add tests for Acl\Domain\(Mutable)Acl
This commit is contained in:
Toni Uebernickel
parent
c886302624
commit
747ce485ae
|
|
@ -77,7 +77,7 @@ class MutableAcl extends Acl implements MutableAclInterface
|
|||
* @param boolean $inherited
|
||||
* @param PropelPDO $con
|
||||
*/
|
||||
public function __construct(PropelCollection $entries, ObjectIdentityInterface $objectIdentity, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $loadedSecurityIdentities = array(), AclInterface $parentAcl = null, $inherited = false, PropelPDO $con = null)
|
||||
public function __construct(PropelCollection $entries, ObjectIdentityInterface $objectIdentity, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $loadedSecurityIdentities = array(), AclInterface $parentAcl = null, $inherited = true, PropelPDO $con = null)
|
||||
{
|
||||
parent::__construct($entries, $objectIdentity, $permissionGrantingStrategy, $loadedSecurityIdentities, $parentAcl, $inherited);
|
||||
|
||||
|
|
|
|||
208
Tests/Security/Acl/Domain/AclTest.php
Normal file
208
Tests/Security/Acl/Domain/AclTest.php
Normal file
|
|
@ -0,0 +1,208 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* This file is part of the PropelBundle package.
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*
|
||||
* @license MIT License
|
||||
*/
|
||||
|
||||
namespace Propel\PropelBundle\Tests\Security\Acl\Domain;
|
||||
|
||||
use PropelCollection;
|
||||
|
||||
use Propel\PropelBundle\Model\Acl\Entry;
|
||||
use Propel\PropelBundle\Model\Acl\SecurityIdentity;
|
||||
|
||||
use Propel\PropelBundle\Security\Acl\Domain\Acl;
|
||||
|
||||
use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy;
|
||||
|
||||
use Propel\PropelBundle\Tests\AclTestCase;
|
||||
|
||||
/**
|
||||
* @author Toni Uebernickel <tuebernickel@gmail.com>
|
||||
*/
|
||||
class AclTest extends AclTestCase
|
||||
{
|
||||
public function testConstructorInvalidCollection()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\AclClass');
|
||||
|
||||
$this->setExpectedException('Symfony\Component\Security\Acl\Exception\Exception');
|
||||
new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
}
|
||||
|
||||
public function testConstructorEmptyCollection()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$aclObj = $this->getAclObjectIdentity();
|
||||
$acl = new Acl($collection, $aclObj, new PermissionGrantingStrategy());
|
||||
|
||||
$this->assertEmpty($acl->getClassAces());
|
||||
$this->assertEmpty($acl->getObjectAces());
|
||||
$this->assertEmpty($acl->getFields());
|
||||
$this->assertNull($acl->getParentAcl());
|
||||
$this->assertSame($aclObj, $acl->getObjectIdentity());
|
||||
$this->assertTrue($acl->isEntriesInheriting());
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends testConstructorEmptyCollection
|
||||
*/
|
||||
public function testConstructorWithAces()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$obj = $this->createModelObjectIdentity(1);
|
||||
|
||||
// object based ACE
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setObjectIdentity($obj)
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity()))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
// object field based ACE
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setObjectIdentity($obj)
|
||||
->setFieldName('name')
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity()))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
// class based ACE
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity()))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
// class field based ACE
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setFieldName('name')
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity()))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
$this->assertNotEmpty($acl->getClassAces());
|
||||
$this->assertNotEmpty($acl->getObjectAces());
|
||||
$this->assertEquals(array('name'), $acl->getFields());
|
||||
$this->assertNotEmpty($acl->getClassFieldAces('name'));
|
||||
$this->assertNotEmpty($acl->getObjectFieldAces('name'));
|
||||
|
||||
$classAces = $acl->getClassAces();
|
||||
$objectAces = $acl->getObjectAces();
|
||||
$classFieldAces = $acl->getClassFieldAces('name');
|
||||
$objectFieldAces = $acl->getObjectFieldAces('name');
|
||||
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\Entry', $classAces[0]);
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\Entry', $objectAces[0]);
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\FieldEntry', $classFieldAces[0]);
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\FieldEntry', $objectFieldAces[0]);
|
||||
|
||||
$this->assertSame($acl, $classAces[0]->getAcl());
|
||||
$this->assertSame($acl, $objectAces[0]->getAcl());
|
||||
$this->assertSame($acl, $classFieldAces[0]->getAcl());
|
||||
$this->assertSame($acl, $objectFieldAces[0]->getAcl());
|
||||
|
||||
$this->assertEquals('name', $classFieldAces[0]->getField());
|
||||
$this->assertEquals('name', $objectFieldAces[0]->getField());
|
||||
}
|
||||
|
||||
public function testIsSidLoadedNoneLoaded()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
|
||||
$this->assertFalse($acl->isSidLoaded($this->getRoleSecurityIdentity()));
|
||||
}
|
||||
|
||||
public function testIsSidLoadedInvalid()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$aclObj = $this->getAclObjectIdentity();
|
||||
$acl = new Acl($collection, $aclObj, new PermissionGrantingStrategy());
|
||||
|
||||
$this->setExpectedException('InvalidArgumentException');
|
||||
$acl->isSidLoaded('foo');
|
||||
}
|
||||
|
||||
public function testIsGrantedNoAces()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
|
||||
$this->setExpectedException('Symfony\Component\Security\Acl\Exception\NoAceFoundException');
|
||||
$acl->isGranted(array(64), array($this->getRoleSecurityIdentity()));
|
||||
}
|
||||
|
||||
public function testIsGrantedNoMatchingSecurityIdentity()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity('ROLE_ADMIN')))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
|
||||
$this->setExpectedException('Symfony\Component\Security\Acl\Exception\NoAceFoundException');
|
||||
$acl->isGranted(array(64), array($this->getRoleSecurityIdentity('ROLE_USER')));
|
||||
}
|
||||
|
||||
public function testIsFieldGrantedNoAces()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
|
||||
$this->setExpectedException('Symfony\Component\Security\Acl\Exception\NoAceFoundException');
|
||||
$acl->isFieldGranted('name', array(64), array($this->getRoleSecurityIdentity()));
|
||||
}
|
||||
|
||||
public function testSerializeUnserialize()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity('ROLE_ADMIN')))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
$acl = new Acl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
$serialized = serialize($acl);
|
||||
$unserialized = unserialize($serialized);
|
||||
|
||||
$this->assertNotEmpty($serialized);
|
||||
$this->assertNotEmpty($unserialized);
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\Acl', $unserialized);
|
||||
$this->assertEquals($serialized, serialize($unserialized));
|
||||
}
|
||||
}
|
||||
278
Tests/Security/Acl/Domain/MutableAclTest.php
Normal file
278
Tests/Security/Acl/Domain/MutableAclTest.php
Normal file
|
|
@ -0,0 +1,278 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* This file is part of the PropelBundle package.
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*
|
||||
* @license MIT License
|
||||
*/
|
||||
|
||||
namespace Propel\PropelBundle\Tests\Security\Acl\Domain;
|
||||
|
||||
use PropelCollection;
|
||||
|
||||
use Propel\PropelBundle\Model\Acl\Entry;
|
||||
use Propel\PropelBundle\Model\Acl\SecurityIdentity;
|
||||
|
||||
use Propel\PropelBundle\Security\Acl\Domain\MutableAcl;
|
||||
|
||||
use Symfony\Component\Security\Acl\Model\AclInterface;
|
||||
use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy;
|
||||
|
||||
use Propel\PropelBundle\Tests\AclTestCase;
|
||||
|
||||
/**
|
||||
* @author Toni Uebernickel <tuebernickel@gmail.com>
|
||||
*/
|
||||
class MutableAclTest extends AclTestCase
|
||||
{
|
||||
public function testConstructorInvalidCollection()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\AclClass');
|
||||
|
||||
$this->setExpectedException('Symfony\Component\Security\Acl\Exception\Exception');
|
||||
new MutableAcl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy(), array(), null, false, $this->con);
|
||||
}
|
||||
|
||||
public function testConstructorEmptyCollection()
|
||||
{
|
||||
$acl = $this->createEmptyAcl(1, array(), null, false);
|
||||
|
||||
$this->assertEquals(1, $acl->getId());
|
||||
$this->assertEmpty($acl->getClassAces());
|
||||
$this->assertEmpty($acl->getObjectAces());
|
||||
$this->assertEmpty($acl->getFields());
|
||||
$this->assertNull($acl->getParentAcl());
|
||||
$this->assertFalse($acl->isEntriesInheriting());
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends testConstructorEmptyCollection
|
||||
*/
|
||||
public function testSetUnsetParentAcl()
|
||||
{
|
||||
$parentAcl = $this->createEmptyAcl(1);
|
||||
$acl = $this->createEmptyAcl(2);
|
||||
|
||||
$acl->setParentAcl($parentAcl);
|
||||
$acl->setEntriesInheriting(true);
|
||||
|
||||
$this->assertSame($parentAcl, $acl->getParentAcl());
|
||||
$this->assertTrue($acl->isEntriesInheriting());
|
||||
$this->assertEquals(1, $acl->getParentAcl()->getId());
|
||||
|
||||
$acl->setParentAcl(null);
|
||||
$this->assertNull($acl->getParentAcl());
|
||||
}
|
||||
|
||||
public function testInsertAceInvalidMask()
|
||||
{
|
||||
$acl = $this->createEmptyAcl();
|
||||
$this->setExpectedException('InvalidArgumentException', 'The given mask is not valid. Please provide an integer.');
|
||||
$acl->insertClassAce($this->getRoleSecurityIdentity(), 'foo');
|
||||
}
|
||||
|
||||
public function testInsertAceOutofBounds()
|
||||
{
|
||||
$acl = $this->createEmptyAcl();
|
||||
$this->setExpectedException('OutOfBoundsException', 'The index must be in the interval [0, 0].');
|
||||
$acl->insertClassAce($this->getRoleSecurityIdentity(), 64, 1);
|
||||
}
|
||||
|
||||
public function insertAceProvider()
|
||||
{
|
||||
return array(
|
||||
array('ClassAce'),
|
||||
array('ClassFieldAce', 'name'),
|
||||
array('ObjectAce'),
|
||||
array('ObjectFieldAce', 'name'),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider insertAceProvider
|
||||
*/
|
||||
public function testInsertFirstAce($type, $field = null)
|
||||
{
|
||||
$acl = $this->createEmptyAcl();
|
||||
|
||||
if (null !== $field) {
|
||||
$acl->{'insert'.$type}($field, $this->getRoleSecurityIdentity(), 64);
|
||||
$aces = $acl->{'get'.$type.'s'}($field);
|
||||
} else {
|
||||
$acl->{'insert'.$type}($this->getRoleSecurityIdentity(), 64);
|
||||
$aces = $acl->{'get'.$type.'s'}();
|
||||
}
|
||||
|
||||
$this->assertNotEmpty($aces);
|
||||
$this->assertCount(1, $aces);
|
||||
$this->assertEquals($this->getRoleSecurityIdentity(), $aces[0]->getSecurityIdentity());
|
||||
$this->assertEquals(64, $aces[0]->getMask());
|
||||
$this->assertTrue($aces[0]->isGranting());
|
||||
$this->assertNull($aces[0]->getId());
|
||||
$this->assertEquals('all', $aces[0]->getStrategy());
|
||||
|
||||
if (null !== $field) {
|
||||
$this->assertEquals($field, $aces[0]->getField());
|
||||
}
|
||||
}
|
||||
|
||||
public function testUpdateAceInvalidIndex()
|
||||
{
|
||||
$acl = $this->createEmptyAcl();
|
||||
$this->setExpectedException('OutOfBoundsException');
|
||||
$acl->updateClassAce(0, 64);
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends testInsertFirstAce
|
||||
*/
|
||||
public function testUpdateFieldAceInvalidField()
|
||||
{
|
||||
$acl = $this->createEmptyAcl();
|
||||
$acl->insertClassAce($this->getRoleSecurityIdentity(), 64);
|
||||
|
||||
$this->setExpectedException('InvalidArgumentException', 'The given field "name" does not exist.');
|
||||
$acl->updateClassFieldAce(0, 'name', 128);
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends testInsertFirstAce
|
||||
*/
|
||||
public function testInsertUpdateDelete()
|
||||
{
|
||||
$secIdentity = $this->getRoleSecurityIdentity();
|
||||
|
||||
$acl = $this->createEmptyAcl();
|
||||
|
||||
// insert
|
||||
|
||||
$acl->insertClassAce($secIdentity, 64);
|
||||
$acl->insertClassFieldAce('name', $secIdentity, 32);
|
||||
$acl->insertObjectAce($secIdentity, 128);
|
||||
$acl->insertObjectFieldAce('name', $secIdentity, 16, 0, false);
|
||||
|
||||
$classAces = $acl->getClassAces();
|
||||
$classFieldAces = $acl->getClassFieldAces('name');
|
||||
$objectAces = $acl->getObjectAces();
|
||||
$objectFieldAces = $acl->getObjectFieldAces('name');
|
||||
|
||||
$this->assertCount(1, $classAces);
|
||||
$this->assertCount(1, $classFieldAces);
|
||||
$this->assertCount(1, $objectAces);
|
||||
$this->assertCount(1, $objectFieldAces);
|
||||
$this->assertEquals(array('name'), $acl->getFields());
|
||||
|
||||
$this->assertEquals(64, $classAces[0]->getMask());
|
||||
$this->assertEquals(32, $classFieldAces[0]->getMask());
|
||||
$this->assertEquals(128, $objectAces[0]->getMask());
|
||||
$this->assertEquals(16, $objectFieldAces[0]->getMask());
|
||||
|
||||
$this->assertEquals('all', $classAces[0]->getStrategy());
|
||||
$this->assertEquals('all', $classFieldAces[0]->getStrategy());
|
||||
$this->assertEquals('all', $objectAces[0]->getStrategy());
|
||||
$this->assertEquals('any', $objectFieldAces[0]->getStrategy());
|
||||
|
||||
$this->assertFalse($objectFieldAces[0]->isGranting());
|
||||
|
||||
// update
|
||||
|
||||
$acl->updateClassAce(0, 256);
|
||||
$acl->updateClassFieldAce(0, 'name', 128, 'any');
|
||||
$acl->updateObjectAce(0, 64, 'equal');
|
||||
$acl->updateObjectFieldAce(0, 'name', 32, 'all');
|
||||
|
||||
$this->assertCount(1, $classAces);
|
||||
$this->assertCount(1, $classFieldAces);
|
||||
$this->assertCount(1, $objectAces);
|
||||
$this->assertCount(1, $objectFieldAces);
|
||||
|
||||
$classAces = $acl->getClassAces();
|
||||
$classFieldAces = $acl->getClassFieldAces('name');
|
||||
$objectAces = $acl->getObjectAces();
|
||||
$objectFieldAces = $acl->getObjectFieldAces('name');
|
||||
|
||||
$this->assertEquals(256, $classAces[0]->getMask());
|
||||
$this->assertEquals(128, $classFieldAces[0]->getMask());
|
||||
$this->assertEquals(64, $objectAces[0]->getMask());
|
||||
$this->assertEquals(32, $objectFieldAces[0]->getMask());
|
||||
|
||||
$this->assertEquals('all', $classAces[0]->getStrategy());
|
||||
$this->assertEquals('any', $classFieldAces[0]->getStrategy());
|
||||
$this->assertEquals('equal', $objectAces[0]->getStrategy());
|
||||
$this->assertEquals('all', $objectFieldAces[0]->getStrategy());
|
||||
|
||||
// delete
|
||||
|
||||
$acl->deleteClassAce(0);
|
||||
$acl->deleteClassFieldAce(0, 'name');
|
||||
$acl->deleteObjectAce(0);
|
||||
$acl->deleteObjectFieldAce(0, 'name');
|
||||
|
||||
$classAces = $acl->getClassAces();
|
||||
$classFieldAces = $acl->getClassFieldAces('name');
|
||||
$objectAces = $acl->getObjectAces();
|
||||
$objectFieldAces = $acl->getObjectFieldAces('name');
|
||||
|
||||
$this->assertCount(0, $classAces);
|
||||
$this->assertCount(0, $classFieldAces);
|
||||
$this->assertCount(0, $objectAces);
|
||||
$this->assertCount(0, $objectFieldAces);
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends testInsertUpdateDelete
|
||||
*/
|
||||
public function testUpdatePersistedAceKeepsId()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setId(42)
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity('ROLE_ADMIN')))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
$acl = new MutableAcl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
$acl->updateClassAce(0, 128);
|
||||
|
||||
$aces = $acl->getClassAces();
|
||||
$this->assertEquals(42, $aces[0]->getId());
|
||||
$this->assertEquals(128, $aces[0]->getMask());
|
||||
}
|
||||
|
||||
public function testSerializeUnserialize()
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
$entry = $this->createEntry();
|
||||
$entry
|
||||
->setSecurityIdentity(SecurityIdentity::fromAclIdentity($this->getRoleSecurityIdentity('ROLE_ADMIN')))
|
||||
->setAclClass($this->getAclClass())
|
||||
;
|
||||
$collection->append($entry);
|
||||
|
||||
$acl = new MutableAcl($collection, $this->getAclObjectIdentity(), new PermissionGrantingStrategy());
|
||||
$serialized = serialize($acl);
|
||||
$unserialized = unserialize($serialized);
|
||||
|
||||
$this->assertNotEmpty($serialized);
|
||||
$this->assertNotEmpty($unserialized);
|
||||
$this->assertInstanceOf('Propel\PropelBundle\Security\Acl\Domain\MutableAcl', $unserialized);
|
||||
$this->assertEquals($serialized, serialize($unserialized));
|
||||
}
|
||||
|
||||
protected function createEmptyAcl($identifier = 1, array $securityIdentities = array(), AclInterface $parentAcl = null, $inherited = null)
|
||||
{
|
||||
$collection = new PropelCollection();
|
||||
$collection->setModel('Propel\PropelBundle\Model\Acl\Entry');
|
||||
|
||||
return new MutableAcl($collection, $this->getAclObjectIdentity($identifier), new PermissionGrantingStrategy(), $securityIdentities, $parentAcl, $inherited, $this->con);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue