ezsystems /
ezpublish-kernel
| @@ 133-158 (lines=26) @@ | ||
| 130 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetUserService |
|
| 131 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessWithAnonymousUserNo |
|
| 132 | */ |
|
| 133 | public function testHasAccessForCurrentUserNo() |
|
| 134 | { |
|
| 135 | $repository = $this->getRepository(); |
|
| 136 | ||
| 137 | $anonymousUserId = $this->generateId('user', 10); |
|
| 138 | ||
| 139 | /* BEGIN: Use Case */ |
|
| 140 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 141 | // Publish demo installation. |
|
| 142 | ||
| 143 | $userService = $repository->getUserService(); |
|
| 144 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 145 | ||
| 146 | // Load anonymous user |
|
| 147 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 148 | ||
| 149 | // Set anonymous user as current user reference |
|
| 150 | $permissionResolver->setCurrentUserReference($anonymousUser); |
|
| 151 | ||
| 152 | // This call will return false because anonymous user does not have access |
|
| 153 | // to content removal |
|
| 154 | $hasAccess = $permissionResolver->hasAccess('content', 'remove'); |
|
| 155 | /* END: Use Case */ |
|
| 156 | ||
| 157 | $this->assertFalse($hasAccess); |
|
| 158 | } |
|
| 159 | ||
| 160 | /** |
|
| 161 | * Test for the hasAccess() method. |
|
| @@ 196-219 (lines=24) @@ | ||
| 193 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testSetCurrentUserReference |
|
| 194 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessWithAdministratorUser |
|
| 195 | */ |
|
| 196 | public function testHasAccessForCurrentUserYes() |
|
| 197 | { |
|
| 198 | $repository = $this->getRepository(); |
|
| 199 | ||
| 200 | $administratorUserId = $this->generateId('user', 14); |
|
| 201 | ||
| 202 | /* BEGIN: Use Case */ |
|
| 203 | // $administratorUserId contains the ID of the administrator user |
|
| 204 | ||
| 205 | $userService = $repository->getUserService(); |
|
| 206 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 207 | ||
| 208 | // Load administrator user |
|
| 209 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 210 | ||
| 211 | // Set administrator user as current user reference |
|
| 212 | $permissionResolver->setCurrentUserReference($administratorUser); |
|
| 213 | ||
| 214 | // This call will return true |
|
| 215 | $hasAccess = $permissionResolver->hasAccess('content', 'read'); |
|
| 216 | /* END: Use Case */ |
|
| 217 | ||
| 218 | $this->assertTrue($hasAccess); |
|
| 219 | } |
|
| 220 | ||
| 221 | /** |
|
| 222 | * Test for the hasAccess() method. |
|
| @@ 349-375 (lines=27) @@ | ||
| 346 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetContentService |
|
| 347 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 348 | */ |
|
| 349 | public function testCanUserWithLimitationYes() |
|
| 350 | { |
|
| 351 | $repository = $this->getRepository(); |
|
| 352 | ||
| 353 | $imagesFolderId = $this->generateId('object', 49); |
|
| 354 | ||
| 355 | /* BEGIN: Use Case */ |
|
| 356 | // $imagesFolderId contains the ID of the "Images" folder |
|
| 357 | ||
| 358 | $user = $this->createUserVersion1(); |
|
| 359 | ||
| 360 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 361 | ||
| 362 | // Set created user as current user reference |
|
| 363 | $permissionResolver->setCurrentUserReference($user); |
|
| 364 | ||
| 365 | $contentService = $repository->getContentService(); |
|
| 366 | ||
| 367 | // Performing an action having necessary permissions will succeed |
|
| 368 | $imagesFolder = $contentService->loadContent($imagesFolderId); |
|
| 369 | ||
| 370 | // This call will return true |
|
| 371 | $canUser = $permissionResolver->canUser('content', 'read', $imagesFolder); |
|
| 372 | /* END: Use Case */ |
|
| 373 | ||
| 374 | $this->assertTrue($canUser); |
|
| 375 | } |
|
| 376 | ||
| 377 | /** |
|
| 378 | * Test for the canUser() method. |
|
| @@ 430-456 (lines=27) @@ | ||
| 427 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 428 | * @expectedException \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException |
|
| 429 | */ |
|
| 430 | public function testCanUserThrowsInvalidArgumentException() |
|
| 431 | { |
|
| 432 | $repository = $this->getRepository(); |
|
| 433 | ||
| 434 | $userGroupContentTypeId = $this->generateId('type', 3); |
|
| 435 | ||
| 436 | /* BEGIN: Use Case */ |
|
| 437 | // $userGroupContentTypeId contains the ID of the "UserGroup" ContentType |
|
| 438 | ||
| 439 | $user = $this->createUserVersion1(); |
|
| 440 | ||
| 441 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 442 | ||
| 443 | // Set created user as current user reference |
|
| 444 | $permissionResolver->setCurrentUserReference($user); |
|
| 445 | ||
| 446 | $contentTypeService = $repository->getContentTypeService(); |
|
| 447 | ||
| 448 | // Load the "UserGroup" ContentType |
|
| 449 | $userGroupContentType = $contentTypeService->loadContentType($userGroupContentTypeId); |
|
| 450 | ||
| 451 | // This call will throw "InvalidArgumentException" because $userGroupContentType |
|
| 452 | // is an instance of \eZ\Publish\API\Repository\Values\ContentType\ContentType, |
|
| 453 | // which can not be checked for user access |
|
| 454 | $canUser = $permissionResolver->canUser('content', 'create', $userGroupContentType); |
|
| 455 | /* END: Use Case */ |
|
| 456 | } |
|
| 457 | ||
| 458 | /** |
|
| 459 | * Test for the canUser() method. |
|
| @@ 309-331 (lines=23) @@ | ||
| 306 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 307 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testRemoveFieldDefinition |
|
| 308 | */ |
|
| 309 | public function testRemoveFieldDefinitionThrowsUnauthorizedException() |
|
| 310 | { |
|
| 311 | $repository = $this->getRepository(); |
|
| 312 | $contentTypeService = $repository->getContentTypeService(); |
|
| 313 | ||
| 314 | $anonymousUserId = $this->generateId('user', 10); |
|
| 315 | /* BEGIN: Use Case */ |
|
| 316 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 317 | // Publish demo installation. |
|
| 318 | $contentTypeDraft = $this->createContentTypeDraft(); |
|
| 319 | ||
| 320 | // Load the user service |
|
| 321 | $userService = $repository->getUserService(); |
|
| 322 | ||
| 323 | // Set anonymous user |
|
| 324 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 325 | ||
| 326 | $bodyField = $contentTypeDraft->getFieldDefinition('body'); |
|
| 327 | ||
| 328 | // This call will fail with a "UnauthorizedException" |
|
| 329 | $contentTypeService->removeFieldDefinition($contentTypeDraft, $bodyField); |
|
| 330 | /* END: Use Case */ |
|
| 331 | } |
|
| 332 | ||
| 333 | /** |
|
| 334 | * Test for the updateFieldDefinition() method. |
|
| @@ 425-446 (lines=22) @@ | ||
| 422 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 423 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testCreateContentTypeDraft |
|
| 424 | */ |
|
| 425 | public function testCreateContentTypeDraftThrowsUnauthorizedException() |
|
| 426 | { |
|
| 427 | $repository = $this->getRepository(); |
|
| 428 | ||
| 429 | $anonymousUserId = $this->generateId('user', 10); |
|
| 430 | /* BEGIN: Use Case */ |
|
| 431 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 432 | // Publish demo installation. |
|
| 433 | $contentTypeService = $repository->getContentTypeService(); |
|
| 434 | ||
| 435 | // Load the user service |
|
| 436 | $userService = $repository->getUserService(); |
|
| 437 | ||
| 438 | // Set anonymous user |
|
| 439 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 440 | ||
| 441 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 442 | ||
| 443 | // This call will fail with a "UnauthorizedException" |
|
| 444 | $contentTypeService->createContentTypeDraft($commentType); |
|
| 445 | /* END: Use Case */ |
|
| 446 | } |
|
| 447 | ||
| 448 | /** |
|
| 449 | * Test for the deleteContentType() method. |
|
| @@ 455-476 (lines=22) @@ | ||
| 452 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 453 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testDeleteContentType |
|
| 454 | */ |
|
| 455 | public function testDeleteContentTypeThrowsUnauthorizedException() |
|
| 456 | { |
|
| 457 | $repository = $this->getRepository(); |
|
| 458 | ||
| 459 | $anonymousUserId = $this->generateId('user', 10); |
|
| 460 | /* BEGIN: Use Case */ |
|
| 461 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 462 | // Publish demo installation. |
|
| 463 | $contentTypeService = $repository->getContentTypeService(); |
|
| 464 | ||
| 465 | // Load the user service |
|
| 466 | $userService = $repository->getUserService(); |
|
| 467 | ||
| 468 | // Set anonymous user |
|
| 469 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 470 | ||
| 471 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 472 | ||
| 473 | // This call will fail with a "UnauthorizedException" |
|
| 474 | $contentTypeService->deleteContentType($commentType); |
|
| 475 | /* END: Use Case */ |
|
| 476 | } |
|
| 477 | ||
| 478 | /** |
|
| 479 | * Test for the copyContentType() method. |
|
| @@ 485-506 (lines=22) @@ | ||
| 482 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 483 | * @depends eZ\Publish\API\Repository\Tests\ContentTypeServiceTest::testCopyContentType |
|
| 484 | */ |
|
| 485 | public function testCopyContentTypeThrowsUnauthorizedException() |
|
| 486 | { |
|
| 487 | $repository = $this->getRepository(); |
|
| 488 | ||
| 489 | $anonymousUserId = $this->generateId('user', 10); |
|
| 490 | /* BEGIN: Use Case */ |
|
| 491 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 492 | // Publish demo installation. |
|
| 493 | $contentTypeService = $repository->getContentTypeService(); |
|
| 494 | ||
| 495 | // Load the user service |
|
| 496 | $userService = $repository->getUserService(); |
|
| 497 | ||
| 498 | // Set anonymous user |
|
| 499 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 500 | ||
| 501 | $commentType = $contentTypeService->loadContentTypeByIdentifier('comment'); |
|
| 502 | ||
| 503 | // This call will fail with a "UnauthorizedException" |
|
| 504 | $contentTypeService->copyContentType($commentType); |
|
| 505 | /* END: Use Case */ |
|
| 506 | } |
|
| 507 | ||
| 508 | /** |
|
| 509 | * Test for the assignContentTypeGroup() method. |
|
| @@ 116-141 (lines=26) @@ | ||
| 113 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 114 | * @depends eZ\Publish\API\Repository\Tests\ObjectStateServiceTest::testDeleteObjectStateGroup |
|
| 115 | */ |
|
| 116 | public function testDeleteObjectStateGroupThrowsUnauthorizedException() |
|
| 117 | { |
|
| 118 | $repository = $this->getRepository(); |
|
| 119 | ||
| 120 | $objectStateGroupId = $this->generateId('objectstategroup', 2); |
|
| 121 | $anonymousUserId = $this->generateId('user', 10); |
|
| 122 | /* BEGIN: Use Case */ |
|
| 123 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 124 | // Publish demo installation. |
|
| 125 | // Set anonymous user |
|
| 126 | $userService = $repository->getUserService(); |
|
| 127 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 128 | ||
| 129 | // $objectStateGroupId contains the ID of the standard object state |
|
| 130 | // group ez_lock. |
|
| 131 | $objectStateService = $repository->getObjectStateService(); |
|
| 132 | ||
| 133 | $loadedObjectStateGroup = $objectStateService->loadObjectStateGroup( |
|
| 134 | $objectStateGroupId |
|
| 135 | ); |
|
| 136 | ||
| 137 | // Throws unauthorized exception, since the anonymous user must not |
|
| 138 | // delete object state groups |
|
| 139 | $objectStateService->deleteObjectStateGroup($loadedObjectStateGroup); |
|
| 140 | /* END: Use Case */ |
|
| 141 | } |
|
| 142 | ||
| 143 | /** |
|
| 144 | * Test for the createObjectState() method. |
|
| @@ 547-573 (lines=27) @@ | ||
| 544 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 545 | * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testLoadContent |
|
| 546 | */ |
|
| 547 | public function testLoadContentThrowsUnauthorizedExceptionOnDrafts() |
|
| 548 | { |
|
| 549 | /** @var $repository \eZ\Publish\API\Repository\Repository */ |
|
| 550 | $repository = $this->getRepository(); |
|
| 551 | ||
| 552 | $anonymousUserId = $this->generateId('user', 10); |
|
| 553 | /* BEGIN: Use Case */ |
|
| 554 | // $anonymousUserId is the ID of the "Anonymous User" in an eZ Publish |
|
| 555 | // demo installation |
|
| 556 | $user = $this->createUserVersion1(); |
|
| 557 | ||
| 558 | // Set new editor as a content owner |
|
| 559 | $repository->setCurrentUser($user); |
|
| 560 | ||
| 561 | // Create draft with this user |
|
| 562 | $draft = $this->createContentDraftVersion1(2, 'folder'); |
|
| 563 | ||
| 564 | // Load anonymous user |
|
| 565 | $userService = $repository->getUserService(); |
|
| 566 | $user = $userService->loadUser($anonymousUserId); |
|
| 567 | $repository->setCurrentUser($user); |
|
| 568 | ||
| 569 | // Try to load the draft with anonymous user to make sure access won't be allowed by throwing an exception |
|
| 570 | $contentService = $repository->getContentService(); |
|
| 571 | $contentService->loadContent($draft->id); |
|
| 572 | /* END: Use Case */ |
|
| 573 | } |
|
| 574 | ||
| 575 | /** |
|
| 576 | * Test for the ContentService::loadContent() method on an archive. |
|
| @@ 28-49 (lines=22) @@ | ||
| 25 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 26 | * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testCreateSection |
|
| 27 | */ |
|
| 28 | public function testCreateSectionThrowsUnauthorizedException() |
|
| 29 | { |
|
| 30 | $repository = $this->getRepository(); |
|
| 31 | ||
| 32 | $anonymousUserId = $this->generateId('user', 10); |
|
| 33 | /* BEGIN: Use Case */ |
|
| 34 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 35 | // Publish demo installation. |
|
| 36 | $userService = $repository->getUserService(); |
|
| 37 | $sectionService = $repository->getSectionService(); |
|
| 38 | ||
| 39 | $sectionCreate = $sectionService->newSectionCreateStruct(); |
|
| 40 | $sectionCreate->name = 'Test Section'; |
|
| 41 | $sectionCreate->identifier = 'uniqueKey'; |
|
| 42 | ||
| 43 | // Set anonymous user |
|
| 44 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 45 | ||
| 46 | // This call will fail with a "UnauthorizedException" |
|
| 47 | $sectionService->createSection($sectionCreate); |
|
| 48 | /* END: Use Case */ |
|
| 49 | } |
|
| 50 | ||
| 51 | /** |
|
| 52 | * Test for the loadSection() method. |
|
| @@ 415-437 (lines=23) @@ | ||
| 412 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testGetUserService |
|
| 413 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessWithAnonymousUserNo |
|
| 414 | */ |
|
| 415 | public function testHasAccessForCurrentUserNo() |
|
| 416 | { |
|
| 417 | $repository = $this->getRepository(); |
|
| 418 | ||
| 419 | $anonymousUserId = $this->generateId('user', 10); |
|
| 420 | /* BEGIN: Use Case */ |
|
| 421 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 422 | // Publish demo installation. |
|
| 423 | $userService = $repository->getUserService(); |
|
| 424 | ||
| 425 | // Load anonymous user |
|
| 426 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 427 | ||
| 428 | // Set anonymous user as current user |
|
| 429 | $repository->setCurrentUser($anonymousUser); |
|
| 430 | ||
| 431 | // This call will return false because anonymous user does not have access |
|
| 432 | // to content removal |
|
| 433 | $hasAccess = $repository->hasAccess('content', 'remove'); |
|
| 434 | /* END: Use Case */ |
|
| 435 | ||
| 436 | $this->assertFalse($hasAccess); |
|
| 437 | } |
|
| 438 | ||
| 439 | /** |
|
| 440 | * Test for the hasAccess() method. |
|
| @@ 474-496 (lines=23) @@ | ||
| 471 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testSetCurrentUser |
|
| 472 | * @depends eZ\Publish\API\Repository\Tests\RepositoryTest::testHasAccessWithAdministratorUser |
|
| 473 | */ |
|
| 474 | public function testHasAccessForCurrentUserYes() |
|
| 475 | { |
|
| 476 | $repository = $this->getRepository(); |
|
| 477 | ||
| 478 | $administratorUserId = $this->generateId('user', 14); |
|
| 479 | ||
| 480 | /* BEGIN: Use Case */ |
|
| 481 | // $administratorUserId contains the ID of the administrator user |
|
| 482 | ||
| 483 | $userService = $repository->getUserService(); |
|
| 484 | ||
| 485 | // Load administrator user |
|
| 486 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 487 | ||
| 488 | // Set administrator user as current user |
|
| 489 | $repository->setCurrentUser($administratorUser); |
|
| 490 | ||
| 491 | // This call will return true |
|
| 492 | $hasAccess = $repository->hasAccess('content', 'read'); |
|
| 493 | /* END: Use Case */ |
|
| 494 | ||
| 495 | $this->assertTrue($hasAccess); |
|
| 496 | } |
|
| 497 | ||
| 498 | /** |
|
| 499 | * Test for the hasAccess() method. |
|
