1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
<?php
require_once __DIR__.'/../../Base.php';
use Kanboard\Core\Security\Role;
use Kanboard\Core\Security\AccessMap;
use Kanboard\Core\Security\Authorization;
class AuthorizationTest extends Base
{
public function testIsAllowed()
{
$acl = new AccessMap;
$acl->setDefaultRole(Role::APP_USER);
$acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER));
$acl->add('MyController', 'myAction2', array(Role::APP_ADMIN));
$acl->add('MyAdminController', '*', array(Role::APP_MANAGER));
$authorization = new Authorization($acl);
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
$this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER));
$this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN));
$this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else'));
}
}
|