SecurityTest::testCanBootKernelWithoutSecurityOrSecurityMiddleware() - Code Metrics - Inspection of "Merge pull request #54 from thephpleague/feature/t..." - thephpleague/tactician-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( db359b...0e30e5 )

by Ross

created 2017-08-03 07:59 UTC

testCanBootKernelWithoutSecurityOrSecurityMiddleware() A

↳ Parent: SecurityTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	5
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	5
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	3
nc	1
nop	0

<?php

namespace League\Tactician\Bundle\Tests\Integration;

use League\Tactician\Bundle\DependencyInjection\Compiler\UnknownMiddlewareException;
use League\Tactician\Bundle\Tests\Fake\FakeCommand;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Core\Role\Role;
use stdClass;

/**
 * Integration test for security middleware.
 *
 * @author Ron Rademaker
 *
 * @runTestsInSeparateProcesses
 */
class SecurityTest extends IntegrationTest
{
    public function testCanBootKernelWithSecurityMiddleware()
    {
        $this->loadSecurityConfiguration();

        $this->givenConfig('tactician', <<<'EOF'
commandbus:
    default:
        middleware:
            - tactician.middleware.security
EOF
        );
        static::$kernel->boot();
        $this->assertTrue(true);
    }

    public function testCanNotBootKernelIfLoadingSecurityMiddlewareWithoutSecurityBeingTurnedOn()
    {
        $this->expectException(UnknownMiddlewareException::class);
        $this->givenConfig('tactician', <<<'EOF'
commandbus:
    default:
        middleware:
            - tactician.middleware.security
EOF
        );
        static::$kernel->boot();
    }

    public function testCanBootKernelWithoutSecurityOrSecurityMiddleware()
    {
        static::$kernel->boot();
        $this->assertTrue(true);
    }

    /**
     * @dataProvider provideTestData
     */
    public function testSecurityMiddleware($command, string $role, string $expectedExceptionClassName = null)
    {
        if ($expectedExceptionClassName) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $this->expectException($expectedExceptionClassName);
        }

        $this->loadSecurityConfiguration();
        $this->givenConfig('tactician', <<<'EOF'
commandbus:
    default:
        middleware:
            - tactician.middleware.security
security:
    League\Tactician\Bundle\Tests\Fake\FakeCommand:
        - 'ROLE_ADMIN'
EOF
        );

        static::$kernel->boot();
        $this->setUserRole($role);

        static::$kernel->getContainer()->get('tactician.commandbus.default')->handle($command);
    }

    /**
     * Gets test data for security middleware integration test.
     *
     * @return array
     */
    public function provideTestData(): array
    {
        return [
            'Role may handle the command' => [new FakeCommand(), 'ROLE_ADMIN'],
            'Test role hierarchy' => [new FakeCommand(), 'ROLE_SUPER_ADMIN'],
            'Role may not handle the command' => [new FakeCommand(), 'ROLE_USER', AccessDeniedException::class],
            'Deny access if command is not in the mapping' => [new stdClass(), 'ROLE_SUPER_ADMIN', AccessDeniedException::class],
        ];
    }

    /**
     * Security configuration.
     */
    private function loadSecurityConfiguration()
    {
        $this->givenConfig('security', <<< 'EOF'
access_denied_url: /

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    my_in_memory_provider:
        memory:

firewalls:
    main:
        anonymous: ~
        http_basic: ~
EOF
        );
    }

    /**
     * @param string $role
     */
    protected function setUserRole(string $role)
    {
        static::$kernel->getContainer()
            ->get('security.token_storage')
            ->setToken(
                new AnonymousToken('test', 'anon', [new Role($role)])
            );
    }
}


1			<?php
2
3			namespace League\Tactician\Bundle\Tests\Integration;
4
5			use League\Tactician\Bundle\DependencyInjection\Compiler\UnknownMiddlewareException;
6			use League\Tactician\Bundle\Tests\Fake\FakeCommand;
7			use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
8			use Symfony\Component\Security\Core\Exception\AccessDeniedException;
9			use Symfony\Component\Security\Core\Role\Role;
10			use stdClass;
11
12			/**
13			* Integration test for security middleware.
14			*
15			* @author Ron Rademaker
16			*
17			* @runTestsInSeparateProcesses
18			*/
19			class SecurityTest extends IntegrationTest
20			{
21			public function testCanBootKernelWithSecurityMiddleware()
22			{
23			$this->loadSecurityConfiguration();
24
25			$this->givenConfig('tactician', <<<'EOF'
26			commandbus:
27			default:
28			middleware:
29			- tactician.middleware.security
30			EOF
31			);
32			static::$kernel->boot();
33			$this->assertTrue(true);
34			}
35
36			public function testCanNotBootKernelIfLoadingSecurityMiddlewareWithoutSecurityBeingTurnedOn()
37			{
38			$this->expectException(UnknownMiddlewareException::class);
39			$this->givenConfig('tactician', <<<'EOF'
40			commandbus:
41			default:
42			middleware:
43			- tactician.middleware.security
44			EOF
45			);
46			static::$kernel->boot();
47			}
48
49			public function testCanBootKernelWithoutSecurityOrSecurityMiddleware()
50			{
51			static::$kernel->boot();
52			$this->assertTrue(true);
53			}
54
55			/**
56			* @dataProvider provideTestData
57			*/
58			public function testSecurityMiddleware($command, string $role, string $expectedExceptionClassName = null)
59			{
60			if ($expectedExceptionClassName) {
			0 ignored issues – show Bug Best Practice introduced 2017-08-02 14:23 UTC by Report Bug Copy Issue Report The expression `$expectedExceptionClassName` of type `null\|string` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
61			$this->expectException($expectedExceptionClassName);
62			}
63
64			$this->loadSecurityConfiguration();
65			$this->givenConfig('tactician', <<<'EOF'
66			commandbus:
67			default:
68			middleware:
69			- tactician.middleware.security
70			security:
71			League\Tactician\Bundle\Tests\Fake\FakeCommand:
72			- 'ROLE_ADMIN'
73			EOF
74			);
75
76			static::$kernel->boot();
77			$this->setUserRole($role);
78
79			static::$kernel->getContainer()->get('tactician.commandbus.default')->handle($command);
80			}
81
82			/**
83			* Gets test data for security middleware integration test.
84			*
85			* @return array
86			*/
87			public function provideTestData(): array
88			{
89			return [
90			'Role may handle the command' => [new FakeCommand(), 'ROLE_ADMIN'],
91			'Test role hierarchy' => [new FakeCommand(), 'ROLE_SUPER_ADMIN'],
92			'Role may not handle the command' => [new FakeCommand(), 'ROLE_USER', AccessDeniedException::class],
93			'Deny access if command is not in the mapping' => [new stdClass(), 'ROLE_SUPER_ADMIN', AccessDeniedException::class],
94			];
95			}
96
97			/**
98			* Security configuration.
99			*/
100			private function loadSecurityConfiguration()
101			{
102			$this->givenConfig('security', <<< 'EOF'
103			access_denied_url: /
104
105			role_hierarchy:
106			ROLE_ADMIN: ROLE_USER
107			ROLE_SUPER_ADMIN: ROLE_ADMIN
108
109			providers:
110			my_in_memory_provider:
111			memory:
112
113			firewalls:
114			main:
115			anonymous: ~
116			http_basic: ~
117			EOF
118			);
119			}
120
121			/**
122			* @param string $role
123			*/
124			protected function setUserRole(string $role)
125			{
126			static::$kernel->getContainer()
127			->get('security.token_storage')
128			->setToken(
129			new AnonymousToken('test', 'anon', [new Role($role)])
130			);
131			}
132			}
133

thephpleague / tactician-bundle

Push — master ( db359b...0e30e5 )

testCanBootKernelWithoutSecurityOrSecurityMiddleware() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like