Merge pull request #7240 from open-sausages/pulls/4.0/fix-security-missing-request

BUG Ensure mocked controller has request assigned

src/Security/Security.php

@@ -563,6 +563,7 @@ class Security extends Controller implements TemplateGlobalProvider
 
         $controller = ModelAsController::controller_for($holderPage);
         $controller->doInit();
+        $controller->setRequest($this->getRequest());
 
         return $controller;
     }

tests/php/Security/SecurityTest.php

@@ -2,9 +2,13 @@
 
 namespace SilverStripe\Security\Tests;
 
+use Page;
+use PageController;
 use SilverStripe\Control\Controller;
 use SilverStripe\Control\Director;
+use SilverStripe\Control\HTTPRequest;
 use SilverStripe\Control\HTTPResponse;
+use SilverStripe\Control\Session;
 use SilverStripe\Core\Config\Config;
 use SilverStripe\Core\Convert;
 use SilverStripe\Dev\FunctionalTest;
@@ -704,6 +708,26 @@ class SecurityTest extends FunctionalTest
         $this->assertNull($robotsHeader);
     }
 
+    public function testGetResponseController()
+    {
+        if (!class_exists(Page::class)) {
+            $this->markTestSkipped("This test requires CMS module");
+        }
+
+        $request = new HTTPRequest('GET', '/');
+        $request->setSession(new Session([]));
+        $security = new Security();
+        $security->setRequest($request);
+        $reflection = new \ReflectionClass($security);
+        $method = $reflection->getMethod('getResponseController');
+        $method->setAccessible(true);
+        $result = $method->invoke($security, 'Page');
+
+        // Ensure page shares the same controller as security
+        $this->assertInstanceOf(PageController::class, $result);
+        $this->assertEquals($request, $result->getRequest());
+    }
+
     /**
      * Execute a log-in form using Director::test().
      * Helper method for the tests above