[symfony-users] [SF2] Problems with WebTestCase and Security-Component

Wed, 11 May 2011 23:58:33 -0700 

I am using WebTestCase (Beta1) to do some functional tests. It seems
that the class mixes up some cookie-stuff, because the site works in
dev and prod environments but fails in several unit-tests.

I would be very glad if someone could help me or point me to the docs
needed.

The following piece of TWIG shows if a user is logged in on the page
bottom of the site:

                <div id="accountinfo" class="small-bottom">
                    <p>{% spaceless %}
                        {% if is_granted('IS_AUTHENTICATED_FULLY') %}
                          {{ "Logged in as"|trans({ '%username%':
app.user.username }) }}.
                        <a
href="{{ path('_security_logout') }}">{{ "Logout"|trans }}</a>
                        {% else %}
                        {{ "Not logged in"|trans }}
                        {% endif %}
                    {% endspaceless %}</p>
                </div>

The test fails if:

1) The user is logged in and out in another testcase
2) /login is opened ("Not Logged in" is shown correctly)
3) Test fills out wrong username/password and submits
4) User is suddenly logged in ("Logged in as ..." is shown), although
the security component returns "Bad Credentials"

The test code is below. Am I doing something wrong? Has anyone
observed similar behavior?
Much thanks in advance....

// Login in a test, executed before
    public function testFailedLogin() {
        $client = $this->createClient();

        $crawler = $client->request('GET', '/de/admin/');
        $this->assertEquals(302, $client->getResponse()-
>getStatusCode(), "Redirect to login page.");
        $crawler = $client->followRedirect();
        $this->assertEquals("/login", $client->getRequest()-
>getRequestUri());

        $this->assertEquals(200, $client->getResponse()-
>getStatusCode());
        $this->assertTrue($crawler->filter('title:contains("Login")')-
>count() > 0);
        $this->assertTrue($crawler-
>filter('div[id=accountinfo]:contains("Nicht eingeloggt")')->count() >
0);

        $form = $crawler->selectButton('login')->form();

        $crawler = $client->submit(
                        $form, array( // Wrong credentials
                    '_username' => 'adminW',
                    '_password' => 'adminW',
                ));

        $this->assertEquals(302, $client->getResponse()-
>getStatusCode(), "Redirect to login page after wrong un/pw.");
        $crawler = $client->followRedirect();

        $this->assertEquals(200, $client->getResponse()-
>getStatusCode());
        $this->assertTrue($crawler->filter('title:contains("Login")')-
>count() > 0);
        $this->assertTrue($crawler-
>filter('div[id=accountinfo]:contains("Nicht eingeloggt")')->count() >
0); // FAILS HERE
    }


-- 
If you want to report a vulnerability issue on symfony, please send it to 
security at symfony-project.com

You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en

Reply via email to