Most of the modules we work on in symfony are secured with the popular sfGuardPlugin, but by default you can’t test a secured module each time you will try to access an action from your functional testing file will result in failure of the test. To make my point a little bit clear consider that we have a module called foobar in an application called backend. Of course as you know that when you create the module, automatically a file called foobarActionsTest.php is created in test/functional/backend.
So we edit the foobarActionsTest.php contents to match the following snippet:
// test/functional/backend/foobarActionsTest.php
include(dirname(__FILE__).'/../../bootstrap/functional.php');
$browser = new sfTestFunctional(new sfBrowser());
$browser->get('foobar/index')->isStatusCode(200);
Now we run the following command to test the module:
php symfony test:functional backend foobarActions
Since the backend application is secured, the above test will result in the following error:
The 401 response code we got means Unauthorized access, since the user isn’t logged, so this is what we need to make the test successful, we need the user to login first before we try to access the foobar/index action.
The solutions is rather simple, first we create a file called sf_guard.php:
// test/functional/sf_guard.php
function signin($username, $password, $browser) {
$browser = new sfTestFunctional(new sfBrowser());
return $browser->
info(sprintf('Signin user using username "%s" and password "%s"', $username, $password))->
post('/sfGuardAuth/signin', array('signin' => array('username' => $username, 'password' => $password,)))->
isRedirected()
;
}
Next we modify the foobarActionsTest.php:
include(dirname(__FILE__).'/../sf_guard.php');
include(dirname(__FILE__).'/../../bootstrap/functional.php');
$username = 'admin';
$password = 'admin';
$browser = new sfTestFunctional(new sfBrowser());
signin($username, $password, $browser)->get('/foobar/index')->isStatusCode(200);
Now we run the test again, and it passes gracefully
Now as Niko mentioned in his comment, her is another better and simpler way:
First we create a class sfGuardTestFunctional in lib folder
class sfGuardTestFunctional extends sfTestFunctional {
public function signin($username, $password) {
return $this->
info(sprintf('Signin user using username "%s" and password "%s"', $username, $password))->
post('/sfGuardAuth/signin', array('signin' => array('username' => $username, 'password' => $password,)))->
isRedirected()
;
}
}
Next we modify the foobarActionsTest.php
include(dirname(__FILE__).'/../../bootstrap/functional.php');
$username = 'admin';
$password = 'admin';
$browser = new sfGuardTestFunctional(new sfBrowser());
$browser->
get('/foobar/index')->
isStatusCode(401)->
signin($username, $password)->
get('/foobar/index')->
isStatusCode(200)
;
That way it’s much simpler and more efficient, thanks again Niko
You’d better extend the sfTestBrowser to create your own, and then implement a signin method returning the current instance of the browser, so you’d be able to do something like this:
$b = new myTestBrowser(); get('/secured')-> isStatusCode('401'); signing('admin', 'password')-> get('/secured')-> isStatusCode('200');Happy new year!
@Niko:
I think this is a really good idea, I’ll implement it, test it, and then update the post.
I have noticed some strange behaviour. If you enable security globally and tries to access a non existing module/action via browser you get displayed a 404 page correctly, but if you try that as a functional test you will be redirected to the login page. Does this occur with sfGuard too? I wanted to test the security of some module to ensure that the correct actions are permitted and others not. But this incorrect rendering of the scenario is somehow not very helpful
@Sam: I’ve noticed this strange behavior as well, and as you stated it only occurs with unavailable modules. I’ll look into it and then update the post.