Skip to content
Permalink
Browse files

code cleanup, added some tests

  • Loading branch information...
0x20h committed Jan 18, 2012
1 parent c6624fa commit 4532659fed6d27ee7ad9920a30198b7319aa25f8
@@ -148,12 +148,12 @@ public function inherit($aro, $aco, $action = "*") {
* @param string $aco_action Action
* @return boolean true if access is granted, false otherwise
*/
public function check($aro, $aco, $aco_action = null) {
public function check($aro, $aco, $aco_action = "*") {
$allow = $this->options['policy'];
$prioritizedAros = $this->Aro->roles($aro);
if ($aco_action) {
$aco .= (strpos($aco, '.') ? '.' : '/') . $aco_action;
if ($aco_action && $aco_action != "*") {
$aco .= '/' . $aco_action;
}
$path = $this->Aco->path($aco);
@@ -202,7 +202,7 @@ class PhpAco {
public function __construct(array $rules = array()) {
foreach (array('allow', 'deny') as $type) {
if(empty($rules[$type])) {
if (empty($rules[$type])) {
$rules[$type] = array();
}
}
@@ -230,7 +230,7 @@ public function path($aco) {
}
foreach ($root as $node => $elements) {
$pattern = '#^'.str_replace(array_keys(self::$modifiers), array_values(self::$modifiers), $node).'$#';
$pattern = '/^'.str_replace(array_keys(self::$modifiers), array_values(self::$modifiers), $node).'$/';
if ($node == $aco[$level] || preg_match($pattern, $aco[$level])) {
// merge allow/denies with $path of current level
@@ -299,7 +299,11 @@ public function resolve($aco) {
return array_map('strtolower', $aco);
}
return array_map('trim', explode('/', ltrim(strtolower($aco), '/')));
// strip multiple occurences of '/'
$aco = preg_replace('#/+#', '/', $aco);
// make case insensitive
$aco = ltrim(strtolower($aco), '/');
return array_map('trim', explode('/', $aco));
}
/**
@@ -381,7 +385,10 @@ class PhpAro {
protected $tree = array();
public function __construct(array $aro = array(), array $map = array(), array $aliases = array()) {
!empty($map) && $this->map = $map;
if (!empty($map)) {
$this->map = $map;
}
$this->aliases = $aliases;
$this->build($aro);
}
@@ -415,7 +422,7 @@ public function roles($aro) {
// everybody inherits from the default role
if ($aro != self::DEFAULT_ROLE) {
$aros[]= array(self::DEFAULT_ROLE);
$aros[] = array(self::DEFAULT_ROLE);
}
return array_reverse($aros);
}
@@ -430,7 +437,7 @@ public function roles($aro) {
*/
public function resolve($aro) {
foreach ($this->map as $aroGroup => $map) {
list ($model, $field) = explode('/', $map);
list ($model, $field) = explode('/', $map, 2);
$mapped = '';
if (is_array($aro)) {
@@ -447,7 +454,7 @@ public function resolve($aro) {
if (strpos($aro, '/') === false) {
$mapped = $aroGroup . '/' . $aro;
} else {
list($aroModel, $aroValue) = explode('/', $aro);
list($aroModel, $aroValue) = explode('/', $aro, 2);
$aroModel = Inflector::camelize($aroModel);
@@ -54,12 +54,14 @@ public function testRoleInheritance() {
$this->assertEquals(array('User/hardy'), $roles[4]);
}
public function testAddRole() {
$this->assertEquals(array(array(PhpAro::DEFAULT_ROLE)), $this->Acl->Aro->roles('foobar'));
$this->Acl->Aro->addRole(array('User/foobar' => 'Role/accounting'));
$this->assertEquals(array(array('Role/default'), array('Role/accounting'), array('User/foobar')), $this->Acl->Aro->roles('foobar'));
}
public function testAroResolve() {
$map = $this->Acl->Aro->map;
$this->Acl->Aro->map = array(
@@ -82,7 +84,9 @@ public function testAroResolve() {
$this->assertEquals(PhpAro::DEFAULT_ROLE, $this->Acl->Aro->resolve(array('FooModel' => array('role' => 'hardy'))));
}
/**
* test correct resolution of defined aliases
*/
public function testAroAliases() {
$this->Acl->Aro->map = array(
'User' => 'User/username',
@@ -130,8 +134,9 @@ public function testAroAliases() {
$this->assertTrue($this->Acl->check($user, '/controllers/invoices/send'));
}
/**
* testPhpCheck method
* test check method
*
* @return void
*/
@@ -182,6 +187,9 @@ public function testCheck() {
}
/**
* lhs of defined rules are case insensitive
*/
public function testCheckIsCaseInsensitive() {
$this->assertTrue($this->Acl->check('hardy', 'controllers/forms/new'));
$this->assertTrue($this->Acl->check('Role/data_acquirer', 'controllers/forms/new'));
@@ -190,6 +198,9 @@ public function testCheckIsCaseInsensitive() {
}
/**
* allow should work in-memory
*/
public function testAllow() {
$this->assertFalse($this->Acl->check('jeff', 'foo/bar'));
@@ -208,6 +219,9 @@ public function testAllow() {
}
/**
* deny should work in-memory
*/
public function testDeny() {
$this->assertTrue($this->Acl->check('stan', 'controllers/baz/manager_foo'));
@@ -220,6 +234,9 @@ public function testDeny() {
}
/**
* test that a deny rule wins over an equally specific allow rule
*/
public function testDenyRuleIsStrongerThanAllowRule() {
$this->assertFalse($this->Acl->check('peter', 'baz/bam'));
$this->Acl->allow('peter', 'baz/bam');
@@ -241,7 +258,10 @@ public function testDenyRuleIsStrongerThanAllowRule() {
$this->assertFalse($this->Acl->check('stan', 'controllers/reports/delete'));
}
/**
* test that an invalid configuration throws exception
*/
public function testInvalidConfigWithAroMissing() {
$this->setExpectedException(
'AclException',
@@ -265,13 +285,28 @@ public function testInvalidConfigWithAcosMissing() {
$this->PhpAcl->build($config);
}
/**
* test resolving of ACOs
*/
public function testAcoResolve() {
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('foo/bar'));
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('foo/bar'));
$this->assertEquals(array('foo', 'bar', 'baz'), $this->Acl->Aco->resolve('foo/bar/baz'));
$this->assertEquals(array('foo', '*-bar', '?-baz'), $this->Acl->Aco->resolve('foo/*-bar/?-baz'));
$this->assertEquals(array('foo', 'bar', '[a-f0-9]{24}', '*_bla', 'bla'), $this->Acl->Aco->resolve('foo/bar/[a-f0-9]{24}/*_bla/bla'));
// multiple slashes will be squashed to a single, then exploded
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('foo//bar'));
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('//foo//bar'));
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('/foo//bar'));
$this->assertEquals(array('foo', 'bar'), $this->Acl->Aco->resolve('/foo // bar'));
$this->assertEquals(array(''), $this->Acl->Aco->resolve('/////'));
}
/**
* test that declaring cyclic dependencies should give an error when building the tree
*/
public function testAroDeclarationContainsCycles() {
$config = array(
'roles' => array(

0 comments on commit 4532659

Please sign in to comment.
You can’t perform that action at this time.