ezsystems /
ezpublish-kernel
| @@ 235-258 (lines=24) @@ | ||
| 232 | * @see \eZ\Publish\API\Repository\SectionService::deleteSection() |
|
| 233 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 234 | */ |
|
| 235 | public function testDeleteSectionThrowsUnauthorizedException() |
|
| 236 | { |
|
| 237 | $repository = $this->getRepository(); |
|
| 238 | ||
| 239 | $anonymousUserId = $this->generateId('user', 10); |
|
| 240 | /* BEGIN: Use Case */ |
|
| 241 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 242 | // Publish demo installation. |
|
| 243 | $userService = $repository->getUserService(); |
|
| 244 | $sectionService = $repository->getSectionService(); |
|
| 245 | ||
| 246 | $sectionCreate = $sectionService->newSectionCreateStruct(); |
|
| 247 | $sectionCreate->name = 'Test Section'; |
|
| 248 | $sectionCreate->identifier = 'uniqueKey'; |
|
| 249 | ||
| 250 | $section = $sectionService->createSection($sectionCreate); |
|
| 251 | ||
| 252 | // Set anonymous user |
|
| 253 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 254 | ||
| 255 | // This call will fail with a "UnauthorizedException" |
|
| 256 | $sectionService->deleteSection($section); |
|
| 257 | /* END: Use Case */ |
|
| 258 | } |
|
| 259 | } |
|
| 260 | ||
| @@ 1248-1281 (lines=34) @@ | ||
| 1245 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 1246 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testAddRelation |
|
| 1247 | */ |
|
| 1248 | public function testAddRelationThrowsUnauthorizedException() |
|
| 1249 | { |
|
| 1250 | $repository = $this->getRepository(); |
|
| 1251 | ||
| 1252 | $contentService = $repository->getContentService(); |
|
| 1253 | ||
| 1254 | $anonymousUserId = $this->generateId('user', 10); |
|
| 1255 | /* BEGIN: Use Case */ |
|
| 1256 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 1257 | // demo installation |
|
| 1258 | // Remote id of the "Media" page of a eZ Publish demo installation. |
|
| 1259 | $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
| 1260 | ||
| 1261 | $draft = $this->createContentDraftVersion1(); |
|
| 1262 | ||
| 1263 | // Get the draft's version info |
|
| 1264 | $versionInfo = $draft->getVersionInfo(); |
|
| 1265 | ||
| 1266 | // Load other content object |
|
| 1267 | $media = $contentService->loadContentInfoByRemoteId($mediaRemoteId); |
|
| 1268 | ||
| 1269 | // Load the user service |
|
| 1270 | $userService = $repository->getUserService(); |
|
| 1271 | ||
| 1272 | // Set anonymous user |
|
| 1273 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 1274 | ||
| 1275 | // This call will fail with a "UnauthorizedException" |
|
| 1276 | $contentService->addRelation( |
|
| 1277 | $versionInfo, |
|
| 1278 | $media |
|
| 1279 | ); |
|
| 1280 | /* END: Use Case */ |
|
| 1281 | } |
|
| 1282 | ||
| 1283 | /** |
|
| 1284 | * Test for the deleteRelation() method. |
|
| @@ 386-418 (lines=33) @@ | ||
| 383 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 384 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 385 | */ |
|
| 386 | public function testCanUserWithLimitationNo() |
|
| 387 | { |
|
| 388 | $repository = $this->getRepository(); |
|
| 389 | ||
| 390 | $administratorUserId = $this->generateId('user', 14); |
|
| 391 | ||
| 392 | /* BEGIN: Use Case */ |
|
| 393 | // $administratorUserId contains the ID of the administrator user |
|
| 394 | ||
| 395 | $user = $this->createUserVersion1(); |
|
| 396 | ||
| 397 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 398 | ||
| 399 | // Set created user as current user reference |
|
| 400 | $permissionResolver->setCurrentUserReference($user); |
|
| 401 | ||
| 402 | $userService = $repository->getUserService(); |
|
| 403 | ||
| 404 | // Load administrator user using UserService, this does not check for permissions |
|
| 405 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 406 | ||
| 407 | // This call will return false as user with Editor role does not have |
|
| 408 | // permission to read "Users" subtree |
|
| 409 | $canUser = $permissionResolver->canUser('content', 'read', $administratorUser); |
|
| 410 | ||
| 411 | $contentService = $repository->getContentService(); |
|
| 412 | ||
| 413 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 414 | if (!$canUser) { |
|
| 415 | $content = $contentService->loadContent($administratorUserId); |
|
| 416 | } |
|
| 417 | /* END: Use Case */ |
|
| 418 | } |
|
| 419 | ||
| 420 | /** |
|
| 421 | * Test for the canUser() method. |
|
| @@ 536-569 (lines=34) @@ | ||
| 533 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessForCurrentUserNo |
|
| 534 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 535 | */ |
|
| 536 | public function testCanUserForAnonymousUserNo() |
|
| 537 | { |
|
| 538 | $repository = $this->getRepository(); |
|
| 539 | ||
| 540 | $homeId = $this->generateId('object', 57); |
|
| 541 | ||
| 542 | $anonymousUserId = $this->generateId('user', 10); |
|
| 543 | /* BEGIN: Use Case */ |
|
| 544 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 545 | // Publish demo installation. |
|
| 546 | // $homeId contains the ID of the "Home" frontpage |
|
| 547 | ||
| 548 | $contentService = $repository->getContentService(); |
|
| 549 | $userService = $repository->getUserService(); |
|
| 550 | ||
| 551 | // Load anonymous user |
|
| 552 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 553 | ||
| 554 | // Set anonymous user as current user |
|
| 555 | $repository->setCurrentUser($anonymousUser); |
|
| 556 | ||
| 557 | // Load the ContentInfo for "Home" frontpage |
|
| 558 | $contentInfo = $contentService->loadContentInfo($homeId); |
|
| 559 | ||
| 560 | // This call will return false because anonymous user does not have access |
|
| 561 | // to content removal and hence no permission to remove given content |
|
| 562 | $canUser = $repository->canUser('content', 'remove', $contentInfo); |
|
| 563 | ||
| 564 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 565 | if (!$canUser) { |
|
| 566 | $contentService->deleteContent($contentInfo); |
|
| 567 | } |
|
| 568 | /* END: Use Case */ |
|
| 569 | } |
|
| 570 | ||
| 571 | /** |
|
| 572 | * Test for the canUser() method. |
|
| @@ 657-687 (lines=31) @@ | ||
| 654 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessLimited |
|
| 655 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 656 | */ |
|
| 657 | public function testCanUserWithLimitationNo() |
|
| 658 | { |
|
| 659 | $repository = $this->getRepository(); |
|
| 660 | ||
| 661 | $administratorUserId = $this->generateId('user', 14); |
|
| 662 | ||
| 663 | /* BEGIN: Use Case */ |
|
| 664 | // $administratorUserId contains the ID of the administrator user |
|
| 665 | ||
| 666 | $user = $this->createUserVersion1(); |
|
| 667 | ||
| 668 | // Set created user as current user |
|
| 669 | $repository->setCurrentUser($user); |
|
| 670 | ||
| 671 | $userService = $repository->getUserService(); |
|
| 672 | ||
| 673 | // Load administrator user using UserService, this does not check for permissions |
|
| 674 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 675 | ||
| 676 | // This call will return false as user with Editor role does not have |
|
| 677 | // permission to read "Users" subtree |
|
| 678 | $canUser = $repository->canUser('content', 'read', $administratorUser); |
|
| 679 | ||
| 680 | $contentService = $repository->getContentService(); |
|
| 681 | ||
| 682 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 683 | if (!$canUser) { |
|
| 684 | $content = $contentService->loadContent($administratorUserId); |
|
| 685 | } |
|
| 686 | /* END: Use Case */ |
|
| 687 | } |
|
| 688 | ||
| 689 | /** |
|
| 690 | * Test for the canUser() method. |
|
| @@ 395-420 (lines=26) @@ | ||
| 392 | * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUnassignRoleFromUserGroup |
|
| 393 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testCreateUser |
|
| 394 | */ |
|
| 395 | public function testUnassignRoleFromUserGroupThrowsUnauthorizedException() |
|
| 396 | { |
|
| 397 | $repository = $this->getRepository(); |
|
| 398 | $userService = $repository->getUserService(); |
|
| 399 | $roleService = $repository->getRoleService(); |
|
| 400 | ||
| 401 | $editorsGroupId = $this->generateId('group', 13); |
|
| 402 | ||
| 403 | /* BEGIN: Use Case */ |
|
| 404 | $user = $this->createUserVersion1(); |
|
| 405 | ||
| 406 | $role = $this->createRole(); |
|
| 407 | ||
| 408 | // Load the "Editors" user group |
|
| 409 | $userGroup = $userService->loadUserGroup($editorsGroupId); |
|
| 410 | ||
| 411 | // Assign new role to "Editors" user group |
|
| 412 | $roleService->assignRoleToUserGroup($role, $userGroup); |
|
| 413 | ||
| 414 | // Set "Editor" user as current user. |
|
| 415 | $repository->setCurrentUser($user); |
|
| 416 | ||
| 417 | // This call will fail with an "UnauthorizedException" |
|
| 418 | $roleService->unassignRoleFromUserGroup($role, $userGroup); |
|
| 419 | /* END: Use Case */ |
|
| 420 | } |
|
| 421 | ||
| 422 | /** |
|
| 423 | * Test for the assignRoleToUser() method. |
|
| @@ 147-174 (lines=28) @@ | ||
| 144 | * @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testRecover |
|
| 145 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
| 146 | */ |
|
| 147 | public function testRecoverThrowsUnauthorizedExceptionWithNewParentLocationParameter() |
|
| 148 | { |
|
| 149 | $repository = $this->getRepository(); |
|
| 150 | $trashService = $repository->getTrashService(); |
|
| 151 | $locationService = $repository->getLocationService(); |
|
| 152 | ||
| 153 | $homeLocationId = $this->generateId('location', 2); |
|
| 154 | $anonymousUserId = $this->generateId('user', 10); |
|
| 155 | /* BEGIN: Use Case */ |
|
| 156 | // $anonymousUserId is the ID of the "Anonymous" user |
|
| 157 | // $homeLocationId is the ID of the "Home" location in an eZ Publish |
|
| 158 | // demo installation |
|
| 159 | ||
| 160 | $trashItem = $this->createTrashItem(); |
|
| 161 | ||
| 162 | // Get the new parent location |
|
| 163 | $newParentLocation = $locationService->loadLocation($homeLocationId); |
|
| 164 | ||
| 165 | // Load user service |
|
| 166 | $userService = $repository->getUserService(); |
|
| 167 | ||
| 168 | // Set "Anonymous" as current user |
|
| 169 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 170 | ||
| 171 | // This call will fail with an "UnauthorizedException" |
|
| 172 | $trashService->recover($trashItem, $newParentLocation); |
|
| 173 | /* END: Use Case */ |
|
| 174 | } |
|
| 175 | ||
| 176 | /** |
|
| 177 | * Test for the emptyTrash() method. |
|
| @@ 166-192 (lines=27) @@ | ||
| 163 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 164 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testUpdateUserGroup |
|
| 165 | */ |
|
| 166 | public function testUpdateUserGroupThrowsUnauthorizedException() |
|
| 167 | { |
|
| 168 | $repository = $this->getRepository(); |
|
| 169 | $userService = $repository->getUserService(); |
|
| 170 | ||
| 171 | /* BEGIN: Use Case */ |
|
| 172 | $user = $this->createUserVersion1(); |
|
| 173 | ||
| 174 | $userGroup = $this->createUserGroupVersion1(); |
|
| 175 | ||
| 176 | // Now set the currently created "Editor" as current user |
|
| 177 | $repository->setCurrentUser($user); |
|
| 178 | ||
| 179 | // Load content service |
|
| 180 | $contentService = $repository->getContentService(); |
|
| 181 | ||
| 182 | // Instantiate a content update struct |
|
| 183 | $contentUpdateStruct = $contentService->newContentUpdateStruct(); |
|
| 184 | $contentUpdateStruct->setField('name', 'New group name'); |
|
| 185 | ||
| 186 | $userGroupUpdateStruct = $userService->newUserGroupUpdateStruct(); |
|
| 187 | $userGroupUpdateStruct->contentUpdateStruct = $contentUpdateStruct; |
|
| 188 | ||
| 189 | // This call will fail with an "UnauthorizedException" |
|
| 190 | $userService->updateUserGroup($userGroup, $userGroupUpdateStruct); |
|
| 191 | /* END: Use Case */ |
|
| 192 | } |
|
| 193 | ||
| 194 | /** |
|
| 195 | * Test for the createUser() method. |
|
