File size: 1,992 Bytes
e4f4821 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | <?php
require_once __DIR__.'/../../Base.php';
use Kanboard\Core\Security\Role;
use Kanboard\Core\Security\AccessMap;
use Kanboard\Core\Security\Authorization;
class AuthorizationTest extends Base
{
public function testIsAllowed()
{
$acl = new AccessMap;
$acl->setDefaultRole(Role::APP_USER);
$acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER));
$acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER));
$acl->add('MyController', 'myAction1', Role::APP_MANAGER);
$acl->add('MyController', 'myAction2', Role::APP_ADMIN);
$acl->add('MyManagerController', '*', Role::APP_MANAGER);
$authorization = new Authorization($acl);
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
$this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else'));
$this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER));
$this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else'));
$this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER));
$this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER));
$this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else'));
}
}
|