tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Test $allowed_actions on controllers with template name=action conventions

Browse Source
This commit is contained in:
Ingo Schommer 2013-06-10 11:51:35 +02:00
parent c45ae00d01
commit 71a5615213
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
tests/control/ControllerTest.php
View File

@ -55,6 +55,20 @@ class ControllerTest extends FunctionalTest {
'even if action is unsecured on parent class' 'even if action is unsecured on parent class'
); );
$response = $this->get("ControllerTest_AccessSecuredController/templateaction");
$this->assertEquals(403, $response->getStatusCode(),
'Access denied on action with $allowed_actions on defining controller, ' .
'if action is not a method but rather a template discovered by naming convention'
);
$this->session()->inst_set('loggedInAs', $adminUser->ID);
$response = $this->get("ControllerTest_AccessSecuredController/templateaction");
$this->assertEquals(200, $response->getStatusCode(),
'Access granted for logged in admin on action with $allowed_actions on defining controller, ' .
'if action is not a method but rather a template discovered by naming convention'
);
$this->session()->inst_set('loggedInAs', null);
$response = $this->get("ControllerTest_AccessSecuredController/adminonly"); $response = $this->get("ControllerTest_AccessSecuredController/adminonly");
$this->assertEquals(403, $response->getStatusCode(), $this->assertEquals(403, $response->getStatusCode(),
'Access denied on action with $allowed_actions on defining controller, ' . 'Access denied on action with $allowed_actions on defining controller, ' .
@ -296,6 +310,12 @@ class ControllerTest_AccessSecuredController extends ControllerTest_AccessBaseCo
static $allowed_actions = array( static $allowed_actions = array(
"onlysecuredinsubclassaction" => 'ADMIN', "onlysecuredinsubclassaction" => 'ADMIN',
"adminonly" => "ADMIN", "adminonly" => "ADMIN",
// Defined as ControllerTest_templateaction
'templateaction' => 'ADMIN'
);
protected $templates = array(
'templateaction' => 'ControllerTest_templateaction'
); );
// Accessible by ADMIN only // Accessible by ADMIN only
@ -315,6 +335,7 @@ class ControllerTest_AccessSecuredController extends ControllerTest_AccessBaseCo
public function adminonly() { public function adminonly() {
return "You must be an admin!"; return "You must be an admin!";
} }
} }
/** /**