Merge pull request ezsystems#1090 from ezsystems/search_load_permissi…

…on_fix EZP-23643: Search without permissions throws UnauthorizedException
ezpublishlegacy · Nov 18, 2014 · bee53ad · bee53ad
2 parents 4e5b7e7 + 7eeb0c8
commit bee53ad
Show file tree

Hide file tree

Showing 8 changed files with 129 additions and 126 deletions.
diff --git a/eZ/Publish/API/Repository/Tests/ContentServiceAuthorizationTest.php b/eZ/Publish/API/Repository/Tests/ContentServiceAuthorizationTest.php
@@ -1367,120 +1367,6 @@ public function testDeleteRelationThrowsUnauthorizedException()
         /* END: Use Case */
     }
 
-    /**
-     * Test for the findContent() method.
-     *
-     * @return void
-     * @see \eZ\Publish\API\Repository\ContentService::findContent($query, $fieldFilters, $filterOnUserPermissions)
-     * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testFindContent
-     */
-    public function testFindContentWithUserPermissionFilter()
-    {
-        self::markTestIncomplete( "Search have been moved to SearchService" );
-        $repository = $this->getRepository();
-
-        /* BEGIN: Use Case */
-        $user = $this->createMediaUserVersion1();
-
-        // Set new media editor as current user
-        $repository->setCurrentUser( $user );
-
-        $contentService = $repository->getContentService();
-
-        // Create a search query for content objects about "eZ Publish"
-        $query = new Query();
-        $query->filter = new Criterion\LogicalAnd(
-            array(
-                new Criterion\Field( 'title', Criterion\Operator::LIKE, '*eZ Publish*' )
-            )
-        );
-
-        // Search for matching content
-        $searchResultWithoutPermissions = $contentService->findContent( $query, array(), false );
-
-        // Search for matching content
-        $searchResultWithPermissions = $contentService->findContent( $query, array() );
-        /* END: Use Case */
-
-        $this->assertGreaterThan(
-            $searchResultWithPermissions->count,
-            $searchResultWithoutPermissions->count
-        );
-    }
-
-    /**
-     * Test for the findSingle() method.
-     *
-     * @return void
-     * @see \eZ\Publish\API\Repository\ContentService::findSingle($query, $fieldFilters, $filterOnUserPermissions)
-     * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testFindContent
-     */
-    public function testFindSingleWithUserPermissionFilter()
-    {
-        self::markTestIncomplete( "Search have been moved to SearchService" );
-        $repository = $this->getRepository();
-
-        /* BEGIN: Use Case */
-        $user = $this->createMediaUserVersion1();
-
-        // Set new media editor as current user
-        $repository->setCurrentUser( $user );
-
-        $contentService = $repository->getContentService();
-
-        // Create a search query for content objects about "eZ Publish"
-        $query = new Query();
-        $query->filter = new Criterion\LogicalAnd(
-            array(
-                new Criterion\Field( 'name', Criterion\Operator::LIKE, 'Administrator users' )
-            )
-        );
-
-        // Search for matching content
-        $content = $contentService->findSingle( $query, array(), false );
-        /* END: Use Case */
-
-        $this->assertInstanceOf(
-            '\\eZ\\Publish\\API\\Repository\\Values\\Content\\Content',
-            $content
-        );
-    }
-
-    /**
-     * Test for the findSingle() method.
-     *
-     * @return void
-     * @see \eZ\Publish\API\Repository\ContentService::findSingle($query, $fieldFilters, $filterOnUserPermissions)
-     * @expectedException \eZ\Publish\API\Repository\Exceptions\NotFoundException
-     * @depends eZ\Publish\API\Repository\Tests\ContentServiceTest::testFindContent
-     */
-    public function testFindSingleThrowsNotFoundExceptionWithUserPermissionFilter()
-    {
-        self::markTestIncomplete( "Search have been moved to SearchService" );
-        $repository = $this->getRepository();
-
-        /* BEGIN: Use Case */
-        $user = $this->createMediaUserVersion1();
-
-        // Set new media editor as current user
-        $repository->setCurrentUser( $user );
-
-        $contentService = $repository->getContentService();
-
-        // Create a search query for content objects about "eZ Publish"
-        $query = new Query();
-        $query->filter = new Criterion\LogicalAnd(
-            array(
-                new Criterion\Field( 'name', Criterion\Operator::LIKE, 'Administrator users' )
-            )
-        );
-
-        // This call will fail with a "NotFoundException", because the current
-        // user has no access to the "Admin Users" user group
-        $contentService->findSingle( $query, array(), true );
-        /* END: Use Case */
-    }
-
     /**
      * Creates a pseudo editor with a limitation to objects in the "Media/Images"
      * subtree.

diff --git a/eZ/Publish/API/Repository/Tests/LanguageServiceMaximumSupportedLanguagesTest.php b/eZ/Publish/API/Repository/Tests/LanguageServiceMaximumSupportedLanguagesTest.php
@@ -65,7 +65,7 @@ public function tearDown()
      *
      * @see \eZ\Publish\API\Repository\LanguageService::createLanguage()
      *
-     * @depends \eZ\Publish\API\Repository\Tests\LanguageServiceTest::testNewLanguageCreateStruct
+     * @depends eZ\Publish\API\Repository\Tests\LanguageServiceTest::testNewLanguageCreateStruct
      *
      * @expectedException \RuntimeException
      * @expectedExceptionMessage Maximum number of languages reached!

diff --git a/eZ/Publish/API/Repository/Tests/RoleServiceTest.php b/eZ/Publish/API/Repository/Tests/RoleServiceTest.php
@@ -1026,7 +1026,7 @@ public function testRemovePolicy()
      *
      * @return void
      * @see \eZ\Publish\API\Repository\RoleService::deletePolicy()
-     * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::loadRole
+     * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testLoadRole
      * @depends eZ\Publish\API\Repository\Tests\RoleServiceTest::testAddPolicy
      */
     public function testDeletePolicy()

diff --git a/eZ/Publish/API/Repository/Tests/SearchServiceAuthorizationTest.php b/eZ/Publish/API/Repository/Tests/SearchServiceAuthorizationTest.php
@@ -27,7 +27,7 @@ class SearchServiceAuthorizationTest extends BaseTest
      *
      * @return void
      * @see \eZ\Publish\API\Repository\SearchService::findContent()
-     * @depends eZ\Publish\API\Repository\Tests\SearchServiceTest::testFindContent
+     * @depends eZ\Publish\API\Repository\Tests\SearchServiceTest::testFindContentFiltered
      */
     public function testFindContent()
     {
@@ -57,7 +57,7 @@ public function testFindContent()
      *
      * @return void
      * @see \eZ\Publish\API\Repository\SearchService::findContent()
-     * @depends eZ\Publish\API\Repository\Tests\SearchServiceTest::testFindContent
+     * @depends eZ\Publish\API\Repository\Tests\SearchServiceTest::testFindContentFiltered
      */
     public function testFindContentEmptyResult()
     {
@@ -115,4 +115,101 @@ public function testFindSingleThrowsNotFoundException()
         );
         /* END: Use Case */
     }
+
+    /**
+     * Test for the findContent() method, verifying disabling permissions
+     *
+     * @return void
+     * @see \eZ\Publish\API\Repository\ContentService::findContent($query, $fieldFilters, $filterOnUserPermissions)
+     * @depends eZ\Publish\API\Repository\Tests\SearchServiceAuthorizationTest::testFindContent
+     */
+    public function testFindContentWithUserPermissionFilter()
+    {
+        $repository = $this->getRepository();
+
+        /* BEGIN: Use Case */
+        $user = $this->createMediaUserVersion1();
+
+        // Set new media editor as current user
+        $repository->setCurrentUser( $user );
+
+        $searchService = $repository->getSearchService();
+
+        // Search for "Admin Users" user group which user normally does not have access to
+        $query = new Query();
+        $query->filter = new Criterion\LogicalAnd(
+            array(
+                new Criterion\ContentId( 12 ),
+            )
+        );
+
+        // Search for matching content
+        $searchResultWithoutPermissions = $searchService->findContent( $query, array(), false );
+
+        // Search for matching content
+        $searchResultWithPermissions = $searchService->findContent( $query, array() );
+        /* END: Use Case */
+
+        $this->assertEquals( 1, $searchResultWithoutPermissions->totalCount );
+        $this->assertEquals( 0, $searchResultWithPermissions->totalCount );
+    }
+
+    /**
+     * Test for the findSingle() method disabling permission filtering
+     *
+     * @return void
+     * @see \eZ\Publish\API\Repository\ContentService::findSingle($query, $fieldFilters, $filterOnUserPermissions)
+     * @depends eZ\Publish\API\Repository\Tests\SearchServiceAuthorizationTest::testFindContent
+     */
+    public function testFindSingleWithUserPermissionFilter()
+    {
+        $repository = $this->getRepository();
+
+        /* BEGIN: Use Case */
+        $user = $this->createMediaUserVersion1();
+
+        // Set new media editor as current user
+        $repository->setCurrentUser( $user );
+
+        // Search for "Admin Users" user group which user normally does not have access to
+        $content = $repository->getSearchService()->findSingle(
+            new Criterion\ContentId( 12 ),
+            array(),
+            false
+        );
+        /* END: Use Case */
+
+        $this->assertInstanceOf(
+            '\\eZ\\Publish\\API\\Repository\\Values\\Content\\Content',
+            $content
+        );
+    }
+
+    /**
+     * Test for the findSingle() method.
+     *
+     * @return void
+     * @see \eZ\Publish\API\Repository\ContentService::findSingle($query, $fieldFilters, $filterOnUserPermissions)
+     * @expectedException \eZ\Publish\API\Repository\Exceptions\NotFoundException
+     * @depends eZ\Publish\API\Repository\Tests\SearchServiceAuthorizationTest::testFindContent
+     */
+    public function testFindSingleThrowsNotFoundExceptionWithUserPermissionFilter()
+    {
+        $repository = $this->getRepository();
+
+        /* BEGIN: Use Case */
+        $user = $this->createMediaUserVersion1();
+
+        // Set new media editor as current user
+        $repository->setCurrentUser( $user );
+
+        $searchService = $repository->getSearchService();
+
+        // This call will fail with a "NotFoundException", because the current
+        // user has no access to the "Admin Users" user group
+        $searchService->findSingle(
+            new Criterion\ContentId( 12 )
+        );
+        /* END: Use Case */
+    }
 }
diff --git a/eZ/Publish/API/Repository/Tests/SearchServiceLocationTest.php b/eZ/Publish/API/Repository/Tests/SearchServiceLocationTest.php
@@ -10,6 +10,7 @@
 namespace eZ\Publish\API\Repository\Tests;
 
 use eZ\Publish\API\Repository\Tests\SetupFactory\LegacyElasticsearch;
+use eZ\Publish\API\Repository\Tests\SetupFactory\LegacySolr;
 use eZ\Publish\Core\Repository\Values\Content\Location;
 use eZ\Publish\API\Repository\Values\Content\LocationQuery;
 use eZ\Publish\API\Repository\Values\Content\Query\Criterion;
@@ -18,7 +19,6 @@
 use eZ\Publish\API\Repository\Values\Content\Search\SearchResult;
 use eZ\Publish\API\Repository\Values\Content\Search\SearchHit;
 use eZ\Publish\API\Repository\Exceptions\NotImplementedException;
-use eZ\Publish\API\Repository\Tests\SetupFactory\LegacySolr;
 
 /**
  * Test case for Location operations in the SearchService.
@@ -830,6 +830,15 @@ public function testQueryCustomField()
      */
     public function testQueryModifiedField()
     {
+        // Check using get_class since the others extend SetupFactory\Legacy
+        if ( get_class( $this->getSetupFactory() ) === '\eZ\Publish\API\Repository\Tests\SetupFactory\Legacy' )
+        {
+            $this->markTestIncomplete(
+                "Custom fields not supported by LegacySE " .
+                "(@todo: Legacy should fallback to just querying normal field so this should be tested here)"
+            );
+        }
+
         $query = new LocationQuery(
             array(
                 'query' => new Criterion\Field(

diff --git a/eZ/Publish/API/Repository/Tests/SearchServiceTest.php b/eZ/Publish/API/Repository/Tests/SearchServiceTest.php
@@ -10,6 +10,7 @@
 namespace eZ\Publish\API\Repository\Tests;
 
 use eZ\Publish\API\Repository\Tests\SetupFactory\LegacyElasticsearch;
+use eZ\Publish\API\Repository\Tests\SetupFactory\LegacySolr;
 use eZ\Publish\Core\Repository\Values\Content\Content;
 use eZ\Publish\API\Repository\Values\Content\Query;
 use eZ\Publish\Core\Repository\Values\Content\Location;
@@ -20,7 +21,6 @@
 use eZ\Publish\API\Repository\Values\Content\Search\SearchResult;
 use eZ\Publish\API\Repository\Values\Content\Search\SearchHit;
 use eZ\Publish\API\Repository\Exceptions\NotImplementedException;
-use eZ\Publish\API\Repository\Tests\SetupFactory\LegacySolr;
 
 /**
  * Test case for operations in the SearchService using in memory storage.
@@ -2349,6 +2349,15 @@ public function testQueryCustomField()
      */
     public function testQueryModifiedField()
     {
+        // Check using get_class since the others extend SetupFactory\Legacy
+        if ( get_class( $this->getSetupFactory() ) === '\eZ\Publish\API\Repository\Tests\SetupFactory\Legacy' )
+        {
+            $this->markTestIncomplete(
+                "Custom fields not supported by LegacySE " .
+                "(@todo: Legacy should fallback to just querying normal field so this should be tested here)"
+            );
+        }
+
         $query = new Query(
             array(
                 'query' => new Criterion\Field(

diff --git a/eZ/Publish/Core/Repository/SearchService.php b/eZ/Publish/Core/Repository/SearchService.php
@@ -137,10 +137,11 @@ public function findContent( Query $query, array $fieldFilters = array(), $filte
         $contentService = $this->repository->getContentService();
         foreach ( $result->searchHits as $hit )
         {
-            $hit->valueObject = $contentService->loadContent(
+            $hit->valueObject = $contentService->internalLoadContent(
                 $hit->valueObject->id,
                 ( !empty( $fieldFilters['languages'] ) ? $fieldFilters['languages'] : null ),
                 null,
+                false,
                 ( isset( $fieldFilters['useAlwaysAvailable'] ) ? $fieldFilters['useAlwaysAvailable'] : true )
             );
         }
@@ -265,10 +266,11 @@ public function findSingle( Criterion $filter, array $fieldFilters = array(), $f
         }
 
         $contentInfo = $this->searchHandler->findSingle( $filter, $fieldFilters );
-        return $this->repository->getContentService()->loadContent(
+        return $this->repository->getContentService()->internalLoadContent(
             $contentInfo->id,
             ( !empty( $fieldFilters['languages'] ) ? $fieldFilters['languages'] : null ),
             null,
+            false,
             ( isset( $fieldFilters['useAlwaysAvailable'] ) ? $fieldFilters['useAlwaysAvailable'] : true )
         );
     }

diff --git a/eZ/Publish/Core/Repository/Tests/Service/Mock/SearchTest.php b/eZ/Publish/Core/Repository/Tests/Service/Mock/SearchTest.php
@@ -312,7 +312,7 @@ public function testFindContentNoPermissionsFilter()
 
         $contentServiceMock
             ->expects( $this->once() )
-            ->method( "loadContent" )
+            ->method( "internalLoadContent" )
             ->will( $this->returnValue( $contentMock ) );
 
         $result = $service->findContent( $serviceQuery, $fieldFilters, false );
@@ -394,7 +394,7 @@ public function testFindContentWithPermission()
 
         $contentServiceMock
             ->expects( $this->once() )
-            ->method( "loadContent" )
+            ->method( "internalLoadContent" )
             ->will( $this->returnValue( $contentMock ) );
 
         $permissionsCriterionHandlerMock->expects( $this->once() )
@@ -615,7 +615,7 @@ public function testFindContentWithDefaultQueryValues()
 
         $contentServiceMock
             ->expects( $this->once() )
-            ->method( "loadContent" )
+            ->method( "internalLoadContent" )
             ->will( $this->returnValue( $contentMock ) );
 
         /** @var \PHPUnit_Framework_MockObject_MockObject $searchHandlerMock */
@@ -791,7 +791,7 @@ public function testFindSingle()
 
         $contentServiceMock
             ->expects( $this->once() )
-            ->method( "loadContent" )
+            ->method( "internalLoadContent" )
             ->will( $this->returnValue( $contentMock ) );
 
         $result = $service->findSingle( $criterionMock, $fieldFilters, true );