[civicrm-core.git] / tests / phpunit / Civi / API / Subscriber / DynamicFKAuthorizationTest.php

<?php
namespace Civi\API\Subscriber;

use \Civi\API\Kernel;
use \Symfony\Component\EventDispatcher\EventDispatcher;

require_once 'CiviTest/CiviUnitTestCase.php';

/**
 */
class DynamicFKAuthorizationTest extends \CiviUnitTestCase {
  const FILE_WIDGET_ID = 10;

  const FILE_FORBIDDEN_ID = 11;

  const WIDGET_ID = 20;

  const FORBIDDEN_ID = 30;

  /**
   * @var EventDispatcher
   */
  var $dispatcher;

  /**
   * @var Kernel
   */
  var $kernel;

  protected function setUp() {
    parent::setUp();
    \CRM_Core_DAO_AllCoreTables::init(TRUE);

    \CRM_Core_DAO_AllCoreTables::registerEntityType('FakeFile', 'CRM_Fake_DAO_FakeFile', 'fake_file');
    $fileProvider = new \Civi\API\Provider\StaticProvider(
      3,
      'FakeFile',
      array('id', 'entity_table', 'entity_id'),
      array(),
      array(
        array('id' => self::FILE_WIDGET_ID, 'entity_table' => 'fake_widget', 'entity_id' => self::WIDGET_ID),
        array('id' => self::FILE_FORBIDDEN_ID, 'entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
      )
    );

    \CRM_Core_DAO_AllCoreTables::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
    $widgetProvider = new \Civi\API\Provider\StaticProvider(3, 'Widget',
      array('id', 'title'),
      array(),
      array(
        array('id' => self::WIDGET_ID, 'title' => 'my widget'),
      )
    );

    \CRM_Core_DAO_AllCoreTables::registerEntityType('Forbidden', 'CRM_Fake_DAO_Forbidden', 'fake_forbidden');
    $forbiddenProvider = new \Civi\API\Provider\StaticProvider(
      3,
      'Forbidden',
      array('id', 'label'),
      array(
        'create' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
        'get' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
        'delete' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
      ),
      array(
        array('id' => self::FORBIDDEN_ID, 'label' => 'my forbidden'),
      )
    );

    $this->dispatcher = new EventDispatcher();
    $this->kernel = new Kernel($this->dispatcher);
    $this->kernel
      ->registerApiProvider($fileProvider)
      ->registerApiProvider($widgetProvider)
      ->registerApiProvider($forbiddenProvider);
    $this->dispatcher->addSubscriber(new DynamicFKAuthorization(
      $this->kernel,
      'FakeFile',
      array('create', 'get'),
      "select
      case %1
        when " . self::FILE_WIDGET_ID . " then 1
        when " . self::FILE_FORBIDDEN_ID . " then 1
        else 0
      end as is_valid,
      case %1
        when " . self::FILE_WIDGET_ID . " then 'fake_widget'
        when " . self::FILE_FORBIDDEN_ID . " then 'fake_forbidden'
        else null
      end as entity_table,
      case %1
        when " . self::FILE_WIDGET_ID . " then " . self::WIDGET_ID . "
        when " . self::FILE_FORBIDDEN_ID . " then " . self::FORBIDDEN_ID . "
        else null
      end as entity_id
      ",
      array('fake_widget', 'fake_forbidden')
    ));
  }

  protected function tearDown() {
    parent::tearDown();
    \CRM_Core_DAO_AllCoreTables::init(TRUE);
  }

  public function okDataProvider() {
    $cases = array();

    $cases[] = array('Widget', 'create', array('id' => self::WIDGET_ID));
    $cases[] = array('Widget', 'get', array('id' => self::WIDGET_ID));

    $cases[] = array('FakeFile', 'create', array('id' => self::FILE_WIDGET_ID));
    $cases[] = array('FakeFile', 'get', array('id' => self::FILE_WIDGET_ID));
    $cases[] = array(
      'FakeFile',
      'create',
      array('entity_table' => 'fake_widget', 'entity_id' => self::WIDGET_ID),
    );
    $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_widget'));

    return $cases;
  }

  public function badDataProvider() {
    $cases = array();

    $cases[] = array('Forbidden', 'create', array('id' => self::FORBIDDEN_ID), '/Authorization failed/');
    $cases[] = array('Forbidden', 'get', array('id' => self::FORBIDDEN_ID), '/Authorization failed/');

    $cases[] = array('FakeFile', 'create', array('id' => self::FILE_FORBIDDEN_ID), '/Authorization failed/');
    $cases[] = array('FakeFile', 'get', array('id' => self::FILE_FORBIDDEN_ID), '/Authorization failed/');

    $cases[] = array('FakeFile', 'create', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
    $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');

    $cases[] = array(
      'FakeFile',
      'create',
      array('entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
      '/Authorization failed/',
    );
    $cases[] = array(
      'FakeFile',
      'get',
      array('entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
      '/Authorization failed/',
    );

    $cases[] = array(
      'FakeFile',
      'create',
      array(),
      "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
    );
    $cases[] = array(
      'FakeFile',
      'get',
      array(),
      "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
    );

    $cases[] = array('FakeFile', 'create', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
    $cases[] = array('FakeFile', 'get', array('entity_table' => 'unknown'), '/Unrecognized target entity/');

    return $cases;
  }

  /**
   * @param $entity
   * @param $action
   * @param array $params
   * @dataProvider okDataProvider
   */
  public function testOk($entity, $action, $params) {
    $params['version'] = 3;
    $params['debug'] = 1;
    $params['check_permissions'] = 1;
    $result = $this->kernel->run($entity, $action, $params);
    $this->assertFalse((bool) $result['is_error'], print_r(array(
      '$entity' => $entity,
      '$action' => $action,
      '$params' => $params,
      '$result' => $result,
    ), TRUE));
  }

  /**
   * @param $entity
   * @param $action
   * @param array $params
   * @param $expectedError
   * @dataProvider badDataProvider
   */
  public function testBad($entity, $action, $params, $expectedError) {
    $params['version'] = 3;
    $params['debug'] = 1;
    $params['check_permissions'] = 1;
    $result = $this->kernel->run($entity, $action, $params);
    $this->assertTrue((bool) $result['is_error'], print_r(array(
      '$entity' => $entity,
      '$action' => $action,
      '$params' => $params,
      '$result' => $result,
    ), TRUE));
    $this->assertRegExp($expectedError, $result['error_message']);
  }

}
Commit	Line	Data
56154d36 TO	1	<?php
	2	namespace Civi\API\Subscriber;
	3
	4	use \Civi\API\Kernel;
	5	use \Symfony\Component\EventDispatcher\EventDispatcher;
	6
	7	require_once 'CiviTest/CiviUnitTestCase.php';
	8
	9	/**
	10	*/
	11	class DynamicFKAuthorizationTest extends \CiviUnitTestCase {
	12	const FILE_WIDGET_ID = 10;
	13
	14	const FILE_FORBIDDEN_ID = 11;
	15
	16	const WIDGET_ID = 20;
	17
	18	const FORBIDDEN_ID = 30;
	19
	20	/**
	21	* @var EventDispatcher
	22	*/
	23	var $dispatcher;
	24
	25	/**
	26	* @var Kernel
	27	*/
	28	var $kernel;
	29
	30	protected function setUp() {
	31	parent::setUp();
	32	\CRM_Core_DAO_AllCoreTables::init(TRUE);
	33
	34	\CRM_Core_DAO_AllCoreTables::registerEntityType('FakeFile', 'CRM_Fake_DAO_FakeFile', 'fake_file');
	35	$fileProvider = new \Civi\API\Provider\StaticProvider(
	36	3,
	37	'FakeFile',
	38	array('id', 'entity_table', 'entity_id'),
	39	array(),
	40	array(
	41	array('id' => self::FILE_WIDGET_ID, 'entity_table' => 'fake_widget', 'entity_id' => self::WIDGET_ID),
	42	array('id' => self::FILE_FORBIDDEN_ID, 'entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
	43	)
	44	);
	45
	46	\CRM_Core_DAO_AllCoreTables::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
	47	$widgetProvider = new \Civi\API\Provider\StaticProvider(3, 'Widget',
	48	array('id', 'title'),
	49	array(),
	50	array(
	51	array('id' => self::WIDGET_ID, 'title' => 'my widget'),
	52	)
	53	);
	54
	55	\CRM_Core_DAO_AllCoreTables::registerEntityType('Forbidden', 'CRM_Fake_DAO_Forbidden', 'fake_forbidden');
	56	$forbiddenProvider = new \Civi\API\Provider\StaticProvider(
	57	3,
	58	'Forbidden',
	59	array('id', 'label'),
	60	array(
	61	'create' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
	62	'get' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
	63	'delete' => \CRM_Core_Permission::ALWAYS_DENY_PERMISSION,
	64	),
65	array(
66	array('id' => self::FORBIDDEN_ID, 'label' => 'my forbidden'),
67	)
68	);
69
70	$this->dispatcher = new EventDispatcher();
71	$this->kernel = new Kernel($this->dispatcher);
72	$this->kernel
73	->registerApiProvider($fileProvider)
74	->registerApiProvider($widgetProvider)
75	->registerApiProvider($forbiddenProvider);
76	$this->dispatcher->addSubscriber(new DynamicFKAuthorization(
77	$this->kernel,
78	'FakeFile',
79	array('create', 'get'),
80	"select
81	case %1
82	when " . self::FILE_WIDGET_ID . " then 1
83	when " . self::FILE_FORBIDDEN_ID . " then 1
84	else 0
85	end as is_valid,
86	case %1
87	when " . self::FILE_WIDGET_ID . " then 'fake_widget'
88	when " . self::FILE_FORBIDDEN_ID . " then 'fake_forbidden'
89	else null
90	end as entity_table,
91	case %1
92	when " . self::FILE_WIDGET_ID . " then " . self::WIDGET_ID . "
93	when " . self::FILE_FORBIDDEN_ID . " then " . self::FORBIDDEN_ID . "
94	else null
95	end as entity_id
96	",
97	array('fake_widget', 'fake_forbidden')
98	));
99	}
100
101	protected function tearDown() {
102	parent::tearDown();
103	\CRM_Core_DAO_AllCoreTables::init(TRUE);
104	}
105
00be9182	106	public function okDataProvider() {
56154d36 TO	107	$cases = array();
	108
	109	$cases[] = array('Widget', 'create', array('id' => self::WIDGET_ID));
	110	$cases[] = array('Widget', 'get', array('id' => self::WIDGET_ID));
	111
	112	$cases[] = array('FakeFile', 'create', array('id' => self::FILE_WIDGET_ID));
	113	$cases[] = array('FakeFile', 'get', array('id' => self::FILE_WIDGET_ID));
	114	$cases[] = array(
	115	'FakeFile',
	116	'create',
21dfd5f5	117	array('entity_table' => 'fake_widget', 'entity_id' => self::WIDGET_ID),
56154d36 TO	118	);
	119	$cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_widget'));
	120
	121	return $cases;
	122	}
	123
00be9182	124	public function badDataProvider() {
56154d36 TO	125	$cases = array();
	126
	127	$cases[] = array('Forbidden', 'create', array('id' => self::FORBIDDEN_ID), '/Authorization failed/');
	128	$cases[] = array('Forbidden', 'get', array('id' => self::FORBIDDEN_ID), '/Authorization failed/');
	129
	130	$cases[] = array('FakeFile', 'create', array('id' => self::FILE_FORBIDDEN_ID), '/Authorization failed/');
	131	$cases[] = array('FakeFile', 'get', array('id' => self::FILE_FORBIDDEN_ID), '/Authorization failed/');
	132
	133	$cases[] = array('FakeFile', 'create', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
	134	$cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
	135
	136	$cases[] = array(
	137	'FakeFile',
	138	'create',
	139	array('entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
21dfd5f5	140	'/Authorization failed/',
56154d36 TO	141	);
	142	$cases[] = array(
	143	'FakeFile',
	144	'get',
	145	array('entity_table' => 'fake_forbidden', 'entity_id' => self::FORBIDDEN_ID),
21dfd5f5	146	'/Authorization failed/',
56154d36 TO	147	);
56154d36 TO	148
92915c55 TO	149	$cases[] = array(
	150	'FakeFile',
	151	'create',
	152	array(),
389bcebf	153	"/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
92915c55 TO	154	);
	155	$cases[] = array(
	156	'FakeFile',
	157	'get',
	158	array(),
389bcebf	159	"/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
92915c55	160	);
56154d36 TO	161
	162	$cases[] = array('FakeFile', 'create', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
	163	$cases[] = array('FakeFile', 'get', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
	164
	165	return $cases;
	166	}
	167
	168	/**
	169	* @param $entity
	170	* @param $action
16b10e64	171	* @param array $params
56154d36 TO	172	* @dataProvider okDataProvider
56154d36 TO	173	*/
00be9182	174	public function testOk($entity, $action, $params) {
56154d36 TO	175	$params['version'] = 3;
	176	$params['debug'] = 1;
	177	$params['check_permissions'] = 1;
	178	$result = $this->kernel->run($entity, $action, $params);
	179	$this->assertFalse((bool) $result['is_error'], print_r(array(
	180	'$entity' => $entity,
	181	'$action' => $action,
	182	'$params' => $params,
	183	'$result' => $result,
	184	), TRUE));
	185	}
	186
	187	/**
	188	* @param $entity
	189	* @param $action
16b10e64	190	* @param array $params
f0be539a	191	* @param $expectedError
56154d36 TO	192	* @dataProvider badDataProvider
56154d36 TO	193	*/
00be9182	194	public function testBad($entity, $action, $params, $expectedError) {
56154d36 TO	195	$params['version'] = 3;
	196	$params['debug'] = 1;
	197	$params['check_permissions'] = 1;
	198	$result = $this->kernel->run($entity, $action, $params);
	199	$this->assertTrue((bool) $result['is_error'], print_r(array(
	200	'$entity' => $entity,
	201	'$action' => $action,
	202	'$params' => $params,
	203	'$result' => $result,
	204	), TRUE));
	205	$this->assertRegExp($expectedError, $result['error_message']);
	206	}
96025800	207
56154d36	208	}