summaryrefslogtreecommitdiffstats
path: root/Acl/Tests/Domain/AclTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'Acl/Tests/Domain/AclTest.php')
-rw-r--r--Acl/Tests/Domain/AclTest.php513
1 files changed, 513 insertions, 0 deletions
diff --git a/Acl/Tests/Domain/AclTest.php b/Acl/Tests/Domain/AclTest.php
new file mode 100644
index 0000000..84b9ba9
--- /dev/null
+++ b/Acl/Tests/Domain/AclTest.php
@@ -0,0 +1,513 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Acl\Tests\Domain;
+
+use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
+use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
+use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy;
+use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
+use Symfony\Component\Security\Acl\Domain\Acl;
+
+class AclTest extends \PHPUnit_Framework_TestCase
+{
+ public function testConstructor()
+ {
+ $acl = new Acl(1, $oid = new ObjectIdentity('foo', 'foo'), $permissionStrategy = new PermissionGrantingStrategy(), array(), true);
+
+ $this->assertSame(1, $acl->getId());
+ $this->assertSame($oid, $acl->getObjectIdentity());
+ $this->assertNull($acl->getParentAcl());
+ $this->assertTrue($acl->isEntriesInheriting());
+ }
+
+ /**
+ * @expectedException \OutOfBoundsException
+ * @dataProvider getDeleteAceTests
+ */
+ public function testDeleteAceThrowsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'delete'.$type.'Ace'}(0);
+ }
+
+ /**
+ * @dataProvider getDeleteAceTests
+ */
+ public function testDeleteAce($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type.'Ace'}(new RoleSecurityIdentity('foo'), 1);
+ $acl->{'insert'.$type.'Ace'}(new RoleSecurityIdentity('foo'), 2, 1);
+ $acl->{'insert'.$type.'Ace'}(new RoleSecurityIdentity('foo'), 3, 2);
+
+ $listener = $this->getListener(array(
+ $type.'Aces', 'aceOrder', 'aceOrder', $type.'Aces',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $this->assertCount(3, $acl->{'get'.$type.'Aces'}());
+
+ $acl->{'delete'.$type.'Ace'}(0);
+ $this->assertCount(2, $aces = $acl->{'get'.$type.'Aces'}());
+ $this->assertEquals(2, $aces[0]->getMask());
+ $this->assertEquals(3, $aces[1]->getMask());
+
+ $acl->{'delete'.$type.'Ace'}(1);
+ $this->assertCount(1, $aces = $acl->{'get'.$type.'Aces'}());
+ $this->assertEquals(2, $aces[0]->getMask());
+ }
+
+ public function getDeleteAceTests()
+ {
+ return array(
+ array('class'),
+ array('object'),
+ );
+ }
+
+ /**
+ * @expectedException \OutOfBoundsException
+ * @dataProvider getDeleteFieldAceTests
+ */
+ public function testDeleteFieldAceThrowsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'delete'.$type.'Ace'}('foo', 0);
+ }
+
+ /**
+ * @dataProvider getDeleteFieldAceTests
+ */
+ public function testDeleteFieldAce($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 1, 0);
+ $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 2, 1);
+ $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 3, 2);
+
+ $listener = $this->getListener(array(
+ $type.'Aces', 'aceOrder', 'aceOrder', $type.'Aces',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $this->assertCount(3, $acl->{'get'.$type.'Aces'}('foo'));
+
+ $acl->{'delete'.$type.'Ace'}(0, 'foo');
+ $this->assertCount(2, $aces = $acl->{'get'.$type.'Aces'}('foo'));
+ $this->assertEquals(2, $aces[0]->getMask());
+ $this->assertEquals(3, $aces[1]->getMask());
+
+ $acl->{'delete'.$type.'Ace'}(1, 'foo');
+ $this->assertCount(1, $aces = $acl->{'get'.$type.'Aces'}('foo'));
+ $this->assertEquals(2, $aces[0]->getMask());
+ }
+
+ public function getDeleteFieldAceTests()
+ {
+ return array(
+ array('classField'),
+ array('objectField'),
+ );
+ }
+
+ /**
+ * @dataProvider getInsertAceTests
+ */
+ public function testInsertAce($property, $method)
+ {
+ $acl = $this->getAcl();
+
+ $listener = $this->getListener(array(
+ $property, 'aceOrder', $property, 'aceOrder', $property,
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $sid = new RoleSecurityIdentity('foo');
+ $acl->$method($sid, 1);
+ $acl->$method($sid, 2);
+ $acl->$method($sid, 3, 1, false);
+
+ $this->assertCount(3, $aces = $acl->{'get'.$property}());
+ $this->assertEquals(2, $aces[0]->getMask());
+ $this->assertEquals(3, $aces[1]->getMask());
+ $this->assertEquals(1, $aces[2]->getMask());
+ }
+
+ /**
+ * @expectedException \OutOfBoundsException
+ * @dataProvider getInsertAceTests
+ */
+ public function testInsertClassAceThrowsExceptionOnInvalidIndex($property, $method)
+ {
+ $acl = $this->getAcl();
+ $acl->$method(new RoleSecurityIdentity('foo'), 1, 1);
+ }
+
+ public function getInsertAceTests()
+ {
+ return array(
+ array('classAces', 'insertClassAce'),
+ array('objectAces', 'insertObjectAce'),
+ );
+ }
+
+ /**
+ * @dataProvider getInsertFieldAceTests
+ */
+ public function testInsertClassFieldAce($property, $method)
+ {
+ $acl = $this->getAcl();
+
+ $listener = $this->getListener(array(
+ $property, $property, 'aceOrder', $property,
+ 'aceOrder', 'aceOrder', $property,
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $sid = new RoleSecurityIdentity('foo');
+ $acl->$method('foo', $sid, 1);
+ $acl->$method('foo2', $sid, 1);
+ $acl->$method('foo', $sid, 3);
+ $acl->$method('foo', $sid, 2);
+
+ $this->assertCount(3, $aces = $acl->{'get'.$property}('foo'));
+ $this->assertCount(1, $acl->{'get'.$property}('foo2'));
+ $this->assertEquals(2, $aces[0]->getMask());
+ $this->assertEquals(3, $aces[1]->getMask());
+ $this->assertEquals(1, $aces[2]->getMask());
+ }
+
+ /**
+ * @expectedException \OutOfBoundsException
+ * @dataProvider getInsertFieldAceTests
+ */
+ public function testInsertClassFieldAceThrowsExceptionOnInvalidIndex($property, $method)
+ {
+ $acl = $this->getAcl();
+ $acl->$method('foo', new RoleSecurityIdentity('foo'), 1, 1);
+ }
+
+ public function getInsertFieldAceTests()
+ {
+ return array(
+ array('classFieldAces', 'insertClassFieldAce'),
+ array('objectFieldAces', 'insertObjectFieldAce'),
+ );
+ }
+
+ public function testIsFieldGranted()
+ {
+ $sids = array(new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_IDDQD'));
+ $masks = array(1, 2, 4);
+ $strategy = $this->getMock('Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface');
+ $acl = new Acl(1, new ObjectIdentity(1, 'foo'), $strategy, array(), true);
+
+ $strategy
+ ->expects($this->once())
+ ->method('isFieldGranted')
+ ->with($this->equalTo($acl), $this->equalTo('foo'), $this->equalTo($masks), $this->equalTo($sids), $this->isTrue())
+ ->will($this->returnValue(true))
+ ;
+
+ $this->assertTrue($acl->isFieldGranted('foo', $masks, $sids, true));
+ }
+
+ public function testIsGranted()
+ {
+ $sids = array(new RoleSecurityIdentity('ROLE_FOO'), new RoleSecurityIdentity('ROLE_IDDQD'));
+ $masks = array(1, 2, 4);
+ $strategy = $this->getMock('Symfony\Component\Security\Acl\Model\PermissionGrantingStrategyInterface');
+ $acl = new Acl(1, new ObjectIdentity(1, 'foo'), $strategy, array(), true);
+
+ $strategy
+ ->expects($this->once())
+ ->method('isGranted')
+ ->with($this->equalTo($acl), $this->equalTo($masks), $this->equalTo($sids), $this->isTrue())
+ ->will($this->returnValue(true))
+ ;
+
+ $this->assertTrue($acl->isGranted($masks, $sids, true));
+ }
+
+ public function testSetGetParentAcl()
+ {
+ $acl = $this->getAcl();
+ $parentAcl = $this->getAcl();
+
+ $listener = $this->getListener(array('parentAcl'));
+ $acl->addPropertyChangedListener($listener);
+
+ $this->assertNull($acl->getParentAcl());
+ $acl->setParentAcl($parentAcl);
+ $this->assertSame($parentAcl, $acl->getParentAcl());
+
+ $acl->setParentAcl(null);
+ $this->assertNull($acl->getParentAcl());
+ }
+
+ public function testSetIsEntriesInheriting()
+ {
+ $acl = $this->getAcl();
+
+ $listener = $this->getListener(array('entriesInheriting'));
+ $acl->addPropertyChangedListener($listener);
+
+ $this->assertTrue($acl->isEntriesInheriting());
+ $acl->setEntriesInheriting(false);
+ $this->assertFalse($acl->isEntriesInheriting());
+ }
+
+ public function testIsSidLoadedWhenAllSidsAreLoaded()
+ {
+ $acl = $this->getAcl();
+
+ $this->assertTrue($acl->isSidLoaded(new UserSecurityIdentity('foo', 'Foo')));
+ $this->assertTrue($acl->isSidLoaded(new RoleSecurityIdentity('ROLE_FOO', 'Foo')));
+ }
+
+ public function testIsSidLoaded()
+ {
+ $acl = new Acl(1, new ObjectIdentity('1', 'foo'), new PermissionGrantingStrategy(), array(new UserSecurityIdentity('foo', 'Foo'), new UserSecurityIdentity('johannes', 'Bar')), true);
+
+ $this->assertTrue($acl->isSidLoaded(new UserSecurityIdentity('foo', 'Foo')));
+ $this->assertTrue($acl->isSidLoaded(new UserSecurityIdentity('johannes', 'Bar')));
+ $this->assertTrue($acl->isSidLoaded(array(
+ new UserSecurityIdentity('foo', 'Foo'),
+ new UserSecurityIdentity('johannes', 'Bar'),
+ )));
+ $this->assertFalse($acl->isSidLoaded(new RoleSecurityIdentity('ROLE_FOO')));
+ $this->assertFalse($acl->isSidLoaded(new UserSecurityIdentity('schmittjoh@gmail.com', 'Moo')));
+ $this->assertFalse($acl->isSidLoaded(array(
+ new UserSecurityIdentity('foo', 'Foo'),
+ new UserSecurityIdentity('johannes', 'Bar'),
+ new RoleSecurityIdentity('ROLE_FOO'),
+ )));
+ }
+
+ /**
+ * @dataProvider getUpdateAceTests
+ * @expectedException \OutOfBoundsException
+ */
+ public function testUpdateAceThrowsOutOfBoundsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'update'.$type}(0, 1);
+ }
+
+ /**
+ * @dataProvider getUpdateAceTests
+ */
+ public function testUpdateAce($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type}(new RoleSecurityIdentity('foo'), 1);
+
+ $listener = $this->getListener(array(
+ 'mask', 'mask', 'strategy',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $aces = $acl->{'get'.$type.'s'}();
+ $ace = reset($aces);
+ $this->assertEquals(1, $ace->getMask());
+ $this->assertEquals('all', $ace->getStrategy());
+
+ $acl->{'update'.$type}(0, 3);
+ $this->assertEquals(3, $ace->getMask());
+ $this->assertEquals('all', $ace->getStrategy());
+
+ $acl->{'update'.$type}(0, 1, 'foo');
+ $this->assertEquals(1, $ace->getMask());
+ $this->assertEquals('foo', $ace->getStrategy());
+ }
+
+ public function getUpdateAceTests()
+ {
+ return array(
+ array('classAce'),
+ array('objectAce'),
+ );
+ }
+
+ /**
+ * @dataProvider getUpdateFieldAceTests
+ * @expectedException \OutOfBoundsException
+ */
+ public function testUpdateFieldAceThrowsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'update'.$type}(0, 'foo', 1);
+ }
+
+ /**
+ * @dataProvider getUpdateFieldAceTests
+ */
+ public function testUpdateFieldAce($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type}('foo', new UserSecurityIdentity('foo', 'Foo'), 1);
+
+ $listener = $this->getListener(array(
+ 'mask', 'mask', 'strategy',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $aces = $acl->{'get'.$type.'s'}('foo');
+ $ace = reset($aces);
+ $this->assertEquals(1, $ace->getMask());
+ $this->assertEquals('all', $ace->getStrategy());
+
+ $acl->{'update'.$type}(0, 'foo', 3);
+ $this->assertEquals(3, $ace->getMask());
+ $this->assertEquals('all', $ace->getStrategy());
+
+ $acl->{'update'.$type}(0, 'foo', 1, 'foo');
+ $this->assertEquals(1, $ace->getMask());
+ $this->assertEquals('foo', $ace->getStrategy());
+ }
+
+ public function getUpdateFieldAceTests()
+ {
+ return array(
+ array('classFieldAce'),
+ array('objectFieldAce'),
+ );
+ }
+
+ /**
+ * @dataProvider getUpdateAuditingTests
+ * @expectedException \OutOfBoundsException
+ */
+ public function testUpdateAuditingThrowsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'update'.$type.'Auditing'}(0, true, false);
+ }
+
+ /**
+ * @dataProvider getUpdateAuditingTests
+ */
+ public function testUpdateAuditing($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type.'Ace'}(new RoleSecurityIdentity('foo'), 1);
+
+ $listener = $this->getListener(array(
+ 'auditFailure', 'auditSuccess', 'auditFailure',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $aces = $acl->{'get'.$type.'Aces'}();
+ $ace = reset($aces);
+ $this->assertFalse($ace->isAuditSuccess());
+ $this->assertFalse($ace->isAuditFailure());
+
+ $acl->{'update'.$type.'Auditing'}(0, false, true);
+ $this->assertFalse($ace->isAuditSuccess());
+ $this->assertTrue($ace->isAuditFailure());
+
+ $acl->{'update'.$type.'Auditing'}(0, true, false);
+ $this->assertTrue($ace->isAuditSuccess());
+ $this->assertFalse($ace->isAuditFailure());
+ }
+
+ public function getUpdateAuditingTests()
+ {
+ return array(
+ array('class'),
+ array('object'),
+ );
+ }
+
+ /**
+ * @expectedException \InvalidArgumentException
+ * @dataProvider getUpdateFieldAuditingTests
+ */
+ public function testUpdateFieldAuditingThrowsExceptionOnInvalidField($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'update'.$type.'Auditing'}(0, 'foo', true, true);
+ }
+
+ /**
+ * @expectedException \OutOfBoundsException
+ * @dataProvider getUpdateFieldAuditingTests
+ */
+ public function testUpdateFieldAuditingThrowsExceptionOnInvalidIndex($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 1);
+ $acl->{'update'.$type.'Auditing'}(1, 'foo', true, false);
+ }
+
+ /**
+ * @dataProvider getUpdateFieldAuditingTests
+ */
+ public function testUpdateFieldAuditing($type)
+ {
+ $acl = $this->getAcl();
+ $acl->{'insert'.$type.'Ace'}('foo', new RoleSecurityIdentity('foo'), 1);
+
+ $listener = $this->getListener(array(
+ 'auditSuccess', 'auditSuccess', 'auditFailure',
+ ));
+ $acl->addPropertyChangedListener($listener);
+
+ $aces = $acl->{'get'.$type.'Aces'}('foo');
+ $ace = reset($aces);
+ $this->assertFalse($ace->isAuditSuccess());
+ $this->assertFalse($ace->isAuditFailure());
+
+ $acl->{'update'.$type.'Auditing'}(0, 'foo', true, false);
+ $this->assertTrue($ace->isAuditSuccess());
+ $this->assertFalse($ace->isAuditFailure());
+
+ $acl->{'update'.$type.'Auditing'}(0, 'foo', false, true);
+ $this->assertFalse($ace->isAuditSuccess());
+ $this->assertTrue($ace->isAuditFailure());
+ }
+
+ public function getUpdateFieldAuditingTests()
+ {
+ return array(
+ array('classField'),
+ array('objectField'),
+ );
+ }
+
+ protected function getListener($expectedChanges)
+ {
+ $aceProperties = array('aceOrder', 'mask', 'strategy', 'auditSuccess', 'auditFailure');
+
+ $listener = $this->getMock('Doctrine\Common\PropertyChangedListener');
+ foreach ($expectedChanges as $index => $property) {
+ if (in_array($property, $aceProperties)) {
+ $class = 'Symfony\Component\Security\Acl\Domain\Entry';
+ } else {
+ $class = 'Symfony\Component\Security\Acl\Domain\Acl';
+ }
+
+ $listener
+ ->expects($this->at($index))
+ ->method('propertyChanged')
+ ->with($this->isInstanceOf($class), $this->equalTo($property))
+ ;
+ }
+
+ return $listener;
+ }
+
+ protected function getAcl()
+ {
+ return new Acl(1, new ObjectIdentity(1, 'foo'), new PermissionGrantingStrategy(), array(), true);
+ }
+}
generated by cgit v1.1 at 2025-05-17 03:10:12 +0000