/**
* @test
*/
public function viewHelperRendersElseIfHasAccessToResourceReturnsFalse()
{
$this->mockAccessDecisionManager->expects($this->once())->method('hasAccessToResource')->with('someResource')->will($this->returnValue(FALSE));
$this->ifAccessViewHelper->expects($this->once())->method('renderElseChild')->will($this->returnValue('ElseViewHelperResults'));
$actualResult = $this->ifAccessViewHelper->render('someResource');
$this->assertEquals('ElseViewHelperResults', $actualResult);
}
/**
* renders <f:then> child if access to the given resource is allowed, otherwise renders <f:else> child.
*
* @param string $resource Policy resource
* @return string the rendered string
* @api
*/
public function render($resource)
{
if ($this->accessDecisionManager->hasAccessToResource($resource)) {
return $this->renderThenChild();
} else {
return $this->renderElseChild();
}
}
/**
* Invokes the security interception
*
* @return boolean TRUE if the security checks was passed
* @throws \TYPO3\Flow\Security\Exception\AccessDeniedException
* @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint
* @throws \TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the resource, causing a redirect to the authentication entrypoint
*/
public function invoke()
{
try {
$this->authenticationManager->authenticate();
} catch (\Doctrine\ORM\EntityNotFoundException $exception) {
throw new \TYPO3\Flow\Security\Exception\AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception);
} catch (\TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException $noTokensAuthenticatedException) {
// We still need to check if the resource is available to "Everybody".
try {
$this->accessDecisionManager->decideOnJoinPoint($this->joinPoint);
return;
} catch (\TYPO3\Flow\Security\Exception\AccessDeniedException $accessDeniedException) {
throw $noTokensAuthenticatedException;
}
}
$this->accessDecisionManager->decideOnJoinPoint($this->joinPoint);
}
/**
* Sets up security test requirements
*
* Security is based on action requests so we need a working route for the TestingProvider.
*
* @return void
*/
protected function setupSecurity()
{
$this->accessDecisionManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authorization\\AccessDecisionManagerInterface');
$this->accessDecisionManager->setOverrideDecision(NULL);
$this->policyService = $this->objectManager->get('TYPO3\\Flow\\Security\\Policy\\PolicyService');
$this->authenticationManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\AuthenticationProviderManager');
$this->testingProvider = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\Provider\\TestingProvider');
$this->testingProvider->setName('TestingProvider');
$this->securityContext = $this->objectManager->get('TYPO3\\Flow\\Security\\Context');
$this->securityContext->clearContext();
$httpRequest = Request::createFromEnvironment();
$this->mockActionRequest = new ActionRequest($httpRequest);
$this->mockActionRequest->setControllerObjectName('TYPO3\\Flow\\Tests\\Functional\\Security\\Fixtures\\Controller\\AuthenticationController');
$this->securityContext->setRequest($this->mockActionRequest);
}
/**
* Disables authorization for the current test
*
* @return void
* @api
*/
protected function disableAuthorization()
{
$this->accessDecisionManager->setOverrideDecision(TRUE);
}
