mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 11:28:25 +00:00
f653e203b8
Created actual fixtures for aros, acos acos_aros so tests are no longer dependant on each other. Added configs/acl.ini.php to test_app to facilitate testing of INI base Acl. git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6809 3807eeeb-6ff5-0310-8944-8be069107fe0
350 lines
No EOL
13 KiB
PHP
350 lines
No EOL
13 KiB
PHP
<?php
|
|
/* SVN FILE: $Id$ */
|
|
/**
|
|
* Short description for file.
|
|
*
|
|
* Long description for file
|
|
*
|
|
* PHP versions 4 and 5
|
|
*
|
|
* CakePHP(tm) Tests <https://trac.cakephp.org/wiki/Developement/TestSuite>
|
|
* Copyright 2005-2008, Cake Software Foundation, Inc.
|
|
* 1785 E. Sahara Avenue, Suite 490-204
|
|
* Las Vegas, Nevada 89104
|
|
*
|
|
* Licensed under The Open Group Test Suite License
|
|
* Redistributions of files must retain the above copyright notice.
|
|
*
|
|
* @filesource
|
|
* @copyright Copyright 2005-2008, Cake Software Foundation, Inc.
|
|
* @link https://trac.cakephp.org/wiki/Developement/TestSuite CakePHP(tm) Tests
|
|
* @package cake.tests
|
|
* @subpackage cake.tests.cases.libs.controller.components
|
|
* @since CakePHP(tm) v 1.2.0.5435
|
|
* @version $Revision$
|
|
* @modifiedby $LastChangedBy$
|
|
* @lastmodified $Date$
|
|
* @license http://www.opensource.org/licenses/opengroup.php The Open Group Test Suite License
|
|
*/
|
|
if (!defined('CAKEPHP_UNIT_TEST_EXECUTION')) {
|
|
define('CAKEPHP_UNIT_TEST_EXECUTION', 1);
|
|
}
|
|
App::import('Core', array('Component', 'Controller'));
|
|
App::import('Component', array('Acl'));
|
|
uses('model'.DS.'db_acl');
|
|
|
|
|
|
class AclNodeTestBase extends AclNode {
|
|
var $useDbConfig = 'test_suite';
|
|
var $cacheSources = false;
|
|
}
|
|
class AroTest extends AclNodeTestBase {
|
|
var $name = 'AroTest';
|
|
var $useTable = 'aros';
|
|
var $hasAndBelongsToMany = array('AcoTest' => array('with' => 'PermissionTest'));
|
|
}
|
|
class AcoTest extends AclNodeTestBase {
|
|
var $name = 'AcoTest';
|
|
var $useTable = 'acos';
|
|
var $hasAndBelongsToMany = array('AroTest' => array('with' => 'PermissionTest'));
|
|
}
|
|
class PermissionTest extends CakeTestModel {
|
|
var $name = 'PermissionTest';
|
|
var $useTable = 'aros_acos';
|
|
var $cacheQueries = false;
|
|
var $belongsTo = array('AroTest' => array('foreignKey' => 'aro_id'), 'AcoTest' => array('foreignKey' => 'aco_id'));
|
|
var $actsAs = null;
|
|
}
|
|
class AcoActionTest extends CakeTestModel {
|
|
var $name = 'AcoActionTest';
|
|
var $useTable = 'aco_actions';
|
|
var $belongsTo = array('AcoTest' => array('foreignKey' => 'aco_id'));
|
|
}
|
|
class DB_ACL_TEST extends DB_ACL {
|
|
|
|
function __construct() {
|
|
$this->Aro =& new AroTest();
|
|
$this->Aro->Permission =& new PermissionTest();
|
|
$this->Aco =& new AcoTest();
|
|
$this->Aro->Permission =& new PermissionTest();
|
|
}
|
|
}
|
|
class INI_ACL_TEST extends INI_ACL {
|
|
|
|
}
|
|
|
|
/**
|
|
* Short description for class.
|
|
*
|
|
* @package cake.tests
|
|
* @subpackage cake.tests.cases.libs.controller.components
|
|
*/
|
|
class AclComponentTest extends CakeTestCase {
|
|
|
|
var $fixtures = array('core.aro', 'core.aco', 'core.aros_aco');
|
|
|
|
function startTest() {
|
|
$this->Acl =& new AclComponent();
|
|
}
|
|
|
|
function before($method) {
|
|
Configure::write('Acl.classname', 'DB_ACL_TEST');
|
|
Configure::write('Acl.database', 'test_suite');
|
|
parent::before($method);
|
|
}
|
|
|
|
function testAclCreate() {
|
|
$this->Acl->Aro->create(array('alias' => 'Chotchkey'));
|
|
$this->assertTrue($this->Acl->Aro->save());
|
|
|
|
$parent = $this->Acl->Aro->id;
|
|
|
|
$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Joanna'));
|
|
$this->assertTrue($this->Acl->Aro->save());
|
|
|
|
$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Stapler'));
|
|
$this->assertTrue($this->Acl->Aro->save());
|
|
|
|
$root = $this->Acl->Aco->node('ROOT');
|
|
$parent = $root[0]['AcoTest']['id'];
|
|
|
|
$this->Acl->Aco->create(array('parent_id' => $parent, 'alias' => 'Drinks'));
|
|
$this->assertTrue($this->Acl->Aco->save());
|
|
|
|
$this->Acl->Aco->create(array('parent_id' => $parent, 'alias' => 'PiecesOfFlair'));
|
|
$this->assertTrue($this->Acl->Aco->save());
|
|
|
|
}
|
|
|
|
function testDbAclAllow() {
|
|
$this->assertFalse($this->Acl->check('Micheal', 'tpsReports', 'read'));
|
|
$this->assertTrue($this->Acl->allow('Micheal', 'tpsReports', array('read', 'delete', 'update')));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'tpsReports', 'update'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'tpsReports', 'read'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'tpsReports', 'delete'));
|
|
|
|
$this->assertFalse($this->Acl->check('root/users/Samir', 'ROOT/tpsReports/view'));
|
|
$this->assertTrue($this->Acl->allow('root/users/Samir', 'ROOT/tpsReports/view', '*'));
|
|
$this->assertTrue($this->Acl->check('Samir', 'view', 'read'));
|
|
$this->assertTrue($this->Acl->check('root/users/Samir', 'ROOT/tpsReports/view', 'update'));
|
|
|
|
$this->expectError('DB_ACL::allow() - Invalid node');
|
|
$this->assertFalse($this->Acl->allow('Lumbergh', 'ROOT/tpsReports/DoesNotExist', 'create'));
|
|
|
|
$this->expectError('DB_ACL::allow() - Invalid node');
|
|
$this->assertFalse($this->Acl->allow('Homer', 'tpsReports', 'create'));
|
|
}
|
|
|
|
function testDbAclCheck() {
|
|
$this->assertTrue($this->Acl->check('Samir', 'print', 'read'));
|
|
$this->assertTrue($this->Acl->check('Lumbergh', 'current', 'read'));
|
|
$this->assertFalse($this->Acl->check('Milton', 'smash', 'read'));
|
|
$this->assertFalse($this->Acl->check('Milton', 'current', 'update'));
|
|
|
|
$this->expectError("DB_ACL::check() - Failed ARO/ACO node lookup in permissions check. Node references:\nAro: WRONG\nAco: tpsReports");
|
|
$this->assertFalse($this->Acl->check('WRONG', 'tpsReports', 'read'));
|
|
|
|
$this->expectError("ACO permissions key foobar does not exist in DB_ACL::check()");
|
|
$this->assertFalse($this->Acl->check('Lumbergh', 'smash', 'foobar'));
|
|
|
|
//The next assertion should generate an error but only returns false.
|
|
//$this->expectError("DB_ACL::check() - Failed ARO/ACO node lookup in permissions check. Node references:\nAro: users\nAco: NonExistant");
|
|
$this->assertFalse($this->Acl->check('users', 'NonExistant', 'read'));
|
|
|
|
$this->assertFalse($this->Acl->check(null, 'printers', 'create'));
|
|
$this->assertFalse($this->Acl->check('managers', null, 'read'));
|
|
|
|
$this->assertTrue($this->Acl->check('Bobs', 'ROOT/tpsReports/view/current', 'read'));
|
|
$this->assertFalse($this->Acl->check('Samir', 'ROOT/tpsReports/update', 'read'));
|
|
|
|
$this->assertFalse($this->Acl->check('root/users/Milton', 'smash', 'delete'));
|
|
}
|
|
|
|
function testDbAclDeny() {
|
|
$this->assertTrue($this->Acl->check('Micheal', 'smash', 'delete'));
|
|
$this->Acl->deny('Micheal', 'smash', 'delete');
|
|
$this->assertFalse($this->Acl->check('Micheal', 'smash', 'delete'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'smash', 'read'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'smash', 'create'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'smash', 'update'));
|
|
$this->assertFalse($this->Acl->check('Micheal', 'smash', '*'));
|
|
|
|
$this->assertTrue($this->Acl->check('Samir', 'refill', '*'));
|
|
$this->Acl->deny('Samir', 'refill', '*');
|
|
$this->assertFalse($this->Acl->check('Samir', 'refill', 'create'));
|
|
$this->assertFalse($this->Acl->check('Samir', 'refill', 'update'));
|
|
$this->assertFalse($this->Acl->check('Samir', 'refill', 'read'));
|
|
$this->assertFalse($this->Acl->check('Samir', 'refill', 'delete'));
|
|
|
|
$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Samir')));
|
|
$expected = '-1';
|
|
$this->assertEqual($result[0]['PermissionTest']['_delete'], $expected);
|
|
|
|
$this->expectError('DB_ACL::allow() - Invalid node');
|
|
$this->assertFalse($this->Acl->deny('Lumbergh', 'ROOT/tpsReports/DoesNotExist', 'create'));
|
|
}
|
|
|
|
function testAclNodeLookup() {
|
|
$result = $this->Acl->Aro->node('root/users/Samir');
|
|
$expected = array(
|
|
array('AroTest' => array('id' => '7', 'parent_id' => '4', 'model' => 'User', 'foreign_key' => 3, 'alias' => 'Samir')),
|
|
array('AroTest' => array('id' => '4', 'parent_id' => '1', 'model' => 'Group', 'foreign_key' => 3, 'alias' => 'users')),
|
|
array('AroTest' => array('id' => '1', 'parent_id' => null, 'model' => null, 'foreign_key' => null, 'alias' => 'root'))
|
|
);
|
|
$this->assertEqual($result, $expected);
|
|
|
|
$result = $this->Acl->Aco->node('ROOT/tpsReports/view/current');
|
|
$expected = array(
|
|
array('AcoTest' => array('id' => '4', 'parent_id' => '3', 'model' => null, 'foreign_key' => null, 'alias' => 'current')),
|
|
array('AcoTest' => array('id' => '3', 'parent_id' => '2', 'model' => null, 'foreign_key' => null, 'alias' => 'view')),
|
|
array('AcoTest' => array('id' => '2', 'parent_id' => '1', 'model' => null, 'foreign_key' => null, 'alias' => 'tpsReports')),
|
|
array('AcoTest' => array('id' => '1', 'parent_id' => null, 'model' => null, 'foreign_key' => null, 'alias' => 'ROOT')),
|
|
);
|
|
$this->assertEqual($result, $expected);
|
|
}
|
|
|
|
function testDbInherit() {
|
|
//parent doesn't have access inherit should still deny
|
|
$this->assertFalse($this->Acl->check('Milton', 'smash', 'delete'));
|
|
$this->Acl->inherit('Milton', 'smash', 'delete');
|
|
$this->assertFalse($this->Acl->check('Milton', 'smash', 'delete'));
|
|
|
|
//inherit parent
|
|
$this->assertFalse($this->Acl->check('Milton', 'smash', 'read'));
|
|
$this->Acl->inherit('Milton', 'smash', 'read');
|
|
$this->assertTrue($this->Acl->check('Milton', 'smash', 'read'));
|
|
|
|
}
|
|
|
|
function testDbGrant() {
|
|
$this->assertFalse($this->Acl->check('Samir', 'tpsReports', 'create'));
|
|
$this->Acl->grant('Samir', 'tpsReports', 'create');
|
|
$this->assertTrue($this->Acl->check('Samir', 'tpsReports', 'create'));
|
|
|
|
$this->assertFalse($this->Acl->check('Micheal', 'view', 'read'));
|
|
$this->Acl->grant('Micheal', 'view', array('read', 'create', 'update'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'view', 'read'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'view', 'create'));
|
|
$this->assertTrue($this->Acl->check('Micheal', 'view', 'update'));
|
|
$this->assertFalse($this->Acl->check('Micheal', 'view', 'delete'));
|
|
|
|
$this->expectError('DB_ACL::allow() - Invalid node');
|
|
$this->assertFalse($this->Acl->grant('Peter', 'ROOT/tpsReports/DoesNotExist', 'create'));
|
|
}
|
|
|
|
function testDbRevoke() {
|
|
$this->assertTrue($this->Acl->check('Bobs', 'tpsReports', 'read'));
|
|
$this->Acl->revoke('Bobs', 'tpsReports', 'read');
|
|
$this->assertFalse($this->Acl->check('Bobs', 'tpsReports', 'read'));
|
|
|
|
$this->assertTrue($this->Acl->check('users', 'printers', 'read'));
|
|
$this->Acl->revoke('users', 'printers', 'read');
|
|
$this->assertFalse($this->Acl->check('users', 'printers', 'read'));
|
|
$this->assertFalse($this->Acl->check('Samir', 'printers', 'read'));
|
|
$this->assertFalse($this->Acl->check('Peter', 'printers', 'read'));
|
|
|
|
$this->expectError('DB_ACL::allow() - Invalid node');
|
|
$this->assertFalse($this->Acl->deny('Bobs', 'ROOT/printers/DoesNotExist', 'create'));
|
|
}
|
|
|
|
function testStartup() {
|
|
$controller = new Controller();
|
|
$this->assertTrue($this->Acl->startup($controller));
|
|
}
|
|
|
|
/* The following tests and AclComponent methods are not fully implemented yet
|
|
|
|
function testDbSetAro() {
|
|
//This method is not implemented in either INI_ACL or DB_ACL
|
|
//$result = $this->Acl->setAro('Samir');
|
|
//$this->assertEqual($result, $expected);
|
|
}
|
|
|
|
function testDbSetAco() {
|
|
//This method is not implemented in either INI_ACL or DB_ACL
|
|
//$result = $this->Acl->getAco('printers');
|
|
//$this->assertEqual($result, $expected);
|
|
}
|
|
|
|
function testDbGetAro() {
|
|
//This method is not implemented in either INI_ACL or DB_ACL
|
|
//$result = $this->Acl->getAro('Samir');
|
|
//$this->assertEqual($result, $expected);
|
|
}
|
|
|
|
function testDbGetAco() {
|
|
//This method is not implemented in either INI_ACL or DB_ACL
|
|
//$result = $this->Acl->getAco('tpsReports');
|
|
//$this->assertEqual($result, $expected);
|
|
|
|
}
|
|
*/
|
|
function testIniReadConfigFile() {
|
|
Configure::write('Acl.classname', 'INI_ACL_TEST');
|
|
unset($this->Acl);
|
|
$this->Acl = new AclComponent();
|
|
$iniFile = TEST_CAKE_CORE_INCLUDE_PATH . 'tests' . DS . 'test_app' . DS . 'configs'. DS . 'acl.ini.php';
|
|
$result = $this->Acl->_Instance->readConfigFile($iniFile);
|
|
$expected = array(
|
|
'admin' => array(
|
|
'groups' => 'administrators',
|
|
'allow' => '',
|
|
'deny' => 'ads',
|
|
),
|
|
'paul' => array(
|
|
'groups' => 'users',
|
|
'allow' =>'',
|
|
'deny' => '',
|
|
),
|
|
'jenny' => array(
|
|
'groups' => 'users',
|
|
'allow' => 'ads',
|
|
'deny' => 'images, files',
|
|
),
|
|
'nobody' => array(
|
|
'groups' => 'anonymous',
|
|
'allow' => '',
|
|
'deny' => '',
|
|
),
|
|
'administrators' => array(
|
|
'deny' => '',
|
|
'allow' => 'posts, comments, images, files, stats, ads',
|
|
),
|
|
'users' => array(
|
|
'allow' => 'posts, comments, images, files',
|
|
'deny' => 'stats, ads',
|
|
),
|
|
'anonymous' => array(
|
|
'allow' => '',
|
|
'deny' => 'posts, comments, images, files, stats, ads',
|
|
),
|
|
);
|
|
$this->assertEqual($result, $expected);
|
|
}
|
|
|
|
function testIniCheck() {
|
|
Configure::write('Acl.classname', 'INI_ACL_TEST');
|
|
unset($this->Acl);
|
|
$iniFile = TEST_CAKE_CORE_INCLUDE_PATH . 'tests' . DS . 'test_app' . DS . 'configs'. DS . 'acl.ini.php';
|
|
|
|
$this->Acl = new AclComponent();
|
|
$this->Acl->_Instance->config= $this->Acl->_Instance->readConfigFile($iniFile);
|
|
|
|
$this->assertFalse($this->Acl->check('admin', 'ads'));
|
|
$this->assertTrue($this->Acl->check('admin', 'posts'));
|
|
|
|
$this->assertTrue($this->Acl->check('jenny', 'posts'));
|
|
$this->assertTrue($this->Acl->check('jenny', 'ads'));
|
|
|
|
$this->assertTrue($this->Acl->check('paul', 'posts'));
|
|
$this->assertFalse($this->Acl->check('paul', 'ads'));
|
|
|
|
$this->assertFalse($this->Acl->check('nobody', 'comments'));
|
|
}
|
|
|
|
function tearDown() {
|
|
unset($this->Acl);
|
|
}
|
|
}
|
|
|
|
?>
|