|
Perforce Chronicle 2012.2/486814
API Documentation
|
Test the content module's acl assertions. More...
Public Member Functions | |
| testCanDelete () | |
| Test can delete behavior. | |
| testCanEdit ($privilege= 'edit', $privilegeAll= 'edit-all') | |
| Test the can edit acl assertion. | |
| testIsOwner () | |
| Test the is owner acl assertion. | |
Test the content module's acl assertions.
| Content_Test_AclAssertsTest::testCanDelete | ( | ) |
Test can delete behavior.
Should behave exactly like can edit, just with delete privilege instead of edit.
{
$this->testCanEdit('delete', 'delete-any');
}
| Content_Test_AclAssertsTest::testCanEdit | ( | $ | privilege = 'edit', |
| $ | privilegeAll = 'edit-all' |
||
| ) |
Test the can edit acl assertion.
| string | $privilege | optional - the privilege to test defaults to 'edit', pass 'delete' to test CanDelete |
| string | $privilegeAll | optional - 'superior' privilege to test defaults to 'edit-all', pass 'delete-any' to test CanDelete |
{
$acl = new Zend_Acl;
$author = new Zend_Acl_Role('author');
$editor = new Zend_Acl_Role('editor');
$resource = new Zend_Acl_Resource('content');
// assert instance
$canDo = new P4Cms_Acl_Assert_Proxy(
"Content_Acl_Assert_Can" . ucfirst($privilege)
);
// active user
$user = new P4Cms_User;
$user->setId('joe');
P4Cms_User::setActive($user);
// configure acl.
$acl->addRole($author);
$acl->addRole($editor);
$acl->addResource($resource);
$acl->allow($author, $resource, $privilege . '-own');
$acl->allow($editor, $resource, $privilegeAll);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('lasdfjk');
$this->assertFalse(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected canDo = true with non-content resource.'
);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('contentkasdjf');
$this->assertFalse(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with non-content resource.'
);
// editor role (ie. edit-all) should return true.
$resource = new Zend_Acl_Resource('content');
$this->assertTrue(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected can ' . $privilege . ' = false with editor role.'
);
// author (ie. edit-own) should return false for 'content' resource
$resource = new Zend_Acl_Resource('content');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with author role.'
);
// author should return false for non-existent 'content' resource
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with non-existent content.'
);
// author some content.
P4Cms_Content::store(
array('id' => 1, 'title' => 'test', 'contentOwner' => 'joe')
);
// author should return true for owned content.
$resource = new Zend_Acl_Resource('content/1');
$this->assertTrue(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = false for owned content.'
);
// switch id of active user to be different from content owner.
P4Cms_User::fetchActive()->setId($this->p4->getUser());
// author should return false for un-owned content.
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with un-owned content.'
);
}
| Content_Test_AclAssertsTest::testIsOwner | ( | ) |
Test the is owner acl assertion.
{
$acl = new Zend_Acl;
$role = new Zend_Acl_Role('editor');
$resource = new Zend_Acl_Resource('content');
$privilege = 'does-not-matter';
// assert instance
$isOwner = new Content_Acl_Assert_IsOwner();
// active user
$user = new P4Cms_User;
$user->setId('joe');
P4Cms_User::setActive($user);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('lasdfjk');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
// content resource with no id should return false.
$resource = new Zend_Acl_Resource('content');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
$resource = new Zend_Acl_Resource('content/');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
// no active user should return false
P4Cms_User::clearActive();
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with no active user.'
);
// anonymous user should return false
$user->setId(null);
P4Cms_User::setActive($user);
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with anonymous user.'
);
// content resource with invalid id should return false.
$resource = new Zend_Acl_Resource('content/123');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-existent content resource.'
);
// make content entry.
P4Cms_Content::store(
array('id' => 1, 'title' => 'test', 'contentOwner' => 'tester')
);
// valid content resource, but not owner should return false.
$user->setId('joe');
P4Cms_User::setActive($user);
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true when user not owner.'
);
// valid owner should return true.
$user->setId('tester');
P4Cms_User::setActive($user);
$resource = new Zend_Acl_Resource('content/1');
$this->assertTrue(
$isOwner->assert($acl, $role, $resource, $privilege),
'Expected isOwner = true when user is owner.'
);
}