From 2b711fe45fb2fc12c0c87fa2b076bbf3e2b06d92 Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Thu, 10 Sep 2009 06:34:40 +0000
Subject: [PATCH] MINOR Added ControllerTest for $allowed_actions with
 permission codes, switched this class to extend FunctionalTest and use get()
 instead of Director:;test() for this purpose (better login/session mocking
 capabilities)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86083 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 tests/ControllerTest.php | 36 +++++++++++++++++++++++-------------
 tests/ControllerTest.yml | 11 +++++++++++
 2 files changed, 34 insertions(+), 13 deletions(-)
 create mode 100644 tests/ControllerTest.yml

diff --git a/tests/ControllerTest.php b/tests/ControllerTest.php
index 7102eb220..1e66139a9 100644
--- a/tests/ControllerTest.php
+++ b/tests/ControllerTest.php
@@ -1,60 +1,70 @@
 <?php
 
-class ControllerTest extends SapphireTest {
-	static $fixture_file = null;
+class ControllerTest extends FunctionalTest {
+	static $fixture_file = 'sapphire/tests/ControllerTest.yml';
 	
 	function testDefaultAction() {
 		/* For a controller with a template, the default action will simple run that template. */
-		$response = Director::test("ControllerTest_Controller/");
+		$response = $this->get("ControllerTest_Controller/");
 		$this->assertRegExp("/This is the main template. Content is 'default content'/", $response->getBody());
 	}
 	
 	function testMethodActions() {
 		/* The Action can refer to a method that is called on the object.  If a method returns an array, then it will be 
 		used to customise the template data */
-		$response = Director::test("ControllerTest_Controller/methodaction");
+		$response = $this->get("ControllerTest_Controller/methodaction");
 		$this->assertRegExp("/This is the main template. Content is 'methodaction content'./", $response->getBody());
 		
 		/* If the method just returns a string, then that will be used as the response */
-		$response = Director::test("ControllerTest_Controller/stringaction");
+		$response = $this->get("ControllerTest_Controller/stringaction");
 		$this->assertRegExp("/stringaction was called./", $response->getBody());
 	}
 	
 	function testTemplateActions() {
 		/* If there is no method, it can be used to point to an alternative template. */
-		$response = Director::test("ControllerTest_Controller/templateaction");
+		$response = $this->get("ControllerTest_Controller/templateaction");
 		$this->assertRegExp("/This is the template for templateaction. Content is 'default content'./", $response->getBody());
 	}
 
 	function testAllowedActions() {
-		$response = Director::test("ControllerTest_SecuredController/methodaction");
+		$adminUser = $this->objFromFixture('Member', 'admin');
+		
+		$response = $this->get("ControllerTest_SecuredController/methodaction");
 		$this->assertEquals(200, $response->getStatusCode());
 		
-		$response = Director::test("ControllerTest_SecuredController/stringaction");
+		$response = $this->get("ControllerTest_SecuredController/stringaction");
 		$this->assertEquals(403, $response->getStatusCode());
 
-		$response = Director::test("ControllerTest_SecuredController/adminonly");
+		$response = $this->get("ControllerTest_SecuredController/adminonly");
 		$this->assertEquals(403, $response->getStatusCode());
 		
-		$response = Director::test('ControllerTest_UnsecuredController/stringaction');
+		$response = $this->get('ControllerTest_UnsecuredController/stringaction');
 		$this->assertEquals(200, $response->getStatusCode(), 
 			"test that a controller without a specified allowed_actions allows actions through"
 		);
 		
-		$response = Director::test("ControllerTest_FullSecuredController/index");
+		$response = $this->get("ControllerTest_FullSecuredController/index");
 		$this->assertEquals(403, $response->getStatusCode(),
 			"Actions can be globally disallowed by using asterisk (*) for index method"
 		);
 		
-		$response = Director::test("ControllerTest_FullSecuredController/adminonly");
+		$response = $this->get("ControllerTest_FullSecuredController/adminonly");
 		$this->assertEquals(403, $response->getStatusCode(),
 			"Actions can be globally disallowed by using asterisk (*) instead of a method name"
 		);
 		
-		$response = Director::test("ControllerTest_FullSecuredController/unsecuredaction");
+		$response = $this->get("ControllerTest_FullSecuredController/unsecuredaction");
 		$this->assertEquals(200, $response->getStatusCode(),
 			"Actions can be overridden to be allowed if globally disallowed by using asterisk (*)"
 		);
+		
+		$this->session()->inst_set('loggedInAs', $adminUser->ID);
+		$response = $this->get("ControllerTest_SecuredController/adminonly");
+		$this->assertEquals(
+			200, 
+			$response->getStatusCode(), 
+			"Permission codes are respected when set in \$allowed_actions"
+		);
 	}
 	
 	/**
diff --git a/tests/ControllerTest.yml b/tests/ControllerTest.yml
new file mode 100644
index 000000000..4ad6b9820
--- /dev/null
+++ b/tests/ControllerTest.yml
@@ -0,0 +1,11 @@
+Permission:
+    admin:
+        Code: ADMIN
+Group:
+    admins:
+        Code: admins
+        Permissions: =>Permission.admin
+Member:
+    admin:
+        Email: admin@test.com
+        Groups: =>Group.admins
\ No newline at end of file