summaryrefslogtreecommitdiff
path: root/tests/units/Core/Security/AuthorizationTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/units/Core/Security/AuthorizationTest.php')
-rw-r--r--tests/units/Core/Security/AuthorizationTest.php25
1 files changed, 18 insertions, 7 deletions
diff --git a/tests/units/Core/Security/AuthorizationTest.php b/tests/units/Core/Security/AuthorizationTest.php
index ffeb3741..70561ad8 100644
--- a/tests/units/Core/Security/AuthorizationTest.php
+++ b/tests/units/Core/Security/AuthorizationTest.php
@@ -12,17 +12,28 @@ class AuthorizationTest extends Base
{
$acl = new AccessMap;
$acl->setDefaultRole(Role::APP_USER);
- $acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER));
- $acl->add('MyController', 'myAction2', array(Role::APP_ADMIN));
- $acl->add('MyAdminController', '*', array(Role::APP_MANAGER));
+ $acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER));
+ $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER));
+
+ $acl->add('MyController', 'myAction1', Role::APP_MANAGER);
+ $acl->add('MyController', 'myAction2', Role::APP_ADMIN);
+ $acl->add('MyManagerController', '*', Role::APP_MANAGER);
$authorization = new Authorization($acl);
+
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
- $this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER));
- $this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER));
- $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN));
- $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else'));
+ $this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else'));
+
+ $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN));
+ $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER));
+ $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER));
+ $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else'));
+
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN));
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER));
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER));
+ $this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else'));
}
}
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-26 14:02:53 +0000