/** * Calls aroundExecute to access protected method _processNotLoggedInUser * * Data provider supplies different possibilities of request parameters and properties * @dataProvider processNotLoggedInUserDataProvider */ public function testProcessNotLoggedInUser($isIFrameParam, $isAjaxParam, $isForwardedFlag) { $subject = $this->getMockBuilder('Magento\\Backend\\Controller\\Adminhtml\\Index')->disableOriginalConstructor()->getMock(); $request = $this->getMockBuilder('Magento\\Framework\\App\\Request\\Http')->disableOriginalConstructor()->getMock(); $storage = $this->getMockBuilder('Magento\\Backend\\Model\\Auth\\Session')->disableOriginalConstructor()->getMock(); // Stubs to control the flow of execution in aroundExecute $this->auth->expects($this->any())->method('getAuthStorage')->will($this->returnValue($storage)); $request->expects($this->once())->method('getActionName')->will($this->returnValue('non/open/action/name')); $this->auth->expects($this->any())->method('getUser')->willReturn(false); $this->auth->expects($this->once())->method('isLoggedIn')->will($this->returnValue(false)); $request->expects($this->any())->method('getPost')->willReturn(false); // Test cases and expectations based on provided data $request->expects($this->once())->method('isForwarded')->willReturn($isForwardedFlag); $getParamCalls = 0; $actionName = ''; // If forwarded flag is set, getParam never gets called if (!$isForwardedFlag) { if ($isIFrameParam) { $getParamCalls = 1; $actionName = 'deniedIframe'; } else { if ($isAjaxParam) { $getParamCalls = 2; $actionName = 'deniedJson'; } else { $getParamCalls = 2; $actionName = 'login'; } } } $requestParams = [['isIframe', null, $isIFrameParam], ['isAjax', null, $isAjaxParam]]; $setterCalls = $isForwardedFlag ? 0 : 1; $request->expects($this->exactly($getParamCalls))->method('getParam')->willReturnMap($requestParams); $request->expects($this->exactly($setterCalls))->method('setForwarded')->with(true)->willReturnSelf(); $request->expects($this->exactly($setterCalls))->method('setRouteName')->with('adminhtml')->willReturnSelf(); $request->expects($this->exactly($setterCalls))->method('setControllerName')->with('auth')->willReturnSelf(); $request->expects($this->exactly($setterCalls))->method('setActionName')->with($actionName)->willReturnSelf(); $request->expects($this->exactly($setterCalls))->method('setDispatched')->with(false)->willReturnSelf(); $expectedResult = 'expectedResult'; $proceed = function ($request) use($expectedResult) { return $expectedResult; }; $this->assertEquals($expectedResult, $this->plugin->aroundExecute($subject, $proceed, $request)); }
/** * Replace standard admin login form with HTTP Basic authentication * * @param AbstractAction $subject * @param callable $proceed * @param RequestInterface $request * @return ResponseInterface * @SuppressWarnings(PHPMD.UnusedFormalParameter) * @SuppressWarnings(PHPMD.CyclomaticComplexity) * @SuppressWarnings(PHPMD.NPathComplexity) */ public function aroundExecute(AbstractAction $subject, \Closure $proceed, RequestInterface $request) { $resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null; $type = $request->getParam('type'); $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null; if (!$resource || !$resourceType) { return parent::aroundExecute($subject, $proceed, $request); } $session = $this->_auth->getAuthStorage(); // Try to login using HTTP-authentication if (!$session->isLoggedIn()) { list($login, $password) = $this->httpAuthentication->getCredentials(); try { $this->_auth->login($login, $password); } catch (AuthenticationException $e) { $this->logger->critical($e); } } // Verify if logged in and authorized if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) { $this->httpAuthentication->setAuthenticationFailed('RSS Feeds'); return $this->_response; } return parent::aroundExecute($subject, $proceed, $request); }