ezsystems /
ezpublish-kernel
| @@ 194-227 (lines=34) @@ | ||
| 191 | * @see \eZ\Publish\API\Repository\SectionService::assignSection() |
|
| 192 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 193 | */ |
|
| 194 | public function testAssignSectionThrowsUnauthorizedException() |
|
| 195 | { |
|
| 196 | $repository = $this->getRepository(); |
|
| 197 | ||
| 198 | $standardSectionId = $this->generateId('section', 1); |
|
| 199 | $anonymousUserId = $this->generateId('user', 10); |
|
| 200 | /* BEGIN: Use Case */ |
|
| 201 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 202 | // Publish demo installation. |
|
| 203 | // $standardSectionId is the ID of the "Standard" section in a eZ |
|
| 204 | // Publish demo installation. |
|
| 205 | ||
| 206 | // RemoteId of the "Media" page of an eZ Publish demo installation |
|
| 207 | $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
| 208 | ||
| 209 | $userService = $repository->getUserService(); |
|
| 210 | $contentService = $repository->getContentService(); |
|
| 211 | $sectionService = $repository->getSectionService(); |
|
| 212 | ||
| 213 | // Load a content info instance |
|
| 214 | $contentInfo = $contentService->loadContentInfoByRemoteId( |
|
| 215 | $mediaRemoteId |
|
| 216 | ); |
|
| 217 | ||
| 218 | // Load the "Standard" section |
|
| 219 | $section = $sectionService->loadSection($standardSectionId); |
|
| 220 | ||
| 221 | // Set anonymous user |
|
| 222 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 223 | ||
| 224 | // This call will fail with a "UnauthorizedException" |
|
| 225 | $sectionService->assignSection($contentInfo, $section); |
|
| 226 | /* END: Use Case */ |
|
| 227 | } |
|
| 228 | ||
| 229 | /** |
|
| 230 | * Test for the deleteSection() method. |
|
| @@ 261-295 (lines=35) @@ | ||
| 258 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessForCurrentUserNo |
|
| 259 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 260 | */ |
|
| 261 | public function testCanUserForAnonymousUserNo() |
|
| 262 | { |
|
| 263 | $repository = $this->getRepository(); |
|
| 264 | ||
| 265 | $homeId = $this->generateId('object', 57); |
|
| 266 | ||
| 267 | $anonymousUserId = $this->generateId('user', 10); |
|
| 268 | /* BEGIN: Use Case */ |
|
| 269 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 270 | // Publish demo installation. |
|
| 271 | // $homeId contains the ID of the "Home" frontpage |
|
| 272 | ||
| 273 | $contentService = $repository->getContentService(); |
|
| 274 | $userService = $repository->getUserService(); |
|
| 275 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 276 | ||
| 277 | // Load anonymous user |
|
| 278 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 279 | ||
| 280 | // Set anonymous user as current user reference |
|
| 281 | $permissionResolver->setCurrentUserReference($anonymousUser); |
|
| 282 | ||
| 283 | // Load the ContentInfo for "Home" frontpage |
|
| 284 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 285 | ||
| 286 | // This call will return false because anonymous user does not have access |
|
| 287 | // to content removal and hence no permission to remove given content |
|
| 288 | $canUser = $permissionResolver->canUser('content', 'remove', $contentInfo); |
|
| 289 | ||
| 290 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 291 | if (!$canUser) { |
|
| 292 | $contentService->deleteContent($contentInfo); |
|
| 293 | } |
|
| 294 | /* END: Use Case */ |
|
| 295 | } |
|
| 296 | ||
| 297 | /** |
|
| 298 | * Test for the canUser() method. |
|
| @@ 386-418 (lines=33) @@ | ||
| 383 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 384 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 385 | */ |
|
| 386 | public function testCanUserWithLimitationNo() |
|
| 387 | { |
|
| 388 | $repository = $this->getRepository(); |
|
| 389 | ||
| 390 | $administratorUserId = $this->generateId('user', 14); |
|
| 391 | ||
| 392 | /* BEGIN: Use Case */ |
|
| 393 | // $administratorUserId contains the ID of the administrator user |
|
| 394 | ||
| 395 | $user = $this->createUserVersion1(); |
|
| 396 | ||
| 397 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 398 | ||
| 399 | // Set created user as current user reference |
|
| 400 | $permissionResolver->setCurrentUserReference($user); |
|
| 401 | ||
| 402 | $userService = $repository->getUserService(); |
|
| 403 | ||
| 404 | // Load administrator user using UserService, this does not check for permissions |
|
| 405 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 406 | ||
| 407 | // This call will return false as user with Editor role does not have |
|
| 408 | // permission to read "Users" subtree |
|
| 409 | $canUser = $permissionResolver->canUser('content', 'read', $administratorUser); |
|
| 410 | ||
| 411 | $contentService = $repository->getContentService(); |
|
| 412 | ||
| 413 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 414 | if (!$canUser) { |
|
| 415 | $content = $contentService->loadContent($administratorUserId); |
|
| 416 | } |
|
| 417 | /* END: Use Case */ |
|
| 418 | } |
|
| 419 | ||
| 420 | /** |
|
| 421 | * Test for the canUser() method. |
|
| @@ 606-638 (lines=33) @@ | ||
| 603 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessForCurrentUserYes |
|
| 604 | * @expectedException \eZ\Publish\API\Repository\Exceptions\NotFoundException |
|
| 605 | */ |
|
| 606 | public function testCanUserForAdministratorUser() |
|
| 607 | { |
|
| 608 | $repository = $this->getRepository(); |
|
| 609 | ||
| 610 | $administratorUserId = $this->generateId('user', 14); |
|
| 611 | $homeId = $this->generateId('object', 57); |
|
| 612 | ||
| 613 | /* BEGIN: Use Case */ |
|
| 614 | // $administratorUserId contains the ID of the administrator user |
|
| 615 | // $homeId contains the ID of the "Home" frontpage |
|
| 616 | ||
| 617 | $contentService = $repository->getContentService(); |
|
| 618 | $userService = $repository->getUserService(); |
|
| 619 | ||
| 620 | // Load administrator user |
|
| 621 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 622 | ||
| 623 | // Set administrator user as current user |
|
| 624 | $repository->setCurrentUser($administratorUser); |
|
| 625 | ||
| 626 | // Load the ContentInfo for "Home" frontpage |
|
| 627 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 628 | ||
| 629 | // This call will return true |
|
| 630 | $canUser = $repository->canUser('content', 'remove', $contentInfo); |
|
| 631 | ||
| 632 | // Performing an action having necessary permissions will succeed |
|
| 633 | $contentService->deleteContent($contentInfo); |
|
| 634 | /* END: Use Case */ |
|
| 635 | ||
| 636 | $this->assertTrue($canUser); |
|
| 637 | $contentService->loadContent($homeId); |
|
| 638 | } |
|
| 639 | ||
| 640 | /** |
|
| 641 | * Test for the canUser() method. |
|
