mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-20 17:15:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
Part-DB.Part-DB-server/tests/Services/UserSystem/VoterHelperTest.php

133 lines
5.5 KiB
PHP
Raw Blame History

<?php
/*
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published
* by the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Tests\Services\UserSystem;
use App\Entity\UserSystem\ApiToken;
use App\Entity\UserSystem\ApiTokenLevel;
use App\Entity\UserSystem\PermissionData;
use App\Entity\UserSystem\User;
use App\Security\ApiTokenAuthenticatedToken;
use App\Services\UserSystem\VoterHelper;
use PHPUnit\Framework\TestCase;
use Symfony\Bundle\FrameworkBundle\Test\KernelTestCase;
use Symfony\Component\Security\Core\Authentication\Token\NullToken;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
class VoterHelperTest extends KernelTestCase
{
protected ?VoterHelper $service = null;
protected ?User $user = null;
protected function setUp(): void
{
//Get a service instance.
self::bootKernel();
$this->service = self::getContainer()->get(VoterHelper::class);
//Set up a mocked user
$user_perms = new PermissionData();
$user_perms->setPermissionValue('parts', 'read', true) //read
->setPermissionValue('parts', 'edit', false) //edit
->setPermissionValue('parts', 'create', null) //create
->setPermissionValue('parts', 'move', null) //move
->setPermissionValue('parts', 'delete', null) //delete
->setPermissionValue('footprints', 'edit', true)
->setPermissionValue('footprints', 'create', false)
;
$this->user = $this->createMock(User::class);
$this->user->method('getPermissions')->willReturn($user_perms);
}
public function testResolveUserAnonUser(): void
{
//If the user is null, the anonymous user should be returned.
$anonymousToken = new NullToken();
$this->assertNull($anonymousToken->getUser());
$user = $this->service->resolveUser($anonymousToken);
//Ensure that this is the anonymous user.
$this->assertNotNull($user);
$this->assertTrue($user->isAnonymousUser());
}
public function testResolveUser(): void
{
//For a token with a user, the user should be returned.
$token = new PostAuthenticationToken($this->user, 'main', ['ROLE_USER']);
$this->assertSame($this->user, $token->getUser());
$user = $this->service->resolveUser($token);
$this->assertSame($this->user, $user);
}
public function testIsGrantedTrinaryNonAPI(): void
{
//For a UserNamePasswordToken everything should work as expected.
$token = new UsernamePasswordToken($this->user, 'main');
$this->assertTrue($this->service->isGrantedTrinary($token, 'parts', 'read'));
$this->assertFalse($this->service->isGrantedTrinary($token, 'parts', 'edit'));
$this->assertNull($this->service->isGrantedTrinary($token, 'parts', 'create'));
}
public function testIsGrantedTrinaryReadOnlyAPI(): void
{
//Create a API token
$api_token = new ApiToken();
$api_token->setLevel(ApiTokenLevel::READ_ONLY)->setName('Test Token');
//Create an auth token
$token = new ApiTokenAuthenticatedToken($this->user, 'main', ['ROLE_USER'], $api_token);
//The permissions should be readonly
$this->assertTrue($this->service->isGrantedTrinary($token, 'parts', 'read'));
$this->assertFalse($this->service->isGrantedTrinary($token, 'parts', 'edit'));
$this->assertFalse($this->service->isGrantedTrinary($token, 'parts', 'create'));
$this->assertFalse($this->service->isGrantedTrinary($token, 'footprints', 'edit'));
}
public function testIsGrantedTrinaryAdminAPI(): void
{
//Create a API token
$api_token = new ApiToken();
$api_token->setLevel(ApiTokenLevel::FULL)->setName('Test Token');
//Create an auth token
$token = new ApiTokenAuthenticatedToken($this->user, 'main', ['ROLE_USER'], $api_token);
//The permissions should be readonly
$this->assertTrue($this->service->isGrantedTrinary($token, 'parts', 'read'));
$this->assertFalse($this->service->isGrantedTrinary($token, 'parts', 'edit'));
$this->assertNull($this->service->isGrantedTrinary($token, 'parts', 'create'));
$this->assertTrue($this->service->isGrantedTrinary($token, 'footprints', 'edit'));
}
public function testIsGrantedNonAPI(): void
{
//Same as testIsGrantedTrinaryNonAPI, but every non-true value should return false.
$token = new UsernamePasswordToken($this->user, 'main');
$this->assertTrue($this->service->isGranted($token, 'parts', 'read'));
$this->assertFalse($this->service->isGranted($token, 'parts', 'edit'));
$this->assertFalse($this->service->isGranted($token, 'parts', 'create'));
}
}
Reference in a new issue View git blame Copy permalink