|
0
|
1 |
<?php |
|
|
2 |
|
|
|
3 |
/* |
|
|
4 |
* This file is part of the Symfony package. |
|
|
5 |
* |
|
|
6 |
* (c) Fabien Potencier <fabien@symfony.com> |
|
|
7 |
* |
|
|
8 |
* For the full copyright and license information, please view the LICENSE |
|
|
9 |
* file that was distributed with this source code. |
|
|
10 |
*/ |
|
|
11 |
|
|
|
12 |
namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection; |
|
|
13 |
|
|
|
14 |
use Symfony\Component\DependencyInjection\Reference; |
|
|
15 |
|
|
|
16 |
use Symfony\Component\DependencyInjection\Parameter; |
|
|
17 |
|
|
|
18 |
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension; |
|
|
19 |
use Symfony\Component\DependencyInjection\ContainerBuilder; |
|
|
20 |
|
|
|
21 |
abstract class SecurityExtensionTest extends \PHPUnit_Framework_TestCase |
|
|
22 |
{ |
|
|
23 |
abstract protected function loadFromFile(ContainerBuilder $container, $file); |
|
|
24 |
|
|
|
25 |
public function testRolesHierarchy() |
|
|
26 |
{ |
|
|
27 |
$container = $this->getContainer('container1'); |
|
|
28 |
$this->assertEquals(array( |
|
|
29 |
'ROLE_ADMIN' => array('ROLE_USER'), |
|
|
30 |
'ROLE_SUPER_ADMIN' => array('ROLE_USER', 'ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'), |
|
|
31 |
'ROLE_REMOTE' => array('ROLE_USER', 'ROLE_ADMIN'), |
|
|
32 |
), $container->getParameter('security.role_hierarchy.roles')); |
|
|
33 |
} |
|
|
34 |
|
|
|
35 |
public function testUserProviders() |
|
|
36 |
{ |
|
|
37 |
$container = $this->getContainer('container1'); |
|
|
38 |
|
|
|
39 |
$providers = array_values(array_filter($container->getServiceIds(), function ($key) { return 0 === strpos($key, 'security.user.provider.concrete'); })); |
|
|
40 |
|
|
|
41 |
$expectedProviders = array( |
|
|
42 |
'security.user.provider.concrete.default', |
|
|
43 |
'security.user.provider.concrete.default_foo', |
|
|
44 |
'security.user.provider.concrete.digest', |
|
|
45 |
'security.user.provider.concrete.digest_foo', |
|
|
46 |
'security.user.provider.concrete.basic', |
|
|
47 |
'security.user.provider.concrete.basic_foo', |
|
|
48 |
'security.user.provider.concrete.basic_bar', |
|
|
49 |
'security.user.provider.concrete.doctrine', |
|
|
50 |
'security.user.provider.concrete.service', |
|
|
51 |
'security.user.provider.concrete.chain', |
|
|
52 |
); |
|
|
53 |
|
|
|
54 |
$this->assertEquals(array(), array_diff($expectedProviders, $providers)); |
|
|
55 |
$this->assertEquals(array(), array_diff($providers, $expectedProviders)); |
|
|
56 |
|
|
|
57 |
// chain provider |
|
|
58 |
$this->assertEquals(array(array( |
|
|
59 |
new Reference('security.user.provider.concrete.service'), |
|
|
60 |
new Reference('security.user.provider.concrete.doctrine'), |
|
|
61 |
new Reference('security.user.provider.concrete.basic'), |
|
|
62 |
)), $container->getDefinition('security.user.provider.concrete.chain')->getArguments()); |
|
|
63 |
} |
|
|
64 |
|
|
|
65 |
public function testFirewalls() |
|
|
66 |
{ |
|
|
67 |
$container = $this->getContainer('container1'); |
|
|
68 |
|
|
|
69 |
$arguments = $container->getDefinition('security.firewall.map')->getArguments(); |
|
|
70 |
$listeners = array(); |
|
|
71 |
foreach (array_keys($arguments[1]) as $contextId) { |
|
|
72 |
$contextDef = $container->getDefinition($contextId); |
|
|
73 |
$arguments = $contextDef->getArguments(); |
|
|
74 |
$listeners[] = array_map(function ($ref) { return (string) $ref; }, $arguments['index_0']); |
|
|
75 |
} |
|
|
76 |
|
|
|
77 |
$this->assertEquals(array( |
|
|
78 |
array(), |
|
|
79 |
array( |
|
|
80 |
'security.channel_listener', |
|
|
81 |
'security.logout_listener.secure', |
|
|
82 |
'security.authentication.listener.x509.secure', |
|
|
83 |
'security.authentication.listener.form.secure', |
|
|
84 |
'security.authentication.listener.basic.secure', |
|
|
85 |
'security.authentication.listener.digest.secure', |
|
|
86 |
'security.authentication.listener.anonymous.secure', |
|
|
87 |
'security.access_listener', |
|
|
88 |
'security.authentication.switchuser_listener.secure', |
|
|
89 |
), |
|
|
90 |
), $listeners); |
|
|
91 |
} |
|
|
92 |
|
|
|
93 |
public function testAccess() |
|
|
94 |
{ |
|
|
95 |
$container = $this->getContainer('container1'); |
|
|
96 |
|
|
|
97 |
$rules = array(); |
|
|
98 |
foreach ($container->getDefinition('security.access_map')->getMethodCalls() as $call) { |
|
|
99 |
if ($call[0] == 'add') { |
|
|
100 |
$rules[] = array((string) $call[1][0], $call[1][1], $call[1][2]); |
|
|
101 |
} |
|
|
102 |
} |
|
|
103 |
|
|
|
104 |
$matcherIds = array(); |
|
|
105 |
foreach ($rules as $rule) { |
|
|
106 |
list($matcherId, $roles, $channel) = $rule; |
|
|
107 |
|
|
|
108 |
$this->assertFalse(isset($matcherIds[$matcherId])); |
|
|
109 |
$matcherIds[$matcherId] = true; |
|
|
110 |
|
|
|
111 |
$i = count($matcherIds); |
|
|
112 |
if (1 === $i) { |
|
|
113 |
$this->assertEquals(array('ROLE_USER'), $roles); |
|
|
114 |
$this->assertEquals('https', $channel); |
|
|
115 |
} else if (2 === $i) { |
|
|
116 |
$this->assertEquals(array('IS_AUTHENTICATED_ANONYMOUSLY'), $roles); |
|
|
117 |
$this->assertNull($channel); |
|
|
118 |
} |
|
|
119 |
} |
|
|
120 |
} |
|
|
121 |
|
|
|
122 |
public function testMerge() |
|
|
123 |
{ |
|
|
124 |
$container = $this->getContainer('merge'); |
|
|
125 |
|
|
|
126 |
$this->assertEquals(array( |
|
|
127 |
'FOO' => array('MOO'), |
|
|
128 |
'ADMIN' => array('USER'), |
|
|
129 |
), $container->getParameter('security.role_hierarchy.roles')); |
|
|
130 |
} |
|
|
131 |
|
|
|
132 |
public function testEncoders() |
|
|
133 |
{ |
|
|
134 |
$container = $this->getContainer('container1'); |
|
|
135 |
|
|
|
136 |
$this->assertEquals(array(array( |
|
|
137 |
'JMS\FooBundle\Entity\User1' => array( |
|
|
138 |
'class' => new Parameter('security.encoder.plain.class'), |
|
|
139 |
'arguments' => array(false), |
|
|
140 |
), |
|
|
141 |
'JMS\FooBundle\Entity\User2' => array( |
|
|
142 |
'class' => new Parameter('security.encoder.digest.class'), |
|
|
143 |
'arguments' => array('sha1', false, 5), |
|
|
144 |
), |
|
|
145 |
'JMS\FooBundle\Entity\User3' => array( |
|
|
146 |
'class' => new Parameter('security.encoder.digest.class'), |
|
|
147 |
'arguments' => array('md5', true, 5000), |
|
|
148 |
), |
|
|
149 |
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'), |
|
|
150 |
)), $container->getDefinition('security.encoder_factory.generic')->getArguments()); |
|
|
151 |
} |
|
|
152 |
|
|
|
153 |
public function testAcl() |
|
|
154 |
{ |
|
|
155 |
$container = $this->getContainer('container1'); |
|
|
156 |
|
|
|
157 |
$this->assertTrue($container->hasDefinition('security.acl.dbal.provider')); |
|
|
158 |
$this->assertEquals('security.acl.dbal.provider', (string) $container->getAlias('security.acl.provider')); |
|
|
159 |
} |
|
|
160 |
|
|
|
161 |
public function testCustomAclProvider() |
|
|
162 |
{ |
|
|
163 |
$container = $this->getContainer('custom_acl_provider'); |
|
|
164 |
|
|
|
165 |
$this->assertFalse($container->hasDefinition('security.acl.dbal.provider')); |
|
|
166 |
$this->assertEquals('foo', (string) $container->getAlias('security.acl.provider')); |
|
|
167 |
} |
|
|
168 |
|
|
|
169 |
protected function getContainer($file) |
|
|
170 |
{ |
|
|
171 |
$container = new ContainerBuilder(); |
|
|
172 |
$security = new SecurityExtension(); |
|
|
173 |
$container->registerExtension($security); |
|
|
174 |
$this->loadFromFile($container, $file); |
|
|
175 |
|
|
|
176 |
$container->getCompilerPassConfig()->setOptimizationPasses(array()); |
|
|
177 |
$container->getCompilerPassConfig()->setRemovingPasses(array()); |
|
|
178 |
$container->compile(); |
|
|
179 |
|
|
|
180 |
return $container; |
|
|
181 |
} |
|
|
182 |
} |