public function testThroughPropel() { WorkspaceManager::setCurrent(0); ItemQuery::create()->deleteAll(); ItemCategoryQuery::create()->deleteAll(); WorkspaceManager::setCurrent(0); //todo }
public function testObjectGeneral() { ItemQuery::create()->deleteAll(); TestQuery::create()->deleteAll(); $this->getACL()->removeObjectRules('test/item'); $this->getACL()->setCaching(false); $user = new User(); $user->setUsername('TestUser'); $user->save(); $group = new Group(); $group->setName('ACL Test group'); $group->addUser($user); $group->save(); $item1 = new Item(); $item1->setTitle('Item 1'); $item1->save(); $item2 = new Item(); $item2->setTitle('Item 2'); $item2->save(); $test1 = new Test(); $test1->setName('Test 1'); $test1->save(); $aclRequestItem1OnlyListing = ACLRequest::create('test/item', $item1->getId())->onlyListingMode(); $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'we have no rules, so everyone except admin user and admin group has no access.'); $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup(1)), 'we have no rules, so only group admin has access.'); $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetUser(1)), 'we have no rules, so only user admin has access.'); $this->getACL()->removeObjectRules('test/item'); $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true); $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup got list access to all test/item objects.'); $this->getACL()->setObjectListExact('test/item', $item1->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false); $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup got list access-denied to item 1.'); $aclRequestItem2OnlyListing = ACLRequest::create('test/item', $item2->getId())->onlyListingMode(); $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup still have access to item2.'); $this->getACL()->setObjectListExact('test/item', $item2->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false); $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup does not have access to item2 anymore.'); $acl = $this->getACL()->setObjectListExact('test/item', $item2->getId(), \Jarves\ACL::TARGET_TYPE_USER, $user->getId(), true); $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser got access through a rule for only him.'); $acl->setAccess(false); $acl->save(); $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser got no-access through a rule for only him.'); //access to every item $acl = $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true); $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser has now access to all items through his group.'); $this->assertTrue($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has now access to all items.'); $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has now access to all items.'); //remove the acl item that gives access to anything. $acl->delete(); $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetUser($user->getId())), 'testUser has no access anymore, since we deleted the access-for-all rule.'); $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has no access anymore to all items (item1).'); $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has no access anymore to all items (item2).'); //check checkListCondition $this->getACL()->setObjectListCondition('test/item', array(array('id', '>', $item1->getId())), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true); $this->assertTrue($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has access to all items after item1'); $this->assertFalse($this->getACL()->check($aclRequestItem1OnlyListing->targetGroup($group->getId())), 'testGroup has access to all items after item1, but only > , so not item1 itself.'); //revoke anything to object 'test\item' $this->getACL()->setObjectList('test/item', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false); $this->assertFalse($this->getACL()->check($aclRequestItem2OnlyListing->targetGroup($group->getId())), 'testGroup has no access to all items after item1'); //check against object test $aclRequestTest1OnlyListing = ACLRequest::create('test/test', $test1->getId())->onlyListingMode(); $this->getACL()->setObjectListExact('test/test', $test1->getId(), \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), true); $this->assertTrue($this->getACL()->check($aclRequestTest1OnlyListing->targetGroup($group->getId())), 'testGroup has access test1.'); $this->getACL()->setObjectList('test/test', \Jarves\ACL::TARGET_TYPE_GROUP, $group->getId(), false); $this->assertFalse($this->getACL()->check($aclRequestTest1OnlyListing->targetGroup($group->getId())), 'testGroup has no access test1.'); $this->getACL()->setCaching(true); $this->getACL()->removeObjectRules('test/item'); }
public function testAdd() { ItemQuery::create()->deleteAll(); $item1 = new Item(); $item1->setTitle('Item 1'); $item1->save(); $id = $item1->getId(); $response = $this->restCall('/jarves/object/test/item/' . $id); $this->assertEquals('Item 1', $response['data']['title']); $response = $this->restCall('/jarves/object/test/item/', 'POST', array('title' => 'Item 2')); $this->assertEquals(200, $response['status']); $this->assertEquals($id + 1, $response['data']['id'] + 0); //did we really inserted it? $response = $this->restCall('/jarves/object/test/item/' . $response['data']['id']); $this->assertEquals($id + 1, $response['data']['id'] + 0); }
public function testManyToOne() { ItemQuery::create()->deleteAll(); ItemCategoryQuery::create()->deleteAll(); $id = uniqid(); $newItemCategory = ['name' => 'Test Category ' . $id, 'items' => [['title' => 'Test Item ' . $id . ' 1'], ['title' => 'Test Item ' . $id . ' 2']]]; $added = $this->getObjects()->add('test/itemCategory', $newItemCategory); $this->assertGreaterThan(0, $added['id']); $category = ItemCategoryQuery::create()->findOneById($added['id']); $items = $category->getItems(); $this->assertCount(2, $items); $this->assertEquals('Test Item ' . $id . ' 1', $items[0]->getTitle()); $this->assertEquals('Test Item ' . $id . ' 2', $items[1]->getTitle()); }