2 namespace Civi\API\Subscriber
;
5 use \Symfony\Component\EventDispatcher\EventDispatcher
;
7 require_once 'CiviTest/CiviUnitTestCase.php';
11 class DynamicFKAuthorizationTest
extends \CiviUnitTestCase
{
12 const FILE_WIDGET_ID
= 10;
14 const FILE_FORBIDDEN_ID
= 11;
18 const FORBIDDEN_ID
= 30;
21 * @var EventDispatcher
30 protected function setUp() {
32 \CRM_Core_DAO_AllCoreTables
::init(TRUE);
34 \CRM_Core_DAO_AllCoreTables
::registerEntityType('FakeFile', 'CRM_Fake_DAO_FakeFile', 'fake_file');
35 $fileProvider = new \Civi\API\Provider\
StaticProvider(
38 array('id', 'entity_table', 'entity_id'),
41 array('id' => self
::FILE_WIDGET_ID
, 'entity_table' => 'fake_widget', 'entity_id' => self
::WIDGET_ID
),
42 array('id' => self
::FILE_FORBIDDEN_ID
, 'entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
46 \CRM_Core_DAO_AllCoreTables
::registerEntityType('Widget', 'CRM_Fake_DAO_Widget', 'fake_widget');
47 $widgetProvider = new \Civi\API\Provider\
StaticProvider(3, 'Widget',
51 array('id' => self
::WIDGET_ID
, 'title' => 'my widget'),
55 \CRM_Core_DAO_AllCoreTables
::registerEntityType('Forbidden', 'CRM_Fake_DAO_Forbidden', 'fake_forbidden');
56 $forbiddenProvider = new \Civi\API\Provider\
StaticProvider(
61 'create' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
62 'get' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
63 'delete' => \CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
,
66 array('id' => self
::FORBIDDEN_ID
, 'label' => 'my forbidden'),
70 $this->dispatcher
= new EventDispatcher();
71 $this->kernel
= new Kernel($this->dispatcher
);
73 ->registerApiProvider($fileProvider)
74 ->registerApiProvider($widgetProvider)
75 ->registerApiProvider($forbiddenProvider);
76 $this->dispatcher
->addSubscriber(new DynamicFKAuthorization(
79 array('create', 'get'),
82 when " . self
::FILE_WIDGET_ID
. " then 1
83 when " . self
::FILE_FORBIDDEN_ID
. " then 1
87 when " . self
::FILE_WIDGET_ID
. " then 'fake_widget'
88 when " . self
::FILE_FORBIDDEN_ID
. " then 'fake_forbidden'
92 when " . self
::FILE_WIDGET_ID
. " then " . self
::WIDGET_ID
. "
93 when " . self
::FILE_FORBIDDEN_ID
. " then " . self
::FORBIDDEN_ID
. "
97 array('fake_widget', 'fake_forbidden')
101 protected function tearDown() {
103 \CRM_Core_DAO_AllCoreTables
::init(TRUE);
106 public function okDataProvider() {
109 $cases[] = array('Widget', 'create', array('id' => self
::WIDGET_ID
));
110 $cases[] = array('Widget', 'get', array('id' => self
::WIDGET_ID
));
112 $cases[] = array('FakeFile', 'create', array('id' => self
::FILE_WIDGET_ID
));
113 $cases[] = array('FakeFile', 'get', array('id' => self
::FILE_WIDGET_ID
));
117 array('entity_table' => 'fake_widget', 'entity_id' => self
::WIDGET_ID
),
119 $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_widget'));
124 public function badDataProvider() {
127 $cases[] = array('Forbidden', 'create', array('id' => self
::FORBIDDEN_ID
), '/Authorization failed/');
128 $cases[] = array('Forbidden', 'get', array('id' => self
::FORBIDDEN_ID
), '/Authorization failed/');
130 $cases[] = array('FakeFile', 'create', array('id' => self
::FILE_FORBIDDEN_ID
), '/Authorization failed/');
131 $cases[] = array('FakeFile', 'get', array('id' => self
::FILE_FORBIDDEN_ID
), '/Authorization failed/');
133 $cases[] = array('FakeFile', 'create', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
134 $cases[] = array('FakeFile', 'get', array('entity_table' => 'fake_forbidden'), '/Authorization failed/');
139 array('entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
140 '/Authorization failed/',
145 array('entity_table' => 'fake_forbidden', 'entity_id' => self
::FORBIDDEN_ID
),
146 '/Authorization failed/',
153 "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
159 "/Mandatory key\\(s\\) missing from params array: 'id' or 'entity_table/",
162 $cases[] = array('FakeFile', 'create', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
163 $cases[] = array('FakeFile', 'get', array('entity_table' => 'unknown'), '/Unrecognized target entity/');
171 * @param array $params
172 * @dataProvider okDataProvider
174 public function testOk($entity, $action, $params) {
175 $params['version'] = 3;
176 $params['debug'] = 1;
177 $params['check_permissions'] = 1;
178 $result = $this->kernel
->run($entity, $action, $params);
179 $this->assertFalse((bool) $result['is_error'], print_r(array(
180 '$entity' => $entity,
181 '$action' => $action,
182 '$params' => $params,
183 '$result' => $result,
190 * @param array $params
191 * @param $expectedError
192 * @dataProvider badDataProvider
194 public function testBad($entity, $action, $params, $expectedError) {
195 $params['version'] = 3;
196 $params['debug'] = 1;
197 $params['check_permissions'] = 1;
198 $result = $this->kernel
->run($entity, $action, $params);
199 $this->assertTrue((bool) $result['is_error'], print_r(array(
200 '$entity' => $entity,
201 '$action' => $action,
202 '$params' => $params,
203 '$result' => $result,
205 $this->assertRegExp($expectedError, $result['error_message']);