logauth
/
SMMP
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[kahlan:api/core/Request] tests + fixed Request + fixed AuthSystemDefault

This commit is contained in:
xdrm-brackets 2017-09-20 14:47:17 +02:00
parent 9f06f906d1
commit 3c61e63af1
3 changed files with 221 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
build/api/core/AuthSystemDefault.php
View File

@ -175,6 +175,8 @@
*/ */
public static function permission($module, $expected){ public static function permission($module, $expected){
$error_propag = [];
/* [1] Check format -> if not array of array(s) -> ERROR /* [1] Check format -> if not array of array(s) -> ERROR
=========================================================*/ =========================================================*/
/* (1) If not array of array(s) -> ERROR*/ /* (1) If not array of array(s) -> ERROR*/
@ -188,7 +190,8 @@
foreach($expected as $permission_group){ foreach($expected as $permission_group){
/* If granted -> don't go further */ /* If granted -> don't go further */
if( self::check_permission_group($module, $permission_group) == Err::Success ) $error_propag[]= self::check_permission_group($module, $permission_group);
if( $error_propag[count($error_propag)-1] == Err::Success )
return new Error(Err::Success); return new Error(Err::Success);
} }
@ -196,6 +199,9 @@
/* [3] By default return `PermissionError` /* [3] By default return `PermissionError`
=========================================================*/ =========================================================*/
if( count($error_propag) > 0 )
return new Error($error_propag[count($error_propag)-1]);
return new Error(Err::PermissionError); return new Error(Err::PermissionError);
} }
@ -204,7 +210,7 @@
/* VERIFICATION DES ACCES EN FONCTION DE PERMISSIONS ATTENDUES /* VERIFICATION DES ACCES EN FONCTION DE PERMISSIONS ATTENDUES
* *
* @module<String> Module concerné * @module<String> Module concerné

4
build/api/core/Request.php
View File

@ -156,6 +156,8 @@
/* (2) Store instance */ /* (2) Store instance */
self::$authsystem = $instance; self::$authsystem = $instance;
return true;
} }
@ -482,7 +484,7 @@
// try to load default AuthSystem // try to load default AuthSystem
if( !file_exists(__BUILD__.'/api/core/AuthSystemDefault.php') ) if( !file_exists(__BUILD__.'/api/core/AuthSystemDefault.php') )
return false; return $this->error->set(Err::UnreachableResource);
// load default AuthSystem class // load default AuthSystem class
$classname = '\\api\\core\\AuthSystemDefault'; $classname = '\\api\\core\\AuthSystemDefault';

210
spec/build/api/core/RequestSpec.php
View File

@ -4,6 +4,8 @@
use Kahlan\Plugin\Monkey; use Kahlan\Plugin\Monkey;
use api\core\Request; use api\core\Request;
use api\core\AuthSystem;
use api\core\AuthSystemDefault;
use error\core\Error; use error\core\Error;
use error\core\Err; use error\core\Err;
@ -43,6 +45,28 @@
}); });
describe('setAuthSystem(@instance)', function(){
it('pass when instance of AuthSystem', function(){
$instance = new AuthSystemDefault();
expect($instance)->toBeAnInstanceOf('api\core\AuthSystem');
expect(Request::setAuthSystem($instance))->toBeTruthy();
});
it('fail when not instance of AuthSystem', function(){
$instance = new Error(Err::Success);
expect($instance)->not->toBeAnInstanceOf('api\core\AuthSystem');
expect(Request::setAuthSystem($instance))->toBeFalsy();
});
});
describe('__construct(@path, @params)', function(){ describe('__construct(@path, @params)', function(){
context('with argument combinations', function(){ context('with argument combinations', function(){
@ -279,6 +303,192 @@
}); });
it('pass all right', function(){
// bypass all checks
allow(Request::class)->toReceive('checkPermission')->andReturn(true);
allow(Request::class)->toReceive('checkParams')->andReturn(true);
// bypass buildOptions();
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'mo-du_leA' => [ 'POST::me-th_odA' => [] ],
'moduleB' => []
]);
$req = new Request('mo-du_leA/me-th_odA');
expect($req->error->get())->toBe(Err::Success);
});
});
describe('checkPermission()', function(){
it('pass when no permission', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => []
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('pass when permission is not an array', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => 23.2
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('fail if no AuthSystem and no api/core/AuthSystemDefault.php', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('file_exists')->toBeCalled()->andReturn(false);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => []
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::UnreachableResource);
});
it('pass if no AuthSystem and the api/core/AuthSystemDefault.php', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => []
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('fail if incorrect format', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => ['a']
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::FormatError);
});
it('fail when not \'warehouse\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['warehouse']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
it('fail when not \'admin\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['admin']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
it('fail when not \'sats\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['sats']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::TokenError);
});
it('fail when not \'unknown permission\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['unk']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
}); });