示例#1
0
/**
 * Because we can't be sure we're using PHP 5.4 or higher, we can't use traits.
 * Instead, we use this global function to do the general setup for tests
 *
 * @return  void
 */
function setUp()
{
    reset_SERVER();
    \DAV::$REGISTRY = new \BeeHub_Registry();
    \DAV::$LOCKPROVIDER = new \BeeHub_Lock_Provider();
    \DAV::$ACLPROVIDER = new \BeeHub_ACL_Provider();
    \BeeHub::setAuth(new BeeHub_Auth(new \SimpleSAML_Auth_Simple('BeeHub')));
}
 /**
  * Prepares a mocked DAVACL_Resource object which is needed by multiple tests (but not all)
  * 
  * @return  DAVACL_Resource  The mocked object
  */
 private function prepareObjWithAcl()
 {
     $_SERVER['REQUEST_URI'] = '/path/to/principal';
     $allAce = new DAVACL_Element_supported_privilege(DAVACL::PRIV_ALL, false, '');
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_BIND, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_ACL, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_CURRENT_USER_PRIVILEGE_SET, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_UNBIND, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_UNLOCK, false, ''));
     $allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_WRITE_CONTENT, false, ''));
     $supportedPrivs = array($allAce);
     DAV::$ACLPROVIDER = new DAVACL_Test_ACL_Provider();
     DAV::$ACLPROVIDER->setSupportedPrivilegeSet($supportedPrivs);
     $acl = array(new DAVACL_Element_ace('/path/to/principal', true, array(DAVACL::PRIV_BIND), false), new DAVACL_Element_ace('/path/to/other/principal', false, array(DAVACL::PRIV_READ), false), new DAVACL_Element_ace('/path/to/other/principal', true, array(DAVACL::PRIV_READ_ACL), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_ALL, false, array(DAVACL::PRIV_READ_CURRENT_USER_PRIVILEGE_SET), true), new DAVACL_Element_ace(DAVACL::PRINCIPAL_AUTHENTICATED, false, array(DAVACL::PRIV_UNBIND), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_UNAUTHENTICATED, false, array(DAVACL::PRIV_UNLOCK), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_SELF, false, array(DAVACL::PRIV_WRITE_CONTENT), false));
     $obj = $this->getMock('DAVACL_Resource', array('user_prop_acl', 'user_prop_current_user_principal', 'user_prop_supported_privilege_set'), array($_SERVER['REQUEST_URI']));
     $obj->expects($this->any())->method('user_prop_acl')->will($this->returnValue($acl));
     $obj->expects($this->any())->method('user_prop_current_user_principal')->will($this->returnValue('/path/to/principal'));
     $obj->expects($this->any())->method('user_prop_supported_privilege_set')->will($this->returnValue($supportedPrivs));
     return $obj;
 }
示例#3
0
set_include_path(realpath(dirname(dirname(__FILE__))) . PATH_SEPARATOR . dirname(__FILE__) . PATH_SEPARATOR . get_include_path());
require_once dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
DAV::bootstrap();
set_exception_handler(array('BeeHub', 'exception_handler'));
// We need SimpleSamlPHP
require_once BeeHub::$CONFIG['environment']['simplesamlphp'] . 'lib' . DIRECTORY_SEPARATOR . '_autoload.php';
if (isset($_SERVER['HTTP_ORIGIN']) && !empty($_SERVER['HTTP_ORIGIN']) && parse_url($_SERVER['HTTP_ORIGIN'], PHP_URL_HOST) != $_SERVER['SERVER_NAME']) {
    die('Cross Origin Resourc Sharing prohibited!');
}
DAV::$PROTECTED_PROPERTIES[DAV::PROP_GROUP_MEMBER_SET] = true;
DAV::$ACL_PROPERTIES[BeeHub::PROP_SPONSOR] = 'sponsor';
DAV::addSupported_Properties(BeeHub::PROP_SPONSOR, 'sponsor');
BeeHub::handle_method_spoofing();
DAV::$REGISTRY = BeeHub_Registry::inst();
DAV::$LOCKPROVIDER = BeeHub_Lock_Provider::inst();
DAV::$ACLPROVIDER = BeeHub_ACL_Provider::inst();
DAV::$UNAUTHORIZED = array(BeeHub::getAuth(), 'unauthorized');
// In case of POST requests, we can already check the POST authentication code
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (!BeeHub::getAuth()->checkPostAuthCode()) {
        throw new DAV_Status(DAV::HTTP_FORBIDDEN, 'POST authentication code (POST_auth_code) was incorrect. The correct code can be obtained with a GET request to /system/?POST_auth_code');
    }
}
// Prepare test environments if needed
if (APPLICATION_ENV === BeeHub::ENVIRONMENT_TEST && isset($_GET['test'])) {
    if (substr($_SERVER['REQUEST_URI'], 0, 19) !== '/foo/client_tests/?') {
        header('Location: /foo/client_tests/?' . $_SERVER['QUERY_STRING']);
        die;
    }
    define('RUN_CLIENT_TESTS', true);
} else {
 * @internal
 * @package DAV
 * @subpackage tests
 */
class DAVACL_Test_ACL_Provider implements DAVACL_ACL_Provider
{
    public function user_prop_acl_restrictions()
    {
        return array();
    }
    public function user_prop_current_user_principal()
    {
        return '/path/to/current/user';
    }
    public function user_prop_principal_collection_set()
    {
        return array('/path/to/current/user');
    }
    private $supportedPrivilegeSet = array();
    public function setSupportedPrivilegeSet($supportedPrivilegeSet)
    {
        $this->supportedPrivilegeSet = $supportedPrivilegeSet;
    }
    public function user_prop_supported_privilege_set()
    {
        return $this->supportedPrivilegeSet;
    }
}
// DAVACL_Test_ACL_Provider
DAV::$ACLPROVIDER = new DAVACL_Test_ACL_Provider();
// End of file