Files
breadcrumb-the-shire/tests/Service/Access/AuthorizationServiceTest.php

75 lines
2.6 KiB
PHP
Raw Normal View History

<?php
namespace MintyPHP\Tests\Service\Access;
use MintyPHP\Service\Access\AuthorizationDecision;
use MintyPHP\Service\Access\AuthorizationPolicyInterface;
use MintyPHP\Service\Access\AuthorizationService;
use PHPUnit\Framework\TestCase;
class AuthorizationServiceTest extends TestCase
{
public function testReturnsPolicyDecisionForSupportedAbility(): void
{
2026-03-05 11:17:42 +01:00
$policy = new class () implements AuthorizationPolicyInterface {
public function supports(string $ability): bool
{
return $ability === 'users.test';
}
public function authorize(string $ability, array $context = []): AuthorizationDecision
{
return AuthorizationDecision::allow(['ability' => $ability, 'context' => $context]);
}
};
$service = new AuthorizationService([$policy]);
$decision = $service->authorize('users.test', ['actor_user_id' => 12]);
$this->assertTrue($decision->isAllowed());
$this->assertSame('users.test', $decision->attribute('ability'));
$this->assertSame(['actor_user_id' => 12], $decision->attribute('context'));
}
public function testReturnsMissingPolicyDecisionWhenAbilityIsUnknown(): void
{
2026-03-05 11:17:42 +01:00
$policy = new class () implements AuthorizationPolicyInterface {
public function supports(string $ability): bool
{
return false;
}
public function authorize(string $ability, array $context = []): AuthorizationDecision
{
return AuthorizationDecision::allow();
}
};
$service = new AuthorizationService([$policy]);
$decision = $service->authorize('unknown.ability');
$this->assertFalse($decision->isAllowed());
$this->assertSame(500, $decision->status());
$this->assertSame('authorization_policy_missing', $decision->error());
}
2026-03-04 15:56:58 +01:00
public function testAllowReturnsBoolDecisionShortcut(): void
{
2026-03-05 11:17:42 +01:00
$policy = new class () implements AuthorizationPolicyInterface {
2026-03-04 15:56:58 +01:00
public function supports(string $ability): bool
{
return $ability === 'users.test';
}
public function authorize(string $ability, array $context = []): AuthorizationDecision
{
return AuthorizationDecision::allow();
}
};
$service = new AuthorizationService([$policy]);
$this->assertTrue($service->allow('users.test', ['actor_user_id' => 7]));
$this->assertFalse($service->allow('users.unknown', ['actor_user_id' => 7]));
}
}