Exemple #1
0
 public function testObjectGeneral()
 {
     ItemQuery::create()->deleteAll();
     TestQuery::create()->deleteAll();
     $this->getACL()->removeObjectRules('test/item');
     $this->getACL()->setCaching(false);
     $user = new User();
     $user->setUsername('TestUser');
     $user->save();
     $group = new Group();
     $group->setName('ACL Test group');
     $group->addUser($user);
     $group->save();
     $item1 = new Item();
     $item1->setTitle('Item 1');
     $item1->save();
     $item2 = new Item();
     $item2->setTitle('Item 2');
     $item2->save();
     $test1 = new Test();
     $test1->setName('Test 1');
     $test1->save();
     $aclRequestItem1OnlyListing = ACLRequest::create('test/item', $item1->getId())->onlyListingMode();
     $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'we have no rules, so everyone except admin user and admin group has no access.');
     $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup(1)), 'we have no rules, so only group admin has access.');
     $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetUser(1)), 'we have no rules, so only user admin has access.');
     $this->getACL()->removeObjectRules('test/item');
     $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true);
     $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup got list access to all test/item objects.');
     $this->getACL()->setObjectListExact('test/item', $item1->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false);
     $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup got list access-denied to item 1.');
     $aclRequestItem2OnlyListing = ACLRequest::create('test/item', $item2->getId())->onlyListingMode();
     $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup still have access to item2.');
     $this->getACL()->setObjectListExact('test/item', $item2->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false);
     $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup does not have access to item2 anymore.');
     $acl = $this->getACL()->setObjectListExact('test/item', $item2->getId(), \Jarves\ACL::TARGET_TYPE_USER, $user->getId(), true);
     $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser got access through a rule for only him.');
     $acl->setAccess(false);
     $acl->save();
     $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser got no-access through a rule for only him.');
     //access to every item
     $acl = $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true);
     $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser has now access to all items through his group.');
     $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has now access to all items.');
     $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has now access to all items.');
     //remove the acl item that gives access to anything.
     $acl->delete();
     $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser has no access anymore, since we deleted the access-for-all rule.');
     $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has no access anymore to all items (item1).');
     $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has no access anymore to all items (item2).');
     //check checkListCondition
     $this->getACL()->setObjectListCondition('test/item', array(array('id', '>', $item1->getId())), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true);
     $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has access to all items after item1');
     $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has access to all items after item1, but only > , so not item1 itself.');
     //revoke anything to object 'test\item'
     $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false);
     $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has no access to all items after item1');
     //check against object test
     $aclRequestTest1OnlyListing = ACLRequest::create('test/test', $test1->getId())->onlyListingMode();
     $this->getACL()->setObjectListExact('test/test', $test1->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true);
     $this->assertTrue($this->getACL()->check($aclRequestTest1OnlyListing->targetGroup($group->getId())), 'testGroup has access test1.');
     $this->getACL()->setObjectList('test/test', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false);
     $this->assertFalse($this->getACL()->check($aclRequestTest1OnlyListing->targetGroup($group->getId())), 'testGroup has no access test1.');
     $this->getACL()->setCaching(true);
     $this->getACL()->removeObjectRules('test/item');
 }