test: add test back again

DeepDiver1975 · DeepDiver1975 · commit 0e58c58bd772 · 2023-08-04T10:19:13.000+02:00
diff --git a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
@@ -20,7 +20,7 @@
  *
  */
 
-namespace Test\AppFramework\Middleware\Security;
+namespace lib\AppFramework\Middleware\Security;
 
 use OC\AppFramework\Http;
 use OC\AppFramework\Http\Request;
@@ -40,6 +40,7 @@
 use OCP\ISession;
 use OCP\AppFramework\Controller;
 use OCP\IUserSession;
+use ReflectionException;
 use Test\TestCase;
 use OCP\AppFramework\Http\Response;
 use OCP\IConfig;
@@ -51,7 +52,7 @@
 use OCP\ILogger;
 use OC\OCS\Result;
 
-class SecurityMiddlewareTest extends TestCase {
+class SecurityMiddlewareTest1 extends TestCase {
 
 	/** @var SecurityMiddleware */
 	private $middleware;
@@ -136,7 +137,7 @@ private function getMiddleware($isLoggedIn, $isAdminUser) {
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testSetNavigationEntry() {
 		$this->navigationManager->expects($this->once())
@@ -151,7 +152,7 @@ public function testSetNavigationEntry() {
 	 * @param string $method
 	 * @param string $test
 	 * @param $status
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	private function ajaxExceptionStatus($method, $test, $status) {
 		$isLoggedIn = false;
@@ -179,7 +180,7 @@ private function ajaxExceptionStatus($method, $test, $status) {
 	}
 
 	/**
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testAjaxStatusLoggedInCheck() {
 		$this->ajaxExceptionStatus(
@@ -191,7 +192,7 @@ public function testAjaxStatusLoggedInCheck() {
 
 	/**
 	 * @NoCSRFRequired
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testAjaxNotAdminCheck() {
 		$this->ajaxExceptionStatus(
@@ -203,7 +204,7 @@ public function testAjaxNotAdminCheck() {
 
 	/**
 	 * @PublicPage
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testAjaxStatusCSRFCheck() {
 		$this->ajaxExceptionStatus(
@@ -216,10 +217,7 @@ public function testAjaxStatusCSRFCheck() {
 	/**
 	 * @PublicPage
 	 * @NoCSRFRequired
-	 * @throws \ReflectionException
-	 * @throws \ReflectionException
-	 * @throws \ReflectionException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testAjaxStatusAllGood() {
 		$this->ajaxExceptionStatus(
@@ -248,7 +246,7 @@ public function testAjaxStatusAllGood() {
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testNoChecks() {
 		$this->request->expects($this->never())
@@ -266,7 +264,7 @@ public function testNoChecks() {
 	 * @param string $expects
 	 * @param bool $shouldFail
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	private function securityCheck($method, $expects, $shouldFail=false) {
 		// admin check requires login
@@ -293,10 +291,10 @@ private function securityCheck($method, $expects, $shouldFail=false) {
 	/**
 	 * @PublicPage
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testCsrfCheck() {
-		$this->expectException(\OC\AppFramework\Middleware\Security\Exceptions\CrossSiteRequestForgeryException::class);
+		$this->expectException(CrossSiteRequestForgeryException::class);
 
 		$this->request->expects($this->once())
 			->method('passesCSRFCheck')
@@ -310,7 +308,7 @@ public function testCsrfCheck() {
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testNoCsrfCheck() {
 		$this->request->expects($this->never())
@@ -324,7 +322,7 @@ public function testNoCsrfCheck() {
 	/**
 	 * @PublicPage
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testFailCsrfCheck() {
 		$this->request->expects($this->once())
@@ -335,11 +333,29 @@ public function testFailCsrfCheck() {
 		$this->middleware->beforeController(__CLASS__, __FUNCTION__);
 	}
 
+	/**
+	 * @PublicPage
+	 * @throws SecurityException
+	 * @throws ReflectionException
+	 */
+	public function testFailCsrfCheckWithoutAuthHeader(): void {
+		$this->expectException(CrossSiteRequestForgeryException::class);
+		$this->request->expects($this->once())
+			->method('passesCSRFCheck')
+			->willReturn(false);
+		$this->request
+			->method('getHeader')
+			->willReturn('');
+
+		$this->reader->reflect(__CLASS__, __FUNCTION__);
+		$this->middleware->beforeController(__CLASS__, __FUNCTION__);
+	}
+
 	/**
 	 * @NoCSRFRequired
 	 * @NoAdminRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testLoggedInCheck() {
 		$this->securityCheck(__FUNCTION__, 'isLoggedIn');
@@ -349,7 +365,7 @@ public function testLoggedInCheck() {
 	 * @NoCSRFRequired
 	 * @NoAdminRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testFailLoggedInCheck() {
 		$this->securityCheck(__FUNCTION__, 'isLoggedIn', true);
@@ -358,7 +374,7 @@ public function testFailLoggedInCheck() {
 	/**
 	 * @NoCSRFRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testIsAdminCheck() {
 		$this->securityCheck(__FUNCTION__, 'isAdminUser');
@@ -367,7 +383,7 @@ public function testIsAdminCheck() {
 	/**
 	 * @NoCSRFRequired
 	 * @throws SecurityException
-	 * @throws \ReflectionException
+	 * @throws ReflectionException
 	 */
 	public function testFailIsAdminCheck() {
 		$this->securityCheck(__FUNCTION__, 'isAdminUser', true);
