|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
require_once('vendor/autoload.php'); |
|
4
|
|
|
|
|
5
|
|
|
use PhpAbac\AbacFactory; |
|
6
|
|
|
|
|
7
|
|
|
$countries = include('tests/fixtures/countries.php'); |
|
8
|
|
|
$visas = include('tests/fixtures/visas.php'); |
|
9
|
|
|
$users = include('tests/fixtures/users.php'); |
|
10
|
|
|
$vehicles = include('tests/fixtures/vehicles.php'); |
|
11
|
|
|
|
|
12
|
|
|
$abac = AbacFactory::getAbac([__DIR__.'/tests/fixtures/policy_rules.yml']); |
|
13
|
|
|
|
|
14
|
|
|
putenv('SERVICE_STATE=OPEN'); |
|
15
|
|
|
|
|
16
|
|
|
$user1Nationality = $abac->enforce('nationality-access', $users[3], null, [ |
|
17
|
|
|
'cache_result' => true, |
|
18
|
|
|
'cache_lifetime' => 100, |
|
19
|
|
|
'cache_driver' => 'memory' |
|
20
|
|
|
]); |
|
21
|
|
|
|
|
22
|
|
|
if ($user1Nationality === true) { |
|
23
|
|
|
echo("GRANTED : The user 1 is able to be nationalized\n"); |
|
24
|
|
|
} else { |
|
25
|
|
|
echo("FAIL : The system didn't grant access\n"); |
|
26
|
|
|
} |
|
27
|
|
|
|
|
28
|
|
|
$user2Nationality = $abac->enforce('nationality-access', $users[0]); |
|
29
|
|
|
if ($user2Nationality !== true) { |
|
30
|
|
|
echo("DENIED : The user 2 is not able to be nationalized because he hasn't done his JAPD\n"); |
|
31
|
|
|
} else { |
|
32
|
|
|
echo("FAIL : The system didn't deny access\n"); |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
$user1Vehicle = $abac->enforce('vehicle-homologation', $users[0], $vehicles[0], [ |
|
36
|
|
|
'dynamic_attributes' => ['proprietaire' => 1] |
|
37
|
|
|
]); |
|
38
|
|
|
if ($user1Vehicle === true) { |
|
39
|
|
|
echo("GRANTED : The vehicle 1 is able to be approved for the user 1\n"); |
|
40
|
|
|
} else { |
|
41
|
|
|
echo("FAIL : The system didn't grant access\n"); |
|
42
|
|
|
} |
|
43
|
|
|
$user3Vehicle = $abac->enforce('vehicle-homologation', $users[2], $vehicles[1], [ |
|
44
|
|
|
'dynamic_attributes' => ['proprietaire' => 3] |
|
45
|
|
|
]); |
|
46
|
|
|
if ($user3Vehicle !== true) { |
|
47
|
|
|
echo("DENIED : The vehicle 2 is not approved for the user 3 because its last technical review is too old\n"); |
|
48
|
|
|
} else { |
|
49
|
|
|
echo("FAIL : The system didn't deny access\n"); |
|
50
|
|
|
} |
|
51
|
|
|
$user4Vehicle = $abac->enforce('vehicle-homologation', $users[3], $vehicles[3], [ |
|
52
|
|
|
'dynamic_attributes' => ['proprietaire' => 4] |
|
53
|
|
|
]); |
|
54
|
|
|
if ($user4Vehicle !== true) { |
|
55
|
|
|
echo("DENIED : The vehicle 4 is not able to be approved for the user 4 because he has no driving license\n"); |
|
56
|
|
|
} else { |
|
57
|
|
|
echo("FAIL : The system didn't deny access\n"); |
|
58
|
|
|
} |
|
59
|
|
|
$user5Vehicle = $abac->enforce('vehicle-homologation', $users[3], $vehicles[3], [ |
|
60
|
|
|
'dynamic_attributes' => ['proprietaire' => 1] |
|
61
|
|
|
]); |
|
62
|
|
|
if ($user5Vehicle !== true) { |
|
63
|
|
|
echo("DENIED : The vehicle 4 is not able to be approved for the user 2 because he doesn't own the vehicle\n"); |
|
64
|
|
|
} else { |
|
65
|
|
|
echo("FAIL : The system didn't deny access\n"); |
|
66
|
|
|
} |
|
67
|
|
|
$userTravel1 = $abac->enforce('travel-to-foreign-country', $users[0], null, [ |
|
68
|
|
|
'dynamic_attributes' => [ |
|
69
|
|
|
'code-pays' => 'US' |
|
70
|
|
|
] |
|
71
|
|
|
]); |
|
72
|
|
|
if ($userTravel1 !== true) { |
|
73
|
|
|
echo("DENIED: The user 1 is not allowed to travel to the USA because he doesn't have an US visa\n"); |
|
74
|
|
|
} else { |
|
75
|
|
|
echo('FAIL: The system didn\'t deny access'); |
|
76
|
|
|
} |
|
77
|
|
|
$userTravel2 = $abac->enforce('travel-to-foreign-country', $users[1], null, [ |
|
78
|
|
|
'dynamic_attributes' => [ |
|
79
|
|
|
'code-pays' => 'US' |
|
80
|
|
|
] |
|
81
|
|
|
]); |
|
82
|
|
|
if ($userTravel2 === true) { |
|
83
|
|
|
echo("GRANTED: The user 2 is allowed to travel to the USA\n"); |
|
84
|
|
|
} else { |
|
85
|
|
|
echo('FAIL: The system didn\'t grant access'); |
|
86
|
|
|
} |
|
87
|
|
|
|
CraftCamp /
php-abac
