silverstripe-framework/tests/php/Control/HTTPCacheControlIntegrationTest/SessionController.php
2018-06-13 11:33:46 +12:00

82 lines
1.9 KiB
PHP

<?php
namespace SilverStripe\Control\Tests\HTTPCacheControlIntegrationTest;
use SilverStripe\Control\Controller;
use SilverStripe\Control\Middleware\HTTPCacheControlMiddleware;
use SilverStripe\Dev\TestOnly;
use SilverStripe\Forms\FieldList;
use SilverStripe\Forms\Form;
use SilverStripe\Forms\FormAction;
use SilverStripe\Forms\TextField;
use SilverStripe\Security\Permission;
use SilverStripe\Security\SecurityToken;
class SessionController extends Controller implements TestOnly
{
private static $url_segment = 'HTTPCacheControlIntegrationTest_SessionController';
private static $allowed_actions = [
'showform',
'privateaction',
'publicaction',
'showpublicform',
'Form',
];
protected function init()
{
parent::init();
// Prefer public by default
HTTPCacheControlMiddleware::singleton()->publicCache();
}
public function getContent()
{
return '<p>Hello world</p>';
}
public function showform()
{
// Form should be set to private due to CSRF
SecurityToken::enable();
return $this->renderWith('BlankPage');
}
public function showpublicform()
{
// Public form doesn't use CSRF and thus no session usage
SecurityToken::disable();
return $this->renderWith('BlankPage');
}
/**
* @return string
* @throws \SilverStripe\Control\HTTPResponse_Exception
*/
public function privateaction()
{
if (!Permission::check('ANYCODE')) {
$this->httpError(403, 'Not allowed');
}
return 'ok';
}
public function publicaction()
{
return 'Hello!';
}
public function Form()
{
$form = new Form(
$this,
'Form',
new FieldList(new TextField('Name')),
new FieldList(new FormAction('submit', 'Submit'))
);
$form->setFormMethod('GET');
return $form;
}
}