[TYPO3-core] RFC #17342: t3lib_formprotection_BackendFormProtectionTest causes php fatal error
Helmut Hummel
helmut.hummel at typo3.org
Wed Jan 26 18:50:08 CET 2011
Hi Nicolas,
Nikolas Hagelstein wrote:
>
> Notes:
> This is just a quickfix. It would be better to stop messing arround with
> GLOBALS within tests and the actuall class implementation.
>
> Something like: isAuthorizedBackendSession($beSession) and injection of
> the current beSession on construction would be much cleaner and easier
> to test imho. But that is another story.
I would say it's the same story. The BE_USER is allready passed to a
property so only the setter to inject it is missing.
Solution:
1. Add the setter in the BackendFormprotection
2. Use the setter to inject the user object in the factory
3. Fix the unit tests
Just making the unit tests green is not so nice IMHO.
Could you provide a patch for that?
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-team-core
mailing list