AssertHttpsUsedOnBackend.php

Go to the documentation of this file.

<?php
namespace Magento\Backend\Test\Constraint;

use Magento\Mtf\Constraint\AbstractConstraint;
use Magento\Mtf\Client\BrowserInterface;
use Magento\Backend\Test\Page\Adminhtml\Dashboard;

class AssertHttpsUsedOnBackend extends AbstractConstraint
{
    const SCHEME_HTTP  = 'http';
    const SCHEME_HTTPS = 'https';

    protected $browser;

    public function processAssert(BrowserInterface $browser, Dashboard $adminDashboardPage, $navMenuPath)
    {
        $this->browser = $browser;

        // Open specified Admin page using Navigation Menu to assert that JS is deployed validly as a part of statics.
        $adminDashboardPage->open()->getMenuBlock()->navigate($navMenuPath);
        $this->assertUsedProtocol(self::SCHEME_HTTPS);
        $this->assertDirectHttpUnavailable();
    }

    protected function assertUsedProtocol($expectedProtocol)
    {
        if (substr($expectedProtocol, -3) !== "://") {
            $expectedProtocol .= '://';
        }

        \PHPUnit\Framework\Assert::assertStringStartsWith(
            $expectedProtocol,
            $this->browser->getUrl(),
            "$expectedProtocol is not used."
        );
    }

    protected function assertDirectHttpUnavailable()
    {
        $fakeUrl = str_replace(self::SCHEME_HTTPS, self::SCHEME_HTTP, $this->browser->getUrl());
        $this->browser->open($fakeUrl);
        \PHPUnit\Framework\Assert::assertStringStartsWith(
            self::SCHEME_HTTPS,
            $this->browser->getUrl(),
            'Merchant is not redirected to https if tries to access the Admin panel page directly via http.'
        );
    }

    public function toString()
    {
        return 'Secured URLs are used for Admin panel pages.';
    }
}