/** * @test */ public function isGrantedGrantsAccessIfAGrantPrivilegeAndNoDenyPrivilegeWasConfigured() { $role1ClassName = 'role1' . md5(uniqid(mt_rand(), true)); $role2ClassName = 'role2' . md5(uniqid(mt_rand(), true)); $mockRoleAdministrator = $this->createMock(\TYPO3\Flow\Security\Policy\Role::class); $mockRoleAdministrator->expects($this->any())->method('getPrivilegesByType')->will($this->returnValue(array($this->grantPrivilege))); $mockRoleCustomer = $this->createMock(\TYPO3\Flow\Security\Policy\Role::class); $mockRoleCustomer->expects($this->any())->method('getPrivilegesByType')->will($this->returnValue(array())); $this->mockSecurityContext->expects($this->once())->method('getRoles')->will($this->returnValue(array($mockRoleAdministrator, $mockRoleCustomer))); $this->assertTrue($this->privilegeManager->isGranted(\TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegeInterface::class, new MethodPrivilegeSubject($this->mockJoinPoint))); }
/** * Returns TRUE, if the given privilege type is granted for the given subject based * on the current security context or if set based on the override decision value. * * @param string $privilegeType * @param mixed $subject * @param string $reason This variable will be filled by a message giving information about the reasons for the result of this method * @return boolean */ public function isGranted($privilegeType, $subject, &$reason = '') { if ($this->overrideDecision === false) { $reason = 'Voting has been overriden to "DENY" by the testing privilege manager!'; return false; } elseif ($this->overrideDecision === true) { $reason = 'Voting has been overriden to "GRANT" by the testing privilege manager!'; return true; } return parent::isGranted($privilegeType, $subject, $reason); }