ezsystems /
ezpublish-kernel
| @@ 1334-1369 (lines=36) @@ | ||
| 1331 | * @see \eZ\Publish\API\Repository\ContentService::addRelation() |
|
| 1332 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testAddRelation |
|
| 1333 | */ |
|
| 1334 | public function testAddRelationThrowsUnauthorizedException() |
|
| 1335 | { |
|
| 1336 | $repository = $this->getRepository(); |
|
| 1337 | ||
| 1338 | $contentService = $repository->getContentService(); |
|
| 1339 | ||
| 1340 | $anonymousUserId = $this->generateId('user', 10); |
|
| 1341 | /* BEGIN: Use Case */ |
|
| 1342 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 1343 | // demo installation |
|
| 1344 | // Remote id of the "Media" page of a eZ Publish demo installation. |
|
| 1345 | $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
| 1346 | ||
| 1347 | $draft = $this->createContentDraftVersion1(); |
|
| 1348 | ||
| 1349 | // Get the draft's version info |
|
| 1350 | $versionInfo = $draft->getVersionInfo(); |
|
| 1351 | ||
| 1352 | // Load other content object |
|
| 1353 | $media = $contentService->loadContentInfoByRemoteId($mediaRemoteId); |
|
| 1354 | ||
| 1355 | // Load the user service |
|
| 1356 | $userService = $repository->getUserService(); |
|
| 1357 | ||
| 1358 | // Set anonymous user |
|
| 1359 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 1360 | ||
| 1361 | $this->expectException(UnauthorizedException::class); |
|
| 1362 | $this->expectExceptionMessageRegExp('/\'versionread\' \'content\'/'); |
|
| 1363 | ||
| 1364 | $contentService->addRelation( |
|
| 1365 | $versionInfo, |
|
| 1366 | $media |
|
| 1367 | ); |
|
| 1368 | /* END: Use Case */ |
|
| 1369 | } |
|
| 1370 | ||
| 1371 | /** |
|
| 1372 | * Test for the deleteRelation() method. |
|
| @@ 274-306 (lines=33) @@ | ||
| 271 | * @see \eZ\Publish\API\Repository\LocationService::swapLocation() |
|
| 272 | * @depends eZ\Publish\API\Repository\Tests\LocationServiceTest::testSwapLocation |
|
| 273 | */ |
|
| 274 | public function testSwapLocationThrowsUnauthorizedException() |
|
| 275 | { |
|
| 276 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 277 | ||
| 278 | $repository = $this->getRepository(); |
|
| 279 | ||
| 280 | $mediaLocationId = $this->generateId('location', 43); |
|
| 281 | $demoDesignLocationId = $this->generateId('location', 56); |
|
| 282 | /* BEGIN: Use Case */ |
|
| 283 | // $mediaLocationId is the ID of the "Media" Location in |
|
| 284 | // an eZ Publish demo installation |
|
| 285 | ||
| 286 | // $demoDesignLocationId is the ID of the "Demo Design" Location in an eZ |
|
| 287 | // Publish demo installation |
|
| 288 | ||
| 289 | // Load the location service |
|
| 290 | $locationService = $repository->getLocationService(); |
|
| 291 | ||
| 292 | $mediaLocation = $locationService->loadLocation($mediaLocationId); |
|
| 293 | $demoDesignLocation = $locationService->loadLocation($demoDesignLocationId); |
|
| 294 | ||
| 295 | // Swaps the content referred to by the locations |
|
| 296 | $locationService->swapLocation($mediaLocation, $demoDesignLocation); |
|
| 297 | ||
| 298 | $user = $this->createMediaUserVersion1(); |
|
| 299 | ||
| 300 | // Set media editor as current user |
|
| 301 | $repository->setCurrentUser($user); |
|
| 302 | ||
| 303 | // This call will fail with an "UnauthorizedException" |
|
| 304 | $locationService->swapLocation($mediaLocation, $demoDesignLocation); |
|
| 305 | /* END: Use Case */ |
|
| 306 | } |
|
| 307 | ||
| 308 | /** |
|
| 309 | * Test for the hideLocation() method. |
|
| @@ 494-529 (lines=36) @@ | ||
| 491 | * @see \eZ\Publish\API\Repository\LocationService::copySubtree() |
|
| 492 | * @depends eZ\Publish\API\Repository\Tests\LocationServiceTest::testCopySubtree |
|
| 493 | */ |
|
| 494 | public function testCopySubtreeThrowsUnauthorizedException() |
|
| 495 | { |
|
| 496 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 497 | ||
| 498 | $repository = $this->getRepository(); |
|
| 499 | ||
| 500 | $mediaLocationId = $this->generateId('location', 43); |
|
| 501 | $demoDesignLocationId = $this->generateId('location', 56); |
|
| 502 | /* BEGIN: Use Case */ |
|
| 503 | $user = $this->createMediaUserVersion1(); |
|
| 504 | ||
| 505 | // $mediaLocationId is the ID of the "Media" Location in |
|
| 506 | // an eZ Publish demo installation |
|
| 507 | ||
| 508 | // $demoDesignLocationId is the ID of the "Demo Design" Location in an eZ |
|
| 509 | // Publish demo installation |
|
| 510 | ||
| 511 | // Load the location service |
|
| 512 | $locationService = $repository->getLocationService(); |
|
| 513 | ||
| 514 | // Load location to copy |
|
| 515 | $locationToCopy = $locationService->loadLocation($mediaLocationId); |
|
| 516 | ||
| 517 | // Load new parent location |
|
| 518 | $newParentLocation = $locationService->loadLocation($demoDesignLocationId); |
|
| 519 | ||
| 520 | // Set media editor as current user |
|
| 521 | $repository->setCurrentUser($user); |
|
| 522 | ||
| 523 | // This call will fail with an "UnauthorizedException" |
|
| 524 | $locationService->copySubtree( |
|
| 525 | $locationToCopy, |
|
| 526 | $newParentLocation |
|
| 527 | ); |
|
| 528 | /* END: Use Case */ |
|
| 529 | } |
|
| 530 | ||
| 531 | /** |
|
| 532 | * Test for the moveSubtree() method. |
|
| @@ 537-572 (lines=36) @@ | ||
| 534 | * @see \eZ\Publish\API\Repository\LocationService::moveSubtree() |
|
| 535 | * @depends eZ\Publish\API\Repository\Tests\LocationServiceTest::testMoveSubtree |
|
| 536 | */ |
|
| 537 | public function testMoveSubtreeThrowsUnauthorizedException() |
|
| 538 | { |
|
| 539 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 540 | ||
| 541 | $repository = $this->getRepository(); |
|
| 542 | ||
| 543 | $mediaLocationId = $this->generateId('location', 43); |
|
| 544 | $demoDesignLocationId = $this->generateId('location', 56); |
|
| 545 | /* BEGIN: Use Case */ |
|
| 546 | $user = $this->createMediaUserVersion1(); |
|
| 547 | ||
| 548 | // $mediaLocationId is the ID of the "Media" page location in |
|
| 549 | // an eZ Publish demo installation |
|
| 550 | ||
| 551 | // $demoDesignLocationId is the ID of the "Demo Design" page location in an eZ |
|
| 552 | // Publish demo installation |
|
| 553 | ||
| 554 | // Load the location service |
|
| 555 | $locationService = $repository->getLocationService(); |
|
| 556 | ||
| 557 | // Load location to move |
|
| 558 | $locationToMove = $locationService->loadLocation($mediaLocationId); |
|
| 559 | ||
| 560 | // Load new parent location |
|
| 561 | $newParentLocation = $locationService->loadLocation($demoDesignLocationId); |
|
| 562 | ||
| 563 | // Set media editor as current user |
|
| 564 | $repository->setCurrentUser($user); |
|
| 565 | ||
| 566 | // This call will fail with an "UnauthorizedException" |
|
| 567 | $locationService->moveSubtree( |
|
| 568 | $locationToMove, |
|
| 569 | $newParentLocation |
|
| 570 | ); |
|
| 571 | /* END: Use Case */ |
|
| 572 | } |
|
| 573 | } |
|
| 574 | ||
| @@ 390-424 (lines=35) @@ | ||
| 387 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 388 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 389 | */ |
|
| 390 | public function testCanUserWithLimitationNo() |
|
| 391 | { |
|
| 392 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 393 | ||
| 394 | $repository = $this->getRepository(); |
|
| 395 | ||
| 396 | $administratorUserId = $this->generateId('user', 14); |
|
| 397 | ||
| 398 | /* BEGIN: Use Case */ |
|
| 399 | // $administratorUserId contains the ID of the administrator user |
|
| 400 | ||
| 401 | $user = $this->createUserVersion1(); |
|
| 402 | ||
| 403 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 404 | ||
| 405 | // Set created user as current user reference |
|
| 406 | $permissionResolver->setCurrentUserReference($user); |
|
| 407 | ||
| 408 | $userService = $repository->getUserService(); |
|
| 409 | ||
| 410 | // Load administrator user using UserService, this does not check for permissions |
|
| 411 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 412 | ||
| 413 | // This call will return false as user with Editor role does not have |
|
| 414 | // permission to read "Users" subtree |
|
| 415 | $canUser = $permissionResolver->canUser('content', 'read', $administratorUser); |
|
| 416 | ||
| 417 | $contentService = $repository->getContentService(); |
|
| 418 | ||
| 419 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 420 | if (!$canUser) { |
|
| 421 | $content = $contentService->loadContent($administratorUserId); |
|
| 422 | } |
|
| 423 | /* END: Use Case */ |
|
| 424 | } |
|
| 425 | ||
| 426 | /** |
|
| 427 | * Test for the canUser() method. |
|
| @@ 561-596 (lines=36) @@ | ||
| 558 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 559 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessForCurrentUserNo |
|
| 560 | */ |
|
| 561 | public function testCanUserForAnonymousUserNo() |
|
| 562 | { |
|
| 563 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 564 | ||
| 565 | $repository = $this->getRepository(); |
|
| 566 | ||
| 567 | $homeId = $this->generateId('object', 57); |
|
| 568 | ||
| 569 | $anonymousUserId = $this->generateId('user', 10); |
|
| 570 | /* BEGIN: Use Case */ |
|
| 571 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 572 | // Publish demo installation. |
|
| 573 | // $homeId contains the ID of the "Home" frontpage |
|
| 574 | ||
| 575 | $contentService = $repository->getContentService(); |
|
| 576 | $userService = $repository->getUserService(); |
|
| 577 | ||
| 578 | // Load anonymous user |
|
| 579 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 580 | ||
| 581 | // Set anonymous user as current user |
|
| 582 | $repository->setCurrentUser($anonymousUser); |
|
| 583 | ||
| 584 | // Load the ContentInfo for "Home" frontpage |
|
| 585 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 586 | ||
| 587 | // This call will return false because anonymous user does not have access |
|
| 588 | // to content removal and hence no permission to remove given content |
|
| 589 | $canUser = $repository->canUser('content', 'remove', $contentInfo); |
|
| 590 | ||
| 591 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 592 | if (!$canUser) { |
|
| 593 | $contentService->deleteContent($contentInfo); |
|
| 594 | } |
|
| 595 | /* END: Use Case */ |
|
| 596 | } |
|
| 597 | ||
| 598 | /** |
|
| 599 | * Test for the canUser() method. |
|
| @@ 684-716 (lines=33) @@ | ||
| 681 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 682 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessLimited |
|
| 683 | */ |
|
| 684 | public function testCanUserWithLimitationNo() |
|
| 685 | { |
|
| 686 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 687 | ||
| 688 | $repository = $this->getRepository(); |
|
| 689 | ||
| 690 | $administratorUserId = $this->generateId('user', 14); |
|
| 691 | ||
| 692 | /* BEGIN: Use Case */ |
|
| 693 | // $administratorUserId contains the ID of the administrator user |
|
| 694 | ||
| 695 | $user = $this->createUserVersion1(); |
|
| 696 | ||
| 697 | // Set created user as current user |
|
| 698 | $repository->setCurrentUser($user); |
|
| 699 | ||
| 700 | $userService = $repository->getUserService(); |
|
| 701 | ||
| 702 | // Load administrator user using UserService, this does not check for permissions |
|
| 703 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 704 | ||
| 705 | // This call will return false as user with Editor role does not have |
|
| 706 | // permission to read "Users" subtree |
|
| 707 | $canUser = $repository->canUser('content', 'read', $administratorUser); |
|
| 708 | ||
| 709 | $contentService = $repository->getContentService(); |
|
| 710 | ||
| 711 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 712 | if (!$canUser) { |
|
| 713 | $content = $contentService->loadContent($administratorUserId); |
|
| 714 | } |
|
| 715 | /* END: Use Case */ |
|
| 716 | } |
|
| 717 | ||
| 718 | /** |
|
| 719 | * Test for the canUser() method. |
|
| @@ 441-468 (lines=28) @@ | ||
| 438 | * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUnassignRoleFromUserGroup |
|
| 439 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testCreateUser |
|
| 440 | */ |
|
| 441 | public function testUnassignRoleFromUserGroupThrowsUnauthorizedException() |
|
| 442 | { |
|
| 443 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 444 | ||
| 445 | $repository = $this->getRepository(); |
|
| 446 | $userService = $repository->getUserService(); |
|
| 447 | $roleService = $repository->getRoleService(); |
|
| 448 | ||
| 449 | $editorsGroupId = $this->generateId('group', 13); |
|
| 450 | ||
| 451 | /* BEGIN: Use Case */ |
|
| 452 | $user = $this->createUserVersion1(); |
|
| 453 | ||
| 454 | $role = $this->createRole(); |
|
| 455 | ||
| 456 | // Load the "Editors" user group |
|
| 457 | $userGroup = $userService->loadUserGroup($editorsGroupId); |
|
| 458 | ||
| 459 | // Assign new role to "Editors" user group |
|
| 460 | $roleService->assignRoleToUserGroup($role, $userGroup); |
|
| 461 | ||
| 462 | // Set "Editor" user as current user. |
|
| 463 | $repository->setCurrentUser($user); |
|
| 464 | ||
| 465 | // This call will fail with an "UnauthorizedException" |
|
| 466 | $roleService->unassignRoleFromUserGroup($role, $userGroup); |
|
| 467 | /* END: Use Case */ |
|
| 468 | } |
|
| 469 | ||
| 470 | /** |
|
| 471 | * Test for the assignRoleToUser() method. |
|
| @@ 282-307 (lines=26) @@ | ||
| 279 | * |
|
| 280 | * @see \eZ\Publish\API\Repository\SectionService::deleteSection() |
|
| 281 | */ |
|
| 282 | public function testDeleteSectionThrowsUnauthorizedException() |
|
| 283 | { |
|
| 284 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 285 | ||
| 286 | $repository = $this->getRepository(); |
|
| 287 | ||
| 288 | $anonymousUserId = $this->generateId('user', 10); |
|
| 289 | /* BEGIN: Use Case */ |
|
| 290 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 291 | // Publish demo installation. |
|
| 292 | $userService = $repository->getUserService(); |
|
| 293 | $sectionService = $repository->getSectionService(); |
|
| 294 | ||
| 295 | $sectionCreate = $sectionService->newSectionCreateStruct(); |
|
| 296 | $sectionCreate->name = 'Test Section'; |
|
| 297 | $sectionCreate->identifier = 'uniqueKey'; |
|
| 298 | ||
| 299 | $section = $sectionService->createSection($sectionCreate); |
|
| 300 | ||
| 301 | // Set anonymous user |
|
| 302 | $repository->getPermissionResolver()->setCurrentUserReference($userService->loadUser($anonymousUserId)); |
|
| 303 | ||
| 304 | // This call will fail with a "UnauthorizedException" |
|
| 305 | $sectionService->deleteSection($section); |
|
| 306 | /* END: Use Case */ |
|
| 307 | } |
|
| 308 | } |
|
| 309 | ||
| @@ 148-177 (lines=30) @@ | ||
| 145 | * @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testRecover |
|
| 146 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
| 147 | */ |
|
| 148 | public function testRecoverThrowsUnauthorizedExceptionWithNewParentLocationParameter() |
|
| 149 | { |
|
| 150 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 151 | ||
| 152 | $repository = $this->getRepository(); |
|
| 153 | $trashService = $repository->getTrashService(); |
|
| 154 | $locationService = $repository->getLocationService(); |
|
| 155 | ||
| 156 | $homeLocationId = $this->generateId('location', 2); |
|
| 157 | $anonymousUserId = $this->generateId('user', 10); |
|
| 158 | /* BEGIN: Use Case */ |
|
| 159 | // $anonymousUserId is the ID of the "Anonymous" user |
|
| 160 | // $homeLocationId is the ID of the "Home" location in an eZ Publish |
|
| 161 | // demo installation |
|
| 162 | ||
| 163 | $trashItem = $this->createTrashItem(); |
|
| 164 | ||
| 165 | // Get the new parent location |
|
| 166 | $newParentLocation = $locationService->loadLocation($homeLocationId); |
|
| 167 | ||
| 168 | // Load user service |
|
| 169 | $userService = $repository->getUserService(); |
|
| 170 | ||
| 171 | // Set "Anonymous" as current user |
|
| 172 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 173 | ||
| 174 | // This call will fail with an "UnauthorizedException" |
|
| 175 | $trashService->recover($trashItem, $newParentLocation); |
|
| 176 | /* END: Use Case */ |
|
| 177 | } |
|
| 178 | ||
| 179 | /** |
|
| 180 | * Test for the emptyTrash() method. |
|
| @@ 49-73 (lines=25) @@ | ||
| 46 | * |
|
| 47 | * @see \eZ\Publish\API\Repository\URLService::updateUrl |
|
| 48 | */ |
|
| 49 | public function testUpdateUrlThrowsUnauthorizedException() |
|
| 50 | { |
|
| 51 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 52 | ||
| 53 | $repository = $this->getRepository(); |
|
| 54 | ||
| 55 | $anonymousUserId = $this->generateId('user', 10); |
|
| 56 | $urlId = $this->generateId('url', 23); |
|
| 57 | /* BEGIN: Use Case */ |
|
| 58 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 59 | // Publish demo installation. |
|
| 60 | ||
| 61 | $userService = $repository->getUserService(); |
|
| 62 | $urlService = $repository->getURLService(); |
|
| 63 | ||
| 64 | $repository->getPermissionResolver()->setCurrentUserReference($userService->loadUser($anonymousUserId)); |
|
| 65 | ||
| 66 | $url = $urlService->loadById($urlId); |
|
| 67 | $updateStruct = $urlService->createUpdateStruct(); |
|
| 68 | $updateStruct->url = 'https://vimeo.com/'; |
|
| 69 | ||
| 70 | // This call will fail with an UnauthorizedException |
|
| 71 | $urlService->updateUrl($url, $updateStruct); |
|
| 72 | /* END: Use Case */ |
|
| 73 | } |
|
| 74 | ||
| 75 | /** |
|
| 76 | * Test for the loadById() method. |
|
| @@ 170-198 (lines=29) @@ | ||
| 167 | * @see \eZ\Publish\API\Repository\UserService::updateUserGroup() |
|
| 168 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testUpdateUserGroup |
|
| 169 | */ |
|
| 170 | public function testUpdateUserGroupThrowsUnauthorizedException() |
|
| 171 | { |
|
| 172 | $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
| 173 | ||
| 174 | $repository = $this->getRepository(); |
|
| 175 | $userService = $repository->getUserService(); |
|
| 176 | ||
| 177 | /* BEGIN: Use Case */ |
|
| 178 | $user = $this->createUserVersion1(); |
|
| 179 | ||
| 180 | $userGroup = $this->createUserGroupVersion1(); |
|
| 181 | ||
| 182 | // Now set the currently created "Editor" as current user |
|
| 183 | $repository->setCurrentUser($user); |
|
| 184 | ||
| 185 | // Load content service |
|
| 186 | $contentService = $repository->getContentService(); |
|
| 187 | ||
| 188 | // Instantiate a content update struct |
|
| 189 | $contentUpdateStruct = $contentService->newContentUpdateStruct(); |
|
| 190 | $contentUpdateStruct->setField('name', 'New group name'); |
|
| 191 | ||
| 192 | $userGroupUpdateStruct = $userService->newUserGroupUpdateStruct(); |
|
| 193 | $userGroupUpdateStruct->contentUpdateStruct = $contentUpdateStruct; |
|
| 194 | ||
| 195 | // This call will fail with an "UnauthorizedException" |
|
| 196 | $userService->updateUserGroup($userGroup, $userGroupUpdateStruct); |
|
| 197 | /* END: Use Case */ |
|
| 198 | } |
|
| 199 | ||
| 200 | /** |
|
| 201 | * Test for the createUser() method. |
|
