public function setUp()
{
$this->voter = new ProfileVoter();
$this->token = new UsernamePasswordToken('testuser', 'password', 'public');
$this->user = new User();
$this->token->setUser($this->user);
}
public function testUserBlame()
{
$context = $this->getContainer()->get('security.context');
$token = new UsernamePasswordToken('test', 'test', 'test_provider', []);
$user = new User();
$user->setUsername('dantleech');
$user->setPassword('foo');
$user->setLocale('fr');
$user->setSalt('saltz');
$this->db('ORM')->getOm()->persist($user);
$this->db('ORM')->getOm()->flush();
$token->setUser($user);
$context->setToken($token);
$contact = new Contact();
$contact->setFirstName('Max');
$contact->setLastName('Mustermann');
$contact->setPosition('CEO');
$contact->setSalutation('Sehr geehrter Herr Dr Mustermann');
$this->db('ORM')->getOm()->persist($contact);
$this->db('ORM')->getOm()->flush();
$changer = $contact->getChanger();
$creator = $contact->getCreator();
$this->assertSame($changer, $user);
$this->assertSame($creator, $user);
}
public function features_for_user($user)
{
$token = new UsernamePasswordToken($user->getUsername(), null, 'main', $user->getRoles());
$token->setUser($user);
$ret = array();
foreach ($this->supported_features as $attribute) {
$ret[$attribute] = $this->voteOnAttribute($attribute, null, $token);
}
return $ret;
}
private final function buildASession($session, $repository)
{
$user = $this->provider->loadUserByToken($session, $repository);
if ($user) {
$authenticatedToken = new UsernamePasswordToken($user, $session, 'front', ['ROLE_USER']);
$authenticatedToken->setUser($user);
$this->session->set($session, $authenticatedToken);
return true;
}
return false;
}
protected function logIn()
{
$user = $this->container->get('user.repository')->findOneBy([]);
$session = $this->client->getContainer()->get('session');
$firewall = 'admin';
$token = new UsernamePasswordToken('admin', 'admin', $firewall, ['ROLE_ADMIN']);
$token->setUser($user);
$session->set('_security_' . $firewall, serialize($token));
$session->save();
$cookie = new Cookie($session->getName(), $session->getId());
$this->client->getCookieJar()->set($cookie);
$this->container->get('security.token_storage')->setToken($token);
}
protected function logIn()
{
$client = $this->container->get('client.repository')->findOneBy([]);
$session = $this->client->getContainer()->get('session');
$firewall = 'client';
$token = new UsernamePasswordToken('*****@*****.**', 'demo', $firewall, ['ROLE_CLIENT']);
$token->setUser($client);
$session->set('_security_' . $firewall, serialize($token));
$session->save();
$cookie = new Cookie($session->getName(), $session->getId());
$this->client->getCookieJar()->set($cookie);
$this->container->get('security.token_storage')->setToken($token);
}
protected function logIn(Client $client)
{
$em = $client->getContainer()->get('doctrine')->getManager();
$user = $em->getRepository('VidalMainBundle:User')->findOneByUsername('*****@*****.**');
$session = $client->getContainer()->get('session');
$firewall = 'everything';
$token = new UsernamePasswordToken($user, null, $firewall, $user->getRoles());
$token->setUser($user);
$session->set('_security_' . $firewall, serialize($token));
$session->save();
$cookie = new Cookie($session->getName(), $session->getId());
$client->getCookieJar()->set($cookie);
}
public function testVote()
{
$generalManager = $this->em->getRepository('OpitOpitHrmUserBundle:User')->findByUsername('generalManager');
$admin = $this->em->getRepository('OpitOpitHrmUserBundle:User')->findByUsername('admin');
$user = $this->em->getRepository('OpitOpitHrmUserBundle:User')->findByUsername('user');
$leaveRequests = $this->em->getRepository('OpitOpitHrmLeaveBundle:LeaveRequest')->findByEmployee($user);
$leaveRequest = current($leaveRequests);
$leaveAccessVoter = new LeaveAccessVoter($this->em);
$firewall = 'secured_area';
$gmToken = new UsernamePasswordToken('generalManager', null, $firewall, array('ROLE_ADMIN'));
$gmToken->setUser(current($generalManager));
$adminToken = new UsernamePasswordToken('generalManager', null, $firewall, array('ROLE_GENERAL_MANAGER'));
$adminToken->setUser(current($admin));
$userToken = new UsernamePasswordToken('user', null, $firewall, array('ROLE_USER'));
$userToken->setUser(current($user));
// Check if gm can access lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($gmToken, $leaveRequest, array('view')), 'Vote: General manager not can view leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if admin can access lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($adminToken, $leaveRequest, array('view')), 'Vote: Admin can not view leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if user can access lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($userToken, $leaveRequest, array('view')), 'Vote: User can view leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if gm can edit lr
$this->assertEquals(VoterInterface::ACCESS_DENIED, $leaveAccessVoter->vote($gmToken, $leaveRequest, array('edit')), 'Vote: General manager can edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if admin can edit lr
$this->assertEquals(VoterInterface::ACCESS_DENIED, $leaveAccessVoter->vote($adminToken, $leaveRequest, array('edit')), 'Vote: Admin can edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if user can edit lr
$this->assertEquals(VoterInterface::ACCESS_DENIED, $leaveAccessVoter->vote($userToken, $leaveRequest, array('edit')), 'Vote: User can edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if gm can delete lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($gmToken, $leaveRequest, array('delete')), 'Vote: General manager can not edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if admin can delete lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($adminToken, $leaveRequest, array('delete')), 'Vote: Admin can not edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if user can delete lr
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($userToken, $leaveRequest, array('delete')), 'Vote: User can edit leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if gm can change lr status
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($gmToken, $leaveRequest, array('status')), 'Vote: General manager can change status leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if admin can change lr status
$this->assertEquals(VoterInterface::ACCESS_GRANTED, $leaveAccessVoter->vote($adminToken, $leaveRequest, array('status')), 'Vote: Admin can change status leave request ' . $leaveRequest->getLeaveRequestId() . '.');
// Check if user can change lr status
$this->assertEquals(VoterInterface::ACCESS_DENIED, $leaveAccessVoter->vote($userToken, $leaveRequest, array('status')), 'Vote: User can change status leave request ' . $leaveRequest->getLeaveRequestId() . '.');
}
private function createUserTokenWithId($id)
{
$user = $this->prophesize(UserInterface::class);
$user->getId()->willReturn($id);
$userToken = new UsernamePasswordToken('test', 'testpass', 'fake_provider');
$userToken->setUser($user->reveal());
return $userToken;
}
public function testSendTestEmailAction()
{
if (null !== static::$kernel) {
static::$kernel->shutdown();
}
try {
static::$kernel = static::createKernel(array());
} catch (\RuntimeException $ex) {
$this->markTestSkipped("There does not seem to be a full application available (e.g. running tests on travis.org). So this test is skipped.");
return;
}
static::$kernel->boot();
$container = static::$kernel->getContainer();
$spoolDir = $container->getParameter('swiftmailer.spool.defaultMailer.file.path');
// delete all spooled mails from other tests
array_map('unlink', glob($spoolDir . "/*.messag*"));
array_map('unlink', glob($spoolDir . "/.*.messag*"));
$context = new RequestContext('/app.php');
$context->setParameter('_locale', 'en');
$router = $container->get('router');
$router->setContext($context);
$to = md5(time() . "to") . '@email.non-existent.to.mail.domain.com';
$uri = $router->generate("azine_email_send_test_email", array('template' => AzineTemplateProvider::NEWSLETTER_TEMPLATE, 'email' => $to));
$container->set('request', Request::create($uri, "GET"));
// "login" a user
$token = new UsernamePasswordToken("username", "password", "main");
$recipientProvider = $container->get('azine_email_recipient_provider');
$users = $recipientProvider->getNewsletterRecipientIDs();
$token->setUser($recipientProvider->getRecipient($users[0]));
$container->get('security.context')->setToken($token);
// instantiate the controller and try to send the email
$controller = new AzineEmailTemplateController();
$controller->setContainer($container);
$response = $controller->sendTestEmailAction(AzineTemplateProvider::NEWSLETTER_TEMPLATE, $to);
$this->assertEquals(302, $response->getStatusCode(), "Status-Code 302 expected.");
$uri = $router->generate("azine_email_template_index");
$this->assertContains("Redirecting to {$uri}", $response->getContent(), "Redirect expected.");
$findInFile = new FindInFileUtil();
$findInFile->excludeMode = false;
$findInFile->formats = array(".message");
$this->assertEquals(1, sizeof($findInFile->find($spoolDir, "This is just the default content-block.")));
$this->assertEquals(1, sizeof($findInFile->find($spoolDir, "Add some html content here")));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
* @expectedExceptionMessage The credentials were changed from another session.
*/
public function testCheckAuthenticationKnownUserCredentialsChanged()
{
$method = $this->setMethodAccessible('checkAuthentication');
$username = '******';
$password = '******';
$user = new TestUser();
$user->setUsername($username);
$token = new UsernamePasswordToken($username, $password, 'provider_key', array());
$token->setUser($user);
$this->ldapManager->expects($this->once())->method('bind')->with($this->equalTo($user), $this->equalTo($password))->will($this->returnValue(false));
$method->invoke($this->ldapAuthenticationProvider, $user, $token);
}
/**
* This method authenticates the newly created user.
*
* @param User $user The User entity
* @return void
*/
private function authenticateUserToken(User $user)
{
$token = new UsernamePasswordToken($user->getUsername(), $user->getPassword(), 'public', $user->getRoles());
$token->setUser($user);
$this->get('security.context')->setToken($token);
}
