|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Tests\Unit; |
|
4
|
|
|
|
|
5
|
|
|
use Potievdev\SlimRbac\Component\AuthManager; |
|
6
|
|
|
use Potievdev\SlimRbac\Models\Entity\Permission; |
|
7
|
|
|
use Potievdev\SlimRbac\Models\Entity\Role; |
|
8
|
|
|
|
|
9
|
|
|
/** |
|
10
|
|
|
* Class AuthManagerTest |
|
11
|
|
|
* @package Tests\Unit |
|
12
|
|
|
*/ |
|
13
|
|
|
class AuthManagerTest extends BaseTestCase |
|
14
|
|
|
{ |
|
15
|
|
|
|
|
16
|
|
|
/** @var AuthManager $authManager */ |
|
17
|
|
|
protected $authManager; |
|
18
|
|
|
|
|
19
|
|
|
/** |
|
20
|
|
|
* @throws \Potievdev\SlimRbac\Exception\CyclicException |
|
21
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
22
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
23
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
24
|
|
|
*/ |
|
25
|
|
|
public function setUp() |
|
26
|
|
|
{ |
|
27
|
|
|
parent::setUp(); |
|
28
|
|
|
|
|
29
|
|
|
$authOptions = $this->createAuthOptions(); |
|
30
|
|
|
$this->authManager = new AuthManager($authOptions); |
|
31
|
|
|
$this->authManager->removeAll(); |
|
32
|
|
|
|
|
33
|
|
|
$edit = $this->authManager->createPermission('edit'); |
|
34
|
|
|
$this->authManager->addPermission($edit); |
|
35
|
|
|
|
|
36
|
|
|
$write = $this->authManager->createPermission('write'); |
|
37
|
|
|
$this->authManager->addPermission($write); |
|
38
|
|
|
|
|
39
|
|
|
$moderator = $this->authManager->createRole('moderator'); |
|
40
|
|
|
$this->authManager->addRole($moderator); |
|
41
|
|
|
|
|
42
|
|
|
$admin = $this->authManager->createRole('admin'); |
|
43
|
|
|
$this->authManager->addRole($admin); |
|
44
|
|
|
|
|
45
|
|
|
$this->authManager->addChildPermission($moderator, $edit); |
|
46
|
|
|
$this->authManager->addChildPermission($admin, $write); |
|
47
|
|
|
$this->authManager->addChildRole($admin, $moderator); |
|
48
|
|
|
|
|
49
|
|
|
$this->authManager->assign($moderator, self::MODERATOR_USER_ID); |
|
50
|
|
|
$this->authManager->assign($admin, self::ADMIN_USER_ID); |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
public function successCasesProvider() |
|
54
|
|
|
{ |
|
55
|
|
|
|
|
56
|
|
|
return [ |
|
57
|
|
|
'moderator can edit' => [self::MODERATOR_USER_ID, 'edit'], |
|
58
|
|
|
'admin can edit' => [self::ADMIN_USER_ID, 'edit'], |
|
59
|
|
|
'admin can write' => [self::ADMIN_USER_ID, 'write'], |
|
60
|
|
|
]; |
|
61
|
|
|
} |
|
62
|
|
|
|
|
63
|
|
|
/** |
|
64
|
|
|
* Testing has permission cases |
|
65
|
|
|
* @param integer $userId user id |
|
66
|
|
|
* @param string $roleOrPermission role or permission name |
|
67
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
68
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
69
|
|
|
* @dataProvider successCasesProvider |
|
70
|
|
|
*/ |
|
71
|
|
|
public function testCheckAccessSuccessCases($userId, $roleOrPermission) |
|
72
|
|
|
{ |
|
73
|
|
|
$this->assertTrue($this->authManager->checkAccess($userId, $roleOrPermission)); |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
/** |
|
77
|
|
|
* @return array |
|
78
|
|
|
*/ |
|
79
|
|
|
public function failCasesProvider() |
|
80
|
|
|
{ |
|
81
|
|
|
return [ |
|
82
|
|
|
'moderator has no write permission' => [self::MODERATOR_USER_ID, 'write'], |
|
83
|
|
|
'not existing permission' => [self::ADMIN_USER_ID, 'none_permission'], |
|
84
|
|
|
'not existing user id not has permission' => [self::NOT_USER_ID, 'edit'], |
|
85
|
|
|
'not existing user id not has role' => [self::NOT_USER_ID, 'admin'] |
|
86
|
|
|
]; |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
/** |
|
90
|
|
|
* Testing not have permission cases |
|
91
|
|
|
* @param integer $userId user id |
|
92
|
|
|
* @param string $roleOrPermission role or permission name |
|
93
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
94
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
95
|
|
|
* @dataProvider failCasesProvider |
|
96
|
|
|
*/ |
|
97
|
|
|
public function testCheckAccessFailureCases($userId, $roleOrPermission) |
|
98
|
|
|
{ |
|
99
|
|
|
$this->assertFalse($this->authManager->checkAccess($userId, $roleOrPermission)); |
|
100
|
|
|
} |
|
101
|
|
|
|
|
102
|
|
|
/** |
|
103
|
|
|
* Testing adding not unique permission |
|
104
|
|
|
* @expectedException \Potievdev\SlimRbac\Exception\NotUniqueException |
|
105
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
106
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
107
|
|
|
*/ |
|
108
|
|
|
public function testCheckAddingNotUniquePermission() |
|
109
|
|
|
{ |
|
110
|
|
|
$edit = $this->authManager->createPermission('edit'); |
|
111
|
|
|
$this->authManager->addPermission($edit); |
|
112
|
|
|
} |
|
113
|
|
|
|
|
114
|
|
|
/** |
|
115
|
|
|
* Testing adding not unique role |
|
116
|
|
|
* @expectedException \Potievdev\SlimRbac\Exception\NotUniqueException |
|
117
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
118
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
119
|
|
|
*/ |
|
120
|
|
|
public function testCheckAddingNonUniqueRole() |
|
121
|
|
|
{ |
|
122
|
|
|
$moderator = $this->authManager->createRole('moderator'); |
|
123
|
|
|
$this->authManager->addRole($moderator); |
|
124
|
|
|
} |
|
125
|
|
|
|
|
126
|
|
|
/** |
|
127
|
|
|
* @expectedException \Potievdev\SlimRbac\Exception\CyclicException |
|
128
|
|
|
* @throws \Potievdev\SlimRbac\Exception\CyclicException |
|
129
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
130
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
131
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
132
|
|
|
*/ |
|
133
|
|
|
public function testCheckCyclicException() |
|
134
|
|
|
{ |
|
135
|
|
|
$a = $this->authManager->createRole('a'); |
|
136
|
|
|
$b = $this->authManager->createRole('b'); |
|
137
|
|
|
|
|
138
|
|
|
$this->authManager->addRole($a); |
|
139
|
|
|
$this->authManager->addRole($b); |
|
140
|
|
|
|
|
141
|
|
|
$this->authManager->addChildRole($a, $b); |
|
142
|
|
|
$this->authManager->addChildRole($b, $a); |
|
143
|
|
|
} |
|
144
|
|
|
|
|
145
|
|
|
/** |
|
146
|
|
|
* Testing creating permission |
|
147
|
|
|
*/ |
|
148
|
|
|
public function testCheckCreatingPermission() |
|
149
|
|
|
{ |
|
150
|
|
|
$repositoryRegistry = $this->createRepositoryRegistry(); |
|
151
|
|
|
$permission = $repositoryRegistry |
|
152
|
|
|
->getPermissionRepository() |
|
153
|
|
|
->findOneBy(['name' => 'edit']); |
|
154
|
|
|
|
|
155
|
|
|
$this->assertTrue($permission instanceof Permission); |
|
156
|
|
|
} |
|
157
|
|
|
|
|
158
|
|
|
/** |
|
159
|
|
|
* Testing creating role |
|
160
|
|
|
*/ |
|
161
|
|
|
public function testCheckCreatingRole() |
|
162
|
|
|
{ |
|
163
|
|
|
$repositoryRegistry = $this->createRepositoryRegistry(); |
|
164
|
|
|
|
|
165
|
|
|
$role = $repositoryRegistry |
|
166
|
|
|
->getRoleRepository() |
|
167
|
|
|
->findOneBy(['name' => 'admin']); |
|
168
|
|
|
|
|
169
|
|
|
$this->assertTrue($role instanceof Role); |
|
170
|
|
|
} |
|
171
|
|
|
|
|
172
|
|
|
/** |
|
173
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
174
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
175
|
|
|
* @expectedException \Potievdev\SlimRbac\Exception\NotUniqueException |
|
176
|
|
|
*/ |
|
177
|
|
View Code Duplication |
public function testCheckDoubleAssigningPermissionToSameRole() |
|
|
|
|
|
|
178
|
|
|
{ |
|
179
|
|
|
$repositoryRegistry = $this->createRepositoryRegistry(); |
|
180
|
|
|
|
|
181
|
|
|
/** @var Role $role */ |
|
182
|
|
|
$role = $repositoryRegistry |
|
183
|
|
|
->getRoleRepository() |
|
184
|
|
|
->findOneBy(['name' => 'admin']); |
|
185
|
|
|
|
|
186
|
|
|
/** @var Permission $permission */ |
|
187
|
|
|
$permission = $repositoryRegistry |
|
188
|
|
|
->getPermissionRepository() |
|
189
|
|
|
->findOneBy(['name' => 'write']); |
|
190
|
|
|
|
|
191
|
|
|
$this->authManager->addChildPermission($role, $permission); |
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
|
/** |
|
195
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
196
|
|
|
* @throws \Potievdev\SlimRbac\Exception\CyclicException |
|
197
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
198
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
199
|
|
|
* @expectedException \Potievdev\SlimRbac\Exception\NotUniqueException |
|
200
|
|
|
*/ |
|
201
|
|
View Code Duplication |
public function testCheckAddingSameChildRoleDoubleTime() |
|
|
|
|
|
|
202
|
|
|
{ |
|
203
|
|
|
$repositoryRegistry = $this->createRepositoryRegistry(); |
|
204
|
|
|
|
|
205
|
|
|
/** @var Role $parent */ |
|
206
|
|
|
$parent = $repositoryRegistry |
|
207
|
|
|
->getRoleRepository() |
|
208
|
|
|
->findOneBy(['name' => 'admin']); |
|
209
|
|
|
|
|
210
|
|
|
/** @var Role $child */ |
|
211
|
|
|
$child = $repositoryRegistry |
|
212
|
|
|
->getRoleRepository() |
|
213
|
|
|
->findOneBy(['name' => 'moderator']); |
|
214
|
|
|
|
|
215
|
|
|
$this->authManager->addChildRole($parent, $child); |
|
216
|
|
|
} |
|
217
|
|
|
} |
|
218
|
|
|
|
potievdev /
slim-rbac
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.