mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 14:27:22 +01:00
2e00d01db4
This reverses the references used for global $USER and $SESSION, the reason is that PHP does not allow references to references. $USER is a reference to $GLOBALS['USER'] which means we cannot put any references to it. Solution is to store the current user and session objects in $GLOBALS['USER'] and $GLOBALS['SESSIOn'] are reference them in $_SESSION. This patch makes the session code behave the same way in CLI, phpunit and normal web requests - this allows use to finally unit test most aspects of the session code in Moodle.
230 lines
9.0 KiB
PHP
230 lines
9.0 KiB
PHP
<?php
|
|
// This file is part of Moodle - http://moodle.org/
|
|
//
|
|
// Moodle is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Moodle is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
/**
|
|
* Unit tests for sessionlib.php file.
|
|
*
|
|
* @package core
|
|
* @category phpunit
|
|
* @author Petr Skoda <petr.skoda@totaralms.com>
|
|
* @copyright 2014 Totara Learning Solutions Ltd {@link http://www.totaralms.com/}
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
*/
|
|
|
|
defined('MOODLE_INTERNAL') || die();
|
|
|
|
/**
|
|
* Unit tests for sessionlib.php file.
|
|
*
|
|
* @package core
|
|
* @category phpunit
|
|
* @author Petr Skoda <petr.skoda@totaralms.com>
|
|
* @copyright 2014 Totara Learning Solutions Ltd {@link http://www.totaralms.com/}
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
*/
|
|
class core_sessionlib_testcase extends advanced_testcase {
|
|
public function test_cron_setup_user() {
|
|
global $PAGE, $USER, $SESSION, $SITE, $CFG;
|
|
$this->resetAfterTest();
|
|
|
|
// NOTE: this function contains some static caches, let's reset first.
|
|
cron_setup_user('reset');
|
|
|
|
$admin = get_admin();
|
|
$user1 = $this->getDataGenerator()->create_user();
|
|
$user2 = $this->getDataGenerator()->create_user();
|
|
$course = $this->getDataGenerator()->create_course();
|
|
|
|
cron_setup_user();
|
|
$this->assertSame($admin->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertSame($CFG->timezone, $USER->timezone);
|
|
$this->assertSame('', $USER->lang);
|
|
$this->assertSame('', $USER->theme);
|
|
$SESSION->test1 = true;
|
|
$adminsession = $SESSION;
|
|
$adminuser = $USER;
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user(null, $course);
|
|
$this->assertSame($admin->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($course->id));
|
|
$this->assertSame($adminsession, $SESSION);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user($user1);
|
|
$this->assertSame($user1->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertObjectNotHasAttribute('test1', $SESSION);
|
|
$this->assertEmpty((array)$SESSION);
|
|
$usersession1 = $SESSION;
|
|
$SESSION->test2 = true;
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user($user1);
|
|
$this->assertSame($user1->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertSame($usersession1, $SESSION);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user($user2);
|
|
$this->assertSame($user2->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertNotSame($usersession1, $SESSION);
|
|
$this->assertEmpty((array)$SESSION);
|
|
$usersession2 = $SESSION;
|
|
$usersession2->test3 = true;
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user($user2, $course);
|
|
$this->assertSame($user2->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($course->id));
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertNotSame($usersession1, $SESSION);
|
|
$this->assertSame($usersession2, $SESSION);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user($user1);
|
|
$this->assertSame($user1->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertNotSame($usersession1, $SESSION);
|
|
$this->assertEmpty((array)$SESSION);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user();
|
|
$this->assertSame($admin->id, $USER->id);
|
|
$this->assertSame($PAGE->context, context_course::instance($SITE->id));
|
|
$this->assertSame($adminsession, $SESSION);
|
|
$this->assertSame($adminuser, $USER);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user('reset');
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
cron_setup_user();
|
|
$this->assertNotSame($adminsession, $SESSION);
|
|
$this->assertNotSame($adminuser, $USER);
|
|
$this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
|
|
$this->assertSame($GLOBALS['SESSION'], $SESSION);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
}
|
|
|
|
public function test_sesskey() {
|
|
global $USER;
|
|
$this->resetAfterTest();
|
|
|
|
$user = $this->getDataGenerator()->create_user();
|
|
|
|
\core\session\manager::init_empty_session();
|
|
$this->assertObjectNotHasAttribute('sesskey', $USER);
|
|
|
|
$sesskey = sesskey();
|
|
$this->assertNotEmpty($sesskey);
|
|
$this->assertSame($sesskey, $USER->sesskey);
|
|
$this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
|
|
$this->assertSame($GLOBALS['USER'], $USER);
|
|
|
|
$this->assertSame($sesskey, sesskey());
|
|
|
|
// Test incomplete session init - the sesskeys should return random values.
|
|
$_SESSION = array();
|
|
unset($GLOBALS['USER']);
|
|
unset($GLOBALS['SESSION']);
|
|
|
|
$this->assertFalse(sesskey());
|
|
$this->assertArrayNotHasKey('USER', $GLOBALS);
|
|
$this->assertFalse(sesskey());
|
|
}
|
|
|
|
public function test_confirm_sesskey() {
|
|
$this->resetAfterTest();
|
|
|
|
$sesskey = sesskey();
|
|
|
|
try {
|
|
confirm_sesskey();
|
|
$this->fail('Exception expected when sesskey not present');
|
|
} catch (moodle_exception $e) {
|
|
$this->assertSame('missingparam', $e->errorcode);
|
|
}
|
|
|
|
$this->assertTrue(confirm_sesskey($sesskey));
|
|
$this->assertFalse(confirm_sesskey('blahblah'));
|
|
|
|
$_GET['sesskey'] = $sesskey;
|
|
$this->assertTrue(confirm_sesskey());
|
|
|
|
$_GET['sesskey'] = 'blah';
|
|
$this->assertFalse(confirm_sesskey());
|
|
}
|
|
|
|
public function test_require_sesskey() {
|
|
$this->resetAfterTest();
|
|
|
|
$sesskey = sesskey();
|
|
|
|
try {
|
|
require_sesskey();
|
|
$this->fail('Exception expected when sesskey not present');
|
|
} catch (moodle_exception $e) {
|
|
$this->assertSame('missingparam', $e->errorcode);
|
|
}
|
|
|
|
$_GET['sesskey'] = $sesskey;
|
|
require_sesskey();
|
|
|
|
$_GET['sesskey'] = 'blah';
|
|
try {
|
|
require_sesskey();
|
|
$this->fail('Exception expected when sesskey not incorrect');
|
|
} catch (moodle_exception $e) {
|
|
$this->assertSame('invalidsesskey', $e->errorcode);
|
|
}
|
|
}
|
|
}
|