusCode()); |
|
|
56 |
} |
|
|
57 |
|
|
|
58 |
public function getConfigs() |
|
|
59 |
{ |
|
|
60 |
return array(array('config.yml'), array('routes_as_path.yml')); |
|
|
61 |
} |
|
|
62 |
|
|
|
63 |
protected function setUp() |
|
|
64 |
{ |
|
|
65 |
parent::setUp(); |
|
|
66 |
|
|
|
67 |
$this->deleteTmpDir('StandardFormLogin'); |
|
|
68 |
} |
|
|
69 |
|
|
|
70 |
protected function tearDown() |
|
|
71 |
{ |
|
|
72 |
parent::tearDown(); |
|
|
73 |
|
|
|
74 |
$this->deleteTmpDir('StandardFormLogin'); |
|
|
75 |
} |
|
|
76 |
} |