|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* File containing the SectionServiceAuthorizationTest class. |
|
5
|
|
|
* |
|
6
|
|
|
* @copyright Copyright (C) eZ Systems AS. All rights reserved. |
|
7
|
|
|
* @license For full copyright and license information view LICENSE file distributed with this source code. |
|
8
|
|
|
*/ |
|
9
|
|
|
namespace eZ\Publish\API\Repository\Tests; |
|
10
|
|
|
|
|
11
|
|
|
use eZ\Publish\API\Repository\Values\User\Limitation; |
|
12
|
|
|
|
|
13
|
|
|
/** |
|
14
|
|
|
* Test case for operations in the SectionService using in memory storage. |
|
15
|
|
|
* |
|
16
|
|
|
* @see eZ\Publish\API\Repository\SectionService |
|
17
|
|
|
* @depends eZ\Publish\API\Repository\Tests\UserServiceTest::testLoadAnonymousUser |
|
18
|
|
|
* @group integration |
|
19
|
|
|
* @group authorization |
|
20
|
|
|
*/ |
|
21
|
|
|
class SectionServiceAuthorizationTest extends BaseTest |
|
22
|
|
|
{ |
|
23
|
|
|
/** |
|
24
|
|
|
* Test for the createSection() method. |
|
25
|
|
|
* |
|
26
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::createSection() |
|
27
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
28
|
|
|
* @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testCreateSection |
|
29
|
|
|
*/ |
|
30
|
|
|
public function testCreateSectionThrowsUnauthorizedException() |
|
31
|
|
|
{ |
|
32
|
|
|
$repository = $this->getRepository(); |
|
33
|
|
|
|
|
34
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
35
|
|
|
/* BEGIN: Use Case */ |
|
36
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
37
|
|
|
// Publish demo installation. |
|
38
|
|
|
$userService = $repository->getUserService(); |
|
39
|
|
|
$sectionService = $repository->getSectionService(); |
|
40
|
|
|
|
|
41
|
|
|
$sectionCreate = $sectionService->newSectionCreateStruct(); |
|
42
|
|
|
$sectionCreate->name = 'Test Section'; |
|
43
|
|
|
$sectionCreate->identifier = 'uniqueKey'; |
|
44
|
|
|
|
|
45
|
|
|
// Set anonymous user |
|
46
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
47
|
|
|
|
|
48
|
|
|
// This call will fail with a "UnauthorizedException" |
|
49
|
|
|
$sectionService->createSection($sectionCreate); |
|
50
|
|
|
/* END: Use Case */ |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
/** |
|
54
|
|
|
* Test for the loadSection() method. |
|
55
|
|
|
* |
|
56
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::loadSection() |
|
57
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
58
|
|
|
* @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSection |
|
59
|
|
|
*/ |
|
60
|
|
|
public function testLoadSectionThrowsUnauthorizedException() |
|
61
|
|
|
{ |
|
62
|
|
|
$repository = $this->getRepository(); |
|
63
|
|
|
|
|
64
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
65
|
|
|
/* BEGIN: Use Case */ |
|
66
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
67
|
|
|
// Publish demo installation. |
|
68
|
|
|
$userService = $repository->getUserService(); |
|
69
|
|
|
$sectionService = $repository->getSectionService(); |
|
70
|
|
|
|
|
71
|
|
|
$sectionCreate = $sectionService->newSectionCreateStruct(); |
|
72
|
|
|
$sectionCreate->name = 'Test Section'; |
|
73
|
|
|
$sectionCreate->identifier = 'uniqueKey'; |
|
74
|
|
|
|
|
75
|
|
|
$sectionId = $sectionService->createSection($sectionCreate)->id; |
|
76
|
|
|
|
|
77
|
|
|
// Set anonymous user |
|
78
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
79
|
|
|
|
|
80
|
|
|
// This call will fail with a "UnauthorizedException" |
|
81
|
|
|
$sectionService->loadSection($sectionId); |
|
82
|
|
|
/* END: Use Case */ |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* Test for the updateSection() method. |
|
87
|
|
|
* |
|
88
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::updateSection() |
|
89
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
90
|
|
|
* @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testUpdateSection |
|
91
|
|
|
*/ |
|
92
|
|
|
public function testUpdateSectionThrowsUnauthorizedException() |
|
93
|
|
|
{ |
|
94
|
|
|
$repository = $this->getRepository(); |
|
95
|
|
|
|
|
96
|
|
|
$standardSectionId = $this->generateId('section', 1); |
|
97
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
98
|
|
|
/* BEGIN: Use Case */ |
|
99
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
100
|
|
|
// Publish demo installation. |
|
101
|
|
|
// $standardSectionId is the ID of the "Standard" section in a eZ |
|
102
|
|
|
// Publish demo installation. |
|
103
|
|
|
|
|
104
|
|
|
$userService = $repository->getUserService(); |
|
105
|
|
|
$sectionService = $repository->getSectionService(); |
|
106
|
|
|
|
|
107
|
|
|
$section = $sectionService->loadSection($standardSectionId); |
|
108
|
|
|
|
|
109
|
|
|
$sectionUpdate = $sectionService->newSectionUpdateStruct(); |
|
110
|
|
|
$sectionUpdate->name = 'New section name'; |
|
111
|
|
|
$sectionUpdate->identifier = 'newUniqueKey'; |
|
112
|
|
|
|
|
113
|
|
|
// Set anonymous user |
|
114
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
115
|
|
|
|
|
116
|
|
|
// This call will fail with a "UnauthorizedException" |
|
117
|
|
|
$sectionService->updateSection($section, $sectionUpdate); |
|
118
|
|
|
/* END: Use Case */ |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
/** |
|
122
|
|
|
* Test for the loadSections() method. |
|
123
|
|
|
* |
|
124
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::loadSections() |
|
125
|
|
|
* @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections |
|
126
|
|
|
*/ |
|
127
|
|
|
public function testLoadSectionsLoadsEmptyListForAnonymousUser() |
|
128
|
|
|
{ |
|
129
|
|
|
$repository = $this->getRepository(); |
|
130
|
|
|
|
|
131
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
132
|
|
|
/* BEGIN: Use Case */ |
|
133
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
134
|
|
|
// Publish demo installation. |
|
135
|
|
|
$userService = $repository->getUserService(); |
|
136
|
|
|
$sectionService = $repository->getSectionService(); |
|
137
|
|
|
|
|
138
|
|
|
// Create some sections |
|
139
|
|
|
$sectionCreateOne = $sectionService->newSectionCreateStruct(); |
|
140
|
|
|
$sectionCreateOne->name = 'Test section one'; |
|
141
|
|
|
$sectionCreateOne->identifier = 'uniqueKeyOne'; |
|
142
|
|
|
|
|
143
|
|
|
$sectionCreateTwo = $sectionService->newSectionCreateStruct(); |
|
144
|
|
|
$sectionCreateTwo->name = 'Test section two'; |
|
145
|
|
|
$sectionCreateTwo->identifier = 'uniqueKeyTwo'; |
|
146
|
|
|
|
|
147
|
|
|
$sectionService->createSection($sectionCreateOne); |
|
148
|
|
|
$sectionService->createSection($sectionCreateTwo); |
|
149
|
|
|
|
|
150
|
|
|
// Set anonymous user |
|
151
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
152
|
|
|
|
|
153
|
|
|
$sections = $sectionService->loadSections(); |
|
154
|
|
|
/* END: Use Case */ |
|
155
|
|
|
|
|
156
|
|
|
$this->assertEquals([], $sections); |
|
157
|
|
|
} |
|
158
|
|
|
|
|
159
|
|
|
/** |
|
160
|
|
|
* Test for the loadSections() method. |
|
161
|
|
|
* |
|
162
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::loadSections() |
|
163
|
|
|
* @depends eZ\Publish\API\Repository\Tests\SectionServiceTest::testLoadSections |
|
164
|
|
|
*/ |
|
165
|
|
|
public function testLoadSectionFiltersSections() |
|
166
|
|
|
{ |
|
167
|
|
|
$repository = $this->getRepository(); |
|
168
|
|
|
|
|
169
|
|
|
/* BEGIN: Use Case */ |
|
170
|
|
|
// Publish demo installation. |
|
171
|
|
|
$sectionService = $repository->getSectionService(); |
|
172
|
|
|
// Create some sections |
|
173
|
|
|
$sectionCreateOne = $sectionService->newSectionCreateStruct(); |
|
174
|
|
|
$sectionCreateOne->name = 'Test section one'; |
|
175
|
|
|
$sectionCreateOne->identifier = 'uniqueKeyOne'; |
|
176
|
|
|
|
|
177
|
|
|
$sectionCreateTwo = $sectionService->newSectionCreateStruct(); |
|
178
|
|
|
$sectionCreateTwo->name = 'Test section two'; |
|
179
|
|
|
$sectionCreateTwo->identifier = 'uniqueKeyTwo'; |
|
180
|
|
|
|
|
181
|
|
|
$expectedSection = $sectionService->createSection($sectionCreateOne); |
|
182
|
|
|
$sectionService->createSection($sectionCreateTwo); |
|
183
|
|
|
|
|
184
|
|
|
// Set user |
|
185
|
|
|
$this->createRoleWithPolicies('MediaUser', [ |
|
186
|
|
|
['module' => '*', 'function' => '*'], |
|
187
|
|
|
]); |
|
188
|
|
|
$mediaUser = $this->createCustomUserWithLogin( |
|
189
|
|
|
'user', |
|
190
|
|
|
'[email protected]', |
|
191
|
|
|
'MediaUser', |
|
192
|
|
|
'MediaUser', |
|
193
|
|
|
new Limitation\SectionLimitation(['limitationValues' => [$expectedSection->id]]) |
|
194
|
|
|
); |
|
195
|
|
|
|
|
196
|
|
|
$repository->getPermissionResolver()->setCurrentUserReference($mediaUser); |
|
197
|
|
|
|
|
198
|
|
|
$sections = $sectionService->loadSections(); |
|
199
|
|
|
/* END: Use Case */ |
|
200
|
|
|
|
|
201
|
|
|
// Only Sections the user has access to should be loaded |
|
202
|
|
|
$this->assertEquals([$expectedSection], $sections); |
|
203
|
|
|
} |
|
204
|
|
|
|
|
205
|
|
|
/** |
|
206
|
|
|
* Test for the loadSectionByIdentifier() method. |
|
207
|
|
|
* |
|
208
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::loadSectionByIdentifier() |
|
209
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
210
|
|
|
*/ |
|
211
|
|
|
public function testLoadSectionByIdentifierThrowsUnauthorizedException() |
|
212
|
|
|
{ |
|
213
|
|
|
$repository = $this->getRepository(); |
|
214
|
|
|
|
|
215
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
216
|
|
|
/* BEGIN: Use Case */ |
|
217
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
218
|
|
|
// Publish demo installation. |
|
219
|
|
|
$userService = $repository->getUserService(); |
|
220
|
|
|
$sectionService = $repository->getSectionService(); |
|
221
|
|
|
|
|
222
|
|
|
$sectionCreate = $sectionService->newSectionCreateStruct(); |
|
223
|
|
|
$sectionCreate->name = 'Test Section'; |
|
224
|
|
|
$sectionCreate->identifier = 'uniqueKey'; |
|
225
|
|
|
|
|
226
|
|
|
$sectionService->createSection($sectionCreate); |
|
227
|
|
|
|
|
228
|
|
|
// Set anonymous user |
|
229
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
230
|
|
|
|
|
231
|
|
|
// This call will fail with a "UnauthorizedException" |
|
232
|
|
|
$sectionService->loadSectionByIdentifier('uniqueKey'); |
|
233
|
|
|
/* END: Use Case */ |
|
234
|
|
|
} |
|
235
|
|
|
|
|
236
|
|
|
/** |
|
237
|
|
|
* Test for the assignSection() method. |
|
238
|
|
|
* |
|
239
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::assignSection() |
|
240
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
241
|
|
|
*/ |
|
242
|
|
|
public function testAssignSectionThrowsUnauthorizedException() |
|
243
|
|
|
{ |
|
244
|
|
|
$repository = $this->getRepository(); |
|
245
|
|
|
|
|
246
|
|
|
$standardSectionId = $this->generateId('section', 1); |
|
247
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
248
|
|
|
/* BEGIN: Use Case */ |
|
249
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
250
|
|
|
// Publish demo installation. |
|
251
|
|
|
// $standardSectionId is the ID of the "Standard" section in a eZ |
|
252
|
|
|
// Publish demo installation. |
|
253
|
|
|
|
|
254
|
|
|
// RemoteId of the "Media" page of an eZ Publish demo installation |
|
255
|
|
|
$mediaRemoteId = 'a6e35cbcb7cd6ae4b691f3eee30cd262'; |
|
256
|
|
|
|
|
257
|
|
|
$userService = $repository->getUserService(); |
|
258
|
|
|
$contentService = $repository->getContentService(); |
|
259
|
|
|
$sectionService = $repository->getSectionService(); |
|
260
|
|
|
|
|
261
|
|
|
// Load a content info instance |
|
262
|
|
|
$contentInfo = $contentService->loadContentInfoByRemoteId( |
|
263
|
|
|
$mediaRemoteId |
|
264
|
|
|
); |
|
265
|
|
|
|
|
266
|
|
|
// Load the "Standard" section |
|
267
|
|
|
$section = $sectionService->loadSection($standardSectionId); |
|
268
|
|
|
|
|
269
|
|
|
// Set anonymous user |
|
270
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
271
|
|
|
|
|
272
|
|
|
// This call will fail with a "UnauthorizedException" |
|
273
|
|
|
$sectionService->assignSection($contentInfo, $section); |
|
274
|
|
|
/* END: Use Case */ |
|
275
|
|
|
} |
|
276
|
|
|
|
|
277
|
|
|
/** |
|
278
|
|
|
* Test for the deleteSection() method. |
|
279
|
|
|
* |
|
280
|
|
|
* @see \eZ\Publish\API\Repository\SectionService::deleteSection() |
|
281
|
|
|
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException |
|
282
|
|
|
*/ |
|
283
|
|
|
public function testDeleteSectionThrowsUnauthorizedException() |
|
284
|
|
|
{ |
|
285
|
|
|
$repository = $this->getRepository(); |
|
286
|
|
|
|
|
287
|
|
|
$anonymousUserId = $this->generateId('user', 10); |
|
288
|
|
|
/* BEGIN: Use Case */ |
|
289
|
|
|
// $anonymousUserId is the ID of the "Anonymous" user in a eZ |
|
290
|
|
|
// Publish demo installation. |
|
291
|
|
|
$userService = $repository->getUserService(); |
|
292
|
|
|
$sectionService = $repository->getSectionService(); |
|
293
|
|
|
|
|
294
|
|
|
$sectionCreate = $sectionService->newSectionCreateStruct(); |
|
295
|
|
|
$sectionCreate->name = 'Test Section'; |
|
296
|
|
|
$sectionCreate->identifier = 'uniqueKey'; |
|
297
|
|
|
|
|
298
|
|
|
$section = $sectionService->createSection($sectionCreate); |
|
299
|
|
|
|
|
300
|
|
|
// Set anonymous user |
|
301
|
|
|
$repository->setCurrentUser($userService->loadUser($anonymousUserId)); |
|
|
|
|
|
|
302
|
|
|
|
|
303
|
|
|
// This call will fail with a "UnauthorizedException" |
|
304
|
|
|
$sectionService->deleteSection($section); |
|
305
|
|
|
/* END: Use Case */ |
|
306
|
|
|
} |
|
307
|
|
|
} |
|
308
|
|
|
|
ezsystems /
ezpublish-kernel
Loading history...
This method has been deprecated. The supplier of the class has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead.