test check access (#3754)

Tests/Admin/AdminTest.php

@@ -92,6 +92,47 @@ class AdminTest extends \PHPUnit_Framework_TestCase
         $admin->getClass();
     }
 
+    public function testCheckAccessThrowsExceptionOnMadeUpAction()
+    {
+        $admin = new PostAdmin(
+            'sonata.post.admin.post',
+            'Application\Sonata\NewsBundle\Entity\Post',
+            'SonataNewsBundle:PostAdmin'
+        );
+        $this->setExpectedException(
+            '\InvalidArgumentException',
+            'Action "made-up" could not be found'
+        );
+        $admin->checkAccess('made-up');
+    }
+
+    public function testCheckAccessThrowsAccessDeniedException()
+    {
+        $admin = new PostAdmin(
+            'sonata.post.admin.post',
+            'Application\Sonata\NewsBundle\Entity\Post',
+            'SonataNewsBundle:PostAdmin'
+        );
+        $securityHandler = $this->prophesize(
+            'Sonata\AdminBundle\Security\Handler\SecurityHandlerInterface'
+        );
+        $securityHandler->isGranted($admin, 'CUSTOM_ROLE', $admin)->willReturn(true);
+        $securityHandler->isGranted($admin, 'EXTRA_CUSTOM_ROLE', $admin)->willReturn(false);
+        $customExtension = $this->prophesize(
+            'Sonata\AdminBundle\Admin\AdminExtension'
+        );
+        $customExtension->getAccessMapping($admin)->willReturn(
+            array('custom_action' => array('CUSTOM_ROLE', 'EXTRA_CUSTOM_ROLE'))
+        );
+        $admin->addExtension($customExtension->reveal());
+        $admin->setSecurityHandler($securityHandler->reveal());
+        $this->setExpectedException(
+            'Symfony\Component\Security\Core\Exception\AccessDeniedException',
+            'Access Denied to the action custom_action and role EXTRA_CUSTOM_ROLE'
+        );
+        $admin->checkAccess('custom_action');
+    }
+
     public function testGetBreadCrumbs()
     {
         $class = 'Application\Sonata\NewsBundle\Entity\Post';