|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* File containing the TrashServiceAuthorizationTest class. |
|
5
|
|
|
* |
|
6
|
|
|
* @copyright Copyright (C) eZ Systems AS. All rights reserved. |
|
7
|
|
|
* @license For full copyright and license information view LICENSE file distributed with this source code. |
|
8
|
|
|
*/ |
|
9
|
|
|
namespace eZ\Publish\API\Repository\Tests; |
|
10
|
|
|
|
|
11
|
|
|
use eZ\Publish\API\Repository\Exceptions\UnauthorizedException; |
|
12
|
|
|
use eZ\Publish\API\Repository\Values\Content\Location; |
|
13
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation\ObjectStateLimitation; |
|
14
|
|
|
use eZ\Publish\Core\Repository\Repository; |
|
15
|
|
|
use eZ\Publish\Core\Repository\TrashService; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* Test case for operations in the TrashService using in memory storage. |
|
19
|
|
|
* |
|
20
|
|
|
* @see eZ\Publish\API\Repository\TrashService |
|
21
|
|
|
* @group integration |
|
22
|
|
|
* @group authorization |
|
23
|
|
|
*/ |
|
24
|
|
|
class TrashServiceAuthorizationTest extends BaseTrashServiceTest |
|
25
|
|
|
{ |
|
26
|
|
|
/** |
|
27
|
|
|
* Test for the loadTrashItem() method. |
|
28
|
|
|
* |
|
29
|
|
|
* @see \eZ\Publish\API\Repository\TrashService::loadTrashItem() |
|
30
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
31
|
|
|
* @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testLoadTrashItem |
|
32
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
33
|
|
|
*/ |
|
34
|
|
|
public function testLoadTrashItemThrowsUnauthorizedException() |
|
35
|
|
|
{ |
|
36
|
|
|
$repository = $this->getRepository(); |
|
37
|
|
|
$trashService = $repository->getTrashService(); |
|
38
|
|
|
|
|
39
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
40
|
|
|
/* BEGIN: Use Case */ |
|
41
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user |
|
42
|
|
|
$trashItem = $this->createTrashItem(); |
|
43
|
|
|
|
|
44
|
|
|
// Load user service |
|
45
|
|
|
$userService = $repository->getUserService(); |
|
46
|
|
|
|
|
47
|
|
|
// Set "Anonymous" as current user |
|
48
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
49
|
|
|
|
|
50
|
|
|
// This call will fail with an "UnauthorizedException" |
|
51
|
|
|
$trashService->loadTrashItem($trashItem->id); |
|
52
|
|
|
/* END: Use Case */ |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
/** |
|
56
|
|
|
* Test for the trash() method without proper permissions. |
|
57
|
|
|
* |
|
58
|
|
|
* @covers \eZ\Publish\API\Repository\TrashService::trash |
|
59
|
|
|
* |
|
60
|
|
|
* @expectedException \eZ\Publish\Core\Base\Exceptions\UnauthorizedException |
|
61
|
|
|
* @expectedExceptionMessage User does not have access to 'remove' 'content' |
|
62
|
|
|
*/ |
|
63
|
|
|
public function testTrashThrowsUnauthorizedException() |
|
64
|
|
|
{ |
|
65
|
|
|
$repository = $this->getRepository(); |
|
66
|
|
|
$trashService = $repository->getTrashService(); |
|
67
|
|
|
$locationService = $repository->getLocationService(); |
|
68
|
|
|
|
|
69
|
|
|
// Load "Media" page location to be trashed |
|
70
|
|
|
$mediaLocation = $locationService->loadLocationByRemoteId( |
|
71
|
|
|
'75c715a51699d2d309a924eca6a95145' |
|
72
|
|
|
); |
|
73
|
|
|
|
|
74
|
|
|
// switch user context before testing TrashService::trash method |
|
75
|
|
|
$repository->getPermissionResolver()->setCurrentUserReference( |
|
76
|
|
|
$this->createUserWithPolicies('trash_test_user', []) |
|
77
|
|
|
); |
|
78
|
|
|
$trashService->trash($mediaLocation); |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
/** |
|
82
|
|
|
* Test for the trash() method with proper minimal permission set. |
|
83
|
|
|
* |
|
84
|
|
|
* @depends testTrashThrowsUnauthorizedException |
|
85
|
|
|
* |
|
86
|
|
|
* @covers \eZ\Publish\API\Repository\TrashService::trash |
|
87
|
|
|
*/ |
|
88
|
|
|
public function testTrashRequiresContentRemovePolicy() |
|
89
|
|
|
{ |
|
90
|
|
|
$repository = $this->getRepository(); |
|
91
|
|
|
$trashService = $repository->getTrashService(); |
|
92
|
|
|
$locationService = $repository->getLocationService(); |
|
93
|
|
|
|
|
94
|
|
|
// Load "Media" page location to be trashed |
|
95
|
|
|
$mediaLocation = $locationService->loadLocationByRemoteId( |
|
96
|
|
|
'75c715a51699d2d309a924eca6a95145' |
|
97
|
|
|
); |
|
98
|
|
|
|
|
99
|
|
|
$repository->getPermissionResolver()->setCurrentUserReference( |
|
100
|
|
|
$this->createUserWithPolicies( |
|
101
|
|
|
'trash_test_user', |
|
102
|
|
|
[ |
|
103
|
|
|
['module' => 'content', 'function' => 'remove'], |
|
104
|
|
|
] |
|
105
|
|
|
) |
|
106
|
|
|
); |
|
107
|
|
|
$trashService->trash($mediaLocation); |
|
108
|
|
|
} |
|
109
|
|
|
|
|
110
|
|
|
/** |
|
111
|
|
|
* Test for the recover() method. |
|
112
|
|
|
* |
|
113
|
|
|
* @see \eZ\Publish\API\Repository\TrashService::recover() |
|
114
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
115
|
|
|
* @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testRecover |
|
116
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
117
|
|
|
*/ |
|
118
|
|
|
public function testRecoverThrowsUnauthorizedException() |
|
119
|
|
|
{ |
|
120
|
|
|
$repository = $this->getRepository(); |
|
121
|
|
|
$trashService = $repository->getTrashService(); |
|
122
|
|
|
|
|
123
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
124
|
|
|
/* BEGIN: Use Case */ |
|
125
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user |
|
126
|
|
|
$trashItem = $this->createTrashItem(); |
|
127
|
|
|
|
|
128
|
|
|
// Load user service |
|
129
|
|
|
$userService = $repository->getUserService(); |
|
130
|
|
|
|
|
131
|
|
|
// Set "Anonymous" as current user |
|
132
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
133
|
|
|
|
|
134
|
|
|
// This call will fail with an "UnauthorizedException" |
|
135
|
|
|
$trashService->recover($trashItem); |
|
|
|
|
|
|
136
|
|
|
/* END: Use Case */ |
|
137
|
|
|
} |
|
138
|
|
|
|
|
139
|
|
|
/** |
|
140
|
|
|
* Test for the recover() method. |
|
141
|
|
|
* |
|
142
|
|
|
* @see \eZ\Publish\API\Repository\TrashService::recover($trashItem, $newParentLocation) |
|
143
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
144
|
|
|
* @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testRecover |
|
145
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
146
|
|
|
*/ |
|
147
|
|
View Code Duplication |
public function testRecoverThrowsUnauthorizedExceptionWithNewParentLocationParameter() |
|
148
|
|
|
{ |
|
149
|
|
|
$repository = $this->getRepository(); |
|
150
|
|
|
$trashService = $repository->getTrashService(); |
|
151
|
|
|
$locationService = $repository->getLocationService(); |
|
152
|
|
|
|
|
153
|
|
|
$homeLocationId = $this->generateId('location', 2); |
|
154
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
155
|
|
|
/* BEGIN: Use Case */ |
|
156
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user |
|
157
|
|
|
// $homeLocationId is the ID of the "Home" location in an eZ Publish |
|
158
|
|
|
// demo installation |
|
159
|
|
|
|
|
160
|
|
|
$trashItem = $this->createTrashItem(); |
|
161
|
|
|
|
|
162
|
|
|
// Get the new parent location |
|
163
|
|
|
$newParentLocation = $locationService->loadLocation($homeLocationId); |
|
164
|
|
|
|
|
165
|
|
|
// Load user service |
|
166
|
|
|
$userService = $repository->getUserService(); |
|
167
|
|
|
|
|
168
|
|
|
// Set "Anonymous" as current user |
|
169
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
170
|
|
|
|
|
171
|
|
|
// This call will fail with an "UnauthorizedException" |
|
172
|
|
|
$trashService->recover($trashItem, $newParentLocation); |
|
|
|
|
|
|
173
|
|
|
/* END: Use Case */ |
|
174
|
|
|
} |
|
175
|
|
|
|
|
176
|
|
|
/** |
|
177
|
|
|
* Test for the emptyTrash() method. |
|
178
|
|
|
* |
|
179
|
|
|
* @see \eZ\Publish\API\Repository\TrashService::emptyTrash() |
|
180
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
181
|
|
|
* @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testEmptyTrash |
|
182
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
183
|
|
|
*/ |
|
184
|
|
|
public function testEmptyTrashThrowsUnauthorizedException() |
|
185
|
|
|
{ |
|
186
|
|
|
$repository = $this->getRepository(); |
|
187
|
|
|
$trashService = $repository->getTrashService(); |
|
188
|
|
|
|
|
189
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
190
|
|
|
/* BEGIN: Use Case */ |
|
191
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user |
|
192
|
|
|
$this->createTrashItem(); |
|
193
|
|
|
|
|
194
|
|
|
// Load user service |
|
195
|
|
|
$userService = $repository->getUserService(); |
|
196
|
|
|
|
|
197
|
|
|
// Set "Anonymous" as current user |
|
198
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
199
|
|
|
|
|
200
|
|
|
// This call will fail with an "UnauthorizedException" |
|
201
|
|
|
$trashService->emptyTrash(); |
|
202
|
|
|
/* END: Use Case */ |
|
203
|
|
|
} |
|
204
|
|
|
|
|
205
|
|
|
/** |
|
206
|
|
|
* Test for the deleteTrashItem() method. |
|
207
|
|
|
* |
|
208
|
|
|
* @see \eZ\Publish\API\Repository\TrashService::deleteTrashItem() |
|
209
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
210
|
|
|
* @depends eZ\Publish\API\Repository\Tests\TrashServiceTest::testDeleteTrashItem |
|
211
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
212
|
|
|
*/ |
|
213
|
|
|
public function testDeleteTrashItemThrowsUnauthorizedException() |
|
214
|
|
|
{ |
|
215
|
|
|
$repository = $this->getRepository(); |
|
216
|
|
|
$trashService = $repository->getTrashService(); |
|
217
|
|
|
|
|
218
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
219
|
|
|
/* BEGIN: Use Case */ |
|
220
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user |
|
221
|
|
|
$trashItem = $this->createTrashItem(); |
|
222
|
|
|
|
|
223
|
|
|
// Load user service |
|
224
|
|
|
$userService = $repository->getUserService(); |
|
225
|
|
|
|
|
226
|
|
|
// Set "Anonymous" as current user |
|
227
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
228
|
|
|
|
|
229
|
|
|
// This call will fail with an "UnauthorizedException" |
|
230
|
|
|
$trashService->deleteTrashItem($trashItem); |
|
|
|
|
|
|
231
|
|
|
/* END: Use Case */ |
|
232
|
|
|
} |
|
233
|
|
|
|
|
234
|
|
|
/** |
|
235
|
|
|
* @throws \eZ\Publish\API\Repository\Exceptions\ForbiddenException |
|
236
|
|
|
* @throws \eZ\Publish\API\Repository\Exceptions\NotFoundException |
|
237
|
|
|
* @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
238
|
|
|
*/ |
|
239
|
|
|
public function testTrashRequiresPermissionsToRemoveAllSubItems() |
|
240
|
|
|
{ |
|
241
|
|
|
$this->createRoleWithPolicies('Publisher', [ |
|
242
|
|
|
['module' => 'content', 'function' => 'read'], |
|
243
|
|
|
['module' => 'content', 'function' => 'create'], |
|
244
|
|
|
['module' => 'content', 'function' => 'publish'], |
|
245
|
|
|
['module' => 'state', 'function' => 'assign'], |
|
246
|
|
|
['module' => 'content', 'function' => 'remove', 'limitations' => [ |
|
247
|
|
|
new ObjectStateLimitation(['limitationValues' => [ |
|
248
|
|
|
$this->generateId('objectstate', 2), |
|
249
|
|
|
]]), |
|
250
|
|
|
]], |
|
251
|
|
|
]); |
|
252
|
|
|
|
|
253
|
|
|
$publisherUser = $this->createCustomUserWithLogin( |
|
254
|
|
|
'publisher', |
|
255
|
|
|
'[email protected]', |
|
256
|
|
|
'Publishers', |
|
257
|
|
|
'Publisher' |
|
258
|
|
|
); |
|
259
|
|
|
|
|
260
|
|
|
/** @var Repository $repository */ |
|
261
|
|
|
$repository = $this->getRepository(); |
|
262
|
|
|
$repository->getPermissionResolver()->setCurrentUserReference($publisherUser); |
|
263
|
|
|
$trashService = $repository->getTrashService(); |
|
264
|
|
|
$locationService = $repository->getLocationService(); |
|
265
|
|
|
$objectStateService = $repository->getObjectStateService(); |
|
266
|
|
|
|
|
267
|
|
|
$parentContent = $this->createFolder(['eng-US' => 'Parent Folder'], 2); |
|
268
|
|
|
|
|
269
|
|
|
$objectStateService->setContentState( |
|
270
|
|
|
$parentContent->contentInfo, |
|
271
|
|
|
$objectStateService->loadObjectStateGroup(2), |
|
272
|
|
|
$objectStateService->loadObjectState(2) |
|
273
|
|
|
); |
|
274
|
|
|
|
|
275
|
|
|
$parentLocation = $locationService->loadLocations($parentContent->contentInfo)[0]; |
|
276
|
|
|
|
|
277
|
|
|
$this->createFolder(['eng-US' => 'Child Folder'], $parentLocation->id); |
|
278
|
|
|
|
|
279
|
|
|
// refreshing Search Index as Trash Service relies internally on Search Service |
|
280
|
|
|
$this->refreshSearch($repository); |
|
281
|
|
|
|
|
282
|
|
|
$this->expectException(UnauthorizedException::class); |
|
283
|
|
|
$trashService->trash($parentLocation); |
|
284
|
|
|
} |
|
285
|
|
|
} |
|
286
|
|
|
|
ezsystems /
ezpublish-kernel
Loading history...
This method has been deprecated. The supplier of the class has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.