2009-07-07 22:11:11 +00:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* @package blog
|
|
|
|
* @subpackage tests
|
|
|
|
*/
|
|
|
|
class BlogHolderFunctionalTest extends FunctionalTest {
|
|
|
|
|
|
|
|
static $fixture_file = 'blog/tests/BlogHolderFunctionalTest.yml';
|
|
|
|
|
|
|
|
function setUp() {
|
|
|
|
parent::setUp();
|
|
|
|
|
|
|
|
$blogHolder = $this->objFromFixture('BlogHolder', 'blogholder');
|
2009-07-08 00:33:31 +00:00
|
|
|
$blogHolder->publish('Stage', 'Live');
|
2009-07-07 22:11:11 +00:00
|
|
|
$blogEntry = $this->objFromFixture('BlogEntry', 'entry1');
|
2009-07-08 00:33:31 +00:00
|
|
|
$blogEntry->publish('Stage', 'Live');
|
2009-07-07 22:11:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function testFrontendBlogPostRequiresPermission() {
|
|
|
|
// get valid SecurityID (from comments form, would usually be copy/pasted)
|
|
|
|
$blogEntry = $this->objFromFixture('BlogEntry', 'entry1');
|
2010-04-28 11:40:25 +00:00
|
|
|
$response = $this->get($blogEntry->RelativeLink());
|
2009-07-07 22:11:11 +00:00
|
|
|
$securityID = Session::get('SecurityID');
|
|
|
|
|
|
|
|
// without login
|
|
|
|
$data = array(
|
|
|
|
'Title'=>'Disallowed',
|
|
|
|
'Author'=>'Disallowed',
|
2010-08-03 00:44:30 +00:00
|
|
|
'BlogPost'=>'Disallowed',
|
2009-07-07 22:11:11 +00:00
|
|
|
'action_postblog' => 'Post blog entry',
|
|
|
|
'SecurityID' => $securityID
|
|
|
|
);
|
|
|
|
$response = $this->post('blog/BlogEntryForm', $data);
|
2010-03-31 23:14:52 +00:00
|
|
|
$this->assertFalse(DataObject::get_one('BlogEntry', sprintf("\"Title\" = 'Disallowed'")));
|
2009-07-07 22:11:11 +00:00
|
|
|
|
|
|
|
// with login
|
|
|
|
$blogEditor = $this->objFromFixture('Member', 'blog_editor');
|
2009-09-10 07:04:40 +00:00
|
|
|
$this->session()->inst_set('loggedInAs', $blogEditor->ID);
|
|
|
|
Permission::flush_permission_cache();
|
2009-07-07 22:11:11 +00:00
|
|
|
$data = array(
|
|
|
|
'Title'=>'Allowed',
|
|
|
|
'Author'=>'Allowed',
|
2010-08-03 00:44:30 +00:00
|
|
|
'BlogPost'=>'Allowed',
|
2009-07-07 22:11:11 +00:00
|
|
|
'action_postblog' => 'Post blog entry',
|
|
|
|
'SecurityID' => $securityID
|
|
|
|
);
|
|
|
|
$response = $this->post('blog/BlogEntryForm', $data);
|
2009-09-10 07:04:40 +00:00
|
|
|
|
2012-05-19 14:26:55 +12:00
|
|
|
$this->assertInstanceOf('BlogEntry', DataObject::get_one('BlogEntry', sprintf("\"Title\" = 'Allowed'")));
|
2009-07-07 22:11:11 +00:00
|
|
|
}
|
2010-04-28 11:40:25 +00:00
|
|
|
}
|