|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Tests\Unit; |
|
4
|
|
|
|
|
5
|
|
|
use GuzzleHttp\Psr7\Request; |
|
6
|
|
|
use GuzzleHttp\Psr7\Response; |
|
7
|
|
|
use GuzzleHttp\Psr7\ServerRequest; |
|
8
|
|
|
use Potievdev\SlimRbac\Component\AuthManager; |
|
9
|
|
|
use Potievdev\SlimRbac\Component\AuthMiddleware; |
|
10
|
|
|
use Potievdev\SlimRbac\Structure\AuthOptions; |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Class for testing AuthMiddleware |
|
14
|
|
|
* Class AuthMiddlewareTest |
|
15
|
|
|
* @package Tests\Unit |
|
16
|
|
|
*/ |
|
17
|
|
|
class AuthMiddlewareTest extends BaseTestCase |
|
18
|
|
|
{ |
|
19
|
|
|
/** @var AuthOptions $authOptions */ |
|
20
|
|
|
protected $authOptions; |
|
21
|
|
|
|
|
22
|
|
|
/** @var callable $callable */ |
|
23
|
|
|
protected $callable; |
|
24
|
|
|
|
|
25
|
|
|
/** @var ServerRequest $request */ |
|
26
|
|
|
protected $request; |
|
27
|
|
|
|
|
28
|
|
|
/** @var Response $response */ |
|
29
|
|
|
protected $response; |
|
30
|
|
|
|
|
31
|
|
|
/** |
|
32
|
|
|
* @throws \Potievdev\SlimRbac\Exception\CyclicException |
|
33
|
|
|
* @throws \Potievdev\SlimRbac\Exception\DatabaseException |
|
34
|
|
|
* @throws \Potievdev\SlimRbac\Exception\NotUniqueException |
|
35
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
36
|
|
|
*/ |
|
37
|
|
|
public function setUp() |
|
38
|
|
|
{ |
|
39
|
|
|
parent::setUp(); |
|
40
|
|
|
|
|
41
|
|
|
$this->authOptions = $this->createAuthOptions(); |
|
42
|
|
|
|
|
43
|
|
|
$authManager = new AuthManager($this->authOptions); |
|
44
|
|
|
$authManager->removeAll(); |
|
45
|
|
|
|
|
46
|
|
|
$edit = $authManager->createPermission('edit'); |
|
47
|
|
|
$edit->setDescription('Edit permission'); |
|
48
|
|
|
$authManager->addPermission($edit); |
|
49
|
|
|
|
|
50
|
|
|
$write = $authManager->createPermission('write'); |
|
51
|
|
|
$write->setDescription('Write permission'); |
|
52
|
|
|
$authManager->addPermission($write); |
|
53
|
|
|
|
|
54
|
|
|
$moderator = $authManager->createRole('moderator'); |
|
55
|
|
|
$moderator->setDescription('Moderator role'); |
|
56
|
|
|
$authManager->addRole($moderator); |
|
57
|
|
|
|
|
58
|
|
|
$admin = $authManager->createRole('admin'); |
|
59
|
|
|
$admin->setDescription('Admin role'); |
|
60
|
|
|
$authManager->addRole($admin); |
|
61
|
|
|
|
|
62
|
|
|
$authManager->addChildPermission($moderator, $edit); |
|
63
|
|
|
$authManager->addChildPermission($admin, $write); |
|
64
|
|
|
$authManager->addChildRole($admin, $moderator); |
|
65
|
|
|
|
|
66
|
|
|
$authManager->assign($moderator, self::MODERATOR_USER_ID); |
|
67
|
|
|
$authManager->assign($admin, self::ADMIN_USER_ID); |
|
68
|
|
|
|
|
69
|
|
|
$this->callable = function (Request $request, Response $response) { |
|
70
|
|
|
return $response; |
|
71
|
|
|
}; |
|
72
|
|
|
$this->request = new ServerRequest('GET', 'write'); |
|
73
|
|
|
$this->response = new Response(); |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
/** |
|
77
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
78
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
79
|
|
|
*/ |
|
80
|
|
View Code Duplication |
public function testCheckAccessSuccessCase() |
|
|
|
|
|
|
81
|
|
|
{ |
|
82
|
|
|
$middleware = new AuthMiddleware($this->authOptions); |
|
83
|
|
|
$request = $this->request->withAttribute($this->authOptions->getVariableName(), self::ADMIN_USER_ID); |
|
84
|
|
|
$response = $middleware->__invoke($request, $this->response, $this->callable); |
|
85
|
|
|
$this->assertEquals(200, $response->getStatusCode()); |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
/** |
|
89
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
90
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
91
|
|
|
*/ |
|
92
|
|
View Code Duplication |
public function testCheckAccessDeniedCase() |
|
|
|
|
|
|
93
|
|
|
{ |
|
94
|
|
|
$middleware = new AuthMiddleware($this->authOptions); |
|
95
|
|
|
$request = $this->request->withAttribute($this->authOptions->getVariableName(), self::MODERATOR_USER_ID); |
|
96
|
|
|
$response = $middleware->__invoke($request, $this->response, $this->callable); |
|
97
|
|
|
$this->assertEquals(403, $response->getStatusCode()); |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
102
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
103
|
|
|
*/ |
|
104
|
|
View Code Duplication |
public function testCheckReadingUserIdFromHeader() |
|
|
|
|
|
|
105
|
|
|
{ |
|
106
|
|
|
$authOptions = $this->authOptions; |
|
107
|
|
|
$authOptions->setVariableStorageType(AuthOptions::HEADER_STORAGE_TYPE); |
|
108
|
|
|
$middleware = new AuthMiddleware($authOptions); |
|
109
|
|
|
$request = $this->request->withHeader($authOptions->getVariableName(), self::ADMIN_USER_ID); |
|
110
|
|
|
$response = $middleware->__invoke($request, $this->response, $this->callable); |
|
111
|
|
|
$this->assertEquals(200, $response->getStatusCode()); |
|
112
|
|
|
} |
|
113
|
|
|
|
|
114
|
|
|
/** |
|
115
|
|
|
* @throws \Doctrine\ORM\Query\QueryException |
|
116
|
|
|
* @throws \Potievdev\SlimRbac\Exception\InvalidArgumentException |
|
117
|
|
|
*/ |
|
118
|
|
View Code Duplication |
public function testCheckReadingUserIdFromCookie() |
|
|
|
|
|
|
119
|
|
|
{ |
|
120
|
|
|
$authOptions = $this->authOptions; |
|
121
|
|
|
$authOptions->setVariableStorageType(AuthOptions::COOKIE_STORAGE_TYPE); |
|
122
|
|
|
$middleware = new AuthMiddleware($authOptions); |
|
123
|
|
|
$request = $this->request->withCookieParams([$authOptions->getVariableName() => self::ADMIN_USER_ID]); |
|
124
|
|
|
$response = $middleware->__invoke($request, $this->response, $this->callable); |
|
125
|
|
|
$this->assertEquals(200, $response->getStatusCode()); |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
} |
|
129
|
|
|
|
potievdev /
slim-rbac
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.