* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Security\Core\Tests\Authorization; use PHPUnit\Framework\TestCase; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManager; use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface; use Symfony\Component\Security\Core\Exception\LogicException; use Symfony\Component\Security\Core\Tests\Authorization\Stub\VoterWithoutInterface; class AccessDecisionManagerTest extends TestCase { /** * @expectedException \InvalidArgumentException */ public function testSetUnsupportedStrategy() { new AccessDecisionManager(array($this->getVoter(VoterInterface::ACCESS_GRANTED)), 'fooBar'); } /** * @dataProvider getStrategyTests */ public function testStrategies($strategy, $voters, $allowIfAllAbstainDecisions, $allowIfEqualGrantedDeniedDecisions, $expected) { $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); $manager = new AccessDecisionManager($voters, $strategy, $allowIfAllAbstainDecisions, $allowIfEqualGrantedDeniedDecisions); $this->assertSame($expected, $manager->decide($token, array('ROLE_FOO'))); } /** * @dataProvider getStrategiesWith2RolesTests */ public function testStrategiesWith2Roles($token, $strategy, $voter, $expected) { $manager = new AccessDecisionManager(array($voter), $strategy); $this->assertSame($expected, $manager->decide($token, array('ROLE_FOO', 'ROLE_BAR'))); } public function getStrategiesWith2RolesTests() { $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); return array( array($token, 'affirmative', $this->getVoter(VoterInterface::ACCESS_DENIED), false), array($token, 'affirmative', $this->getVoter(VoterInterface::ACCESS_GRANTED), true), array($token, 'consensus', $this->getVoter(VoterInterface::ACCESS_DENIED), false), array($token, 'consensus', $this->getVoter(VoterInterface::ACCESS_GRANTED), true), array($token, 'unanimous', $this->getVoterFor2Roles($token, VoterInterface::ACCESS_DENIED, VoterInterface::ACCESS_DENIED), false), array($token, 'unanimous', $this->getVoterFor2Roles($token, VoterInterface::ACCESS_DENIED, VoterInterface::ACCESS_GRANTED), false), array($token, 'unanimous', $this->getVoterFor2Roles($token, VoterInterface::ACCESS_GRANTED, VoterInterface::ACCESS_DENIED), false), array($token, 'unanimous', $this->getVoterFor2Roles($token, VoterInterface::ACCESS_GRANTED, VoterInterface::ACCESS_GRANTED), true), ); } protected function getVoterFor2Roles($token, $vote1, $vote2) { $voter = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\Voter\VoterInterface')->getMock(); $voter->expects($this->any()) ->method('vote') ->will($this->returnValueMap(array( array($token, null, array('ROLE_FOO'), $vote1), array($token, null, array('ROLE_BAR'), $vote2), ))) ; return $voter; } public function getStrategyTests() { return array( // affirmative array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $this->getVoters(1, 0, 0), false, true, true), array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $this->getVoters(1, 2, 0), false, true, true), array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $this->getVoters(0, 1, 0), false, true, false), array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $this->getVoters(0, 0, 1), false, true, false), array(AccessDecisionManager::STRATEGY_AFFIRMATIVE, $this->getVoters(0, 0, 1), true, true, true), // consensus array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(1, 0, 0), false, true, true), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(1, 2, 0), false, true, false), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(2, 1, 0), false, true, true), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(0, 0, 1), false, true, false), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(0, 0, 1), true, true, true), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(2, 2, 0), false, true, true), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(2, 2, 1), false, true, true), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(2, 2, 0), false, false, false), array(AccessDecisionManager::STRATEGY_CONSENSUS, $this->getVoters(2, 2, 1), false, false, false), // unanimous array(AccessDecisionManager::STRATEGY_UNANIMOUS, $this->getVoters(1, 0, 0), false, true, true), array(AccessDecisionManager::STRATEGY_UNANIMOUS, $this->getVoters(1, 0, 1), false, true, true), array(AccessDecisionManager::STRATEGY_UNANIMOUS, $this->getVoters(1, 1, 0), false, true, false), array(AccessDecisionManager::STRATEGY_UNANIMOUS, $this->getVoters(0, 0, 2), false, true, false), array(AccessDecisionManager::STRATEGY_UNANIMOUS, $this->getVoters(0, 0, 2), true, true, true), ); } protected function getVoters($grants, $denies, $abstains) { $voters = array(); for ($i = 0; $i < $grants; ++$i) { $voters[] = $this->getVoter(VoterInterface::ACCESS_GRANTED); } for ($i = 0; $i < $denies; ++$i) { $voters[] = $this->getVoter(VoterInterface::ACCESS_DENIED); } for ($i = 0; $i < $abstains; ++$i) { $voters[] = $this->getVoter(VoterInterface::ACCESS_ABSTAIN); } return $voters; } protected function getVoter($vote) { $voter = $this->getMockBuilder('Symfony\Component\Security\Core\Authorization\Voter\VoterInterface')->getMock(); $voter->expects($this->any()) ->method('vote') ->will($this->returnValue($vote)); return $voter; } public function testVotingWrongTypeNoVoteMethod() { $exception = LogicException::class; $message = sprintf('stdClass should implement the %s interface when used as voter.', VoterInterface::class); if (method_exists($this, 'expectException')) { $this->expectException($exception); $this->expectExceptionMessage($message); } else { $this->setExpectedException($exception, $message); } $adm = new AccessDecisionManager(array(new \stdClass())); $token = $this->getMockBuilder(TokenInterface::class)->getMock(); $adm->decide($token, array('TEST')); } /** * @group legacy * @expectedDeprecation Calling vote() on an voter without Symfony\Component\Security\Core\Authorization\Voter\VoterInterface is deprecated as of 3.4 and will be removed in 4.0. Implement the Symfony\Component\Security\Core\Authorization\Voter\VoterInterface on your voter. */ public function testVotingWrongTypeWithVote() { $adm = new AccessDecisionManager(array(new VoterWithoutInterface())); $token = $this->getMockBuilder(TokenInterface::class)->getMock(); $adm->decide($token, array('TEST')); } } __halt_compiler();----SIGNATURE:----mq3r3Eu9zyDR9xtcTSi+KWnSgCr0w98/vfDWj2Q5IjhMslDy5ZszxJ/VAnVuzOZ4R5wjm7ENpECB+KC0XfbYzx0mw296hhO678gQ9mWdEIN/0XlDFoxGn84wxJxGpj8v4mEHrQxfRHu5IJuJmZUxuEImp/otJBw+UK0es7/hijkwC4oq/wzfwWao2JhlNoRMH0Wm9NdfhjiYf2l/NcAaxKk7TbMw4cp9opB+DMtW92Za1ZKo3s/Qz2aoTr6DP7g66cfeKY7LLTvREZQQQElGw3VfeUWojOe55JOrmO+MX3AMkS7SNvYnr+18C7ENkPGvITd0ANgn3X2KAYCXyl4CWkzXE5+mkmoeIKQa4N15+z5EcQ8i3GLCmEZLpRwiZrXFD6Qyxkx9JGg2xlgRINplRBYhywPeMWRTrqKFnttjLtw09RaZQhCTmTC9CJ69T6kTfRX2L9ZWZZBVdzlK4J3NuGbI6+IIvJjpMKn+qraWQTKvzjprqeZ3zkOQtTUicR4rZVajWJ/U7emHvu+LnFSuQi+NHzMBRTYukODor8RFcrwuOSdULepBfRER8kQPEauFMn+SfqeGiNEJvpHNZ8qYxdNMnXFS1t+f2X+vNgrE10mKkAsarcpqBN5Lw4tHonOSj54du+5VYEhN0PgjdlCU4H7WDGehtEe+w2FL6ztg4Ow=----ATTACHMENT:----MTQ1MzkzOTM2MDQyMjk3MiAxODYwMDIwNDYzNTQ1MTA1IDY0ODU5MDA2MTg1NDA2MDk=