mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-23 10:18:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Added tests on some security related classes.

Browse source
This commit is contained in:
Jan Böhmer 2019-11-10 14:49:09 +01:00
parent 6ddc937ec5
commit bf8455fa42
6 changed files with 169 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

29
src/Repository/UserRepository.php
View file

@ -49,33 +49,4 @@ class UserRepository extends ServiceEntityRepository
'id' => User::ID_ANONYMOUS,
]);
}
// /**
// * @return User[] Returns an array of User objects
// */
/*
public function findByExampleField($value)
{
return $this->createQueryBuilder('u')
->andWhere('u.exampleField = :val')
->setParameter('val', $value)
->orderBy('u.id', 'ASC')
->setMaxResults(10)
->getQuery()
->getResult()
;
}
*/
/*
public function findOneBySomeField($value): ?User
{
return $this->createQueryBuilder('u')
->andWhere('u.exampleField = :val')
->setParameter('val', $value)
->getQuery()
->getOneOrNullResult()
;
}
*/
}

9
src/Security/Annotations/ColumnSecurity.php
View file

@ -89,9 +89,10 @@ class ColumnSecurity
if ($object instanceof NamedDBElement) {
if (\is_string($this->placeholder) && '' !== $this->placeholder) {
$object->setName($this->placeholder);
}
} else {
$object->setName('???');
}
}
return $object;
}
@ -99,6 +100,7 @@ class ColumnSecurity
if (null === $this->placeholder) {
switch ($this->type) {
case 'integer':
case 'int':
return 0;
case 'float':
return 0.0;
@ -109,11 +111,10 @@ class ColumnSecurity
case 'collection':
return new ArrayCollection();
case 'boolean':
case 'bool':
return false;
case 'datetime':
$date = new \DateTime();
return $date->setTimestamp(0);
return (new \DateTime())->setTimestamp(0);
default:
throw new InvalidArgumentException('Unknown type! You have to specify a placeholder!');
}

6
src/Security/UserChecker.php
View file

@ -30,11 +30,9 @@ use Symfony\Contracts\Translation\TranslatorInterface;
class UserChecker implements UserCheckerInterface
{
protected $translator;
public function __construct(TranslatorInterface $translator)
public function __construct()
{
$this->translator = $translator;
}
/**

4
src/Security/Voter/ExtendedVoter.php
View file

@ -56,7 +56,8 @@ abstract class ExtendedVoter extends Voter
// if the user is anonymous, we use the anonymous user.
if (!$user instanceof User) {
$user = $this->entityManager->find(User::class, User::ID_ANONYMOUS);
$repo = $this->entityManager->getRepository(User::class);
$user = $repo->getAnonymousUser();
if (null === $user) {
return false;
}
@ -71,6 +72,7 @@ abstract class ExtendedVoter extends Voter
*
* @param $attribute
* @param $subject
* @return bool
*/
abstract protected function voteOnUser($attribute, $subject, User $user): bool;
}

107
tests/Security/Annotations/ColumnSecurityTest.php Normal file
View file

@ -0,0 +1,107 @@
<?php
/**
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
namespace App\Tests\Security\Annotations;
use App\Entity\Attachments\AttachmentType;
use App\Security\Annotations\ColumnSecurity;
use PHPUnit\Framework\TestCase;
class ColumnSecurityTest extends TestCase
{
public function testGetReadOperation()
{
$annotation = new ColumnSecurity();
$this->assertEquals('read', $annotation->getReadOperationName(), 'A new annotation must return read');
$annotation->read = 'overwritten';
$this->assertEquals('overwritten', $annotation->getReadOperationName());
$annotation->prefix = 'prefix';
$this->assertEquals('prefix.overwritten', $annotation->getReadOperationName());
}
public function testGetEditOperation()
{
$annotation = new ColumnSecurity();
$this->assertEquals('edit', $annotation->getEditOperationName(), 'A new annotation must return read');
$annotation->edit = 'overwritten';
$this->assertEquals('overwritten', $annotation->getEditOperationName());
$annotation->prefix = 'prefix';
$this->assertEquals('prefix.overwritten', $annotation->getEditOperationName());
}
public function placeholderScalarDataProvider() : array
{
return [
['string', '???'],
['integer', 0],
['int', 0],
['float', 0.0],
['object', null],
['bool', false],
['boolean', false],
//['datetime', (new \DateTime())->setTimestamp(0)]
];
}
/**
* @dataProvider placeholderScalarDataProvider
* @param string $type
* @param $expected_value
*/
public function testGetPlaceholderScalar(string $type, $expected_value)
{
$annotation = new ColumnSecurity();
$annotation->type = $type;
$this->assertEquals($expected_value, $annotation->getPlaceholder());
}
public function testGetPlaceholderSpecifiedValue()
{
$annotation = new ColumnSecurity();
$annotation->placeholder = 3434;
$this->assertEquals(3434, $annotation->getPlaceholder());
$annotation->placeholder = [323];
$this->assertCount(1, $annotation->getPlaceholder());
//If a placeholder is specified we allow every type
$annotation->type = "type2";
$annotation->placeholder = 'invalid';
$this->assertEquals('invalid', $annotation->getPlaceholder());
}
public function testGetPlaceholderDBElement()
{
$annotation = new ColumnSecurity();
$annotation->type = AttachmentType::class;
/** @var AttachmentType $placeholder */
$placeholder = $annotation->getPlaceholder();
$this->assertInstanceOf(AttachmentType::class, $placeholder);
$this->assertEquals('???', $placeholder->getName());
$annotation->placeholder = 'test';
$placeholder = $annotation->getPlaceholder();
$this->assertInstanceOf(AttachmentType::class, $placeholder);
$this->assertEquals('test', $placeholder->getName());
}
}

52
tests/Security/UserCheckerTest.php Normal file
View file

@ -0,0 +1,52 @@
<?php
/**
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
namespace App\Tests\Security;
use App\Entity\UserSystem\User;
use App\Security\UserChecker;
use PHPUnit\Framework\TestCase;
use Symfony\Component\Security\Core\Exception\DisabledException;
class UserCheckerTest extends TestCase
{
protected $service;
public function setUp()
{
$this->service = new UserChecker();
}
public function testThrowDisabledException()
{
$user = new User();
$user->setDisabled(false);
//An user that is not disabled should not throw an exception
$this->service->checkPostAuth($user);
//An disabled user must throw an exception
$user->setDisabled(true);
$this->expectException(DisabledException::class);
$this->service->checkPostAuth($user);
}
}