mirror of
https://framagit.org/hubzilla/core.git
synced 2026-06-21 00:52:33 -04:00
4eb7e29bab
To ensure tests don't step on each others toes, make sure we back up the static properties of the global App class before running tests that modify any of these properties.
78 lines
2.1 KiB
PHP
78 lines
2.1 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
use PHPUnit\Framework\Attributes\BackupStaticProperties;
|
|
use Zotlabs\Tests\Unit\UnitTestCase;
|
|
|
|
/**
|
|
* Tests for the Zotlabs\Lib\Config class.
|
|
*
|
|
* Until we have database testing in place, we can only test the Congig::Get
|
|
* method for now. This should be improved once the database test framework is
|
|
* merged.
|
|
*/
|
|
#[BackupStaticProperties(true)]
|
|
class ConfigTest extends Zotlabs\Tests\Unit\UnitTestCase {
|
|
/*
|
|
* Hardcode a config that we can test against, and that we can
|
|
* reuse in all the test cases.
|
|
*/
|
|
public function setUp(): void {
|
|
\App::$config = array(
|
|
'test' => array (
|
|
'plain' => 'plain value',
|
|
'php-array' => 'a:3:{i:0;s:3:"one";i:1;s:3:"two";i:2;s:5:"three";}',
|
|
'json-array' => 'json:["one","two","three"]',
|
|
'object-injection' => 'a:1:{i:0;O:18:"Zotlabs\Lib\Config":0:{}}',
|
|
'unserialized-array' => ['one', 'two', 'three'],
|
|
'config_loaded' => true,
|
|
),
|
|
);
|
|
}
|
|
|
|
public function testGetPlainTextValue(): void {
|
|
$this->assertEquals(
|
|
Zotlabs\Lib\Config::Get('test', 'plain'),
|
|
'plain value'
|
|
);
|
|
}
|
|
|
|
public function testGetJSONSerializedArray(): void {
|
|
$this->assertEquals(
|
|
Zotlabs\Lib\Config::Get('test', 'json-array'),
|
|
array('one', 'two', 'three')
|
|
);
|
|
}
|
|
|
|
/*
|
|
* Test that we can retreive old style serialized arrays that were
|
|
* serialized with th PHP `serialize()` function.
|
|
*/
|
|
public function testGetPHPSerializedArray(): void {
|
|
$this->assertEquals(
|
|
Zotlabs\Lib\Config::Get('test', 'php-array'),
|
|
array('one', 'two', 'three')
|
|
);
|
|
}
|
|
|
|
/*
|
|
* Test that we can retreive unserialized arrays which are usually
|
|
* returned from the existing config cache.
|
|
*/
|
|
public function testGetPHPUnserializedArray(): void {
|
|
$this->assertEquals(
|
|
Zotlabs\Lib\Config::Get('test', 'unserialized-array'),
|
|
array('one', 'two', 'three')
|
|
);
|
|
}
|
|
|
|
/*
|
|
* Make sure we're not vulnerable to PHP Object injection attacks when
|
|
* using the PHP `unserialize()` function.
|
|
*/
|
|
public function testGetMaliciousPHPSerializedArray(): void {
|
|
$value = Zotlabs\Lib\Config::Get('test', 'object-injection');
|
|
$this->assertEquals($value[0]::class, '__PHP_Incomplete_Class');
|
|
}
|
|
}
|