Added more tests for the auth adapters

imbo · Mar 8, 2016 · 64ee612 · 64ee612
1 parent e13cc76
commit 64ee612
Show file tree

Hide file tree

Showing 4 changed files with 460 additions and 9 deletions.
diff --git a/library/Imbo/Auth/AccessControl/Adapter/MongoDB.php b/library/Imbo/Auth/AccessControl/Adapter/MongoDB.php
@@ -88,9 +88,10 @@ class MongoDB extends AbstractAdapter implements MutableAdapterInterface {
      *
      * @param array $params Parameters for the driver
      * @param MongoClient $client MongoClient instance
-     * @param MongoCollection $collection MongoCollection instance for the image variation collection
+     * @param MongoCollection $aclCollection MongoCollection instance for the acl collection
+     * @param MongoCollection $aclGrouplection MongoCollection instance for the acl group collection
      */
-    public function __construct(array $params = null, MongoClient $client = null, MongoCollection $collection = null) {
+    public function __construct(array $params = null, MongoClient $client = null, MongoCollection $aclCollection = null, MongoCollection $aclGroupCollection = null) {
         if ($params !== null) {
             $this->params = array_replace_recursive($this->params, $params);
         }
@@ -99,8 +100,12 @@ public function __construct(array $params = null, MongoClient $client = null, Mo
             $this->mongoClient = $client;
         }
 
-        if ($collection !== null) {
-            $this->collection = $collection;
+        if ($aclCollection !== null) {
+            $this->aclCollection = $aclCollection;
+        }
+
+        if ($aclGroupCollection !== null) {
+            $this->aclGroupCollection = $aclGroupCollection;
         }
     }
 
@@ -200,6 +205,8 @@ public function deletePublicKey($publicKey) {
                 'publicKey' => $publicKey
             ]);
 
+            unset($this->publicKeys[$publicKey]);
+
             return (bool) $result['ok'];
 
         } catch (MongoException $e) {
@@ -217,6 +224,8 @@ public function updatePrivateKey($publicKey, $privateKey) {
                 ['$set' => ['privateKey' => $privateKey]]
             );
 
+            unset($this->publicKeys[$publicKey]);
+
             return (bool) $result['ok'];
 
         } catch (MongoException $e) {
@@ -228,7 +237,7 @@ public function updatePrivateKey($publicKey, $privateKey) {
      * {@inheritdoc}
      */
     public function getAccessRule($publicKey, $accessId) {
-        $rules = $this->getAccessListForPublicKey($publicKey);
+        $rules = $this->getAccessListForPublicKey($publicKey) ?: [];
 
         foreach ($rules as $rule) {
             if ($rule['id'] == $accessId) {
@@ -247,13 +256,12 @@ public function addAccessRule($publicKey, array $accessRule) {
             $result = $this->getAclCollection()->update(
                 ['publicKey' => $publicKey],
                 ['$push' => ['acl' => array_merge(
-                    ['id' => new MongoId()],
+                    ['id' => $id = new MongoId()],
                     $accessRule
                 )]]
             );
 
-            return (bool) $result['ok'];
-
+            return (string) $id;
         } catch (MongoException $e) {
             throw new DatabaseException('Could not update rule in database', 500, $e);
         }
@@ -277,7 +285,7 @@ public function deleteAccessRule($publicKey, $accessId) {
 
             return (bool) $result['ok'];
         } catch (MongoException $e) {
-            throw new DatabaseException('Could not delete rule from in database', 500, $e);
+            throw new DatabaseException('Could not delete rule from database', 500, $e);
         }
     }
 
@@ -305,6 +313,9 @@ public function updateResourceGroup($groupName, array $resources) {
             ], [
                 '$set' => ['resources' => $resources],
             ]);
+
+            // Remove from local cache
+            unset($this->groups[$groupName]);
         } catch (MongoException $e) {
             throw new DatabaseException('Could not update resource group in database', 500, $e);
         }
@@ -320,6 +331,9 @@ public function deleteResourceGroup($groupName) {
             ])['ok'];
 
             if ($success) {
+                // Remove from local cache
+                unset($this->groups[$groupName]);
+
                 // Also remove ACL rules that depended on this group
                 $this->getAclCollection()->update(
                     ['acl.group' => $groupName],

diff --git a/tests/phpunit/ImboIntegrationTest/Auth/AccessControl/Adapter/AdapterTests.php b/tests/phpunit/ImboIntegrationTest/Auth/AccessControl/Adapter/AdapterTests.php
@@ -0,0 +1,141 @@
+<?php
+/**
+ * This file is part of the Imbo package
+ *
+ * (c) Christer Edvartsen <cogo@starzinger.net>
+ *
+ * For the full copyright and license information, please view the LICENSE file that was
+ * distributed with this source code.
+ */
+
+namespace ImboIntegrationTest\Auth\AccessControl\Adapter;
+
+/**
+ * @group integration
+ */
+abstract class AdapterTests extends \PHPUnit_Framework_TestCase {
+    /**
+     * @var Imbo\Auth\AccessControl\Adapter\MutableAdapterInterface
+     */
+    private $adapter;
+
+    /**
+     * Get the adapter we want to test
+     *
+     * @return Imbo\Auth\AccessControl\Adapter\MutableAdapterInterface
+     */
+    abstract protected function getAdapter();
+
+    /**
+     * Set up
+     */
+    public function setUp() {
+        $this->adapter = $this->getAdapter();
+    }
+
+    /**
+     * Tear down
+     */
+    public function tearDown() {
+        $this->adapter = null;
+    }
+
+    public function testReturnsEmptyArrayWhenThereIsNoGroups() {
+        $model = $this->getMock('Imbo\Model\Groups');
+        $model->expects($this->once())->method('setHits')->with(0);
+
+        $this->assertSame([], $this->adapter->getGroups(null, $model));
+    }
+
+    public function testCanAddAndFetchGroups() {
+        $this->assertFalse($this->adapter->getGroup('g1'));
+        $this->assertFalse($this->adapter->getGroup('g2'));
+
+        $this->adapter->addResourceGroup('g1', ['images.get', 'images.head']);
+        $this->adapter->addResourceGroup('g2', ['status.get']);
+
+        $this->assertSame(['images.get', 'images.head'], $this->adapter->getGroup('g1'));
+        $this->assertSame(['status.get'], $this->adapter->getGroup('g2'));
+
+        $model = $this->getMock('Imbo\Model\Groups');
+        $model->expects($this->once())->method('setHits')->with(2);
+
+        $groups = $this->adapter->getGroups(null, $model);
+
+        $this->assertArrayHasKey('g1', $groups);
+        $this->assertArrayHasKey('g2', $groups);
+
+        $this->assertSame(['images.get', 'images.head'], $groups['g1']);
+        $this->assertSame(['status.get'], $groups['g2']);
+    }
+
+    public function testCanCheckIfGroupExists() {
+        $this->assertFalse($this->adapter->groupExists('g1'));
+        $this->assertFalse($this->adapter->groupExists('g2'));
+        $this->assertFalse($this->adapter->groupExists('g3'));
+
+        $this->adapter->addResourceGroup('g1');
+        $this->adapter->addResourceGroup('g2');
+
+        $this->assertTrue($this->adapter->groupExists('g1'));
+        $this->assertTrue($this->adapter->groupExists('g2'));
+        $this->assertFalse($this->adapter->groupExists('g3'));
+    }
+
+    public function testCanUpdateResourceGroup() {
+        $this->adapter->addResourceGroup('g1', ['images.get', 'images.head']);
+        $this->adapter->addResourceGroup('g2', ['image.get']);
+
+        $this->assertSame(['images.get', 'images.head'], $this->adapter->getGroup('g1'));
+        $this->assertSame(['image.get'], $this->adapter->getGroup('g2'));
+
+        $this->adapter->updateResourceGroup('g1', ['status.get']);
+        $this->assertSame(['status.get'], $this->adapter->getGroup('g1'));
+        $this->assertSame(['image.get'], $this->adapter->getGroup('g2')); // Has not changed
+    }
+
+    public function testCanRemoveGroup() {
+        $this->adapter->addResourceGroup('g1', ['images.get', 'images.head']);
+        $this->assertSame(['images.get', 'images.head'], $this->adapter->getGroup('g1'));
+        $this->assertTrue($this->adapter->deleteResourceGroup('g1'));
+        $this->assertSame(false, $this->adapter->getGroup('g1'));
+    }
+
+    public function testCanManipulateKeys() {
+        $this->assertNull($this->adapter->getPrivateKey('publicKey'));
+        $this->assertFalse($this->adapter->publicKeyExists('publicKey'));
+        $this->assertTrue($this->adapter->addKeyPair('publicKey', 'privateKey'));
+        $this->assertTrue($this->adapter->publicKeyExists('publicKey'));
+        $this->assertSame('privateKey', $this->adapter->getPrivateKey('publicKey'));
+        $this->assertTrue($this->adapter->updatePrivateKey('publicKey', 'newPrivateKey'));
+        $this->assertSame('newPrivateKey', $this->adapter->getPrivateKey('publicKey'));
+        $this->assertTrue($this->adapter->deletePublicKey('publicKey'));
+        $this->assertFalse($this->adapter->publicKeyExists('publicKey'));
+        $this->assertNull($this->adapter->getPrivateKey('publicKey'));
+    }
+
+    public function testGetAccessRuleThatDoesNotExist() {
+        $this->assertNull($this->adapter->getAccessRule('publickey', 'id'));
+    }
+
+    public function testCanManipulateAccessRules() {
+        $this->adapter->addKeyPair('public', 'private');
+        $this->assertInternalType('string', $ruleId = $this->adapter->addAccessRule('public', ['resources' => ['image.get'], 'users' => ['user']]));
+        $this->assertSame([
+            'id' => $ruleId,
+            'resources' => ['image.get'],
+            'users' => ['user'],
+        ], $this->adapter->getAccessRule('public', $ruleId));
+        $this->assertTrue($this->adapter->deleteAccessRule('public', $ruleId));
+        $this->assertNull($this->adapter->getAccessRule('publickey', $ruleId));
+    }
+
+    /**
+     * @expectedException Imbo\Exception\DatabaseException
+     * @expectedExceptionCode 500
+     * @expectedExceptionMessage Could not delete rule from database
+     */
+    public function testDeleteAccessRuleWithIdThatDoesNotExist() {
+        $this->assertFalse($this->adapter->deleteAccessRule('public', 'asdasd'));
+    }
+}
diff --git a/tests/phpunit/ImboIntegrationTest/Auth/AccessControl/Adapter/MongoDBTest.php b/tests/phpunit/ImboIntegrationTest/Auth/AccessControl/Adapter/MongoDBTest.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * This file is part of the Imbo package
+ *
+ * (c) Christer Edvartsen <cogo@starzinger.net>
+ *
+ * For the full copyright and license information, please view the LICENSE file that was
+ * distributed with this source code.
+ */
+
+namespace ImboIntegrationTest\Auth\AccessControl\Adapter;
+
+use Imbo\Auth\AccessControl\Adapter\MongoDB,
+    MongoClient;
+
+/**
+ * @covers Imbo\Auth\AccessControl\Adapter\MongoDB
+ * @group integration
+ * @group mongodb
+ */
+class MongoDBTest extends AdapterTests {
+    /**
+     * Name of the test database
+     *
+     * @var string
+     */
+    protected $databaseName = 'imboIntegrationTestAuth';
+
+    /**
+     * @see ImboIntegrationTest\Database\DatabaseTests::getAdapter()
+     */
+    protected function getAdapter() {
+        return new MongoDB([
+            'databaseName' => $this->databaseName,
+        ]);
+    }
+
+    /**
+     * Make sure we have the mongo extension available and drop the test database just in case
+     */
+    public function setUp() {
+        if (!class_exists('MongoClient')) {
+            $this->markTestSkipped('pecl/mongo >= 1.3.0 is required to run this test');
+        }
+
+        $client = new MongoClient();
+        $client->selectDB($this->databaseName)->drop();
+
+        parent::setUp();
+    }
+
+    /**
+     * Drop the test database after each test
+     */
+    public function tearDown() {
+        if (class_exists('MongoClient')) {
+            $client = new MongoClient();
+            $client->selectDB($this->databaseName)->drop();
+        }
+
+        parent::tearDown();
+    }
+}