Skip to content

Commit

Permalink
[BUGFIX] Disable authorization checks in functional tests
Browse files Browse the repository at this point in the history 
This adjusts the ``FunctionalTestCase`` base class to disable
authorization checks if the ``testableSecurityEnabled`` is not set.

Background:
If security is not enable for functional tests, the
``Security\\Context`` is not initialized. This leads to exceptions in
case the ``PolicyEnforcement`` kicks in. Because functional tests
inherit the configuration of the default contexts, this happens very
likely, especially when making use of node related privileges in Neos
sites.

Change-Id: Ie5977200368f65734a6b271357ef21306912cb62
Related: NEOS-5
Releases: master, 3.0
Original-Commit-Hash: 638d25cc9c09b7173f56f1e8e14d1e4f18562afd
  • Loading branch information
Bastian Waidelich committed Apr 24, 2015
1 parent 0b057c9 commit b9c89e3
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 25 deletions.
1 change: 1 addition & 0 deletions TYPO3.Flow/Classes/TYPO3/Flow/Security/Context.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -647,6 +647,7 @@ public function clearContext() {
$this->request = NULL;
$this->csrfProtectionTokens = array();
$this->interceptedRequest = NULL;
$this->authorizationChecksDisabled = FALSE;
$this->initialized = FALSE;
}

Expand Down
53 changes: 28 additions & 25 deletions TYPO3.Flow/Tests/FunctionalTestCase.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,7 @@ public function setUp() {
$session->destroy(sprintf('assure that session is fresh, in setUp() method of functional test %s.', get_class($this) . '::' . $this->getName()));
}

if ($this->testableSecurityEnabled === TRUE) {
$this->setupSecurity();
}
$this->setupSecurity();
}

/**
Expand All @@ -175,30 +173,34 @@ public function setUp() {
* @return void
*/
protected function setupSecurity() {
$this->privilegeManager = $this->objectManager->get('TYPO3\Flow\Security\Authorization\TestingPrivilegeManager');
$this->privilegeManager->setOverrideDecision(NULL);
$this->securityContext = $this->objectManager->get('TYPO3\Flow\Security\Context');
if ($this->testableSecurityEnabled) {
$this->privilegeManager = $this->objectManager->get('TYPO3\Flow\Security\Authorization\TestingPrivilegeManager');
$this->privilegeManager->setOverrideDecision(NULL);

$this->policyService = $this->objectManager->get('TYPO3\Flow\Security\Policy\PolicyService');
$this->policyService = $this->objectManager->get('TYPO3\Flow\Security\Policy\PolicyService');

$this->authenticationManager = $this->objectManager->get('TYPO3\Flow\Security\Authentication\AuthenticationProviderManager');
$this->authenticationManager = $this->objectManager->get('TYPO3\Flow\Security\Authentication\AuthenticationProviderManager');

$this->testingProvider = $this->objectManager->get('TYPO3\Flow\Security\Authentication\Provider\TestingProvider');
$this->testingProvider->setName('TestingProvider');
$this->testingProvider = $this->objectManager->get('TYPO3\Flow\Security\Authentication\Provider\TestingProvider');
$this->testingProvider->setName('TestingProvider');

$this->registerRoute('functionaltestroute', 'typo3/flow/test', array(
'@package' => 'TYPO3.Flow',
'@subpackage' => 'Tests\Functional\Mvc\Fixtures',
'@controller' => 'Standard',
'@action' => 'index',
'@format' => 'html'
));
$this->registerRoute('functionaltestroute', 'typo3/flow/test', array(
'@package' => 'TYPO3.Flow',
'@subpackage' => 'Tests\Functional\Mvc\Fixtures',
'@controller' => 'Standard',
'@action' => 'index',
'@format' => 'html'
));

$requestHandler = self::$bootstrap->getActiveRequestHandler();
$actionRequest = $this->route($requestHandler->getHttpRequest());
$requestHandler = self::$bootstrap->getActiveRequestHandler();
$actionRequest = $this->route($requestHandler->getHttpRequest());

$this->securityContext = $this->objectManager->get('TYPO3\Flow\Security\Context');
$this->securityContext->clearContext();
$this->securityContext->setRequest($actionRequest);
$this->securityContext->clearContext();
$this->securityContext->setRequest($actionRequest);
} else {
\TYPO3\Flow\Reflection\ObjectAccess::setProperty($this->securityContext, 'authorizationChecksDisabled', TRUE, TRUE);
}
}

/**
Expand Down Expand Up @@ -227,9 +229,7 @@ protected function route(Request $httpRequest) {
* @return void
*/
public function tearDown() {
if ($this->testableSecurityEnabled === TRUE) {
$this->tearDownSecurity();
}
$this->tearDownSecurity();

$persistenceManager = self::$bootstrap->getObjectManager()->get('TYPO3\Flow\Persistence\PersistenceManagerInterface');

Expand Down Expand Up @@ -273,7 +273,10 @@ protected function tearDownSecurity() {
if ($this->securityContext !== NULL) {
$this->securityContext->clearContext();
}
\TYPO3\Flow\Reflection\ObjectAccess::setProperty($this->authenticationManager, 'isAuthenticated', NULL, TRUE);
if ($this->authenticationManager !== NULL) {
\TYPO3\Flow\Reflection\ObjectAccess::setProperty($this->authenticationManager, 'isAuthenticated', NULL, TRUE);
}

}

/**
Expand Down

0 comments on commit b9c89e3

Please sign in to comment.