ezsystems /
ezpublish-kernel
| @@ 648-672 (lines=25) @@ | ||
| 645 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 646 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessLimited |
|
| 647 | */ |
|
| 648 | public function testCanUserWithLimitationYes() |
|
| 649 | { |
|
| 650 | $repository = $this->getRepository(); |
|
| 651 | ||
| 652 | $imagesFolderId = $this->generateId('object', 49); |
|
| 653 | ||
| 654 | /* BEGIN: Use Case */ |
|
| 655 | // $imagesFolderId contains the ID of the "Images" folder |
|
| 656 | ||
| 657 | $user = $this->createUserVersion1(); |
|
| 658 | ||
| 659 | // Set created user as current user |
|
| 660 | $repository->setCurrentUser($user); |
|
| 661 | ||
| 662 | $contentService = $repository->getContentService(); |
|
| 663 | ||
| 664 | // Performing an action having necessary permissions will succeed |
|
| 665 | $imagesFolder = $contentService->loadContent($imagesFolderId); |
|
| 666 | ||
| 667 | // This call will return true |
|
| 668 | $canUser = $repository->canUser('content', 'read', $imagesFolder); |
|
| 669 | /* END: Use Case */ |
|
| 670 | ||
| 671 | $this->assertTrue($canUser); |
|
| 672 | } |
|
| 673 | ||
| 674 | /** |
|
| 675 | * Test for the canUser() method. |
|
| @@ 472-497 (lines=26) @@ | ||
| 469 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 470 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testLoadContentByVersionInfoWithSecondParameter |
|
| 471 | */ |
|
| 472 | public function testLoadContentByVersionInfoThrowsUnauthorizedExceptionWithSecondParameter() |
|
| 473 | { |
|
| 474 | $repository = $this->getRepository(); |
|
| 475 | ||
| 476 | $anonymousUserId = $this->generateId('user', 10); |
|
| 477 | /* BEGIN: Use Case */ |
|
| 478 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 479 | // demo installation |
|
| 480 | ||
| 481 | $contentService = $repository->getContentService(); |
|
| 482 | ||
| 483 | // Load the ContentInfo for "Anonymous User" |
|
| 484 | $contentInfo = $contentService->loadContentInfo($anonymousUserId); |
|
| 485 | ||
| 486 | // Load the current VersionInfo |
|
| 487 | $versionInfo = $contentService->loadVersionInfo($contentInfo); |
|
| 488 | ||
| 489 | $pseudoEditor = $this->createAnonymousWithEditorRole(); |
|
| 490 | ||
| 491 | // Set restricted editor user |
|
| 492 | $repository->setCurrentUser($pseudoEditor); |
|
| 493 | ||
| 494 | // This call will fail with a "UnauthorizedException" |
|
| 495 | $contentService->loadContentByVersionInfo($versionInfo, ['eng-US']); |
|
| 496 | /* END: Use Case */ |
|
| 497 | } |
|
| 498 | ||
| 499 | /** |
|
| 500 | * Test for the loadContent() method. |
|
| @@ 590-616 (lines=27) @@ | ||
| 587 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 588 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testLoadContent |
|
| 589 | */ |
|
| 590 | public function testLoadContentThrowsUnauthorizedExceptionOnDrafts() |
|
| 591 | { |
|
| 592 | /** @var $repository \eZ\Publish\API\Repository\Repository */ |
|
| 593 | $repository = $this->getRepository(); |
|
| 594 | ||
| 595 | $anonymousUserId = $this->generateId('user', 10); |
|
| 596 | /* BEGIN: Use Case */ |
|
| 597 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 598 | // demo installation |
|
| 599 | $user = $this->createUserVersion1(); |
|
| 600 | ||
| 601 | // Set new editor as a content owner |
|
| 602 | $repository->setCurrentUser($user); |
|
| 603 | ||
| 604 | // Create draft with this user |
|
| 605 | $draft = $this->createContentDraftVersion1(2, 'folder'); |
|
| 606 | ||
| 607 | // Load anonymous user |
|
| 608 | $userService = $repository->getUserService(); |
|
| 609 | $user = $userService->loadUser($anonymousUserId); |
|
| 610 | $repository->setCurrentUser($user); |
|
| 611 | ||
| 612 | // Try to load the draft with anonymous user to make sure access won't be allowed by throwing an exception |
|
| 613 | $contentService = $repository->getContentService(); |
|
| 614 | $contentService->loadContent($draft->id); |
|
| 615 | /* END: Use Case */ |
|
| 616 | } |
|
| 617 | ||
| 618 | /** |
|
| 619 | * Test for the ContentService::loadContent() method on an archive. |
|
| @@ 934-960 (lines=27) @@ | ||
| 931 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 932 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testLoadContentDrafts |
|
| 933 | */ |
|
| 934 | public function testLoadContentDraftsThrowsUnauthorizedExceptionWithFirstParameter() |
|
| 935 | { |
|
| 936 | $repository = $this->getRepository(); |
|
| 937 | ||
| 938 | $administratorUserId = $this->generateId('user', 14); |
|
| 939 | $anonymousUserId = $this->generateId('user', 10); |
|
| 940 | /* BEGIN: Use Case */ |
|
| 941 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 942 | // demo installation |
|
| 943 | // $administratorUserId is the ID of the "Administrator" user in a eZ |
|
| 944 | // Publish demo installation. |
|
| 945 | ||
| 946 | $contentService = $repository->getContentService(); |
|
| 947 | ||
| 948 | // Load the user service |
|
| 949 | $userService = $repository->getUserService(); |
|
| 950 | ||
| 951 | // Load the "Administrator" user |
|
| 952 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 953 | ||
| 954 | // Set anonymous user |
|
| 955 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 956 | ||
| 957 | // This call will fail with a "UnauthorizedException" |
|
| 958 | $contentService->loadContentDrafts($administratorUser); |
|
| 959 | /* END: Use Case */ |
|
| 960 | } |
|
| 961 | ||
| 962 | /** |
|
| 963 | * Test for the updateContent() method. |
|
| @@ 309-331 (lines=23) @@ | ||
| 306 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 307 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testRemoveFieldDefinition |
|
| 308 | */ |
|
| 309 | public function testRemoveFieldDefinitionThrowsUnauthorizedException() |
|
| 310 | { |
|
| 311 | $repository = $this->getRepository(); |
|
| 312 | $contentTypeService = $repository->getContentTypeService(); |
|
| 313 | ||
| 314 | $anonymousUserId = $this->generateId('user', 10); |
|
| 315 | /* BEGIN: Use Case */ |
|
| 316 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 317 | // Publish demo installation. |
|
| 318 | $contentTypeDraft = $this->createContentTypeDraft(); |
|
| 319 | ||
| 320 | // Load the user service |
|
| 321 | $userService = $repository->getUserService(); |
|
| 322 | ||
| 323 | // Set anonymous user |
|
| 324 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 325 | ||
| 326 | $bodyField = $contentTypeDraft->getFieldDefinition('body'); |
|
| 327 | ||
| 328 | // This call will fail with a "UnauthorizedException" |
|
| 329 | $contentTypeService->removeFieldDefinition($contentTypeDraft, $bodyField); |
|
| 330 | /* END: Use Case */ |
|
| 331 | } |
|
| 332 | ||
| 333 | /** |
|
| 334 | * Test for the updateFieldDefinition() method. |
|
| @@ 425-446 (lines=22) @@ | ||
| 422 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 423 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testCreateContentTypeDraft |
|
| 424 | */ |
|
| 425 | public function testCreateContentTypeDraftThrowsUnauthorizedException() |
|
| 426 | { |
|
| 427 | $repository = $this->getRepository(); |
|
| 428 | ||
| 429 | $anonymousUserId = $this->generateId('user', 10); |
|
| 430 | /* BEGIN: Use Case */ |
|
| 431 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 432 | // Publish demo installation. |
|
| 433 | $contentTypeService = $repository->getContentTypeService(); |
|
| 434 | ||
| 435 | // Load the user service |
|
| 436 | $userService = $repository->getUserService(); |
|
| 437 | ||
| 438 | // Set anonymous user |
|
| 439 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 440 | ||
| 441 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 442 | ||
| 443 | // This call will fail with a "UnauthorizedException" |
|
| 444 | $contentTypeService->createContentTypeDraft($commentType); |
|
| 445 | /* END: Use Case */ |
|
| 446 | } |
|
| 447 | ||
| 448 | /** |
|
| 449 | * Test for the deleteContentType() method. |
|
| @@ 455-476 (lines=22) @@ | ||
| 452 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 453 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testDeleteContentType |
|
| 454 | */ |
|
| 455 | public function testDeleteContentTypeThrowsUnauthorizedException() |
|
| 456 | { |
|
| 457 | $repository = $this->getRepository(); |
|
| 458 | ||
| 459 | $anonymousUserId = $this->generateId('user', 10); |
|
| 460 | /* BEGIN: Use Case */ |
|
| 461 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 462 | // Publish demo installation. |
|
| 463 | $contentTypeService = $repository->getContentTypeService(); |
|
| 464 | ||
| 465 | // Load the user service |
|
| 466 | $userService = $repository->getUserService(); |
|
| 467 | ||
| 468 | // Set anonymous user |
|
| 469 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 470 | ||
| 471 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 472 | ||
| 473 | // This call will fail with a "UnauthorizedException" |
|
| 474 | $contentTypeService->deleteContentType($commentType); |
|
| 475 | /* END: Use Case */ |
|
| 476 | } |
|
| 477 | ||
| 478 | /** |
|
| 479 | * Test for the copyContentType() method. |
|
| @@ 485-506 (lines=22) @@ | ||
| 482 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 483 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testCopyContentType |
|
| 484 | */ |
|
| 485 | public function testCopyContentTypeThrowsUnauthorizedException() |
|
| 486 | { |
|
| 487 | $repository = $this->getRepository(); |
|
| 488 | ||
| 489 | $anonymousUserId = $this->generateId('user', 10); |
|
| 490 | /* BEGIN: Use Case */ |
|
| 491 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 492 | // Publish demo installation. |
|
| 493 | $contentTypeService = $repository->getContentTypeService(); |
|
| 494 | ||
| 495 | // Load the user service |
|
| 496 | $userService = $repository->getUserService(); |
|
| 497 | ||
| 498 | // Set anonymous user |
|
| 499 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 500 | ||
| 501 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 502 | ||
| 503 | // This call will fail with a "UnauthorizedException" |
|
| 504 | $contentTypeService->copyContentType($commentType); |
|
| 505 | /* END: Use Case */ |
|
| 506 | } |
|
| 507 | ||
| 508 | /** |
|
| 509 | * Test for the assignContentTypeGroup() method. |
|
| @@ 116-141 (lines=26) @@ | ||
| 113 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 114 | * @depends eZ\Publish\API\Repository\Tests\ObjectStateServiceTest::testDeleteObjectStateGroup |
|
| 115 | */ |
|
| 116 | public function testDeleteObjectStateGroupThrowsUnauthorizedException() |
|
| 117 | { |
|
| 118 | $repository = $this->getRepository(); |
|
| 119 | ||
| 120 | $objectStateGroupId = $this->generateId('objectstategroup', 2); |
|
| 121 | $anonymousUserId = $this->generateId('user', 10); |
|
| 122 | /* BEGIN: Use Case */ |
|
| 123 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 124 | // Publish demo installation. |
|
| 125 | // Set anonymous user |
|
| 126 | $userService = $repository->getUserService(); |
|
| 127 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 128 | ||
| 129 | // $objectStateGroupId contains the ID of the standard object state |
|
| 130 | // group ez_lock. |
|
| 131 | $objectStateService = $repository->getObjectStateService(); |
|
| 132 | ||
| 133 | $loadedObjectStateGroup = $objectStateService->loadObjectStateGroup( |
|
| 134 | $objectStateGroupId |
|
| 135 | ); |
|
| 136 | ||
| 137 | // Throws unauthorized exception, since the anonymous user must not |
|
| 138 | // delete object state groups |
|
| 139 | $objectStateService->deleteObjectStateGroup($loadedObjectStateGroup); |
|
| 140 | /* END: Use Case */ |
|
| 141 | } |
|
| 142 | ||
| 143 | /** |
|
| 144 | * Test for the createObjectState() method. |
|
| @@ 138-163 (lines=26) @@ | ||
| 135 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetUserService |
|
| 136 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessWithAnonymousUserNo |
|
| 137 | */ |
|
| 138 | public function testHasAccessForCurrentUserNo() |
|
| 139 | { |
|
| 140 | $repository = $this->getRepository(); |
|
| 141 | ||
| 142 | $anonymousUserId = $this->generateId('user', 10); |
|
| 143 | ||
| 144 | /* BEGIN: Use Case */ |
|
| 145 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 146 | // Publish demo installation. |
|
| 147 | ||
| 148 | $userService = $repository->getUserService(); |
|
| 149 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 150 | ||
| 151 | // Load anonymous user |
|
| 152 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 153 | ||
| 154 | // Set anonymous user as current user reference |
|
| 155 | $permissionResolver->setCurrentUserReference($anonymousUser); |
|
| 156 | ||
| 157 | // This call will return false because anonymous user does not have access |
|
| 158 | // to content removal |
|
| 159 | $hasAccess = $permissionResolver->hasAccess('content', 'remove'); |
|
| 160 | /* END: Use Case */ |
|
| 161 | ||
| 162 | $this->assertFalse($hasAccess); |
|
| 163 | } |
|
| 164 | ||
| 165 | /** |
|
| 166 | * Test for the hasAccess() method. |
|
| @@ 201-224 (lines=24) @@ | ||
| 198 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testSetCurrentUserReference |
|
| 199 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessWithAdministratorUser |
|
| 200 | */ |
|
| 201 | public function testHasAccessForCurrentUserYes() |
|
| 202 | { |
|
| 203 | $repository = $this->getRepository(); |
|
| 204 | ||
| 205 | $administratorUserId = $this->generateId('user', 14); |
|
| 206 | ||
| 207 | /* BEGIN: Use Case */ |
|
| 208 | // $administratorUserId contains the ID of the administrator user |
|
| 209 | ||
| 210 | $userService = $repository->getUserService(); |
|
| 211 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 212 | ||
| 213 | // Load administrator user |
|
| 214 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 215 | ||
| 216 | // Set administrator user as current user reference |
|
| 217 | $permissionResolver->setCurrentUserReference($administratorUser); |
|
| 218 | ||
| 219 | // This call will return true |
|
| 220 | $hasAccess = $permissionResolver->hasAccess('content', 'read'); |
|
| 221 | /* END: Use Case */ |
|
| 222 | ||
| 223 | $this->assertTrue($hasAccess); |
|
| 224 | } |
|
| 225 | ||
| 226 | /** |
|
| 227 | * Test for the hasAccess() method. |
|
| @@ 354-380 (lines=27) @@ | ||
| 351 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 352 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 353 | */ |
|
| 354 | public function testCanUserWithLimitationYes() |
|
| 355 | { |
|
| 356 | $repository = $this->getRepository(); |
|
| 357 | ||
| 358 | $imagesFolderId = $this->generateId('object', 49); |
|
| 359 | ||
| 360 | /* BEGIN: Use Case */ |
|
| 361 | // $imagesFolderId contains the ID of the "Images" folder |
|
| 362 | ||
| 363 | $user = $this->createUserVersion1(); |
|
| 364 | ||
| 365 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 366 | ||
| 367 | // Set created user as current user reference |
|
| 368 | $permissionResolver->setCurrentUserReference($user); |
|
| 369 | ||
| 370 | $contentService = $repository->getContentService(); |
|
| 371 | ||
| 372 | // Performing an action having necessary permissions will succeed |
|
| 373 | $imagesFolder = $contentService->loadContent($imagesFolderId); |
|
| 374 | ||
| 375 | // This call will return true |
|
| 376 | $canUser = $permissionResolver->canUser('content', 'read', $imagesFolder); |
|
| 377 | /* END: Use Case */ |
|
| 378 | ||
| 379 | $this->assertTrue($canUser); |
|
| 380 | } |
|
| 381 | ||
| 382 | /** |
|
| 383 | * Test for the canUser() method. |
|
| @@ 631-653 (lines=23) @@ | ||
| 628 | * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testGetRoleAssignmentsForUserGroup |
|
| 629 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testCreateUser |
|
| 630 | */ |
|
| 631 | public function testGetRoleAssignmentsForUserGroupThrowsUnauthorizedException() |
|
| 632 | { |
|
| 633 | $repository = $this->getRepository(); |
|
| 634 | $roleService = $repository->getRoleService(); |
|
| 635 | $userService = $repository->getUserService(); |
|
| 636 | ||
| 637 | $editorsGroupId = $this->generateId('group', 13); |
|
| 638 | ||
| 639 | /* BEGIN: Use Case */ |
|
| 640 | $user = $this->createUserVersion1(); |
|
| 641 | ||
| 642 | $this->createRole(); |
|
| 643 | ||
| 644 | // Load the "Editors" user group |
|
| 645 | $userGroup = $userService->loadUserGroup($editorsGroupId); |
|
| 646 | ||
| 647 | // Set "Editor" user as current user. |
|
| 648 | $repository->setCurrentUser($user); |
|
| 649 | ||
| 650 | // This call will fail with an "UnauthorizedException" |
|
| 651 | $roleService->getRoleAssignmentsForUserGroup($userGroup); |
|
| 652 | /* END: Use Case */ |
|
| 653 | } |
|
| 654 | ||
| 655 | /** |
|
| 656 | * Create a role fixture in a variable named <b>$role</b>,. |
|
