mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-13 15:34:12 +01:00
47 lines
1.6 KiB
PHP
47 lines
1.6 KiB
PHP
<?php
|
|
/*
|
|
* @copyright Copyright (C) 2010-2022 Combodo SARL
|
|
* @license http://opensource.org/licenses/AGPL-3.0
|
|
*/
|
|
|
|
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
|
|
|
|
|
|
/**
|
|
* We need the metamodel started as this is a dependency of {@link RuntimeDashboard}
|
|
*
|
|
* @runTestsInSeparateProcesses
|
|
* @preserveGlobalState disabled
|
|
* @backupGlobals disabled
|
|
*
|
|
* @since 2.7.8 3.0.3 3.1.0 N°4449 Test Full Path Disclosure in Dashboard
|
|
*/
|
|
class RuntimeDashboardTest extends ItopDataTestCase
|
|
{
|
|
const DEFAULT_WELCOME_DASHBOARD_PATH = 'env-production/itop-welcome-itil/welcomemenupage_dashboard.xml';
|
|
const SYSTEM_FILE_PATH = '../../system-file';
|
|
|
|
/** @noinspection PhpUnhandledExceptionInspection */
|
|
public function testGetDashboard()
|
|
{
|
|
$sDashboardFileOk = APPROOT.self::DEFAULT_WELCOME_DASHBOARD_PATH;
|
|
$sDashboardId = uniqid(mt_rand(), TRUE);
|
|
$oDashboard = RuntimeDashboard::GetDashboard($sDashboardFileOk, $sDashboardId);
|
|
$this->assertNotNull($oDashboard);
|
|
|
|
$this->expectException(SecurityException::class);
|
|
$sDashboardFileSuspect = APPROOT.self::SYSTEM_FILE_PATH;;
|
|
RuntimeDashboard::GetDashboard($sDashboardFileSuspect, $sDashboardId);
|
|
}
|
|
|
|
/** @noinspection PhpUnhandledExceptionInspection */
|
|
public function testGetDefinitionFileRelative()
|
|
{
|
|
$sFullDashboardPath = RuntimeDashboard::GetDashboardFileFromRelativePath(self::DEFAULT_WELCOME_DASHBOARD_PATH);
|
|
$this->assertSame(APPROOT.self::DEFAULT_WELCOME_DASHBOARD_PATH, $sFullDashboardPath);
|
|
|
|
$this->expectException(SecurityException::class);
|
|
RuntimeDashboard::GetDashboardFileFromRelativePath(self::SYSTEM_FILE_PATH);
|
|
}
|
|
}
|