|
1
|
|
|
<?php declare(strict_types = 1); |
|
2
|
|
|
/* |
|
3
|
|
|
* This file is part of the KleijnWeb\SwaggerBundle package. |
|
4
|
|
|
* |
|
5
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
6
|
|
|
* file that was distributed with this source code. |
|
7
|
|
|
*/ |
|
8
|
|
|
|
|
9
|
|
|
namespace KleijnWeb\SwaggerBundle\Tests\Functional; |
|
10
|
|
|
|
|
11
|
|
|
use KleijnWeb\SwaggerBundle\Test\ApiResponseErrorException; |
|
12
|
|
|
use KleijnWeb\SwaggerBundle\Test\ApiTestCase; |
|
13
|
|
|
use KleijnWeb\SwaggerBundle\Test\ApiTestClient; |
|
14
|
|
|
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; |
|
15
|
|
|
use Symfony\Component\HttpFoundation\Response; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* @author John Kleijn <[email protected]> |
|
19
|
|
|
* @group functional |
|
20
|
|
|
*/ |
|
21
|
|
|
class RbacApiTest extends WebTestCase |
|
22
|
|
|
{ |
|
23
|
|
|
use ApiTestCase; |
|
24
|
|
|
|
|
25
|
|
|
/** |
|
26
|
|
|
* @var string |
|
27
|
|
|
*/ |
|
28
|
|
|
protected $env = 'secure_rbac'; |
|
29
|
|
|
|
|
30
|
|
|
protected function setUp() |
|
31
|
|
|
{ |
|
32
|
|
|
//NOOP |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
/** |
|
36
|
|
|
* @test |
|
37
|
|
|
*/ |
|
38
|
|
|
public function canGetUserContentAsUser() |
|
39
|
|
|
{ |
|
40
|
|
|
$this->createClientForUser('user'); |
|
41
|
|
|
|
|
42
|
|
|
$string = $this->get('/basic-auth/v1/rbac-user'); |
|
43
|
|
|
|
|
44
|
|
|
$this->assertSame($string, 'USER CONTENT'); |
|
45
|
|
|
} |
|
46
|
|
|
|
|
47
|
|
|
/** |
|
48
|
|
|
* @test |
|
49
|
|
|
*/ |
|
50
|
|
View Code Duplication |
public function cannotGetUserContentAsGuest() |
|
|
|
|
|
|
51
|
|
|
{ |
|
52
|
|
|
$this->createClientForUser('guest'); |
|
53
|
|
|
|
|
54
|
|
|
$this->expectException(ApiResponseErrorException::class); |
|
55
|
|
|
$this->expectExceptionCode(Response::HTTP_FORBIDDEN); |
|
56
|
|
|
|
|
57
|
|
|
$string = $this->get('/basic-auth/v1/rbac-user'); |
|
58
|
|
|
|
|
59
|
|
|
$this->assertSame($string, 'USER CONTENT'); |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
/** |
|
63
|
|
|
* @test |
|
64
|
|
|
*/ |
|
65
|
|
|
public function cannotGetUserContentWithoutAuth() |
|
66
|
|
|
{ |
|
67
|
|
|
$this->createApiTestClient(); |
|
68
|
|
|
|
|
69
|
|
|
$this->expectException(ApiResponseErrorException::class); |
|
70
|
|
|
$this->expectExceptionCode(Response::HTTP_UNAUTHORIZED); |
|
71
|
|
|
|
|
72
|
|
|
$this->get('/basic-auth/v1/rbac-user'); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* @test |
|
77
|
|
|
*/ |
|
78
|
|
|
public function canGetAdminContentAsAdmin() |
|
79
|
|
|
{ |
|
80
|
|
|
$this->createClientForUser('admin'); |
|
81
|
|
|
|
|
82
|
|
|
$string = $this->get('/basic-auth/v1/rbac-admin'); |
|
83
|
|
|
|
|
84
|
|
|
$this->assertSame($string, 'ADMIN CONTENT'); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
/** |
|
88
|
|
|
* @test |
|
89
|
|
|
*/ |
|
90
|
|
View Code Duplication |
public function cannotGetAdminContentAsUser() |
|
|
|
|
|
|
91
|
|
|
{ |
|
92
|
|
|
$this->createClientForUser('user'); |
|
93
|
|
|
|
|
94
|
|
|
$this->expectException(ApiResponseErrorException::class); |
|
95
|
|
|
$this->expectExceptionCode(Response::HTTP_FORBIDDEN); |
|
96
|
|
|
|
|
97
|
|
|
$string = $this->get('/basic-auth/v1/rbac-admin'); |
|
98
|
|
|
|
|
99
|
|
|
$this->assertSame($string, 'USER CONTENT'); |
|
100
|
|
|
} |
|
101
|
|
|
|
|
102
|
|
|
private function createClientForUser(string $user) |
|
103
|
|
|
{ |
|
104
|
|
|
$this->client = new ApiTestClient( |
|
105
|
|
|
static::createClient( |
|
106
|
|
|
['environment' => $this->getEnv(), 'debug' => true], |
|
107
|
|
|
['PHP_AUTH_USER' => $user, 'PHP_AUTH_PW' => 'password'] |
|
108
|
|
|
) |
|
109
|
|
|
); |
|
110
|
|
|
} |
|
111
|
|
|
} |
|
112
|
|
|
|
kleijnweb /
swagger-bundle
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.