Merge branch 'master' of github.com:plainblack/webgui

2011-01-10 12:32:19 -06:00 · 2011-01-10 12:32:19 -06:00 · 702d00bb63
commit 702d00bb63
parent 28f4b1b4d2 dfffaf307c
2 changed files with 57 additions and 3 deletions
--- a/lib/WebGUI/Session/Form.pm
+++ b/lib/WebGUI/Session/Form.pm
@ -186,10 +186,7 @@ the one in this user's current session.
 sub validToken {
 	my ($self)  = @_;
    my $session = $self->session;
-    $session->log->info('HTTP method: '. $session->request->method);
-    $session->log->info('CSRF token: '. $session->scratch->get('webguiCsrfToken'));
    return 0 unless $session->request->method eq 'POST';
-    $session->log->info('Web token: '. $self->param('webguiCsrfToken'));
    return 0 unless $self->param('webguiCsrfToken') eq $session->scratch->get('webguiCsrfToken');
    return 1;
 }
--- a/t/Asset/maximum_assets.t
+++ b/t/Asset/maximum_assets.t
@ -0,0 +1,57 @@
+#-------------------------------------------------------------------
+# WebGUI is Copyright 2001-2009 Plain Black Corporation.
+#-------------------------------------------------------------------
+# Please read the legal notices (docs/legal.txt) and the license
+# (docs/license.txt) that came with this distribution before using
+# this software.
+#-------------------------------------------------------------------
+# http://www.plainblack.com                     info@plainblack.com
+#-------------------------------------------------------------------
+
+use FindBin;
+use strict;
+use lib "$FindBin::Bin/../lib";
+
+use WebGUI::Test;
+use WebGUI::Session;
+use WebGUI::Asset;
+
+use Test::More;
+use Test::Deep;
+use Clone qw/clone/;
+
+plan tests => 1;
+
+my $session = WebGUI::Test->session;
+
+##Set the maximum assets to 5
+WebGUI::Test->originalConfig('maximumAssets');
+$session->config->set('maximumAssets', 5);
+
+my $rootAsset = WebGUI::Asset->getRoot($session);
+
+##Override the user function style template so we can examine its output easily
+                 #1234567890123456789012#
+my $templateId = 'USER_STYLE_OVERRIDE___';
+my $templateMock = Test::MockObject->new({});
+$templateMock->set_isa('WebGUI::Asset::Template');
+$templateMock->set_always('getId', $templateId);
+my $templateVars;
+$templateMock->mock('process', sub { $templateVars = clone($_[1]); } );
+$session->setting->set('userFunctionStyleId', $templateId);
+
+##Have to have a user who can add assets to the root node
+$session->user({userId => 3});
+$session->request->method('POST');
+$session->request->setup_body({
+    webguiCsrfToken => $session->scratch->get('webguiCsrfToken'),
+    assetId         => 'new',
+});
+{
+    WebGUI::Test->mockAssetId($templateId, $templateMock);
+    $rootAsset->www_editSave;
+    like $templateVars->{'body.content'}, qr/limited the number of assets/, 'tripped maximumAssets';
+    my $count = $session->db->quickScalar('select count(*) from asset');
+}
+
+