Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 3.9.x will end* 10 May 2021 (12 months).
  • Bug fixes for security issues in 3.9.x will end* 8 May 2023 (36 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

< use core\output\mustache_helper_collection; <
/**
< * Unit tests for the mustache_helper_collection class.
> * Unit tests for lib/classes/output/mustache_helper_collection
*
< * @package core
* @copyright 2019 Ryan Wyllie <ryan@moodle.com> * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
< * @covers \core\output\mustache_helper_collection
> */ > > defined('MOODLE_INTERNAL') || die(); > > use core\output\mustache_helper_collection; > > /** > * Unit tests for the mustache_helper_collection class.
*/ class core_output_mustache_helper_collection_testcase extends advanced_testcase { /**
< * Test cases to confirm that blacklisted helpers are stripped from the source
> * Test cases to confirm that disallowed helpers are stripped from the source
* text by the helper before being passed to other another helper. This prevents * nested calls to helpers. */
< public function get_strip_blacklisted_helpers_testcases() {
> public function get_strip_disallowed_helpers_testcases() {
return [
< 'no blacklist' => [ < 'blacklist' => [],
> 'no disallowed' => [ > 'disallowed' => [],
'input' => 'core, move, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, move, {{#js}} some nasty JS {{/js}}' ],
< 'blacklist no match' => [ < 'blacklist' => ['foo'],
> 'disallowed no match' => [ > 'disallowed' => ['foo'],
'input' => 'core, move, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, move, {{#js}} some nasty JS {{/js}}' ],
< 'blacklist partial match 1' => [ < 'blacklist' => ['js'],
> 'disallowed partial match 1' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{#json}} some nasty JS {{/json}}', 'expected' => 'core, move, {{#json}} some nasty JS {{/json}}' ],
< 'blacklist partial match 2' => [ < 'blacklist' => ['js'],
> 'disallowed partial match 2' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{#onjs}} some nasty JS {{/onjs}}', 'expected' => 'core, move, {{#onjs}} some nasty JS {{/onjs}}' ],
< 'single blacklist 1' => [ < 'blacklist' => ['js'],
> 'single disallowed 1' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, move, {{}}' ],
< 'single blacklist 2' => [ < 'blacklist' => ['js'],
> 'single disallowed 2' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{ # js }} some nasty JS {{ / js }}', 'expected' => 'core, move, {{}}' ],
< 'single blacklist 3' => [ < 'blacklist' => ['js'],
> 'single disallowed 3' => [ > 'disallowed' => ['js'],
'input' => 'core, {{#js}} some nasty JS {{/js}}, test', 'expected' => 'core, {{}}, test' ],
< 'single blacklist 4' => [ < 'blacklist' => ['js'],
> 'single disallowed 3' => [ > 'disallowed' => ['js'],
'input' => 'core, {{#ok}} this is ok {{/ok}}, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, {{#ok}} this is ok {{/ok}}, {{}}' ],
< 'single blacklist multiple matches 1' => [ < 'blacklist' => ['js'],
> 'single disallowed multiple matches 1' => [ > 'disallowed' => ['js'],
'input' => 'core, {{#js}} some nasty JS {{/js}}, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, {{}}' ],
< 'single blacklist multiple matches 2' => [ < 'blacklist' => ['js'],
> 'single disallowed multiple matches 2' => [ > 'disallowed' => ['js'],
'input' => 'core, {{ # js }} some nasty JS {{ / js }}, {{ # js }} some nasty JS {{ / js }}', 'expected' => 'core, {{}}' ],
< 'single blacklist multiple matches nested 1' => [ < 'blacklist' => ['js'],
> 'single disallowed multiple matches nested 1' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{#js}} some nasty JS {{#js}} some nasty JS {{/js}} {{/js}}', 'expected' => 'core, move, {{}}' ],
< 'single blacklist multiple matches nested 2' => [ < 'blacklist' => ['js'],
> 'single disallowed multiple matches nested 2' => [ > 'disallowed' => ['js'],
'input' => 'core, move, {{ # js }} some nasty JS {{ # js }} some nasty JS {{ / js }}{{ / js }}', 'expected' => 'core, move, {{}}' ],
< 'multiple blacklist 1' => [ < 'blacklist' => ['js', 'foo'],
> 'multiple disallowed 1' => [ > 'disallowed' => ['js', 'foo'],
'input' => 'core, move, {{#js}} some nasty JS {{/js}}', 'expected' => 'core, move, {{}}' ],
< 'multiple blacklist 2' => [ < 'blacklist' => ['js', 'foo'],
> 'multiple disallowed 2' => [ > 'disallowed' => ['js', 'foo'],
'input' => 'core, {{#foo}} blah {{/foo}}, {{#js}} js {{/js}}', 'expected' => 'core, {{}}, {{}}' ],
< 'multiple blacklist 3' => [ < 'blacklist' => ['js', 'foo'],
> 'multiple disallowed 3' => [ > 'disallowed' => ['js', 'foo'],
'input' => '{{#foo}} blah {{/foo}}, {{#foo}} blah {{/foo}}, {{#js}} js {{/js}}', 'expected' => '{{}}, {{}}' ],
< 'multiple blacklist 4' => [ < 'blacklist' => ['js', 'foo'],
> 'multiple disallowed 4' => [ > 'disallowed' => ['js', 'foo'],
'input' => '{{#foo}} blah {{/foo}}, {{#js}} js {{/js}}, {{#foo}} blah {{/foo}}', 'expected' => '{{}}' ],
< 'multiple blacklist 5' => [ < 'blacklist' => ['js', 'foo'],
> 'multiple disallowed 4' => [ > 'disallowed' => ['js', 'foo'],
'input' => 'core, move, {{#js}} JS {{#foo}} blah {{/foo}} {{/js}}', 'expected' => 'core, move, {{}}' ], ]; } /** * Test that the mustache_helper_collection class correctly strips
< * @dataProvider get_strip_blacklisted_helpers_testcases() < * @param string[] $blacklist The list of helpers to strip
> * @dataProvider get_strip_disallowed_helpers_testcases() > * @param string[] $disallowed The list of helpers to strip
* @param string $input The input string for the helper
< * @param string $expected The expected output of the string after blacklist strip
> * @param string $expected The expected output of the string after disallowed strip
*/
< public function test_strip_blacklisted_helpers($blacklist, $input, $expected) { < $collection = new mustache_helper_collection(null, $blacklist); < $this->assertEquals($expected, $collection->strip_blacklisted_helpers($blacklist, $input));
> public function test_strip_disallowed_helpers($disallowed, $input, $expected) { > $collection = new mustache_helper_collection(null, $disallowed); > $this->assertEquals($expected, $collection->strip_disallowed_helpers($disallowed, $input));
} /**
< * Test that the blacklisted helpers are disabled during the execution of other
> * Test that the disallowed helpers are disabled during the execution of other
* helpers. *
< * Any non-blacklisted helper should still be available to call during the
> * Any allowed helper should still be available to call during the
* execution of a helper. */
< public function test_blacklisted_helpers_disabled_during_execution() {
> public function test_disallowed_helpers_disabled_during_execution() {
$engine = new \Mustache_Engine(); $context = new \Mustache_Context(); $lambdahelper = new \Mustache_LambdaHelper($engine, $context);
< $blacklist = ['bad']; < $collection = new mustache_helper_collection(null, $blacklist);
> $disallowed = ['bad']; > $collection = new mustache_helper_collection(null, $disallowed);
$badcalled = false; $goodcalled = false; $badhelper = function() use (&$badcalled) { $badcalled = true; return ''; }; $goodhelper = function() use (&$goodcalled) { $goodcalled = true; return ''; }; // A test helper that just returns the text without modifying it. $testhelper = function($text, $lambda) use ($collection) { $collection->get('good')($text, $lambda); $collection->get('bad')($text, $lambda); return $text; }; $collection->add('bad', $badhelper); $collection->add('good', $goodhelper); $collection->add('test', $testhelper); $this->assertEquals('success output', $collection->get('test')('success output', $lambdahelper)); $this->assertTrue($goodcalled); $this->assertFalse($badcalled);
> } } > } > /** > * Test that calling deprecated method strip_blacklisted_helpers() still works and shows developer debugging. > */ > public function test_deprecated_strip_blacklisted_helpers() { > > $collection = new mustache_helper_collection(null, ['js']); > $stripped = $collection->strip_blacklisted_helpers(['js'], '{{#js}} JS {{/js}}'); > $this->assertEquals('{{}}', $stripped); > $this->assertDebuggingCalled('mustache_helper_collection::strip_blacklisted_helpers() is deprecated. ' . > 'Please use mustache_helper_collection::strip_disallowed_helpers() instead.', DEBUG_DEVELOPER);