protected function isAllowed($resource, $privilege)
{
if (null === $this->allowedService) {
$this->allowedService = $this->getServiceLocator()->get(Authorize::class);
}
return $this->allowedService->isAllowed($resource, $privilege);
}
/**
* @covers \BjyAuthorize\Service\Authorize::load
*/
public function testLoadWritesAclToCacheIfCacheIsEnabledButAclIsNotStoredInCache()
{
$cache = $this->getMockBuilder('Zend\\Cache\\Storage\\Adapter\\Filesystem')->disableOriginalConstructor()->getMock();
$cache->expects($this->once())->method('getItem');
$cache->expects($this->once())->method('setItem');
$serviceLocator = new ServiceManager();
$serviceLocator->setService('BjyAuthorize\\Cache', $cache);
$serviceLocator->setService('BjyAuthorize\\Provider\\Identity\\ProviderInterface', $this->getMock('BjyAuthorize\\Provider\\Identity\\ProviderInterface'));
$serviceLocator->setService('BjyAuthorize\\RoleProviders', $this->getMock('BjyAuthorize\\Service\\RoleProvidersServiceFactory'));
$serviceLocator->setService('BjyAuthorize\\ResourceProviders', $this->getMock('BjyAuthorize\\Service\\ResourceProvidersServiceFactory'));
$serviceLocator->setService('BjyAuthorize\\RuleProviders', $this->getMock('BjyAuthorize\\Service\\RuleProvidersServiceFactory'));
$serviceLocator->setService('BjyAuthorize\\Guards', $this->getMock('BjyAuthorize\\Service\\GuardsServiceFactory'));
$authorize = new Authorize(array('cache_key' => 'acl'), $serviceLocator);
$authorize->load();
}
/**
* {@inheritDoc}
*/
public function setUp()
{
$this->serviceManager = Bootstrap::getServiceManager();
$this->call = new Call();
$this->call->setId(1);
$this->call->setCall('This is the call');
$program = new Program();
$program->setProgram('This is the program');
$this->call->setProgram($program);
$this->authorizeService = $this->serviceManager->get('BjyAuthorize\\Service\\Authorize');
if (!$this->authorizeService->getAcl()->hasResource($this->call)) {
$this->authorizeService->getAcl()->addResource($this->call);
$this->authorizeService->getAcl()->allow([], $this->call, []);
}
/**
* Add the resource on the fly
*/
if (!$this->authorizeService->getAcl()->hasResource(new Call())) {
$this->authorizeService->getAcl()->addResource(new Call());
}
$this->authorizeService->getAcl()->allow([], new Call(), []);
$this->callLink = $this->serviceManager->get('viewhelpermanager')->get('calllink');
/**
* Bootstrap the application to have the other information available
*/
$application = $this->serviceManager->get('application');
$application->bootstrap();
}
/**
* {@inheritDoc}
*/
public function setUp()
{
$this->serviceManager = Bootstrap::getServiceManager();
$this->program = new Program();
$this->program->setId(1);
$this->program->setProgram('This is the program');
$this->authorizeService = $this->serviceManager->get('BjyAuthorize\\Service\\Authorize');
if (!$this->authorizeService->getAcl()->hasResource($this->program)) {
$this->authorizeService->getAcl()->addResource($this->program);
$this->authorizeService->getAcl()->allow([], $this->program, []);
}
/**
* Add the resource on the fly
*/
if (!$this->authorizeService->getAcl()->hasResource(new Program())) {
$this->authorizeService->getAcl()->addResource(new Program());
}
$this->authorizeService->getAcl()->allow([], new Program(), []);
$this->programLink = $this->serviceManager->get('viewhelpermanager')->get('programlink');
$routeMatch = new RouteMatch(['program' => 1]);
$routeMatch->setMatchedRouteName('route-program_entity_program');
$this->programLink->setRouteMatch($routeMatch);
/**
* Bootstrap the application to have the other information available
*/
$application = $this->serviceManager->get('application');
$application->bootstrap();
}
/**
* @covers \BjyAuthorize\Guard\Route::onRoute
*/
public function testOnRouteWithInvalidResource()
{
$event = $this->createMvcEvent('test-route');
$this->authorize->expects($this->any())->method('getIdentity')->will($this->returnValue('admin'));
$this->authorize->expects($this->any())->method('isAllowed')->will($this->returnValue(false));
$event->expects($this->once())->method('setError')->with(Route::ERROR);
$event->expects($this->at(3))->method('setParam')->with('route', 'test-route');
$event->expects($this->at(4))->method('setParam')->with('identity', 'admin');
$event->expects($this->at(5))->method('setParam')->with('exception', $this->isInstanceOf('BjyAuthorize\\Exception\\UnauthorizedException'));
$event->getTarget()->getEventManager()->expects($this->once())->method('trigger')->with(MvcEvent::EVENT_DISPATCH_ERROR, $event);
$this->assertNull($this->routeGuard->onRoute($event), 'Does not stop event propagation');
}
/**
* @covers \BjyAuthorize\Guard\Controller::onDispatch
*/
public function testOnDispatchWithInvalidResource()
{
$event = $this->createMvcEvent('test-controller', 'test-action');
$this->authorize->expects($this->any())->method('getIdentity')->will($this->returnValue('admin'));
$this->authorize->expects($this->any())->method('isAllowed')->will($this->returnValue(false));
$event->expects($this->once())->method('setError')->with(Controller::ERROR);
$event->expects($this->exactly(3))->method('setParam')->with($this->callback(function ($key) {
return in_array($key, array('identity', 'controller', 'action'));
}), $this->callback(function ($val) {
return in_array($val, array('admin', 'test-controller', 'test-action'));
}));
$event->getTarget()->getEventManager()->expects($this->once())->method('trigger')->with(MvcEvent::EVENT_DISPATCH_ERROR, $event);
$this->assertNull($this->controllerGuard->onDispatch($event), 'Does not stop event propagation');
}
public function testGetAccessDenied()
{
$this->authorizeService->getAcl()->deny([], $this->doa, []);
$this->assertNotContains('<a href', $this->doaLink->__invoke($this->doa, 'view-community'));
$this->authorizeService->getAcl()->allow([], $this->doa, []);
}
/**
* @param mixed $resource
* @param mixed|null $privilege
* @return bool
*/
public function __invoke($resource, $privilege = null)
{
return $this->authorizeService->isAllowed($resource, $privilege);
}
/**
* @group bjyoungblood/BjyAuthorize#258
*/
public function testCanAddTraversableRoleToLoadRole()
{
$serviceLocator = $this->serviceLocator;
$serviceLocator->setAllowOverride(true);
$roleProviderMock = $this->getMockBuilder('BjyAuthorize\\Provider\\Role\\Config')->disableOriginalConstructor()->getMock();
$roleProviderMock->expects($this->once())->method('getRoles')->will($this->returnValue(new \Zend\Stdlib\ArrayObject(array(new \BjyAuthorize\Acl\Role('test')))));
$serviceLocator->setService('BjyAuthorize\\Provider\\Role\\Config', $roleProviderMock);
$roleMock = $this->getMockBuilder('BjyAuthorize\\Service\\RoleProvidersServiceFactory')->disableOriginalConstructor()->getMock();
$roleMock->expects($this->any())->method('createService')->will($this->returnValue(array($roleProviderMock)));
$serviceLocator->setFactory('BjyAuthorize\\RoleProviders', $roleMock);
$authorize = new Authorize(array('cache_key' => 'acl'), $this->serviceLocator);
$authorize->load();
$acl = $authorize->getAcl();
$this->assertTrue($acl->hasRole('test'));
}
/**
* @param \BjyAuthorize\Service\Authorize $authorizeService
* @param \stdClass $entity
*/
public function it_should_use_classname_if_entity_is_no_ResourceInterface($authorizeService, $entity)
{
$authorizeService->isAllowed(Argument::cetera())->willReturn(true);
$this->mockListenerFactory($authorizeService->getWrappedObject());
$className = get_class($entity->getWrappedObject());
$permission = 'permission';
$this->isAllowed($entity, $permission);
$authorizeService->isAllowed($className, $permission)->shouldBeCalled();
}
