Merge pull request #1 from fguillot/master

Update from upstream
author: Gerardo Zamudio <gerardozamudio@users.noreply.github.com> 2016-02-24 23:48:50 -0600
committer: Gerardo Zamudio <gerardozamudio@users.noreply.github.com> 2016-02-24 23:48:50 -0600
commit: e4de6b3898b64b26d29aff31f21df5fda8055686 (patch)
tree: 575f8a65440f291d70a070d168eafca8c82a6459 /tests/units/Core/Security/AuthorizationTest.php
parent: d9ffbea174ea6524d0a22f8375ca8b3aa04a3c96 (diff)
parent: a6540bc604c837d92c9368540c145606723e97f7 (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/tests/units/Core/Security/AuthorizationTest.php b/tests/units/Core/Security/AuthorizationTest.php
new file mode 100644
index 00000000..70561ad8
--- /dev/null
+++ b/tests/units/Core/Security/AuthorizationTest.php
@@ -0,0 +1,39 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Core\Security\AccessMap;
+use Kanboard\Core\Security\Authorization;
+
+class AuthorizationTest extends Base
+{
+    public function testIsAllowed()
+    {
+        $acl = new AccessMap;
+        $acl->setDefaultRole(Role::APP_USER);
+        $acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER));
+        $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER));
+
+        $acl->add('MyController', 'myAction1', Role::APP_MANAGER);
+        $acl->add('MyController', 'myAction2', Role::APP_ADMIN);
+        $acl->add('MyManagerController', '*', Role::APP_MANAGER);
+
+        $authorization = new Authorization($acl);
+
+        $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
+        $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
+        $this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
+        $this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else'));
+
+        $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN));
+        $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER));
+        $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER));
+        $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else'));
+
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN));
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER));
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER));
+        $this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else'));
+    }
+}
author	Gerardo Zamudio <gerardozamudio@users.noreply.github.com>	2016-02-24 23:48:50 -0600
committer	Gerardo Zamudio <gerardozamudio@users.noreply.github.com>	2016-02-24 23:48:50 -0600
commit	e4de6b3898b64b26d29aff31f21df5fda8055686 (patch)
tree	575f8a65440f291d70a070d168eafca8c82a6459 /tests/units/Core/Security/AuthorizationTest.php
parent	d9ffbea174ea6524d0a22f8375ca8b3aa04a3c96 (diff)
parent	a6540bc604c837d92c9368540c145606723e97f7 (diff)