function let(RoleSet $role_set, Role $role, Permission $permission)
 {
     //fixtures
     $subject_id = 1;
     $permission->permission_id = 1;
     $permission->name = 'admin_view';
     $permission->description = 'Admin View Permission';
     //collaborator stubbing/mocking
     $permission->__toString()->willReturn($permission->name);
     $role_set->getRoles()->willReturn(array($role));
     $role_set->getPermissions()->willReturn(array($permission));
     $role_set->has_permission($permission)->willReturn(true);
     $this->beConstructedWith($subject_id, $role_set);
 }
 public function testCreate()
 {
     $name = "test_name";
     $desc = "test_description";
     $perm = Permission::create($name, $desc);
     $this->assertEquals($name, $perm->name);
     $this->assertEquals($desc, $perm->description);
 }
Beispiel #3
0
 protected function generatePerm($name = false)
 {
     if (!$name) {
         $name = "perm_{$this->current_perm_num}";
     }
     $perm = Permission::create($name);
     $perm->permission_id = ++$this->current_perm_num;
     return $perm;
 }
 public function testPermissionSave()
 {
     $perm_coll = new \MongoCollection($this->db, "auth_permission");
     $p1 = Permission::create("test_1", "desc");
     $this->adapter->permissionSave($p1);
     $this->assertNotEmpty($p1->permission_id);
     $fetched_perm = $perm_coll->findOne(array('_id' => $p1->permission_id));
     $this->assertEquals($fetched_perm['_id']->{'$id'}, $p1->permission_id);
 }
 /**
  * @expectedException \RBAC\Exception\InsufficientPermission
  */
 public function testRequirePermission()
 {
     $p1 = Permission::create("test_1", "", 1);
     $p2 = Permission::create("test_2", "", 2);
     $r1 = Role::create("role_1", "", [$p1, $p2]);
     $subject = new Subject(1, new RoleSet([$r1]));
     $subject->requirePermission($p1);
     $subject->requirePermission($p2->name);
     $subject->requirePermission("bs_perm");
 }
 public function testPermissions()
 {
     $p1 = Permission::create("test_1", "", 1);
     $p2 = Permission::create("test_2", "", 2);
     $p3 = Permission::create("test_3", "", 3);
     $p4 = Permission::create("test_4", "", 4);
     $r1 = Role::create("role_1", "", [$p1, $p2]);
     $r2 = Role::create("role_2", "", [$p1, $p2, $p4]);
     $role_set = new RoleSet([$r1, $r2]);
     $permissions = $role_set->getPermissions();
     $this->assertEquals(3, sizeof($permissions));
 }
Beispiel #7
0
 /**
  * Creates permissions, and assigns them to roles that may be created if they don't already exist
  * If they already do exist, the permissions will be replaced and updated
  * Also capable of updating the role descriptions
  * Use this function when you're constructing an RBAC interface for administrators to create new roles/permissions
  *
  * $roles_permissions is accepted in this manner:
  * 	array(
  * 		'role_name' => array(
  * 			'desc' => 'Description of Role',
  * 			'perms' => array( //<- these are optional (empty array still updates; non-existent key is ignored)
  * 				'perm_name'	=> 'perm_desc'
  * 			)
  * 		),
  * 		'role_name' => array(
  * 			'desc' => '', //<- this is also optional (empty string still updates; non-existent key is ignored)
  * 		),
  * 		'role_name' => array(
  * 			'perms' => array(
  * 				'perm_name' => '', //<- perm_desc is not optional but can be left as an empty string
  * 			),
  * 		),
  *		'role_name'	=> array(
  *			'perms'	=> array(), //<- this would just clear all the old the permissions
  *		),
  * 	);
  *
  * @param $roles_permissions array
  * @return $roles array of objects
  */
 public function register_roles_permissions(array $roles_permissions)
 {
     $role_names = array();
     //cycle through the role names
     foreach ($roles_permissions as $role_name => $role_data) {
         //we send role name and description to register role
         if (isset($role_data['desc']) and is_string($role_data['desc'])) {
             $role_object = $this->register_role($role_name, $role_data['desc']);
         } else {
             $role_object = $this->register_role($role_name);
         }
         //if any one of the roles failed to be registered (created/updated), fail it
         if (!$role_object) {
             throw new RoleSaveException($this->lang('role_register_unsuccessful'));
         }
         //at this point role object has already been created or updated
         //if the perms have not been set, there's no need to update it
         if (isset($role_data['perms']) and is_array($role_data['perms'])) {
             //first delete all the old permissions (if they exist!)
             $old_permissions = $role_object->getPermissions();
             foreach ($old_permissions as $permission_object) {
                 $this->role_manager->permissionDelete($permission_object);
             }
             //if the perms is not empty, we add/update the new roles
             //if it were empty, we would leave it with no permissions
             if (!empty($role_data['perms'])) {
                 //all permissions will be recreated
                 foreach ($role_data['perms'] as $permission_name => $permission_desc) {
                     $permission_object = Permission::create($permission_name, $permission_desc);
                     if (!$this->role_manager->permissionSave($permission_object)) {
                         throw new PermissionSaveException($this->lang('permission_save_unsuccessful'));
                     }
                     if (!$role_object->addPermission($permission_object)) {
                         throw new PermissionSaveException($this->lang('permission_assignment_unsuccessful'));
                     }
                 }
             }
             if (!$this->role_manager->roleSave($role_object)) {
                 throw new RoleSaveException($this->lang('role_save_unsuccessful'));
             }
         }
         $role_names[] = $role_name;
     }
     return $this->get_roles($role_names);
 }
 protected function seed()
 {
     $default_users = array(array('id' => '1', 'ipAddress' => inet_pton('127.0.0.1'), 'username' => 'administrator', 'password' => '$2y$10$EiqipvSt3lnD//nchj4u9OgOTL9R3J4AbZ5bUVVrh.Tq/gmc5xIvS', 'passwordChange' => '0', 'email' => '*****@*****.**', 'createdOn' => date('Y-m-d H:i:s'), 'lastLogin' => date('Y-m-d H:i:s'), 'active' => '1', 'sharedKey' => '9tThG2rFhZv+LslrrPy0I6QcCn9E3kNcyv5rqb3qKLywvFCfwHiSZ2fH2qQAgQXAkfBIrd0zHP+1v/FJ4W/kMA=='));
     //default user to roles
     $default_users_to_roles = array(array('admin', 'member'));
     //roles to descriptions
     $default_roles = array('admin' => 'Site Administrators', 'member' => 'General Members');
     //roles to permissions to permission descriptions
     $default_role_permissions = array('admin' => array('admin_create' => 'Creating administration resources.', 'admin_read' => 'Viewing administration resources.', 'admin_update' => 'Editing administration resources.', 'admin_delete' => 'Deleting administration resources.'), 'member' => array('public_read' => 'Viewing public resources.'));
     //seeding user accounts
     foreach ($default_users as $user) {
         $this->db->insert('user_accounts', $user);
     }
     //seeding roles and permissions
     $role_manager = new RoleManager(new MySQLAdapter($this->db->conn_id, new Options()));
     foreach ($default_role_permissions as $role => $permissions_array) {
         //create the role
         $created_role = Role::create($role, $default_roles[$role]);
         foreach ($permissions_array as $permission => $reason) {
             //create the permission
             $created_permission = Permission::create($permission, $reason);
             //save the permission to the database
             $role_manager->permissionSave($created_permission);
             //add the permission to the role
             $created_role->addPermission($created_permission);
         }
         $role_manager->roleSave($created_role);
     }
     //assign the role to the users
     foreach ($default_users_to_roles as $key => $roles) {
         $user_id = $default_users[$key]['id'];
         foreach ($roles as $role) {
             $assignable_role = $role_manager->roleFetchByName($role);
             $role_manager->roleAddSubjectId($assignable_role, $user_id);
         }
     }
 }
 /**
  * @expectedException \RBAC\Exception\ValidationError
  */
 public function testRolePermissionAddInvalidPerm()
 {
     $this->rm->rolePermissionAdd($this->generateRole(), Permission::create("blah"));
 }
Beispiel #10
0
 /**
  * @expectedException \RBAC\Exception\ValidationError
  */
 public function testAddInvalidPermission()
 {
     $role = Role::create("role_a");
     $role->addPermission(Permission::create("invalid"));
 }