tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Added test for new permission code. (from r97897)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102550 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-13 01:42:50 +00:00
parent 22fde45409
commit 9a04ca62d2
2 changed files with 30 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/control/ContentController.php
View File

@ -109,9 +109,11 @@ class ContentController extends Controller {
if($this->dataRecord && $this->URLSegment != 'Security' && !$this->dataRecord->can('View')) { if($this->dataRecord && $this->URLSegment != 'Security' && !$this->dataRecord->can('View')) {
return Security::permissionFailure($this); return Security::permissionFailure($this);
} }
var_dump(Versioned::current_stage());
// Draft/Archive security check - only CMS users should be able to look at stage/archived content // Draft/Archive security check - only CMS users should be able to look at stage/archived content
if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) { if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) {
var_dump($this->URLSegment);
var_dump($this->dataRecord->canViewStage(Versioned::current_stage()));
if(!$this->dataRecord->canViewStage(Versioned::current_stage())) { if(!$this->dataRecord->canViewStage(Versioned::current_stage())) {
$link = $this->Link(); $link = $this->Link();
$message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>'); $message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>');

39
tests/control/ContentControllerTest.php
View File

@ -12,53 +12,54 @@ class ContentControllerTest extends FunctionalTest {
/** /**
* Test that nested pages, basic actions, and nested/non-nested URL switching works properly * Test that nested pages, basic actions, and nested/non-nested URL switching works properly
*/ */
public function testNestedPages() { public function testNestedPages() {
RootURLController::reset(); RootURLController::reset();
SiteTree::enable_nested_urls(); SiteTree::enable_nested_urls();
$this->assertEquals('Home Page', $this->get('/')->getBody()); $this->assertEquals('Home Page', $this->get('/')->getBody());
$this->assertEquals('Home Page', $this->get('/home/index/')->getBody()); $this->assertEquals('Home Page', $this->get('/home/index/')->getBody());
$this->assertEquals('Home Page', $this->get('/home/second-index/')->getBody()); $this->assertEquals('Home Page', $this->get('/home/second-index/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/home/second-level/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/home/second-level/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/home/second-level/index/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/home/second-level/index/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/home/second-level/second-index/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/home/second-level/second-index/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/index/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/index/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/second-index/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/home/second-level/third-level/second-index/')->getBody());
RootURLController::reset(); RootURLController::reset();
SiteTree::disable_nested_urls(); SiteTree::disable_nested_urls();
$this->assertEquals('Home Page', $this->get('/')->getBody()); $this->assertEquals('Home Page', $this->get('/')->getBody());
$this->assertEquals('Home Page', $this->get('/home/')->getBody()); $this->assertEquals('Home Page', $this->get('/home/')->getBody());
$this->assertEquals('Home Page', $this->get('/home/second-index/')->getBody()); $this->assertEquals('Home Page', $this->get('/home/second-index/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/second-level/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/second-level/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/second-level/index/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/second-level/index/')->getBody());
$this->assertEquals('Second Level Page', $this->get('/second-level/second-index/')->getBody()); $this->assertEquals('Second Level Page', $this->get('/second-level/second-index/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/third-level/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/third-level/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/third-level/index/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/third-level/index/')->getBody());
$this->assertEquals('Third Level Page', $this->get('/third-level/second-index/')->getBody()); $this->assertEquals('Third Level Page', $this->get('/third-level/second-index/')->getBody());
} }
/** /**
* Tests {@link ContentController::ChildrenOf()} * Tests {@link ContentController::ChildrenOf()}
*/ */
public function testChildrenOf() { public function testChildrenOf() {
$controller = new ContentController(); $controller = new ContentController();
SiteTree::enable_nested_urls(); SiteTree::enable_nested_urls();
$this->assertEquals(1, $controller->ChildrenOf('/')->Count()); $this->assertEquals(1, $controller->ChildrenOf('/')->Count());
$this->assertEquals(1, $controller->ChildrenOf('/home/')->Count()); $this->assertEquals(1, $controller->ChildrenOf('/home/')->Count());
$this->assertEquals(2, $controller->ChildrenOf('/home/second-level/')->Count()); $this->assertEquals(2, $controller->ChildrenOf('/home/second-level/')->Count());
$this->assertEquals(0, $controller->ChildrenOf('/home/second-level/third-level/')->Count()); $this->assertEquals(0, $controller->ChildrenOf('/home/second-level/third-level/')->Count());
SiteTree::disable_nested_urls(); SiteTree::disable_nested_urls();
$this->assertEquals(1, $controller->ChildrenOf('/')->Count()); $this->assertEquals(1, $controller->ChildrenOf('/')->Count());
$this->assertEquals(1, $controller->ChildrenOf('/home/')->Count()); $this->assertEquals(1, $controller->ChildrenOf('/home/')->Count());
$this->assertEquals(2, $controller->ChildrenOf('/second-level/')->Count()); $this->assertEquals(2, $controller->ChildrenOf('/second-level/')->Count());
@ -89,6 +90,20 @@ class ContentControllerTest extends FunctionalTest {
SiteTree::disable_nested_urls(); SiteTree::disable_nested_urls();
} }
public function testViewDraft(){
// test when user does not have permission, should get login form
$this->logInWithPermssion('editor');
$this->assertEquals('403', $this->get('/contact/?stage=Stage')->getstatusCode());
// test when user does have permission, should show page title and header ok.
$this->logInWithPermssion('admin');
$this->assertEquals('200', $this->get('/contact/?stage=Stage')->getstatusCode());
}
} }
class ContentControllerTest_Page extends Page { } class ContentControllerTest_Page extends Page { }