1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace App\Tests\Acceptance; |
4
|
|
|
|
5
|
|
|
use App\DataFixtures\UserReferenceTrait; |
6
|
|
|
use App\DataFixtures\Users; |
7
|
|
|
use App\Entity\User; |
8
|
|
|
use Symfony\Component\BrowserKit\AbstractBrowser; |
9
|
|
|
|
10
|
|
|
class AccessRightsTest extends BaseAcceptanceTest |
11
|
|
|
{ |
12
|
|
|
use UserReferenceTrait; |
13
|
|
|
|
14
|
|
|
public function testAnonymousRights() |
15
|
|
|
{ |
16
|
|
|
$referenceRepository = $this->loadFixtures([Users::class])->getReferenceRepository(); |
17
|
|
|
$client = $this->makeBrowser(); |
18
|
|
|
|
19
|
|
|
$user = $this->getUser(Users::COMMITTER, $referenceRepository); |
20
|
|
|
|
21
|
|
|
$this->assertAccessRights($client, '/login', 200); |
22
|
|
|
$this->assertAccessRights($client, '/loggedout', 200); |
23
|
|
|
$this->assertAccessRights($client, '/user/profile/'); |
24
|
|
|
$this->assertAccessRights($client, '/user/profile/edit'); |
25
|
|
|
|
26
|
|
|
$this->assertAccessRights($client, '/history'); |
27
|
|
|
|
28
|
|
|
$this->assertAccessRights($client, '/browse/'); |
29
|
|
|
$this->assertAccessRights($client, '/browse/?action=list'); |
30
|
|
|
$this->assertAccessRights($client, '/browse/?action=file.upload'); |
31
|
|
|
$this->assertAccessRights($client, '/browse/?action=file.create&extension=txt'); |
32
|
|
|
$this->assertAccessRights($client, '/browse/?action=file.create&extension=md'); |
33
|
|
|
$this->assertAccessRights($client, '/browse/?action=subdirectory.create'); |
34
|
|
|
$this->assertAccessRights($client, '/browse/examples/?action=remove'); |
35
|
|
|
|
36
|
|
|
$this->assertAccessRights($client, '/browse/index.md'); |
37
|
|
|
$this->assertAccessRights($client, '/browse/index.md?action=history'); |
38
|
|
|
$this->assertAccessRights($client, '/browse/index.md?action=edit'); |
39
|
|
|
$this->assertAccessRights($client, '/browse/index.md?action=move'); |
40
|
|
|
$this->assertAccessRights($client, '/browse/index.md?action=remove'); |
41
|
|
|
|
42
|
|
|
$this->assertAccessRights($client, '/users/'); |
43
|
|
|
$this->assertAccessRights($client, '/users/' . $user->getId() . '/edit'); |
44
|
|
|
$this->assertAccessRights($client, '/users/' . $user->getId() . '/delete'); |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
public function testWatcherRights() |
48
|
|
|
{ |
49
|
|
|
$referenceRepository = $this->loadFixtures([Users::class])->getReferenceRepository(); |
50
|
|
|
$client = $this->makeBrowser(); |
51
|
|
|
|
52
|
|
|
$user = $this->getUser(Users::COMMITTER, $referenceRepository); |
53
|
|
|
|
54
|
|
|
$this->assertAccessRights($client, '/user/profile/', 200, $this->getUser(Users::WATCHER, $referenceRepository)); |
55
|
|
|
$this->assertAccessRights( |
56
|
|
|
$client, |
57
|
|
|
'/user/profile/edit', |
58
|
|
|
200, |
59
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
60
|
|
|
); |
61
|
|
|
|
62
|
|
|
$this->assertAccessRights($client, '/history', 200, $this->getUser(Users::WATCHER, $referenceRepository)); |
63
|
|
|
|
64
|
|
|
$this->assertAccessRights($client, '/browse/', 302, $this->getUser(Users::WATCHER, $referenceRepository)); |
65
|
|
|
$this->assertAccessRights( |
66
|
|
|
$client, |
67
|
|
|
'/browse/?action=list', |
68
|
|
|
200, |
69
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
70
|
|
|
); |
71
|
|
|
$this->assertAccessRights( |
72
|
|
|
$client, |
73
|
|
|
'/browse/?action=file.upload', |
74
|
|
|
null, |
75
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
76
|
|
|
); |
77
|
|
|
$this->assertAccessRights( |
78
|
|
|
$client, |
79
|
|
|
'/browse/?action=file.create&extension=txt', |
80
|
|
|
null, |
81
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
82
|
|
|
); |
83
|
|
|
$this->assertAccessRights( |
84
|
|
|
$client, |
85
|
|
|
'/browse/?action=file.create&extension=md', |
86
|
|
|
null, |
87
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
88
|
|
|
); |
89
|
|
|
$this->assertAccessRights( |
90
|
|
|
$client, |
91
|
|
|
'/browse/?action=subdirectory.create', |
92
|
|
|
null, |
93
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
94
|
|
|
); |
95
|
|
|
$this->assertAccessRights( |
96
|
|
|
$client, |
97
|
|
|
'/browse/examples/?action=remove', |
98
|
|
|
null, |
99
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
100
|
|
|
); |
101
|
|
|
|
102
|
|
|
$this->assertAccessRights( |
103
|
|
|
$client, |
104
|
|
|
'/browse/index.md', |
105
|
|
|
200, |
106
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
107
|
|
|
); |
108
|
|
|
$this->assertAccessRights( |
109
|
|
|
$client, |
110
|
|
|
'/browse/index.md?action=history', |
111
|
|
|
200, |
112
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
113
|
|
|
); |
114
|
|
|
$this->assertAccessRights( |
115
|
|
|
$client, |
116
|
|
|
'/browse/index.md?action=edit', |
117
|
|
|
null, |
118
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
119
|
|
|
); |
120
|
|
|
$this->assertAccessRights( |
121
|
|
|
$client, |
122
|
|
|
'/browse/index.md?action=move', |
123
|
|
|
null, |
124
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
125
|
|
|
); |
126
|
|
|
$this->assertAccessRights( |
127
|
|
|
$client, |
128
|
|
|
'/browse/index.md?action=remove', |
129
|
|
|
null, |
130
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
131
|
|
|
); |
132
|
|
|
|
133
|
|
|
$this->assertAccessRights($client, '/users/', null, $this->getUser(Users::WATCHER, $referenceRepository)); |
134
|
|
|
$this->assertAccessRights( |
135
|
|
|
$client, |
136
|
|
|
'/users/' . $user->getId() . '/edit', |
137
|
|
|
null, |
138
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
139
|
|
|
); |
140
|
|
|
$this->assertAccessRights( |
141
|
|
|
$client, |
142
|
|
|
'/users/' . $user->getId() . '/delete', |
143
|
|
|
null, |
144
|
|
|
$this->getUser(Users::WATCHER, $referenceRepository) |
145
|
|
|
); |
146
|
|
|
} |
147
|
|
|
|
148
|
|
|
public function testCommitterRights() |
149
|
|
|
{ |
150
|
|
|
$referenceRepository = $this->loadFixtures([Users::class])->getReferenceRepository(); |
151
|
|
|
$client = $this->makeBrowser(); |
152
|
|
|
|
153
|
|
|
$user = $this->getUser(Users::COMMITTER, $referenceRepository); |
154
|
|
|
|
155
|
|
|
$this->assertAccessRights($client, '/history', 200, $this->getUser(Users::COMMITTER, $referenceRepository)); |
156
|
|
|
|
157
|
|
|
$this->assertAccessRights($client, '/browse/', 302, $this->getUser(Users::COMMITTER, $referenceRepository)); |
158
|
|
|
$this->assertAccessRights( |
159
|
|
|
$client, |
160
|
|
|
'/browse/?action=list', |
161
|
|
|
200, |
162
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
163
|
|
|
); |
164
|
|
|
$this->assertAccessRights( |
165
|
|
|
$client, |
166
|
|
|
'/browse/?action=file.upload', |
167
|
|
|
200, |
168
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
169
|
|
|
); |
170
|
|
|
$this->assertAccessRights( |
171
|
|
|
$client, |
172
|
|
|
'/browse/?action=file.create&extension=txt', |
173
|
|
|
200, |
174
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
175
|
|
|
); |
176
|
|
|
$this->assertAccessRights( |
177
|
|
|
$client, |
178
|
|
|
'/browse/?action=file.create&extension=md', |
179
|
|
|
200, |
180
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
181
|
|
|
); |
182
|
|
|
$this->assertAccessRights( |
183
|
|
|
$client, |
184
|
|
|
'/browse/?action=subdirectory.create', |
185
|
|
|
200, |
186
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
187
|
|
|
); |
188
|
|
|
$this->assertAccessRights( |
189
|
|
|
$client, |
190
|
|
|
'/browse/examples/?action=remove', |
191
|
|
|
200, |
192
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
193
|
|
|
); |
194
|
|
|
|
195
|
|
|
$this->assertAccessRights( |
196
|
|
|
$client, |
197
|
|
|
'/browse/index.md', |
198
|
|
|
200, |
199
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
200
|
|
|
); |
201
|
|
|
$this->assertAccessRights( |
202
|
|
|
$client, |
203
|
|
|
'/browse/index.md?action=history', |
204
|
|
|
200, |
205
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
206
|
|
|
); |
207
|
|
|
$this->assertAccessRights( |
208
|
|
|
$client, |
209
|
|
|
'/browse/index.md?action=edit', |
210
|
|
|
200, |
211
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
212
|
|
|
); |
213
|
|
|
$this->assertAccessRights( |
214
|
|
|
$client, |
215
|
|
|
'/browse/index.md?action=move', |
216
|
|
|
200, |
217
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
218
|
|
|
); |
219
|
|
|
$this->assertAccessRights( |
220
|
|
|
$client, |
221
|
|
|
'/browse/index.md?action=remove', |
222
|
|
|
302, |
223
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
224
|
|
|
); |
225
|
|
|
|
226
|
|
|
$this->assertAccessRights($client, '/users/', null, $this->getUser(Users::COMMITTER, $referenceRepository)); |
227
|
|
|
$this->assertAccessRights( |
228
|
|
|
$client, |
229
|
|
|
'/users/' . $user->getId() . '/edit', |
230
|
|
|
null, |
231
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
232
|
|
|
); |
233
|
|
|
$this->assertAccessRights( |
234
|
|
|
$client, |
235
|
|
|
'/users/' . $user->getId() . '/delete', |
236
|
|
|
null, |
237
|
|
|
$this->getUser(Users::COMMITTER, $referenceRepository) |
238
|
|
|
); |
239
|
|
|
} |
240
|
|
|
|
241
|
|
|
public function testAdminRights() |
242
|
|
|
{ |
243
|
|
|
$referenceRepository = $this->loadFixtures([Users::class])->getReferenceRepository(); |
244
|
|
|
$client = $this->makeBrowser(); |
245
|
|
|
|
246
|
|
|
$user = $this->getUser(Users::COMMITTER, $referenceRepository); |
247
|
|
|
|
248
|
|
|
$this->assertAccessRights($client, '/history', 200, $this->getUser(Users::ADMIN, $referenceRepository)); |
249
|
|
|
|
250
|
|
|
$this->assertAccessRights($client, '/browse/', 302, $this->getUser(Users::ADMIN, $referenceRepository)); |
251
|
|
|
$this->assertAccessRights( |
252
|
|
|
$client, |
253
|
|
|
'/browse/?action=list', |
254
|
|
|
200, |
255
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
256
|
|
|
); |
257
|
|
|
$this->assertAccessRights( |
258
|
|
|
$client, |
259
|
|
|
'/browse/?action=file.upload', |
260
|
|
|
200, |
261
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
262
|
|
|
); |
263
|
|
|
$this->assertAccessRights( |
264
|
|
|
$client, |
265
|
|
|
'/browse/?action=file.create&extension=txt', |
266
|
|
|
200, |
267
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
268
|
|
|
); |
269
|
|
|
$this->assertAccessRights( |
270
|
|
|
$client, |
271
|
|
|
'/browse/?action=file.create&extension=md', |
272
|
|
|
200, |
273
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
274
|
|
|
); |
275
|
|
|
$this->assertAccessRights( |
276
|
|
|
$client, |
277
|
|
|
'/browse/?action=subdirectory.create', |
278
|
|
|
200, |
279
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
280
|
|
|
); |
281
|
|
|
$this->assertAccessRights( |
282
|
|
|
$client, |
283
|
|
|
'/browse/examples/?action=remove', |
284
|
|
|
200, |
285
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
286
|
|
|
); |
287
|
|
|
|
288
|
|
|
$this->assertAccessRights($client, '/browse/index.md', 200, $this->getUser(Users::ADMIN, $referenceRepository)); |
289
|
|
|
$this->assertAccessRights( |
290
|
|
|
$client, |
291
|
|
|
'/browse/index.md?action=history', |
292
|
|
|
200, |
293
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
294
|
|
|
); |
295
|
|
|
$this->assertAccessRights( |
296
|
|
|
$client, |
297
|
|
|
'/browse/index.md?action=edit', |
298
|
|
|
200, |
299
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
300
|
|
|
); |
301
|
|
|
$this->assertAccessRights( |
302
|
|
|
$client, |
303
|
|
|
'/browse/index.md?action=move', |
304
|
|
|
200, |
305
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
306
|
|
|
); |
307
|
|
|
$this->assertAccessRights( |
308
|
|
|
$client, |
309
|
|
|
'/browse/index.md?action=remove', |
310
|
|
|
302, |
311
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
312
|
|
|
); |
313
|
|
|
|
314
|
|
|
$this->assertAccessRights($client, '/users/', 200, $this->getUser(Users::ADMIN, $referenceRepository)); |
315
|
|
|
$this->assertAccessRights( |
316
|
|
|
$client, |
317
|
|
|
'/users/' . $user->getId() . '/edit', |
318
|
|
|
200, |
319
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
320
|
|
|
); |
321
|
|
|
$this->assertAccessRights( |
322
|
|
|
$client, |
323
|
|
|
'/users/' . $user->getId() . '/delete', |
324
|
|
|
302, |
325
|
|
|
$this->getUser(Users::ADMIN, $referenceRepository) |
326
|
|
|
); |
327
|
|
|
} |
328
|
|
|
|
329
|
|
|
/** |
330
|
|
|
* @param string $url The url to test. |
331
|
|
|
* @param null $expectedStatus The expected status code. Null if login is expected. |
332
|
|
|
* @param User $user The user to test or null for anonymous. |
333
|
|
|
*/ |
334
|
|
|
protected function assertAccessRights(AbstractBrowser $client, $url, $expectedStatus = null, User $user = null) |
335
|
|
|
{ |
336
|
|
|
$this->logOut($client); |
337
|
|
|
if (null !== $user) { |
338
|
|
|
$this->logIn($client, $user); |
339
|
|
|
} |
340
|
|
|
$client->request('GET', $url); |
341
|
|
|
$response = $client->getResponse(); |
342
|
|
|
$statusCode = $response->getStatusCode(); |
343
|
|
|
|
344
|
|
|
if (500 === $statusCode) { |
345
|
|
|
echo $client->getResponse()->getContent(); |
346
|
|
|
$this->fail(sprintf('Status code was 500 for %s', $url)); |
347
|
|
|
} |
348
|
|
|
|
349
|
|
|
if (null === $expectedStatus) { |
350
|
|
|
$this->assertEquals(302, $statusCode, sprintf('%s: Login expected', $url)); |
351
|
|
|
$this->assertEquals('http://localhost/login', $response->headers->get('Location')); |
352
|
|
|
|
353
|
|
|
return; |
354
|
|
|
} |
355
|
|
|
|
356
|
|
|
$this->assertEquals( |
357
|
|
|
$expectedStatus, |
358
|
|
|
$statusCode, |
359
|
|
|
sprintf('%s [%s]', $url, $user !== null ? $user->getUsername() : null) |
360
|
|
|
); |
361
|
|
|
} |
362
|
|
|
} |
363
|
|
|
|