diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-09-15 23:01:26 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-09-15 23:01:26 -0700 |
| commit | 39632c4689842b3e3bb0715c0e9be757149c257d (patch) | |
| tree | d2e226ac9db852f045547fde4e6180fb2e507325 /modules/gallery/tests | |
| parent | 7608870537503ec571f45a175c8486d7945e7c63 (diff) | |
Also check for rss feeds in controller auth check
Diffstat (limited to 'modules/gallery/tests')
| -rw-r--r-- | modules/gallery/tests/Controller_Auth_Test.php | 8 | ||||
| -rw-r--r-- | modules/gallery/tests/controller_auth_data.txt | 1 |
2 files changed, 7 insertions, 2 deletions
diff --git a/modules/gallery/tests/Controller_Auth_Test.php b/modules/gallery/tests/Controller_Auth_Test.php index cd4abe07..caf6d8f2 100644 --- a/modules/gallery/tests/Controller_Auth_Test.php +++ b/modules/gallery/tests/Controller_Auth_Test.php @@ -25,7 +25,9 @@ class Controller_Auth_Test extends Unit_Test_Case { public function find_missing_auth_test() { $found = array(); - foreach (glob("*/*/controllers/*.php") as $controller) { + $controllers = glob("*/*/controllers/*.php"); + $feeds = glob("*/*/helpers/*_rss.php"); + foreach (array_merge($controllers, $feeds) as $controller) { if (preg_match("{modules/(gallery_)?unit_test/}", $controller)) { continue; } @@ -92,7 +94,9 @@ class Controller_Auth_Test extends Unit_Test_Case { } } while ($token_number < count($tokens)); - if (!$is_static && + $is_rss_feed = $name == "feed" && strpos(basename($controller), "_rss.php"); + + if ((!$is_static || $is_rss_feed) && (!$is_private || ($is_rest_controller && in_array($name, self::$rest_methods)))) { $function = self::_function($name, $line, $is_admin_controller); diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index fcb977e4..fdf00c5e 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -1,5 +1,6 @@ modules/comment/controllers/admin_comments.php queue DIRTY_CSRF modules/comment/controllers/comments.php _index DIRTY_CSRF +modules/comment/helpers/comment_rss.php feed DIRTY_AUTH modules/digibug/controllers/digibug.php print_proxy DIRTY_CSRF|DIRTY_AUTH modules/digibug/controllers/digibug.php close_window DIRTY_AUTH modules/gallery/controllers/admin.php __call DIRTY_AUTH |