public function testHandle()
{
DAV::$REGISTRY->setResourceClass('DAVACL_Test_Resource');
$readPriv = new DAVACL_Element_supported_privilege('DAV: read', false, 'Read permissions');
$allPriv = new DAVACL_Element_supported_privilege('DAV: all', false, 'Read permissions');
$allPriv->add_supported_privilege($readPriv);
DAV::$ACLPROVIDER->setSupportedPrivilegeSet(array($allPriv));
// First we expect the output of a succesful call to DAVACL_Test_Resource::set_acl() and the an error that not all privileges are supported
$this->expectOutputString(<<<EOS
Array
(
[0] => DAVACL_Element_ace Object
(
[principal] => DAV: all
[invert] =>
[deny] =>
[privileges] => Array
(
[0] => DAV: read
)
[protected] =>
[inherited] =>
)
[1] => DAVACL_Element_ace Object
(
[principal] => /path/to/user
[invert] =>
[deny] =>
[privileges] => Array
(
[0] => DAV: all
)
[protected] =>
[inherited] =>
)
)
Content-Type: application/xml; charset="UTF-8"
HTTP/1.1 403 Forbidden
<?xml version="1.0" encoding="utf-8"?>
<D:error xmlns:D="DAV:">
<D:not-supported-privilege/>
</D:error>
EOS
);
$this->obj->handleRequest();
// Not supported privileges should trigger an error
DAV::$ACLPROVIDER->setSupportedPrivilegeSet(array());
$this->obj->handleRequest();
}
/**
* Prepares a mocked DAVACL_Resource object which is needed by multiple tests (but not all)
*
* @return DAVACL_Resource The mocked object
*/
private function prepareObjWithAcl()
{
$_SERVER['REQUEST_URI'] = '/path/to/principal';
$allAce = new DAVACL_Element_supported_privilege(DAVACL::PRIV_ALL, false, '');
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_BIND, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_ACL, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_CURRENT_USER_PRIVILEGE_SET, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_UNBIND, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_UNLOCK, false, ''));
$allAce->add_supported_privilege(new DAVACL_Element_supported_privilege(DAVACL::PRIV_WRITE_CONTENT, false, ''));
$supportedPrivs = array($allAce);
DAV::$ACLPROVIDER = new DAVACL_Test_ACL_Provider();
DAV::$ACLPROVIDER->setSupportedPrivilegeSet($supportedPrivs);
$acl = array(new DAVACL_Element_ace('/path/to/principal', true, array(DAVACL::PRIV_BIND), false), new DAVACL_Element_ace('/path/to/other/principal', false, array(DAVACL::PRIV_READ), false), new DAVACL_Element_ace('/path/to/other/principal', true, array(DAVACL::PRIV_READ_ACL), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_ALL, false, array(DAVACL::PRIV_READ_CURRENT_USER_PRIVILEGE_SET), true), new DAVACL_Element_ace(DAVACL::PRINCIPAL_AUTHENTICATED, false, array(DAVACL::PRIV_UNBIND), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_UNAUTHENTICATED, false, array(DAVACL::PRIV_UNLOCK), false), new DAVACL_Element_ace(DAVACL::PRINCIPAL_SELF, false, array(DAVACL::PRIV_WRITE_CONTENT), false));
$obj = $this->getMock('DAVACL_Resource', array('user_prop_acl', 'user_prop_current_user_principal', 'user_prop_supported_privilege_set'), array($_SERVER['REQUEST_URI']));
$obj->expects($this->any())->method('user_prop_acl')->will($this->returnValue($acl));
$obj->expects($this->any())->method('user_prop_current_user_principal')->will($this->returnValue('/path/to/principal'));
$obj->expects($this->any())->method('user_prop_supported_privilege_set')->will($this->returnValue($supportedPrivs));
return $obj;
}
public function user_prop_supported_privilege_set()
{
static $retval = null;
if (!is_null($retval)) {
return $retval;
}
$read_content = new DAVACL_Element_supported_privilege(BeeHub::PRIV_READ_CONTENT, true, 'Read the content');
$read_acl = new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_ACL, true, 'Read ACL');
$read_cups = new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ_CURRENT_USER_PRIVILEGE_SET, true, 'Read current user privilege set');
$write_content = new DAVACL_Element_supported_privilege(DAVACL::PRIV_WRITE_CONTENT, true, 'Write the content');
$unbind = new DAVACL_Element_supported_privilege(DAVACL::PRIV_UNBIND, false, 'Remove child resources from collections (this also requires write privilege on resource itself)');
$read = new DAVACL_Element_supported_privilege(DAVACL::PRIV_READ, false, 'Read');
$write = new DAVACL_Element_supported_privilege(DAVACL::PRIV_WRITE, false, 'Write');
$write_acl = new DAVACL_Element_supported_privilege(DAVACL::PRIV_WRITE_ACL, false, 'Manage the ACL');
$retval = new DAVACL_Element_supported_privilege(DAVACL::PRIV_ALL, false, 'All');
$read->add_supported_privilege($read_content);
$read->add_supported_privilege($read_acl);
$read->add_supported_privilege($read_cups);
$write->add_supported_privilege($write_content);
$write->add_supported_privilege($unbind);
$retval->add_supported_privilege($read)->add_supported_privilege($write)->add_supported_privilege($write_acl);
$retval = array($retval);
return $retval;
}
