Neos\Flow\Tests\Unit\Security\ContextTest::csrfProtectionStrategies PHP Метод

Документация по классу ContextTest Показать файл Открыть проект

csrfProtectionStrategies() публичный Метод

Data provider for CSRF protection strategy settings

public csrfProtectionStrategies ( ) : array
Результат	array

    public function csrfProtectionStrategies()
    {
        $data = [];
        $settings = [];
        $settings['security']['csrf']['csrfStrategy'] = 'onePerRequest';
        $data[] = [$settings, Context::CSRF_ONE_PER_REQUEST];
        $settings['security']['csrf']['csrfStrategy'] = 'onePerSession';
        $data[] = [$settings, Context::CSRF_ONE_PER_SESSION];
        $settings['security']['csrf']['csrfStrategy'] = 'onePerUri';
        $data[] = [$settings, Context::CSRF_ONE_PER_URI];
        return $data;
    }

ContextTest

authenticationStrategies

authenticationStrategyIsSetCorrectlyFromConfiguration

authorizationChecksAreEnabledByDefault

csrfProtectionStrategies

csrfProtectionStrategyIsSetCorrectlyFromConfiguration

currentRequestIsSetInTheSecurityContext

getAccountByAuthenticationProviderNameReturnsNullIfNoAccountFound

getAccountByAuthenticationProviderNameReturnsTheAuthenticatedAccountWithGivenProviderName

getAccountReturnsTheAccountAttachedToTheFirstAuthenticatedToken

getContextHashInitializesSecurityContext

getContextHashReturnsAHashOverAllAuthenticatedRoles

getContextHashReturnsStaticStringIfAuthorizationChecksAreDisabled

getContextHashReturnsStaticStringIfSecurityContextCantBeInitialized

getCsrfProtectionTokenReturnsANewTokenIfNoneIsPresentInTheContext

getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri

getRolesReturnsTheAnonymousRoleIfNoTokenIsAuthenticated

getRolesReturnsTheAuthenticatedUserRoleIfATokenIsAuthenticated

getRolesReturnsTheCorrectRoles

getRolesReturnsTheEverybodyRoleEvenIfNoTokenIsAuthenticated

getRolesTakesInheritanceOfRolesIntoAccount

hasRoleReturnsFalseForAnonymousRoleIfAuthenticated

hasRoleReturnsTrueForAnonymousRoleIfNotAuthenticated

hasRoleReturnsTrueForEverybodyRole

hasRoleWorksWithRecursiveRoles

initializeCallsUpdateCredentialsOnAllActiveTokens

initializeSeparatesActiveAndInactiveTokens

initializeUpdatesAndSeparatesActiveAndInactiveTokensCorrectly

injectAuthenticationManagerSetsAReferenceToTheSecurityContextInTheAuthenticationManager

invalidAuthenticationStrategyFromConfigurationThrowsException

invalidCsrfProtectionStrategyFromConfigurationThrowsException

isCsrfProtectionTokenValidChecksIfTheGivenTokenIsExistingInTheContext

isCsrfProtectionTokenValidChecksIfTheGivenTokenIsExistingInTheContextAndUnsetsItIfTheCsrfStrategyIsOnePerUri

securityContextCallsTheAuthenticationManagerToSetItsTokens

securityContextIsNotInitializedAgainIfItHasBeenInitializedAlready

securityContextIsSetToInitialized

separateActiveAndInactiveTokensDataProvider

separateActiveAndInactiveTokensTests

tokenFromAnAuthenticationManagerIsReplacedIfThereIsOneOfTheSameTypeInTheSession

withoutAuthorizationChecksDisabledAuthorizationChecks

withoutAuthorizationChecksReactivatesAuthorizationCheckCorrectlyWhenCalledNested

withoutAuthorizationChecksReactivatesAuthorizationChecksAfterClosureInvocation

withoutAuthorizationChecksReactivatesAuthorizationChecksAfterClosureInvocationIfClosureThrowsException