diff options
Diffstat (limited to 'tests/units/Core')
-rw-r--r-- | tests/units/Core/Security/AccessMapTest.php | 22 | ||||
-rw-r--r-- | tests/units/Core/Security/AuthorizationTest.php | 28 |
2 files changed, 50 insertions, 0 deletions
diff --git a/tests/units/Core/Security/AccessMapTest.php b/tests/units/Core/Security/AccessMapTest.php new file mode 100644 index 00000000..ab74e036 --- /dev/null +++ b/tests/units/Core/Security/AccessMapTest.php @@ -0,0 +1,22 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Security\AccessMap; + +class AccessMapTest extends Base +{ + public function testGetRoles() + { + $acl = new AccessMap; + $acl->setDefaultRole('role3'); + $acl->add('MyController', 'myAction1', array('role1', 'role2')); + $acl->add('MyController', 'myAction2', array('role1')); + $acl->add('MyAdminController', '*', array('role2')); + + $this->assertEquals(array('role1', 'role2'), $acl->getRoles('mycontroller', 'MyAction1')); + $this->assertEquals(array('role1'), $acl->getRoles('mycontroller', 'MyAction2')); + $this->assertEquals(array('role2'), $acl->getRoles('Myadmincontroller', 'MyAction')); + $this->assertEquals(array('role3'), $acl->getRoles('AnotherController', 'ActionNotFound')); + } +} diff --git a/tests/units/Core/Security/AuthorizationTest.php b/tests/units/Core/Security/AuthorizationTest.php new file mode 100644 index 00000000..ffeb3741 --- /dev/null +++ b/tests/units/Core/Security/AuthorizationTest.php @@ -0,0 +1,28 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Security\Role; +use Kanboard\Core\Security\AccessMap; +use Kanboard\Core\Security\Authorization; + +class AuthorizationTest extends Base +{ + public function testIsAllowed() + { + $acl = new AccessMap; + $acl->setDefaultRole(Role::APP_USER); + $acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER)); + $acl->add('MyController', 'myAction2', array(Role::APP_ADMIN)); + $acl->add('MyAdminController', '*', array(Role::APP_MANAGER)); + + $authorization = new Authorization($acl); + $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN)); + $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER)); + $this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER)); + $this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER)); + $this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER)); + $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN)); + $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else')); + } +} |