logInWithPermission('ADMIN'); $this->logOut(); // Mock app $app = new HTTPApplication(new BlankKernel(BASE_PATH)); $app->getKernel()->setEnvironment(Kernel::LIVE); // Test being logged in as admin $chain = new ErrorControlChainMiddleware($app); $request = new HTTPRequest('GET', '/', ['flush' => 1]); $request->setSession(new Session(['loggedInAs' => $adminID])); $result = $chain->process($request, function () { return null; }); $this->assertInstanceOf(HTTPResponse::class, $result); $location = $result->getHeader('Location'); $this->assertContains('?flush=1&flushtoken=', $location); $this->assertNotContains('Security/login', $location); } public function testLiveFlushUnauthenticated() { // Mock app $app = new HTTPApplication(new BlankKernel(BASE_PATH)); $app->getKernel()->setEnvironment(Kernel::LIVE); // Test being logged in as no one Security::setCurrentUser(null); $chain = new ErrorControlChainMiddleware($app); $request = new HTTPRequest('GET', '/', ['flush' => 1]); $request->setSession(new Session(['loggedInAs' => 0])); $result = $chain->process($request, function () { return null; }); // Should be directed to login, not to flush $this->assertInstanceOf(HTTPResponse::class, $result); $location = $result->getHeader('Location'); $this->assertNotContains('?flush=1&flushtoken=', $location); $this->assertContains('Security/login', $location); } }