-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
183 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,142 @@ | ||
<?php | ||
|
||
namespace AlterPHP\EasyAdminExtensionBundle\Tests\Controller; | ||
|
||
use AlterPHP\EasyAdminExtensionBundle\Tests\Fixtures\AbstractTestCase; | ||
use Symfony\Component\BrowserKit\Cookie; | ||
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; | ||
|
||
class UserRolesTest extends AbstractTestCase | ||
{ | ||
public function setUp() | ||
{ | ||
parent::setUp(); | ||
|
||
$this->initClient(array('environment' => 'user_roles')); | ||
} | ||
|
||
private function logIn($roles = ['ROLE_ADMIN']) | ||
{ | ||
$session = $this->client->getContainer()->get('session'); | ||
|
||
// the firewall context defaults to the firewall name | ||
$firewallContext = 'secured_area'; | ||
|
||
$token = new UsernamePasswordToken('admin', null, $firewallContext, $roles); | ||
$session->set('_security_'.$firewallContext, serialize($token)); | ||
$session->save(); | ||
|
||
$cookie = new Cookie($session->getName(), $session->getId()); | ||
$this->client->getCookieJar()->set($cookie); | ||
} | ||
|
||
public function testAdminIsNotReachableWithoutMinimumRole() | ||
{ | ||
$this->logIn(['ROLE_CATEGORY_LIST']); | ||
|
||
$this->client->followRedirects(); | ||
|
||
$crawler = $this->getBackendPage(); | ||
|
||
$this->assertEquals(403, $this->client->getResponse()->getStatusCode()); | ||
|
||
$this->assertEquals( | ||
'You must be granted ROLE_ADMIN role to access admin ! (403 Forbidden)', | ||
trim($crawler->filterXPath('//head/title')->text()) | ||
); | ||
} | ||
|
||
public function testAdminIsReachableWithMinimumRole() | ||
{ | ||
$this->logIn(['ROLE_ADMIN', 'ROLE_CATEGORY_LIST']); | ||
|
||
$this->client->followRedirects(); | ||
|
||
$crawler = $this->getBackendPage(); | ||
|
||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
} | ||
|
||
public function testMenuIsWellPRuned() | ||
{ | ||
$this->logIn(['ROLE_ADMIN', 'ROLE_CATEGORY_LIST']); | ||
|
||
$this->client->followRedirects(); | ||
|
||
$crawler = $this->getBackendPage(); | ||
|
||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
|
||
$this->assertEquals( | ||
1, | ||
$crawler->filter('body ul.sidebar-menu li:contains("Catalog")')->count() | ||
); | ||
$this->assertEquals( | ||
1, | ||
$crawler->filter('body ul.sidebar-menu li ul li:contains("Categories")')->count() | ||
); | ||
$this->assertEquals( | ||
0, | ||
$crawler->filter('body ul.sidebar-menu li ul li:contains("Products")')->count() | ||
); | ||
$this->assertEquals( | ||
0, | ||
$crawler->filter('body ul.sidebar-menu li:contains("Images")')->count() | ||
); | ||
$this->assertEquals( | ||
0, | ||
$crawler->filter('body ul.sidebar-menu li:contains("Sales")')->count() | ||
); | ||
$this->assertEquals( | ||
0, | ||
$crawler->filter('body ul.sidebar-menu li ul li:contains("Purchases")')->count() | ||
); | ||
$this->assertEquals( | ||
0, | ||
$crawler->filter('body ul.sidebar-menu li ul li:contains("Purchases items")')->count() | ||
); | ||
} | ||
|
||
public function testEntityActionsAreFilteredOnPrefixedRoles() | ||
{ | ||
$this->logIn(['ROLE_ADMIN', 'ROLE_CATEGORY_LIST', 'ROLE_CATEGORY_SHOW']); | ||
|
||
$this->client->followRedirects(); | ||
|
||
$this->getBackendPage(['entity' => 'Category', 'action' => 'list']); | ||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
|
||
// Tests that embeddedList is mapped on list action required roles | ||
$this->getBackendPage(['entity' => 'Category', 'action' => 'embeddedList']); | ||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
|
||
$crawler = $this->getBackendPage(['entity' => 'Category', 'action' => 'edit', 'id' => 1]); | ||
$this->assertEquals(403, $this->client->getResponse()->getStatusCode()); | ||
$this->assertEquals( | ||
'You must be granted ROLE_CATEGORY_EDIT role to perform this entity action ! (403 Forbidden)', | ||
trim($crawler->filterXPath('//head/title')->text()) | ||
); | ||
|
||
$this->getBackendPage(['entity' => 'Category', 'action' => 'show', 'id' => 1]); | ||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
} | ||
|
||
public function testEntityActionsAreFilteredOnSpecificRoles() | ||
{ | ||
$this->logIn(['ROLE_ADMIN', 'ROLE_PRODUCT_LIST', 'ROLE_TEST_EDIT_PRODUCT']); | ||
|
||
$this->client->followRedirects(); | ||
|
||
$this->getBackendPage(['entity' => 'Product', 'action' => 'list']); | ||
|
||
$this->getBackendPage(['entity' => 'Product', 'action' => 'edit', 'id' => 1]); | ||
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | ||
|
||
$crawler = $this->getBackendPage(['entity' => 'Product', 'action' => 'show', 'id' => 1]); | ||
$this->assertEquals(403, $this->client->getResponse()->getStatusCode()); | ||
$this->assertEquals( | ||
'You must be granted ROLE_TEST_SHOW_PRODUCT role to perform this entity action ! (403 Forbidden)', | ||
trim($crawler->filterXPath('//head/title')->text()) | ||
); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -44,6 +44,7 @@ doctrine: | |
security: | ||
firewalls: | ||
secured_area: | ||
http_basic: ~ | ||
pattern: ^/ | ||
anonymous: true | ||
providers: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
imports: | ||
- { resource: config.yml } | ||
|
||
easy_admin_extension: | ||
minimum_role: ROLE_ADMIN | ||
|
||
easy_admin: | ||
design: | ||
menu: | ||
- label: Catalog | ||
children: | ||
- { label: Categories, entity: Category, role: ROLE_CATEGORY_LIST } | ||
- { label: Products, entity: Product, role: ROLE_PRODUCT_LIST } | ||
- { label: Images, entity: Image, role: ROLE_IMAGE_LIST } | ||
- label: Sales | ||
children: | ||
- { label: Purchases, entity: Purchase, role: ROLE_PURCHASE_LIST } | ||
- { label: Purchases items, entity: PurchaseItem, role: ROLE_PURCHASEITEM_LIST } | ||
entities: | ||
Category: | ||
class: AppTestBundle\Entity\FunctionalTests\Category | ||
role_prefix: ROLE_CATEGORY | ||
Image: | ||
class: AppTestBundle\Entity\FunctionalTests\Image | ||
role_prefix: ROLE_IMAGE | ||
Purchase: | ||
class: AppTestBundle\Entity\FunctionalTests\Purchase | ||
role_prefix: ROLE_PURCHASE | ||
PurchaseItem: | ||
class: AppTestBundle\Entity\FunctionalTests\PurchaseItem | ||
role_prefix: ROLE_PURCHASEITEM | ||
Product: | ||
class: AppTestBundle\Entity\FunctionalTests\Product | ||
role_prefix: ROLE_PRODUCT | ||
edit: | ||
role: ROLE_TEST_EDIT_PRODUCT | ||
show: | ||
role: ROLE_TEST_SHOW_PRODUCT |
1 change: 1 addition & 0 deletions
1
tests/Fixtures/AppTestBundle/Resources/views/dasboard/dashboard.html.twig
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Dashboard |