2007-07-07 21:24:21 +00:00
|
|
|
<?php
|
|
|
|
/* SVN FILE: $Id$ */
|
|
|
|
/**
|
2007-07-09 20:45:29 +00:00
|
|
|
* Short description for file.
|
2007-07-07 21:24:21 +00:00
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
* PHP versions 4 and 5
|
|
|
|
*
|
|
|
|
* CakePHP(tm) Tests <https://trac.cakephp.org/wiki/Developement/TestSuite>
|
2008-01-01 22:18:17 +00:00
|
|
|
* Copyright 2005-2008, Cake Software Foundation, Inc.
|
2007-07-07 21:24:21 +00:00
|
|
|
* 1785 E. Sahara Avenue, Suite 490-204
|
|
|
|
* Las Vegas, Nevada 89104
|
|
|
|
*
|
|
|
|
* Licensed under The Open Group Test Suite License
|
|
|
|
* Redistributions of files must retain the above copyright notice.
|
|
|
|
*
|
|
|
|
* @filesource
|
2008-01-01 22:18:17 +00:00
|
|
|
* @copyright Copyright 2005-2008, Cake Software Foundation, Inc.
|
2007-07-07 21:24:21 +00:00
|
|
|
* @link https://trac.cakephp.org/wiki/Developement/TestSuite CakePHP(tm) Tests
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.tests.cases.libs.controller.components
|
|
|
|
* @since CakePHP(tm) v 1.2.0.5347
|
|
|
|
* @version $Revision$
|
|
|
|
* @modifiedby $LastChangedBy$
|
|
|
|
* @lastmodified $Date$
|
|
|
|
* @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
|
|
|
|
*/
|
2007-08-18 16:42:38 +00:00
|
|
|
uses('controller' . DS . 'components' . DS .'auth', 'controller' . DS . 'components' . DS .'acl');
|
2007-07-07 21:24:21 +00:00
|
|
|
|
2007-08-18 16:42:38 +00:00
|
|
|
uses('controller'.DS.'components'.DS.'acl', 'model'.DS.'db_acl');
|
2007-10-16 09:05:25 +00:00
|
|
|
Configure::write('Security.salt', 'JfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
|
2007-08-18 16:42:38 +00:00
|
|
|
/**
|
|
|
|
* Short description for class.
|
|
|
|
*
|
|
|
|
* @package cake.tests
|
|
|
|
* @subpackage cake.tests.cases.libs.controller.components
|
|
|
|
*/
|
2007-07-08 00:49:36 +00:00
|
|
|
class AuthUser extends CakeTestModel {
|
2007-07-08 01:01:16 +00:00
|
|
|
var $name = 'AuthUser';
|
2007-08-18 16:42:38 +00:00
|
|
|
var $useDbConfig = 'test_suite';
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
function parentNode() {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
function bindNode($object) {
|
2007-07-08 21:01:31 +00:00
|
|
|
return 'Roles/Admin';
|
2007-07-08 00:43:45 +00:00
|
|
|
}
|
2007-07-09 05:27:04 +00:00
|
|
|
|
2007-07-26 06:43:44 +00:00
|
|
|
function isAuthorized($user, $controller = null, $action = null) {
|
2007-07-25 04:38:28 +00:00
|
|
|
if (!empty($user)) {
|
2007-07-09 05:27:04 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
2007-07-07 21:24:21 +00:00
|
|
|
}
|
2007-08-18 16:42:38 +00:00
|
|
|
/**
|
|
|
|
* Short description for class.
|
|
|
|
*
|
|
|
|
* @package cake.tests
|
|
|
|
* @subpackage cake.tests.cases.libs.controller.components
|
|
|
|
*/
|
2007-07-07 21:24:21 +00:00
|
|
|
class AuthTestController extends Controller {
|
|
|
|
var $name = 'AuthTest';
|
2007-07-08 00:49:36 +00:00
|
|
|
var $uses = array('AuthUser');
|
2007-07-07 21:24:21 +00:00
|
|
|
var $components = array('Auth', 'Acl');
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
function __construct() {
|
|
|
|
$this->params = Router::parse('/auth_test');
|
2007-07-26 06:43:44 +00:00
|
|
|
Router::setRequestInfo(array($this->params, array('base' => null, 'here' => '/auth_test', 'webroot' => '/', 'passedArgs' => array(), 'argSeparator' => ':', 'namedArgs' => array(), 'webservices' => null)));
|
2007-07-08 00:43:45 +00:00
|
|
|
parent::__construct();
|
|
|
|
}
|
2007-07-07 21:24:21 +00:00
|
|
|
|
|
|
|
function beforeFilter() {
|
|
|
|
}
|
|
|
|
|
|
|
|
function login() {
|
|
|
|
}
|
|
|
|
|
|
|
|
function logout() {
|
2007-07-08 00:43:45 +00:00
|
|
|
//$this->redirect($this->Auth->logout());
|
2007-07-07 21:24:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function add() {
|
|
|
|
}
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
function redirect() {
|
2007-07-08 01:01:16 +00:00
|
|
|
return false;
|
2007-07-07 21:24:21 +00:00
|
|
|
}
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
function isAuthorized() {
|
2007-07-26 06:43:44 +00:00
|
|
|
if(isset($this->params['testControllerAuth'])) {
|
|
|
|
return false;
|
|
|
|
}
|
2007-07-07 21:24:21 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
2007-08-18 16:42:38 +00:00
|
|
|
/**
|
|
|
|
* Short description for class.
|
|
|
|
*
|
|
|
|
* @package cake.tests
|
|
|
|
* @subpackage cake.tests.cases.libs.controller.components
|
|
|
|
*/
|
2007-07-07 21:24:21 +00:00
|
|
|
class AuthTest extends CakeTestCase {
|
|
|
|
var $name = 'Auth';
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-08-18 16:42:38 +00:00
|
|
|
var $fixtures = array('core.auth_user', 'core.aro', 'core.aco', 'core.aros_aco', 'core.aco_action');
|
2007-07-09 06:44:04 +00:00
|
|
|
|
2007-10-14 01:09:21 +00:00
|
|
|
function startTest() {
|
2007-07-07 21:24:21 +00:00
|
|
|
$this->Controller =& new AuthTestController();
|
|
|
|
restore_error_handler();
|
|
|
|
@$this->Controller->_initComponents();
|
|
|
|
set_error_handler('simpleTestErrorHandler');
|
|
|
|
ClassRegistry::addObject('view', new View($this->Controller));
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Session->del('Auth');
|
|
|
|
$this->Controller->Session->del('Message.auth');
|
2007-07-07 21:24:21 +00:00
|
|
|
}
|
2007-07-08 21:01:31 +00:00
|
|
|
|
|
|
|
function testNoAuth() {
|
|
|
|
$this->assertFalse($this->Controller->Auth->isAuthorized());
|
|
|
|
}
|
|
|
|
|
|
|
|
function testLogin() {
|
|
|
|
$this->AuthUser =& new AuthUser();
|
|
|
|
$user['id'] = 1;
|
|
|
|
$user['username'] = 'mariano';
|
2007-10-16 09:05:25 +00:00
|
|
|
$user['password'] = Security::hash(Configure::read('Security.salt') . 'cake');
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->AuthUser->save($user, false);
|
|
|
|
|
|
|
|
$authUser = $this->AuthUser->find();
|
|
|
|
|
|
|
|
$this->Controller->data['AuthUser']['username'] = $authUser['AuthUser']['username'];
|
|
|
|
$this->Controller->data['AuthUser']['password'] = 'cake';
|
|
|
|
|
|
|
|
$this->Controller->params['url']['url'] = 'auth_test/login';
|
|
|
|
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
|
|
|
|
|
|
|
$this->Controller->Auth->loginAction = 'auth_test/login';
|
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
|
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
|
|
|
$user = $this->Controller->Auth->user();
|
|
|
|
$this->assertEqual($user, array('AuthUser'=>array('id'=>1, 'username'=>'mariano', 'created'=> '2007-03-17 01:16:23', 'updated'=> date('Y-m-d H:i:s'))));
|
|
|
|
$this->Controller->Session->del('Auth');
|
|
|
|
}
|
2007-07-09 06:44:04 +00:00
|
|
|
|
2007-07-26 06:43:44 +00:00
|
|
|
function testAuthorizeFalse() {
|
2007-07-09 05:27:04 +00:00
|
|
|
$this->AuthUser =& new AuthUser();
|
|
|
|
$user = $this->AuthUser->find();
|
|
|
|
$this->Controller->Session->write('Auth', $user);
|
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
$this->Controller->Auth->authorize = false;
|
|
|
|
$result = $this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($result);
|
2007-09-21 01:07:59 +00:00
|
|
|
|
|
|
|
$this->Controller->Session->del('Auth');
|
|
|
|
$result = $this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
2007-07-09 05:27:04 +00:00
|
|
|
}
|
2007-07-09 06:44:04 +00:00
|
|
|
|
2007-07-26 06:43:44 +00:00
|
|
|
function testAuthorizeController(){
|
2007-07-08 01:01:16 +00:00
|
|
|
$this->AuthUser =& new AuthUser();
|
|
|
|
$user = $this->AuthUser->find();
|
2007-07-08 00:43:45 +00:00
|
|
|
$this->Controller->Session->write('Auth', $user);
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
2007-07-08 01:01:16 +00:00
|
|
|
$this->Controller->Auth->authorize = 'controller';
|
2007-07-08 21:01:31 +00:00
|
|
|
$result = $this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($result);
|
2007-07-26 06:43:44 +00:00
|
|
|
|
|
|
|
$this->Controller->params['testControllerAuth'] = 1;
|
|
|
|
$result = $this->Controller->Auth->startup($this->Controller);
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
2007-07-26 06:43:44 +00:00
|
|
|
$this->assertFalse($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Session->del('Auth');
|
2007-07-08 00:43:45 +00:00
|
|
|
}
|
2007-07-08 21:01:31 +00:00
|
|
|
|
2007-07-09 05:27:04 +00:00
|
|
|
function testAuthorizeModel() {
|
|
|
|
$this->AuthUser =& new AuthUser();
|
|
|
|
$user = $this->AuthUser->find();
|
|
|
|
$this->Controller->Session->write('Auth', $user);
|
2007-07-26 06:43:44 +00:00
|
|
|
|
|
|
|
$this->Controller->params['controller'] = 'auth_test';
|
|
|
|
$this->Controller->params['action'] = 'add';
|
2007-07-09 05:27:04 +00:00
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
|
|
|
$this->Controller->Auth->authorize = array('model'=>'AuthUser');
|
|
|
|
$result = $this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($result);
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-07-26 06:43:44 +00:00
|
|
|
$this->Controller->Session->del('Auth');
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
2007-07-26 06:43:44 +00:00
|
|
|
$result = $this->Controller->Auth->isAuthorized();
|
|
|
|
$this->assertFalse($result);
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-07-09 05:27:04 +00:00
|
|
|
}
|
|
|
|
|
2007-07-26 06:43:44 +00:00
|
|
|
function testAuthorizeCrud() {
|
2007-07-08 01:01:16 +00:00
|
|
|
$this->AuthUser =& new AuthUser();
|
2007-07-08 21:01:31 +00:00
|
|
|
$user = $this->AuthUser->find();
|
|
|
|
$this->Controller->Session->write('Auth', $user);
|
|
|
|
|
|
|
|
$this->Controller->params['controller'] = 'auth_test';
|
|
|
|
$this->Controller->params['action'] = 'add';
|
|
|
|
|
2007-08-18 16:42:38 +00:00
|
|
|
$this->Controller->Acl->name = 'DB_ACL_TEST';
|
2007-07-08 21:01:31 +00:00
|
|
|
|
|
|
|
$this->Controller->Acl->Aro->id = null;
|
|
|
|
$this->Controller->Acl->Aro->create(array('alias'=>'Roles'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$result = $this->Controller->Acl->Aro->save();
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aro->create(array('alias'=>'Admin'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$result = $this->Controller->Acl->Aro->save();
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aro->create(array('model'=>'AuthUser', 'foreign_key'=>'1', 'alias'=> 'mariano'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$result = $this->Controller->Acl->Aro->save();
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aro->setParent(1, 2);
|
|
|
|
$this->Controller->Acl->Aro->setParent(2, 3);
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aco->create(array('alias'=>'Root'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$result = $this->Controller->Acl->Aco->save();
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aco->create(array('alias'=>'AuthTest'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$result = $this->Controller->Acl->Aco->save();
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
$this->Controller->Acl->Aco->setParent(1, 2);
|
|
|
|
|
|
|
|
$this->Controller->Acl->allow('Roles/Admin', 'Root');
|
|
|
|
$this->Controller->Acl->allow('Roles/Admin', 'Root/AuthTest');
|
|
|
|
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
|
|
|
|
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
$this->Controller->Auth->authorize = 'crud';
|
|
|
|
$this->Controller->Auth->actionPath = 'Root/';
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
2007-07-08 00:49:36 +00:00
|
|
|
|
2007-07-08 21:01:31 +00:00
|
|
|
|
|
|
|
$this->assertTrue($this->Controller->Auth->isAuthorized());
|
|
|
|
|
|
|
|
$this->Controller->Session->del('Auth');
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
2007-07-08 21:01:31 +00:00
|
|
|
}
|
|
|
|
|
2007-08-15 18:37:43 +00:00
|
|
|
function testLoginRedirect() {
|
2007-10-16 09:05:25 +00:00
|
|
|
if (isset($_SERVER['HTTP_REFERER'])) {
|
|
|
|
$backup = $_SERVER['HTTP_REFERER'];
|
|
|
|
} else {
|
|
|
|
$backup = null;
|
|
|
|
}
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-09-21 01:07:59 +00:00
|
|
|
$_SERVER['HTTP_REFERER'] = false;
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Session->write('Auth', array('AuthUser' => array('id'=>'1', 'username'=>'nate')));
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->params['url']['url'] = 'users/login';
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
2007-08-21 21:46:59 +00:00
|
|
|
|
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'display', 'welcome');
|
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
2007-12-13 07:03:59 +00:00
|
|
|
$expected = Router::normalize($this->Controller->Auth->loginRedirect);
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->assertEqual($expected, $this->Controller->Auth->redirect());
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Session->del('Auth');
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->params['url']['url'] = 'admin/';
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
$this->Controller->Auth->loginRedirect = null;
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
2007-12-13 07:03:59 +00:00
|
|
|
$expected = Router::normalize('admin/');
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
|
|
|
$this->assertEqual($expected, $this->Controller->Auth->redirect());
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Session->del('Auth');
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-09-21 01:07:59 +00:00
|
|
|
$_SERVER['HTTP_REFERER'] = '/admin/';
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Session->write('Auth', array('AuthUser' => array('id'=>'1', 'username'=>'nate')));
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-08-29 05:35:38 +00:00
|
|
|
$this->Controller->params['url']['url'] = 'auth_test/login';
|
|
|
|
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
|
|
|
|
|
|
|
$this->Controller->Auth->loginAction = 'auth_test/login';
|
2007-09-21 01:57:27 +00:00
|
|
|
|
2007-08-21 21:46:59 +00:00
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
2007-08-29 05:35:38 +00:00
|
|
|
$this->Controller->Auth->loginRedirect = false;
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
2007-12-13 07:03:59 +00:00
|
|
|
$expected = Router::normalize('admin');
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->assertEqual($expected, $this->Controller->Auth->redirect());
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-09-21 01:07:59 +00:00
|
|
|
$_SERVER['HTTP_REFERER'] = $backup;
|
|
|
|
$this->Controller->Session->del('Auth');
|
|
|
|
}
|
2007-08-15 18:37:43 +00:00
|
|
|
|
2007-08-18 16:42:38 +00:00
|
|
|
function testEmptyUsernameOrPassword() {
|
|
|
|
$this->AuthUser =& new AuthUser();
|
|
|
|
$user['id'] = 1;
|
|
|
|
$user['username'] = 'mariano';
|
2007-10-16 09:05:25 +00:00
|
|
|
$user['password'] = Security::hash(Configure::read('Security.salt') . 'cake');
|
2007-08-18 16:42:38 +00:00
|
|
|
$this->AuthUser->save($user, false);
|
|
|
|
|
|
|
|
$authUser = $this->AuthUser->find();
|
|
|
|
|
|
|
|
$this->Controller->data['AuthUser']['username'] = '';
|
|
|
|
$this->Controller->data['AuthUser']['password'] = '';
|
|
|
|
|
|
|
|
$this->Controller->params['url']['url'] = 'auth_test/login';
|
|
|
|
|
|
|
|
$this->Controller->Auth->initialize($this->Controller);
|
|
|
|
|
|
|
|
$this->Controller->Auth->loginAction = 'auth_test/login';
|
|
|
|
$this->Controller->Auth->userModel = 'AuthUser';
|
|
|
|
|
|
|
|
$this->Controller->Auth->startup($this->Controller);
|
|
|
|
$user = $this->Controller->Auth->user();
|
2007-09-21 01:07:59 +00:00
|
|
|
$this->assertTrue($this->Controller->Session->check('Message.auth'));
|
2007-08-18 16:42:38 +00:00
|
|
|
$this->assertEqual($user, false);
|
|
|
|
$this->Controller->Session->del('Auth');
|
2007-09-21 01:07:59 +00:00
|
|
|
}
|
2007-08-15 19:33:46 +00:00
|
|
|
|
2007-07-08 00:43:45 +00:00
|
|
|
function tearDown() {
|
2007-07-08 00:49:36 +00:00
|
|
|
unset($this->Controller, $this->AuthUser);
|
2007-07-07 21:24:21 +00:00
|
|
|
}
|
|
|
|
}
|
2007-10-28 04:18:18 +00:00
|
|
|
?>
|