migrate security annotations, please review

author: Bernhard Posselt <dev@bernhard-posselt.com> 2014-04-09 01:59:42 +0200
committer: Bernhard Posselt <dev@bernhard-posselt.com> 2014-04-09 22:52:27 +0200
commit: 4637dcc4587ed0c3b1695568a3c8a3853d695c5d (patch)
tree: e1778a3ddbaa95568ab90c211d49925f4946d157
parent: 6d365e8083ecf67212203fe86fd1e1bf2b4ac281 (diff)
21 files changed, 109 insertions, 236 deletions
diff --git a/api/feedapi.php b/api/feedapi.php
index e77efef2e..0d9d158f1 100644
--- a/api/feedapi.php
+++ b/api/feedapi.php
@@ -59,10 +59,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function getAll() {
@@ -88,10 +86,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function create() {
@@ -125,10 +121,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function delete() {
@@ -146,10 +140,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function read() {
@@ -163,10 +155,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function move() {
@@ -185,10 +175,8 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function rename() {
@@ -207,8 +195,7 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function getAllFromAllUsers() {
@@ -227,8 +214,7 @@ class FeedAPI extends Controller {
 
 
 	/**
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function update() {
diff --git a/api/folderapi.php b/api/folderapi.php
index 67efa59ea..ba35462f5 100644
--- a/api/folderapi.php
+++ b/api/folderapi.php
@@ -56,10 +56,8 @@ class FolderAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function getAll() {
@@ -77,10 +75,8 @@ class FolderAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function create() {
@@ -109,11 +105,9 @@ class FolderAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
-	 * @Ajax
 	 */
 	public function delete() {
 		$userId = $this->api->getUserId();
@@ -130,10 +124,8 @@ class FolderAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function update() {
@@ -161,10 +153,8 @@ class FolderAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function read() {
diff --git a/api/itemapi.php b/api/itemapi.php
index 821fdd382..c21b5817f 100644
--- a/api/itemapi.php
+++ b/api/itemapi.php
@@ -49,10 +49,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function getAll() {
@@ -91,10 +89,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function getUpdated() {
@@ -151,10 +147,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function read() {
@@ -163,10 +157,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function unread() {
@@ -175,10 +167,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function star() {
@@ -187,10 +177,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function unstar() {
@@ -199,10 +187,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function readAll() {
@@ -231,10 +217,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function readMultiple() {
@@ -243,10 +227,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function unreadMultiple() {
@@ -272,10 +254,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function starMultiple() {
@@ -284,10 +264,8 @@ class ItemAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function unstarMultiple() {
diff --git a/api/newsapi.php b/api/newsapi.php
index 322defead..151afedf3 100644
--- a/api/newsapi.php
+++ b/api/newsapi.php
@@ -47,10 +47,8 @@ class NewsAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function version() {
@@ -61,8 +59,7 @@ class NewsAPI extends Controller {
 
 
 	/**
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function beforeUpdate() {
@@ -72,8 +69,7 @@ class NewsAPI extends Controller {
 
 
 	/**
-	 * @CSRFExemption
-	 * @Ajax
+	 * @NoCSRFRequired
 	 * @API
 	 */
 	public function afterUpdate() {
@@ -83,11 +79,9 @@ class NewsAPI extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
-	 * @IsLoggedInExemption
-	 * @Ajax
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @PublicPage
 	 */
 	public function cors() {
 		// needed for webapps access due to cross origin request policy
diff --git a/controller/exportcontroller.php b/controller/exportcontroller.php
index e16a5b513..33cb05204 100644
--- a/controller/exportcontroller.php
+++ b/controller/exportcontroller.php
@@ -61,9 +61,8 @@ class ExportController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 */
 	public function opml(){
 		$userId = $this->api->getUserId();
@@ -75,9 +74,8 @@ class ExportController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 */
 	public function articles(){
 		$userId = $this->api->getUserId();
diff --git a/controller/feedcontroller.php b/controller/feedcontroller.php
index 29f60b8ea..76a582139 100644
--- a/controller/feedcontroller.php
+++ b/controller/feedcontroller.php
@@ -59,9 +59,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function feeds(){
 		$userId = $this->api->getUserId();
@@ -84,9 +82,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function active(){
 		$userId = $this->api->getUserId();
@@ -128,9 +124,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function create(){
 		$url = $this->params('url');
@@ -168,9 +162,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function delete(){
 		$feedId = (int) $this->params('feedId');
@@ -188,9 +180,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function update(){
 		try {
@@ -221,9 +211,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function move(){
 		$feedId = (int) $this->params('feedId');
@@ -241,9 +229,7 @@ class FeedController extends Controller {
 	}
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function rename() {
 		$feedId = (int) $this->params('feedId');
@@ -261,9 +247,7 @@ class FeedController extends Controller {
 	}
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function importArticles() {
 		$json = $this->params('json');
@@ -281,9 +265,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function read(){
 		$userId = $this->api->getUserId();
@@ -305,9 +287,7 @@ class FeedController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function restore(){
 		$feedId = (int) $this->params('feedId');
diff --git a/controller/foldercontroller.php b/controller/foldercontroller.php
index 4a133c6b2..332d09974 100644
--- a/controller/foldercontroller.php
+++ b/controller/foldercontroller.php
@@ -58,9 +58,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function folders(){
 		$folders = $this->folderBusinessLayer->findAll($this->api->getUserId());
@@ -80,9 +78,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function open(){
 		try {
@@ -97,9 +93,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function collapse(){
 		try {
@@ -114,9 +108,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function create(){
 		$userId = $this->api->getUserId();
@@ -151,9 +143,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function delete(){
 		$userId = $this->api->getUserId();
@@ -171,9 +161,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function rename(){
 		$userId = $this->api->getUserId();
@@ -206,9 +194,7 @@ class FolderController extends Controller {
 	}
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function read(){
 		$userId = $this->api->getUserId();
@@ -225,9 +211,7 @@ class FolderController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function restore(){
 		$userId = $this->api->getUserId();
diff --git a/controller/itemcontroller.php b/controller/itemcontroller.php
index a813d92ca..2dd919fed 100644
--- a/controller/itemcontroller.php
+++ b/controller/itemcontroller.php
@@ -53,9 +53,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function items(){
 		$userId = $this->api->getUserId();
@@ -94,9 +92,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function newItems() {
 		$userId = $this->api->getUserId();
@@ -132,9 +128,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function star(){
 		try {
@@ -149,9 +143,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function unstar(){
 		try {
@@ -174,9 +166,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function read(){
 		try {
@@ -191,9 +181,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function unread(){
 		try {
@@ -208,9 +196,7 @@ class ItemController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function readAll(){
 		$userId = $this->api->getUserId();
diff --git a/controller/pagecontroller.php b/controller/pagecontroller.php
index f0d6b78e3..0526d79e8 100644
--- a/controller/pagecontroller.php
+++ b/controller/pagecontroller.php
@@ -39,9 +39,8 @@ class PageController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @CSRFExemption
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
 	 */
 	public function index() {
 		return $this->render('main');
diff --git a/controller/usersettingscontroller.php b/controller/usersettingscontroller.php
index 11799aca1..46e003d2c 100644
--- a/controller/usersettingscontroller.php
+++ b/controller/usersettingscontroller.php
@@ -42,9 +42,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function read(){
 		$showAll = $this->api->getUserValue('showAll');
@@ -57,9 +55,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function show(){
 		$this->api->setUserValue('showAll', true);
@@ -69,9 +65,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function hide(){
 		$this->api->setUserValue('showAll', false);
@@ -81,9 +75,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function getLanguage(){
 		$language = $this->api->getTrans()->findLanguage();
@@ -96,9 +88,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function isCompactView(){
 		$compact = $this->api->getUserValue('compact');
@@ -110,9 +100,7 @@ class UserSettingsController extends Controller {
 
 
 	/**
-	 * @IsAdminExemption
-	 * @IsSubAdminExemption
-	 * @Ajax
+	 * @NoAdminRequired
 	 */
 	public function setCompactView(){
 		$isCompact = $this->params('compact');
diff --git a/tests/unit/api/FeedAPITest.php b/tests/unit/api/FeedAPITest.php
index 03dd762cb..935b5214b 100644
--- a/tests/unit/api/FeedAPITest.php
+++ b/tests/unit/api/FeedAPITest.php
@@ -84,8 +84,7 @@ class FeedAPITest extends ControllerTestUtility {
 
 
 	private function assertDefaultAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption',
-			'Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->feedAPI, $methodName, $annotations);
 	}
 
@@ -116,13 +115,13 @@ class FeedAPITest extends ControllerTestUtility {
 
 
 	public function testGetAllFromUsersAnnotations(){
-		$annotations = array('Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->feedAPI, 'getAllFromAllUsers', $annotations);
 	}
 
 
 	public function testUpdateAnnotations(){
-		$annotations = array('Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->feedAPI, 'update', $annotations);
 	}
 
diff --git a/tests/unit/api/FolderAPITest.php b/tests/unit/api/FolderAPITest.php
index 843ac004f..c835e4722 100644
--- a/tests/unit/api/FolderAPITest.php
+++ b/tests/unit/api/FolderAPITest.php
@@ -80,8 +80,7 @@ class FolderAPITest extends ControllerTestUtility {
 
 
 	private function assertDefaultAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption',
-			'Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->folderAPI, $methodName, $annotations);
 	}
 
diff --git a/tests/unit/api/ItemAPITest.php b/tests/unit/api/ItemAPITest.php
index 5bbf7edf1..4c44e37f2 100644
--- a/tests/unit/api/ItemAPITest.php
+++ b/tests/unit/api/ItemAPITest.php
@@ -69,8 +69,7 @@ class ItemAPITest extends ControllerTestUtility {
 
 
 	private function assertDefaultAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption',
-			'Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->itemAPI, $methodName, $annotations);
 	}
 
diff --git a/tests/unit/api/NewsAPITest.php b/tests/unit/api/NewsAPITest.php
index 9fa467913..f0aaf2411 100644
--- a/tests/unit/api/NewsAPITest.php
+++ b/tests/unit/api/NewsAPITest.php
@@ -59,8 +59,7 @@ class NewsAPITest extends ControllerTestUtility {
 
 
 	private function assertDefaultAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption',
-			'Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->newsAPI, $methodName, $annotations);
 	}
 
@@ -69,12 +68,12 @@ class NewsAPITest extends ControllerTestUtility {
 	}
 
 	public function testBeforeUpdateAnnotations(){
-		$annotations = array('Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->newsAPI, 'beforeUpdate', $annotations);
 	}
 
 	public function testAfterUpdateAnnotations(){
-		$annotations = array('Ajax', 'CSRFExemption', 'API');
+		$annotations = array('NoCSRFRequired', 'API');
 		$this->assertAnnotations($this->newsAPI, 'afterUpdate', $annotations);
 	}
 
@@ -109,8 +108,7 @@ class NewsAPITest extends ControllerTestUtility {
 
 
 	public function testCorsAnnotations(){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption',
-			'Ajax', 'CSRFExemption', 'IsLoggedInExemption');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired', 'PublicPage');
 		$this->assertAnnotations($this->newsAPI, 'cors', $annotations);
 	}
 
diff --git a/tests/unit/controller/ExportControllerTest.php b/tests/unit/controller/ExportControllerTest.php
index 0970993ca..b79574ff2 100644
--- a/tests/unit/controller/ExportControllerTest.php
+++ b/tests/unit/controller/ExportControllerTest.php
@@ -73,15 +73,13 @@ class ExportControllerTest extends ControllerTestUtility {
 
 
 	public function testOpmlAnnotations(){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 
-			'CSRFExemption');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired');
 		$this->assertAnnotations($this->controller, 'opml', $annotations);
 	}
 
 
 	public function testArticlesAnnotations(){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 
-			'CSRFExemption');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired');
 		$this->assertAnnotations($this->controller, 'articles', $annotations);
 	}
 
diff --git a/tests/unit/controller/FeedControllerTest.php b/tests/unit/controller/FeedControllerTest.php
index 899cebfc0..ac7b998cb 100644
--- a/tests/unit/controller/FeedControllerTest.php
+++ b/tests/unit/controller/FeedControllerTest.php
@@ -71,7 +71,7 @@ class FeedControllerTest extends ControllerTestUtility {
 	}
 
 	private function assertFeedControllerAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 'Ajax');
+		$annotations = array('NoAdminRequired');
 		$this->assertAnnotations($this->controller, $methodName, $annotations);
 	}
 
diff --git a/tests/unit/controller/FolderControllerTest.php b/tests/unit/controller/FolderControllerTest.php
index 12a9078ea..a26fc3151 100644
--- a/tests/unit/controller/FolderControllerTest.php
+++ b/tests/unit/controller/FolderControllerTest.php
@@ -75,7 +75,7 @@ class FolderControllerTest extends ControllerTestUtility {
 
 
 	private function assertFolderControllerAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 'Ajax');
+		$annotations = array('NoAdminRequired');
 		$this->assertAnnotations($this->controller, $methodName, $annotations);
 	}
 
diff --git a/tests/unit/controller/ItemControllerTest.php b/tests/unit/controller/ItemControllerTest.php
index 14c1a3fa4..8089ed2f1 100644
--- a/tests/unit/controller/ItemControllerTest.php
+++ b/tests/unit/controller/ItemControllerTest.php
@@ -81,7 +81,7 @@ class ItemControllerTest extends ControllerTestUtility {
 
 
 	private function assertItemControllerAnnotations($methodName){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 'Ajax');
+		$annotations = array('NoAdminRequired');
 		$this->assertAnnotations($this->controller, $methodName, $annotations);
 	}
 
diff --git a/tests/unit/controller/PageControllerTest.php b/tests/unit/controller/PageControllerTest.php
index d2cd4b8af..86534e861 100644
--- a/tests/unit/controller/PageControllerTest.php
+++ b/tests/unit/controller/PageControllerTest.php
@@ -51,8 +51,7 @@ class PageControllerTest extends ControllerTestUtility {
 
 
 	public function testOpmlAnnotations(){
-		$annotations = array('IsAdminExemption', 'IsSubAdminExemption', 
-			'CSRFExemption');
+		$annotations = array('NoAdminRequired', 'NoCSRFRequired');
 		$this->assertAnnotations($this->controller, 'index', $annotations);
 	}
 
diff --git a/tests/unit/controller/UserSettingsControllerTest.php b/tests/unit/controller/UserSettingsControllerTest.php
index 9a8dcf5fd..87a898376 100644
--- a/tests/unit/controller/UserSettingsControllerTest.php
+++ b/
author	Bernhard Posselt <dev@bernhard-posselt.com>	2014-04-09 01:59:42 +0200
committer	Bernhard Posselt <dev@bernhard-posselt.com>	2014-04-09 22:52:27 +0200
commit	4637dcc4587ed0c3b1695568a3c8a3853d695c5d (patch)
tree	e1778a3ddbaa95568ab90c211d49925f4946d157
parent	6d365e8083ecf67212203fe86fd1e1bf2b4ac281 (diff)