silverstripe-framework/tests/php/Security/PermissionRoleTest.php

<?php

namespace SilverStripe\Security\Tests;

use SilverStripe\ORM\DataObject;
use SilverStripe\Security\PermissionRole;
use SilverStripe\Security\PermissionRoleCode;
use SilverStripe\Dev\FunctionalTest;

class PermissionRoleTest extends FunctionalTest
{
    protected static $fixture_file = 'PermissionRoleTest.yml';

    public function testDelete()
    {
        $role = $this->objFromFixture(PermissionRole::class, 'role');

        $role->delete();

        $this->assertEquals(
            0,
            DataObject::get(PermissionRole::class, "\"ID\"={$role->ID}")->count(),
            'Role is removed'
        );
        $this->assertEquals(
            0,
            DataObject::get(PermissionRoleCode::class, "\"RoleID\"={$role->ID}")->count(),
            'Permissions removed along with the role'
        );
    }

    public function testValidatesPrivilegedPermissions()
    {
        $nonAdminCode = new PermissionRoleCode(['Code' => 'CMS_ACCESS_CMSMain']);
        $adminCode = new PermissionRoleCode(['Code' => 'ADMIN']);

        $this->logInWithPermission('APPLY_ROLES');
        $result = $nonAdminCode->validate();
        $this->assertTrue(
            $result->isValid(),
            'Members with only APPLY_ROLES can create non-privileged permission role codes'
        );

        $this->logInWithPermission('APPLY_ROLES');
        $result = $adminCode->validate();
        $this->assertFalse(
            $result->isValid(),
            'Members with only APPLY_ROLES can\'t create privileged permission role codes'
        );

        $this->logInWithPermission('ADMIN');
        $result = $adminCode->validate();
        $this->assertTrue(
            $result->isValid(),
            'Members with ADMIN can create privileged permission role codes'
        );
    }
}
FEATURE: added several tests for PermissionCheckboxSetField, PermissionRole and Group (from r94887) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95629 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-12-16 06:43:59 +01:00			`<?php`
API Apply Framework\ORM Namespace to model 2016-06-15 06:03:16 +02:00
API Namespace framework tests 2016-10-14 03:30:05 +02:00			`namespace SilverStripe\Security\Tests;`

API Apply Framework\ORM Namespace to model 2016-06-15 06:03:16 +02:00			`use SilverStripe\ORM\DataObject;`
API Namespace framework tests 2016-10-14 03:30:05 +02:00			`use SilverStripe\Security\PermissionRole;`
API Apply Framework\Security namespace 2016-06-23 01:37:22 +02:00			`use SilverStripe\Security\PermissionRoleCode;`
API Namespace all classes Namespace all templates Move difflib and BBCodeParser2 to thirdparty Remove deprecated API marked for removal in 4.0 2016-08-19 00:51:35 +02:00			`use SilverStripe\Dev\FunctionalTest;`

Apply PSR2 / Namespace to remaining admin / tests 2016-12-16 05:34:21 +01:00			`class PermissionRoleTest extends FunctionalTest`
			`{`
			`protected static $fixture_file = 'PermissionRoleTest.yml';`

			`public function testDelete()`
			`{`
			`$role = $this->objFromFixture(PermissionRole::class, 'role');`

			`$role->delete();`

			`$this->assertEquals(`
			`0,`
			`DataObject::get(PermissionRole::class, "\"ID\"={$role->ID}")->count(),`
			`'Role is removed'`
			`);`
			`$this->assertEquals(`
			`0,`
			`DataObject::get(PermissionRoleCode::class, "\"RoleID\"={$role->ID}")->count(),`
			`'Permissions removed along with the role'`
			`);`
			`}`

			`public function testValidatesPrivilegedPermissions()`
			`{`
Convert array delcarations to short array syntax 2020-04-20 19:58:09 +02:00			`$nonAdminCode = new PermissionRoleCode(['Code' => 'CMS_ACCESS_CMSMain']);`
			`$adminCode = new PermissionRoleCode(['Code' => 'ADMIN']);`
Apply PSR2 / Namespace to remaining admin / tests 2016-12-16 05:34:21 +01:00
			`$this->logInWithPermission('APPLY_ROLES');`
			`$result = $nonAdminCode->validate();`
			`$this->assertTrue(`
			`$result->isValid(),`
			`'Members with only APPLY_ROLES can create non-privileged permission role codes'`
			`);`

			`$this->logInWithPermission('APPLY_ROLES');`
			`$result = $adminCode->validate();`
			`$this->assertFalse(`
			`$result->isValid(),`
			`'Members with only APPLY_ROLES can\'t create privileged permission role codes'`
			`);`

			`$this->logInWithPermission('ADMIN');`
			`$result = $adminCode->validate();`
			`$this->assertTrue(`
			`$result->isValid(),`
			`'Members with ADMIN can create privileged permission role codes'`
			`);`
			`}`
FEATURE: added several tests for PermissionCheckboxSetField, PermissionRole and Group (from r94887) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@95629 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-12-16 06:43:59 +01:00			`}`