2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Unit tests for sessionlib.php file.
22 * @author Petr Skoda <petr.skoda@totaralms.com>
23 * @copyright 2014 Totara Learning Solutions Ltd {@link http://www.totaralms.com/}
24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
27 defined('MOODLE_INTERNAL') ||
die();
30 * Unit tests for sessionlib.php file.
34 * @author Petr Skoda <petr.skoda@totaralms.com>
35 * @copyright 2014 Totara Learning Solutions Ltd {@link http://www.totaralms.com/}
36 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
38 class core_sessionlib_testcase
extends advanced_testcase
{
39 public function test_cron_setup_user() {
40 global $PAGE, $USER, $SESSION, $SITE, $CFG;
41 $this->resetAfterTest();
43 // NOTE: this function contains some static caches, let's reset first.
44 cron_setup_user('reset');
47 $user1 = $this->getDataGenerator()->create_user();
48 $user2 = $this->getDataGenerator()->create_user();
49 $course = $this->getDataGenerator()->create_course();
52 $this->assertSame($admin->id
, $USER->id
);
53 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
54 $this->assertSame($CFG->timezone
, $USER->timezone
);
55 $this->assertSame('', $USER->lang
);
56 $this->assertSame('', $USER->theme
);
57 $SESSION->test1
= true;
58 $adminsession = $SESSION;
60 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
61 $this->assertSame($GLOBALS['SESSION'], $SESSION);
62 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
63 $this->assertSame($GLOBALS['USER'], $USER);
65 cron_setup_user(null, $course);
66 $this->assertSame($admin->id
, $USER->id
);
67 $this->assertSame($PAGE->context
, context_course
::instance($course->id
));
68 $this->assertSame($adminsession, $SESSION);
69 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
70 $this->assertSame($GLOBALS['SESSION'], $SESSION);
71 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
72 $this->assertSame($GLOBALS['USER'], $USER);
74 cron_setup_user($user1);
75 $this->assertSame($user1->id
, $USER->id
);
76 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
77 $this->assertNotSame($adminsession, $SESSION);
78 $this->assertObjectNotHasAttribute('test1', $SESSION);
79 $this->assertEmpty((array)$SESSION);
80 $usersession1 = $SESSION;
81 $SESSION->test2
= true;
82 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
83 $this->assertSame($GLOBALS['SESSION'], $SESSION);
84 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
85 $this->assertSame($GLOBALS['USER'], $USER);
87 cron_setup_user($user1);
88 $this->assertSame($user1->id
, $USER->id
);
89 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
90 $this->assertNotSame($adminsession, $SESSION);
91 $this->assertSame($usersession1, $SESSION);
92 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
93 $this->assertSame($GLOBALS['SESSION'], $SESSION);
94 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
95 $this->assertSame($GLOBALS['USER'], $USER);
97 cron_setup_user($user2);
98 $this->assertSame($user2->id
, $USER->id
);
99 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
100 $this->assertNotSame($adminsession, $SESSION);
101 $this->assertNotSame($usersession1, $SESSION);
102 $this->assertEmpty((array)$SESSION);
103 $usersession2 = $SESSION;
104 $usersession2->test3
= true;
105 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
106 $this->assertSame($GLOBALS['SESSION'], $SESSION);
107 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
108 $this->assertSame($GLOBALS['USER'], $USER);
110 cron_setup_user($user2, $course);
111 $this->assertSame($user2->id
, $USER->id
);
112 $this->assertSame($PAGE->context
, context_course
::instance($course->id
));
113 $this->assertNotSame($adminsession, $SESSION);
114 $this->assertNotSame($usersession1, $SESSION);
115 $this->assertSame($usersession2, $SESSION);
116 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
117 $this->assertSame($GLOBALS['SESSION'], $SESSION);
118 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
119 $this->assertSame($GLOBALS['USER'], $USER);
121 cron_setup_user($user1);
122 $this->assertSame($user1->id
, $USER->id
);
123 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
124 $this->assertNotSame($adminsession, $SESSION);
125 $this->assertNotSame($usersession1, $SESSION);
126 $this->assertEmpty((array)$SESSION);
127 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
128 $this->assertSame($GLOBALS['SESSION'], $SESSION);
129 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
130 $this->assertSame($GLOBALS['USER'], $USER);
133 $this->assertSame($admin->id
, $USER->id
);
134 $this->assertSame($PAGE->context
, context_course
::instance($SITE->id
));
135 $this->assertSame($adminsession, $SESSION);
136 $this->assertSame($adminuser, $USER);
137 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
138 $this->assertSame($GLOBALS['SESSION'], $SESSION);
139 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
140 $this->assertSame($GLOBALS['USER'], $USER);
142 cron_setup_user('reset');
143 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
144 $this->assertSame($GLOBALS['SESSION'], $SESSION);
145 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
146 $this->assertSame($GLOBALS['USER'], $USER);
149 $this->assertNotSame($adminsession, $SESSION);
150 $this->assertNotSame($adminuser, $USER);
151 $this->assertSame($GLOBALS['SESSION'], $_SESSION['SESSION']);
152 $this->assertSame($GLOBALS['SESSION'], $SESSION);
153 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
154 $this->assertSame($GLOBALS['USER'], $USER);
158 * Test provided for secure cookie
160 * @return array of config and secure result
162 public function moodle_cookie_secure_provider() {
167 'wwwroot' => 'http://example.com',
169 'cookiesecure' => null,
174 // Non ssl, off and ignored.
176 'wwwroot' => 'http://example.com',
178 'cookiesecure' => false,
183 // Non ssl, on and ignored.
185 'wwwroot' => 'http://example.com',
187 'cookiesecure' => true,
192 // SSL via proxy, off.
194 'wwwroot' => 'http://example.com',
196 'cookiesecure' => false,
201 // SSL via proxy, on.
203 'wwwroot' => 'http://example.com',
205 'cookiesecure' => true,
212 'wwwroot' => 'https://example.com',
214 'cookiesecure' => false,
221 'wwwroot' => 'https://example.com',
223 'cookiesecure' => true,
231 * Test for secure cookie
233 * @dataProvider moodle_cookie_secure_provider
235 * @param array $config Array of key value config settings
236 * @param bool $secure Wether cookies should be secure or not
238 public function test_is_moodle_cookie_secure($config, $secure) {
240 $this->resetAfterTest();
241 foreach ($config as $key => $value) {
244 $this->assertEquals($secure, is_moodle_cookie_secure());
247 public function test_sesskey() {
249 $this->resetAfterTest();
251 $user = $this->getDataGenerator()->create_user();
253 \core\session\manager
::init_empty_session();
254 $this->assertObjectNotHasAttribute('sesskey', $USER);
256 $sesskey = sesskey();
257 $this->assertNotEmpty($sesskey);
258 $this->assertSame($sesskey, $USER->sesskey
);
259 $this->assertSame($GLOBALS['USER'], $_SESSION['USER']);
260 $this->assertSame($GLOBALS['USER'], $USER);
262 $this->assertSame($sesskey, sesskey());
264 // Test incomplete session init - the sesskeys should return random values.
266 unset($GLOBALS['USER']);
267 unset($GLOBALS['SESSION']);
269 $this->assertFalse(sesskey());
270 $this->assertArrayNotHasKey('USER', $GLOBALS);
271 $this->assertFalse(sesskey());
274 public function test_confirm_sesskey() {
275 $this->resetAfterTest();
277 $sesskey = sesskey();
281 $this->fail('Exception expected when sesskey not present');
282 } catch (moodle_exception
$e) {
283 $this->assertSame('missingparam', $e->errorcode
);
286 $this->assertTrue(confirm_sesskey($sesskey));
287 $this->assertFalse(confirm_sesskey('blahblah'));
289 $_GET['sesskey'] = $sesskey;
290 $this->assertTrue(confirm_sesskey());
292 $_GET['sesskey'] = 'blah';
293 $this->assertFalse(confirm_sesskey());
296 public function test_require_sesskey() {
297 $this->resetAfterTest();
299 $sesskey = sesskey();
303 $this->fail('Exception expected when sesskey not present');
304 } catch (moodle_exception
$e) {
305 $this->assertSame('missingparam', $e->errorcode
);
308 $_GET['sesskey'] = $sesskey;
311 $_GET['sesskey'] = 'blah';
314 $this->fail('Exception expected when sesskey not incorrect');
315 } catch (moodle_exception
$e) {
316 $this->assertSame('invalidsesskey', $e->errorcode
);