#729 v3 authorization fail #734
Conversation
| // try/catch/finally instead of expectExcetion | ||
| // to restore `debug` configuration | ||
| try { | ||
| $controller->beforeFilter($event); |
There was a problem hiding this comment.
Integration tests generally make requests to the application and check the response contents.
There was a problem hiding this comment.
I'm ok with you about testDebugDisabled but for the testSkipAuthorization i should test the AuthorizationService::authorizationChecked() status, and i only can do that thrue controller request.
Any ideas ?
| $this->assertInstanceOf('Cake\Http\Exception\NotFoundException', $e); | ||
| $this->assertSame('Not available without debug mode on.', $e->getMessage()); | ||
| } finally { | ||
| Configure::write('debug', $oldStatus); |
There was a problem hiding this comment.
You don't need to do this. The test harness will reset Configure state during its teardown method.
| } | ||
|
|
||
| // Skip authorization for DebuKit requests | ||
| $authorizationService = $this->getRequest()->getAttribute('authorization'); |
There was a problem hiding this comment.
I thought this was going to be a behavior that users could turn on. Something like DebugKit.safeTLD works.
|
Thanks. I thought my code was clean ;) |
markstory
left a comment
markstory
left a comment
There was a problem hiding this comment.
Tests look much better now. Thank you for taking the time to update them.
| if (Configure::read('DebugKit.ignoreAuthorization')) { | ||
| $authorizationService->skipAuthorization(); | ||
| } else { | ||
| Log::info( |
Add configuration option to skip authorization for DebugKit requests. Port #734 to 4.x
Add configuration option to skip authorization for DebugKit requests. Port #734 to 4.x
2 participants
Skip cakephp/authorization plugin for DebugKit requests only