protected function setUp()
{
parent::setUp();
\CRM_Core_DAO_AllCoreTables::init(TRUE);
\CRM_Core_DAO_AllCoreTables::registerEntityType('FakeFile', 'CRM_Fake_DAO_FakeFile', 'fake_file');
$fileProvider = new \Civi\API\Provider\StaticProvider(3, 'FakeFile', array('id', 'entity_table', 'entity_id'), array(), array(array('id' => self::FILE_WIDGET_ID, 'entity_table' => 'fake_widget', 'entity_id' => self::WIDGET_ID), array('id' => self::FILE_FORBIDDEN_ID, 'entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID)));
\CRM_Core_DAO_AllCoreTables::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
$widgetProvider = new \Civi\API\Provider\StaticProvider(3, 'Widget', array('id', 'title'), array(), array(array('id' => self::WIDGET_ID, 'title' => 'my widget')));
\CRM_Core_DAO_AllCoreTables::registerEntityType('Forbidden', 'CRM_Fake_DAO_Forbidden', 'fake_forbidden');
$forbiddenProvider = new \Civi\API\Provider\StaticProvider(3, 'Forbidden', array('id', 'label'), array('create' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION, 'get' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION, 'delete' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION), array(array('id' => self::FORBIDDEN_ID, 'label' => 'my forbidden')));
$this->dispatcher = new EventDispatcher();
$this->kernel = new Kernel($this->dispatcher);
$this->kernel->registerApiProvider($fileProvider)->registerApiProvider($widgetProvider)->registerApiProvider($forbiddenProvider);
$this->dispatcher->addSubscriber(new DynamicFKAuthorization($this->kernel, 'FakeFile', array('create', 'get'), "select\n case %1\n when " . self::FILE_WIDGET_ID . " then 1\n when " . self::FILE_FORBIDDEN_ID . " then 1\n else 0\n end as is_valid,\n case %1\n when " . self::FILE_WIDGET_ID . " then 'fake_widget'\n when " . self::FILE_FORBIDDEN_ID . " then 'fake_forbidden'\n else null\n end as entity_table,\n case %1\n when " . self::FILE_WIDGET_ID . " then " . self::WIDGET_ID . "\n when " . self::FILE_FORBIDDEN_ID . " then " . self::FORBIDDEN_ID . "\n else null\n end as entity_id\n ", "select", array('fake_widget', 'fake_forbidden')));
}
/**
* @param array $apiRequest
* Array(entity=>$,action=>$,params=>$,expectedResults=>$).
* @param array $rules
* Whitelist - list of allowed API calls/patterns.
* @param bool $expectSuccess
* TRUE if the call should succeed.
* Success implies that the 'expectedResults' are returned.
* Failure implies that the standard error message is returned.
* @dataProvider restrictionCases
*/
public function testEach($apiRequest, $rules, $expectSuccess)
{
\CRM_Core_DAO_AllCoreTables::init(TRUE);
$recs = $this->getFixtures();
\CRM_Core_DAO_AllCoreTables::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
$widgetProvider = new \Civi\API\Provider\StaticProvider(3, 'Widget', array('id', 'widget_type', 'provider', 'title'), array(), $recs['widget']);
\CRM_Core_DAO_AllCoreTables::registerEntityType('Sprocket', 'CRM_Fake_DAO_Sprocket', 'fake_sprocket');
$sprocketProvider = new \Civi\API\Provider\StaticProvider(3, 'Sprocket', array('id', 'sprocket_type', 'widget_id', 'provider', 'title', 'comment'), array(), $recs['sprocket']);
$whitelist = WhitelistRule::createAll($rules);
$dispatcher = new EventDispatcher();
$kernel = new Kernel($dispatcher);
$kernel->registerApiProvider($sprocketProvider);
$kernel->registerApiProvider($widgetProvider);
$dispatcher->addSubscriber(new WhitelistSubscriber($whitelist));
$dispatcher->addSubscriber(new ChainSubscriber());
$apiRequest['params']['debug'] = 1;
$apiRequest['params']['check_permissions'] = 'whitelist';
$result = $kernel->run($apiRequest['entity'], $apiRequest['action'], $apiRequest['params']);
if ($expectSuccess) {
$this->assertAPISuccess($result);
$this->assertTrue(is_array($apiRequest['expectedResults']));
$this->assertTreeEquals($apiRequest['expectedResults'], $result['values']);
} else {
$this->assertAPIFailure($result);
$this->assertRegExp('/The request does not match any active API authorizations./', $result['error_message']);
}
}
