public function matchRequestReturnsFalseIfTheTargetActionIsNotMentionedInThePolicy()
{
$controllerObjectName = 'SomeControllerObjectName';
$controllerActionName = 'list';
$httpRequest = Request::create(new Uri('http://localhost'), 'POST');
$this->mockActionRequest->expects($this->atLeastOnce())->method('getControllerObjectName')->will($this->returnValue($controllerObjectName));
$this->mockActionRequest->expects($this->once())->method('getControllerActionName')->will($this->returnValue($controllerActionName));
$this->mockActionRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest));
$mockAuthenticationManager = $this->getMockBuilder(AuthenticationManagerInterface::class)->disableOriginalConstructor()->getMock();
$mockAuthenticationManager->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true));
$mockObjectManager = $this->createMock(ObjectManagerInterface::class);
$mockObjectManager->expects($this->once())->method('getClassNameByObjectName')->with($controllerObjectName)->will($this->returnValue($controllerObjectName));
$mockPolicyService = $this->createMock(Security\Policy\PolicyService::class);
$mockPolicyService->expects($this->once())->method('getAllPrivilegesByType')->will($this->returnValue([]));
$mockSecurityContext = $this->createMock(Security\Context::class);
$mockCsrfProtectionPattern = $this->getAccessibleMock(Security\RequestPattern\CsrfProtection::class, ['dummy']);
$mockCsrfProtectionPattern->_set('authenticationManager', $mockAuthenticationManager);
$mockCsrfProtectionPattern->_set('objectManager', $mockObjectManager);
$mockCsrfProtectionPattern->_set('policyService', $mockPolicyService);
$mockCsrfProtectionPattern->_set('securityContext', $mockSecurityContext);
$mockCsrfProtectionPattern->_set('systemLogger', $this->mockSystemLogger);
$this->assertFalse($mockCsrfProtectionPattern->matchRequest($this->mockActionRequest));
}