Completed
Push — ezp-30616-follow-up ( f1c1e1...2e0607 )
by
unknown
28:17 queued 13:28
created

testLoadSectionByIdentifierThrowsUnauthorizedException()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 26

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
nc 1
nop 0
dl 0
loc 26
rs 9.504
c 0
b 0
f 0
1
<?php
2
3
/**
4
 * File containing the SectionServiceAuthorizationTest class.
5
 *
6
 * @copyright Copyright (C) eZ Systems AS. All rights reserved.
7
 * @license For full copyright and license information view LICENSE file distributed with this source code.
8
 */
9
namespace eZ\Publish\API\Repository\Tests;
10
11
use eZ\Publish\API\Repository\Values\User\Limitation;
12
13
/**
14
 * Test case for operations in the SectionService using in memory storage.
15
 *
16
 * @see eZ\Publish\API\Repository\SectionService
17
 * @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser
18
 * @group integration
19
 * @group authorization
20
 */
21
class SectionServiceAuthorizationTest extends BaseTest
22
{
23
    /**
24
     * Test for the createSection() method.
25
     *
26
     * @see \eZ\Publish\API\Repository\SectionService::createSection()
27
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testCreateSection
28
     */
29 View Code Duplication
    public function testCreateSectionThrowsUnauthorizedException()
30
    {
31
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
32
33
        $repository = $this->getRepository();
34
35
        $anonymousUserId = $this->generateId('user', 10);
36
        /* BEGIN: Use Case */
37
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
38
        // Publish demo installation.
39
        $userService = $repository->getUserService();
40
        $sectionService = $repository->getSectionService();
41
42
        $sectionCreate = $sectionService->newSectionCreateStruct();
43
        $sectionCreate->name = 'Test Section';
44
        $sectionCreate->identifier = 'uniqueKey';
45
46
        // Set anonymous user
47
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
48
49
        // This call will fail with a "UnauthorizedException"
50
        $sectionService->createSection($sectionCreate);
51
        /* END: Use Case */
52
    }
53
54
    /**
55
     * Test for the loadSection() method.
56
     *
57
     * @see \eZ\Publish\API\Repository\SectionService::loadSection()
58
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSection
59
     */
60 View Code Duplication
    public function testLoadSectionThrowsUnauthorizedException()
61
    {
62
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
63
64
        $repository = $this->getRepository();
65
66
        $anonymousUserId = $this->generateId('user', 10);
67
        /* BEGIN: Use Case */
68
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
69
        // Publish demo installation.
70
        $userService = $repository->getUserService();
71
        $sectionService = $repository->getSectionService();
72
73
        $sectionCreate = $sectionService->newSectionCreateStruct();
74
        $sectionCreate->name = 'Test Section';
75
        $sectionCreate->identifier = 'uniqueKey';
76
77
        $sectionId = $sectionService->createSection($sectionCreate)->id;
78
79
        // Set anonymous user
80
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
81
82
        // This call will fail with a "UnauthorizedException"
83
        $sectionService->loadSection($sectionId);
84
        /* END: Use Case */
85
    }
86
87
    /**
88
     * Test for the updateSection() method.
89
     *
90
     * @see \eZ\Publish\API\Repository\SectionService::updateSection()
91
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testUpdateSection
92
     */
93 View Code Duplication
    public function testUpdateSectionThrowsUnauthorizedException()
94
    {
95
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
96
97
        $repository = $this->getRepository();
98
99
        $standardSectionId = $this->generateId('section', 1);
100
        $anonymousUserId = $this->generateId('user', 10);
101
        /* BEGIN: Use Case */
102
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
103
        // Publish demo installation.
104
        // $standardSectionId is the ID of the "Standard" section in a eZ
105
        // Publish demo installation.
106
107
        $userService = $repository->getUserService();
108
        $sectionService = $repository->getSectionService();
109
110
        $section = $sectionService->loadSection($standardSectionId);
111
112
        $sectionUpdate = $sectionService->newSectionUpdateStruct();
113
        $sectionUpdate->name = 'New section name';
114
        $sectionUpdate->identifier = 'newUniqueKey';
115
116
        // Set anonymous user
117
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
118
119
        // This call will fail with a "UnauthorizedException"
120
        $sectionService->updateSection($section, $sectionUpdate);
121
        /* END: Use Case */
122
    }
123
124
    /**
125
     * Test for the loadSections() method.
126
     *
127
     * @see \eZ\Publish\API\Repository\SectionService::loadSections()
128
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections
129
     */
130
    public function testLoadSectionsLoadsEmptyListForAnonymousUser()
131
    {
132
        $repository = $this->getRepository();
133
134
        $anonymousUserId = $this->generateId('user', 10);
135
        /* BEGIN: Use Case */
136
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
137
        // Publish demo installation.
138
        $userService = $repository->getUserService();
139
        $sectionService = $repository->getSectionService();
140
141
        // Create some sections
142
        $sectionCreateOne = $sectionService->newSectionCreateStruct();
143
        $sectionCreateOne->name = 'Test section one';
144
        $sectionCreateOne->identifier = 'uniqueKeyOne';
145
146
        $sectionCreateTwo = $sectionService->newSectionCreateStruct();
147
        $sectionCreateTwo->name = 'Test section two';
148
        $sectionCreateTwo->identifier = 'uniqueKeyTwo';
149
150
        $sectionService->createSection($sectionCreateOne);
151
        $sectionService->createSection($sectionCreateTwo);
152
153
        // Set anonymous user
154
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
155
156
        $sections = $sectionService->loadSections();
157
        /* END: Use Case */
158
159
        $this->assertEquals([], $sections);
160
    }
161
162
    /**
163
     * Test for the loadSections() method.
164
     *
165
     * @see \eZ\Publish\API\Repository\SectionService::loadSections()
166
     * @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections
167
     */
168
    public function testLoadSectionFiltersSections()
169
    {
170
        $repository = $this->getRepository();
171
172
        /* BEGIN: Use Case */
173
        // Publish demo installation.
174
        $sectionService = $repository->getSectionService();
175
        // Create some sections
176
        $sectionCreateOne = $sectionService->newSectionCreateStruct();
177
        $sectionCreateOne->name = 'Test section one';
178
        $sectionCreateOne->identifier = 'uniqueKeyOne';
179
180
        $sectionCreateTwo = $sectionService->newSectionCreateStruct();
181
        $sectionCreateTwo->name = 'Test section two';
182
        $sectionCreateTwo->identifier = 'uniqueKeyTwo';
183
184
        $expectedSection = $sectionService->createSection($sectionCreateOne);
185
        $sectionService->createSection($sectionCreateTwo);
186
187
        // Set user
188
        $this->createRoleWithPolicies('MediaUser', [
189
            ['module' => '*', 'function' => '*'],
190
        ]);
191
        $mediaUser = $this->createCustomUserWithLogin(
192
            'user',
193
            '[email protected]',
194
            'MediaUser',
195
            'MediaUser',
196
            new Limitation\SectionLimitation(['limitationValues' => [$expectedSection->id]])
197
        );
198
199
        $repository->getPermissionResolver()->setCurrentUserReference($mediaUser);
200
201
        $sections = $sectionService->loadSections();
202
        /* END: Use Case */
203
204
        // Only Sections the user has access to should be loaded
205
        $this->assertEquals([$expectedSection], $sections);
206
    }
207
208
    /**
209
     * Test for the loadSectionByIdentifier() method.
210
     *
211
     * @see \eZ\Publish\API\Repository\SectionService::loadSectionByIdentifier()
212
     */
213
    public function testLoadSectionByIdentifierThrowsUnauthorizedException()
214
    {
215
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
216
217
        $repository = $this->getRepository();
218
219
        $anonymousUserId = $this->generateId('user', 10);
220
        /* BEGIN: Use Case */
221
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
222
        // Publish demo installation.
223
        $userService = $repository->getUserService();
224
        $sectionService = $repository->getSectionService();
225
226
        $sectionCreate = $sectionService->newSectionCreateStruct();
227
        $sectionCreate->name = 'Test Section';
228
        $sectionCreate->identifier = 'uniqueKey';
229
230
        $sectionService->createSection($sectionCreate);
231
232
        // Set anonymous user
233
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
234
235
        // This call will fail with a "UnauthorizedException"
236
        $sectionService->loadSectionByIdentifier('uniqueKey');
237
        /* END: Use Case */
238
    }
239
240
    /**
241
     * Test for the assignSection() method.
242
     *
243
     * @see \eZ\Publish\API\Repository\SectionService::assignSection()
244
     */
245
    public function testAssignSectionThrowsUnauthorizedException()
246
    {
247
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
248
249
        $repository = $this->getRepository();
250
251
        $standardSectionId = $this->generateId('section', 1);
252
        $anonymousUserId = $this->generateId('user', 10);
253
        /* BEGIN: Use Case */
254
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
255
        // Publish demo installation.
256
        // $standardSectionId is the ID of the "Standard" section in a eZ
257
        // Publish demo installation.
258
259
        // RemoteId of the "Media" page of an eZ Publish demo installation
260
        $mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262';
261
262
        $userService = $repository->getUserService();
263
        $contentService = $repository->getContentService();
264
        $sectionService = $repository->getSectionService();
265
266
        // Load a content info instance
267
        $contentInfo = $contentService->loadContentInfoByRemoteId(
268
            $mediaRemoteId
269
        );
270
271
        // Load the "Standard" section
272
        $section = $sectionService->loadSection($standardSectionId);
273
274
        // Set anonymous user
275
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
276
277
        // This call will fail with a "UnauthorizedException"
278
        $sectionService->assignSection($contentInfo, $section);
279
        /* END: Use Case */
280
    }
281
282
    /**
283
     * Test for the deleteSection() method.
284
     *
285
     * @see \eZ\Publish\API\Repository\SectionService::deleteSection()
286
     */
287 View Code Duplication
    public function testDeleteSectionThrowsUnauthorizedException()
288
    {
289
        $this->expectException(\eZ\Publish\API\Repository\Exceptions\UnauthorizedException::class);
290
291
        $repository = $this->getRepository();
292
293
        $anonymousUserId = $this->generateId('user', 10);
294
        /* BEGIN: Use Case */
295
        // $anonymousUserId is the ID of the "Anonymous" user in a eZ
296
        // Publish demo installation.
297
        $userService = $repository->getUserService();
298
        $sectionService = $repository->getSectionService();
299
300
        $sectionCreate = $sectionService->newSectionCreateStruct();
301
        $sectionCreate->name = 'Test Section';
302
        $sectionCreate->identifier = 'uniqueKey';
303
304
        $section = $sectionService->createSection($sectionCreate);
305
306
        // Set anonymous user
307
        $repository->setCurrentUser($userService->loadUser($anonymousUserId));
0 ignored issues
show
Deprecated Code introduced by
The method eZ\Publish\API\Repositor...itory::setCurrentUser() has been deprecated with message: since 6.6, to be removed. Use PermissionResolver::setCurrentUserReference() instead. Sets the current user to the given $user.

This method has been deprecated. The supplier of the class has supplied an explanatory message.

The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.

Loading history...
308
309
        // This call will fail with a "UnauthorizedException"
310
        $sectionService->deleteSection($section);
311
        /* END: Use Case */
312
    }
313
}
314