/**
  * @test
  */
 public function viewHelperRendersElseIfHasAccessToResourceReturnsFalse()
 {
     $this->mockAccessDecisionManager->expects($this->once())->method('hasAccessToResource')->with('someResource')->will($this->returnValue(FALSE));
     $this->ifAccessViewHelper->expects($this->once())->method('renderElseChild')->will($this->returnValue('ElseViewHelperResults'));
     $actualResult = $this->ifAccessViewHelper->render('someResource');
     $this->assertEquals('ElseViewHelperResults', $actualResult);
 }
 /**
  * renders <f:then> child if access to the given resource is allowed, otherwise renders <f:else> child.
  *
  * @param string $resource Policy resource
  * @return string the rendered string
  * @api
  */
 public function render($resource)
 {
     if ($this->accessDecisionManager->hasAccessToResource($resource)) {
         return $this->renderThenChild();
     } else {
         return $this->renderElseChild();
     }
 }
 /**
  * Invokes the security interception
  *
  * @return boolean TRUE if the security checks was passed
  * @throws \TYPO3\Flow\Security\Exception\AccessDeniedException
  * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint
  * @throws \TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the resource, causing a redirect to the authentication entrypoint
  */
 public function invoke()
 {
     try {
         $this->authenticationManager->authenticate();
     } catch (\Doctrine\ORM\EntityNotFoundException $exception) {
         throw new \TYPO3\Flow\Security\Exception\AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception);
     } catch (\TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException $noTokensAuthenticatedException) {
         // We still need to check if the resource is available to "Everybody".
         try {
             $this->accessDecisionManager->decideOnJoinPoint($this->joinPoint);
             return;
         } catch (\TYPO3\Flow\Security\Exception\AccessDeniedException $accessDeniedException) {
             throw $noTokensAuthenticatedException;
         }
     }
     $this->accessDecisionManager->decideOnJoinPoint($this->joinPoint);
 }
 /**
  * Sets up security test requirements
  *
  * Security is based on action requests so we need a working route for the TestingProvider.
  *
  * @return void
  */
 protected function setupSecurity()
 {
     $this->accessDecisionManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authorization\\AccessDecisionManagerInterface');
     $this->accessDecisionManager->setOverrideDecision(NULL);
     $this->policyService = $this->objectManager->get('TYPO3\\Flow\\Security\\Policy\\PolicyService');
     $this->authenticationManager = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\AuthenticationProviderManager');
     $this->testingProvider = $this->objectManager->get('TYPO3\\Flow\\Security\\Authentication\\Provider\\TestingProvider');
     $this->testingProvider->setName('TestingProvider');
     $this->securityContext = $this->objectManager->get('TYPO3\\Flow\\Security\\Context');
     $this->securityContext->clearContext();
     $httpRequest = Request::createFromEnvironment();
     $this->mockActionRequest = new ActionRequest($httpRequest);
     $this->mockActionRequest->setControllerObjectName('TYPO3\\Flow\\Tests\\Functional\\Security\\Fixtures\\Controller\\AuthenticationController');
     $this->securityContext->setRequest($this->mockActionRequest);
 }
 /**
  * Disables authorization for the current test
  *
  * @return void
  * @api
  */
 protected function disableAuthorization()
 {
     $this->accessDecisionManager->setOverrideDecision(TRUE);
 }