These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\AdminBundle\Tests\Helper\Security\Acl\Permission; |
||
4 | |||
5 | use Doctrine\Common\Collections\ArrayCollection; |
||
6 | use Doctrine\ORM\EntityManager; |
||
7 | use Doctrine\ORM\EntityRepository; |
||
8 | use Kunstmaan\AdminBundle\Entity\AbstractEntity; |
||
9 | use Kunstmaan\AdminBundle\Entity\Role; |
||
10 | use Kunstmaan\AdminBundle\Entity\User; |
||
11 | use Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\MaskBuilder; |
||
12 | use Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\PermissionAdmin; |
||
13 | use Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\PermissionMapInterface; |
||
14 | use Kunstmaan\NodeBundle\Entity\Node; |
||
15 | use Kunstmaan\UtilitiesBundle\Helper\Shell\Shell; |
||
16 | use PHPUnit\Framework\TestCase; |
||
17 | use ReflectionClass; |
||
18 | use Symfony\Component\EventDispatcher\EventDispatcherInterface; |
||
19 | use Symfony\Component\HttpFoundation\Request; |
||
20 | use Symfony\Component\HttpKernel\KernelInterface; |
||
21 | use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity; |
||
22 | use Symfony\Component\Security\Acl\Exception\AclNotFoundException; |
||
23 | use Symfony\Component\Security\Acl\Model\AclInterface; |
||
24 | use Symfony\Component\Security\Acl\Model\AclProviderInterface; |
||
25 | use Symfony\Component\Security\Acl\Model\AuditableEntryInterface; |
||
26 | use Symfony\Component\Security\Acl\Model\MutableAclInterface; |
||
27 | use Symfony\Component\Security\Acl\Model\MutableAclProviderInterface; |
||
28 | use Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface; |
||
29 | use Symfony\Component\Security\Acl\Model\SecurityIdentityInterface; |
||
30 | use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; |
||
31 | use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; |
||
32 | use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; |
||
33 | |||
34 | class PermissionAdminTest extends TestCase |
||
35 | { |
||
36 | /** |
||
37 | * @var PermissionAdmin |
||
38 | */ |
||
39 | protected $object; |
||
40 | |||
41 | public function testInitialize() |
||
42 | { |
||
43 | $object = $this->getInitializedPermissionAdmin(); |
||
44 | $this->assertEquals(array('ROLE_TEST' => new MaskBuilder(1)), $object->getPermissions()); |
||
45 | } |
||
46 | |||
47 | public function testGetPermissionWithString() |
||
48 | { |
||
49 | $object = $this->getInitializedPermissionAdmin(); |
||
50 | $this->assertEquals(new MaskBuilder(1), $object->getPermission('ROLE_TEST')); |
||
51 | } |
||
52 | |||
53 | public function testGetPermissionWithRoleObject() |
||
54 | { |
||
55 | $object = $this->getInitializedPermissionAdmin(); |
||
56 | |||
57 | $role = $this->createMock('Symfony\Component\Security\Core\Role\Role'); |
||
58 | $role->expects($this->once()) |
||
59 | ->method('getRole') |
||
60 | ->will($this->returnValue('ROLE_TEST')); |
||
61 | $this->assertEquals(new MaskBuilder(1), $object->getPermission($role)); |
||
62 | } |
||
63 | |||
64 | public function testGetPermissionWithUnknownRole() |
||
65 | { |
||
66 | $object = $this->getInitializedPermissionAdmin(); |
||
67 | $this->assertNull($object->getPermission('ROLE_UNKNOWN')); |
||
68 | } |
||
69 | |||
70 | public function testGetAllRoles() |
||
71 | { |
||
72 | $roleRepo = $this->getMockBuilder('Doctrine\ORM\EntityRepository') |
||
73 | ->disableOriginalConstructor() |
||
74 | ->getMock(); |
||
75 | $roleRepo->expects($this->once()) |
||
76 | ->method('findAll') |
||
77 | ->will($this->returnValue(null)); |
||
78 | |||
79 | $em = $this->getEntityManager(); |
||
80 | $em->expects($this->once()) |
||
81 | ->method('getRepository') |
||
82 | ->with(Role::class) |
||
83 | ->will($this->returnValue($roleRepo)); |
||
84 | $context = $this->getTokenStorage(); |
||
85 | $aclProvider = $this->getAclProvider(); |
||
86 | $retrievalStrategy = $this->getOidRetrievalStrategy(); |
||
87 | $dispatcher = $this->getEventDispatcher(); |
||
88 | $shell = $this->getShell(); |
||
89 | $kernel = $this->getKernel(); |
||
90 | $object = new PermissionAdmin($em, $context, $aclProvider, $retrievalStrategy, $dispatcher, $shell, $kernel); |
||
91 | |||
92 | $this->assertNull($object->getAllRoles()); |
||
93 | } |
||
94 | |||
95 | public function testGetPossiblePermissions() |
||
96 | { |
||
97 | $em = $this->getEntityManager(); |
||
98 | $context = $this->getTokenStorage(); |
||
99 | $aclProvider = $this->getAclProvider(); |
||
100 | $retrievalStrategy = $this->getOidRetrievalStrategy(); |
||
101 | $retrievalStrategy |
||
102 | ->expects($this->once()) |
||
103 | ->method('getObjectIdentity') |
||
104 | ->will($this->throwException(new \Symfony\Component\Security\Acl\Exception\AclNotFoundException())); |
||
105 | $dispatcher = $this->getEventDispatcher(); |
||
106 | $shell = $this->getShell(); |
||
107 | $kernel = $this->getKernel(); |
||
108 | $object = new PermissionAdmin($em, $context, $aclProvider, $retrievalStrategy, $dispatcher, $shell, $kernel); |
||
109 | |||
110 | $permissions = array('PERMISSION1', 'PERMISSION2'); |
||
111 | $permissionMap = $this->createMock('Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\PermissionMapInterface'); |
||
112 | $permissionMap |
||
113 | ->expects($this->any()) |
||
114 | ->method('getPossiblePermissions') |
||
115 | ->will($this->returnValue($permissions)); |
||
116 | $entity = $this->getEntity(); |
||
117 | /* @var $permissionMap PermissionMapInterface */ |
||
118 | $object->initialize($entity, $permissionMap); |
||
119 | $this->assertEquals($permissions, $object->getPossiblePermissions()); |
||
120 | } |
||
121 | |||
122 | public function testCreateAclChangeset() |
||
123 | { |
||
124 | $em = $this->getEntityManager(); |
||
125 | $em->expects($this->once()) |
||
126 | ->method('persist') |
||
127 | ->with($this->isInstanceOf('Kunstmaan\AdminBundle\Entity\AclChangeset')); |
||
128 | $em->expects($this->once()) |
||
129 | ->method('flush'); |
||
130 | $context = $this->getTokenStorage(); |
||
131 | $aclProvider = $this->getAclProvider(); |
||
132 | $retrievalStrategy = $this->getOidRetrievalStrategy(); |
||
133 | $dispatcher = $this->getEventDispatcher(); |
||
134 | $shell = $this->getShell(); |
||
135 | $kernel = $this->getKernel(); |
||
136 | $object = new PermissionAdmin($em, $context, $aclProvider, $retrievalStrategy, $dispatcher, $shell, $kernel); |
||
137 | |||
138 | $entity = $this->getEntity(); |
||
139 | /* @var $user User */ |
||
140 | $user = $this->getMockBuilder('Kunstmaan\AdminBundle\Entity\User') |
||
141 | ->disableOriginalConstructor() |
||
142 | ->getMock(); |
||
143 | |||
144 | $object->createAclChangeSet($entity, array(), $user); |
||
145 | } |
||
146 | |||
147 | /** |
||
148 | * Return entity manager mock |
||
149 | * |
||
150 | * @return EntityManager |
||
151 | */ |
||
152 | public function getEntityManager() |
||
153 | { |
||
154 | return $this->getMockBuilder('Doctrine\ORM\EntityManager') |
||
155 | ->disableOriginalConstructor() |
||
156 | ->getMock(); |
||
157 | } |
||
158 | |||
159 | /** |
||
160 | * Return alc provider mock |
||
161 | * |
||
162 | * @return AclProviderInterface |
||
163 | */ |
||
164 | public function getAclProvider() |
||
165 | { |
||
166 | return $this->createMock('Symfony\Component\Security\Acl\Model\MutableAclProviderInterface'); |
||
167 | } |
||
168 | |||
169 | /** |
||
170 | * Return security token storage |
||
171 | * |
||
172 | * @return TokenStorageInterface |
||
0 ignored issues
–
show
|
|||
173 | */ |
||
174 | public function getTokenStorage() |
||
175 | { |
||
176 | return $this->createMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); |
||
177 | } |
||
178 | |||
179 | /** |
||
180 | * Return oid retrieval strategy mock |
||
181 | * |
||
182 | * @return ObjectIdentityRetrievalStrategyInterface |
||
183 | */ |
||
184 | public function getOidRetrievalStrategy() |
||
185 | { |
||
186 | return $this->createMock('Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface'); |
||
187 | } |
||
188 | |||
189 | /** |
||
190 | * Return event dispatcher mock |
||
191 | * |
||
192 | * @return EventDispatcherInterface |
||
193 | */ |
||
194 | public function getEventDispatcher() |
||
195 | { |
||
196 | return $this->createMock('Symfony\Component\EventDispatcher\EventDispatcher'); |
||
197 | } |
||
198 | |||
199 | /** |
||
200 | * @return Shell |
||
201 | */ |
||
202 | public function getShell() |
||
203 | { |
||
204 | return new Shell(); |
||
205 | } |
||
206 | |||
207 | /** |
||
208 | * @return KernelInterface |
||
209 | */ |
||
210 | public function getKernel() |
||
211 | { |
||
212 | return $this->createMock('Symfony\Component\HttpKernel\KernelInterface'); |
||
213 | } |
||
214 | |||
215 | /** |
||
216 | * Return permission admin mock |
||
217 | * |
||
218 | * @return PermissionAdmin |
||
219 | */ |
||
220 | public function getPermissionAdmin() |
||
221 | { |
||
222 | $em = $this->getEntityManager(); |
||
223 | $context = $this->getTokenStorage(); |
||
224 | |||
225 | $securityIdentity = new RoleSecurityIdentity('ROLE_TEST'); |
||
226 | |||
227 | $entity = $this->getMockBuilder('Symfony\Component\Security\Acl\Domain\Entry') |
||
228 | ->disableOriginalConstructor() |
||
229 | ->getMock(); |
||
230 | $entity |
||
231 | ->expects($this->any()) |
||
232 | ->method('getSecurityIdentity') |
||
233 | ->will($this->returnValue($securityIdentity)); |
||
234 | $entity |
||
235 | ->expects($this->any()) |
||
236 | ->method('getMask') |
||
237 | ->will($this->returnValue(1)); |
||
238 | |||
239 | $acl = $this->getMockBuilder('Symfony\Component\Security\Acl\Domain\Acl') |
||
240 | ->disableOriginalConstructor() |
||
241 | ->getMock(); |
||
242 | $acl->expects($this->atLeastOnce()) |
||
243 | ->method('getObjectAces') |
||
244 | ->will($this->returnValue(array($entity))); |
||
245 | |||
246 | $aclProvider = $this->getAclProvider(); |
||
247 | $aclProvider |
||
248 | ->expects($this->atLeastOnce()) |
||
249 | ->method('findAcl') |
||
250 | ->with($this->anything()) |
||
251 | ->will($this->returnValue($acl)); |
||
252 | |||
253 | $retrievalStrategy = $this->getOidRetrievalStrategy(); |
||
254 | $objectIdentity = $this->createMock('Symfony\Component\Security\Acl\Model\ObjectIdentityInterface'); |
||
255 | $retrievalStrategy |
||
256 | ->expects($this->atLeastOnce()) |
||
257 | ->method('getObjectIdentity') |
||
258 | ->will($this->returnValue($objectIdentity)); |
||
259 | $dispatcher = $this->getEventDispatcher(); |
||
260 | $shell = $this->getShell(); |
||
261 | $kernel = $this->getKernel(); |
||
262 | $object = new PermissionAdmin($em, $context, $aclProvider, $retrievalStrategy, $dispatcher, $shell, $kernel); |
||
263 | |||
264 | return $object; |
||
265 | } |
||
266 | |||
267 | /** |
||
268 | * Return entity mock |
||
269 | * |
||
270 | * @return AbstractEntity |
||
271 | */ |
||
272 | public function getEntity() |
||
273 | { |
||
274 | return $this->getMockForAbstractClass('Kunstmaan\AdminBundle\Entity\AbstractEntity'); |
||
275 | } |
||
276 | |||
277 | /** |
||
278 | * Return permission admin mock |
||
279 | * |
||
280 | * @return PermissionAdmin |
||
281 | */ |
||
282 | public function getInitializedPermissionAdmin() |
||
283 | { |
||
284 | $object = $this->getPermissionAdmin(); |
||
285 | $entity = $this->getEntity(); |
||
286 | /* @var $permissionMap PermissionMapInterface */ |
||
287 | $permissionMap = $this->createMock('Kunstmaan\AdminBundle\Helper\Security\Acl\Permission\PermissionMapInterface'); |
||
288 | $object->initialize($entity, $permissionMap); |
||
289 | |||
290 | return $object; |
||
291 | } |
||
292 | |||
293 | public function testBindRequestReturnsTrueWhenNoChanges() |
||
294 | { |
||
295 | $object = $this->getInitializedPermissionAdmin(); |
||
296 | $request = $this->createMock(Request::class); |
||
297 | $request->request = $this->createMock(Request::class); |
||
298 | $request->request->expects($this->once())->method('get')->willReturn(''); |
||
299 | $object->bindRequest($request); |
||
300 | } |
||
301 | |||
302 | /** |
||
303 | * @throws \ReflectionException |
||
304 | */ |
||
305 | public function testBindRequest() |
||
306 | { |
||
307 | $object = $this->getInitializedPermissionAdmin(); |
||
308 | $token = $this->createMock(PreAuthenticatedToken::class); |
||
309 | $token->expects($this->once())->method('getUser')->willReturn(new User()); |
||
310 | $request = $this->createMock(Request::class); |
||
311 | $request->request = $this->createMock(Request::class); |
||
312 | $request->request->expects($this->any())->method('get')->will($this->onConsecutiveCalls(['ADMIN' => ['ADD' => ['VIEW']]], true)); |
||
313 | |||
314 | $mirror = new ReflectionClass(PermissionAdmin::class); |
||
315 | $property = $mirror->getProperty('tokenStorage'); |
||
316 | $property->setAccessible(true); |
||
317 | $val = $property->getValue($object); |
||
318 | $val->expects($this->once())->method('getToken')->willReturn($token); |
||
319 | |||
320 | $object->bindRequest($request); |
||
321 | } |
||
322 | |||
323 | /** |
||
324 | * @throws \ReflectionException |
||
325 | */ |
||
326 | public function testMaskAtIndex() |
||
327 | { |
||
328 | $object = $this->getInitializedPermissionAdmin(); |
||
329 | |||
330 | $id = $this->createMock(SecurityIdentityInterface::class); |
||
331 | $ace = $this->createMock(AuditableEntryInterface::class); |
||
332 | $ace->expects($this->once())->method('getSecurityIdentity')->willReturn($id); |
||
333 | $acl = $this->createMock(AclInterface::class); |
||
334 | $acl->expects($this->once())->method('getObjectAces')->willReturn([1 => $ace]); |
||
335 | |||
336 | $mirror = new ReflectionClass(PermissionAdmin::class); |
||
337 | $method = $mirror->getMethod('getMaskAtIndex'); |
||
338 | $method->setAccessible(true); |
||
339 | |||
340 | $this->assertFalse($method->invoke($object, $acl, 1)); |
||
341 | |||
342 | $id = new RoleSecurityIdentity('ADMIN'); |
||
343 | $ace = $this->createMock(AuditableEntryInterface::class); |
||
344 | $ace->expects($this->once())->method('getSecurityIdentity')->willReturn($id); |
||
345 | $ace->expects($this->once())->method('getMask')->willReturn(true); |
||
346 | $acl = $this->createMock(AclInterface::class); |
||
347 | $acl->expects($this->once())->method('getObjectAces')->willReturn([1 => $ace]); |
||
348 | |||
349 | $this->assertTrue($method->invoke($object, $acl, 1)); |
||
350 | } |
||
351 | |||
352 | /** |
||
353 | * @throws \ReflectionException |
||
354 | */ |
||
355 | public function testGetManageableRolesForPages() |
||
356 | { |
||
357 | $object = $this->getInitializedPermissionAdmin(); |
||
358 | |||
359 | $repo = $this->createMock(EntityRepository::class); |
||
360 | $repo->expects($this->once())->method('findAll')->willReturn(['ROLE_SUPER_ADMIN', 'USER']); |
||
361 | |||
362 | $em = $this->getEntityManager(); |
||
363 | $em->expects($this->once())->method('getRepository')->willReturn($repo); |
||
364 | |||
365 | $token = $this->createMock(PreAuthenticatedToken::class); |
||
366 | $token->expects($this->once())->method('getUser')->willReturn(new User()); |
||
367 | |||
368 | $storage = $this->createMock(TokenStorage::class); |
||
369 | $storage->expects($this->once())->method('getToken')->willReturn($token); |
||
370 | |||
371 | $mirror = new ReflectionClass(PermissionAdmin::class); |
||
372 | $property = $mirror->getProperty('tokenStorage'); |
||
373 | $property->setAccessible(true); |
||
374 | $property->setValue($object, $storage); |
||
375 | $property = $mirror->getProperty('em'); |
||
376 | $property->setAccessible(true); |
||
377 | $property->setValue($object, $em); |
||
378 | |||
379 | $roles = $object->getManageableRolesForPages(); |
||
380 | $this->assertCount(1, $roles); |
||
381 | $this->assertTrue(\in_array('USER', $roles)); |
||
382 | } |
||
383 | |||
384 | /** |
||
385 | * @throws \ReflectionException |
||
386 | */ |
||
387 | public function testApplyAclChangesetReturnsNull() |
||
388 | { |
||
389 | $object = $this->getInitializedPermissionAdmin(); |
||
390 | $entity = $this->createMock(AbstractEntity::class); |
||
391 | $entity->method('getId')->willReturn(666); |
||
392 | $entity->method('setId')->willReturn(null); |
||
393 | $entity->method('__toString')->willReturn('666'); |
||
394 | |||
395 | $this->assertNull($object->applyAclChangeset($entity, [], true)); |
||
396 | } |
||
397 | |||
398 | /** |
||
399 | * @throws \ReflectionException |
||
400 | */ |
||
401 | public function testApplyAclAppliesChangesetRecursive() |
||
402 | { |
||
403 | $object = $this->getInitializedPermissionAdmin(); |
||
404 | $acl = $this->createMock(MutableAclInterface::class); |
||
405 | $provider = $this->createMock(MutableAclProviderInterface::class); |
||
406 | $provider->expects($this->atLeastOnce())->method('findAcl')->willThrowException(new AclNotFoundException()); |
||
407 | $provider->expects($this->atLeastOnce())->method('createAcl')->willReturn($acl); |
||
408 | |||
409 | $mirror = new ReflectionClass(PermissionAdmin::class); |
||
410 | $property = $mirror->getProperty('aclProvider'); |
||
411 | $property->setAccessible(true); |
||
412 | $property->setValue($object, $provider); |
||
413 | |||
414 | $entity = new Node(); |
||
415 | $entity->setChildren(new ArrayCollection([new Node()])); |
||
416 | $this->assertNull($object->applyAclChangeset($entity, [], true)); |
||
417 | } |
||
418 | |||
419 | /** |
||
420 | * @throws \ReflectionException |
||
421 | */ |
||
422 | public function testApplyAclAppliesChangeset() |
||
423 | { |
||
424 | $object = $this->getInitializedPermissionAdmin(); |
||
425 | |||
426 | $entity = new Node(); |
||
427 | $this->assertNull($object->applyAclChangeset($entity, ['ROLE_TEST' => ['DEL' => ['VIEW']]], false)); |
||
428 | } |
||
429 | } |
||
430 |
This check compares the return type specified in the
@return
annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch.