SMMP/spec/build/api/core/AuthSystemDefaultSpec.php

403 lines
11 KiB
PHP
Raw Permalink Normal View History

<?php
use Kahlan\Plugin\Stub;
use Kahlan\Plugin\Monkey;
use api\core\AuthSystemDefault;
use error\core\Err;
describe('api', function(){
describe('core', function(){
describe('AuthSystemDefault', function(){
context('Permission combination (AND, OR)', function(){
it('pass when single permission granted', function(){
$perm = [['A']];
$asd = new AuthSystemDefault();
$_SESSION['PERM'] = ['A'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('fail when \'unknown permission\' not granted', function(){
$perm = [['unknown_permission']];
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
it('pass if (A or B) and either A or B', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A'], ['B']];
$asd = new AuthSystemDefault();
/* (1) Permission A */
$_SESSION['PERM'] = ['A', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
/* (2) Permission B */
$_SESSION['PERM'] = ['B', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('fail if (A or B) and neither A nor B', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A'], ['B']];
$asd = new AuthSystemDefault();
$_SESSION['PERM'] = ['X', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
it('pass if (A and B) and A and B', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A', 'B']];
$asd = new AuthSystemDefault();
/* (1) Permission A */
$_SESSION['PERM'] = ['A', 'B', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('fail if (A and B) and only A or B', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A', 'B']];
$asd = new AuthSystemDefault();
/* (1) Permission A */
$_SESSION['PERM'] = ['A', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
/* (2) Permission B */
$_SESSION['PERM'] = ['B', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
it('pass if ((A and B) OR (C and D)) and (A and B) or (C and D)', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A', 'B'], ['C', 'D']];
$asd = new AuthSystemDefault();
/* (1) Permission A+B */
$_SESSION['PERM'] = ['A', 'B'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
/* (2) Permission C+D */
$_SESSION['PERM'] = ['C', 'D'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('fail if ((A and B) OR (C and D)) and (A and C) or (A and D)', function(){
$_SESSION = [ 'WAREHOUSE' => [ 'modules' => ['moduleA'] ] ];
// available permission
$perm = [['A', 'B'], ['C', 'D']];
$asd = new AuthSystemDefault();
/* (1) Permission A+C */
$_SESSION['PERM'] = ['A', 'C'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
/* (2) Permission A+D */
$_SESSION['PERM'] = ['A', 'D'];
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
});
context('LogAuth permissions', function(){
context('module availability', function(){
it('fail if disabled module', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1];
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE'] = [
'id' => 1,
'modules' => []
];
$err = $asd::permission('unknown_module', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::DisabledModule);
});
it('pass if enabled module', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1];
$_SESSION['WAREHOUSE'] = [
2017-09-25 22:02:01 +00:00
'id' => 1,
'modules' => ['known_module']
];
$err = $asd::permission('known_module', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('pass if default module', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1];
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE'] = [
'id' => 1,
'modules' => []
];
$err = $asd::permission('modulenameDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
});
context('permission format', function(){
it('fail if incorrect format (not array)', function(){
$perm = 'a';
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::FormatError);
});
it('fail if incorrect format (1-depth array)', function(){
$perm = ['a'];
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::FormatError);
});
});
context('single special permissions', function(){
it('fail when not \'warehouse\' granted', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
it('fail when not \'admin\' granted', function(){
$perm = [['admin']];
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::PermissionError);
});
it('fail when not \'sats\' granted', function(){
$perm = [['sats']];
$asd = new AuthSystemDefault();
$err = $asd::permission('moduleA', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::TokenError);
});
it('pass when \'warehouse\' granted', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1];
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1; // have id
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('pass when \'admin\' granted', function(){
$perm = [['admin']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2];
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('pass when \'sats\' granted', function(){
$perm = [['sats']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2, 3];
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$_SESSION['SATS']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
});
context('special permissions inclusions (admin/sats in warehouse)', function(){
it('pass when \'warehouse\' required and have \'admin\'', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2]; // 2 = admin
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('pass when \'warehouse\' required and have \'sats\'', function(){
$perm = [['warehouse']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2, 3]; // 2 = sats
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$_SESSION['SATS']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('fail when \'admin\' required and have \'sats\'', function(){
$perm = [['admin']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2, 3]; // 2 = sats
2017-09-25 22:02:01 +00:00
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$_SESSION['SATS']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->not->toBe(Err::Success);
});
2017-09-25 22:02:01 +00:00
it('pass when (\'admin\' OR \'sats\') required and have only \'admin\'', function(){
$perm = [['admin'], ['sats']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2]; // 2 = admin
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
2017-09-25 22:02:01 +00:00
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
it('pass when (\'admin\' OR \'sats\') required and have only \'sats\'', function(){
$perm = [['admin'], ['sats']];
$asd = new AuthSystemDefault();
$_SESSION['AUTH'] = [1, 2, 3]; // 2 = sats
$_SESSION['WAREHOUSE']['id'] = 1;
$_SESSION['ADMIN']['id'] = 1;
$_SESSION['SATS']['id'] = 1;
$err = $asd::permission('fetchDefault', $perm);
2017-09-25 22:02:01 +00:00
expect($err)->toBeAnInstanceOf('error\\core\\Error');
expect($err->get())->toBe(Err::Success);
});
});
});
});
});
});