<?php
/**
* Test the content module's acl assertions.
*
* @copyright 2011 Perforce Software. All rights reserved.
* @license Please see LICENSE.txt in top-level folder of this distribution.
* @version <release>/<patch>
*/
class Content_Test_AclAssertsTest extends ModuleTest
{
/**
* Test the is owner acl assertion.
*/
public function testIsOwner()
{
$acl = new Zend_Acl;
$role = new Zend_Acl_Role('editor');
$resource = new Zend_Acl_Resource('content');
$privilege = 'does-not-matter';
// assert instance
$isOwner = new Content_Acl_Assert_IsOwner();
// active user
$user = new P4Cms_User;
$user->setId('joe');
P4Cms_User::setActive($user);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('lasdfjk');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
// content resource with no id should return false.
$resource = new Zend_Acl_Resource('content');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
$resource = new Zend_Acl_Resource('content/');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-content resource.'
);
// no active user should return false
P4Cms_User::clearActive();
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with no active user.'
);
// anonymous user should return false
$user->setId(null);
P4Cms_User::setActive($user);
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with anonymous user.'
);
// content resource with invalid id should return false.
$resource = new Zend_Acl_Resource('content/123');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true with non-existent content resource.'
);
// make content entry.
P4Cms_Content::store(
array('id' => 1, 'title' => 'test', 'contentOwner' => 'tester')
);
// valid content resource, but not owner should return false.
$user->setId('joe');
P4Cms_User::setActive($user);
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$isOwner->assert($acl, $role, $resource, $privilege),
'Unexpected isOwner = true when user not owner.'
);
// valid owner should return true.
$user->setId('tester');
P4Cms_User::setActive($user);
$resource = new Zend_Acl_Resource('content/1');
$this->assertTrue(
$isOwner->assert($acl, $role, $resource, $privilege),
'Expected isOwner = true when user is owner.'
);
}
/**
* Test the can edit acl assertion.
*
* @param string $privilege optional - the privilege to test defaults
* to 'edit', pass 'delete' to test CanDelete
* @param string $privilegeAll optional - 'superior' privilege to test
* defaults to 'edit-all', pass 'delete-any'
* to test CanDelete
*/
public function testCanEdit($privilege = 'edit', $privilegeAll = 'edit-all')
{
$acl = new Zend_Acl;
$author = new Zend_Acl_Role('author');
$editor = new Zend_Acl_Role('editor');
$resource = new Zend_Acl_Resource('content');
// assert instance
$canDo = new P4Cms_Acl_Assert_Proxy(
"Content_Acl_Assert_Can" . ucfirst($privilege)
);
// active user
$user = new P4Cms_User;
$user->setId('joe');
P4Cms_User::setActive($user);
// configure acl.
$acl->addRole($author);
$acl->addRole($editor);
$acl->addResource($resource);
$acl->allow($author, $resource, $privilege . '-own');
$acl->allow($editor, $resource, $privilegeAll);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('lasdfjk');
$this->assertFalse(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected canDo = true with non-content resource.'
);
// non-content resource should return false.
$resource = new Zend_Acl_Resource('contentkasdjf');
$this->assertFalse(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with non-content resource.'
);
// editor role (ie. edit-all) should return true.
$resource = new Zend_Acl_Resource('content');
$this->assertTrue(
$canDo->assert($acl, $editor, $resource, $privilege),
'Unexpected can ' . $privilege . ' = false with editor role.'
);
// author (ie. edit-own) should return false for 'content' resource
$resource = new Zend_Acl_Resource('content');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with author role.'
);
// author should return false for non-existent 'content' resource
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with non-existent content.'
);
// author some content.
P4Cms_Content::store(
array('id' => 1, 'title' => 'test', 'contentOwner' => 'joe')
);
// author should return true for owned content.
$resource = new Zend_Acl_Resource('content/1');
$this->assertTrue(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = false for owned content.'
);
// switch id of active user to be different from content owner.
P4Cms_User::fetchActive()->setId($this->p4->getUser());
// author should return false for un-owned content.
$resource = new Zend_Acl_Resource('content/1');
$this->assertFalse(
$canDo->assert($acl, $author, $resource, $privilege),
'Unexpected can ' . $privilege . ' = true with un-owned content.'
);
}
/**
* Test can delete behavior. Should behave exactly like
* can edit, just with delete privilege instead of edit.
*/
public function testCanDelete()
{
$this->testCanEdit('delete', 'delete-any');
}
}