1: <?php
2:
3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46:
47: class AlphaFilters_Test extends PHPUnit_Framework_TestCase {
48: 49: 50: 51: 52: 53:
54: private $blacklistedClient;
55:
56: 57: 58: 59: 60: 61:
62: private $blacklistedIP;
63:
64: 65: 66: 67: 68: 69:
70: private $badAgent = 'curl/7.16.2 (i686-redhat-linux-gnu) libcurl/7.16.2 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.8';
71:
72: 73: 74: 75: 76: 77:
78: private $oldAgent;
79:
80: 81: 82: 83: 84: 85:
86: private $oldIP;
87:
88: 89: 90: 91: 92: 93:
94: private $badRequest1;
95:
96: 97: 98: 99: 100: 101:
102: private $badRequest2;
103:
104: 105: 106: 107: 108: 109:
110: private $badRequest3;
111:
112: 113: 114: 115: 116: 117:
118: private $badIP = '127.0.0.1';
119:
120: 121: 122: 123: 124: 125: 126:
127: protected function setUp() {
128: $this->blacklistedClient = new BlacklistedClientObject();
129: $this->blacklistedClient->rebuildTable();
130: $this->blacklistedClient->set('client', $this->badAgent);
131: $this->blacklistedClient->save();
132:
133: $this->blacklistedIP = new BlacklistedIPObject();
134: $this->blacklistedIP->rebuildTable();
135: $this->blacklistedIP->set('IP', $this->badIP);
136: $this->blacklistedIP->save();
137:
138: $this->badRequest1 = new BadRequestObject();
139: $this->badRequest1->rebuildTable();
140: $this->badRequest1->set('client', $this->badAgent);
141: $this->badRequest1->set('IP', $this->badIP);
142: $this->badRequest1->set('requestedResource', '/doesNotExist');
143: $this->badRequest1->save();
144:
145: $this->badRequest2 = new BadRequestObject();
146: $this->badRequest2->set('client', $this->badAgent);
147: $this->badRequest2->set('IP', $this->badIP);
148: $this->badRequest2->set('requestedResource', '/doesNotExist');
149: $this->badRequest2->save();
150:
151: $this->badRequest3 = new BadRequestObject();
152: $this->badRequest3->set('client', $this->badAgent);
153: $this->badRequest3->set('IP', $this->badIP);
154: $this->badRequest3->set('requestedResource', '/doesNotExist');
155: $this->badRequest3->save();
156:
157: $this->oldAgent = $_SERVER['HTTP_USER_AGENT'];
158: $this->oldIP = $_SERVER['REMOTE_ADDR'];
159: }
160:
161: 162: 163: 164: 165: 166: 167:
168: protected function tearDown() {
169: $this->blacklistedClient->dropTable();
170: unset($this->blacklistedClient);
171:
172: $this->badRequest1->dropTable();
173: unset($this->badRequest1);
174:
175: unset($this->badRequest2);
176:
177: unset($this->badRequest3);
178:
179: $_SERVER['HTTP_USER_AGENT'] = $this->oldAgent;
180: $_SERVER['REMOTE_ADDR'] = $this->oldIP;
181: }
182:
183: 184: 185: 186: 187:
188: public function testClientBlacklistFilter() {
189: $_SERVER['HTTP_USER_AGENT'] = $this->badAgent;
190: $_GET['act'] = 'Search';
191:
192: try {
193: $front = new FrontController();
194: $front->registerFilter(new ClientBlacklistFilter());
195: $front->loadController(false);
196: $this->fail('Testing that a blacklisted user agent string cannot pass the ClientBlacklistFilter filter');
197: }catch (ResourceNotAllowedException $e) {
198: $this->assertEquals('Not allowed!', $e->getMessage(), 'Testing that a blacklisted user agent string cannot pass the ClientBlacklistFilter filter');
199: }
200: }
201:
202: 203: 204: 205: 206:
207: public function testClientTempBlacklistFilter() {
208: global $config;
209: $config->set('security.client.temp.blacklist.filter.limit', 3);
210:
211: $_SERVER['HTTP_USER_AGENT'] = $this->badAgent;
212: $_SERVER['REMOTE_ADDR'] = $this->badIP;
213: $_GET['act'] = 'doesNotExist';
214:
215: try {
216: $front = new FrontController();
217: $front->registerFilter(new ClientTempBlacklistFilter());
218: $front->loadController(false);
219: $this->fail('Testing that a user agent string/IP compbo cannot pass the ClientTempBlacklistFilter filter beyond the config limit');
220: }catch (ResourceNotAllowedException $e) {
221: $this->assertEquals('Not allowed!', $e->getMessage(), 'Testing that a user agent string/IP compbo cannot pass the ClientTempBlacklistFilter filter beyond the config limit');
222: }
223: }
224:
225: 226: 227: 228: 229:
230: public function testIPBlacklistFilter() {
231: $_SERVER['REMOTE_ADDR'] = $this->badIP;
232: $_GET['act'] = 'Search';
233:
234: try {
235: $front = new FrontController();
236: $front->registerFilter(new IPBlacklistFilter());
237: $front->loadController(false);
238: $this->fail('Testing that a blacklisted IP cannot pass the IPBlacklistFilter filter');
239: }catch (ResourceNotAllowedException $e) {
240: $this->assertEquals('Not allowed!', $e->getMessage(), 'Testing that a blacklisted IP cannot pass the IPBlacklistFilter filter');
241: }
242: }
243: }
244:
245: ?>