|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* File containing the RoleServiceTest class. |
|
5
|
|
|
* |
|
6
|
|
|
* @copyright Copyright (C) eZ Systems AS. All rights reserved. |
|
7
|
|
|
* @license For full copyright and license information view LICENSE file distributed with this source code. |
|
8
|
|
|
*/ |
|
9
|
|
|
namespace eZ\Publish\API\Repository\Tests; |
|
10
|
|
|
|
|
11
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation; |
|
12
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation\ContentTypeLimitation; |
|
13
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation\LanguageLimitation; |
|
14
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation\SectionLimitation; |
|
15
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation\SubtreeLimitation; |
|
16
|
|
|
use eZ\Publish\API\Repository\Values\User\Policy; |
|
17
|
|
|
use eZ\Publish\API\Repository\Values\User\Role; |
|
18
|
|
|
use eZ\Publish\API\Repository\Exceptions\NotFoundException; |
|
19
|
|
|
use Exception; |
|
20
|
|
|
|
|
21
|
|
|
/** |
|
22
|
|
|
* Test case for operations in the RoleService using in memory storage. |
|
23
|
|
|
* |
|
24
|
|
|
* The following IDs from the default eZ community edition database are used in |
|
25
|
|
|
* this test: |
|
26
|
|
|
* |
|
27
|
|
|
* <ul> |
|
28
|
|
|
* <li> |
|
29
|
|
|
* ContentType |
|
30
|
|
|
* <ul> |
|
31
|
|
|
* <li><strong>28</strong>: File</li> |
|
32
|
|
|
* <li><strong>29</strong>: Flash</li> |
|
33
|
|
|
* <li><strong>30</strong>: Image</li> |
|
34
|
|
|
* </ul> |
|
35
|
|
|
* </li> |
|
36
|
|
|
* <ul> |
|
37
|
|
|
* |
|
38
|
|
|
* @see eZ\Publish\API\Repository\RoleService |
|
39
|
|
|
* @group role |
|
40
|
|
|
*/ |
|
41
|
|
|
class RoleServiceTest extends BaseTest |
|
42
|
|
|
{ |
|
43
|
|
|
/** |
|
44
|
|
|
* Test for the newRoleCreateStruct() method. |
|
45
|
|
|
* |
|
46
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newRoleCreateStruct() |
|
47
|
|
|
*/ |
|
48
|
|
|
public function testNewRoleCreateStruct() |
|
49
|
|
|
{ |
|
50
|
|
|
$repository = $this->getRepository(); |
|
51
|
|
|
|
|
52
|
|
|
$roleService = $repository->getRoleService(); |
|
53
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
54
|
|
|
|
|
55
|
|
|
$this->assertInstanceOf('\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleCreateStruct', $roleCreate); |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
/** |
|
59
|
|
|
* Test for the newRoleCopyStruct() method. |
|
60
|
|
|
* |
|
61
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newRoleCopyStruct() |
|
62
|
|
|
*/ |
|
63
|
|
|
public function testNewRoleCopyStruct() |
|
64
|
|
|
{ |
|
65
|
|
|
$repository = $this->getRepository(); |
|
66
|
|
|
|
|
67
|
|
|
/* BEGIN: Use Case */ |
|
68
|
|
|
$roleService = $repository->getRoleService(); |
|
69
|
|
|
$roleCopy = $roleService->newRoleCopyStruct('copiedRole'); |
|
70
|
|
|
/* END: Use Case */ |
|
71
|
|
|
|
|
72
|
|
|
$this->assertInstanceOf('\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleCopyStruct', $roleCopy); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* Test for the newRoleCreateStruct() method. |
|
77
|
|
|
* |
|
78
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newRoleCreateStruct() |
|
79
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
80
|
|
|
*/ |
|
81
|
|
|
public function testNewRoleCreateStructSetsNamePropertyOnStruct() |
|
82
|
|
|
{ |
|
83
|
|
|
$repository = $this->getRepository(); |
|
84
|
|
|
|
|
85
|
|
|
/* BEGIN: Use Case */ |
|
86
|
|
|
|
|
87
|
|
|
$roleService = $repository->getRoleService(); |
|
88
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
89
|
|
|
|
|
90
|
|
|
/* END: Use Case */ |
|
91
|
|
|
|
|
92
|
|
|
$this->assertEquals('roleName', $roleCreate->identifier); |
|
93
|
|
|
} |
|
94
|
|
|
|
|
95
|
|
|
/** |
|
96
|
|
|
* Test for the createRole() method. |
|
97
|
|
|
* |
|
98
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
99
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
100
|
|
|
*/ |
|
101
|
|
|
public function testCreateRole() |
|
102
|
|
|
{ |
|
103
|
|
|
$repository = $this->getRepository(); |
|
104
|
|
|
|
|
105
|
|
|
/* BEGIN: Use Case */ |
|
106
|
|
|
|
|
107
|
|
|
$roleService = $repository->getRoleService(); |
|
108
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
109
|
|
|
|
|
110
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
111
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
112
|
|
|
|
|
113
|
|
|
$role = $roleService->createRole($roleCreate); |
|
114
|
|
|
|
|
115
|
|
|
/* END: Use Case */ |
|
116
|
|
|
|
|
117
|
|
|
$this->assertInstanceOf( |
|
118
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleDraft', |
|
119
|
|
|
$role |
|
120
|
|
|
); |
|
121
|
|
|
|
|
122
|
|
|
return [ |
|
123
|
|
|
'createStruct' => $roleCreate, |
|
124
|
|
|
'role' => $role, |
|
125
|
|
|
]; |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
/** |
|
129
|
|
|
* Test for the createRole() method. |
|
130
|
|
|
* |
|
131
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
132
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
133
|
|
|
*/ |
|
134
|
|
|
public function testRoleCreateStructValues(array $data) |
|
135
|
|
|
{ |
|
136
|
|
|
$createStruct = $data['createStruct']; |
|
137
|
|
|
$role = $data['role']; |
|
138
|
|
|
|
|
139
|
|
|
$this->assertEquals( |
|
140
|
|
|
[ |
|
141
|
|
|
'identifier' => $createStruct->identifier, |
|
142
|
|
|
'policies' => $createStruct->policies, |
|
143
|
|
|
], |
|
144
|
|
|
[ |
|
145
|
|
|
'identifier' => $role->identifier, |
|
146
|
|
|
'policies' => $role->policies, |
|
147
|
|
|
] |
|
148
|
|
|
); |
|
149
|
|
|
$this->assertNotNull($role->id); |
|
150
|
|
|
|
|
151
|
|
|
return $data; |
|
152
|
|
|
} |
|
153
|
|
|
|
|
154
|
|
|
/** |
|
155
|
|
|
* Test for the createRole() method. |
|
156
|
|
|
* |
|
157
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
158
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
159
|
|
|
*/ |
|
160
|
|
|
public function testCreateRoleWithPolicy() |
|
161
|
|
|
{ |
|
162
|
|
|
$repository = $this->getRepository(); |
|
163
|
|
|
|
|
164
|
|
|
/* BEGIN: Use Case */ |
|
165
|
|
|
|
|
166
|
|
|
$roleService = $repository->getRoleService(); |
|
167
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
168
|
|
|
|
|
169
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
170
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
171
|
|
|
|
|
172
|
|
|
// Create new subtree limitation |
|
173
|
|
|
$limitation = new SubtreeLimitation( |
|
174
|
|
|
[ |
|
175
|
|
|
'limitationValues' => ['/1/2/'], |
|
176
|
|
|
] |
|
177
|
|
|
); |
|
178
|
|
|
|
|
179
|
|
|
// Create policy create struct and add limitation to it |
|
180
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'read'); |
|
181
|
|
|
$policyCreate->addLimitation($limitation); |
|
182
|
|
|
|
|
183
|
|
|
// Add policy create struct to role create struct |
|
184
|
|
|
$roleCreate->addPolicy($policyCreate); |
|
185
|
|
|
|
|
186
|
|
|
$role = $roleService->createRole($roleCreate); |
|
187
|
|
|
|
|
188
|
|
|
/* END: Use Case */ |
|
189
|
|
|
|
|
190
|
|
|
$this->assertInstanceOf( |
|
191
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleDraft', |
|
192
|
|
|
$role |
|
193
|
|
|
); |
|
194
|
|
|
|
|
195
|
|
|
return [ |
|
196
|
|
|
'createStruct' => $roleCreate, |
|
197
|
|
|
'role' => $role, |
|
198
|
|
|
]; |
|
199
|
|
|
} |
|
200
|
|
|
|
|
201
|
|
|
/** |
|
202
|
|
|
* Test for the createRole() method. |
|
203
|
|
|
* |
|
204
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
205
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleWithPolicy |
|
206
|
|
|
*/ |
|
207
|
|
|
public function testRoleCreateStructValuesWithPolicy(array $data) |
|
208
|
|
|
{ |
|
209
|
|
|
$createStruct = $data['createStruct']; |
|
210
|
|
|
$role = $data['role']; |
|
211
|
|
|
|
|
212
|
|
|
$this->assertEquals( |
|
213
|
|
|
[ |
|
214
|
|
|
'identifier' => $createStruct->identifier, |
|
215
|
|
|
'policy_module' => $createStruct->policies[0]->module, |
|
216
|
|
|
'policy_function' => $createStruct->policies[0]->function, |
|
217
|
|
|
'policy_limitation' => array_values($createStruct->policies[0]->limitations), |
|
218
|
|
|
], |
|
219
|
|
|
[ |
|
220
|
|
|
'identifier' => $role->identifier, |
|
221
|
|
|
'policy_module' => $role->policies[0]->module, |
|
222
|
|
|
'policy_function' => $role->policies[0]->function, |
|
223
|
|
|
'policy_limitation' => array_values($role->policies[0]->limitations), |
|
224
|
|
|
] |
|
225
|
|
|
); |
|
226
|
|
|
$this->assertNotNull($role->id); |
|
227
|
|
|
|
|
228
|
|
|
return $data; |
|
229
|
|
|
} |
|
230
|
|
|
|
|
231
|
|
|
/** |
|
232
|
|
|
* Test creating a role with multiple policies. |
|
233
|
|
|
* |
|
234
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::createRole |
|
235
|
|
|
*/ |
|
236
|
|
|
public function testCreateRoleWithMultiplePolicies() |
|
237
|
|
|
{ |
|
238
|
|
|
$repository = $this->getRepository(); |
|
239
|
|
|
$roleService = $repository->getRoleService(); |
|
240
|
|
|
|
|
241
|
|
|
$limitation1 = new Limitation\ContentTypeLimitation(); |
|
242
|
|
|
$limitation1->limitationValues = ['1', '3', '13']; |
|
243
|
|
|
|
|
244
|
|
|
$limitation2 = new Limitation\SectionLimitation(); |
|
245
|
|
|
$limitation2->limitationValues = ['2', '3']; |
|
246
|
|
|
|
|
247
|
|
|
$limitation3 = new Limitation\OwnerLimitation(); |
|
248
|
|
|
$limitation3->limitationValues = ['1', '2']; |
|
249
|
|
|
|
|
250
|
|
|
$limitation4 = new Limitation\UserGroupLimitation(); |
|
251
|
|
|
$limitation4->limitationValues = ['1']; |
|
252
|
|
|
|
|
253
|
|
|
$policyCreateStruct1 = $roleService->newPolicyCreateStruct('content', 'read'); |
|
254
|
|
|
$policyCreateStruct1->addLimitation($limitation1); |
|
255
|
|
|
$policyCreateStruct1->addLimitation($limitation2); |
|
256
|
|
|
|
|
257
|
|
|
$policyCreateStruct2 = $roleService->newPolicyCreateStruct('content', 'edit'); |
|
258
|
|
|
$policyCreateStruct2->addLimitation($limitation3); |
|
259
|
|
|
$policyCreateStruct2->addLimitation($limitation4); |
|
260
|
|
|
|
|
261
|
|
|
$roleCreateStruct = $roleService->newRoleCreateStruct('ultimate_permissions'); |
|
262
|
|
|
$roleCreateStruct->addPolicy($policyCreateStruct1); |
|
263
|
|
|
$roleCreateStruct->addPolicy($policyCreateStruct2); |
|
264
|
|
|
|
|
265
|
|
|
$createdRole = $roleService->createRole($roleCreateStruct); |
|
266
|
|
|
|
|
267
|
|
|
self::assertInstanceOf(Role::class, $createdRole); |
|
268
|
|
|
self::assertGreaterThan(0, $createdRole->id); |
|
269
|
|
|
|
|
270
|
|
|
$this->assertPropertiesCorrect( |
|
271
|
|
|
[ |
|
272
|
|
|
'identifier' => $roleCreateStruct->identifier, |
|
273
|
|
|
], |
|
274
|
|
|
$createdRole |
|
275
|
|
|
); |
|
276
|
|
|
|
|
277
|
|
|
self::assertCount(2, $createdRole->getPolicies()); |
|
278
|
|
|
|
|
279
|
|
|
foreach ($createdRole->getPolicies() as $policy) { |
|
280
|
|
|
self::assertInstanceOf(Policy::class, $policy); |
|
281
|
|
|
self::assertGreaterThan(0, $policy->id); |
|
282
|
|
|
self::assertEquals($createdRole->id, $policy->roleId); |
|
283
|
|
|
|
|
284
|
|
|
self::assertCount(2, $policy->getLimitations()); |
|
285
|
|
|
|
|
286
|
|
|
foreach ($policy->getLimitations() as $limitation) { |
|
287
|
|
|
self::assertInstanceOf(Limitation::class, $limitation); |
|
288
|
|
|
|
|
289
|
|
|
if ($policy->module == 'content' && $policy->function == 'read') { |
|
290
|
|
View Code Duplication |
switch ($limitation->getIdentifier()) { |
|
|
|
|
|
|
291
|
|
|
case Limitation::CONTENTTYPE: |
|
292
|
|
|
self::assertEquals($limitation1->limitationValues, $limitation->limitationValues); |
|
293
|
|
|
break; |
|
294
|
|
|
|
|
295
|
|
|
case Limitation::SECTION: |
|
296
|
|
|
self::assertEquals($limitation2->limitationValues, $limitation->limitationValues); |
|
297
|
|
|
break; |
|
298
|
|
|
|
|
299
|
|
|
default: |
|
300
|
|
|
self::fail('Created role contains limitations not defined with create struct'); |
|
301
|
|
|
} |
|
302
|
|
|
} elseif ($policy->module == 'content' && $policy->function == 'edit') { |
|
303
|
|
View Code Duplication |
switch ($limitation->getIdentifier()) { |
|
|
|
|
|
|
304
|
|
|
case Limitation::OWNER: |
|
305
|
|
|
self::assertEquals($limitation3->limitationValues, $limitation->limitationValues); |
|
306
|
|
|
break; |
|
307
|
|
|
|
|
308
|
|
|
case Limitation::USERGROUP: |
|
309
|
|
|
self::assertEquals($limitation4->limitationValues, $limitation->limitationValues); |
|
310
|
|
|
break; |
|
311
|
|
|
|
|
312
|
|
|
default: |
|
313
|
|
|
self::fail('Created role contains limitations not defined with create struct'); |
|
314
|
|
|
} |
|
315
|
|
|
} else { |
|
316
|
|
|
self::fail('Created role contains policy not defined with create struct'); |
|
317
|
|
|
} |
|
318
|
|
|
} |
|
319
|
|
|
} |
|
320
|
|
|
} |
|
321
|
|
|
|
|
322
|
|
|
/** |
|
323
|
|
|
* Test for the createRoleDraft() method. |
|
324
|
|
|
* |
|
325
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRoleDraft() |
|
326
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
327
|
|
|
*/ |
|
328
|
|
View Code Duplication |
public function testCreateRoleDraft() |
|
329
|
|
|
{ |
|
330
|
|
|
$repository = $this->getRepository(); |
|
331
|
|
|
|
|
332
|
|
|
/* BEGIN: Use Case */ |
|
333
|
|
|
|
|
334
|
|
|
$roleService = $repository->getRoleService(); |
|
335
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
336
|
|
|
|
|
337
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
338
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
339
|
|
|
|
|
340
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
341
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
342
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
343
|
|
|
$newRoleDraft = $roleService->createRoleDraft($role); |
|
344
|
|
|
|
|
345
|
|
|
/* END: Use Case */ |
|
346
|
|
|
|
|
347
|
|
|
$this->assertInstanceOf( |
|
348
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleDraft', |
|
349
|
|
|
$newRoleDraft |
|
350
|
|
|
); |
|
351
|
|
|
} |
|
352
|
|
|
|
|
353
|
|
|
/** |
|
354
|
|
|
* Test for the createRole() method. |
|
355
|
|
|
* |
|
356
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
357
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
358
|
|
|
*/ |
|
359
|
|
|
public function testCreateRoleThrowsInvalidArgumentException() |
|
360
|
|
|
{ |
|
361
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
362
|
|
|
|
|
363
|
|
|
$repository = $this->getRepository(); |
|
364
|
|
|
|
|
365
|
|
|
/* BEGIN: Use Case */ |
|
366
|
|
|
|
|
367
|
|
|
$roleService = $repository->getRoleService(); |
|
368
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Editor'); |
|
369
|
|
|
|
|
370
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
371
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
372
|
|
|
|
|
373
|
|
|
// This call will fail with an InvalidArgumentException, because Editor exists |
|
374
|
|
|
$roleService->createRole($roleCreate); |
|
375
|
|
|
|
|
376
|
|
|
/* END: Use Case */ |
|
377
|
|
|
} |
|
378
|
|
|
|
|
379
|
|
|
/** |
|
380
|
|
|
* Test for the createRoleDraft() method. |
|
381
|
|
|
* |
|
382
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRoleDraft() |
|
383
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
384
|
|
|
*/ |
|
385
|
|
View Code Duplication |
public function testCreateRoleDraftThrowsInvalidArgumentException() |
|
386
|
|
|
{ |
|
387
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
388
|
|
|
|
|
389
|
|
|
$repository = $this->getRepository(); |
|
390
|
|
|
|
|
391
|
|
|
/* BEGIN: Use Case */ |
|
392
|
|
|
|
|
393
|
|
|
$roleService = $repository->getRoleService(); |
|
394
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Editor'); |
|
395
|
|
|
|
|
396
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
397
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
398
|
|
|
|
|
399
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
400
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
401
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
402
|
|
|
$roleService->createRoleDraft($role); // First role draft |
|
403
|
|
|
|
|
404
|
|
|
// This call will fail with an InvalidArgumentException, because there is already a draft |
|
405
|
|
|
$roleService->createRoleDraft($role); |
|
406
|
|
|
|
|
407
|
|
|
/* END: Use Case */ |
|
408
|
|
|
} |
|
409
|
|
|
|
|
410
|
|
|
/** |
|
411
|
|
|
* Test for the createRole() method. |
|
412
|
|
|
* |
|
413
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
414
|
|
|
*/ |
|
415
|
|
View Code Duplication |
public function testCreateRoleThrowsLimitationValidationException() |
|
416
|
|
|
{ |
|
417
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\LimitationValidationException::class); |
|
418
|
|
|
|
|
419
|
|
|
$repository = $this->getRepository(); |
|
420
|
|
|
|
|
421
|
|
|
/* BEGIN: Use Case */ |
|
422
|
|
|
$roleService = $repository->getRoleService(); |
|
423
|
|
|
|
|
424
|
|
|
// Create new role create struct |
|
425
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Lumberjack'); |
|
426
|
|
|
|
|
427
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
428
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
429
|
|
|
|
|
430
|
|
|
// Create new subtree limitation |
|
431
|
|
|
$limitation = new SubtreeLimitation( |
|
432
|
|
|
[ |
|
433
|
|
|
'limitationValues' => ['/mountain/forest/tree/42/'], |
|
434
|
|
|
] |
|
435
|
|
|
); |
|
436
|
|
|
|
|
437
|
|
|
// Create policy create struct and add limitation to it |
|
438
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'remove'); |
|
439
|
|
|
$policyCreate->addLimitation($limitation); |
|
440
|
|
|
|
|
441
|
|
|
// Add policy create struct to role create struct |
|
442
|
|
|
$roleCreate->addPolicy($policyCreate); |
|
443
|
|
|
|
|
444
|
|
|
// This call will fail with an LimitationValidationException, because subtree |
|
445
|
|
|
// "/mountain/forest/tree/42/" does not exist |
|
446
|
|
|
$roleService->createRole($roleCreate); |
|
447
|
|
|
/* END: Use Case */ |
|
448
|
|
|
} |
|
449
|
|
|
|
|
450
|
|
|
/** |
|
451
|
|
|
* Test for the createRole() method. |
|
452
|
|
|
* |
|
453
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
454
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
455
|
|
|
*/ |
|
456
|
|
|
public function testCreateRoleInTransactionWithRollback() |
|
457
|
|
|
{ |
|
458
|
|
|
$repository = $this->getRepository(); |
|
459
|
|
|
|
|
460
|
|
|
/* BEGIN: Use Case */ |
|
461
|
|
|
|
|
462
|
|
|
$roleService = $repository->getRoleService(); |
|
463
|
|
|
|
|
464
|
|
|
$repository->beginTransaction(); |
|
465
|
|
|
|
|
466
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
467
|
|
|
|
|
468
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
469
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
470
|
|
|
|
|
471
|
|
|
$createdRoleId = $roleService->createRole($roleCreate)->id; |
|
472
|
|
|
|
|
473
|
|
|
$repository->rollback(); |
|
474
|
|
|
|
|
475
|
|
|
try { |
|
476
|
|
|
// This call will fail with a "NotFoundException" |
|
477
|
|
|
$role = $roleService->loadRole($createdRoleId); |
|
|
|
|
|
|
478
|
|
|
} catch (NotFoundException $e) { |
|
479
|
|
|
return; |
|
480
|
|
|
} |
|
481
|
|
|
/* END: Use Case */ |
|
482
|
|
|
|
|
483
|
|
|
$this->fail('Role object still exists after rollback.'); |
|
484
|
|
|
} |
|
485
|
|
|
|
|
486
|
|
|
/** |
|
487
|
|
|
* Test for the createRoleDraft() method. |
|
488
|
|
|
* |
|
489
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRoleDraft() |
|
490
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
491
|
|
|
*/ |
|
492
|
|
|
public function testCreateRoleDraftInTransactionWithRollback() |
|
493
|
|
|
{ |
|
494
|
|
|
$repository = $this->getRepository(); |
|
495
|
|
|
|
|
496
|
|
|
/* BEGIN: Use Case */ |
|
497
|
|
|
|
|
498
|
|
|
$roleService = $repository->getRoleService(); |
|
499
|
|
|
|
|
500
|
|
|
$repository->beginTransaction(); |
|
501
|
|
|
|
|
502
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
503
|
|
|
|
|
504
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
505
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
506
|
|
|
|
|
507
|
|
|
$createdRoleId = $roleService->createRole($roleCreate)->id; |
|
508
|
|
|
|
|
509
|
|
|
$repository->rollback(); |
|
510
|
|
|
|
|
511
|
|
|
try { |
|
512
|
|
|
// This call will fail with a "NotFoundException" |
|
513
|
|
|
$role = $roleService->loadRoleDraft($createdRoleId); |
|
|
|
|
|
|
514
|
|
|
} catch (NotFoundException $e) { |
|
515
|
|
|
return; |
|
516
|
|
|
} |
|
517
|
|
|
/* END: Use Case */ |
|
518
|
|
|
|
|
519
|
|
|
$this->fail('Role draft object still exists after rollback.'); |
|
520
|
|
|
} |
|
521
|
|
|
|
|
522
|
|
|
/** |
|
523
|
|
|
* Test for the copyRole() method. |
|
524
|
|
|
* |
|
525
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::copyRole() |
|
526
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCopyStruct |
|
527
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
528
|
|
|
*/ |
|
529
|
|
|
public function testCopyRole() |
|
530
|
|
|
{ |
|
531
|
|
|
$repository = $this->getRepository(); |
|
532
|
|
|
|
|
533
|
|
|
/* BEGIN: Use Case */ |
|
534
|
|
|
$roleService = $repository->getRoleService(); |
|
535
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
536
|
|
|
|
|
537
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
538
|
|
|
|
|
539
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
540
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
541
|
|
|
|
|
542
|
|
|
$roleCopy = $roleService->newRoleCopyStruct('copiedRole'); |
|
543
|
|
|
|
|
544
|
|
|
$copiedRole = $roleService->copyRole($role, $roleCopy); |
|
545
|
|
|
/* END: Use Case */ |
|
546
|
|
|
|
|
547
|
|
|
// Now verify that our change was saved |
|
548
|
|
|
$role = $roleService->loadRoleByIdentifier('copiedRole'); |
|
549
|
|
|
|
|
550
|
|
|
$this->assertEquals($role->id, $copiedRole->id); |
|
551
|
|
|
} |
|
552
|
|
|
|
|
553
|
|
|
/** |
|
554
|
|
|
* Test for the copyRole() method with added policies. |
|
555
|
|
|
* |
|
556
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::copyRole() |
|
557
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCopyStruct |
|
558
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
559
|
|
|
*/ |
|
560
|
|
|
public function testCopyRoleWithPolicies() |
|
561
|
|
|
{ |
|
562
|
|
|
$repository = $this->getRepository(); |
|
563
|
|
|
|
|
564
|
|
|
/* BEGIN: Use Case */ |
|
565
|
|
|
$roleService = $repository->getRoleService(); |
|
566
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
567
|
|
|
|
|
568
|
|
|
$policyCreateStruct1 = $roleService->newPolicyCreateStruct('content', 'read'); |
|
569
|
|
|
$policyCreateStruct2 = $roleService->newPolicyCreateStruct('content', 'edit'); |
|
570
|
|
|
|
|
571
|
|
|
$roleCreate->addPolicy($policyCreateStruct1); |
|
572
|
|
|
$roleCreate->addPolicy($policyCreateStruct2); |
|
573
|
|
|
|
|
574
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
575
|
|
|
|
|
576
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
577
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
578
|
|
|
|
|
579
|
|
|
$roleCopy = $roleService->newRoleCopyStruct('copiedRole'); |
|
580
|
|
|
|
|
581
|
|
|
$copiedRole = $roleService->copyRole($role, $roleCopy); |
|
582
|
|
|
/* END: Use Case */ |
|
583
|
|
|
|
|
584
|
|
|
// Now verify that our change was saved |
|
585
|
|
|
$role = $roleService->loadRoleByIdentifier('copiedRole'); |
|
586
|
|
|
|
|
587
|
|
|
$this->assertEquals($role->getPolicies(), $copiedRole->getPolicies()); |
|
588
|
|
|
} |
|
589
|
|
|
|
|
590
|
|
|
/** |
|
591
|
|
|
* Test for the copyRole() method with added policies and limitations. |
|
592
|
|
|
* |
|
593
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::copyRole() |
|
594
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCopyStruct |
|
595
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
596
|
|
|
*/ |
|
597
|
|
|
public function testCopyRoleWithPoliciesAndLimitations() |
|
598
|
|
|
{ |
|
599
|
|
|
$repository = $this->getRepository(); |
|
600
|
|
|
|
|
601
|
|
|
/* BEGIN: Use Case */ |
|
602
|
|
|
$roleService = $repository->getRoleService(); |
|
603
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
604
|
|
|
|
|
605
|
|
|
$policyCreateStruct1 = $roleService->newPolicyCreateStruct('content', 'read'); |
|
606
|
|
|
$roleLimitations = [ |
|
607
|
|
|
new SectionLimitation(['limitationValues' => [2]]), |
|
608
|
|
|
new SubtreeLimitation(['limitationValues' => ['/1/2/']]), |
|
609
|
|
|
]; |
|
610
|
|
|
foreach ($roleLimitations as $roleLimitation) { |
|
611
|
|
|
$policyCreateStruct1->addLimitation($roleLimitation); |
|
612
|
|
|
} |
|
613
|
|
|
$policyCreateStruct2 = $roleService->newPolicyCreateStruct('content', 'edit'); |
|
614
|
|
|
|
|
615
|
|
|
$roleCreate->addPolicy($policyCreateStruct1); |
|
616
|
|
|
$roleCreate->addPolicy($policyCreateStruct2); |
|
617
|
|
|
|
|
618
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
619
|
|
|
|
|
620
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
621
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
622
|
|
|
|
|
623
|
|
|
$roleCopy = $roleService->newRoleCopyStruct('copiedRole'); |
|
624
|
|
|
$copiedRole = $roleService->copyRole($role, $roleCopy); |
|
625
|
|
|
/* END: Use Case */ |
|
626
|
|
|
|
|
627
|
|
|
// Now verify that our change was saved |
|
628
|
|
|
$role = $roleService->loadRoleByIdentifier('copiedRole'); |
|
629
|
|
|
|
|
630
|
|
|
$limitations = []; |
|
631
|
|
|
foreach ($role->getPolicies() as $policy) { |
|
632
|
|
|
$limitations[] = $policy->getLimitations(); |
|
633
|
|
|
} |
|
634
|
|
|
$limitationsCopied = []; |
|
635
|
|
|
foreach ($copiedRole->getPolicies() as $policy) { |
|
636
|
|
|
$limitationsCopied[] = $policy->getLimitations(); |
|
637
|
|
|
} |
|
638
|
|
|
|
|
639
|
|
|
$this->assertEquals($limitations, $limitationsCopied); |
|
640
|
|
|
} |
|
641
|
|
|
|
|
642
|
|
|
/** |
|
643
|
|
|
* Test for the loadRole() method. |
|
644
|
|
|
* |
|
645
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRole() |
|
646
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
647
|
|
|
*/ |
|
648
|
|
|
public function testLoadRole() |
|
649
|
|
|
{ |
|
650
|
|
|
$repository = $this->getRepository(); |
|
651
|
|
|
|
|
652
|
|
|
/* BEGIN: Use Case */ |
|
653
|
|
|
|
|
654
|
|
|
$roleService = $repository->getRoleService(); |
|
655
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
656
|
|
|
|
|
657
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
658
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
659
|
|
|
|
|
660
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
661
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
662
|
|
|
|
|
663
|
|
|
// Load the newly created role by its ID |
|
664
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
665
|
|
|
|
|
666
|
|
|
/* END: Use Case */ |
|
667
|
|
|
|
|
668
|
|
|
$this->assertEquals('roleName', $role->identifier); |
|
669
|
|
|
} |
|
670
|
|
|
|
|
671
|
|
|
/** |
|
672
|
|
|
* Test for the loadRoleDraft() method. |
|
673
|
|
|
* |
|
674
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoleDraft() |
|
675
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
676
|
|
|
*/ |
|
677
|
|
|
public function testLoadRoleDraft() |
|
678
|
|
|
{ |
|
679
|
|
|
$repository = $this->getRepository(); |
|
680
|
|
|
|
|
681
|
|
|
/* BEGIN: Use Case */ |
|
682
|
|
|
|
|
683
|
|
|
$roleService = $repository->getRoleService(); |
|
684
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
685
|
|
|
|
|
686
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
687
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
688
|
|
|
|
|
689
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
690
|
|
|
|
|
691
|
|
|
// Load the newly created role by its ID |
|
692
|
|
|
$role = $roleService->loadRoleDraft($roleDraft->id); |
|
693
|
|
|
|
|
694
|
|
|
/* END: Use Case */ |
|
695
|
|
|
|
|
696
|
|
|
$this->assertEquals('roleName', $role->identifier); |
|
697
|
|
|
} |
|
698
|
|
|
|
|
699
|
|
|
public function testLoadRoleDraftByRoleId() |
|
700
|
|
|
{ |
|
701
|
|
|
$repository = $this->getRepository(); |
|
702
|
|
|
|
|
703
|
|
|
/* BEGIN: Use Case */ |
|
704
|
|
|
|
|
705
|
|
|
$roleService = $repository->getRoleService(); |
|
706
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
707
|
|
|
|
|
708
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
709
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
710
|
|
|
|
|
711
|
|
|
$role = $roleService->createRole($roleCreate); |
|
712
|
|
|
$roleService->publishRoleDraft($role); |
|
713
|
|
|
|
|
714
|
|
|
// Now create a new draft based on the role |
|
715
|
|
|
$newDraft = $roleService->createRoleDraft($role); |
|
716
|
|
|
$loadedRoleDraft = $roleService->loadRoleDraftByRoleId($role->id); |
|
717
|
|
|
|
|
718
|
|
|
/* END: Use Case */ |
|
719
|
|
|
|
|
720
|
|
|
self::assertEquals('roleName', $role->identifier); |
|
721
|
|
|
self::assertInstanceOf('eZ\Publish\API\Repository\Values\User\RoleDraft', $loadedRoleDraft); |
|
722
|
|
|
self::assertEquals($newDraft, $loadedRoleDraft); |
|
723
|
|
|
} |
|
724
|
|
|
|
|
725
|
|
|
/** |
|
726
|
|
|
* Test for the loadRole() method. |
|
727
|
|
|
* |
|
728
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRole() |
|
729
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRole |
|
730
|
|
|
*/ |
|
731
|
|
|
public function testLoadRoleThrowsNotFoundException() |
|
732
|
|
|
{ |
|
733
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
734
|
|
|
|
|
735
|
|
|
$repository = $this->getRepository(); |
|
736
|
|
|
|
|
737
|
|
|
$nonExistingRoleId = $this->generateId('role', self::DB_INT_MAX); |
|
738
|
|
|
/* BEGIN: Use Case */ |
|
739
|
|
|
|
|
740
|
|
|
$roleService = $repository->getRoleService(); |
|
741
|
|
|
|
|
742
|
|
|
// This call will fail with a NotFoundException, because no such role exists. |
|
743
|
|
|
$roleService->loadRole($nonExistingRoleId); |
|
744
|
|
|
|
|
745
|
|
|
/* END: Use Case */ |
|
746
|
|
|
} |
|
747
|
|
|
|
|
748
|
|
|
/** |
|
749
|
|
|
* Test for the loadRoleDraft() method. |
|
750
|
|
|
* |
|
751
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoleDraft() |
|
752
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleDraft |
|
753
|
|
|
*/ |
|
754
|
|
|
public function testLoadRoleDraftThrowsNotFoundException() |
|
755
|
|
|
{ |
|
756
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
757
|
|
|
|
|
758
|
|
|
$repository = $this->getRepository(); |
|
759
|
|
|
|
|
760
|
|
|
$nonExistingRoleId = $this->generateId('role', self::DB_INT_MAX); |
|
761
|
|
|
/* BEGIN: Use Case */ |
|
762
|
|
|
|
|
763
|
|
|
$roleService = $repository->getRoleService(); |
|
764
|
|
|
|
|
765
|
|
|
// This call will fail with a NotFoundException, because no such role exists. |
|
766
|
|
|
$roleService->loadRoleDraft($nonExistingRoleId); |
|
767
|
|
|
|
|
768
|
|
|
/* END: Use Case */ |
|
769
|
|
|
} |
|
770
|
|
|
|
|
771
|
|
|
public function testLoadRoleDraftByRoleIdThrowsNotFoundException() |
|
772
|
|
|
{ |
|
773
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
774
|
|
|
|
|
775
|
|
|
$repository = $this->getRepository(); |
|
776
|
|
|
|
|
777
|
|
|
$nonExistingRoleId = $this->generateId('role', self::DB_INT_MAX); |
|
778
|
|
|
/* BEGIN: Use Case */ |
|
779
|
|
|
|
|
780
|
|
|
$roleService = $repository->getRoleService(); |
|
781
|
|
|
|
|
782
|
|
|
// This call will fail with a NotFoundException, because no such role exists. |
|
783
|
|
|
$roleService->loadRoleDraftByRoleId($nonExistingRoleId); |
|
784
|
|
|
|
|
785
|
|
|
/* END: Use Case */ |
|
786
|
|
|
} |
|
787
|
|
|
|
|
788
|
|
|
/** |
|
789
|
|
|
* Test for the loadRoleByIdentifier() method. |
|
790
|
|
|
* |
|
791
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoleByIdentifier() |
|
792
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
793
|
|
|
*/ |
|
794
|
|
|
public function testLoadRoleByIdentifier() |
|
795
|
|
|
{ |
|
796
|
|
|
$repository = $this->getRepository(); |
|
797
|
|
|
|
|
798
|
|
|
/* BEGIN: Use Case */ |
|
799
|
|
|
|
|
800
|
|
|
$roleService = $repository->getRoleService(); |
|
801
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
802
|
|
|
|
|
803
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
804
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
805
|
|
|
|
|
806
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
807
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
808
|
|
|
|
|
809
|
|
|
// Load the newly created role by its identifier |
|
810
|
|
|
$role = $roleService->loadRoleByIdentifier('roleName'); |
|
811
|
|
|
|
|
812
|
|
|
/* END: Use Case */ |
|
813
|
|
|
|
|
814
|
|
|
$this->assertEquals('roleName', $role->identifier); |
|
815
|
|
|
} |
|
816
|
|
|
|
|
817
|
|
|
/** |
|
818
|
|
|
* Test for the loadRoleByIdentifier() method. |
|
819
|
|
|
* |
|
820
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoleByIdentifier() |
|
821
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
822
|
|
|
*/ |
|
823
|
|
|
public function testLoadRoleByIdentifierThrowsNotFoundException() |
|
824
|
|
|
{ |
|
825
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
826
|
|
|
|
|
827
|
|
|
$repository = $this->getRepository(); |
|
828
|
|
|
|
|
829
|
|
|
/* BEGIN: Use Case */ |
|
830
|
|
|
|
|
831
|
|
|
$roleService = $repository->getRoleService(); |
|
832
|
|
|
|
|
833
|
|
|
// This call will fail with a NotFoundException, because no such role exists. |
|
834
|
|
|
$roleService->loadRoleByIdentifier('MissingRole'); |
|
835
|
|
|
|
|
836
|
|
|
/* END: Use Case */ |
|
837
|
|
|
} |
|
838
|
|
|
|
|
839
|
|
|
/** |
|
840
|
|
|
* Test for the loadRoles() method. |
|
841
|
|
|
* |
|
842
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoles() |
|
843
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
844
|
|
|
*/ |
|
845
|
|
|
public function testLoadRoles() |
|
846
|
|
|
{ |
|
847
|
|
|
$repository = $this->getRepository(); |
|
848
|
|
|
|
|
849
|
|
|
/* BEGIN: Use Case */ |
|
850
|
|
|
|
|
851
|
|
|
// First create a custom role |
|
852
|
|
|
$roleService = $repository->getRoleService(); |
|
853
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('roleName'); |
|
854
|
|
|
|
|
855
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
856
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
857
|
|
|
|
|
858
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
859
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
860
|
|
|
|
|
861
|
|
|
// Now load all available roles |
|
862
|
|
|
$roles = $roleService->loadRoles(); |
|
863
|
|
|
|
|
864
|
|
|
foreach ($roles as $role) { |
|
865
|
|
|
if ($role->identifier === 'roleName') { |
|
866
|
|
|
break; |
|
867
|
|
|
} |
|
868
|
|
|
} |
|
869
|
|
|
|
|
870
|
|
|
/* END: Use Case */ |
|
871
|
|
|
|
|
872
|
|
|
$this->assertEquals('roleName', $role->identifier); |
|
|
|
|
|
|
873
|
|
|
} |
|
874
|
|
|
|
|
875
|
|
|
/** |
|
876
|
|
|
* Test for the loadRoles() method. |
|
877
|
|
|
* |
|
878
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::loadRoles() |
|
879
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoles |
|
880
|
|
|
*/ |
|
881
|
|
|
public function testLoadRolesReturnsExpectedSetOfDefaultRoles() |
|
882
|
|
|
{ |
|
883
|
|
|
$repository = $this->getRepository(); |
|
884
|
|
|
|
|
885
|
|
|
/* BEGIN: Use Case */ |
|
886
|
|
|
$roleService = $repository->getRoleService(); |
|
887
|
|
|
|
|
888
|
|
|
$roles = $roleService->loadRoles(); |
|
889
|
|
|
|
|
890
|
|
|
$roleNames = []; |
|
891
|
|
|
foreach ($roles as $role) { |
|
892
|
|
|
$roleNames[] = $role->identifier; |
|
893
|
|
|
} |
|
894
|
|
|
/* END: Use Case */ |
|
895
|
|
|
|
|
896
|
|
|
$this->assertEqualsCanonicalizing( |
|
897
|
|
|
[ |
|
898
|
|
|
'Administrator', |
|
899
|
|
|
'Anonymous', |
|
900
|
|
|
'Editor', |
|
901
|
|
|
'Member', |
|
902
|
|
|
'Partner', |
|
903
|
|
|
], |
|
904
|
|
|
$roleNames |
|
905
|
|
|
); |
|
906
|
|
|
} |
|
907
|
|
|
|
|
908
|
|
|
/** |
|
909
|
|
|
* Test for the newRoleUpdateStruct() method. |
|
910
|
|
|
* |
|
911
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newRoleUpdateStruct() |
|
912
|
|
|
*/ |
|
913
|
|
|
public function testNewRoleUpdateStruct() |
|
914
|
|
|
{ |
|
915
|
|
|
$repository = $this->getRepository(); |
|
916
|
|
|
|
|
917
|
|
|
/* BEGIN: Use Case */ |
|
918
|
|
|
$roleService = $repository->getRoleService(); |
|
919
|
|
|
$roleUpdate = $roleService->newRoleUpdateStruct('newRole'); |
|
920
|
|
|
/* END: Use Case */ |
|
921
|
|
|
|
|
922
|
|
|
$this->assertInstanceOf('\\eZ\\Publish\\API\\Repository\\Values\\User\\RoleUpdateStruct', $roleUpdate); |
|
923
|
|
|
} |
|
924
|
|
|
|
|
925
|
|
|
/** |
|
926
|
|
|
* Test for the updateRoleDraft() method. |
|
927
|
|
|
* |
|
928
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::updateRoleDraft() |
|
929
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleUpdateStruct |
|
930
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleDraft |
|
931
|
|
|
*/ |
|
932
|
|
|
public function testUpdateRoleDraft() |
|
933
|
|
|
{ |
|
934
|
|
|
$repository = $this->getRepository(); |
|
935
|
|
|
|
|
936
|
|
|
/* BEGIN: Use Case */ |
|
937
|
|
|
$roleService = $repository->getRoleService(); |
|
938
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
939
|
|
|
|
|
940
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
941
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
942
|
|
|
|
|
943
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
944
|
|
|
|
|
945
|
|
|
$roleUpdate = $roleService->newRoleUpdateStruct(); |
|
946
|
|
|
$roleUpdate->identifier = 'updatedRole'; |
|
947
|
|
|
|
|
948
|
|
|
$updatedRole = $roleService->updateRoleDraft($roleDraft, $roleUpdate); |
|
949
|
|
|
/* END: Use Case */ |
|
950
|
|
|
|
|
951
|
|
|
// Now verify that our change was saved |
|
952
|
|
|
$role = $roleService->loadRoleDraft($updatedRole->id); |
|
953
|
|
|
|
|
954
|
|
|
$this->assertEquals($role->identifier, 'updatedRole'); |
|
955
|
|
|
} |
|
956
|
|
|
|
|
957
|
|
|
/** |
|
958
|
|
|
* Test for the updateRoleDraft() method. |
|
959
|
|
|
* |
|
960
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::updateRoleDraft() |
|
961
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUpdateRoleDraft |
|
962
|
|
|
*/ |
|
963
|
|
|
public function testUpdateRoleDraftThrowsInvalidArgumentException() |
|
964
|
|
|
{ |
|
965
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
966
|
|
|
|
|
967
|
|
|
$repository = $this->getRepository(); |
|
968
|
|
|
|
|
969
|
|
|
/* BEGIN: Use Case */ |
|
970
|
|
|
$roleService = $repository->getRoleService(); |
|
971
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
972
|
|
|
|
|
973
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
974
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
975
|
|
|
|
|
976
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
977
|
|
|
|
|
978
|
|
|
$roleUpdate = $roleService->newRoleUpdateStruct(); |
|
979
|
|
|
$roleUpdate->identifier = 'Editor'; |
|
980
|
|
|
|
|
981
|
|
|
// This call will fail with an InvalidArgumentException, because Editor is a predefined role |
|
982
|
|
|
$roleService->updateRoleDraft($roleDraft, $roleUpdate); |
|
983
|
|
|
/* END: Use Case */ |
|
984
|
|
|
} |
|
985
|
|
|
|
|
986
|
|
|
/** |
|
987
|
|
|
* Test for the deleteRole() method. |
|
988
|
|
|
* |
|
989
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::deleteRole() |
|
990
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
991
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoles |
|
992
|
|
|
*/ |
|
993
|
|
|
public function testDeleteRole() |
|
994
|
|
|
{ |
|
995
|
|
|
$repository = $this->getRepository(); |
|
996
|
|
|
|
|
997
|
|
|
/* BEGIN: Use Case */ |
|
998
|
|
|
$roleService = $repository->getRoleService(); |
|
999
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1000
|
|
|
|
|
1001
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1002
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1003
|
|
|
|
|
1004
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1005
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1006
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1007
|
|
|
|
|
1008
|
|
|
$roleService->deleteRole($role); |
|
1009
|
|
|
/* END: Use Case */ |
|
1010
|
|
|
|
|
1011
|
|
|
$this->assertCount(5, $roleService->loadRoles()); |
|
1012
|
|
|
} |
|
1013
|
|
|
|
|
1014
|
|
|
/** |
|
1015
|
|
|
* Test for the deleteRoleDraft() method. |
|
1016
|
|
|
* |
|
1017
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::deleteRoleDraft() |
|
1018
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleDraft |
|
1019
|
|
|
*/ |
|
1020
|
|
|
public function testDeleteRoleDraft() |
|
1021
|
|
|
{ |
|
1022
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
1023
|
|
|
|
|
1024
|
|
|
$repository = $this->getRepository(); |
|
1025
|
|
|
|
|
1026
|
|
|
/* BEGIN: Use Case */ |
|
1027
|
|
|
$roleService = $repository->getRoleService(); |
|
1028
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1029
|
|
|
|
|
1030
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1031
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1032
|
|
|
|
|
1033
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1034
|
|
|
$roleID = $roleDraft->id; |
|
1035
|
|
|
$roleService->deleteRoleDraft($roleDraft); |
|
1036
|
|
|
|
|
1037
|
|
|
// This call will fail with a NotFoundException, because the draft no longer exists |
|
1038
|
|
|
$roleService->loadRoleDraft($roleID); |
|
1039
|
|
|
/* END: Use Case */ |
|
1040
|
|
|
} |
|
1041
|
|
|
|
|
1042
|
|
|
/** |
|
1043
|
|
|
* Test for the newPolicyCreateStruct() method. |
|
1044
|
|
|
* |
|
1045
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newPolicyCreateStruct() |
|
1046
|
|
|
*/ |
|
1047
|
|
|
public function testNewPolicyCreateStruct() |
|
1048
|
|
|
{ |
|
1049
|
|
|
$repository = $this->getRepository(); |
|
1050
|
|
|
|
|
1051
|
|
|
/* BEGIN: Use Case */ |
|
1052
|
|
|
$roleService = $repository->getRoleService(); |
|
1053
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'create'); |
|
1054
|
|
|
/* END: Use Case */ |
|
1055
|
|
|
|
|
1056
|
|
|
$this->assertInstanceOf('\\eZ\\Publish\\API\\Repository\\Values\\User\\PolicyCreateStruct', $policyCreate); |
|
1057
|
|
|
} |
|
1058
|
|
|
|
|
1059
|
|
|
/** |
|
1060
|
|
|
* Test for the newPolicyCreateStruct() method. |
|
1061
|
|
|
* |
|
1062
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newPolicyCreateStruct() |
|
1063
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyCreateStruct |
|
1064
|
|
|
*/ |
|
1065
|
|
|
public function testNewPolicyCreateStructSetsStructProperties() |
|
1066
|
|
|
{ |
|
1067
|
|
|
$repository = $this->getRepository(); |
|
1068
|
|
|
|
|
1069
|
|
|
/* BEGIN: Use Case */ |
|
1070
|
|
|
$roleService = $repository->getRoleService(); |
|
1071
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'create'); |
|
1072
|
|
|
/* END: Use Case */ |
|
1073
|
|
|
|
|
1074
|
|
|
$this->assertEquals( |
|
1075
|
|
|
['content', 'create'], |
|
1076
|
|
|
[$policyCreate->module, $policyCreate->function] |
|
1077
|
|
|
); |
|
1078
|
|
|
} |
|
1079
|
|
|
|
|
1080
|
|
|
/** |
|
1081
|
|
|
* Test for the addPolicyByRoleDraft() method. |
|
1082
|
|
|
* |
|
1083
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::addPolicyByRoleDraft() |
|
1084
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
1085
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyCreateStruct |
|
1086
|
|
|
*/ |
|
1087
|
|
|
public function testAddPolicyByRoleDraft() |
|
1088
|
|
|
{ |
|
1089
|
|
|
$repository = $this->getRepository(); |
|
1090
|
|
|
|
|
1091
|
|
|
/* BEGIN: Use Case */ |
|
1092
|
|
|
$roleService = $repository->getRoleService(); |
|
1093
|
|
|
|
|
1094
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1095
|
|
|
|
|
1096
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1097
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1098
|
|
|
|
|
1099
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1100
|
|
|
|
|
1101
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
1102
|
|
|
$roleDraft, |
|
1103
|
|
|
$roleService->newPolicyCreateStruct('content', 'delete') |
|
1104
|
|
|
); |
|
1105
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
1106
|
|
|
$roleDraft, |
|
1107
|
|
|
$roleService->newPolicyCreateStruct('content', 'create') |
|
1108
|
|
|
); |
|
1109
|
|
|
/* END: Use Case */ |
|
1110
|
|
|
|
|
1111
|
|
|
$actual = []; |
|
1112
|
|
View Code Duplication |
foreach ($roleDraft->getPolicies() as $policy) { |
|
|
|
|
|
|
1113
|
|
|
$actual[] = [ |
|
1114
|
|
|
'module' => $policy->module, |
|
1115
|
|
|
'function' => $policy->function, |
|
1116
|
|
|
]; |
|
1117
|
|
|
} |
|
1118
|
|
|
usort( |
|
1119
|
|
|
$actual, |
|
1120
|
|
|
function ($p1, $p2) { |
|
1121
|
|
|
return strcasecmp($p1['function'], $p2['function']); |
|
1122
|
|
|
} |
|
1123
|
|
|
); |
|
1124
|
|
|
|
|
1125
|
|
|
$this->assertEquals( |
|
1126
|
|
|
[ |
|
1127
|
|
|
[ |
|
1128
|
|
|
'module' => 'content', |
|
1129
|
|
|
'function' => 'create', |
|
1130
|
|
|
], |
|
1131
|
|
|
[ |
|
1132
|
|
|
'module' => 'content', |
|
1133
|
|
|
'function' => 'delete', |
|
1134
|
|
|
], |
|
1135
|
|
|
], |
|
1136
|
|
|
$actual |
|
1137
|
|
|
); |
|
1138
|
|
|
} |
|
1139
|
|
|
|
|
1140
|
|
|
/** |
|
1141
|
|
|
* Test for the addPolicyByRoleDraft() method. |
|
1142
|
|
|
* |
|
1143
|
|
|
* @return array [\eZ\Publish\API\Repository\Values\User\RoleDraft, \eZ\Publish\API\Repository\Values\User\Policy] |
|
1144
|
|
|
* |
|
1145
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::addPolicyByRoleDraft() |
|
1146
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraft |
|
1147
|
|
|
*/ |
|
1148
|
|
|
public function testAddPolicyByRoleDraftUpdatesRole() |
|
1149
|
|
|
{ |
|
1150
|
|
|
$repository = $this->getRepository(); |
|
1151
|
|
|
|
|
1152
|
|
|
/* BEGIN: Use Case */ |
|
1153
|
|
|
$roleService = $repository->getRoleService(); |
|
1154
|
|
|
|
|
1155
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1156
|
|
|
|
|
1157
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1158
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1159
|
|
|
|
|
1160
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1161
|
|
|
|
|
1162
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'create'); |
|
1163
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft($roleDraft, $policyCreate); |
|
1164
|
|
|
|
|
1165
|
|
|
$policy = null; |
|
1166
|
|
|
foreach ($roleDraft->getPolicies() as $policy) { |
|
1167
|
|
|
if ($policy->module === 'content' && $policy->function === 'create') { |
|
1168
|
|
|
break; |
|
1169
|
|
|
} |
|
1170
|
|
|
} |
|
1171
|
|
|
/* END: Use Case */ |
|
1172
|
|
|
|
|
1173
|
|
|
$this->assertInstanceOf( |
|
1174
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\Policy', |
|
1175
|
|
|
$policy |
|
1176
|
|
|
); |
|
1177
|
|
|
|
|
1178
|
|
|
return [$roleDraft, $policy]; |
|
1179
|
|
|
} |
|
1180
|
|
|
|
|
1181
|
|
|
/** |
|
1182
|
|
|
* Test for the addPolicyByRoleDraft() method. |
|
1183
|
|
|
* |
|
1184
|
|
|
* @param array $roleAndPolicy |
|
1185
|
|
|
* |
|
1186
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::addPolicyByRoleDraft() |
|
1187
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraftUpdatesRole |
|
1188
|
|
|
*/ |
|
1189
|
|
|
public function testAddPolicyByRoleDraftSetsPolicyProperties($roleAndPolicy) |
|
1190
|
|
|
{ |
|
1191
|
|
|
list($role, $policy) = $roleAndPolicy; |
|
1192
|
|
|
|
|
1193
|
|
|
$this->assertEquals( |
|
1194
|
|
|
[$role->id, 'content', 'create'], |
|
1195
|
|
|
[$policy->roleId, $policy->module, $policy->function] |
|
1196
|
|
|
); |
|
1197
|
|
|
} |
|
1198
|
|
|
|
|
1199
|
|
|
/** |
|
1200
|
|
|
* Test for the addPolicyByRoleDraft() method. |
|
1201
|
|
|
* |
|
1202
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::addPolicyByRoleDraft() |
|
1203
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyCreateStruct |
|
1204
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
1205
|
|
|
*/ |
|
1206
|
|
View Code Duplication |
public function testAddPolicyByRoleDraftThrowsLimitationValidationException() |
|
1207
|
|
|
{ |
|
1208
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\LimitationValidationException::class); |
|
1209
|
|
|
|
|
1210
|
|
|
$repository = $this->getRepository(); |
|
1211
|
|
|
|
|
1212
|
|
|
/* BEGIN: Use Case */ |
|
1213
|
|
|
$roleService = $repository->getRoleService(); |
|
1214
|
|
|
|
|
1215
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Lumberjack'); |
|
1216
|
|
|
|
|
1217
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1218
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1219
|
|
|
|
|
1220
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1221
|
|
|
|
|
1222
|
|
|
// Create new subtree limitation |
|
1223
|
|
|
$limitation = new SubtreeLimitation( |
|
1224
|
|
|
[ |
|
1225
|
|
|
'limitationValues' => ['/mountain/forest/tree/42/'], |
|
1226
|
|
|
] |
|
1227
|
|
|
); |
|
1228
|
|
|
|
|
1229
|
|
|
// Create policy create struct and add limitation to it |
|
1230
|
|
|
$policyCreateStruct = $roleService->newPolicyCreateStruct('content', 'remove'); |
|
1231
|
|
|
$policyCreateStruct->addLimitation($limitation); |
|
1232
|
|
|
|
|
1233
|
|
|
// This call will fail with an LimitationValidationException, because subtree |
|
1234
|
|
|
// "/mountain/forest/tree/42/" does not exist |
|
1235
|
|
|
$roleService->addPolicyByRoleDraft($roleDraft, $policyCreateStruct); |
|
1236
|
|
|
/* END: Use Case */ |
|
1237
|
|
|
} |
|
1238
|
|
|
|
|
1239
|
|
|
/** |
|
1240
|
|
|
* Test for the createRole() method. |
|
1241
|
|
|
* |
|
1242
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRole() |
|
1243
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraftUpdatesRole |
|
1244
|
|
|
*/ |
|
1245
|
|
|
public function testCreateRoleWithAddPolicy() |
|
1246
|
|
|
{ |
|
1247
|
|
|
$repository = $this->getRepository(); |
|
1248
|
|
|
|
|
1249
|
|
|
/* BEGIN: Use Case */ |
|
1250
|
|
|
$roleService = $repository->getRoleService(); |
|
1251
|
|
|
|
|
1252
|
|
|
// Instantiate a new create struct |
|
1253
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1254
|
|
|
|
|
1255
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1256
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1257
|
|
|
|
|
1258
|
|
|
// Add some role policies |
|
1259
|
|
|
$roleCreate->addPolicy( |
|
1260
|
|
|
$roleService->newPolicyCreateStruct( |
|
1261
|
|
|
'content', |
|
1262
|
|
|
'read' |
|
1263
|
|
|
) |
|
1264
|
|
|
); |
|
1265
|
|
|
$roleCreate->addPolicy( |
|
1266
|
|
|
$roleService->newPolicyCreateStruct( |
|
1267
|
|
|
'content', |
|
1268
|
|
|
'translate' |
|
1269
|
|
|
) |
|
1270
|
|
|
); |
|
1271
|
|
|
|
|
1272
|
|
|
// Create new role instance |
|
1273
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1274
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1275
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1276
|
|
|
|
|
1277
|
|
|
$policies = []; |
|
1278
|
|
View Code Duplication |
foreach ($role->getPolicies() as $policy) { |
|
|
|
|
|
|
1279
|
|
|
$policies[] = ['module' => $policy->module, 'function' => $policy->function]; |
|
1280
|
|
|
} |
|
1281
|
|
|
/* END: Use Case */ |
|
1282
|
|
|
array_multisort($policies); |
|
1283
|
|
|
|
|
1284
|
|
|
$this->assertEquals( |
|
1285
|
|
|
[ |
|
1286
|
|
|
[ |
|
1287
|
|
|
'module' => 'content', |
|
1288
|
|
|
'function' => 'read', |
|
1289
|
|
|
], |
|
1290
|
|
|
[ |
|
1291
|
|
|
'module' => 'content', |
|
1292
|
|
|
'function' => 'translate', |
|
1293
|
|
|
], |
|
1294
|
|
|
], |
|
1295
|
|
|
$policies |
|
1296
|
|
|
); |
|
1297
|
|
|
} |
|
1298
|
|
|
|
|
1299
|
|
|
/** |
|
1300
|
|
|
* Test for the createRoleDraft() method. |
|
1301
|
|
|
* |
|
1302
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::createRoleDraft() |
|
1303
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraftUpdatesRole |
|
1304
|
|
|
*/ |
|
1305
|
|
|
public function testCreateRoleDraftWithAddPolicy() |
|
1306
|
|
|
{ |
|
1307
|
|
|
$repository = $this->getRepository(); |
|
1308
|
|
|
|
|
1309
|
|
|
/* BEGIN: Use Case */ |
|
1310
|
|
|
$roleService = $repository->getRoleService(); |
|
1311
|
|
|
|
|
1312
|
|
|
// Instantiate a new create struct |
|
1313
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1314
|
|
|
|
|
1315
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1316
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1317
|
|
|
|
|
1318
|
|
|
// Add some role policies |
|
1319
|
|
|
$roleCreate->addPolicy( |
|
1320
|
|
|
$roleService->newPolicyCreateStruct( |
|
1321
|
|
|
'content', |
|
1322
|
|
|
'read' |
|
1323
|
|
|
) |
|
1324
|
|
|
); |
|
1325
|
|
|
$roleCreate->addPolicy( |
|
1326
|
|
|
$roleService->newPolicyCreateStruct( |
|
1327
|
|
|
'content', |
|
1328
|
|
|
'translate' |
|
1329
|
|
|
) |
|
1330
|
|
|
); |
|
1331
|
|
|
|
|
1332
|
|
|
// Create new role instance |
|
1333
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1334
|
|
|
|
|
1335
|
|
|
$policies = []; |
|
1336
|
|
View Code Duplication |
foreach ($roleDraft->getPolicies() as $policy) { |
|
|
|
|
|
|
1337
|
|
|
$policies[] = ['module' => $policy->module, 'function' => $policy->function]; |
|
1338
|
|
|
} |
|
1339
|
|
|
/* END: Use Case */ |
|
1340
|
|
|
|
|
1341
|
|
|
$this->assertEquals( |
|
1342
|
|
|
[ |
|
1343
|
|
|
[ |
|
1344
|
|
|
'module' => 'content', |
|
1345
|
|
|
'function' => 'read', |
|
1346
|
|
|
], |
|
1347
|
|
|
[ |
|
1348
|
|
|
'module' => 'content', |
|
1349
|
|
|
'function' => 'translate', |
|
1350
|
|
|
], |
|
1351
|
|
|
], |
|
1352
|
|
|
$policies |
|
1353
|
|
|
); |
|
1354
|
|
|
} |
|
1355
|
|
|
|
|
1356
|
|
|
/** |
|
1357
|
|
|
* Test for the newPolicyUpdateStruct() method. |
|
1358
|
|
|
* |
|
1359
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::newPolicyUpdateStruct() |
|
1360
|
|
|
*/ |
|
1361
|
|
|
public function testNewPolicyUpdateStruct() |
|
1362
|
|
|
{ |
|
1363
|
|
|
$repository = $this->getRepository(); |
|
1364
|
|
|
|
|
1365
|
|
|
/* BEGIN: Use Case */ |
|
1366
|
|
|
$roleService = $repository->getRoleService(); |
|
1367
|
|
|
$policyUpdate = $roleService->newPolicyUpdateStruct(); |
|
1368
|
|
|
/* END: Use Case */ |
|
1369
|
|
|
|
|
1370
|
|
|
$this->assertInstanceOf( |
|
1371
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\PolicyUpdateStruct', |
|
1372
|
|
|
$policyUpdate |
|
1373
|
|
|
); |
|
1374
|
|
|
} |
|
1375
|
|
|
|
|
1376
|
|
|
public function testUpdatePolicyByRoleDraftNoLimitation() |
|
1377
|
|
|
{ |
|
1378
|
|
|
$repository = $this->getRepository(); |
|
1379
|
|
|
|
|
1380
|
|
|
/* BEGIN: Use Case */ |
|
1381
|
|
|
$roleService = $repository->getRoleService(); |
|
1382
|
|
|
|
|
1383
|
|
|
// Instantiate new policy create |
|
1384
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('foo', 'bar'); |
|
1385
|
|
|
|
|
1386
|
|
|
// Instantiate a role create and add the policy create |
|
1387
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('myRole'); |
|
1388
|
|
|
|
|
1389
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1390
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1391
|
|
|
|
|
1392
|
|
|
$roleCreate->addPolicy($policyCreate); |
|
1393
|
|
|
|
|
1394
|
|
|
// Create a new role instance. |
|
1395
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1396
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1397
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1398
|
|
|
|
|
1399
|
|
|
$roleDraft = $roleService->createRoleDraft($role); |
|
1400
|
|
|
// Search for the new policy instance |
|
1401
|
|
|
$policy = null; |
|
1402
|
|
|
/** @var \eZ\Publish\API\Repository\Values\User\PolicyDraft $policy */ |
|
1403
|
|
|
foreach ($roleDraft->getPolicies() as $policy) { |
|
1404
|
|
|
if ($policy->module === 'foo' && $policy->function === 'bar') { |
|
1405
|
|
|
break; |
|
1406
|
|
|
} |
|
1407
|
|
|
} |
|
1408
|
|
|
|
|
1409
|
|
|
// Create an update struct |
|
1410
|
|
|
$policyUpdate = $roleService->newPolicyUpdateStruct(); |
|
1411
|
|
|
|
|
1412
|
|
|
// Update the the policy |
|
1413
|
|
|
$policy = $roleService->updatePolicyByRoleDraft( |
|
1414
|
|
|
$roleDraft, |
|
1415
|
|
|
$policy, |
|
|
|
|
|
|
1416
|
|
|
$policyUpdate |
|
1417
|
|
|
); |
|
1418
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1419
|
|
|
|
|
1420
|
|
|
/* END: Use Case */ |
|
1421
|
|
|
|
|
1422
|
|
|
$this->assertInstanceOf( |
|
1423
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\Policy', |
|
1424
|
|
|
$policy |
|
1425
|
|
|
); |
|
1426
|
|
|
|
|
1427
|
|
|
self::assertEquals([], $policy->getLimitations()); |
|
1428
|
|
|
} |
|
1429
|
|
|
|
|
1430
|
|
|
/** |
|
1431
|
|
|
* @return array |
|
1432
|
|
|
* |
|
1433
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::updatePolicyByRoleDraft() |
|
1434
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraft |
|
1435
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyUpdateStruct |
|
1436
|
|
|
*/ |
|
1437
|
|
|
public function testUpdatePolicyByRoleDraft() |
|
1438
|
|
|
{ |
|
1439
|
|
|
$repository = $this->getRepository(); |
|
1440
|
|
|
|
|
1441
|
|
|
/* BEGIN: Use Case */ |
|
1442
|
|
|
$roleService = $repository->getRoleService(); |
|
1443
|
|
|
|
|
1444
|
|
|
// Instantiate new policy create |
|
1445
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'translate'); |
|
1446
|
|
|
|
|
1447
|
|
|
// Add some limitations for the new policy |
|
1448
|
|
|
$policyCreate->addLimitation( |
|
1449
|
|
|
new LanguageLimitation( |
|
1450
|
|
|
[ |
|
1451
|
|
|
'limitationValues' => ['eng-US', 'eng-GB'], |
|
1452
|
|
|
] |
|
1453
|
|
|
) |
|
1454
|
|
|
); |
|
1455
|
|
|
|
|
1456
|
|
|
// Instantiate a role create and add the policy create |
|
1457
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('myRole'); |
|
1458
|
|
|
|
|
1459
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1460
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1461
|
|
|
|
|
1462
|
|
|
$roleCreate->addPolicy($policyCreate); |
|
1463
|
|
|
|
|
1464
|
|
|
// Create a new role instance. |
|
1465
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1466
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1467
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1468
|
|
|
|
|
1469
|
|
|
$roleDraft = $roleService->createRoleDraft($role); |
|
1470
|
|
|
// Search for the new policy instance |
|
1471
|
|
|
$policy = null; |
|
1472
|
|
|
/** @var \eZ\Publish\API\Repository\Values\User\PolicyDraft $policy */ |
|
1473
|
|
|
foreach ($roleDraft->getPolicies() as $policy) { |
|
1474
|
|
|
if ($policy->module === 'content' && $policy->function === 'translate') { |
|
1475
|
|
|
break; |
|
1476
|
|
|
} |
|
1477
|
|
|
} |
|
1478
|
|
|
|
|
1479
|
|
|
// Create an update struct and set a modified limitation |
|
1480
|
|
|
$policyUpdate = $roleService->newPolicyUpdateStruct(); |
|
1481
|
|
|
$policyUpdate->addLimitation( |
|
1482
|
|
|
new ContentTypeLimitation( |
|
1483
|
|
|
[ |
|
1484
|
|
|
'limitationValues' => [29, 30], |
|
1485
|
|
|
] |
|
1486
|
|
|
) |
|
1487
|
|
|
); |
|
1488
|
|
|
|
|
1489
|
|
|
// Update the the policy |
|
1490
|
|
|
$policy = $roleService->updatePolicyByRoleDraft( |
|
1491
|
|
|
$roleDraft, |
|
1492
|
|
|
$policy, |
|
|
|
|
|
|
1493
|
|
|
$policyUpdate |
|
1494
|
|
|
); |
|
1495
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1496
|
|
|
|
|
1497
|
|
|
/* END: Use Case */ |
|
1498
|
|
|
|
|
1499
|
|
|
$this->assertInstanceOf( |
|
1500
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\Policy', |
|
1501
|
|
|
$policy |
|
1502
|
|
|
); |
|
1503
|
|
|
|
|
1504
|
|
|
return [$roleService->loadRole($role->id), $policy]; |
|
1505
|
|
|
} |
|
1506
|
|
|
|
|
1507
|
|
|
/** |
|
1508
|
|
|
* @param array $roleAndPolicy |
|
1509
|
|
|
* |
|
1510
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::testUpdatePolicyByRoleDraft() |
|
1511
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUpdatePolicyByRoleDraft |
|
1512
|
|
|
*/ |
|
1513
|
|
|
public function testUpdatePolicyUpdatesLimitations($roleAndPolicy) |
|
1514
|
|
|
{ |
|
1515
|
|
|
list($role, $policy) = $roleAndPolicy; |
|
1516
|
|
|
|
|
1517
|
|
|
$this->assertEquals( |
|
1518
|
|
|
[ |
|
1519
|
|
|
new ContentTypeLimitation( |
|
1520
|
|
|
[ |
|
1521
|
|
|
'limitationValues' => [29, 30], |
|
1522
|
|
|
] |
|
1523
|
|
|
), |
|
1524
|
|
|
], |
|
1525
|
|
|
$policy->getLimitations() |
|
1526
|
|
|
); |
|
1527
|
|
|
|
|
1528
|
|
|
return $role; |
|
1529
|
|
|
} |
|
1530
|
|
|
|
|
1531
|
|
|
/** |
|
1532
|
|
|
* Test for the updatePolicy() method. |
|
1533
|
|
|
* |
|
1534
|
|
|
* @param \eZ\Publish\API\Repository\Values\User\Role $role |
|
1535
|
|
|
* |
|
1536
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::updatePolicyByRoleDraft() |
|
1537
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testUpdatePolicyUpdatesLimitations |
|
1538
|
|
|
*/ |
|
1539
|
|
|
public function testUpdatePolicyUpdatesRole($role) |
|
1540
|
|
|
{ |
|
1541
|
|
|
$limitations = []; |
|
1542
|
|
|
foreach ($role->getPolicies() as $policy) { |
|
1543
|
|
|
foreach ($policy->getLimitations() as $limitation) { |
|
1544
|
|
|
$limitations[] = $limitation; |
|
1545
|
|
|
} |
|
1546
|
|
|
} |
|
1547
|
|
|
|
|
1548
|
|
|
$this->assertCount(1, $limitations); |
|
1549
|
|
|
$this->assertInstanceOf( |
|
1550
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\Limitation', |
|
1551
|
|
|
$limitations[0] |
|
1552
|
|
|
); |
|
1553
|
|
|
|
|
1554
|
|
|
$expectedData = [ |
|
1555
|
|
|
'limitationValues' => [29, 30], |
|
1556
|
|
|
]; |
|
1557
|
|
|
$this->assertPropertiesCorrectUnsorted( |
|
1558
|
|
|
$expectedData, |
|
1559
|
|
|
$limitations[0] |
|
1560
|
|
|
); |
|
1561
|
|
|
} |
|
1562
|
|
|
|
|
1563
|
|
|
/** |
|
1564
|
|
|
* Test for the updatePolicy() method. |
|
1565
|
|
|
* |
|
1566
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::updatePolicyByRoleDraft() |
|
1567
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraft |
|
1568
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyCreateStruct |
|
1569
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewPolicyUpdateStruct |
|
1570
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testNewRoleCreateStruct |
|
1571
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRole |
|
1572
|
|
|
*/ |
|
1573
|
|
|
public function testUpdatePolicyByRoleDraftThrowsLimitationValidationException() |
|
1574
|
|
|
{ |
|
1575
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\LimitationValidationException::class); |
|
1576
|
|
|
|
|
1577
|
|
|
$repository = $this->getRepository(); |
|
1578
|
|
|
|
|
1579
|
|
|
/* BEGIN: Use Case */ |
|
1580
|
|
|
$roleService = $repository->getRoleService(); |
|
1581
|
|
|
|
|
1582
|
|
|
// Instantiate new policy create |
|
1583
|
|
|
$policyCreate = $roleService->newPolicyCreateStruct('content', 'remove'); |
|
1584
|
|
|
|
|
1585
|
|
|
// Add some limitations for the new policy |
|
1586
|
|
|
$policyCreate->addLimitation( |
|
1587
|
|
|
new SubtreeLimitation( |
|
1588
|
|
|
[ |
|
1589
|
|
|
'limitationValues' => ['/1/2/'], |
|
1590
|
|
|
] |
|
1591
|
|
|
) |
|
1592
|
|
|
); |
|
1593
|
|
|
|
|
1594
|
|
|
// Instantiate a role create and add the policy create |
|
1595
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('myRole'); |
|
1596
|
|
|
|
|
1597
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1598
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1599
|
|
|
|
|
1600
|
|
|
$roleCreate->addPolicy($policyCreate); |
|
1601
|
|
|
|
|
1602
|
|
|
// Create a new role instance. |
|
1603
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1604
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1605
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1606
|
|
|
$roleDraft = $roleService->createRoleDraft($role); |
|
1607
|
|
|
// Search for the new policy instance |
|
1608
|
|
|
$policy = null; |
|
1609
|
|
|
/** @var \eZ\Publish\API\Repository\Values\User\PolicyDraft $policy */ |
|
1610
|
|
|
foreach ($roleDraft->getPolicies() as $policy) { |
|
1611
|
|
|
if ($policy->module === 'content' && $policy->function === 'remove') { |
|
1612
|
|
|
break; |
|
1613
|
|
|
} |
|
1614
|
|
|
} |
|
1615
|
|
|
|
|
1616
|
|
|
// Create an update struct and set a modified limitation |
|
1617
|
|
|
$policyUpdate = $roleService->newPolicyUpdateStruct(); |
|
1618
|
|
|
$policyUpdate->addLimitation( |
|
1619
|
|
|
new SubtreeLimitation( |
|
1620
|
|
|
[ |
|
1621
|
|
|
'limitationValues' => ['/mountain/forest/tree/42/'], |
|
1622
|
|
|
] |
|
1623
|
|
|
) |
|
1624
|
|
|
); |
|
1625
|
|
|
|
|
1626
|
|
|
// This call will fail with an LimitationValidationException, because subtree |
|
1627
|
|
|
// "/mountain/forest/tree/42/" does not exist |
|
1628
|
|
|
$policy = $roleService->updatePolicyByRoleDraft( |
|
|
|
|
|
|
1629
|
|
|
$roleDraft, |
|
1630
|
|
|
$policy, |
|
|
|
|
|
|
1631
|
|
|
$policyUpdate |
|
1632
|
|
|
); |
|
1633
|
|
|
/* END: Use Case */ |
|
1634
|
|
|
} |
|
1635
|
|
|
|
|
1636
|
|
|
/** |
|
1637
|
|
|
* Test for the removePolicyByRoleDraft() method. |
|
1638
|
|
|
* |
|
1639
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::removePolicyByRoleDraft() |
|
1640
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraft |
|
1641
|
|
|
*/ |
|
1642
|
|
View Code Duplication |
public function testRemovePolicyByRoleDraft() |
|
1643
|
|
|
{ |
|
1644
|
|
|
$repository = $this->getRepository(); |
|
1645
|
|
|
|
|
1646
|
|
|
/* BEGIN: Use Case */ |
|
1647
|
|
|
$roleService = $repository->getRoleService(); |
|
1648
|
|
|
|
|
1649
|
|
|
// Instantiate a new role create |
|
1650
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1651
|
|
|
|
|
1652
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
1653
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
1654
|
|
|
|
|
1655
|
|
|
// Create a new role with two policies |
|
1656
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1657
|
|
|
$roleService->addPolicyByRoleDraft( |
|
1658
|
|
|
$roleDraft, |
|
1659
|
|
|
$roleService->newPolicyCreateStruct('content', 'create') |
|
1660
|
|
|
); |
|
1661
|
|
|
$roleService->addPolicyByRoleDraft( |
|
1662
|
|
|
$roleDraft, |
|
1663
|
|
|
$roleService->newPolicyCreateStruct('content', 'delete') |
|
1664
|
|
|
); |
|
1665
|
|
|
|
|
1666
|
|
|
// Delete all policies from the new role |
|
1667
|
|
|
foreach ($roleDraft->getPolicies() as $policy) { |
|
1668
|
|
|
$roleDraft = $roleService->removePolicyByRoleDraft($roleDraft, $policy); |
|
|
|
|
|
|
1669
|
|
|
} |
|
1670
|
|
|
/* END: Use Case */ |
|
1671
|
|
|
|
|
1672
|
|
|
$this->assertSame([], $roleDraft->getPolicies()); |
|
1673
|
|
|
} |
|
1674
|
|
|
|
|
1675
|
|
|
/** |
|
1676
|
|
|
* Test for the addPolicyByRoleDraft() method. |
|
1677
|
|
|
* |
|
1678
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::addPolicyByRoleDraft() |
|
1679
|
|
|
*/ |
|
1680
|
|
|
public function testAddPolicyWithRoleAssignment() |
|
1681
|
|
|
{ |
|
1682
|
|
|
$repository = $this->getRepository(); |
|
1683
|
|
|
|
|
1684
|
|
|
/* BEGIN: Use Case */ |
|
1685
|
|
|
$roleService = $repository->getRoleService(); |
|
1686
|
|
|
$userService = $repository->getUserService(); |
|
1687
|
|
|
|
|
1688
|
|
|
/* Create new user group */ |
|
1689
|
|
|
$mainGroupId = $this->generateId('group', 4); |
|
1690
|
|
|
$parentUserGroup = $userService->loadUserGroup($mainGroupId); |
|
1691
|
|
|
$userGroupCreate = $userService->newUserGroupCreateStruct('eng-US'); |
|
1692
|
|
|
$userGroupCreate->setField('name', 'newUserGroup'); |
|
1693
|
|
|
$userGroup = $userService->createUserGroup($userGroupCreate, $parentUserGroup); |
|
1694
|
|
|
|
|
1695
|
|
|
/* Create Role */ |
|
1696
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
1697
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
1698
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
1699
|
|
|
|
|
1700
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
1701
|
|
|
$roleService->assignRoleToUserGroup($role, $userGroup); |
|
1702
|
|
|
|
|
1703
|
|
|
$roleAssignmentsBeforeNewPolicy = $roleService->getRoleAssignments($role)[0]; |
|
1704
|
|
|
|
|
1705
|
|
|
/* Add new policy to existing role */ |
|
1706
|
|
|
$roleUpdateDraft = $roleService->createRoleDraft($role); |
|
1707
|
|
|
$roleUpdateDraft = $roleService->addPolicyByRoleDraft( |
|
1708
|
|
|
$roleUpdateDraft, |
|
1709
|
|
|
$roleService->newPolicyCreateStruct('content', 'create') |
|
1710
|
|
|
); |
|
1711
|
|
|
$roleService->publishRoleDraft($roleUpdateDraft); |
|
1712
|
|
|
|
|
1713
|
|
|
$roleAfterUpdate = $roleService->loadRole($role->id); |
|
1714
|
|
|
$roleAssignmentsAfterNewPolicy = $roleService->getRoleAssignments($roleAfterUpdate)[0]; |
|
1715
|
|
|
/* END: Use Case */ |
|
1716
|
|
|
|
|
1717
|
|
|
$this->assertNotEquals($roleAssignmentsBeforeNewPolicy->id, $roleAssignmentsAfterNewPolicy->id); |
|
1718
|
|
|
} |
|
1719
|
|
|
|
|
1720
|
|
|
/** |
|
1721
|
|
|
* Test loading user/group role assignments. |
|
1722
|
|
|
* |
|
1723
|
|
|
* @return \eZ\Publish\API\Repository\Values\User\UserGroupRoleAssignment |
|
1724
|
|
|
* |
|
1725
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::loadRoleAssignment |
|
1726
|
|
|
*/ |
|
1727
|
|
|
public function testLoadRoleAssignment() |
|
1728
|
|
|
{ |
|
1729
|
|
|
$repository = $this->getRepository(); |
|
1730
|
|
|
|
|
1731
|
|
|
/* BEGIN: Use Case */ |
|
1732
|
|
|
$roleService = $repository->getRoleService(); |
|
1733
|
|
|
$user = $repository->getUserService()->loadUser(14); |
|
1734
|
|
|
|
|
1735
|
|
|
// Check inital empty assigments (also warms up potential cache to validate it is correct below) |
|
1736
|
|
|
$this->assertCount(0, $roleService->getRoleAssignmentsForUser($user)); |
|
1737
|
|
|
|
|
1738
|
|
|
// Assignment to user group |
|
1739
|
|
|
$groupRoleAssignment = $roleService->loadRoleAssignment(25); |
|
1740
|
|
|
|
|
1741
|
|
|
// Assignment to user |
|
1742
|
|
|
$role = $roleService->loadRole(2); |
|
1743
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
1744
|
|
|
$userRoleAssignments = $roleService->getRoleAssignmentsForUser($user); |
|
1745
|
|
|
|
|
1746
|
|
|
$userRoleAssignment = $roleService->loadRoleAssignment($userRoleAssignments[0]->id); |
|
1747
|
|
|
/* END: Use Case */ |
|
1748
|
|
|
|
|
1749
|
|
|
$this->assertInstanceOf( |
|
1750
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
1751
|
|
|
$groupRoleAssignment |
|
1752
|
|
|
); |
|
1753
|
|
|
|
|
1754
|
|
|
$this->assertEquals( |
|
1755
|
|
|
[ |
|
1756
|
|
|
12, |
|
1757
|
|
|
2, |
|
1758
|
|
|
25, |
|
1759
|
|
|
], |
|
1760
|
|
|
[ |
|
1761
|
|
|
$groupRoleAssignment->userGroup->id, |
|
|
|
|
|
|
1762
|
|
|
$groupRoleAssignment->role->id, |
|
1763
|
|
|
$groupRoleAssignment->id, |
|
1764
|
|
|
] |
|
1765
|
|
|
); |
|
1766
|
|
|
|
|
1767
|
|
|
self::assertInstanceOf('\\eZ\\Publish\\API\\Repository\\Values\\User\\UserRoleAssignment', $userRoleAssignment); |
|
1768
|
|
|
self::assertEquals(14, $userRoleAssignment->user->id); |
|
|
|
|
|
|
1769
|
|
|
|
|
1770
|
|
|
return $groupRoleAssignment; |
|
1771
|
|
|
} |
|
1772
|
|
|
|
|
1773
|
|
|
/** |
|
1774
|
|
|
* Test for the getRoleAssignments() method. |
|
1775
|
|
|
* |
|
1776
|
|
|
* @return \eZ\Publish\API\Repository\Values\User\RoleAssignment[] |
|
1777
|
|
|
* |
|
1778
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignments() |
|
1779
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
1780
|
|
|
*/ |
|
1781
|
|
|
public function testGetRoleAssignments() |
|
1782
|
|
|
{ |
|
1783
|
|
|
$repository = $this->getRepository(); |
|
1784
|
|
|
|
|
1785
|
|
|
/* BEGIN: Use Case */ |
|
1786
|
|
|
$roleService = $repository->getRoleService(); |
|
1787
|
|
|
|
|
1788
|
|
|
// Load the editor role |
|
1789
|
|
|
$role = $roleService->loadRoleByIdentifier('Editor'); |
|
1790
|
|
|
|
|
1791
|
|
|
// Load all assigned users and user groups |
|
1792
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
1793
|
|
|
|
|
1794
|
|
|
/* END: Use Case */ |
|
1795
|
|
|
|
|
1796
|
|
|
$this->assertCount(2, $roleAssignments); |
|
1797
|
|
|
$this->assertInstanceOf( |
|
1798
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
1799
|
|
|
$roleAssignments[0] |
|
1800
|
|
|
); |
|
1801
|
|
|
$this->assertInstanceOf( |
|
1802
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
1803
|
|
|
$roleAssignments[1] |
|
1804
|
|
|
); |
|
1805
|
|
|
|
|
1806
|
|
|
return $roleAssignments; |
|
1807
|
|
|
} |
|
1808
|
|
|
|
|
1809
|
|
|
/** |
|
1810
|
|
|
* Test for the getRoleAssignments() method. |
|
1811
|
|
|
* |
|
1812
|
|
|
* @param \eZ\Publish\API\Repository\Values\User\RoleAssignment[] $roleAssignments |
|
1813
|
|
|
* |
|
1814
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignments() |
|
1815
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testGetRoleAssignments |
|
1816
|
|
|
*/ |
|
1817
|
|
|
public function testGetRoleAssignmentsContainExpectedLimitation(array $roleAssignments) |
|
1818
|
|
|
{ |
|
1819
|
|
|
$this->assertEquals( |
|
1820
|
|
|
'Subtree', |
|
1821
|
|
|
reset($roleAssignments)->limitation->getIdentifier() |
|
1822
|
|
|
); |
|
1823
|
|
|
} |
|
1824
|
|
|
|
|
1825
|
|
|
/** |
|
1826
|
|
|
* Test for the assignRoleToUser() method. |
|
1827
|
|
|
* |
|
1828
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUser() |
|
1829
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testGetRoleAssignments |
|
1830
|
|
|
*/ |
|
1831
|
|
View Code Duplication |
public function testAssignRoleToUser() |
|
1832
|
|
|
{ |
|
1833
|
|
|
$repository = $this->getRepository(); |
|
1834
|
|
|
$roleService = $repository->getRoleService(); |
|
1835
|
|
|
|
|
1836
|
|
|
/* BEGIN: Use Case */ |
|
1837
|
|
|
$user = $this->createUserVersion1(); |
|
1838
|
|
|
|
|
1839
|
|
|
// Load the existing "Administrator" role |
|
1840
|
|
|
$role = $roleService->loadRoleByIdentifier('Administrator'); |
|
1841
|
|
|
|
|
1842
|
|
|
// Assign the "Administrator" role to the newly created user |
|
1843
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
1844
|
|
|
|
|
1845
|
|
|
// The assignments array will contain the new role<->user assignment |
|
1846
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
1847
|
|
|
/* END: Use Case */ |
|
1848
|
|
|
|
|
1849
|
|
|
// Administrator + Example User |
|
1850
|
|
|
$this->assertCount(2, $roleAssignments); |
|
1851
|
|
|
} |
|
1852
|
|
|
|
|
1853
|
|
|
/** |
|
1854
|
|
|
* Test for the assignRoleToUser() method. |
|
1855
|
|
|
* |
|
1856
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUser($role, $user, $roleLimitation) |
|
1857
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
1858
|
|
|
*/ |
|
1859
|
|
View Code Duplication |
public function testAssignRoleToUserWithRoleLimitation() |
|
1860
|
|
|
{ |
|
1861
|
|
|
$repository = $this->getRepository(); |
|
1862
|
|
|
$roleService = $repository->getRoleService(); |
|
1863
|
|
|
|
|
1864
|
|
|
/* BEGIN: Use Case */ |
|
1865
|
|
|
$user = $this->createUserVersion1(); |
|
1866
|
|
|
|
|
1867
|
|
|
// Load the existing "Anonymous" role |
|
1868
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
1869
|
|
|
|
|
1870
|
|
|
// Assign the "Anonymous" role to the newly created user |
|
1871
|
|
|
$roleService->assignRoleToUser( |
|
1872
|
|
|
$role, |
|
1873
|
|
|
$user, |
|
1874
|
|
|
new SubtreeLimitation( |
|
1875
|
|
|
[ |
|
1876
|
|
|
'limitationValues' => ['/1/43/'], |
|
1877
|
|
|
] |
|
1878
|
|
|
) |
|
1879
|
|
|
); |
|
1880
|
|
|
|
|
1881
|
|
|
// The assignments array will contain the new role<->user assignment |
|
1882
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
1883
|
|
|
/* END: Use Case */ |
|
1884
|
|
|
|
|
1885
|
|
|
// Members + Partners + Anonymous + Example User |
|
1886
|
|
|
$this->assertCount(4, $roleAssignments); |
|
1887
|
|
|
|
|
1888
|
|
|
// Get the role limitation |
|
1889
|
|
|
$roleLimitation = null; |
|
1890
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
1891
|
|
|
$roleLimitation = $roleAssignment->getRoleLimitation(); |
|
|
|
|
|
|
1892
|
|
|
if ($roleLimitation) { |
|
1893
|
|
|
$this->assertInstanceOf( |
|
1894
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserRoleAssignment', |
|
1895
|
|
|
$roleAssignment |
|
1896
|
|
|
); |
|
1897
|
|
|
break; |
|
1898
|
|
|
} |
|
1899
|
|
|
} |
|
1900
|
|
|
|
|
1901
|
|
|
$this->assertEquals( |
|
1902
|
|
|
new SubtreeLimitation( |
|
1903
|
|
|
[ |
|
1904
|
|
|
'limitationValues' => ['/1/43/'], |
|
1905
|
|
|
] |
|
1906
|
|
|
), |
|
1907
|
|
|
$roleLimitation |
|
1908
|
|
|
); |
|
1909
|
|
|
|
|
1910
|
|
|
// Test again to see values being merged |
|
1911
|
|
|
$roleService->assignRoleToUser( |
|
1912
|
|
|
$role, |
|
1913
|
|
|
$user, |
|
1914
|
|
|
new SubtreeLimitation( |
|
1915
|
|
|
[ |
|
1916
|
|
|
'limitationValues' => ['/1/43/', '/1/2/'], |
|
1917
|
|
|
] |
|
1918
|
|
|
) |
|
1919
|
|
|
); |
|
1920
|
|
|
|
|
1921
|
|
|
// The assignments array will contain the new role<->user assignment |
|
1922
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
1923
|
|
|
|
|
1924
|
|
|
// Members + Partners + Anonymous + Example User |
|
1925
|
|
|
$this->assertCount(5, $roleAssignments); |
|
1926
|
|
|
|
|
1927
|
|
|
// Get the role limitation |
|
1928
|
|
|
$roleLimitations = []; |
|
1929
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
1930
|
|
|
$roleLimitation = $roleAssignment->getRoleLimitation(); |
|
|
|
|
|
|
1931
|
|
|
if ($roleLimitation) { |
|
1932
|
|
|
$this->assertInstanceOf( |
|
1933
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserRoleAssignment', |
|
1934
|
|
|
$roleAssignment |
|
1935
|
|
|
); |
|
1936
|
|
|
$roleLimitations[] = $roleLimitation; |
|
1937
|
|
|
} |
|
1938
|
|
|
} |
|
1939
|
|
|
array_multisort($roleLimitations); |
|
1940
|
|
|
|
|
1941
|
|
|
$this->assertEquals( |
|
1942
|
|
|
[ |
|
1943
|
|
|
new SubtreeLimitation( |
|
1944
|
|
|
[ |
|
1945
|
|
|
'limitationValues' => ['/1/2/'], |
|
1946
|
|
|
] |
|
1947
|
|
|
), |
|
1948
|
|
|
new SubtreeLimitation( |
|
1949
|
|
|
[ |
|
1950
|
|
|
'limitationValues' => ['/1/43/'], |
|
1951
|
|
|
] |
|
1952
|
|
|
), |
|
1953
|
|
|
], |
|
1954
|
|
|
$roleLimitations |
|
1955
|
|
|
); |
|
1956
|
|
|
} |
|
1957
|
|
|
|
|
1958
|
|
|
/** |
|
1959
|
|
|
* Test for the assignRoleToUser() method. |
|
1960
|
|
|
* |
|
1961
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUser($role, $user, $roleLimitation) |
|
1962
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
1963
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
1964
|
|
|
*/ |
|
1965
|
|
|
public function testAssignRoleToUserWithRoleLimitationThrowsLimitationValidationException() |
|
1966
|
|
|
{ |
|
1967
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\LimitationValidationException::class); |
|
1968
|
|
|
|
|
1969
|
|
|
$repository = $this->getRepository(); |
|
1970
|
|
|
|
|
1971
|
|
|
/* BEGIN: Use Case */ |
|
1972
|
|
|
$roleService = $repository->getRoleService(); |
|
1973
|
|
|
|
|
1974
|
|
|
// Load the existing "Anonymous" role |
|
1975
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
1976
|
|
|
|
|
1977
|
|
|
// Get current user |
|
1978
|
|
|
$permissionResolver = $this->getRepository()->getPermissionResolver(); |
|
1979
|
|
|
$userService = $repository->getUserService(); |
|
1980
|
|
|
$currentUser = $userService->loadUser($permissionResolver->getCurrentUserReference()->getUserId()); |
|
1981
|
|
|
|
|
1982
|
|
|
// Assign the "Anonymous" role to the current user |
|
1983
|
|
|
// This call will fail with an LimitationValidationException, because subtree "/lorem/ipsum/42/" |
|
1984
|
|
|
// does not exists |
|
1985
|
|
|
$roleService->assignRoleToUser( |
|
1986
|
|
|
$role, |
|
1987
|
|
|
$currentUser, |
|
1988
|
|
|
new SubtreeLimitation( |
|
1989
|
|
|
[ |
|
1990
|
|
|
'limitationValues' => ['/lorem/ipsum/42/'], |
|
1991
|
|
|
] |
|
1992
|
|
|
) |
|
1993
|
|
|
); |
|
1994
|
|
|
/* END: Use Case */ |
|
1995
|
|
|
} |
|
1996
|
|
|
|
|
1997
|
|
|
/** |
|
1998
|
|
|
* Test for the assignRoleToUser() method. |
|
1999
|
|
|
* |
|
2000
|
|
|
* Makes sure assigning role several times throws. |
|
2001
|
|
|
* |
|
2002
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUser($role, $user, $roleLimitation) |
|
2003
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2004
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
2005
|
|
|
*/ |
|
2006
|
|
|
public function testAssignRoleToUserThrowsInvalidArgumentException() |
|
2007
|
|
|
{ |
|
2008
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
2009
|
|
|
|
|
2010
|
|
|
$repository = $this->getRepository(); |
|
2011
|
|
|
|
|
2012
|
|
|
/* BEGIN: Use Case */ |
|
2013
|
|
|
$roleService = $repository->getRoleService(); |
|
2014
|
|
|
|
|
2015
|
|
|
// Load the existing "Anonymous" role |
|
2016
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2017
|
|
|
|
|
2018
|
|
|
// Get current user |
|
2019
|
|
|
$permissionResolver = $this->getRepository()->getPermissionResolver(); |
|
2020
|
|
|
$userService = $repository->getUserService(); |
|
2021
|
|
|
$currentUser = $userService->loadUser($permissionResolver->getCurrentUserReference()->getUserId()); |
|
2022
|
|
|
|
|
2023
|
|
|
// Assign the "Anonymous" role to the current user |
|
2024
|
|
|
try { |
|
2025
|
|
|
$roleService->assignRoleToUser( |
|
2026
|
|
|
$role, |
|
2027
|
|
|
$currentUser |
|
2028
|
|
|
); |
|
2029
|
|
|
} catch (Exception $e) { |
|
2030
|
|
|
$this->fail('Got exception at first valid attempt to assign role'); |
|
2031
|
|
|
} |
|
2032
|
|
|
|
|
2033
|
|
|
// Re-Assign the "Anonymous" role to the current user |
|
2034
|
|
|
// This call will fail with an InvalidArgumentException, because limitation is already assigned |
|
2035
|
|
|
$roleService->assignRoleToUser( |
|
2036
|
|
|
$role, |
|
2037
|
|
|
$currentUser |
|
2038
|
|
|
); |
|
2039
|
|
|
/* END: Use Case */ |
|
2040
|
|
|
} |
|
2041
|
|
|
|
|
2042
|
|
|
/** |
|
2043
|
|
|
* Test for the assignRoleToUser() method. |
|
2044
|
|
|
* |
|
2045
|
|
|
* Makes sure assigning role several times with same limitations throws. |
|
2046
|
|
|
* |
|
2047
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUser($role, $user, $roleLimitation) |
|
2048
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2049
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
2050
|
|
|
*/ |
|
2051
|
|
|
public function testAssignRoleToUserWithRoleLimitationThrowsInvalidArgumentException() |
|
2052
|
|
|
{ |
|
2053
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
2054
|
|
|
|
|
2055
|
|
|
$repository = $this->getRepository(); |
|
2056
|
|
|
|
|
2057
|
|
|
/* BEGIN: Use Case */ |
|
2058
|
|
|
$roleService = $repository->getRoleService(); |
|
2059
|
|
|
|
|
2060
|
|
|
// Load the existing "Anonymous" role |
|
2061
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2062
|
|
|
|
|
2063
|
|
|
// Get current user |
|
2064
|
|
|
$permissionResolver = $this->getRepository()->getPermissionResolver(); |
|
2065
|
|
|
$userService = $repository->getUserService(); |
|
2066
|
|
|
$currentUser = $userService->loadUser($permissionResolver->getCurrentUserReference()->getUserId()); |
|
2067
|
|
|
|
|
2068
|
|
|
// Assign the "Anonymous" role to the current user |
|
2069
|
|
|
try { |
|
2070
|
|
|
$roleService->assignRoleToUser( |
|
2071
|
|
|
$role, |
|
2072
|
|
|
$currentUser, |
|
2073
|
|
|
new SubtreeLimitation( |
|
2074
|
|
|
[ |
|
2075
|
|
|
'limitationValues' => ['/1/43/', '/1/2/'], |
|
2076
|
|
|
] |
|
2077
|
|
|
) |
|
2078
|
|
|
); |
|
2079
|
|
|
} catch (Exception $e) { |
|
2080
|
|
|
$this->fail('Got exception at first valid attempt to assign role'); |
|
2081
|
|
|
} |
|
2082
|
|
|
|
|
2083
|
|
|
// Re-Assign the "Anonymous" role to the current user |
|
2084
|
|
|
// This call will fail with an InvalidArgumentException, because limitation is already assigned |
|
2085
|
|
|
$roleService->assignRoleToUser( |
|
2086
|
|
|
$role, |
|
2087
|
|
|
$currentUser, |
|
2088
|
|
|
new SubtreeLimitation( |
|
2089
|
|
|
[ |
|
2090
|
|
|
'limitationValues' => ['/1/43/'], |
|
2091
|
|
|
] |
|
2092
|
|
|
) |
|
2093
|
|
|
); |
|
2094
|
|
|
/* END: Use Case */ |
|
2095
|
|
|
} |
|
2096
|
|
|
|
|
2097
|
|
|
/** |
|
2098
|
|
|
* Test for the removeRoleAssignment() method. |
|
2099
|
|
|
* |
|
2100
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::removeRoleAssignment() |
|
2101
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2102
|
|
|
*/ |
|
2103
|
|
View Code Duplication |
public function testRemoveRoleAssignment() |
|
2104
|
|
|
{ |
|
2105
|
|
|
$repository = $this->getRepository(); |
|
2106
|
|
|
$roleService = $repository->getRoleService(); |
|
2107
|
|
|
|
|
2108
|
|
|
/* BEGIN: Use Case */ |
|
2109
|
|
|
$user = $this->createUserVersion1(); |
|
2110
|
|
|
|
|
2111
|
|
|
// Load the existing "Member" role |
|
2112
|
|
|
$role = $roleService->loadRoleByIdentifier('Member'); |
|
2113
|
|
|
|
|
2114
|
|
|
// Assign the "Member" role to the newly created user |
|
2115
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
2116
|
|
|
|
|
2117
|
|
|
// Unassign user from role |
|
2118
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUser($user); |
|
2119
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
2120
|
|
|
if ($roleAssignment->role->id === $role->id) { |
|
2121
|
|
|
$roleService->removeRoleAssignment($roleAssignment); |
|
2122
|
|
|
} |
|
2123
|
|
|
} |
|
2124
|
|
|
// The assignments array will not contain the new role<->user assignment |
|
2125
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
2126
|
|
|
/* END: Use Case */ |
|
2127
|
|
|
|
|
2128
|
|
|
// Members + Editors + Partners |
|
2129
|
|
|
$this->assertCount(3, $roleAssignments); |
|
2130
|
|
|
} |
|
2131
|
|
|
|
|
2132
|
|
|
/** |
|
2133
|
|
|
* Test for the getRoleAssignmentsForUser() method. |
|
2134
|
|
|
* |
|
2135
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser() |
|
2136
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2137
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleWithAddPolicy |
|
2138
|
|
|
*/ |
|
2139
|
|
|
public function testGetRoleAssignmentsForUserDirect() |
|
2140
|
|
|
{ |
|
2141
|
|
|
$repository = $this->getRepository(); |
|
2142
|
|
|
$roleService = $repository->getRoleService(); |
|
2143
|
|
|
|
|
2144
|
|
|
/* BEGIN: Use Case */ |
|
2145
|
|
|
$user = $this->createUserVersion1(); |
|
2146
|
|
|
|
|
2147
|
|
|
// Instantiate a role create and add some policies |
|
2148
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Example Role'); |
|
2149
|
|
|
|
|
2150
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
2151
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
2152
|
|
|
|
|
2153
|
|
|
$roleCreate->addPolicy( |
|
2154
|
|
|
$roleService->newPolicyCreateStruct('user', 'login') |
|
2155
|
|
|
); |
|
2156
|
|
|
$roleCreate->addPolicy( |
|
2157
|
|
|
$roleService->newPolicyCreateStruct('content', 'read') |
|
2158
|
|
|
); |
|
2159
|
|
|
$roleCreate->addPolicy( |
|
2160
|
|
|
$roleService->newPolicyCreateStruct('content', 'edit') |
|
2161
|
|
|
); |
|
2162
|
|
|
|
|
2163
|
|
|
// Create the new role instance |
|
2164
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
2165
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
2166
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
2167
|
|
|
|
|
2168
|
|
|
// Check inital empty assigments (also warms up potential cache to validate it is correct below) |
|
2169
|
|
|
$this->assertCount(0, $roleService->getRoleAssignmentsForUser($user)); |
|
2170
|
|
|
$this->assertCount(0, $roleService->getRoleAssignments($role)); |
|
2171
|
|
|
|
|
2172
|
|
|
// Assign role to new user |
|
2173
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
2174
|
|
|
|
|
2175
|
|
|
// Load the currently assigned role |
|
2176
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUser($user); |
|
2177
|
|
|
/* END: Use Case */ |
|
2178
|
|
|
|
|
2179
|
|
|
$this->assertCount(1, $roleAssignments); |
|
2180
|
|
|
$this->assertInstanceOf( |
|
2181
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserRoleAssignment', |
|
2182
|
|
|
reset($roleAssignments) |
|
2183
|
|
|
); |
|
2184
|
|
|
$this->assertCount(1, $roleService->getRoleAssignments($role)); |
|
2185
|
|
|
} |
|
2186
|
|
|
|
|
2187
|
|
|
/** |
|
2188
|
|
|
* Test for the getRoleAssignmentsForUser() method. |
|
2189
|
|
|
* |
|
2190
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser() |
|
2191
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2192
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleWithAddPolicy |
|
2193
|
|
|
*/ |
|
2194
|
|
View Code Duplication |
public function testGetRoleAssignmentsForUserEmpty() |
|
2195
|
|
|
{ |
|
2196
|
|
|
$repository = $this->getRepository(); |
|
2197
|
|
|
$roleService = $repository->getRoleService(); |
|
2198
|
|
|
|
|
2199
|
|
|
/* BEGIN: Use Case */ |
|
2200
|
|
|
$permissionResolver = $this->getRepository()->getPermissionResolver(); |
|
2201
|
|
|
$userService = $repository->getUserService(); |
|
2202
|
|
|
$adminUser = $userService->loadUser($permissionResolver->getCurrentUserReference()->getUserId()); |
|
2203
|
|
|
|
|
2204
|
|
|
// Load the currently assigned role |
|
2205
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUser($adminUser); |
|
2206
|
|
|
/* END: Use Case */ |
|
2207
|
|
|
|
|
2208
|
|
|
$this->assertCount(0, $roleAssignments); |
|
2209
|
|
|
} |
|
2210
|
|
|
|
|
2211
|
|
|
/** |
|
2212
|
|
|
* Test for the getRoleAssignmentsForUser() method. |
|
2213
|
|
|
* |
|
2214
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser() |
|
2215
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2216
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleWithAddPolicy |
|
2217
|
|
|
*/ |
|
2218
|
|
|
public function testGetRoleAssignmentsForUserInherited() |
|
2219
|
|
|
{ |
|
2220
|
|
|
$repository = $this->getRepository(); |
|
2221
|
|
|
$roleService = $repository->getRoleService(); |
|
2222
|
|
|
|
|
2223
|
|
|
/* BEGIN: Use Case */ |
|
2224
|
|
|
$permissionResolver = $this->getRepository()->getPermissionResolver(); |
|
2225
|
|
|
$userService = $repository->getUserService(); |
|
2226
|
|
|
$adminUser = $userService->loadUser($permissionResolver->getCurrentUserReference()->getUserId()); |
|
2227
|
|
|
|
|
2228
|
|
|
// Load the currently assigned role + inherited role assignments |
|
2229
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUser($adminUser, true); |
|
2230
|
|
|
/* END: Use Case */ |
|
2231
|
|
|
|
|
2232
|
|
|
$this->assertCount(1, $roleAssignments); |
|
2233
|
|
|
$this->assertInstanceOf( |
|
2234
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
2235
|
|
|
reset($roleAssignments) |
|
2236
|
|
|
); |
|
2237
|
|
|
} |
|
2238
|
|
|
|
|
2239
|
|
|
/** |
|
2240
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2241
|
|
|
* |
|
2242
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup() |
|
2243
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testGetRoleAssignments |
|
2244
|
|
|
*/ |
|
2245
|
|
View Code Duplication |
public function testAssignRoleToUserGroup() |
|
2246
|
|
|
{ |
|
2247
|
|
|
$repository = $this->getRepository(); |
|
2248
|
|
|
$roleService = $repository->getRoleService(); |
|
2249
|
|
|
|
|
2250
|
|
|
/* BEGIN: Use Case */ |
|
2251
|
|
|
$userGroup = $this->createUserGroupVersion1(); |
|
2252
|
|
|
|
|
2253
|
|
|
// Load the existing "Administrator" role |
|
2254
|
|
|
$role = $roleService->loadRoleByIdentifier('Administrator'); |
|
2255
|
|
|
|
|
2256
|
|
|
// Assign the "Administrator" role to the newly created user group |
|
2257
|
|
|
$roleService->assignRoleToUserGroup($role, $userGroup); |
|
2258
|
|
|
|
|
2259
|
|
|
// The assignments array will contain the new role<->group assignment |
|
2260
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
2261
|
|
|
/* END: Use Case */ |
|
2262
|
|
|
|
|
2263
|
|
|
// Administrator + Example Group |
|
2264
|
|
|
$this->assertCount(2, $roleAssignments); |
|
2265
|
|
|
} |
|
2266
|
|
|
|
|
2267
|
|
|
/** |
|
2268
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2269
|
|
|
* |
|
2270
|
|
|
* Related issue: EZP-29113 |
|
2271
|
|
|
* |
|
2272
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup() |
|
2273
|
|
|
*/ |
|
2274
|
|
|
public function testAssignRoleToUserGroupAffectsRoleAssignmentsForUser() |
|
2275
|
|
|
{ |
|
2276
|
|
|
$roleService = $this->getRepository()->getRoleService(); |
|
2277
|
|
|
|
|
2278
|
|
|
/* BEGIN: Use Case */ |
|
2279
|
|
|
$userGroup = $this->createUserGroupVersion1(); |
|
2280
|
|
|
$user = $this->createUser('user', 'John', 'Doe', $userGroup); |
|
2281
|
|
|
|
|
2282
|
|
|
$initRoleAssignments = $roleService->getRoleAssignmentsForUser($user, true); |
|
2283
|
|
|
|
|
2284
|
|
|
// Load the existing "Administrator" role |
|
2285
|
|
|
$role = $roleService->loadRoleByIdentifier('Administrator'); |
|
2286
|
|
|
|
|
2287
|
|
|
// Assign the "Administrator" role to the newly created user group |
|
2288
|
|
|
$roleService->assignRoleToUserGroup($role, $userGroup); |
|
2289
|
|
|
|
|
2290
|
|
|
$updatedRoleAssignments = $roleService->getRoleAssignmentsForUser($user, true); |
|
2291
|
|
|
/* END: Use Case */ |
|
2292
|
|
|
|
|
2293
|
|
|
$this->assertEmpty($initRoleAssignments); |
|
2294
|
|
|
$this->assertCount(1, $updatedRoleAssignments); |
|
2295
|
|
|
} |
|
2296
|
|
|
|
|
2297
|
|
|
/** |
|
2298
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2299
|
|
|
* |
|
2300
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup($role, $userGroup, $roleLimitation) |
|
2301
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2302
|
|
|
*/ |
|
2303
|
|
View Code Duplication |
public function testAssignRoleToUserGroupWithRoleLimitation() |
|
2304
|
|
|
{ |
|
2305
|
|
|
$repository = $this->getRepository(); |
|
2306
|
|
|
$roleService = $repository->getRoleService(); |
|
2307
|
|
|
|
|
2308
|
|
|
/* BEGIN: Use Case */ |
|
2309
|
|
|
$userGroup = $this->createUserGroupVersion1(); |
|
2310
|
|
|
|
|
2311
|
|
|
// Load the existing "Anonymous" role |
|
2312
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2313
|
|
|
|
|
2314
|
|
|
// Assign the "Anonymous" role to the newly created user group |
|
2315
|
|
|
$roleService->assignRoleToUserGroup( |
|
2316
|
|
|
$role, |
|
2317
|
|
|
$userGroup, |
|
2318
|
|
|
new SubtreeLimitation( |
|
2319
|
|
|
[ |
|
2320
|
|
|
'limitationValues' => ['/1/43/'], |
|
2321
|
|
|
] |
|
2322
|
|
|
) |
|
2323
|
|
|
); |
|
2324
|
|
|
|
|
2325
|
|
|
// The assignments array will contain the new role<->group assignment |
|
2326
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
2327
|
|
|
/* END: Use Case */ |
|
2328
|
|
|
|
|
2329
|
|
|
// Members + Partners + Anonymous + Example Group |
|
2330
|
|
|
$this->assertCount(4, $roleAssignments); |
|
2331
|
|
|
|
|
2332
|
|
|
// Get the role limitation |
|
2333
|
|
|
$roleLimitation = null; |
|
2334
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
2335
|
|
|
$roleLimitation = $roleAssignment->getRoleLimitation(); |
|
|
|
|
|
|
2336
|
|
|
if ($roleLimitation) { |
|
2337
|
|
|
break; |
|
2338
|
|
|
} |
|
2339
|
|
|
} |
|
2340
|
|
|
|
|
2341
|
|
|
$this->assertEquals( |
|
2342
|
|
|
new SubtreeLimitation( |
|
2343
|
|
|
[ |
|
2344
|
|
|
'limitationValues' => ['/1/43/'], |
|
2345
|
|
|
] |
|
2346
|
|
|
), |
|
2347
|
|
|
$roleLimitation |
|
2348
|
|
|
); |
|
2349
|
|
|
|
|
2350
|
|
|
// Test again to see values being merged |
|
2351
|
|
|
$roleService->assignRoleToUserGroup( |
|
2352
|
|
|
$role, |
|
2353
|
|
|
$userGroup, |
|
2354
|
|
|
new SubtreeLimitation( |
|
2355
|
|
|
[ |
|
2356
|
|
|
'limitationValues' => ['/1/43/', '/1/2/'], |
|
2357
|
|
|
] |
|
2358
|
|
|
) |
|
2359
|
|
|
); |
|
2360
|
|
|
|
|
2361
|
|
|
// The assignments array will contain the new role<->user assignment |
|
2362
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
2363
|
|
|
|
|
2364
|
|
|
// Members + Partners + Anonymous + Example User |
|
2365
|
|
|
$this->assertCount(5, $roleAssignments); |
|
2366
|
|
|
|
|
2367
|
|
|
// Get the role limitation |
|
2368
|
|
|
$roleLimitations = []; |
|
2369
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
2370
|
|
|
$roleLimitation = $roleAssignment->getRoleLimitation(); |
|
|
|
|
|
|
2371
|
|
|
if ($roleLimitation) { |
|
2372
|
|
|
$this->assertInstanceOf( |
|
2373
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
2374
|
|
|
$roleAssignment |
|
2375
|
|
|
); |
|
2376
|
|
|
$roleLimitations[] = $roleLimitation; |
|
2377
|
|
|
} |
|
2378
|
|
|
} |
|
2379
|
|
|
array_multisort($roleLimitations); |
|
2380
|
|
|
|
|
2381
|
|
|
$this->assertEquals( |
|
2382
|
|
|
[ |
|
2383
|
|
|
new SubtreeLimitation( |
|
2384
|
|
|
[ |
|
2385
|
|
|
'limitationValues' => ['/1/2/'], |
|
2386
|
|
|
] |
|
2387
|
|
|
), |
|
2388
|
|
|
new SubtreeLimitation( |
|
2389
|
|
|
[ |
|
2390
|
|
|
'limitationValues' => ['/1/43/'], |
|
2391
|
|
|
] |
|
2392
|
|
|
), |
|
2393
|
|
|
], |
|
2394
|
|
|
$roleLimitations |
|
2395
|
|
|
); |
|
2396
|
|
|
} |
|
2397
|
|
|
|
|
2398
|
|
|
/** |
|
2399
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2400
|
|
|
* |
|
2401
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup($role, $userGroup, $roleLimitation) |
|
2402
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
2403
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2404
|
|
|
*/ |
|
2405
|
|
View Code Duplication |
public function testAssignRoleToUserGroupWithRoleLimitationThrowsLimitationValidationException() |
|
2406
|
|
|
{ |
|
2407
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\LimitationValidationException::class); |
|
2408
|
|
|
|
|
2409
|
|
|
$repository = $this->getRepository(); |
|
2410
|
|
|
|
|
2411
|
|
|
$mainGroupId = $this->generateId('group', 4); |
|
2412
|
|
|
/* BEGIN: Use Case */ |
|
2413
|
|
|
// $mainGroupId is the ID of the main "Users" group |
|
2414
|
|
|
|
|
2415
|
|
|
$userService = $repository->getUserService(); |
|
2416
|
|
|
$roleService = $repository->getRoleService(); |
|
2417
|
|
|
|
|
2418
|
|
|
$userGroup = $userService->loadUserGroup($mainGroupId); |
|
2419
|
|
|
|
|
2420
|
|
|
// Load the existing "Anonymous" role |
|
2421
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2422
|
|
|
|
|
2423
|
|
|
// Assign the "Anonymous" role to the newly created user group |
|
2424
|
|
|
// This call will fail with an LimitationValidationException, because subtree "/lorem/ipsum/42/" |
|
2425
|
|
|
// does not exists |
|
2426
|
|
|
$roleService->assignRoleToUserGroup( |
|
2427
|
|
|
$role, |
|
2428
|
|
|
$userGroup, |
|
2429
|
|
|
new SubtreeLimitation( |
|
2430
|
|
|
[ |
|
2431
|
|
|
'limitationValues' => ['/lorem/ipsum/42/'], |
|
2432
|
|
|
] |
|
2433
|
|
|
) |
|
2434
|
|
|
); |
|
2435
|
|
|
/* END: Use Case */ |
|
2436
|
|
|
} |
|
2437
|
|
|
|
|
2438
|
|
|
/** |
|
2439
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2440
|
|
|
* |
|
2441
|
|
|
* Makes sure assigning role several times throws. |
|
2442
|
|
|
* |
|
2443
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup($role, $userGroup, $roleLimitation) |
|
2444
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
2445
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2446
|
|
|
*/ |
|
2447
|
|
|
public function testAssignRoleToUserGroupThrowsInvalidArgumentException() |
|
2448
|
|
|
{ |
|
2449
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
2450
|
|
|
|
|
2451
|
|
|
$repository = $this->getRepository(); |
|
2452
|
|
|
|
|
2453
|
|
|
$mainGroupId = $this->generateId('group', 4); |
|
2454
|
|
|
/* BEGIN: Use Case */ |
|
2455
|
|
|
// $mainGroupId is the ID of the main "Users" group |
|
2456
|
|
|
|
|
2457
|
|
|
$userService = $repository->getUserService(); |
|
2458
|
|
|
$roleService = $repository->getRoleService(); |
|
2459
|
|
|
|
|
2460
|
|
|
$userGroup = $userService->loadUserGroup($mainGroupId); |
|
2461
|
|
|
|
|
2462
|
|
|
// Load the existing "Anonymous" role |
|
2463
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2464
|
|
|
|
|
2465
|
|
|
// Assign the "Anonymous" role to the newly created user group |
|
2466
|
|
|
try { |
|
2467
|
|
|
$roleService->assignRoleToUserGroup( |
|
2468
|
|
|
$role, |
|
2469
|
|
|
$userGroup |
|
2470
|
|
|
); |
|
2471
|
|
|
} catch (Exception $e) { |
|
2472
|
|
|
$this->fail('Got exception at first valid attempt to assign role'); |
|
2473
|
|
|
} |
|
2474
|
|
|
|
|
2475
|
|
|
// Re-Assign the "Anonymous" role to the newly created user group |
|
2476
|
|
|
// This call will fail with an InvalidArgumentException, because role is already assigned |
|
2477
|
|
|
$roleService->assignRoleToUserGroup( |
|
2478
|
|
|
$role, |
|
2479
|
|
|
$userGroup |
|
2480
|
|
|
); |
|
2481
|
|
|
/* END: Use Case */ |
|
2482
|
|
|
} |
|
2483
|
|
|
|
|
2484
|
|
|
/** |
|
2485
|
|
|
* Test for the assignRoleToUserGroup() method. |
|
2486
|
|
|
* |
|
2487
|
|
|
* Makes sure assigning role several times with same limitations throws. |
|
2488
|
|
|
* |
|
2489
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::assignRoleToUserGroup($role, $userGroup, $roleLimitation) |
|
2490
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRoleByIdentifier |
|
2491
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2492
|
|
|
*/ |
|
2493
|
|
|
public function testAssignRoleToUserGroupWithRoleLimitationThrowsInvalidArgumentException() |
|
2494
|
|
|
{ |
|
2495
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\InvalidArgumentException::class); |
|
2496
|
|
|
|
|
2497
|
|
|
$repository = $this->getRepository(); |
|
2498
|
|
|
|
|
2499
|
|
|
$mainGroupId = $this->generateId('group', 4); |
|
2500
|
|
|
/* BEGIN: Use Case */ |
|
2501
|
|
|
// $mainGroupId is the ID of the main "Users" group |
|
2502
|
|
|
|
|
2503
|
|
|
$userService = $repository->getUserService(); |
|
2504
|
|
|
$roleService = $repository->getRoleService(); |
|
2505
|
|
|
|
|
2506
|
|
|
$userGroup = $userService->loadUserGroup($mainGroupId); |
|
2507
|
|
|
|
|
2508
|
|
|
// Load the existing "Anonymous" role |
|
2509
|
|
|
$role = $roleService->loadRoleByIdentifier('Anonymous'); |
|
2510
|
|
|
|
|
2511
|
|
|
// Assign the "Anonymous" role to the newly created user group |
|
2512
|
|
|
try { |
|
2513
|
|
|
$roleService->assignRoleToUserGroup( |
|
2514
|
|
|
$role, |
|
2515
|
|
|
$userGroup, |
|
2516
|
|
|
new SubtreeLimitation( |
|
2517
|
|
|
[ |
|
2518
|
|
|
'limitationValues' => ['/1/43/', '/1/2/'], |
|
2519
|
|
|
] |
|
2520
|
|
|
) |
|
2521
|
|
|
); |
|
2522
|
|
|
} catch (Exception $e) { |
|
2523
|
|
|
$this->fail('Got exception at first valid attempt to assign role'); |
|
2524
|
|
|
} |
|
2525
|
|
|
|
|
2526
|
|
|
// Re-Assign the "Anonymous" role to the newly created user group |
|
2527
|
|
|
// This call will fail with an InvalidArgumentException, because limitation is already assigned |
|
2528
|
|
|
$roleService->assignRoleToUserGroup( |
|
2529
|
|
|
$role, |
|
2530
|
|
|
$userGroup, |
|
2531
|
|
|
new SubtreeLimitation( |
|
2532
|
|
|
[ |
|
2533
|
|
|
'limitationValues' => ['/1/43/'], |
|
2534
|
|
|
] |
|
2535
|
|
|
) |
|
2536
|
|
|
); |
|
2537
|
|
|
/* END: Use Case */ |
|
2538
|
|
|
} |
|
2539
|
|
|
|
|
2540
|
|
|
/** |
|
2541
|
|
|
* Test for the removeRoleAssignment() method. |
|
2542
|
|
|
* |
|
2543
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::removeRoleAssignment() |
|
2544
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2545
|
|
|
*/ |
|
2546
|
|
View Code Duplication |
public function testRemoveRoleAssignmentFromUserGroup() |
|
2547
|
|
|
{ |
|
2548
|
|
|
$repository = $this->getRepository(); |
|
2549
|
|
|
$roleService = $repository->getRoleService(); |
|
2550
|
|
|
|
|
2551
|
|
|
/* BEGIN: Use Case */ |
|
2552
|
|
|
$userGroup = $this->createUserGroupVersion1(); |
|
2553
|
|
|
|
|
2554
|
|
|
// Load the existing "Member" role |
|
2555
|
|
|
$role = $roleService->loadRoleByIdentifier('Member'); |
|
2556
|
|
|
|
|
2557
|
|
|
// Assign the "Member" role to the newly created user group |
|
2558
|
|
|
$roleService->assignRoleToUserGroup($role, $userGroup); |
|
2559
|
|
|
|
|
2560
|
|
|
// Unassign group from role |
|
2561
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUserGroup($userGroup); |
|
2562
|
|
|
|
|
2563
|
|
|
// This call will fail with an "UnauthorizedException" |
|
2564
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
2565
|
|
|
if ($roleAssignment->role->id === $role->id) { |
|
2566
|
|
|
$roleService->removeRoleAssignment($roleAssignment); |
|
2567
|
|
|
} |
|
2568
|
|
|
} |
|
2569
|
|
|
// The assignments array will not contain the new role<->group assignment |
|
2570
|
|
|
$roleAssignments = $roleService->getRoleAssignments($role); |
|
2571
|
|
|
/* END: Use Case */ |
|
2572
|
|
|
|
|
2573
|
|
|
// Members + Editors + Partners |
|
2574
|
|
|
$this->assertCount(3, $roleAssignments); |
|
2575
|
|
|
} |
|
2576
|
|
|
|
|
2577
|
|
|
/** |
|
2578
|
|
|
* Test unassigning role by assignment. |
|
2579
|
|
|
* |
|
2580
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::removeRoleAssignment |
|
2581
|
|
|
*/ |
|
2582
|
|
|
public function testUnassignRoleByAssignment() |
|
2583
|
|
|
{ |
|
2584
|
|
|
$repository = $this->getRepository(); |
|
2585
|
|
|
$roleService = $repository->getRoleService(); |
|
2586
|
|
|
|
|
2587
|
|
|
$role = $roleService->loadRole(2); |
|
2588
|
|
|
$user = $repository->getUserService()->loadUser(14); |
|
2589
|
|
|
|
|
2590
|
|
|
$originalAssignmentCount = count($roleService->getRoleAssignmentsForUser($user)); |
|
2591
|
|
|
|
|
2592
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
2593
|
|
|
$newAssignmentCount = count($roleService->getRoleAssignmentsForUser($user)); |
|
2594
|
|
|
self::assertEquals($originalAssignmentCount + 1, $newAssignmentCount); |
|
2595
|
|
|
|
|
2596
|
|
|
$assignments = $roleService->getRoleAssignmentsForUser($user); |
|
2597
|
|
|
$roleService->removeRoleAssignment($assignments[0]); |
|
2598
|
|
|
$finalAssignmentCount = count($roleService->getRoleAssignmentsForUser($user)); |
|
2599
|
|
|
self::assertEquals($newAssignmentCount - 1, $finalAssignmentCount); |
|
2600
|
|
|
} |
|
2601
|
|
|
|
|
2602
|
|
|
/** |
|
2603
|
|
|
* Test unassigning role by assignment. |
|
2604
|
|
|
* |
|
2605
|
|
|
* But on current admin user so he lacks access to read roles. |
|
2606
|
|
|
* |
|
2607
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::removeRoleAssignment |
|
2608
|
|
|
*/ |
|
2609
|
|
View Code Duplication |
public function testUnassignRoleByAssignmentThrowsUnauthorizedException() |
|
2610
|
|
|
{ |
|
2611
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class); |
|
2612
|
|
|
|
|
2613
|
|
|
$repository = $this->getRepository(); |
|
2614
|
|
|
$roleService = $repository->getRoleService(); |
|
2615
|
|
|
|
|
2616
|
|
|
try { |
|
2617
|
|
|
$adminUserGroup = $repository->getUserService()->loadUserGroup(12); |
|
2618
|
|
|
$assignments = $roleService->getRoleAssignmentsForUserGroup($adminUserGroup); |
|
2619
|
|
|
$roleService->removeRoleAssignment($assignments[0]); |
|
2620
|
|
|
} catch (Exception $e) { |
|
2621
|
|
|
self::fail( |
|
2622
|
|
|
'Unexpected exception: ' . $e->getMessage() . " \n[" . $e->getFile() . ' (' . $e->getLine() . ')]' |
|
2623
|
|
|
); |
|
2624
|
|
|
} |
|
2625
|
|
|
|
|
2626
|
|
|
$roleService->removeRoleAssignment($assignments[0]); |
|
|
|
|
|
|
2627
|
|
|
} |
|
2628
|
|
|
|
|
2629
|
|
|
/** |
|
2630
|
|
|
* Test unassigning role by non-existing assignment. |
|
2631
|
|
|
* |
|
2632
|
|
|
* @covers \eZ\Publish\API\Repository\RoleService::removeRoleAssignment |
|
2633
|
|
|
*/ |
|
2634
|
|
View Code Duplication |
public function testUnassignRoleByAssignmentThrowsNotFoundException() |
|
2635
|
|
|
{ |
|
2636
|
|
|
$this->expectException(\eZ\Publish\API\Repository\Exceptions\NotFoundException::class); |
|
2637
|
|
|
|
|
2638
|
|
|
$repository = $this->getRepository(); |
|
2639
|
|
|
$roleService = $repository->getRoleService(); |
|
2640
|
|
|
|
|
2641
|
|
|
try { |
|
2642
|
|
|
$editorsUserGroup = $repository->getUserService()->loadUserGroup(13); |
|
2643
|
|
|
$assignments = $roleService->getRoleAssignmentsForUserGroup($editorsUserGroup); |
|
2644
|
|
|
$roleService->removeRoleAssignment($assignments[0]); |
|
2645
|
|
|
} catch (Exception $e) { |
|
2646
|
|
|
self::fail( |
|
2647
|
|
|
'Unexpected exception: ' . $e->getMessage() . " \n[" . $e->getFile() . ' (' . $e->getLine() . ')]' |
|
2648
|
|
|
); |
|
2649
|
|
|
} |
|
2650
|
|
|
|
|
2651
|
|
|
$roleService->removeRoleAssignment($assignments[0]); |
|
|
|
|
|
|
2652
|
|
|
} |
|
2653
|
|
|
|
|
2654
|
|
|
/** |
|
2655
|
|
|
* Test for the getRoleAssignmentsForUserGroup() method. |
|
2656
|
|
|
* |
|
2657
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUserGroup() |
|
2658
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2659
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleWithAddPolicy |
|
2660
|
|
|
*/ |
|
2661
|
|
|
public function testGetRoleAssignmentsForUserGroup() |
|
2662
|
|
|
{ |
|
2663
|
|
|
$repository = $this->getRepository(); |
|
2664
|
|
|
$roleService = $repository->getRoleService(); |
|
2665
|
|
|
|
|
2666
|
|
|
/* BEGIN: Use Case */ |
|
2667
|
|
|
$userGroup = $this->createUserGroupVersion1(); |
|
2668
|
|
|
|
|
2669
|
|
|
// Instantiate a role create and add some policies |
|
2670
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('Example Role'); |
|
2671
|
|
|
|
|
2672
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
2673
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
2674
|
|
|
|
|
2675
|
|
|
$roleCreate->addPolicy( |
|
2676
|
|
|
$roleService->newPolicyCreateStruct('user', 'login') |
|
2677
|
|
|
); |
|
2678
|
|
|
$roleCreate->addPolicy( |
|
2679
|
|
|
$roleService->newPolicyCreateStruct('content', 'read') |
|
2680
|
|
|
); |
|
2681
|
|
|
$roleCreate->addPolicy( |
|
2682
|
|
|
$roleService->newPolicyCreateStruct('content', 'edit') |
|
2683
|
|
|
); |
|
2684
|
|
|
|
|
2685
|
|
|
// Create the new role instance |
|
2686
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
2687
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
2688
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
2689
|
|
|
|
|
2690
|
|
|
// Assign role to new user group |
|
2691
|
|
|
$roleService->assignRoleToUserGroup($role, $userGroup); |
|
2692
|
|
|
|
|
2693
|
|
|
// Load the currently assigned role |
|
2694
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUserGroup($userGroup); |
|
2695
|
|
|
/* END: Use Case */ |
|
2696
|
|
|
|
|
2697
|
|
|
$this->assertCount(1, $roleAssignments); |
|
2698
|
|
|
$this->assertInstanceOf( |
|
2699
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\UserGroupRoleAssignment', |
|
2700
|
|
|
reset($roleAssignments) |
|
2701
|
|
|
); |
|
2702
|
|
|
} |
|
2703
|
|
|
|
|
2704
|
|
|
/** |
|
2705
|
|
|
* Test for the getRoleAssignmentsForUser() method. |
|
2706
|
|
|
* |
|
2707
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser() |
|
2708
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUser |
|
2709
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAssignRoleToUserGroup |
|
2710
|
|
|
*/ |
|
2711
|
|
|
public function testLoadPoliciesByUserId() |
|
2712
|
|
|
{ |
|
2713
|
|
|
$repository = $this->getRepository(); |
|
2714
|
|
|
|
|
2715
|
|
|
$anonUserId = $this->generateId('user', 10); |
|
2716
|
|
|
/* BEGIN: Use Case */ |
|
2717
|
|
|
// $anonUserId is the ID of the "Anonymous" user. |
|
2718
|
|
|
|
|
2719
|
|
|
$userService = $repository->getUserService(); |
|
2720
|
|
|
$roleService = $repository->getRoleService(); |
|
2721
|
|
|
|
|
2722
|
|
|
// Load "Anonymous" user |
|
2723
|
|
|
$user = $userService->loadUser($anonUserId); |
|
2724
|
|
|
|
|
2725
|
|
|
// Instantiate a role create and add some policies |
|
2726
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('User Role'); |
|
2727
|
|
|
|
|
2728
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
2729
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
2730
|
|
|
|
|
2731
|
|
|
$roleCreate->addPolicy( |
|
2732
|
|
|
$roleService->newPolicyCreateStruct('notification', 'use') |
|
2733
|
|
|
); |
|
2734
|
|
|
$roleCreate->addPolicy( |
|
2735
|
|
|
$roleService->newPolicyCreateStruct('user', 'password') |
|
2736
|
|
|
); |
|
2737
|
|
|
$roleCreate->addPolicy( |
|
2738
|
|
|
$roleService->newPolicyCreateStruct('user', 'selfedit') |
|
2739
|
|
|
); |
|
2740
|
|
|
|
|
2741
|
|
|
// Create the new role instance |
|
2742
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
2743
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
2744
|
|
|
$role = $roleService->loadRole($roleDraft->id); |
|
2745
|
|
|
|
|
2746
|
|
|
// Assign role to anon user |
|
2747
|
|
|
$roleService->assignRoleToUser($role, $user); |
|
2748
|
|
|
$roleAssignments = $roleService->getRoleAssignmentsForUser($user, true); |
|
2749
|
|
|
|
|
2750
|
|
|
$policies = []; |
|
2751
|
|
|
foreach ($roleAssignments as $roleAssignment) { |
|
2752
|
|
|
$policies[] = $roleAssignment->getRole()->getPolicies(); |
|
2753
|
|
|
} |
|
2754
|
|
|
$policies = array_merge(...$policies); |
|
2755
|
|
|
|
|
2756
|
|
|
$simplePolicyList = []; |
|
2757
|
|
|
foreach ($policies as $simplePolicy) { |
|
2758
|
|
|
$simplePolicyList[] = [$simplePolicy->roleId, $simplePolicy->module, $simplePolicy->function]; |
|
2759
|
|
|
} |
|
2760
|
|
|
/* END: Use Case */ |
|
2761
|
|
|
array_multisort($simplePolicyList); |
|
2762
|
|
|
|
|
2763
|
|
|
$this->assertEquals( |
|
2764
|
|
|
[ |
|
2765
|
|
|
[1, 'content', 'pdf'], |
|
2766
|
|
|
[1, 'content', 'read'], |
|
2767
|
|
|
[1, 'content', 'read'], |
|
2768
|
|
|
[1, 'rss', 'feed'], |
|
2769
|
|
|
[1, 'user', 'login'], |
|
2770
|
|
|
[1, 'user', 'login'], |
|
2771
|
|
|
[1, 'user', 'login'], |
|
2772
|
|
|
[1, 'user', 'login'], |
|
2773
|
|
|
[$role->id, 'notification', 'use'], |
|
2774
|
|
|
[$role->id, 'user', 'password'], |
|
2775
|
|
|
[$role->id, 'user', 'selfedit'], |
|
2776
|
|
|
], |
|
2777
|
|
|
$simplePolicyList |
|
2778
|
|
|
); |
|
2779
|
|
|
} |
|
2780
|
|
|
|
|
2781
|
|
|
/** |
|
2782
|
|
|
* Test for the publishRoleDraft() method. |
|
2783
|
|
|
* |
|
2784
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::publishRoleDraft() |
|
2785
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
2786
|
|
|
*/ |
|
2787
|
|
View Code Duplication |
public function testPublishRoleDraft() |
|
2788
|
|
|
{ |
|
2789
|
|
|
$repository = $this->getRepository(); |
|
2790
|
|
|
|
|
2791
|
|
|
/* BEGIN: Use Case */ |
|
2792
|
|
|
$roleService = $repository->getRoleService(); |
|
2793
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
2794
|
|
|
|
|
2795
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
2796
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
2797
|
|
|
|
|
2798
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
2799
|
|
|
|
|
2800
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
2801
|
|
|
$roleDraft, |
|
2802
|
|
|
$roleService->newPolicyCreateStruct('content', 'delete') |
|
2803
|
|
|
); |
|
2804
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
2805
|
|
|
$roleDraft, |
|
2806
|
|
|
$roleService->newPolicyCreateStruct('content', 'create') |
|
2807
|
|
|
); |
|
2808
|
|
|
|
|
2809
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
2810
|
|
|
/* END: Use Case */ |
|
2811
|
|
|
|
|
2812
|
|
|
$this->assertInstanceOf( |
|
2813
|
|
|
'\\eZ\\Publish\\API\\Repository\\Values\\User\\Role', |
|
2814
|
|
|
$roleService->loadRoleByIdentifier($roleCreate->identifier) |
|
2815
|
|
|
); |
|
2816
|
|
|
} |
|
2817
|
|
|
|
|
2818
|
|
|
/** |
|
2819
|
|
|
* Test for the publishRoleDraft() method. |
|
2820
|
|
|
* |
|
2821
|
|
|
* @see \eZ\Publish\API\Repository\RoleService::publishRoleDraft() |
|
2822
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testCreateRoleDraft |
|
2823
|
|
|
* @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicyByRoleDraft |
|
2824
|
|
|
*/ |
|
2825
|
|
|
public function testPublishRoleDraftAddPolicies() |
|
2826
|
|
|
{ |
|
2827
|
|
|
$repository = $this->getRepository(); |
|
2828
|
|
|
|
|
2829
|
|
|
/* BEGIN: Use Case */ |
|
2830
|
|
|
$roleService = $repository->getRoleService(); |
|
2831
|
|
|
$roleCreate = $roleService->newRoleCreateStruct('newRole'); |
|
2832
|
|
|
|
|
2833
|
|
|
// @todo uncomment when support for multilingual names and descriptions is added EZP-24776 |
|
2834
|
|
|
// $roleCreate->mainLanguageCode = 'eng-US'; |
|
2835
|
|
|
|
|
2836
|
|
|
$roleDraft = $roleService->createRole($roleCreate); |
|
2837
|
|
|
|
|
2838
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
2839
|
|
|
$roleDraft, |
|
2840
|
|
|
$roleService->newPolicyCreateStruct('content', 'delete') |
|
2841
|
|
|
); |
|
2842
|
|
|
$roleDraft = $roleService->addPolicyByRoleDraft( |
|
2843
|
|
|
$roleDraft, |
|
2844
|
|
|
$roleService->newPolicyCreateStruct('content', 'create') |
|
2845
|
|
|
); |
|
2846
|
|
|
|
|
2847
|
|
|
$roleService->publishRoleDraft($roleDraft); |
|
2848
|
|
|
$role = $roleService->loadRoleByIdentifier($roleCreate->identifier); |
|
2849
|
|
|
/* END: Use Case */ |
|
2850
|
|
|
|
|
2851
|
|
|
$actual = []; |
|
2852
|
|
|
foreach ($role->getPolicies() as $policy) { |
|
2853
|
|
|
$actual[] = [ |
|
2854
|
|
|
'module' => $policy->module, |
|
2855
|
|
|
'function' => $policy->function, |
|
2856
|
|
|
]; |
|
2857
|
|
|
} |
|
2858
|
|
|
usort( |
|
2859
|
|
|
$actual, |
|
2860
|
|
|
function ($p1, $p2) { |
|
2861
|
|
|
return strcasecmp($p1['function'], $p2['function']); |
|
2862
|
|
|
} |
|
2863
|
|
|
); |
|
2864
|
|
|
|
|
2865
|
|
|
$this->assertEquals( |
|
2866
|
|
|
[ |
|
2867
|
|
|
[ |
|
2868
|
|
|
'module' => 'content', |
|
2869
|
|
|
'function' => 'create', |
|
2870
|
|
|
], |
|
2871
|
|
|
[ |
|
2872
|
|
|
'module' => 'content', |
|
2873
|
|
|
'function' => 'delete', |
|
2874
|
|
|
], |
|
2875
|
|
|
], |
|
2876
|
|
|
$actual |
|
2877
|
|
|
); |
|
2878
|
|
|
} |
|
2879
|
|
|
|
|
2880
|
|
|
/** |
|
2881
|
|
|
* Create a user group fixture in a variable named <b>$userGroup</b>,. |
|
2882
|
|
|
* |
|
2883
|
|
|
* @return \eZ\Publish\API\Repository\Values\User\UserGroup |
|
2884
|
|
|
*/ |
|
2885
|
|
|
private function createUserGroupVersion1() |
|
2886
|
|
|
{ |
|
2887
|
|
|
$repository = $this->getRepository(); |
|
2888
|
|
|
|
|
2889
|
|
|
$mainGroupId = $this->generateId('group', 4); |
|
2890
|
|
|
/* BEGIN: Inline */ |
|
2891
|
|
|
// $mainGroupId is the ID of the main "Users" group |
|
2892
|
|
|
|
|
2893
|
|
|
$roleService = $repository->getRoleService(); |
|
|
|
|
|
|
2894
|
|
|
$userService = $repository->getUserService(); |
|
2895
|
|
|
|
|
2896
|
|
|
// Load main group |
|
2897
|
|
|
$parentUserGroup = $userService->loadUserGroup($mainGroupId); |
|
2898
|
|
|
|
|
2899
|
|
|
// Instantiate a new create struct |
|
2900
|
|
|
$userGroupCreate = $userService->newUserGroupCreateStruct('eng-US'); |
|
2901
|
|
|
$userGroupCreate->setField('name', 'Example Group'); |
|
2902
|
|
|
|
|
2903
|
|
|
// Create the new user group |
|
2904
|
|
|
$userGroup = $userService->createUserGroup( |
|
2905
|
|
|
$userGroupCreate, |
|
2906
|
|
|
$parentUserGroup |
|
2907
|
|
|
); |
|
2908
|
|
|
/* END: Inline */ |
|
2909
|
|
|
|
|
2910
|
|
|
return $userGroup; |
|
2911
|
|
|
} |
|
2912
|
|
|
} |
|
2913
|
|
|
|
ezsystems /
ezpublish-kernel
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.