Completed
Push — EZP-30725 ( e37c44...236363 )
by
unknown
48:53 queued 27:48
created

testLoadSectionsThrowsUnauthorizedException()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 30

Duplication

Lines 30
Ratio 100 %

Importance

Changes 0
Metric Value
cc 1
nc 1
nop 0
dl 30
loc 30
rs 9.44
c 0
b 0
f 0
1
<?php
2
3
/**
4
 * File containing the SectionServiceAuthorizationTest class.
5
 *
6
 * @copyright Copyright (C) eZ Systems AS. All rights reserved.
7
 * @license For full copyright and license information view LICENSE file distributed with this source code.
8
 */
9
namespace eZ\Publish\API\Repository\Tests;
10
11
use eZ\Publish\API\Repository\Values\User\Limitation;
12
13
/**
14
 * Test case for operations in the SectionService using in memory storage.
15
 *
16
 * @see eZ\Publish\API\Repository\SectionService
17
 * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser
18
 * @group integration
19
 * @group authorization
20
 */
21
class SectionServiceAuthorizationTest extends BaseTest
22
{
23
    /**
24
     * Test for the createSection() method.
25
     *
26
     * @see \eZ\Publish\API\Repository\SectionService::createSection()
27
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
28
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testCreateSection
29
     */
30
    public function testCreateSectionThrowsUnauthorizedException()
31
    {
32
        $repository = $this->getRepository();
33
34
        $anonymousUserId = $this->generateId('user', 10);
35
        /* BEGIN: Use Case */
36
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
37
        // Publish demo installation.
38
        $userService = $repository->getUserService();
39
        $sectionService = $repository->getSectionService();
40
41
        $sectionCreate = $sectionService->newSectionCreateStruct();
42
        $sectionCreate->name = 'Test Section';
43
        $sectionCreate->identifier = 'uniqueKey';
44
45
        // Set anonymous user
46
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
47
48
        // This call will fail with a "UnauthorizedException"
49
        $sectionService->createSection($sectionCreate);
50
        /* END: Use Case */
51
    }
52
53
    /**
54
     * Test for the loadSection() method.
55
     *
56
     * @see \eZ\Publish\API\Repository\SectionService::loadSection()
57
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
58
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSection
59
     */
60
    public function testLoadSectionThrowsUnauthorizedException()
61
    {
62
        $repository = $this->getRepository();
63
64
        $anonymousUserId = $this->generateId('user', 10);
65
        /* BEGIN: Use Case */
66
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
67
        // Publish demo installation.
68
        $userService = $repository->getUserService();
69
        $sectionService = $repository->getSectionService();
70
71
        $sectionCreate = $sectionService->newSectionCreateStruct();
72
        $sectionCreate->name = 'Test Section';
73
        $sectionCreate->identifier = 'uniqueKey';
74
75
        $sectionId = $sectionService->createSection($sectionCreate)->id;
76
77
        // Set anonymous user
78
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
79
80
        // This call will fail with a "UnauthorizedException"
81
        $sectionService->loadSection($sectionId);
82
        /* END: Use Case */
83
    }
84
85
    /**
86
     * Test for the updateSection() method.
87
     *
88
     * @see \eZ\Publish\API\Repository\SectionService::updateSection()
89
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
90
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testUpdateSection
91
     */
92
    public function testUpdateSectionThrowsUnauthorizedException()
93
    {
94
        $repository = $this->getRepository();
95
96
        $standardSectionId = $this->generateId('section', 1);
97
        $anonymousUserId = $this->generateId('user', 10);
98
        /* BEGIN: Use Case */
99
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
100
        // Publish demo installation.
101
        // $standardSectionId is the ID of the "Standard" section in a eZ
102
        // Publish demo installation.
103
104
        $userService = $repository->getUserService();
105
        $sectionService = $repository->getSectionService();
106
107
        $section = $sectionService->loadSection($standardSectionId);
108
109
        $sectionUpdate = $sectionService->newSectionUpdateStruct();
110
        $sectionUpdate->name = 'New section name';
111
        $sectionUpdate->identifier = 'newUniqueKey';
112
113
        // Set anonymous user
114
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
115
116
        // This call will fail with a "UnauthorizedException"
117
        $sectionService->updateSection($section, $sectionUpdate);
118
        /* END: Use Case */
119
    }
120
121
    /**
122
     * Test for the loadSections() method.
123
     *
124
     * @see \eZ\Publish\API\Repository\SectionService::loadSections()
125
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections
126
     */
127
    public function testLoadSectionsLoadsEmptyListForAnonymousUser()
128
    {
129
        $repository = $this->getRepository();
130
131
        $anonymousUserId = $this->generateId('user', 10);
132
        /* BEGIN: Use Case */
133
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
134
        // Publish demo installation.
135
        $userService = $repository->getUserService();
136
        $sectionService = $repository->getSectionService();
137
138
        // Create some sections
139
        $sectionCreateOne = $sectionService->newSectionCreateStruct();
140
        $sectionCreateOne->name = 'Test section one';
141
        $sectionCreateOne->identifier = 'uniqueKeyOne';
142
143
        $sectionCreateTwo = $sectionService->newSectionCreateStruct();
144
        $sectionCreateTwo->name = 'Test section two';
145
        $sectionCreateTwo->identifier = 'uniqueKeyTwo';
146
147
        $sectionService->createSection($sectionCreateOne);
148
        $sectionService->createSection($sectionCreateTwo);
149
150
        // Set anonymous user
151
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
152
153
        $sections = $sectionService->loadSections();
154
        /* END: Use Case */
155
156
        $this->assertEquals([], $sections);
157
    }
158
159
    /**
160
     * Test for the loadSections() method.
161
     *
162
     * @see \eZ\Publish\API\Repository\SectionService::loadSections()
163
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections
164
     */
165
    public function testLoadSectionFiltersSections()
166
    {
167
        $repository = $this->getRepository();
168
169
        /* BEGIN: Use Case */
170
        // Publish demo installation.
171
        $sectionService = $repository->getSectionService();
172
        // Create some sections
173
        $sectionCreateOne = $sectionService->newSectionCreateStruct();
174
        $sectionCreateOne->name = 'Test section one';
175
        $sectionCreateOne->identifier = 'uniqueKeyOne';
176
177
        $sectionCreateTwo = $sectionService->newSectionCreateStruct();
178
        $sectionCreateTwo->name = 'Test section two';
179
        $sectionCreateTwo->identifier = 'uniqueKeyTwo';
180
181
        $expectedSection = $sectionService->createSection($sectionCreateOne);
182
        $sectionService->createSection($sectionCreateTwo);
183
184
        // Set user
185
        $this->createRoleWithPolicies('MediaUser', [
186
            ['module' => '*', 'function' => '*'],
187
        ]);
188
        $mediaUser = $this->createCustomUserWithLogin(
189
            'user',
190
            '[email protected]',
191
            'MediaUser',
192
            'MediaUser',
193
            new Limitation\SectionLimitation(['limitationValues' => [$expectedSection->id]])
194
        );
195
196
        $repository->getPermissionResolver()->setCurrentUserReference($mediaUser);
197
198
        $sections = $sectionService->loadSections();
199
        /* END: Use Case */
200
201
        // Only Sections the user has access to should be loaded
202
        $this->assertEquals([$expectedSection], $sections);
203
    }
204
205
    /**
206
     * Test for the loadSectionByIdentifier() method.
207
     *
208
     * @see \eZ\Publish\API\Repository\SectionService::loadSectionByIdentifier()
209
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
210
     */
211
    public function testLoadSectionByIdentifierThrowsUnauthorizedException()
212
    {
213
        $repository = $this->getRepository();
214
215
        $anonymousUserId = $this->generateId('user', 10);
216
        /* BEGIN: Use Case */
217
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
218
        // Publish demo installation.
219
        $userService = $repository->getUserService();
220
        $sectionService = $repository->getSectionService();
221
222
        $sectionCreate = $sectionService->newSectionCreateStruct();
223
        $sectionCreate->name = 'Test Section';
224
        $sectionCreate->identifier = 'uniqueKey';
225
226
        $sectionService->createSection($sectionCreate);
227
228
        // Set anonymous user
229
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
230
231
        // This call will fail with a "UnauthorizedException"
232
        $sectionService->loadSectionByIdentifier('uniqueKey');
233
        /* END: Use Case */
234
    }
235
236
    /**
237
     * Test for the assignSection() method.
238
     *
239
     * @see \eZ\Publish\API\Repository\SectionService::assignSection()
240
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
241
     */
242
    public function testAssignSectionThrowsUnauthorizedException()
243
    {
244
        $repository = $this->getRepository();
245
246
        $standardSectionId = $this->generateId('section', 1);
247
        $anonymousUserId = $this->generateId('user', 10);
248
        /* BEGIN: Use Case */
249
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
250
        // Publish demo installation.
251
        // $standardSectionId is the ID of the "Standard" section in a eZ
252
        // Publish demo installation.
253
254
        // RemoteId of the "Media" page of an eZ Publish demo installation
255
        $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262';
256
257
        $userService = $repository->getUserService();
258
        $contentService = $repository->getContentService();
259
        $sectionService = $repository->getSectionService();
260
261
        // Load a content info instance
262
        $contentInfo = $contentService->loadContentInfoByRemoteId(
263
            $mediaRemoteId
264
        );
265
266
        // Load the "Standard" section
267
        $section = $sectionService->loadSection($standardSectionId);
268
269
        // Set anonymous user
270
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
271
272
        // This call will fail with a "UnauthorizedException"
273
        $sectionService->assignSection($contentInfo, $section);
274
        /* END: Use Case */
275
    }
276
277
    /**
278
     * Test for the deleteSection() method.
279
     *
280
     * @see \eZ\Publish\API\Repository\SectionService::deleteSection()
281
     * @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException
282
     */
283
    public function testDeleteSectionThrowsUnauthorizedException()
284
    {
285
        $repository = $this->getRepository();
286
287
        $anonymousUserId = $this->generateId('user', 10);
288
        /* BEGIN: Use Case */
289
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
290
        // Publish demo installation.
291
        $userService = $repository->getUserService();
292
        $sectionService = $repository->getSectionService();
293
294
        $sectionCreate = $sectionService->newSectionCreateStruct();
295
        $sectionCreate->name = 'Test Section';
296
        $sectionCreate->identifier = 'uniqueKey';
297
298
        $section = $sectionService->createSection($sectionCreate);
299
300
        // Set anonymous user
301
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
302
303
        // This call will fail with a "UnauthorizedException"
304
        $sectionService->deleteSection($section);
305
        /* END: Use Case */
306
    }
307
}
308