ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
SimplePluginTest.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Sabre\DAVACL;
4 
5 use Sabre\DAV;
6 use Sabre\HTTP;
7 
8 require_once 'Sabre/DAVACL/MockPrincipal.php';
9 require_once 'Sabre/DAVACL/MockACLNode.php';
10 
11 class SimplePluginTest extends \PHPUnit_Framework_TestCase {
12 
13  function testValues() {
14 
15  $aclPlugin = new Plugin();
16  $this->assertEquals('acl', $aclPlugin->getPluginName());
17  $this->assertEquals(
18  ['access-control', 'calendarserver-principal-property-search'],
19  $aclPlugin->getFeatures()
20  );
21 
22  $this->assertEquals(
23  [
24  '{DAV:}expand-property',
25  '{DAV:}principal-match',
26  '{DAV:}principal-property-search',
27  '{DAV:}principal-search-property-set'
28  ],
29  $aclPlugin->getSupportedReportSet(''));
30 
31  $this->assertEquals(['ACL'], $aclPlugin->getMethods(''));
32 
33 
34  $this->assertEquals(
35  'acl',
36  $aclPlugin->getPluginInfo()['name']
37  );
38  }
39 
40  function testGetFlatPrivilegeSet() {
41 
42  $expected = [
43  '{DAV:}all' => [
44  'privilege' => '{DAV:}all',
45  'abstract' => false,
46  'aggregates' => [
47  '{DAV:}read',
48  '{DAV:}write',
49  ],
50  'concrete' => '{DAV:}all',
51  ],
52  '{DAV:}read' => [
53  'privilege' => '{DAV:}read',
54  'abstract' => false,
55  'aggregates' => [
56  '{DAV:}read-acl',
57  '{DAV:}read-current-user-privilege-set',
58  ],
59  'concrete' => '{DAV:}read',
60  ],
61  '{DAV:}read-acl' => [
62  'privilege' => '{DAV:}read-acl',
63  'abstract' => false,
64  'aggregates' => [],
65  'concrete' => '{DAV:}read-acl',
66  ],
67  '{DAV:}read-current-user-privilege-set' => [
68  'privilege' => '{DAV:}read-current-user-privilege-set',
69  'abstract' => false,
70  'aggregates' => [],
71  'concrete' => '{DAV:}read-current-user-privilege-set',
72  ],
73  '{DAV:}write' => [
74  'privilege' => '{DAV:}write',
75  'abstract' => false,
76  'aggregates' => [
77  '{DAV:}write-properties',
78  '{DAV:}write-content',
79  '{DAV:}unlock',
80  '{DAV:}bind',
81  '{DAV:}unbind',
82  ],
83  'concrete' => '{DAV:}write',
84  ],
85  '{DAV:}write-properties' => [
86  'privilege' => '{DAV:}write-properties',
87  'abstract' => false,
88  'aggregates' => [],
89  'concrete' => '{DAV:}write-properties',
90  ],
91  '{DAV:}write-content' => [
92  'privilege' => '{DAV:}write-content',
93  'abstract' => false,
94  'aggregates' => [],
95  'concrete' => '{DAV:}write-content',
96  ],
97  '{DAV:}unlock' => [
98  'privilege' => '{DAV:}unlock',
99  'abstract' => false,
100  'aggregates' => [],
101  'concrete' => '{DAV:}unlock',
102  ],
103  '{DAV:}bind' => [
104  'privilege' => '{DAV:}bind',
105  'abstract' => false,
106  'aggregates' => [],
107  'concrete' => '{DAV:}bind',
108  ],
109  '{DAV:}unbind' => [
110  'privilege' => '{DAV:}unbind',
111  'abstract' => false,
112  'aggregates' => [],
113  'concrete' => '{DAV:}unbind',
114  ],
115 
116  ];
117 
118  $plugin = new Plugin();
119  $plugin->allowUnauthenticatedAccess = false;
120  $server = new DAV\Server();
121  $server->addPlugin($plugin);
122  $this->assertEquals($expected, $plugin->getFlatPrivilegeSet(''));
123 
124  }
125 
126  function testCurrentUserPrincipalsNotLoggedIn() {
127 
128  $acl = new Plugin();
129  $acl->allowUnauthenticatedAccess = false;
130  $server = new DAV\Server();
131  $server->addPlugin($acl);
132 
133  $this->assertEquals([], $acl->getCurrentUserPrincipals());
134 
135  }
136 
137  function testCurrentUserPrincipalsSimple() {
138 
139  $tree = [
140 
141  new DAV\SimpleCollection('principals', [
142  new MockPrincipal('admin', 'principals/admin'),
143  ])
144 
145  ];
146 
147  $acl = new Plugin();
148  $acl->allowUnauthenticatedAccess = false;
149  $server = new DAV\Server($tree);
150  $server->addPlugin($acl);
151 
152  $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock());
153  $server->addPlugin($auth);
154 
155  //forcing login
156  $auth->beforeMethod(new HTTP\Request(), new HTTP\Response());
157 
158  $this->assertEquals(['principals/admin'], $acl->getCurrentUserPrincipals());
159 
160  }
161 
162  function testCurrentUserPrincipalsGroups() {
163 
164  $tree = [
165 
166  new DAV\SimpleCollection('principals', [
167  new MockPrincipal('admin', 'principals/admin', ['principals/administrators', 'principals/everyone']),
168  new MockPrincipal('administrators', 'principals/administrators', ['principals/groups'], ['principals/admin']),
169  new MockPrincipal('everyone', 'principals/everyone', [], ['principals/admin']),
170  new MockPrincipal('groups', 'principals/groups', [], ['principals/administrators']),
171  ])
172 
173  ];
174 
175  $acl = new Plugin();
176  $acl->allowUnauthenticatedAccess = false;
177  $server = new DAV\Server($tree);
178  $server->addPlugin($acl);
179 
180  $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock());
181  $server->addPlugin($auth);
182 
183  //forcing login
184  $auth->beforeMethod(new HTTP\Request(), new HTTP\Response());
185 
186  $expected = [
187  'principals/admin',
188  'principals/administrators',
189  'principals/everyone',
190  'principals/groups',
191  ];
192 
193  $this->assertEquals($expected, $acl->getCurrentUserPrincipals());
194 
195  // The second one should trigger the cache and be identical
196  $this->assertEquals($expected, $acl->getCurrentUserPrincipals());
197 
198  }
199 
200  function testGetACL() {
201 
202  $acl = [
203  [
204  'principal' => 'principals/admin',
205  'privilege' => '{DAV:}read',
206  ],
207  [
208  'principal' => 'principals/admin',
209  'privilege' => '{DAV:}write',
210  ],
211  ];
212 
213 
214  $tree = [
215  new MockACLNode('foo', $acl),
216  ];
217 
218  $server = new DAV\Server($tree);
219  $aclPlugin = new Plugin();
220  $aclPlugin->allowUnauthenticatedAccess = false;
221  $server->addPlugin($aclPlugin);
222 
223  $this->assertEquals($acl, $aclPlugin->getACL('foo'));
224 
225  }
226 
227  function testGetCurrentUserPrivilegeSet() {
228 
229  $acl = [
230  [
231  'principal' => 'principals/admin',
232  'privilege' => '{DAV:}read',
233  ],
234  [
235  'principal' => 'principals/user1',
236  'privilege' => '{DAV:}read',
237  ],
238  [
239  'principal' => 'principals/admin',
240  'privilege' => '{DAV:}write',
241  ],
242  ];
243 
244 
245  $tree = [
246  new MockACLNode('foo', $acl),
247 
248  new DAV\SimpleCollection('principals', [
249  new MockPrincipal('admin', 'principals/admin'),
250  ]),
251 
252  ];
253 
254  $server = new DAV\Server($tree);
255  $aclPlugin = new Plugin();
256  $aclPlugin->allowUnauthenticatedAccess = false;
257  $server->addPlugin($aclPlugin);
258 
259  $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock());
260  $server->addPlugin($auth);
261 
262  //forcing login
263  $auth->beforeMethod(new HTTP\Request(), new HTTP\Response());
264 
265  $expected = [
266  '{DAV:}write',
267  '{DAV:}write-properties',
268  '{DAV:}write-content',
269  '{DAV:}unlock',
270  '{DAV:}write-acl',
271  '{DAV:}read',
272  '{DAV:}read-acl',
273  '{DAV:}read-current-user-privilege-set',
274  ];
275 
276  $this->assertEquals($expected, $aclPlugin->getCurrentUserPrivilegeSet('foo'));
277 
278  }
279 
280  function testCheckPrivileges() {
281 
282  $acl = [
283  [
284  'principal' => 'principals/admin',
285  'privilege' => '{DAV:}read',
286  ],
287  [
288  'principal' => 'principals/user1',
289  'privilege' => '{DAV:}read',
290  ],
291  [
292  'principal' => 'principals/admin',
293  'privilege' => '{DAV:}write',
294  ],
295  ];
296 
297 
298  $tree = [
299  new MockACLNode('foo', $acl),
300 
301  new DAV\SimpleCollection('principals', [
302  new MockPrincipal('admin', 'principals/admin'),
303  ]),
304 
305  ];
306 
307  $server = new DAV\Server($tree);
308  $aclPlugin = new Plugin();
309  $aclPlugin->allowUnauthenticatedAccess = false;
310  $server->addPlugin($aclPlugin);
311 
312  $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock());
313  $server->addPlugin($auth);
314 
315  //forcing login
316  //$auth->beforeMethod('GET','/');
317 
318  $this->assertFalse($aclPlugin->checkPrivileges('foo', ['{DAV:}read'], Plugin::R_PARENT, false));
319 
320  }
321 }
Sabre\DAV\Auth\Plugin
This plugin provides Authentication for a WebDAV server.
Definition: Plugin.php:25
Sabre\HTTP\Request
The Request class represents a single HTTP request.
Definition: Request.php:18
PHPUnit_Framework_TestCase
$server
$server
Definition: sabredav.php:48
$auth
$auth
Definition: fileserver.php:48
Sabre\DAVACL\Plugin\R_PARENT
const R_PARENT
Recursion constants.
Definition: Plugin.php:38
Sabre\HTTP\Response
This class represents a single HTTP response.
Definition: Response.php:12
Sabre\DAV\Server
Main DAV server class.
Definition: Server.php:23
Sabre\DAVACL\Plugin
SabreDAV ACL Plugin.
Definition: Plugin.php:31
$aclPlugin
$aclPlugin
Definition: calendarserver.php:51