mirror of
https://github.com/moodle/moodle.git
synced 2025-08-04 16:36:37 +02:00
MDL-71242 core_course: Test the validation of the sort value
Adds new unit test, test_course_get_recent_courses_sort_validation(), which is reponsible for testing the validation of the sort value in course_get_recent_courses().
This commit is contained in:
Mihail Geshoski
Eloy Lafuente (stronk7)
parent
e3c031023f
commit
cd96cb300e
1 changed files with 51 additions and 0 deletions
|
|
@ -5473,6 +5473,57 @@ class core_course_courselib_testcase extends advanced_testcase {
|
||||||
$this->assertArrayNotHasKey($courses[0]->id, $result);
|
$this->assertArrayNotHasKey($courses[0]->id, $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test the validation of the sort value in course_get_recent_courses().
|
||||||
|
*
|
||||||
|
* @dataProvider course_get_recent_courses_sort_validation_provider
|
||||||
|
* @param string $sort The sort value
|
||||||
|
* @param string $expectedexceptionmsg The expected exception message
|
||||||
|
*/
|
||||||
|
public function test_course_get_recent_courses_sort_validation(string $sort, string $expectedexceptionmsg) {
|
||||||
|
$this->resetAfterTest();
|
||||||
|
|
||||||
|
$user = $this->getDataGenerator()->create_user();
|
||||||
|
|
||||||
|
if (!empty($expectedexceptionmsg)) {
|
||||||
|
$this->expectException('invalid_parameter_exception');
|
||||||
|
$this->expectExceptionMessage($expectedexceptionmsg);
|
||||||
|
}
|
||||||
|
course_get_recent_courses($user->id, 0, 0, $sort);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Data provider for test_course_get_recent_courses_sort_validation().
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
function course_get_recent_courses_sort_validation_provider() {
|
||||||
|
return [
|
||||||
|
'Invalid sort format (SQL injection attempt)' =>
|
||||||
|
[
|
||||||
|
'shortname DESC LIMIT 1--',
|
||||||
|
'Invalid structure of the sort parameter, allowed structure: fieldname [ASC|DESC].',
|
||||||
|
],
|
||||||
|
'Sort uses \'sort by\' field that does not exist' =>
|
||||||
|
[
|
||||||
|
'shortname DESC, xyz ASC',
|
||||||
|
'Invalid field in the sort parameter, allowed fields: id, idnumber, summary, summaryformat, ' .
|
||||||
|
'startdate, enddate, category, shortname, fullname, timeaccess, component, visible, ' .
|
||||||
|
'showactivitydates, showcompletionconditions.',
|
||||||
|
],
|
||||||
|
'Sort uses invalid value for the sorting direction' =>
|
||||||
|
[
|
||||||
|
'shortname xyz, lastaccess',
|
||||||
|
'Invalid sort direction in the sort parameter, allowed values: asc, desc.',
|
||||||
|
],
|
||||||
|
'Valid sort format' =>
|
||||||
|
[
|
||||||
|
'shortname asc, timeaccess',
|
||||||
|
''
|
||||||
|
]
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test the course_get_recent_courses function.
|
* Test the course_get_recent_courses function.
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue