ea6a359272
* Upd: Add Symfony 4 Compatibility #SymfonyConHackday2017 * Upd: Configure visibility of services for SF4 * Updated composer to allow Symfony 4.0 * Updated composer to allow Symfony 4.0 * PropelBundle for Symfony 4 * Upd: Travis configuration * Upd: PHP 5 not supported anymore by PHPUnit * Upd: Removing old SF version + PHPUnit correction * * Removed param that was removed in symfony/yaml afb873f * Updated format of object dumping as deprecated tags using colon symfony/yaml 38d3087 * * Added commands to console.xml as symfony no longer auto registers bundle commands * Updated two services to public * * Removed deprecated getMock calls for new createMock calls. * * Add stub for additional abstract method * * Updated schema locator test * reverted unnecessary changes to abstract command and schemal locator * Added fixtures for schema testing. * * Updated schema locator test * reverted unnecessary changes to abstract command and schemal locator * Added fixtures for schema testing. * * Removed unnecessary default for services * Updated readme to reflect symfony version support
322 lines
12 KiB
PHP
322 lines
12 KiB
PHP
<?php
|
|
|
|
/**
|
|
* This file is part of the PropelBundle package.
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*
|
|
* @license MIT License
|
|
*/
|
|
|
|
namespace Propel\Bundle\PropelBundle\Tests\Security\Acl;
|
|
|
|
use Propel\Runtime\ActiveQuery\Criteria;
|
|
|
|
use Propel\Bundle\PropelBundle\Model\Acl\EntryQuery;
|
|
use Propel\Bundle\PropelBundle\Model\Acl\ObjectIdentityQuery;
|
|
|
|
use Propel\Bundle\PropelBundle\Tests\AclTestCase;
|
|
use Propel\Bundle\PropelBundle\Tests\Fixtures\Acl\ArrayCache as AclCache;
|
|
|
|
/**
|
|
* @author Toni Uebernickel <tuebernickel@gmail.com>
|
|
*/
|
|
class MutableAclProviderTest extends AclTestCase
|
|
{
|
|
public function testCreateAcl()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
|
|
$this->assertNotEmpty($acl);
|
|
$this->assertInstanceOf('Propel\Bundle\PropelBundle\Security\Acl\Domain\MutableAcl', $acl);
|
|
$this->assertEquals(1, $acl->getId());
|
|
|
|
$this->assertEmpty($acl->getClassAces());
|
|
$this->assertEmpty($acl->getObjectAces());
|
|
$this->assertEmpty($acl->getFields());
|
|
}
|
|
|
|
/**
|
|
* @depends testCreateAcl
|
|
*/
|
|
public function testUpdateAclCreatesInsertedAces()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$acl->insertClassFieldAce('name', $this->getRoleSecurityIdentity('ROLE_ADMIN'), 128);
|
|
|
|
$this->assertCount(1, $acl->getObjectAces());
|
|
$this->assertEquals(array('name'), $acl->getFields());
|
|
$this->assertCount(1, $acl->getClassFieldAces('name'));
|
|
|
|
$this->assertEquals(0, EntryQuery::create()->count($this->con));
|
|
$this->assertTrue($this->getAclProvider()->updateAcl($acl));
|
|
$this->assertEquals(2, EntryQuery::create()->count($this->con));
|
|
|
|
$acl = $this->getAclProvider()->findAcl($this->getAclObjectIdentity(1));
|
|
$this->assertInstanceOf('Propel\Bundle\PropelBundle\Security\Acl\Domain\MutableAcl', $acl);
|
|
|
|
$objAces = $acl->getObjectAces();
|
|
$this->assertCount(1, $objAces);
|
|
|
|
$entry = $objAces[0];
|
|
$this->assertInstanceOf('Propel\Bundle\PropelBundle\Security\Acl\Domain\Entry', $entry);
|
|
$this->assertEquals(64, $entry->getMask());
|
|
$this->assertEquals($this->getRoleSecurityIdentity(), $entry->getSecurityIdentity());
|
|
|
|
$classFieldAces = $acl->getClassFieldAces('name');
|
|
$this->assertCount(1, $classFieldAces);
|
|
|
|
$entry = $classFieldAces[0];
|
|
$this->assertInstanceOf('Propel\Bundle\PropelBundle\Security\Acl\Domain\FieldEntry', $entry);
|
|
$this->assertEquals('name', $entry->getField());
|
|
$this->assertEquals(128, $entry->getMask());
|
|
$this->assertEquals($this->getRoleSecurityIdentity('ROLE_ADMIN'), $entry->getSecurityIdentity());
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testCreateAclAlreadyExists()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$this->expectException('Symfony\Component\Security\Acl\Exception\AclAlreadyExistsException');
|
|
$this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testCreateAclWithParent()
|
|
{
|
|
$parentAcl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$parentAcl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$this->getAclProvider()->updateAcl($parentAcl);
|
|
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(2));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 128);
|
|
$acl->setParentAcl($parentAcl);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$entries = ObjectIdentityQuery::create()->orderById(Criteria::ASC)->find($this->con);
|
|
$this->assertCount(2, $entries);
|
|
$this->assertNull($entries[0]->getParentObjectIdentityId());
|
|
$this->assertEquals($entries[0]->getId(), $entries[1]->getParentObjectIdentityId());
|
|
}
|
|
|
|
public function testUpdateAclInvalidAcl()
|
|
{
|
|
$acl = $this->getMockBuilder('Symfony\Component\Security\Acl\Model\MutableAclInterface')->getMock();
|
|
|
|
$this->expectException('InvalidArgumentException');
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testUpdateAclRemovesDeletedEntries()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
|
|
$acl->insertObjectFieldAce('name', $this->getRoleSecurityIdentity(), 4);
|
|
$acl->insertObjectFieldAce('slug', $this->getRoleSecurityIdentity(), 1);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
$this->assertEquals(2, EntryQuery::create()->count($this->con));
|
|
|
|
$acl->deleteObjectFieldAce(0, 'slug');
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
$this->assertEquals(1, EntryQuery::create()->count($this->con));
|
|
|
|
$entry = EntryQuery::create()->findOne($this->con);
|
|
$this->assertEquals('name', $entry->getFieldName());
|
|
$this->assertEquals(4, $entry->getMask());
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testUpdateAclCreatesMultipleAces()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
|
|
$acl->insertObjectFieldAce('name', $this->getRoleSecurityIdentity(), 16, 0, true, 'all');
|
|
$acl->insertObjectFieldAce('name', $this->getRoleSecurityIdentity(), 4);
|
|
$acl->insertObjectFieldAce('slug', $this->getRoleSecurityIdentity(), 1);
|
|
$this->assertCount(2, $acl->getObjectFieldAces('name'));
|
|
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$entries = EntryQuery::create()->orderByMask(Criteria::ASC)->find($this->con);
|
|
$this->assertCount(3, $entries);
|
|
|
|
$slugAce = $entries[0];
|
|
|
|
$this->assertEquals('slug', $slugAce->getFieldName());
|
|
$this->assertEquals(1, $slugAce->getMask());
|
|
|
|
$nameRead = $entries[1];
|
|
$this->assertEquals('name', $nameRead->getFieldName());
|
|
$this->assertEquals(0, $nameRead->getAceOrder());
|
|
$this->assertEquals(4, $nameRead->getMask());
|
|
$this->assertEquals('all', $nameRead->getGrantingStrategy());
|
|
|
|
$nameUndelete = $entries[2];
|
|
$this->assertEquals('name', $nameUndelete->getFieldName());
|
|
$this->assertEquals(1, $nameUndelete->getAceOrder());
|
|
$this->assertEquals(16, $nameUndelete->getMask());
|
|
$this->assertEquals('all', $nameUndelete->getGrantingStrategy());
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testUpdateAclReadsExistingAce()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$entry = EntryQuery::create()->findOne($this->con);
|
|
|
|
$acl = $this->getAclProvider()->findAcl($this->getAclObjectIdentity(1));
|
|
$acl->updateObjectAce(0, 128);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$updatedEntry = clone $entry;
|
|
$updatedEntry->reload(false, $this->con);
|
|
|
|
$this->assertEquals($entry->getId(), $updatedEntry->getId());
|
|
$this->assertEquals(128, $updatedEntry->getMask());
|
|
}
|
|
|
|
public function testDeleteAclNotExisting()
|
|
{
|
|
$this->assertTrue($this->getAclProvider()->deleteAcl($this->getAclObjectIdentity()));
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testDeleteAcl()
|
|
{
|
|
$aclObj = $this->getAclObjectIdentity(1);
|
|
$acl = $this->getAclProvider()->createAcl($aclObj);
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$acl->insertClassFieldAce('name', $this->getRoleSecurityIdentity('ROLE_ADMIN'), 128);
|
|
|
|
$this->assertTrue($this->getAclProvider()->deleteAcl($aclObj));
|
|
$this->assertEquals(0, ObjectIdentityQuery::create()->count($this->con));
|
|
$this->assertEquals(0, EntryQuery::create()->count($this->con));
|
|
}
|
|
|
|
/**
|
|
* @depends testCreateAclWithParent
|
|
*/
|
|
public function testDeleteAclRemovesChildAcl()
|
|
{
|
|
$parentAcl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$parentAcl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$this->getAclProvider()->updateAcl($parentAcl);
|
|
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(2));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 128);
|
|
$acl->setParentAcl($parentAcl);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$this->getAclProvider()->deleteAcl($this->getAclObjectIdentity(1));
|
|
|
|
$this->assertEquals(0, ObjectIdentityQuery::create()->count($this->con));
|
|
}
|
|
|
|
/**
|
|
* @depends testDeleteAcl
|
|
*/
|
|
public function testDeleteAclRemovesClassEntriesIfLastObject()
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity(1));
|
|
$acl->insertClassAce($this->getRoleSecurityIdentity(), 128);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$this->getAclProvider()->deleteAcl($this->getAclObjectIdentity(1));
|
|
$this->assertEquals(0, EntryQuery::create()->count($this->con));
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclCreatesInsertedAces
|
|
*/
|
|
public function testUpdateAclWritesCacheOfNewAcl()
|
|
{
|
|
$this->cache = new AclCache();
|
|
$this->assertEmpty($this->cache->content);
|
|
|
|
$acl = $this->getAcl();
|
|
|
|
$this->assertNotEmpty($this->cache->content);
|
|
$this->assertSame($acl, $this->cache->content[$acl->getId()]);
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclWritesCacheOfNewAcl
|
|
*/
|
|
public function testUpdateAclUpdatesCacheOfAcl()
|
|
{
|
|
$this->cache = new AclCache();
|
|
$acl = $this->getAcl(1);
|
|
|
|
$acl->updateObjectAce(0, 128);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
$objectAces = $this->cache->content[$acl->getId()]->getObjectAces();
|
|
$this->assertEquals(128, $objectAces[0]->getMask());
|
|
}
|
|
|
|
/**
|
|
* @depends testUpdateAclWritesCacheOfNewAcl
|
|
*/
|
|
public function testDeleteAclEvictsFromCache()
|
|
{
|
|
$this->cache = new AclCache();
|
|
|
|
$this->getAcl();
|
|
$this->getAclProvider()->deleteAcl($this->getAclObjectIdentity(1));
|
|
|
|
$this->assertEmpty($this->cache->content);
|
|
}
|
|
|
|
/**
|
|
* @depends testCreateAclWithParent
|
|
* @depends testDeleteAclEvictsFromCache
|
|
*/
|
|
public function testDeleteAclEvictsChildrenFromCache()
|
|
{
|
|
$this->cache = new AclCache();
|
|
|
|
$parentAcl = $this->getAcl(1);
|
|
$childAcl = $this->getAcl(2);
|
|
$grandChildAcl = $this->getAcl(3);
|
|
$grandChildAcl->setParentAcl($childAcl);
|
|
$childAcl->setParentAcl($parentAcl);
|
|
|
|
$this->getAclProvider()->updateAcl($grandChildAcl);
|
|
$this->getAclProvider()->updateAcl($childAcl);
|
|
|
|
$this->assertCount(3, $this->cache->content);
|
|
|
|
$this->getAclProvider()->deleteAcl($this->getAclObjectIdentity(1));
|
|
$this->assertEmpty($this->cache->content);
|
|
}
|
|
|
|
protected function getAcl($identifier = 1)
|
|
{
|
|
$acl = $this->getAclProvider()->createAcl($this->getAclObjectIdentity($identifier));
|
|
$acl->insertObjectAce($this->getRoleSecurityIdentity(), 64);
|
|
$this->getAclProvider()->updateAcl($acl);
|
|
|
|
return $acl;
|
|
}
|
|
}
|