2 namespace Civi\API\Subscriber
;
5 use \Symfony\Component\EventDispatcher\EventDispatcher
;
7 require_once 'CiviTest/CiviUnitTestCase.php';
11 class DynamicFKAuthorizationTest
extends \CiviUnitTestCase
{
12 const FILE_WIDGET_ID
= 10;
14 const FILE_FORBIDDEN_ID
= 11;
18 const FORBIDDEN_ID
= 30;
21 * @var EventDispatcher
30 protected function setUp() {
32 \CRM_Core_DAO_AllCoreTables
::init(TRUE);
34 \CRM_Core_DAO_AllCoreTables
::registerEntityType('FakeFile', 'CRM_Fake_DAO_FakeFile', 'fake_file');
35 $fileProvider = new \Civi\API\Provider\
StaticProvider(
38 array('id', 'entity_table', 'entity_id'),
41 array('id' => self
::FILE_WIDGET_ID
, 'entity_table' => 'fake_widget', 'entity_id' => self
::WIDGET_ID
),
42 array('id' => self
::FILE_FORBIDDEN_ID
, 'entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
46 \CRM_Core_DAO_AllCoreTables
::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
47 $widgetProvider = new \Civi\API\Provider\
StaticProvider(3, 'Widget',
51 array('id' => self
::WIDGET_ID
, 'title' => 'my widget'),
55 \CRM_Core_DAO_AllCoreTables
::registerEntityType('Forbidden', 'CRM_Fake_DAO_Forbidden', 'fake_forbidden');
56 $forbiddenProvider = new \Civi\API\Provider\
StaticProvider(
61 'create' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
62 'get' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
63 'delete' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
66 array('id' => self
::FORBIDDEN_ID
, 'label' => 'my forbidden'),
70 $this->dispatcher
= new EventDispatcher();
71 $this->kernel
= new Kernel($this->dispatcher
);
73 ->registerApiProvider($fileProvider)
74 ->registerApiProvider($widgetProvider)
75 ->registerApiProvider($forbiddenProvider);
76 $this->dispatcher
->addSubscriber(new DynamicFKAuthorization(
79 array('create', 'get'),
82 when " . self
::FILE_WIDGET_ID
. " then 1
83 when " . self
::FILE_FORBIDDEN_ID
. " then 1
87 when " . self
::FILE_WIDGET_ID
. " then 'fake_widget'
88 when " . self
::FILE_FORBIDDEN_ID
. " then 'fake_forbidden'
92 when " . self
::FILE_WIDGET_ID
. " then " . self
::WIDGET_ID
. "
93 when " . self
::FILE_FORBIDDEN_ID
. " then " . self
::FORBIDDEN_ID
. "
97 array('fake_widget', 'fake_forbidden')
101 protected function tearDown() {
103 \CRM_Core_DAO_AllCoreTables
::init(TRUE);
106 public function okDataProvider() {
109 $cases[] = array('Widget', 'create', array('id' => self
::WIDGET_ID
));
110 $cases[] = array('Widget', 'get', array('id' => self
::WIDGET_ID
));
112 $cases[] = array('FakeFile', 'create', array('id' => self
::FILE_WIDGET_ID
));
113 $cases[] = array('FakeFile', 'get', array('id' => self
::FILE_WIDGET_ID
));
117 array('entity_table' => 'fake_widget', 'entity_id' => self
::WIDGET_ID
),
119 $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_widget'));
124 public function badDataProvider() {
127 $cases[] = array('Forbidden', 'create', array('id' => self
::FORBIDDEN_ID
), '/Authorization failed/');
128 $cases[] = array('Forbidden', 'get', array('id' => self
::FORBIDDEN_ID
), '/Authorization failed/');
130 $cases[] = array('FakeFile', 'create', array('id' => self
::FILE_FORBIDDEN_ID
), '/Authorization failed/');
131 $cases[] = array('FakeFile', 'get', array('id' => self
::FILE_FORBIDDEN_ID
), '/Authorization failed/');
133 $cases[] = array('FakeFile', 'create', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
134 $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
139 array('entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
140 '/Authorization failed/',
145 array('entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
146 '/Authorization failed/',
149 $cases[] = array('FakeFile', 'create', array(), "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/");
150 $cases[] = array('FakeFile', 'get', array(), "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/");
152 $cases[] = array('FakeFile', 'create', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
153 $cases[] = array('FakeFile', 'get', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
162 * @dataProvider okDataProvider
164 public function testOk($entity, $action, $params) {
165 $params['version'] = 3;
166 $params['debug'] = 1;
167 $params['check_permissions'] = 1;
168 $result = $this->kernel
->run($entity, $action, $params);
169 $this->assertFalse((bool) $result['is_error'], print_r(array(
170 '$entity' => $entity,
171 '$action' => $action,
172 '$params' => $params,
173 '$result' => $result,
181 * @dataProvider badDataProvider
183 public function testBad($entity, $action, $params, $expectedError) {
184 $params['version'] = 3;
185 $params['debug'] = 1;
186 $params['check_permissions'] = 1;
187 $result = $this->kernel
->run($entity, $action, $params);
188 $this->assertTrue((bool) $result['is_error'], print_r(array(
189 '$entity' => $entity,
190 '$action' => $action,
191 '$params' => $params,
192 '$result' => $result,
194 $this->assertRegExp($expectedError, $result['error_message']);