/**
* @test
*/
public function isGrantedGrantsAccessIfAGrantPrivilegeAndNoDenyPrivilegeWasConfigured()
{
$role1ClassName = 'role1' . md5(uniqid(mt_rand(), true));
$role2ClassName = 'role2' . md5(uniqid(mt_rand(), true));
$mockRoleAdministrator = $this->createMock(\TYPO3\Flow\Security\Policy\Role::class);
$mockRoleAdministrator->expects($this->any())->method('getPrivilegesByType')->will($this->returnValue(array($this->grantPrivilege)));
$mockRoleCustomer = $this->createMock(\TYPO3\Flow\Security\Policy\Role::class);
$mockRoleCustomer->expects($this->any())->method('getPrivilegesByType')->will($this->returnValue(array()));
$this->mockSecurityContext->expects($this->once())->method('getRoles')->will($this->returnValue(array($mockRoleAdministrator, $mockRoleCustomer)));
$this->assertTrue($this->privilegeManager->isGranted(\TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegeInterface::class, new MethodPrivilegeSubject($this->mockJoinPoint)));
}
/**
* Returns TRUE, if the given privilege type is granted for the given subject based
* on the current security context or if set based on the override decision value.
*
* @param string $privilegeType
* @param mixed $subject
* @param string $reason This variable will be filled by a message giving information about the reasons for the result of this method
* @return boolean
*/
public function isGranted($privilegeType, $subject, &$reason = '')
{
if ($this->overrideDecision === false) {
$reason = 'Voting has been overriden to "DENY" by the testing privilege manager!';
return false;
} elseif ($this->overrideDecision === true) {
$reason = 'Voting has been overriden to "GRANT" by the testing privilege manager!';
return true;
}
return parent::isGranted($privilegeType, $subject, $reason);
}
