MethodAccessControlTest.php 2.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
  1. <?php
  2. namespace JMS\SecurityExtraBundle\Tests\Functional;
  3. class MethodAccessControlTest extends BaseTestCase
  4. {
  5. /**
  6. * @runInSeparateProcess
  7. */
  8. public function testControllerAddActionIsSecure()
  9. {
  10. $client = $this->createClient(array('config' => 'method_access_control.yml'));
  11. $client->request('GET', '/add');
  12. $response = $client->getResponse();
  13. $this->assertEquals(302, $response->getStatusCode());
  14. $this->assertEquals('http://localhost/login', $response->headers->get('Location'));
  15. }
  16. /**
  17. * @runInSeparateProcess
  18. */
  19. public function testControllerEditActionIsNotSecure()
  20. {
  21. $client = $this->createClient(array('config' => 'method_access_control.yml'));
  22. $client->request('GET', '/edit');
  23. $response = $client->getResponse();
  24. $this->assertEquals(200, $response->getStatusCode());
  25. }
  26. /**
  27. * @runInSeparateProcess
  28. * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
  29. */
  30. public function testUserManagerDeleteIsSecure()
  31. {
  32. $this->createClient(array('config' => 'method_access_control.yml'));
  33. $manager = self::$kernel->getContainer()->get('user_manager');
  34. $this->assertNotEquals(
  35. 'JMS\SecurityExtraBundle\Tests\Functional\TestBundle\User\UserManager',
  36. get_class($manager)
  37. );
  38. $manager->delete();
  39. }
  40. /**
  41. * @runInSeparateProcess
  42. */
  43. public function testAcl()
  44. {
  45. $client = $this->createClient(array('config' => 'acl_enabled.yml'));
  46. $client->insulate();
  47. $this->importDatabaseSchema();
  48. $this->login($client);
  49. $client->request('POST', '/post/add', array('title' => 'Foo'));
  50. $response = $client->getResponse();
  51. $this->assertEquals('/post/edit/1', $response->headers->get('Location'),
  52. substr($response, 0, 2000));
  53. $client->request('GET', '/post/edit/1');
  54. $response = $client->getResponse();
  55. $this->assertEquals(200, $response->getStatusCode(), substr($response, 0, 2000));
  56. $this->assertEquals('Foo', $response->getContent());
  57. }
  58. /**
  59. * @runInSeparateProcess
  60. */
  61. public function testRoleHierarchyIsRespected()
  62. {
  63. $client = $this->createClient(array('config' => 'all_voters_disabled.yml'));
  64. $client->insulate();
  65. $this->login($client);
  66. $client->request('GET', '/post/list');
  67. $response = $client->getResponse();
  68. $this->assertEquals(200, $response->getStatusCode(), substr($response, 0, 2000));
  69. $this->assertEquals('list', $response->getContent(), substr($response, 0, 2000));
  70. }
  71. }