In a functional test of user registration: when csrf_protection: true
, registration fails even though registration succeeds in dev. Test succeeds when csrf_protection: false
. (Application uses PUGXMultiUserBundle). I've tried clearing test cache, etc. Dumping $this->client->getResponse()->getContent()
to file shows the registration form with all fields but password completed. Stepping through a debug of the test shows the _token
field submitted but seemingly stripped out of fos_user_registration_form[]
before getting to the line public function request($method, $uri, array $parameters = array(), array $files = array(), array $server = array(), $content = null, $changeHistory = true)
in Client.php
.
For now I've set csrf_protection: false
in config_test.yml
- not the best solution!
RegistrationFunctionalTest
namespace Truckee\UserBundle\Tests\Controller;
use Liip\FunctionalTestBundle\Test\WebTestCase;
class RegistrationFunctionalTest extends WebTestCase
{
private $volunteerValues;
private $client;
public function setup()
{
$classes = array(
'Truckee\MatchingBundle\DataFixtures\SampleData\LoadFocusSkillData',
'Truckee\MatchingBundle\DataFixtures\SampleData\LoadTemplateData',
);
$this->loadFixtures($classes);
$this->client = static::createClient();
$this->volunteerValues = array(
'fos_user_registration_form' => array(
'email' => 'hvolunteer@bogus.info',
'username' => 'hvolunteer',
'firstName' => 'Harry',
'lastName' => 'Volunteer',
'plainPassword' => array(
'first' => '123Abcd',
'second' => '123Abcd',
),
'focuses' => array('1'),
'skills' => array('14'),
)
);
}
public function submitVolunteerForm()
{
$crawler = $this->client->request('GET', '/register/volunteer');
$form = $crawler->selectButton('Save')->form();
$this->client->request($form->getMethod(), $form->getUri(), $this->volunteerValues);
}
public function testRegisterVolunteer()
{
$this->submitVolunteerForm();
$this->client->enableProfiler();
if ($profile = $this->client->getProfile()) {
$mailCollector = $this->client->getProfile()->getCollector('swiftmailer');
$this->assertEquals(1, $mailCollector->getMessageCount());
}
$crawler = $this->client->followRedirect();
$this->assertTrue($crawler->filter('html:contains("An email has been sent")')->count() > 0);
}
...
}
registration form (snippet) showing _token
<div class="row">
<div class="col-md-5">
{%if form._token is defined %}{{ form_widget(form._token) }}{% endif %}
{{ form_row(form.firstName) }}
{{ form_row(form.lastName) }}
</div>
</div>