Martin Renvoize
3d648da398
Test plan: Run t/Output.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> (cherry picked from commit 2918f6ceda533719ac0da53d8245ea4826f43681) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
132 lines
4.5 KiB
Perl
Executable file
132 lines
4.5 KiB
Perl
Executable file
#!/usr/bin/perl
|
|
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Koha; if not, see <http://www.gnu.org/licenses>.
|
|
|
|
use Modern::Perl;
|
|
|
|
use Test::More tests => 8;
|
|
use Test::Warn;
|
|
use Test::MockModule;
|
|
|
|
use File::Temp qw/tempfile/;
|
|
use CGI qw ( -utf8 );
|
|
|
|
use C4::Auth qw( get_template_and_user );
|
|
|
|
use t::lib::Mocks;
|
|
|
|
BEGIN {
|
|
use_ok('C4::Output', qw( output_html_with_http_headers output_and_exit_if_error parametrized_url ));
|
|
}
|
|
|
|
our $output_module = Test::MockModule->new('C4::Output');
|
|
|
|
my $query = CGI->new();
|
|
my $cookie;
|
|
my $output = 'foobarbaz';
|
|
|
|
{
|
|
local *STDOUT;
|
|
my $stdout;
|
|
open STDOUT, '>', \$stdout;
|
|
output_html_with_http_headers $query, $cookie, $output, undef, { force_no_caching => 1 };
|
|
like($stdout, qr/Cache-control: no-cache, no-store, max-age=0/, 'force_no_caching sets Cache-control as desired');
|
|
like($stdout, qr/Expires: /, 'force_no_caching sets an Expires header');
|
|
$stdout = '';
|
|
close STDOUT;
|
|
open STDOUT, '>', \$stdout;
|
|
output_html_with_http_headers $query, $cookie, $output, undef, undef;
|
|
like($stdout, qr/Cache-control: no-cache[^,]/, 'not using force_no_caching sets Cache-control as desired');
|
|
unlike($stdout, qr/Expires: /, 'force_no_caching does not set an Expires header');
|
|
}
|
|
|
|
subtest 'parametrized_url' => sub {
|
|
plan tests => 2;
|
|
|
|
my $url = 'https://somesite.com/search?q={TITLE}&author={AUTHOR}{SUFFIX}';
|
|
my $subs = { TITLE => '_title_', AUTHOR => undef, ISBN => '123456789' };
|
|
my $res;
|
|
warning_is { $res = C4::Output::parametrized_url( $url, $subs ) }
|
|
q{}, 'No warning expected on undefined author';
|
|
is( $res, 'https://somesite.com/search?q=_title_&author=',
|
|
'Title replaced, author empty and SUFFIX removed' );
|
|
};
|
|
|
|
subtest 'output_with_http_headers() tests' => sub {
|
|
|
|
plan tests => 4;
|
|
|
|
local *STDOUT;
|
|
my $stdout;
|
|
|
|
my $query = CGI->new();
|
|
my $cookie;
|
|
my $output = 'foobarbaz';
|
|
|
|
open STDOUT, '>', \$stdout;
|
|
t::lib::Mocks::mock_preference('AccessControlAllowOrigin','');
|
|
output_html_with_http_headers $query, $cookie, $output, undef;
|
|
unlike($stdout, qr/Access-control-allow-origin/, 'No header set if no value on syspref');
|
|
close STDOUT;
|
|
|
|
open STDOUT, '>', \$stdout;
|
|
t::lib::Mocks::mock_preference('AccessControlAllowOrigin',undef);
|
|
output_html_with_http_headers $query, $cookie, $output, undef;
|
|
unlike($stdout, qr/Access-control-allow-origin/, 'No header set if no value on syspref');
|
|
close STDOUT;
|
|
|
|
open STDOUT, '>', \$stdout;
|
|
t::lib::Mocks::mock_preference('AccessControlAllowOrigin','*');
|
|
output_html_with_http_headers $query, $cookie, $output, undef;
|
|
like($stdout, qr/Access-control-allow-origin: \*/, 'Header set to *');
|
|
close STDOUT;
|
|
|
|
open STDOUT, '>', \$stdout;
|
|
t::lib::Mocks::mock_preference('AccessControlAllowOrigin','https://koha-community.org');
|
|
output_html_with_http_headers $query, $cookie, $output, undef;
|
|
like($stdout, qr/Access-control-allow-origin: https:\/\/koha-community\.org/, 'Header set to https://koha-community.org');
|
|
close STDOUT;
|
|
};
|
|
|
|
subtest 'output_and_exit_if_error() tests' => sub {
|
|
plan tests => 1;
|
|
|
|
$output_module->mock(
|
|
'output_and_exit',
|
|
sub {
|
|
my ( $query, $cookie, $template, $error ) = @_;
|
|
is( $error, 'wrong_csrf_token', 'Got right error message' );
|
|
}
|
|
);
|
|
|
|
t::lib::Mocks::mock_config( 'pluginsdir', [ C4::Context::temporary_directory ] );
|
|
my ( $fh, $fn ) = tempfile( SUFFIX => '.tt', UNLINK => 1, DIR => C4::Context::temporary_directory );
|
|
print $fh qq|[% blocking_error %]|;
|
|
close $fh;
|
|
|
|
my $query = CGI->new();
|
|
$query->param('csrf_token','');
|
|
my ( $template, $loggedinuser, $cookies ) = get_template_and_user(
|
|
{
|
|
template_name => $fn,
|
|
query => $query,
|
|
type => "intranet",
|
|
authnotrequired => 1,
|
|
}
|
|
);
|
|
# Next call triggers test in the mocked sub
|
|
output_and_exit_if_error($query, $cookie, $template, { check => 'csrf_token' });
|
|
};
|