ezsystems /
ezpublish-kernel
| @@ 391-423 (lines=33) @@ | ||
| 388 | * @depends eZ\Publish\API\Repository\Tests\PermissionResolverTest::testHasAccessLimited |
|
| 389 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 390 | */ |
|
| 391 | public function testCanUserWithLimitationNo() |
|
| 392 | { |
|
| 393 | $repository = $this->getRepository(); |
|
| 394 | ||
| 395 | $administratorUserId = $this->generateId('user', 14); |
|
| 396 | ||
| 397 | /* BEGIN: Use Case */ |
|
| 398 | // $administratorUserId contains the ID of the administrator user |
|
| 399 | ||
| 400 | $user = $this->createUserVersion1(); |
|
| 401 | ||
| 402 | $permissionResolver = $repository->getPermissionResolver(); |
|
| 403 | ||
| 404 | // Set created user as current user reference |
|
| 405 | $permissionResolver->setCurrentUserReference($user); |
|
| 406 | ||
| 407 | $userService = $repository->getUserService(); |
|
| 408 | ||
| 409 | // Load administrator user using UserService, this does not check for permissions |
|
| 410 | $administratorUser = $userService->loadUser($administratorUserId); |
|
| 411 | ||
| 412 | // This call will return false as user with Editor role does not have |
|
| 413 | // permission to read "Users" subtree |
|
| 414 | $canUser = $permissionResolver->canUser('content', 'read', $administratorUser); |
|
| 415 | ||
| 416 | $contentService = $repository->getContentService(); |
|
| 417 | ||
| 418 | // Performing an action without necessary permissions will fail with "UnauthorizedException" |
|
| 419 | if (!$canUser) { |
|
| 420 | $content = $contentService->loadContent($administratorUserId); |
|
| 421 | } |
|
| 422 | /* END: Use Case */ |
|
| 423 | } |
|
| 424 | ||
| 425 | /** |
|
| 426 | * Test for the canUser() method. |
|
| @@ 241-274 (lines=34) @@ | ||
| 238 | * @see \eZ\Publish\API\Repository\SectionService::assignSection() |
|
| 239 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 240 | */ |
|
| 241 | public function testAssignSectionThrowsUnauthorizedException() |
|
| 242 | { |
|
| 243 | $repository = $this->getRepository(); |
|
| 244 | ||
| 245 | $standardSectionId = $this->generateId('section', 1); |
|
| 246 | $anonymousUserId = $this->generateId('user', 10); |
|
| 247 | /* BEGIN: Use Case */ |
|
| 248 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 249 | // Publish demo installation. |
|
| 250 | // $standardSectionId is the ID of the "Standard" section in a eZ |
|
| 251 | // Publish demo installation. |
|
| 252 | ||
| 253 | // RemoteId of the "Media" page of an eZ Publish demo installation |
|
| 254 | $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
| 255 | ||
| 256 | $userService = $repository->getUserService(); |
|
| 257 | $contentService = $repository->getContentService(); |
|
| 258 | $sectionService = $repository->getSectionService(); |
|
| 259 | ||
| 260 | // Load a content info instance |
|
| 261 | $contentInfo = $contentService->loadContentInfoByRemoteId( |
|
| 262 | $mediaRemoteId |
|
| 263 | ); |
|
| 264 | ||
| 265 | // Load the "Standard" section |
|
| 266 | $section = $sectionService->loadSection($standardSectionId); |
|
| 267 | ||
| 268 | // Set anonymous user |
|
| 269 | $repository->getPermissionResolver()->setCurrentUserReference($userService->loadUser($anonymousUserId)); |
|
| 270 | ||
| 271 | // This call will fail with a "UnauthorizedException" |
|
| 272 | $sectionService->assignSection($contentInfo, $section); |
|
| 273 | /* END: Use Case */ |
|
| 274 | } |
|
| 275 | ||
| 276 | /** |
|
| 277 | * Test for the deleteSection() method. |
|
| @@ 147-174 (lines=28) @@ | ||
| 144 | * @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testRecover |
|
| 145 | * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
| 146 | */ |
|
| 147 | public function testRecoverThrowsUnauthorizedExceptionWithNewParentLocationParameter() |
|
| 148 | { |
|
| 149 | $repository = $this->getRepository(); |
|
| 150 | $trashService = $repository->getTrashService(); |
|
| 151 | $locationService = $repository->getLocationService(); |
|
| 152 | ||
| 153 | $homeLocationId = $this->generateId('location', 2); |
|
| 154 | $anonymousUserId = $this->generateId('user', 10); |
|
| 155 | /* BEGIN: Use Case */ |
|
| 156 | // $anonymousUserId is the ID of the "Anonymous" user |
|
| 157 | // $homeLocationId is the ID of the "Home" location in an eZ Publish |
|
| 158 | // demo installation |
|
| 159 | ||
| 160 | $trashItem = $this->createTrashItem(); |
|
| 161 | ||
| 162 | // Get the new parent location |
|
| 163 | $newParentLocation = $locationService->loadLocation($homeLocationId); |
|
| 164 | ||
| 165 | // Load user service |
|
| 166 | $userService = $repository->getUserService(); |
|
| 167 | ||
| 168 | // Set "Anonymous" as current user |
|
| 169 | $repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
| 170 | ||
| 171 | // This call will fail with an "UnauthorizedException" |
|
| 172 | $trashService->recover($trashItem, $newParentLocation); |
|
| 173 | /* END: Use Case */ |
|
| 174 | } |
|
| 175 | ||
| 176 | /** |
|
| 177 | * Test for the emptyTrash() method. |
|
| @@ 79-104 (lines=26) @@ | ||
| 76 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 77 | * @depends \eZ\Publish\API\Repository\Tests\URLAliasServiceTest::testRemoveAliases |
|
| 78 | */ |
|
| 79 | public function testRemoveAliasesThrowsUnauthorizedException() |
|
| 80 | { |
|
| 81 | $repository = $this->getRepository(); |
|
| 82 | $anonymousUserId = $this->generateId('user', 10); |
|
| 83 | ||
| 84 | $locationService = $repository->getLocationService(); |
|
| 85 | $someLocation = $locationService->loadLocation( |
|
| 86 | $this->generateId('location', 12) |
|
| 87 | ); |
|
| 88 | ||
| 89 | /* BEGIN: Use Case */ |
|
| 90 | // $someLocation contains a location with automatically generated |
|
| 91 | // aliases assigned |
|
| 92 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 93 | $urlAliasService = $repository->getURLAliasService(); |
|
| 94 | $userService = $repository->getUserService(); |
|
| 95 | ||
| 96 | $anonymousUser = $userService->loadUser($anonymousUserId); |
|
| 97 | $repository->getPermissionResolver()->setCurrentUserReference($anonymousUser); |
|
| 98 | ||
| 99 | $initialAliases = $urlAliasService->listLocationAliases($someLocation); |
|
| 100 | ||
| 101 | // This call will fail with an UnauthorizedException |
|
| 102 | $urlAliasService->removeAliases($initialAliases); |
|
| 103 | /* END: Use Case */ |
|
| 104 | } |
|
| 105 | } |
|
| 106 | ||
| @@ 48-70 (lines=23) @@ | ||
| 45 | * @see \eZ\Publish\API\Repository\URLService::updateUrl |
|
| 46 | * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
| 47 | */ |
|
| 48 | public function testUpdateUrlThrowsUnauthorizedException() |
|
| 49 | { |
|
| 50 | $repository = $this->getRepository(); |
|
| 51 | ||
| 52 | $anonymousUserId = $this->generateId('user', 10); |
|
| 53 | $urlId = $this->generateId('url', 23); |
|
| 54 | /* BEGIN: Use Case */ |
|
| 55 | // $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
| 56 | // Publish demo installation. |
|
| 57 | ||
| 58 | $userService = $repository->getUserService(); |
|
| 59 | $urlService = $repository->getURLService(); |
|
| 60 | ||
| 61 | $repository->getPermissionResolver()->setCurrentUserReference($userService->loadUser($anonymousUserId)); |
|
| 62 | ||
| 63 | $url = $urlService->loadById($urlId); |
|
| 64 | $updateStruct = $urlService->createUpdateStruct(); |
|
| 65 | $updateStruct->url = 'https://vimeo.com/'; |
|
| 66 | ||
| 67 | // This call will fail with an UnauthorizedException |
|
| 68 | $urlService->updateUrl($url, $updateStruct); |
|
| 69 | /* END: Use Case */ |
|
| 70 | } |
|
| 71 | ||
| 72 | /** |
|
| 73 | * Test for the loadById() method. |
|
| @@ 806-840 (lines=35) @@ | ||
| 803 | * |
|
| 804 | * @see \eZ\Publish\API\Repository\URLAliasService::removeAliases() |
|
| 805 | */ |
|
| 806 | public function testRemoveAliases() |
|
| 807 | { |
|
| 808 | $repository = $this->getRepository(); |
|
| 809 | ||
| 810 | $locationService = $repository->getLocationService(); |
|
| 811 | $someLocation = $locationService->loadLocation( |
|
| 812 | $this->generateId('location', 12) |
|
| 813 | ); |
|
| 814 | ||
| 815 | /* BEGIN: Use Case */ |
|
| 816 | // $someLocation contains a location with automatically generated |
|
| 817 | // aliases assigned |
|
| 818 | $urlAliasService = $repository->getURLAliasService(); |
|
| 819 | ||
| 820 | $initialAliases = $urlAliasService->listLocationAliases($someLocation); |
|
| 821 | ||
| 822 | // Creates a custom alias for $someLocation |
|
| 823 | $urlAliasService->createUrlAlias( |
|
| 824 | $someLocation, |
|
| 825 | '/my/fancy/url/alias/sindelfingen', |
|
| 826 | 'eng-US' |
|
| 827 | ); |
|
| 828 | ||
| 829 | $customAliases = $urlAliasService->listLocationAliases($someLocation); |
|
| 830 | ||
| 831 | // The custom alias just created will be removed |
|
| 832 | // the automatic aliases stay in tact |
|
| 833 | $urlAliasService->removeAliases($customAliases); |
|
| 834 | /* END: Use Case */ |
|
| 835 | ||
| 836 | $this->assertEquals( |
|
| 837 | $initialAliases, |
|
| 838 | $urlAliasService->listLocationAliases($someLocation) |
|
| 839 | ); |
|
| 840 | } |
|
| 841 | ||
| 842 | /** |
|
| 843 | * Test for the removeAliases() method. |
|
