Rewrite of the authentication and authorization system

2015-12-05 20:31:27 -05:00
parent 346b8312e5
commit e9fedf3e5c
255 changed files with 14114 additions and 9820 deletions
--- a/tests/units/Core/Security/AuthorizationTest.php
+++ b/tests/units/Core/Security/AuthorizationTest.php
@@ -12,17 +12,28 @@ class AuthorizationTest extends Base
    {
        $acl = new AccessMap;
        $acl->setDefaultRole(Role::APP_USER);
-        $acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER));
-        $acl->add('MyController', 'myAction2', array(Role::APP_ADMIN));
-        $acl->add('MyAdminController', '*', array(Role::APP_MANAGER));
+        $acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER));
+        $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER));
+
+        $acl->add('MyController', 'myAction1', Role::APP_MANAGER);
+        $acl->add('MyController', 'myAction2', Role::APP_ADMIN);
+        $acl->add('MyManagerController', '*', Role::APP_MANAGER);

        $authorization = new Authorization($acl);
+
        $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
        $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
        $this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
-        $this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER));
-        $this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER));
-        $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN));
-        $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else'));
+        $this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else'));
+
+        $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN));
+        $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER));
+        $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER));
+        $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else'));
+
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN));
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER));
+        $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER));
+        $this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else'));
    }
 }