Correcting issue with permissions being incorrectly overwritten in ACL, fixes #4190

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6651 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
nate 2008-04-10 13:19:10 +00:00
parent 7e68ab152c
commit a89beea029
2 changed files with 75 additions and 120 deletions

View file

@ -388,8 +388,10 @@ class DB_ACL extends AclBase {
if ($perms['link'] != null && count($perms['link']) > 0) { if ($perms['link'] != null && count($perms['link']) > 0) {
$save['id'] = $perms['link'][0][$this->Aro->Permission->alias]['id']; $save['id'] = $perms['link'][0][$this->Aro->Permission->alias]['id'];
} else {
$save['id'] = null;
} }
return ($this->Aro->Permission->create($save) && $this->Aro->Permission->save()); return ($this->Aro->Permission->save($save) !== false);
} }
/** /**
* Deny access for $aro to action $action in $aco * Deny access for $aro to action $action in $aco

View file

@ -117,178 +117,130 @@ class AclComponentTest extends CakeTestCase {
function testAclCreate() { function testAclCreate() {
$this->Acl->Aro->create(array('alias' => 'Global')); $this->Acl->Aro->create(array('alias' => 'Global'));
$result = $this->Acl->Aro->save(); $this->assertTrue($this->Acl->Aro->save());
$this->assertTrue($result);
$parent = $this->Acl->Aro->id; $parent = $this->Acl->Aro->id;
$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Account')); $this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Account'));
$result = $this->Acl->Aro->save(); $this->assertTrue($this->Acl->Aro->save());
$this->assertTrue($result);
$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Manager')); $this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Manager'));
$result = $this->Acl->Aro->save(); $this->assertTrue($this->Acl->Aro->save());
$this->assertTrue($result);
$parent = $this->Acl->Aro->id; $parent = $this->Acl->Aro->id;
$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Secretary')); $this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Secretary'));
$result = $this->Acl->Aro->save(); $this->assertTrue($this->Acl->Aro->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('alias' => 'Reports')); $this->Acl->Aco->create(array('alias' => 'Reports'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$report = $this->Acl->Aco->id; $report = $this->Acl->Aco->id;
$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Accounts')); $this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Accounts'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$account = $this->Acl->Aco->id; $account = $this->Acl->Aco->id;
$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Contacts')); $this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Contacts'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Messages')); $this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Messages'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'MonthView')); $this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'MonthView'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Links')); $this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Links'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Numbers')); $this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Numbers'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'QuickStats')); $this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'QuickStats'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Bills')); $this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Bills'));
$result = $this->Acl->Aco->save(); $this->assertTrue($this->Acl->Aco->save());
$this->assertTrue($result);
} }
function testDbAclAllow() { function testDbAclAllow() {
$result = $this->Acl->allow('Manager', 'Reports', array('read','delete','update')); $this->assertTrue($this->Acl->allow('Manager', 'Reports', array('read', 'delete', 'update')));
$this->assertTrue($result);
$result = $this->Acl->check('Manager', 'Reports', 'create'); $this->assertFalse($this->Acl->check('Manager', 'Reports', 'create'));
$this->assertFalse($result); $this->assertFalse($this->Acl->check('Secretary', 'Links', 'create'));
$result = $this->Acl->check('Secretary', 'Links', 'create'); $this->assertTrue($this->Acl->allow('Secretary', 'Links', array('create')));
$this->assertFalse($result);
$result = $this->Acl->allow('Secretary', 'Links', array('create')); $this->assertFalse($this->Acl->check('Manager', 'Reports', 'create'));
$this->assertTrue($result); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
$result = $this->Acl->check('Manager', 'Reports', 'create');
$this->assertFalse($result);
$result = $this->Acl->check('Secretary', 'Links', 'create');
$this->assertTrue($result);
} }
function testDbAclCheck() { function testDbAclCheck() {
$result = $this->Acl->check('Secretary','Links','read'); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'read'));
$this->assertTrue($result); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'delete'));
$this->assertTrue($this->Acl->check('Secretary', 'Links', 'update'));
$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
$this->assertTrue($this->Acl->check('Secretary', 'Links', '*'));
$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
$this->assertTrue($this->Acl->check('Manager', 'Links', 'read'));
$this->assertTrue($this->Acl->check('Manager', 'Links', 'delete'));
$this->assertFalse($this->Acl->check('Manager', 'Links', 'create'));
$this->assertFalse($this->Acl->check('Account', 'Links', 'read'));
$result = $this->Acl->check('Secretary','Links','delete'); $this->assertTrue($this->Acl->allow('Global', 'Reports', 'read'));
$this->assertTrue($result);
$result = $this->Acl->check('Secretary','Links','update'); $this->assertFalse($this->Acl->check('Account', 'Reports', 'create'));
$this->assertTrue($result); $this->assertTrue($this->Acl->check('Account', 'Reports', 'read'));
$this->assertFalse($this->Acl->check('Account', 'Reports', 'update'));
$this->assertFalse($this->Acl->check('Account', 'Reports', 'delete'));
$result = $this->Acl->check('Secretary','Links','create'); $this->assertFalse($this->Acl->check('Account', 'Links', 'create'));
$this->assertTrue($result); $this->assertFalse($this->Acl->check('Account', 'Links', 'update'));
$this->assertFalse($this->Acl->check('Account', 'Links', 'delete'));
$result = $this->Acl->check('Secretary','Links','*'); $this->assertTrue($this->Acl->allow('Global', 'Reports'));
$this->assertTrue($result);
$result = $this->Acl->check('Secretary','Links','create'); $this->assertTrue($this->Acl->check('Account', 'Links', 'read'));
$this->assertTrue($result);
$result = $this->Acl->check('Manager','Links','read');
$this->assertTrue($result);
$result = $this->Acl->check('Manager','Links','delete');
$this->assertTrue($result);
$result = $this->Acl->check('Manager','Links','create');
$this->assertFalse($result);
$result = $this->Acl->check('Account','Links','read');
$this->assertFalse($result);
$result = $this->Acl->allow('Global','Reports', 'read');
$this->assertTrue($result);
$result = $this->Acl->check('Account','Links','create');
$this->assertFalse($result);
$result = $this->Acl->check('Account','Links','update');
$this->assertFalse($result);
$result = $this->Acl->check('Account','Links','delete');
$this->assertFalse($result);
$result = $this->Acl->allow('Global','Reports');
$this->assertTrue($result);
$result = $this->Acl->check('Account','Links','read');
$this->assertTrue($result);
} }
function testDbAclDeny() { function testDbAclDeny() {
$result = $this->Acl->check('Secretary', 'Links', 'delete'); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'delete'));
$this->assertTrue($result);
$this->Acl->allow('Secretary', 'Links', 'read'); $this->Acl->allow('Secretary', 'Links', 'read');
$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary'))); $result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary')));
$expected = array('id' => '2', 'aro_id' => '4', 'aco_id' => '15', '_create' => '1', '_read' => '1', '_update' => '', '_delete' => ''); $expected = array('id' => '2', 'aro_id' => '4', 'aco_id' => '15', '_create' => '1', '_read' => '1', '_update' => '0', '_delete' => '0');
$this->assertEqual($result[0]['PermissionTest'], $expected); $this->assertEqual($result[0]['PermissionTest'], $expected);
$this->Acl->deny('Secretary', 'Links', 'delete'); $this->Acl->deny('Secretary', 'Links', 'delete');
$expected['_delete'] = '-1';
$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary'))); $result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary')));
$expected['_delete'] = '-1';
$this->assertEqual($result[0]['PermissionTest'], $expected); $this->assertEqual($result[0]['PermissionTest'], $expected);
$result = $this->Acl->check('Secretary','Links','delete'); $this->assertFalse($this->Acl->check('Secretary', 'Links', 'delete'));
$this->assertFalse($result); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'read'));
$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
$result = $this->Acl->check('Secretary','Links','read'); $this->assertTrue($this->Acl->check('Secretary', 'Links', 'update'));
$this->assertTrue($result);
$result = $this->Acl->check('Secretary','Links','create');
$this->assertTrue($result);
$result = $this->Acl->check('Secretary','Links','update');
$this->assertTrue($result);
$this->Acl->deny('Secretary', 'Links', '*'); $this->Acl->deny('Secretary', 'Links', '*');
$result = $this->Acl->check('Secretary','Links','delete'); $this->assertFalse($this->Acl->check('Secretary', 'Links', 'delete'));
$this->assertFalse($result); $this->assertFalse($this->Acl->check('Secretary', 'Links', 'read'));
$this->assertFalse($this->Acl->check('Secretary', 'Links', 'create'));
$this->assertFalse($this->Acl->check('Secretary', 'Links', 'update'));
$this->assertFalse($this->Acl->check('Secretary', 'Links'));
$result = $this->Acl->check('Secretary','Links','read'); $this->Acl->Aro->create(array('alias' => 'Tele'));
$this->assertFalse($result); $this->assertTrue($this->Acl->Aro->save());
$result = $this->Acl->check('Secretary','Links','create'); $this->Acl->Aco->create(array('alias' => 'Tobies'));
$this->assertFalse($result); $this->assertTrue($this->Acl->Aco->save());
$result = $this->Acl->check('Secretary','Links','update'); $this->Acl->allow('Tele', 'Tobies', array('read', 'update', 'delete'));
$this->assertFalse($result); $this->Acl->deny('Tele', 'Tobies', array('delete'));
$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Tele')));
$result = $this->Acl->check('Secretary','Links'); $expected = array('id' => '4', 'aro_id' => '5', 'aco_id' => '19', '_create' => '0', '_read' => '1', '_update' => '1', '_delete' => '-1');
$this->assertFalse($result); $this->assertEqual($result[0]['PermissionTest'], $expected);
} }
function testAclNodeLookup() { function testAclNodeLookup() {
@ -299,6 +251,7 @@ class AclComponentTest extends CakeTestCase {
array('AroTest' => array('id' => '1', 'parent_id' => null, 'model' => null, 'foreign_key' => null, 'alias' => 'Global')) array('AroTest' => array('id' => '1', 'parent_id' => null, 'model' => null, 'foreign_key' => null, 'alias' => 'Global'))
); );
$this->assertEqual($result, $expected); $this->assertEqual($result, $expected);
//die('Working');
} }
function tearDown() { function tearDown() {