forked from fa/breadcrumb-the-shire
99 lines
5.4 KiB
PHP
99 lines
5.4 KiB
PHP
|
|
<?php
|
||
|
|
|
||
|
|
namespace MintyPHP\Tests\Architecture;
|
||
|
|
|
||
|
|
use PHPUnit\Framework\TestCase;
|
||
|
|
|
||
|
|
class AuthzAdminUsersContractTest extends TestCase
|
||
|
|
{
|
||
|
|
use ProjectFileAssertionSupport;
|
||
|
|
|
||
|
|
public function testUsersDataActionRequiresUsersViewPermission(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/data().php');
|
||
|
|
$this->assertStringContainsString('Guard::requireLogin();', $content);
|
||
|
|
$this->assertStringContainsString('Guard::requireAbilityOrForbidden(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW);', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW', $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testUsersExportActionRequiresUsersViewPermission(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/export().php');
|
||
|
|
$this->assertStringContainsString('Guard::requireLogin();', $content);
|
||
|
|
$this->assertStringContainsString('AuthorizationService::class', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW', $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testUsersActivateActionRequiresUsersUpdatePermission(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/activate($id).php');
|
||
|
|
$this->assertStringContainsString('AuthorizationService::class', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACTIVATE', $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testUsersDeactivateActionRequiresUsersUpdatePermission(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/deactivate($id).php');
|
||
|
|
$this->assertStringContainsString('AuthorizationService::class', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_DEACTIVATE', $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testUsersBulkActionPermissionMappingIsConsistent(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/bulk($action).php');
|
||
|
|
$this->assertStringContainsString('AuthorizationService::class', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_BULK', $content);
|
||
|
|
$this->assertStringContainsString("'bulk_action' => \$action", $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testAdditionalAdminUserActionsUseCentralPolicy(): void
|
||
|
|
{
|
||
|
|
$indexContent = $this->readProjectFile('pages/admin/users/index().php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW', $indexContent);
|
||
|
|
|
||
|
|
$createContent = $this->readProjectFile('pages/admin/users/create().php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_CREATE', $createContent);
|
||
|
|
|
||
|
|
$deleteContent = $this->readProjectFile('pages/admin/users/delete($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_DELETE', $deleteContent);
|
||
|
|
|
||
|
|
$accessPdfContent = $this->readProjectFile('pages/admin/users/access-pdf($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF', $accessPdfContent);
|
||
|
|
|
||
|
|
$accessPdfBulkContent = $this->readProjectFile('pages/admin/users/access-pdf-bulk().php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF_BULK', $accessPdfBulkContent);
|
||
|
|
|
||
|
|
$tokenCreateContent = $this->readProjectFile('pages/admin/users/api-token-create($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE', $tokenCreateContent);
|
||
|
|
|
||
|
|
$tokenRevokeContent = $this->readProjectFile('pages/admin/users/api-token-revoke($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE', $tokenRevokeContent);
|
||
|
|
|
||
|
|
$sendAccessContent = $this->readProjectFile('pages/admin/users/send-access($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_SEND_ACCESS', $sendAccessContent);
|
||
|
|
|
||
|
|
$forgetTokensContent = $this->readProjectFile('pages/admin/users/forget-tokens($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_FORGET_TOKENS', $forgetTokensContent);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testAdminUserEditUsesContextAndSubmitPolicies(): void
|
||
|
|
{
|
||
|
|
$content = $this->readProjectFile('pages/admin/users/edit($id).php');
|
||
|
|
$this->assertStringContainsString('AuthorizationService::class', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_EDIT_CONTEXT', $content);
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_EDIT_SUBMIT', $content);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testAdminUserAvatarEndpointsUseCentralPolicies(): void
|
||
|
|
{
|
||
|
|
$uploadContent = $this->readProjectFile('pages/admin/users/avatar($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_UPLOAD', $uploadContent);
|
||
|
|
|
||
|
|
$deleteContent = $this->readProjectFile('pages/admin/users/avatar-delete($id).php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_DELETE', $deleteContent);
|
||
|
|
|
||
|
|
$viewContent = $this->readProjectFile('pages/admin/users/avatar-file().php');
|
||
|
|
$this->assertStringContainsString('UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_VIEW', $viewContent);
|
||
|
|
}
|
||
|
|
}
|