/** * @dataProvider idsProvider */ public function testApply($object, $isGranted, $class, $isCorrectClass) { $manager = $this->getMock('Doctrine\\Common\\Persistence\\ObjectManager'); $objectRepository = $this->getMock('Doctrine\\Common\\Persistence\\ObjectRepository'); $manager->expects($this->once())->method('getRepository')->will($this->returnValue($objectRepository)); $this->registry->expects($this->once())->method('getManagerForClass')->will($this->returnValue($manager)); $objectRepository->expects($this->any())->method('find')->will($this->returnValue($object)); $request = new Request(); $request->attributes->set('_oro_access_checked', false); $request->attributes->set('id', 1); $config = new ParamConverter(['class' => get_class($object), 'name' => 'arg', 'options' => ['id' => 'id']]); $annotation = new Acl(['id' => 1, 'type' => 'entity', 'class' => $class, 'permission' => 'EDIT']); $this->securityFacade->expects($this->any())->method('isRequestObjectIsGranted')->will($this->returnValue($isGranted)); if ($isGranted === -1) { $this->setExpectedException('Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException', 'You do not get EDIT permission for this object'); $this->securityFacade->expects($this->any())->method('getRequestAcl')->will($this->returnValue($annotation)); } $this->converter->apply($request, $config); $this->assertTrue($request->attributes->has('_oro_access_checked')); if ($isGranted === -1 || !$isCorrectClass) { $this->assertFalse($request->attributes->get('_oro_access_checked')); } if ($isGranted === 0) { $this->assertTrue($request->attributes->get('_oro_access_checked')); } }
/** * @dataProvider idsProvider */ public function testApply($isGranted) { $request = new Request(); $request->attributes->set('id', 1); $request->attributes->set('_controller', 'Oro\\Test::test'); $config = $this->createConfiguration('stdClass', array('id' => 'id'), 'arg'); $manager = $this->getMock('Doctrine\\Common\\Persistence\\ObjectManager'); $objectRepository = $this->getMock('Doctrine\\Common\\Persistence\\ObjectRepository'); $this->registry->expects($this->once())->method('getManagerForClass')->with('stdClass')->will($this->returnValue($manager)); $manager->expects($this->once())->method('getRepository')->with('stdClass')->will($this->returnValue($objectRepository)); $objectRepository->expects($this->any())->method('find')->will($this->returnValue($object = new \stdClass())); $this->securityFacade->expects($this->once())->method('isGranted')->will($this->returnValue($isGranted)); if (!$isGranted) { $this->setExpectedException('Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException', 'You do not get EDIT permission for this object'); } $this->converter->apply($request, $config); $this->assertTrue($request->attributes->get('_oro_access_checked')); if (!$isGranted) { $this->assertFalse($request->attributes->get('_oro_access_checked')); } else { $this->assertTrue($request->attributes->get('_oro_access_checked')); } }