mirror of
https://github.com/wallabag/wallabag.git
synced 2025-06-27 16:36:00 +00:00
Merge pull request #8094 from wallabag/add-isgranted-to-configcontroller
Add IsGranted to ConfigController
This commit is contained in:
Yassine Guedidi
GitHub
commit
fb11f5870e
11 changed files with 359 additions and 56 deletions
98
tests/Security/Voter/IgnoreOriginUserRuleVoterTest.php
Normal file
98
tests/Security/Voter/IgnoreOriginUserRuleVoterTest.php
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Wallabag\Security\Voter;
|
||||
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
||||
use Wallabag\Entity\Config;
|
||||
use Wallabag\Entity\IgnoreOriginUserRule;
|
||||
use Wallabag\Entity\User;
|
||||
use Wallabag\Security\Voter\IgnoreOriginUserRuleVoter;
|
||||
|
||||
class IgnoreOriginUserRuleVoterTest extends TestCase
|
||||
{
|
||||
private $token;
|
||||
private $ignoreOriginUserRuleVoter;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->token = $this->createMock(TokenInterface::class);
|
||||
|
||||
$this->ignoreOriginUserRuleVoter = new IgnoreOriginUserRuleVoter();
|
||||
}
|
||||
|
||||
public function testVoteReturnsAbstainForInvalidSubject(): void
|
||||
{
|
||||
$this->assertSame(VoterInterface::ACCESS_ABSTAIN, $this->ignoreOriginUserRuleVoter->vote($this->token, new \stdClass(), [IgnoreOriginUserRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsAbstainForInvalidAttribute(): void
|
||||
{
|
||||
$this->assertSame(VoterInterface::ACCESS_ABSTAIN, $this->ignoreOriginUserRuleVoter->vote($this->token, new IgnoreOriginUserRule(), ['INVALID']));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForUnauthenticatedEdit(): void
|
||||
{
|
||||
$this->token->method('getUser')->willReturn(null);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->ignoreOriginUserRuleVoter->vote($this->token, new IgnoreOriginUserRule(), [IgnoreOriginUserRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForOtherUserEdit(): void
|
||||
{
|
||||
$currentUser = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($currentUser);
|
||||
|
||||
$taggingRuleUser = new User();
|
||||
$taggingRule = new IgnoreOriginUserRule();
|
||||
$taggingRule->setConfig(new Config($taggingRuleUser));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->ignoreOriginUserRuleVoter->vote($this->token, $taggingRule, [IgnoreOriginUserRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsGrantedForIgnoreOriginUserRuleUserEdit(): void
|
||||
{
|
||||
$user = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($user);
|
||||
|
||||
$taggingRule = new IgnoreOriginUserRule();
|
||||
$taggingRule->setConfig(new Config($user));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->ignoreOriginUserRuleVoter->vote($this->token, $taggingRule, [IgnoreOriginUserRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForUnauthenticatedDelete(): void
|
||||
{
|
||||
$this->token->method('getUser')->willReturn(null);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->ignoreOriginUserRuleVoter->vote($this->token, new IgnoreOriginUserRule(), [IgnoreOriginUserRuleVoter::DELETE]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForOtherUserDelete(): void
|
||||
{
|
||||
$currentUser = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($currentUser);
|
||||
|
||||
$taggingRuleUser = new User();
|
||||
$taggingRule = new IgnoreOriginUserRule();
|
||||
$taggingRule->setConfig(new Config($taggingRuleUser));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->ignoreOriginUserRuleVoter->vote($this->token, $taggingRule, [IgnoreOriginUserRuleVoter::DELETE]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsGrantedForIgnoreOriginUserRuleUserDelete(): void
|
||||
{
|
||||
$user = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($user);
|
||||
|
||||
$taggingRule = new IgnoreOriginUserRule();
|
||||
$taggingRule->setConfig(new Config($user));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->ignoreOriginUserRuleVoter->vote($this->token, $taggingRule, [IgnoreOriginUserRuleVoter::DELETE]));
|
||||
}
|
||||
}
|
||||
|
|
@ -139,4 +139,18 @@ class MainVoterTest extends TestCase
|
|||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->mainVoter->vote($this->token, null, [MainVoter::CREATE_SITE_CREDENTIALS]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForNonUserEditConfig(): void
|
||||
{
|
||||
$this->security->method('isGranted')->with('ROLE_USER')->willReturn(false);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->mainVoter->vote($this->token, null, [MainVoter::EDIT_CONFIG]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsGrantedForUserEditConfig(): void
|
||||
{
|
||||
$this->security->method('isGranted')->with('ROLE_USER')->willReturn(true);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->mainVoter->vote($this->token, null, [MainVoter::EDIT_CONFIG]));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
98
tests/Security/Voter/TaggingRuleVoterTest.php
Normal file
98
tests/Security/Voter/TaggingRuleVoterTest.php
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Wallabag\Security\Voter;
|
||||
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
|
||||
use Wallabag\Entity\Config;
|
||||
use Wallabag\Entity\TaggingRule;
|
||||
use Wallabag\Entity\User;
|
||||
use Wallabag\Security\Voter\TaggingRuleVoter;
|
||||
|
||||
class TaggingRuleVoterTest extends TestCase
|
||||
{
|
||||
private $token;
|
||||
private $taggingRuleVoter;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->token = $this->createMock(TokenInterface::class);
|
||||
|
||||
$this->taggingRuleVoter = new TaggingRuleVoter();
|
||||
}
|
||||
|
||||
public function testVoteReturnsAbstainForInvalidSubject(): void
|
||||
{
|
||||
$this->assertSame(VoterInterface::ACCESS_ABSTAIN, $this->taggingRuleVoter->vote($this->token, new \stdClass(), [TaggingRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsAbstainForInvalidAttribute(): void
|
||||
{
|
||||
$this->assertSame(VoterInterface::ACCESS_ABSTAIN, $this->taggingRuleVoter->vote($this->token, new TaggingRule(), ['INVALID']));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForUnauthenticatedEdit(): void
|
||||
{
|
||||
$this->token->method('getUser')->willReturn(null);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->taggingRuleVoter->vote($this->token, new TaggingRule(), [TaggingRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForOtherUserEdit(): void
|
||||
{
|
||||
$currentUser = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($currentUser);
|
||||
|
||||
$taggingRuleUser = new User();
|
||||
$taggingRule = new TaggingRule();
|
||||
$taggingRule->setConfig(new Config($taggingRuleUser));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->taggingRuleVoter->vote($this->token, $taggingRule, [TaggingRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsGrantedForTaggingRuleUserEdit(): void
|
||||
{
|
||||
$user = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($user);
|
||||
|
||||
$taggingRule = new TaggingRule();
|
||||
$taggingRule->setConfig(new Config($user));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->taggingRuleVoter->vote($this->token, $taggingRule, [TaggingRuleVoter::EDIT]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForUnauthenticatedDelete(): void
|
||||
{
|
||||
$this->token->method('getUser')->willReturn(null);
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->taggingRuleVoter->vote($this->token, new TaggingRule(), [TaggingRuleVoter::DELETE]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsDeniedForOtherUserDelete(): void
|
||||
{
|
||||
$currentUser = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($currentUser);
|
||||
|
||||
$taggingRuleUser = new User();
|
||||
$taggingRule = new TaggingRule();
|
||||
$taggingRule->setConfig(new Config($taggingRuleUser));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_DENIED, $this->taggingRuleVoter->vote($this->token, $taggingRule, [TaggingRuleVoter::DELETE]));
|
||||
}
|
||||
|
||||
public function testVoteReturnsGrantedForTaggingRuleUserDelete(): void
|
||||
{
|
||||
$user = new User();
|
||||
|
||||
$this->token->method('getUser')->willReturn($user);
|
||||
|
||||
$taggingRule = new TaggingRule();
|
||||
$taggingRule->setConfig(new Config($user));
|
||||
|
||||
$this->assertSame(VoterInterface::ACCESS_GRANTED, $this->taggingRuleVoter->vote($this->token, $taggingRule, [TaggingRuleVoter::DELETE]));
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue