ezsystems /
ezpublish-kernel
| @@ 196-229 (lines=34) @@ | ||
| 193 | * @see \eZ\Publish\API\Repository\SectionService::assignSection() |
|
| 194 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 195 | */ |
|
| 196 | public function testAssignSectionThrowsUnauthorizedException() |
|
| 197 | { |
|
| 198 | $repository = $this->getRepository(); |
|
| 199 | ||
| 200 | $standardSectionId = $this->generateId('section', 1); |
|
| 201 | $anonymousUserId = $this->generateId('user', 10); |
|
| 202 | /* BEGIN: Use Case */ |
|
| 203 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 204 | // Publish demo installation. |
|
| 205 | // $standardSectionId is the ID of the "Standard" section in a eZ |
|
| 206 | // Publish demo installation. |
|
| 207 | ||
| 208 | // RemoteId of the "Media" page of an eZ Publish demo installation |
|
| 209 | $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
| 210 | ||
| 211 | $userService = $repository->getUserService(); |
|
| 212 | $contentService = $repository->getContentService(); |
|
| 213 | $sectionService = $repository->getSectionService(); |
|
| 214 | ||
| 215 | // Load a content info instance |
|
| 216 | $contentInfo = $contentService->loadContentInfoByRemoteId( |
|
| 217 | $mediaRemoteId |
|
| 218 | ); |
|
| 219 | ||
| 220 | // Load the "Standard" section |
|
| 221 | $section = $sectionService->loadSection($standardSectionId); |
|
| 222 | ||
| 223 | // Set anonymous user |
|
| 224 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 225 | ||
| 226 | // This call will fail with a "UnauthorizedException" |
|
| 227 | $sectionService->assignSection($contentInfo, $section); |
|
| 228 | /* END: Use Case */ |
|
| 229 | } |
|
| 230 | ||
| 231 | /** |
|
| 232 | * Test for the deleteSection() method. |
|
| @@ 259-293 (lines=35) @@ | ||
| 256 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessForCurrentUserNo |
|
| 257 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 258 | */ |
|
| 259 | public function testCanUserForAnonymousUserNo() |
|
| 260 | { |
|
| 261 | $repository = $this->getRepository(); |
|
| 262 | ||
| 263 | $homeId = $this->generateId('object', 57); |
|
| 264 | ||
| 265 | $anonymousUserId = $this->generateId('user', 10); |
|
| 266 | /* BEGIN: Use Case */ |
|
| 267 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 268 | // Publish demo installation. |
|
| 269 | // $homeId contains the ID of the "Home" frontpage |
|
| 270 | ||
| 271 | $contentService = $repository->getContentService(); |
|
| 272 | $userService = $repository->getUserService(); |
|
| 273 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 274 | ||
| 275 | // Load anonymous user |
|
| 276 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 277 | ||
| 278 | // Set anonymous user as current user reference |
|
| 279 | $permissionResolver->setCurrentUserReference($anonymousUser); |
|
| 280 | ||
| 281 | // Load the ContentInfo for "Home" frontpage |
|
| 282 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 283 | ||
| 284 | // This call will return false because anonymous user does not have access |
|
| 285 | // to content removal and hence no permission to remove given content |
|
| 286 | $canUser = $permissionResolver->canUser('content', 'remove', $contentInfo); |
|
| 287 | ||
| 288 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 289 | if (!$canUser) { |
|
| 290 | $contentService->deleteContent($contentInfo); |
|
| 291 | } |
|
| 292 | /* END: Use Case */ |
|
| 293 | } |
|
| 294 | ||
| 295 | /** |
|
| 296 | * Test for the canUser() method. |
|
| @@ 384-416 (lines=33) @@ | ||
| 381 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 382 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 383 | */ |
|
| 384 | public function testCanUserWithLimitationNo() |
|
| 385 | { |
|
| 386 | $repository = $this->getRepository(); |
|
| 387 | ||
| 388 | $administratorUserId = $this->generateId('user', 14); |
|
| 389 | ||
| 390 | /* BEGIN: Use Case */ |
|
| 391 | // $administratorUserId contains the ID of the administrator user |
|
| 392 | ||
| 393 | $user = $this->createUserVersion1(); |
|
| 394 | ||
| 395 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 396 | ||
| 397 | // Set created user as current user reference |
|
| 398 | $permissionResolver->setCurrentUserReference($user); |
|
| 399 | ||
| 400 | $userService = $repository->getUserService(); |
|
| 401 | ||
| 402 | // Load administrator user using UserService, this does not check for permissions |
|
| 403 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 404 | ||
| 405 | // This call will return false as user with Editor role does not have |
|
| 406 | // permission to read "Users" subtree |
|
| 407 | $canUser = $permissionResolver->canUser('content', 'read', $administratorUser); |
|
| 408 | ||
| 409 | $contentService = $repository->getContentService(); |
|
| 410 | ||
| 411 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 412 | if (!$canUser) { |
|
| 413 | $content = $contentService->loadContent($administratorUserId); |
|
| 414 | } |
|
| 415 | /* END: Use Case */ |
|
| 416 | } |
|
| 417 | ||
| 418 | /** |
|
| 419 | * Test for the canUser() method. |
|
| @@ 582-614 (lines=33) @@ | ||
| 579 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessForCurrentUserYes |
|
| 580 | * @expectedException \eZ\Publish\API\Repository\Exceptions\NotFoundException |
|
| 581 | */ |
|
| 582 | public function testCanUserForAdministratorUser() |
|
| 583 | { |
|
| 584 | $repository = $this->getRepository(); |
|
| 585 | ||
| 586 | $administratorUserId = $this->generateId('user', 14); |
|
| 587 | $homeId = $this->generateId('object', 57); |
|
| 588 | ||
| 589 | /* BEGIN: Use Case */ |
|
| 590 | // $administratorUserId contains the ID of the administrator user |
|
| 591 | // $homeId contains the ID of the "Home" frontpage |
|
| 592 | ||
| 593 | $contentService = $repository->getContentService(); |
|
| 594 | $userService = $repository->getUserService(); |
|
| 595 | ||
| 596 | // Load administrator user |
|
| 597 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 598 | ||
| 599 | // Set administrator user as current user |
|
| 600 | $repository->setCurrentUser($administratorUser); |
|
| 601 | ||
| 602 | // Load the ContentInfo for "Home" frontpage |
|
| 603 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 604 | ||
| 605 | // This call will return true |
|
| 606 | $canUser = $repository->canUser('content', 'remove', $contentInfo); |
|
| 607 | ||
| 608 | // Performing an action having necessary permissions will succeed |
|
| 609 | $contentService->deleteContent($contentInfo); |
|
| 610 | /* END: Use Case */ |
|
| 611 | ||
| 612 | $this->assertTrue($canUser); |
|
| 613 | $contentService->loadContent($homeId); |
|
| 614 | } |
|
| 615 | ||
| 616 | /** |
|
| 617 | * Test for the canUser() method. |
|
