1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.validator.validators;
17
18 import static org.easymock.EasyMock.anyObject;
19 import static org.easymock.EasyMock.createMock;
20 import static org.easymock.EasyMock.expect;
21 import static org.easymock.EasyMock.expectLastCall;
22 import static org.easymock.EasyMock.getCurrentArguments;
23 import static org.easymock.EasyMock.replay;
24 import static org.easymock.EasyMock.verify;
25 import static org.junit.Assert.assertFalse;
26 import static org.junit.Assert.assertTrue;
27 import static org.junit.Assert.fail;
28
29 import java.util.HashMap;
30 import java.util.Map;
31
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34 import javax.servlet.http.HttpSession;
35
36 import org.easymock.IAnswer;
37 import org.junit.Test;
38 import org.seasar.cubby.internal.controller.ThreadContext;
39 import org.seasar.cubby.internal.controller.ThreadContext.Command;
40 import org.seasar.cubby.internal.util.TokenHelper;
41 import org.seasar.cubby.validator.ValidationContext;
42
43 public class TokenValidatorTest {
44
45 @Test
46 public void validate() throws Exception {
47 final HttpServletRequest request = createMock(HttpServletRequest.class);
48 final HttpSession session = createMock(HttpSession.class);
49 expect(request.getSession()).andStubReturn(session);
50 expect(request.getSession(false)).andStubReturn(session);
51
52 final Map<String, Object> sessionAttributes = new HashMap<String, Object>();
53 expect(session.getAttribute((String) anyObject())).andAnswer(
54 new IAnswer<Object>() {
55
56 public Object answer() throws Throwable {
57 return sessionAttributes.get(getCurrentArguments()[0]);
58 }
59
60 }).anyTimes();
61 session.setAttribute((String) anyObject(), anyObject());
62 expectLastCall().andAnswer(new IAnswer<Object>() {
63
64 public Object answer() throws Throwable {
65 sessionAttributes.put((String) getCurrentArguments()[0],
66 getCurrentArguments()[1]);
67 return null;
68 }
69 }).anyTimes();
70 final HttpServletResponse response = createMock(HttpServletResponse.class);
71 replay(request, session, response);
72
73 ThreadContext.runInContext(request, response, new Command() {
74
75 public void execute(final HttpServletRequest request,
76 final HttpServletResponse response) throws Exception {
77 final TokenValidator validator = new TokenValidator();
78
79 ValidationContext context = new ValidationContext();
80 validator.validate(context, new Object[] { "tokenstring" });
81 assertFalse("セッション中にトークン文字列が存在しないためエラー", context
82 .getMessageInfos().isEmpty());
83
84 TokenHelper.setToken(session, "tokenstring");
85 context = new ValidationContext();
86 validator.validate(context, new Object[] { "tokenstring" });
87 assertTrue("セッション中にトークン文字列が存在するためエラーではない", context
88 .getMessageInfos().isEmpty());
89
90 context = new ValidationContext();
91 validator.validate(context, new Object[] { "tokenstring" });
92 assertFalse("セッション中のトークン文字列が除去された(2重サブミットの状態)ためエラー", context
93 .getMessageInfos().isEmpty());
94 }
95
96 });
97
98 verify(request, session, response);
99 }
100
101 @Test
102 public void requestIsNull() throws Exception {
103 final HttpServletRequest request = createMock(HttpServletRequest.class);
104 final HttpServletResponse response = createMock(HttpServletResponse.class);
105 replay(request, response);
106
107 final TokenValidator validator = new TokenValidator();
108 final ValidationContext context = new ValidationContext();
109 try {
110 validator.validate(context, new Object[] { "tokenstring" });
111 fail("ThreadContext 外で実行した場合、ここは通らない");
112 } catch (final IllegalStateException ex) {
113 }
114
115 verify(request, response);
116 }
117
118 }