forked from ezsystems/ezpublish-kernel
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
EZP-29316: Add UrlAliasService policy checks (ezsystems#2358)
* EZP-29316: Add UrlAliasService policy checks * EZP-29316: Add UrlAliasService policy checks - missing tests * EZP-29316: Add UrlAliasService policy checks - CS
- Loading branch information
Showing
5 changed files
with
379 additions
and
8 deletions.
There are no files selected for viewing
103 changes: 103 additions & 0 deletions
103
eZ/Publish/API/Repository/Tests/URLAliasServiceAuthorizationTest.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
<?php | ||
|
||
/** | ||
* File containing the URLAliasServiceTest class. | ||
* | ||
* @copyright Copyright (C) eZ Systems AS. All rights reserved. | ||
* @license For full copyright and license information view LICENSE file distributed with this source code. | ||
*/ | ||
namespace eZ\Publish\API\Repository\Tests; | ||
|
||
class URLAliasServiceAuthorizationTest extends BaseTest | ||
{ | ||
/** | ||
* Test for the createUrlAlias() method. | ||
* | ||
* @covers \eZ\Publish\API\Repository\URLAliasService::createUrlAlias() | ||
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException | ||
* @depends \eZ\Publish\API\Repository\Tests\URLAliasServiceTest::testCreateUrlAlias | ||
*/ | ||
public function testCreateUrlAliasThrowsUnauthorizedException() | ||
{ | ||
$repository = $this->getRepository(); | ||
|
||
$anonymousUserId = $this->generateId('user', 10); | ||
$parentLocationId = $this->generateId('location', 2); | ||
/* BEGIN: Use Case */ | ||
// $anonymousUserId is the ID of the "Anonymous" user in a eZ | ||
// Publish demo installation. | ||
// $locationId is the ID of an existing location | ||
$userService = $repository->getUserService(); | ||
$urlAliasService = $repository->getURLAliasService(); | ||
$locationService = $repository->getLocationService(); | ||
|
||
$location = $locationService->newLocationCreateStruct($parentLocationId); | ||
|
||
$anonymousUser = $userService->loadUser($anonymousUserId); | ||
$repository->getPermissionResolver()->setCurrentUserReference($anonymousUser); | ||
|
||
// This call will fail with an UnauthorizedException | ||
$urlAliasService->createUrlAlias($location, '/Home/My-New-Site', 'eng-US'); | ||
/* END: Use Case */ | ||
} | ||
|
||
/** | ||
* Test for the createGlobalUrlAlias() method. | ||
* | ||
* @covers \eZ\Publish\API\Repository\URLAliasService::createGlobalUrlAlias() | ||
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException | ||
* @depends \eZ\Publish\API\Repository\Tests\URLAliasServiceTest::testCreateGlobalUrlAlias | ||
*/ | ||
public function testCreateGlobalUrlAliasThrowsUnauthorizedException() | ||
{ | ||
$repository = $this->getRepository(); | ||
|
||
$anonymousUserId = $this->generateId('user', 10); | ||
/* BEGIN: Use Case */ | ||
// $anonymousUserId is the ID of the "Anonymous" user in a eZ | ||
// Publish demo installation. | ||
$userService = $repository->getUserService(); | ||
$urlAliasService = $repository->getURLAliasService(); | ||
|
||
$anonymousUser = $userService->loadUser($anonymousUserId); | ||
$repository->getPermissionResolver()->setCurrentUserReference($anonymousUser); | ||
|
||
// This call will fail with an UnauthorizedException | ||
$urlAliasService->createGlobalUrlAlias('module:content/search?SearchText=eZ', '/Home/My-New-Site', 'eng-US'); | ||
/* END: Use Case */ | ||
} | ||
|
||
/** | ||
* Test for the removeAliases() method. | ||
* | ||
* @covers \eZ\Publish\API\Repository\URLAliasService::removeAliases() | ||
* @expectedException \eZ\Publish\API\Repository\Exceptions\UnauthorizedException | ||
* @depends \eZ\Publish\API\Repository\Tests\URLAliasServiceTest::testRemoveAliases | ||
*/ | ||
public function testRemoveAliasesThrowsUnauthorizedException() | ||
{ | ||
$repository = $this->getRepository(); | ||
$anonymousUserId = $this->generateId('user', 10); | ||
|
||
$locationService = $repository->getLocationService(); | ||
$someLocation = $locationService->loadLocation( | ||
$this->generateId('location', 12) | ||
); | ||
|
||
/* BEGIN: Use Case */ | ||
// $someLocation contains a location with automatically generated | ||
// aliases assigned | ||
// $anonymousUserId is the ID of the "Anonymous" user in a eZ | ||
$urlAliasService = $repository->getURLAliasService(); | ||
$userService = $repository->getUserService(); | ||
|
||
$anonymousUser = $userService->loadUser($anonymousUserId); | ||
$repository->getPermissionResolver()->setCurrentUserReference($anonymousUser); | ||
|
||
$initialAliases = $urlAliasService->listLocationAliases($someLocation); | ||
|
||
// This call will fail with an UnauthorizedException | ||
$urlAliasService->removeAliases($initialAliases); | ||
/* END: Use Case */ | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.