chiappa
/
sprint_planer_web
mirror of https://git.snix.ch/chiappa/sprint_planer_web.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
							<?php
/*
 * Copyright 2026 Alessandro Chiapparini <sprint_planer_web@chiapparini.org>
 * SPDX-License-Identifier: Apache-2.0
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * See the LICENSE file in the project root for the full license text.
 */

declare(strict_types=1);

namespace App\Tests\Http;

use App\Http\Request;
use App\Tests\TestCase;

/**
 * Smoke tests that `Request::ip()` and `Request::isHttps()` actually consult
 * `TRUSTED_PROXIES` (R01-N05 / R01-N07). The detail-level CIDR / XFF logic
 * is exercised in `TrustedProxiesTest`; here we only check the wiring.
 */
final class RequestTest extends TestCase
{
    /**
     * @param array<string,mixed> $server
     */
    private function makeRequest(array $server): Request
    {
        return new Request(
            method:  'GET',
            path:    '/',
            query:   [],
            post:    [],
            rawBody: '',
            headers: [],
            server:  $server,
        );
    }

    public function testIpReturnsRemoteAddrWhenNoTrustedProxiesConfigured(): void
    {
        $prev = getenv('TRUSTED_PROXIES');
        try {
            putenv('TRUSTED_PROXIES');
            $req = $this->makeRequest([
                'REMOTE_ADDR'           => '203.0.113.42',
                'HTTP_X_FORWARDED_FOR'  => '198.51.100.7',
            ]);
            self::assertSame('203.0.113.42', $req->ip());
        } finally {
            $prev === false ? putenv('TRUSTED_PROXIES') : putenv('TRUSTED_PROXIES=' . $prev);
        }
    }

    public function testIpHonoursXffWhenRemoteIsTrusted(): void
    {
        $prev = getenv('TRUSTED_PROXIES');
        try {
            putenv('TRUSTED_PROXIES=10.0.0.0/8');
            $req = $this->makeRequest([
                'REMOTE_ADDR'           => '10.0.0.1',
                'HTTP_X_FORWARDED_FOR'  => '198.51.100.7',
            ]);
            self::assertSame('198.51.100.7', $req->ip());
        } finally {
            $prev === false ? putenv('TRUSTED_PROXIES') : putenv('TRUSTED_PROXIES=' . $prev);
        }
    }

    public function testIsHttpsHonoursXfpOnlyFromTrustedProxy(): void
    {
        $prev = getenv('TRUSTED_PROXIES');
        try {
            putenv('TRUSTED_PROXIES=10.0.0.0/8');

            $trustedReq = $this->makeRequest([
                'REMOTE_ADDR'             => '10.0.0.1',
                'HTTP_X_FORWARDED_PROTO'  => 'https',
            ]);
            self::assertTrue($trustedReq->isHttps());

            $untrustedReq = $this->makeRequest([
                'REMOTE_ADDR'             => '203.0.113.5',
                'HTTP_X_FORWARDED_PROTO'  => 'https',
            ]);
            self::assertFalse($untrustedReq->isHttps());
        } finally {
            $prev === false ? putenv('TRUSTED_PROXIES') : putenv('TRUSTED_PROXIES=' . $prev);
        }
    }

    public function testIsHttpsRecognisesDirectTls(): void
    {
        $req = $this->makeRequest(['HTTPS' => 'on']);
        self::assertTrue($req->isHttps());

        $req = $this->makeRequest(['HTTPS' => 'off']);
        self::assertFalse($req->isHttps());
    }

    // ------------------------------------------------------------------
    // R01-N24: body size cap
    // ------------------------------------------------------------------

    public function testMaxBodyBytesCapIsExactlyOneMebibyte(): void
    {
        // Drift fence — bumping this changes a published HTTP contract
        // (clients that rely on the 413 boundary). Update REVIEW_01.md
        // §R01-N24, public/index.php's error message, and any per-cap
        // operator docs alongside the value here.
        self::assertSame(1024 * 1024, Request::MAX_BODY_BYTES);
    }

    public function testBodyTooLargeFlagDefaultsToFalse(): void
    {
        $req = $this->makeRequest([]);
        self::assertFalse($req->bodyTooLarge);
    }

    public function testBodyTooLargeFlagWiresThroughConstructor(): void
    {
        // The front controller (`public/index.php`) reads this property to
        // emit a 413 before dispatch. A future refactor must not lose the
        // wiring or the cap silently disappears.
        $req = new Request(
            method:       'POST',
            path:         '/sprints/1/week-cells',
            query:        [],
            post:         [],
            rawBody:      '',
            headers:      [],
            server:       [],
            bodyTooLarge: true,
        );
        self::assertTrue($req->bodyTooLarge);
    }

    public function testJsonReturnsNullWhenBodyWasOversized(): void
    {
        // `fromGlobals()` blanks `rawBody` once it decides the request was
        // oversized, so the existing `json()` parser naturally returns null.
        // Pin that downstream-safety contract — controllers that fall back
        // to `?? []` continue to work; the front-controller 413 has
        // already replied so this branch should never run in production,
        // but defending against a misuse path is cheap.
        $req = new Request(
            method:       'POST',
            path:         '/x',
            query:        [],
            post:         [],
            rawBody:      '',
            headers:      ['content-type' => 'application/json'],
            server:       [],
            bodyTooLarge: true,
        );
        self::assertNull($req->json());
    }
}