2014-05-06 18:15:35 +02:00
|
|
|
<?php
|
|
|
|
|
class ApiPrivilegeTest extends AbstractFullApiTest
|
|
|
|
|
{
|
|
|
|
|
public function testPrivilegeTesting()
|
|
|
|
|
{
|
|
|
|
|
$priv1 = new Privilege(Privilege::ViewPost, 'own');
|
|
|
|
|
$priv2 = new Privilege(Privilege::ViewPost, 'own');
|
|
|
|
|
$this->assert->areNotEqual($priv1, $priv2);
|
|
|
|
|
$this->assert->areEquivalent($priv1, $priv2);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testRegularPrivileges()
|
|
|
|
|
{
|
|
|
|
|
$this->testRegularPrivilege(new AcceptUserRegistrationJob(), new Privilege(Privilege::AcceptUserRegistration));
|
|
|
|
|
$this->testRegularPrivilege(new ActivateUserEmailJob(), false);
|
|
|
|
|
$this->testRegularPrivilege(new AddCommentJob(), new Privilege(Privilege::AddComment));
|
|
|
|
|
$this->testRegularPrivilege(new PreviewCommentJob(), new Privilege(Privilege::AddComment));
|
2014-05-06 19:39:41 +02:00
|
|
|
$this->testRegularPrivilege(new AddPostJob(), new Privilege(Privilege::AddPost));
|
2014-05-06 18:15:35 +02:00
|
|
|
$this->testRegularPrivilege(new AddUserJob(), new Privilege(Privilege::RegisterAccount));
|
|
|
|
|
$this->testRegularPrivilege(new EditUserJob(), false);
|
|
|
|
|
$this->testRegularPrivilege(new GetLogJob(), new Privilege(Privilege::ViewLog));
|
|
|
|
|
$this->testRegularPrivilege(new ListCommentsJob(), new Privilege(Privilege::ListComments));
|
|
|
|
|
$this->testRegularPrivilege(new ListLogsJob(), new Privilege(Privilege::ListLogs));
|
|
|
|
|
$this->testRegularPrivilege(new ListPostsJob(), new Privilege(Privilege::ListPosts));
|
|
|
|
|
$this->testRegularPrivilege(new ListRelatedTagsJob(), new Privilege(Privilege::ListTags));
|
|
|
|
|
$this->testRegularPrivilege(new ListTagsJob(), new Privilege(Privilege::ListTags));
|
|
|
|
|
$this->testRegularPrivilege(new ListUsersJob(), new Privilege(Privilege::ListUsers));
|
|
|
|
|
$this->testRegularPrivilege(new PasswordResetJob(), false);
|
|
|
|
|
$this->testRegularPrivilege(new MergeTagsJob(), new Privilege(Privilege::MergeTags));
|
|
|
|
|
$this->testRegularPrivilege(new RenameTagsJob(), new Privilege(Privilege::RenameTags));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function testRegularPrivilege($job, $expectedPrivilege)
|
|
|
|
|
{
|
|
|
|
|
$this->testedJobs []= $job;
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDynamicPostPrivileges()
|
|
|
|
|
{
|
2014-05-13 21:08:07 +02:00
|
|
|
$this->login($this->userMocker->mockSingle());
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$this->testDynamicPostPrivilege(new DeletePostJob(), new Privilege(Privilege::DeletePost));
|
2014-05-06 19:39:41 +02:00
|
|
|
$this->testDynamicPostPrivilege(new EditPostJob(), new Privilege(Privilege::EditPost));
|
2014-05-06 18:15:35 +02:00
|
|
|
$this->testDynamicPostPrivilege(new EditPostContentJob(), new Privilege(Privilege::EditPostContent));
|
|
|
|
|
$this->testDynamicPostPrivilege(new EditPostRelationsJob(), new Privilege(Privilege::EditPostRelations));
|
|
|
|
|
$this->testDynamicPostPrivilege(new EditPostSafetyJob(), new Privilege(Privilege::EditPostSafety));
|
|
|
|
|
$this->testDynamicPostPrivilege(new EditPostSourceJob(), new Privilege(Privilege::EditPostSource));
|
|
|
|
|
$this->testDynamicPostPrivilege(new EditPostTagsJob(), new Privilege(Privilege::EditPostTags));
|
|
|
|
|
$this->testDynamicPostPrivilege(new EditPostThumbJob(), new Privilege(Privilege::EditPostThumb));
|
2014-05-06 19:39:41 +02:00
|
|
|
|
|
|
|
|
$ctx = function($job)
|
|
|
|
|
{
|
|
|
|
|
$job->setContext(AbstractJob::CONTEXT_BATCH_ADD);
|
|
|
|
|
return $job;
|
|
|
|
|
};
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostJob), new Privilege(Privilege::AddPost));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostContentJob), new Privilege(Privilege::AddPostContent));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostRelationsJob), new Privilege(Privilege::AddPostRelations));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostSafetyJob), new Privilege(Privilege::AddPostSafety));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostSourceJob), new Privilege(Privilege::AddPostSource));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostTagsJob), new Privilege(Privilege::AddPostTags));
|
|
|
|
|
$this->testDynamicPostPrivilege($ctx(new EditPostThumbJob), new Privilege(Privilege::AddPostThumb));
|
|
|
|
|
|
2014-05-06 18:15:35 +02:00
|
|
|
$this->testDynamicPostPrivilege(new FeaturePostJob(), new Privilege(Privilege::FeaturePost));
|
|
|
|
|
$this->testDynamicPostPrivilege(new FlagPostJob(), new Privilege(Privilege::FlagPost));
|
|
|
|
|
$this->testDynamicPostPrivilege(new ScorePostJob(), new Privilege(Privilege::ScorePost));
|
|
|
|
|
$this->testDynamicPostPrivilege(new TogglePostTagJob(), new Privilege(Privilege::EditPostTags));
|
|
|
|
|
$this->testDynamicPostPrivilege(new TogglePostVisibilityJob(), new Privilege(Privilege::HidePost));
|
|
|
|
|
$this->testDynamicPostPrivilege(new TogglePostFavoriteJob(), new Privilege(Privilege::FavoritePost));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function testDynamicPostPrivilege($job, $expectedPrivilege)
|
|
|
|
|
{
|
|
|
|
|
$this->testedJobs []= $job;
|
|
|
|
|
|
2014-05-13 21:08:07 +02:00
|
|
|
list ($ownPost, $otherPost) = $this->postMocker->mockMultiple(2);
|
|
|
|
|
$ownPost->setUploader(Auth::getCurrentUser());
|
|
|
|
|
$otherPost->setUploader($this->userMocker->mockSingle());
|
|
|
|
|
PostModel::save([$ownPost, $otherPost]);
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'all';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_POST_ID, $otherPost->getId());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'own';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_POST_ID, $ownPost->getId());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDynamicPostRetrievalPrivileges()
|
|
|
|
|
{
|
|
|
|
|
$jobs =
|
|
|
|
|
[
|
|
|
|
|
new GetPostJob(),
|
|
|
|
|
new GetPostContentJob(),
|
|
|
|
|
];
|
|
|
|
|
|
2014-05-13 21:08:07 +02:00
|
|
|
$post = $this->postMocker->mockSingle();
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
foreach ($jobs as $job)
|
|
|
|
|
{
|
|
|
|
|
$this->testedJobs []= $job;
|
|
|
|
|
|
|
|
|
|
$post->setHidden(true);
|
|
|
|
|
PostModel::save($post);
|
|
|
|
|
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_POST_ID, $post->getId());
|
|
|
|
|
$job->setArgument(JobArgs::ARG_POST_NAME, $post->getName());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
|
|
|
|
$this->assert->areEquivalent([
|
|
|
|
|
new Privilege(Privilege::ViewPost, 'hidden'),
|
2014-05-12 10:31:34 +02:00
|
|
|
new Privilege(Privilege::ViewPost, 'safe')], $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDynamicPostThumbPrivileges()
|
|
|
|
|
{
|
|
|
|
|
$job = new GetPostThumbJob();
|
|
|
|
|
$this->testedJobs []= $job;
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent(false, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDynamicUserPrivileges()
|
|
|
|
|
{
|
2014-05-13 21:08:07 +02:00
|
|
|
$ownUser = $this->userMocker->mockSingle();
|
2014-05-06 18:15:35 +02:00
|
|
|
$this->login($ownUser);
|
|
|
|
|
|
|
|
|
|
$this->testDynamicUserPrivilege(new DeleteUserJob(), new Privilege(Privilege::DeleteUser));
|
|
|
|
|
$this->testDynamicUserPrivilege(new EditUserAccessRankJob(), new Privilege(Privilege::ChangeUserAccessRank));
|
|
|
|
|
$this->testDynamicUserPrivilege(new EditUserEmailJob(), new Privilege(Privilege::ChangeUserEmail));
|
|
|
|
|
$this->testDynamicUserPrivilege(new EditUserNameJob(), new Privilege(Privilege::ChangeUserName));
|
|
|
|
|
$this->testDynamicUserPrivilege(new EditUserPasswordJob(), new Privilege(Privilege::ChangeUserPassword));
|
|
|
|
|
$this->testDynamicUserPrivilege(new FlagUserJob(), new Privilege(Privilege::FlagUser));
|
|
|
|
|
$this->testDynamicUserPrivilege(new GetUserJob(), new Privilege(Privilege::ViewUser));
|
|
|
|
|
$this->testDynamicUserPrivilege(new ToggleUserBanJob(), new Privilege(Privilege::BanUser));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function testDynamicUserPrivilege($job, $expectedPrivilege)
|
|
|
|
|
{
|
|
|
|
|
$ownUser = Auth::getCurrentUser();
|
|
|
|
|
|
2014-05-13 21:08:07 +02:00
|
|
|
$otherUser = $this->userMocker->mockSingle();
|
2014-05-07 00:34:02 +02:00
|
|
|
$otherUser->setName('dummy' . uniqid());
|
2014-05-06 18:15:35 +02:00
|
|
|
UserModel::save($otherUser);
|
|
|
|
|
|
|
|
|
|
$this->testedJobs []= $job;
|
|
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'own';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_USER_NAME, $ownUser->getName());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'all';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_USER_NAME, $otherUser->getName());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDynamicCommentPrivileges()
|
|
|
|
|
{
|
2014-05-13 21:08:07 +02:00
|
|
|
$this->login($this->userMocker->mockSingle());
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$this->testDynamicCommentPrivilege(new DeleteCommentJob(), new Privilege(Privilege::DeleteComment));
|
|
|
|
|
$this->testDynamicCommentPrivilege(new EditCommentJob(), new Privilege(Privilege::EditComment));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function testDynamicCommentPrivilege($job, $expectedPrivilege)
|
|
|
|
|
{
|
2014-05-13 21:08:07 +02:00
|
|
|
list ($ownComment, $otherComment) = $this->commentMocker->mockMultiple(2);
|
|
|
|
|
$ownComment->setCommenter(Auth::getCurrentUser());
|
|
|
|
|
$otherComment->setCommenter($this->userMocker->mockSingle());
|
|
|
|
|
CommentModel::save([$ownComment, $otherComment]);
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$this->testedJobs []= $job;
|
|
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'own';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_COMMENT_ID, $ownComment->getId());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
|
|
|
|
|
$expectedPrivilege->secondary = 'all';
|
2014-05-12 00:13:18 +02:00
|
|
|
$job->setArgument(JobArgs::ARG_COMMENT_ID, $otherComment->getId());
|
2014-05-06 18:15:35 +02:00
|
|
|
$job->prepare();
|
2014-05-12 10:31:34 +02:00
|
|
|
$this->assert->areEquivalent($expectedPrivilege, $job->getRequiredPrivileges());
|
2014-05-06 18:15:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testPrivilegeEnforcing()
|
|
|
|
|
{
|
|
|
|
|
$this->assert->throws(function()
|
|
|
|
|
{
|
2014-05-13 21:08:07 +02:00
|
|
|
$post = $this->postMocker->mockSingle();
|
2014-05-06 18:15:35 +02:00
|
|
|
getConfig()->registration->needEmailForCommenting = false;
|
|
|
|
|
return Api::run(
|
|
|
|
|
new AddCommentJob(),
|
|
|
|
|
[
|
2014-05-12 00:13:18 +02:00
|
|
|
JobArgs::ARG_POST_ID => $post->getId(),
|
|
|
|
|
JobArgs::ARG_NEW_TEXT => 'alohaaa',
|
2014-05-06 18:15:35 +02:00
|
|
|
]);
|
|
|
|
|
}, 'Insufficient privileges');
|
|
|
|
|
}
|
|
|
|
|
}
|
