summaryrefslogtreecommitdiffstats
path: root/Acl/Tests/Voter/AclVoterTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'Acl/Tests/Voter/AclVoterTest.php')
-rw-r--r--Acl/Tests/Voter/AclVoterTest.php432
1 files changed, 0 insertions, 432 deletions
diff --git a/Acl/Tests/Voter/AclVoterTest.php b/Acl/Tests/Voter/AclVoterTest.php
deleted file mode 100644
index 2148135..0000000
--- a/Acl/Tests/Voter/AclVoterTest.php
+++ /dev/null
@@ -1,432 +0,0 @@
-<?php
-
-/*
- * This file is part of the Symfony package.
- *
- * (c) Fabien Potencier <fabien@symfony.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-
-namespace Symfony\Component\Security\Acl\Tests\Voter;
-
-use Symfony\Component\Security\Acl\Exception\NoAceFoundException;
-use Symfony\Component\Security\Acl\Voter\FieldVote;
-use Symfony\Component\Security\Acl\Exception\AclNotFoundException;
-use Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity;
-use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
-use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
-use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
-use Symfony\Component\Security\Acl\Voter\AclVoter;
-
-class AclVoterTest extends \PHPUnit_Framework_TestCase
-{
- /**
- * @dataProvider getSupportsAttributeTests
- */
- public function testSupportsAttribute($attribute, $supported)
- {
- list($voter, , $permissionMap) = $this->getVoter(true, false);
-
- $permissionMap
- ->expects($this->once())
- ->method('contains')
- ->with($this->identicalTo($attribute))
- ->will($this->returnValue($supported))
- ;
-
- $this->assertSame($supported, $voter->supportsAttribute($attribute));
- }
-
- /**
- * @dataProvider getSupportsAttributeNonStringTests
- */
- public function testSupportsAttributeNonString($attribute)
- {
- list($voter) = $this->getVoter(true, false);
-
- $this->assertFalse($voter->supportsAttribute($attribute));
- }
-
- public function getSupportsAttributeTests()
- {
- return array(
- array('foo', true),
- array('foo', false),
- );
- }
-
- public function getSupportsAttributeNonStringTests()
- {
- return array(
- array(new \stdClass()),
- array(1),
- array(true),
- array(array()),
- );
- }
-
- /**
- * @dataProvider getSupportsClassTests
- */
- public function testSupportsClass($class)
- {
- list($voter) = $this->getVoter();
-
- $this->assertTrue($voter->supportsClass($class));
- }
-
- public function getSupportsClassTests()
- {
- return array(
- array('foo'),
- array('bar'),
- array('moo'),
- );
- }
-
- public function testVote()
- {
- list($voter, , $permissionMap) = $this->getVoter();
- $permissionMap
- ->expects($this->atLeastOnce())
- ->method('getMasks')
- ->will($this->returnValue(null))
- ;
-
- $this->assertSame(VoterInterface::ACCESS_ABSTAIN, $voter->vote($this->getToken(), null, array('VIEW', 'EDIT', 'DELETE')));
- }
-
- /**
- * @dataProvider getTrueFalseTests
- */
- public function testVoteWhenNoObjectIsPassed($allowIfObjectIdentityUnavailable)
- {
- list($voter, , $permissionMap) = $this->getVoter($allowIfObjectIdentityUnavailable);
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->will($this->returnValue(array()))
- ;
-
- if ($allowIfObjectIdentityUnavailable) {
- $vote = VoterInterface::ACCESS_GRANTED;
- } else {
- $vote = VoterInterface::ACCESS_ABSTAIN;
- }
-
- $this->assertSame($vote, $voter->vote($this->getToken(), null, array('VIEW')));
- }
-
- /**
- * @dataProvider getTrueFalseTests
- */
- public function testVoteWhenOidStrategyReturnsNull($allowIfUnavailable)
- {
- list($voter, , $permissionMap, $oidStrategy) = $this->getVoter($allowIfUnavailable);
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->will($this->returnValue(array()))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue(null))
- ;
-
- if ($allowIfUnavailable) {
- $vote = VoterInterface::ACCESS_GRANTED;
- } else {
- $vote = VoterInterface::ACCESS_ABSTAIN;
- }
-
- $this->assertSame($vote, $voter->vote($this->getToken(), new \stdClass(), array('VIEW')));
- }
-
- public function getTrueFalseTests()
- {
- return array(array(true), array(false));
- }
-
- public function testVoteNoAclFound()
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->will($this->returnValue(array()))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue($oid = new ObjectIdentity('1', 'Foo')))
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->throwException(new AclNotFoundException('Not found.')))
- ;
-
- $this->assertSame(VoterInterface::ACCESS_DENIED, $voter->vote($this->getToken(), new \stdClass(), array('VIEW')));
- }
-
- /**
- * @dataProvider getTrueFalseTests
- */
- public function testVoteGrantsAccess($grant)
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->with($this->equalTo('VIEW'))
- ->will($this->returnValue($masks = array(1, 2, 3)))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue($oid = new ObjectIdentity('1', 'Foo')))
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->returnValue($acl = $this->getMock('Symfony\Component\Security\Acl\Model\AclInterface')))
- ;
-
- $acl
- ->expects($this->once())
- ->method('isGranted')
- ->with($this->identicalTo($masks), $this->equalTo($sids), $this->isFalse())
- ->will($this->returnValue($grant))
- ;
-
- if ($grant) {
- $vote = VoterInterface::ACCESS_GRANTED;
- } else {
- $vote = VoterInterface::ACCESS_DENIED;
- }
-
- $this->assertSame($vote, $voter->vote($this->getToken(), new \stdClass(), array('VIEW')));
- }
-
- public function testVoteNoAceFound()
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->with($this->equalTo('VIEW'))
- ->will($this->returnValue($masks = array(1, 2, 3)))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue($oid = new ObjectIdentity('1', 'Foo')))
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->returnValue($acl = $this->getMock('Symfony\Component\Security\Acl\Model\AclInterface')))
- ;
-
- $acl
- ->expects($this->once())
- ->method('isGranted')
- ->with($this->identicalTo($masks), $this->equalTo($sids), $this->isFalse())
- ->will($this->throwException(new NoAceFoundException('No ACE')))
- ;
-
- $this->assertSame(VoterInterface::ACCESS_DENIED, $voter->vote($this->getToken(), new \stdClass(), array('VIEW')));
- }
-
- /**
- * @dataProvider getTrueFalseTests
- */
- public function testVoteGrantsFieldAccess($grant)
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->with($this->equalTo('VIEW'))
- ->will($this->returnValue($masks = array(1, 2, 3)))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue($oid = new ObjectIdentity('1', 'Foo')))
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->returnValue($acl = $this->getMock('Symfony\Component\Security\Acl\Model\AclInterface')))
- ;
-
- $acl
- ->expects($this->once())
- ->method('isFieldGranted')
- ->with($this->identicalTo('foo'), $this->identicalTo($masks), $this->equalTo($sids), $this->isFalse())
- ->will($this->returnValue($grant))
- ;
-
- if ($grant) {
- $vote = VoterInterface::ACCESS_GRANTED;
- } else {
- $vote = VoterInterface::ACCESS_DENIED;
- }
-
- $this->assertSame($vote, $voter->vote($this->getToken(), new FieldVote(new \stdClass(), 'foo'), array('VIEW')));
- }
-
- public function testVoteNoFieldAceFound()
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->with($this->equalTo('VIEW'))
- ->will($this->returnValue($masks = array(1, 2, 3)))
- ;
-
- $oidStrategy
- ->expects($this->once())
- ->method('getObjectIdentity')
- ->will($this->returnValue($oid = new ObjectIdentity('1', 'Foo')))
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->returnValue($acl = $this->getMock('Symfony\Component\Security\Acl\Model\AclInterface')))
- ;
-
- $acl
- ->expects($this->once())
- ->method('isFieldGranted')
- ->with($this->identicalTo('foo'), $this->identicalTo($masks), $this->equalTo($sids), $this->isFalse())
- ->will($this->throwException(new NoAceFoundException('No ACE')))
- ;
-
- $this->assertSame(VoterInterface::ACCESS_DENIED, $voter->vote($this->getToken(), new FieldVote(new \stdClass(), 'foo'), array('VIEW')));
- }
-
- public function testWhenReceivingAnObjectIdentityInterfaceWeDontRetrieveANewObjectIdentity()
- {
- list($voter, $provider, $permissionMap, $oidStrategy, $sidStrategy) = $this->getVoter();
-
- $oid = new ObjectIdentity('someID', 'someType');
-
- $permissionMap
- ->expects($this->once())
- ->method('getMasks')
- ->with($this->equalTo('VIEW'))
- ->will($this->returnValue($masks = array(1, 2, 3)))
- ;
-
- $oidStrategy
- ->expects($this->never())
- ->method('getObjectIdentity')
- ;
-
- $sidStrategy
- ->expects($this->once())
- ->method('getSecurityIdentities')
- ->will($this->returnValue($sids = array(new UserSecurityIdentity('johannes', 'Foo'), new RoleSecurityIdentity('ROLE_FOO'))))
- ;
-
- $provider
- ->expects($this->once())
- ->method('findAcl')
- ->with($this->equalTo($oid), $this->equalTo($sids))
- ->will($this->returnValue($acl = $this->getMock('Symfony\Component\Security\Acl\Model\AclInterface')))
- ;
-
- $acl
- ->expects($this->once())
- ->method('isGranted')
- ->with($this->identicalTo($masks), $this->equalTo($sids), $this->isFalse())
- ->will($this->throwException(new NoAceFoundException('No ACE')))
- ;
-
- $voter->vote($this->getToken(), $oid, array('VIEW'));
- }
-
- protected function getToken()
- {
- return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
- }
-
- protected function getVoter($allowIfObjectIdentityUnavailable = true, $alwaysContains = true)
- {
- $provider = $this->getMock('Symfony\Component\Security\Acl\Model\AclProviderInterface');
- $permissionMap = $this->getMock('Symfony\Component\Security\Acl\Permission\PermissionMapInterface');
- $oidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface');
- $sidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface');
-
- if ($alwaysContains) {
- $permissionMap
- ->expects($this->any())
- ->method('contains')
- ->will($this->returnValue(true));
- }
-
- return array(
- new AclVoter($provider, $oidStrategy, $sidStrategy, $permissionMap, null, $allowIfObjectIdentityUnavailable),
- $provider,
- $permissionMap,
- $oidStrategy,
- $sidStrategy,
- );
- }
-}
generated by cgit v1.1 at 2025-05-29 06:57:52 +0000