Home Explore Help
Register Sign In
VendorSoftware
/
symfony
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 2978c28ce5
Branches Tags
symfony
/
tests
/
Symfony
/
Tests
/
Component
/
Security
/
Acl
/
Dbal
/
AclProviderTest.php

AclProviderTest.php 9.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 
  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4.  * This file is part of the Symfony package.
    5. 

  5.  *
    6. 

  6.  * (c) Fabien Potencier <fabien@symfony.com>
    7. 

  7.  *
    8. 

  8.  * For the full copyright and license information, please view the LICENSE
    9. 

  9.  * file that was distributed with this source code.
    10. 

  10.  */
    11. 

  11. 

  12. namespace Symfony\Tests\Component\Security\Acl\Dbal;
    13. 

  13. 

  14. use Symfony\Component\Security\Acl\Dbal\AclProvider;
    15. 

  15. use Symfony\Component\Security\Acl\Domain\PermissionGrantingStrategy;
    16. 

  16. use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
    17. 

  17. use Symfony\Component\Security\Acl\Dbal\Schema;
    18. 

  18. use Doctrine\DBAL\DriverManager;
    19. 

  19. 

  20. class AclProviderTest extends \PHPUnit_Framework_TestCase
    21. 

  21. {
    22. 

  22.     protected $con;
    23. 

  23.     protected $insertClassStmt;
    24. 

  24.     protected $insertEntryStmt;
    25. 

  25.     protected $insertOidStmt;
    26. 

  26.     protected $insertOidAncestorStmt;
    27. 

  27.     protected $insertSidStmt;
    28. 

  28. 

  29.     /**
    30. 

  30.      * @expectedException Symfony\Component\Security\Acl\Exception\AclNotFoundException
    31. 

  31.      * @expectedMessage There is no ACL for the given object identity.
    32. 

  32.      */
    33. 

  33.     public function testFindAclThrowsExceptionWhenNoAclExists()
    34. 

  34.     {
    35. 

  35.         $this->getProvider()->findAcl(new ObjectIdentity('foo', 'foo'));
    36. 

  36.     }
    37. 

  37. 

  38.     public function testFindAclsThrowsExceptionUnlessAnACLIsFoundForEveryOID()
    39. 

  39.     {
    40. 

  40.         $oids = array();
    41. 

  41.         $oids[] = new ObjectIdentity('1', 'foo');
    42. 

  42.         $oids[] = new ObjectIdentity('foo', 'foo');
    43. 

  43. 

  44.         try {
    45. 

  45.             $this->getProvider()->findAcls($oids);
    46. 

  46. 

  47.             $this->fail('Provider did not throw an expected exception.');
    48. 

  48.         } catch (\Exception $ex) {
    49. 

  49.             $this->assertInstanceOf('Symfony\Component\Security\Acl\Exception\AclNotFoundException', $ex);
    50. 

  50.             $this->assertInstanceOf('Symfony\Component\Security\Acl\Exception\NotAllAclsFoundException', $ex);
    51. 

  51. 

  52.             $partialResult = $ex->getPartialResult();
    53. 

  53.             $this->assertTrue($partialResult->contains($oids[0]));
    54. 

  54.             $this->assertFalse($partialResult->contains($oids[1]));
    55. 

  55.         }
    56. 

  56.     }
    57. 

  57. 

  58.     public function testFindAcls()
    59. 

  59.     {
    60. 

  60.         $oids = array();
    61. 

  61.         $oids[] = new ObjectIdentity('1', 'foo');
    62. 

  62.         $oids[] = new ObjectIdentity('2', 'foo');
    63. 

  63. 

  64.         $provider = $this->getProvider();
    65. 

  65. 

  66.         $acls = $provider->findAcls($oids);
    67. 

  67.         $this->assertInstanceOf('SplObjectStorage', $acls);
    68. 

  68.         $this->assertEquals(2, count($acls));
    69. 

  69.         $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl0 = $acls->offsetGet($oids[0]));
    70. 

  70.         $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl1 = $acls->offsetGet($oids[1]));
    71. 

  71.         $this->assertTrue($oids[0]->equals($acl0->getObjectIdentity()));
    72. 

  72.         $this->assertTrue($oids[1]->equals($acl1->getObjectIdentity()));
    73. 

  73.     }
    74. 

  74. 

  75.     public function testFindAclCachesAclInMemory()
    76. 

  76.     {
    77. 

  77.         $oid = new ObjectIdentity('1', 'foo');
    78. 

  78.         $provider = $this->getProvider();
    79. 

  79. 

  80.         $acl = $provider->findAcl($oid);
    81. 

  81.         $this->assertSame($acl, $cAcl = $provider->findAcl($oid));
    82. 

  82. 

  83.         $cAces = $cAcl->getObjectAces();
    84. 

  84.         foreach ($acl->getObjectAces() as $index => $ace) {
    85. 

  85.             $this->assertSame($ace, $cAces[$index]);
    86. 

  86.         }
    87. 

  87.     }
    88. 

  88. 

  89.     public function testFindAcl()
    90. 

  90.     {
    91. 

  91.         $oid = new ObjectIdentity('1', 'foo');
    92. 

  92.         $provider = $this->getProvider();
    93. 

  93. 

  94.         $acl = $provider->findAcl($oid);
    95. 

  95. 

  96.         $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Acl', $acl);
    97. 

  97.         $this->assertTrue($oid->equals($acl->getObjectIdentity()));
    98. 

  98.         $this->assertEquals(4, $acl->getId());
    99. 

  99.         $this->assertEquals(0, count($acl->getClassAces()));
    100. 

  100.         $this->assertEquals(0, count($this->getField($acl, 'classFieldAces')));
    101. 

  101.         $this->assertEquals(3, count($acl->getObjectAces()));
    102. 

  102.         $this->assertEquals(0, count($this->getField($acl, 'objectFieldAces')));
    103. 

  103. 

  104.         $aces = $acl->getObjectAces();
    105. 

  105.         $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\Entry', $aces[0]);
    106. 

  106.         $this->assertTrue($aces[0]->isGranting());
    107. 

  107.         $this->assertTrue($aces[0]->isAuditSuccess());
    108. 

  108.         $this->assertTrue($aces[0]->isAuditFailure());
    109. 

  109.         $this->assertEquals('all', $aces[0]->getStrategy());
    110. 

  110.         $this->assertSame(2, $aces[0]->getMask());
    111. 

  111. 

  112.         // check ACE are in correct order
    113. 

  113.         $i = 0;
    114. 

  114.         foreach ($aces as $index => $ace) {
    115. 

  115.             $this->assertEquals($i, $index);
    116. 

  116.             $i++;
    117. 

  117.         }
    118. 

  118. 

  119.         $sid = $aces[0]->getSecurityIdentity();
    120. 

  120.         $this->assertInstanceOf('Symfony\Component\Security\Acl\Domain\UserSecurityIdentity', $sid);
    121. 

  121.         $this->assertEquals('john.doe', $sid->getUsername());
    122. 

  122.         $this->assertEquals('SomeClass', $sid->getClass());
    123. 

  123.     }
    124. 

  124. 

  125.     protected function setUp()
    126. 

  126.     {
    127. 

  127.         if (!class_exists('Doctrine\DBAL\DriverManager')) {
    128. 

  128.             $this->markTestSkipped('The Doctrine2 DBAL is required for this test');
    129. 

  129.         }
    130. 

  130.         if (!class_exists('PDO') || !in_array('sqlite', \PDO::getAvailableDrivers())) {
    131. 

  131.             self::markTestSkipped('This test requires SQLite support in your environment');
    132. 

  132.         }
    133. 

  133. 

  134.         $this->con = DriverManager::getConnection(array(
    135. 

  135.             'driver' => 'pdo_sqlite',
    136. 

  136.             'memory' => true,
    137. 

  137.         ));
    138. 

  138. 

  139.         // import the schema
    140. 

  140.         $schema = new Schema($options = $this->getOptions());
    141. 

  141.         foreach ($schema->toSql($this->con->getDatabasePlatform()) as $sql) {
    142. 

  142.             $this->con->exec($sql);
    143. 

  143.         }
    144. 

  144. 

  145.         // populate the schema with some test data
    146. 

  146.         $this->insertClassStmt = $this->con->prepare('INSERT INTO acl_classes (id, class_type) VALUES (?, ?)');
    147. 

  147.         foreach ($this->getClassData() as $data) {
    148. 

  148.             $this->insertClassStmt->execute($data);
    149. 

  149.         }
    150. 

  150. 

  151.         $this->insertSidStmt = $this->con->prepare('INSERT INTO acl_security_identities (id, identifier, username) VALUES (?, ?, ?)');
    152. 

  152.         foreach ($this->getSidData() as $data) {
    153. 

  153.             $this->insertSidStmt->execute($data);
    154. 

  154.         }
    155. 

  155. 

  156.         $this->insertOidStmt = $this->con->prepare('INSERT INTO acl_object_identities (id, class_id, object_identifier, parent_object_identity_id, entries_inheriting) VALUES (?, ?, ?, ?, ?)');
    157. 

  157.         foreach ($this->getOidData() as $data) {
    158. 

  158.             $this->insertOidStmt->execute($data);
    159. 

  159.         }
    160. 

  160. 

  161.         $this->insertEntryStmt = $this->con->prepare('INSERT INTO acl_entries (id, class_id, object_identity_id, field_name, ace_order, security_identity_id, mask, granting, granting_strategy, audit_success, audit_failure) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
    162. 

  162.         foreach ($this->getEntryData() as $data) {
    163. 

  163.             $this->insertEntryStmt->execute($data);
    164. 

  164.         }
    165. 

  165. 

  166.         $this->insertOidAncestorStmt = $this->con->prepare('INSERT INTO acl_object_identity_ancestors (object_identity_id, ancestor_id) VALUES (?, ?)');
    167. 

  167.         foreach ($this->getOidAncestorData() as $data) {
    168. 

  168.             $this->insertOidAncestorStmt->execute($data);
    169. 

  169.         }
    170. 

  170.     }
    171. 

  171. 

  172.     protected function tearDown()
    173. 

  173.     {
    174. 

  174.         $this->con = null;
    175. 

  175.     }
    176. 

  176. 

  177.     protected function getField($object, $field)
    178. 

  178.     {
    179. 

  179.         $reflection = new \ReflectionProperty($object, $field);
    180. 

  180.         $reflection->setAccessible(true);
    181. 

  181. 

  182.         return $reflection->getValue($object);
    183. 

  183.     }
    184. 

  184. 

  185.     protected function getEntryData()
    186. 

  186.     {
    187. 

  187.         // id, cid, oid, field, order, sid, mask, granting, strategy, a success, a failure
    188. 

  188.         return array(
    189. 

  189.             array(1, 1, 1, null, 0, 1, 1, 1, 'all', 1, 1),
    190. 

  190.             array(2, 1, 1, null, 1, 2, 1 << 2 | 1 << 1, 0, 'any', 0, 0),
    191. 

  191.             array(3, 3, 4, null, 0, 1, 2, 1, 'all', 1, 1),
    192. 

  192.             array(4, 3, 4, null, 2, 2, 1, 1, 'all', 1, 1),
    193. 

  193.             array(5, 3, 4, null, 1, 3, 1, 1, 'all', 1, 1),
    194. 

  194.         );
    195. 

  195.     }
    196. 

  196. 

  197.     protected function getOidData()
    198. 

  198.     {
    199. 

  199.         // id, cid, oid, parent_oid, entries_inheriting
    200. 

  200.         return array(
    201. 

  201.             array(1, 1, '123', null, 1),
    202. 

  202.             array(2, 2, '123', 1, 1),
    203. 

  203.             array(3, 2, 'i:3:123', 1, 1),
    204. 

  204.             array(4, 3, '1', 2, 1),
    205. 

  205.             array(5, 3, '2', 2, 1),
    206. 

  206.         );
    207. 

  207.     }
    208. 

  208. 

  209.     protected function getOidAncestorData()
    210. 

  210.     {
    211. 

  211.         return array(
    212. 

  212.             array(1, 1),
    213. 

  213.             array(2, 1),
    214. 

  214.             array(2, 2),
    215. 

  215.             array(3, 1),
    216. 

  216.             array(3, 3),
    217. 

  217.             array(4, 2),
    218. 

  218.             array(4, 1),
    219. 

  219.             array(4, 4),
    220. 

  220.             array(5, 2),
    221. 

  221.             array(5, 1),
    222. 

  222.             array(5, 5),
    223. 

  223.         );
    224. 

  224.     }
    225. 

  225. 

  226.     protected function getSidData()
    227. 

  227.     {
    228. 

  228.         return array(
    229. 

  229.             array(1, 'SomeClass-john.doe', 1),
    230. 

  230.             array(2, 'MyClass-john.doe@foo.com', 1),
    231. 

  231.             array(3, 'FooClass-123', 1),
    232. 

  232.             array(4, 'MooClass-ROLE_USER', 1),
    233. 

  233.             array(5, 'ROLE_USER', 0),
    234. 

  234.             array(6, 'IS_AUTHENTICATED_FULLY', 0),
    235. 

  235.         );
    236. 

  236.     }
    237. 

  237. 

  238.     protected function getClassData()
    239. 

  239.     {
    240. 

  240.         return array(
    241. 

  241.             array(1, 'Bundle\SomeVendor\MyBundle\Entity\SomeEntity'),
    242. 

  242.             array(2, 'Bundle\MyBundle\Entity\AnotherEntity'),
    243. 

  243.             array(3, 'foo'),
    244. 

  244.         );
    245. 

  245.     }
    246. 

  246. 

  247.     protected function getOptions()
    248. 

  248.     {
    249. 

  249.         return array(
    250. 

  250.             'oid_table_name' => 'acl_object_identities',
    251. 

  251.             'oid_ancestors_table_name' => 'acl_object_identity_ancestors',
    252. 

  252.             'class_table_name' => 'acl_classes',
    253. 

  253.             'sid_table_name' => 'acl_security_identities',
    254. 

  254.             'entry_table_name' => 'acl_entries',
    255. 

  255.         );
    256. 

  256.     }
    257. 

  257. 

  258.     protected function getStrategy()
    259. 

  259.     {
    260. 

  260.         return new PermissionGrantingStrategy();
    261. 

  261.     }
    262. 

  262. 

  263.     protected function getProvider()
    264. 

  264.     {
    265. 

  265.         return new AclProvider($this->con, $this->getStrategy(), $this->getOptions());
    266. 

  266.     }
    267. 

  267. }
    268.