1
0

FeaturePolicyManagerTest.php 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace Test\Security\CSP;
  8. use OC\Security\FeaturePolicy\FeaturePolicyManager;
  9. use OCP\AppFramework\Http\FeaturePolicy;
  10. use OCP\EventDispatcher\IEventDispatcher;
  11. use OCP\Security\FeaturePolicy\AddFeaturePolicyEvent;
  12. use Test\TestCase;
  13. class FeaturePolicyManagerTest extends TestCase {
  14. /** @var IEventDispatcher */
  15. private $dispatcher;
  16. /** @var FeaturePolicyManager */
  17. private $manager;
  18. protected function setUp(): void {
  19. parent::setUp();
  20. $this->dispatcher = \OC::$server->query(IEventDispatcher::class);
  21. $this->manager = new FeaturePolicyManager($this->dispatcher);
  22. }
  23. public function testAddDefaultPolicy(): void {
  24. $this->manager->addDefaultPolicy(new FeaturePolicy());
  25. $this->addToAssertionCount(1);
  26. }
  27. public function testGetDefaultPolicyWithPoliciesViaEvent(): void {
  28. $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function (AddFeaturePolicyEvent $e) {
  29. $policy = new FeaturePolicy();
  30. $policy->addAllowedMicrophoneDomain('mydomain.com');
  31. $policy->addAllowedPaymentDomain('mypaymentdomain.com');
  32. $e->addPolicy($policy);
  33. });
  34. $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function (AddFeaturePolicyEvent $e) {
  35. $policy = new FeaturePolicy();
  36. $policy->addAllowedPaymentDomain('mydomainother.com');
  37. $policy->addAllowedGeoLocationDomain('mylocation.here');
  38. $e->addPolicy($policy);
  39. });
  40. $this->dispatcher->addListener(AddFeaturePolicyEvent::class, function (AddFeaturePolicyEvent $e) {
  41. $policy = new FeaturePolicy();
  42. $policy->addAllowedAutoplayDomain('youtube.com');
  43. $e->addPolicy($policy);
  44. });
  45. $expected = new \OC\Security\FeaturePolicy\FeaturePolicy();
  46. $expected->addAllowedMicrophoneDomain('mydomain.com');
  47. $expected->addAllowedPaymentDomain('mypaymentdomain.com');
  48. $expected->addAllowedPaymentDomain('mydomainother.com');
  49. $expected->addAllowedGeoLocationDomain('mylocation.here');
  50. $expected->addAllowedAutoplayDomain('youtube.com');
  51. $expectedStringPolicy = "autoplay 'self' youtube.com;camera 'none';fullscreen 'self';geolocation mylocation.here;microphone mydomain.com;payment mypaymentdomain.com mydomainother.com";
  52. $this->assertEquals($expected, $this->manager->getDefaultPolicy());
  53. $this->assertSame($expectedStringPolicy, $this->manager->getDefaultPolicy()->buildPolicy());
  54. }
  55. }