1<?php 2 3namespace Sabre\DAVACL; 4 5use Sabre\DAV; 6use Sabre\HTTP; 7 8class ACLMethodTest extends \PHPUnit_Framework_TestCase { 9 10 /** 11 * @expectedException Sabre\DAV\Exception\BadRequest 12 */ 13 function testCallback() { 14 15 $acl = new Plugin(); 16 $server = new DAV\Server(); 17 $server->addPlugin(new DAV\Auth\Plugin()); 18 $server->addPlugin($acl); 19 20 $acl->httpAcl($server->httpRequest, $server->httpResponse); 21 22 } 23 24 /** 25 /** 26 * @expectedException Sabre\DAV\Exception\MethodNotAllowed 27 */ 28 function testNotSupportedByNode() { 29 30 $tree = [ 31 new DAV\SimpleCollection('test'), 32 ]; 33 $acl = new Plugin(); 34 $server = new DAV\Server($tree); 35 $server->httpRequest = new HTTP\Request(); 36 $body = '<?xml version="1.0"?> 37<d:acl xmlns:d="DAV:"> 38</d:acl>'; 39 $server->httpRequest->setBody($body); 40 $server->addPlugin(new DAV\Auth\Plugin()); 41 $server->addPlugin($acl); 42 43 $acl->httpACL($server->httpRequest, $server->httpResponse); 44 45 } 46 47 function testSuccessSimple() { 48 49 $tree = [ 50 new MockACLNode('test', []), 51 ]; 52 $acl = new Plugin(); 53 $server = new DAV\Server($tree); 54 $server->httpRequest = new HTTP\Request(); 55 $server->httpRequest->setUrl('/test'); 56 57 $body = '<?xml version="1.0"?> 58<d:acl xmlns:d="DAV:"> 59</d:acl>'; 60 $server->httpRequest->setBody($body); 61 $server->addPlugin(new DAV\Auth\Plugin()); 62 $server->addPlugin($acl); 63 64 $this->assertFalse($acl->httpACL($server->httpRequest, $server->httpResponse)); 65 66 } 67 68 /** 69 * @expectedException Sabre\DAVACL\Exception\NotRecognizedPrincipal 70 */ 71 function testUnrecognizedPrincipal() { 72 73 $tree = [ 74 new MockACLNode('test', []), 75 ]; 76 $acl = new Plugin(); 77 $server = new DAV\Server($tree); 78 $server->httpRequest = new HTTP\Request('ACL', '/test'); 79 $body = '<?xml version="1.0"?> 80<d:acl xmlns:d="DAV:"> 81 <d:ace> 82 <d:grant><d:privilege><d:read /></d:privilege></d:grant> 83 <d:principal><d:href>/principals/notfound</d:href></d:principal> 84 </d:ace> 85</d:acl>'; 86 $server->httpRequest->setBody($body); 87 $server->addPlugin(new DAV\Auth\Plugin()); 88 $server->addPlugin($acl); 89 90 $acl->httpACL($server->httpRequest, $server->httpResponse); 91 92 } 93 94 /** 95 * @expectedException Sabre\DAVACL\Exception\NotRecognizedPrincipal 96 */ 97 function testUnrecognizedPrincipal2() { 98 99 $tree = [ 100 new MockACLNode('test', []), 101 new DAV\SimpleCollection('principals', [ 102 new DAV\SimpleCollection('notaprincipal'), 103 ]), 104 ]; 105 $acl = new Plugin(); 106 $server = new DAV\Server($tree); 107 $server->httpRequest = new HTTP\Request('ACL', '/test'); 108 $body = '<?xml version="1.0"?> 109<d:acl xmlns:d="DAV:"> 110 <d:ace> 111 <d:grant><d:privilege><d:read /></d:privilege></d:grant> 112 <d:principal><d:href>/principals/notaprincipal</d:href></d:principal> 113 </d:ace> 114</d:acl>'; 115 $server->httpRequest->setBody($body); 116 $server->addPlugin(new DAV\Auth\Plugin()); 117 $server->addPlugin($acl); 118 119 $acl->httpACL($server->httpRequest, $server->httpResponse); 120 121 } 122 123 /** 124 * @expectedException Sabre\DAVACL\Exception\NotSupportedPrivilege 125 */ 126 function testUnknownPrivilege() { 127 128 $tree = [ 129 new MockACLNode('test', []), 130 ]; 131 $acl = new Plugin(); 132 $server = new DAV\Server($tree); 133 $server->httpRequest = new HTTP\Request('ACL', '/test'); 134 $body = '<?xml version="1.0"?> 135<d:acl xmlns:d="DAV:"> 136 <d:ace> 137 <d:grant><d:privilege><d:bananas /></d:privilege></d:grant> 138 <d:principal><d:href>/principals/notfound</d:href></d:principal> 139 </d:ace> 140</d:acl>'; 141 $server->httpRequest->setBody($body); 142 $server->addPlugin(new DAV\Auth\Plugin()); 143 $server->addPlugin($acl); 144 145 $acl->httpACL($server->httpRequest, $server->httpResponse); 146 147 } 148 149 /** 150 * @expectedException Sabre\DAVACL\Exception\NoAbstract 151 */ 152 function testAbstractPrivilege() { 153 154 $tree = [ 155 new MockACLNode('test', []), 156 ]; 157 $acl = new Plugin(); 158 $server = new DAV\Server($tree); 159 $server->on('getSupportedPrivilegeSet', function($node, &$supportedPrivilegeSet) { 160 $supportedPrivilegeSet['{DAV:}foo'] = ['abstract' => true]; 161 }); 162 $server->httpRequest = new HTTP\Request('ACL', '/test'); 163 $body = '<?xml version="1.0"?> 164<d:acl xmlns:d="DAV:"> 165 <d:ace> 166 <d:grant><d:privilege><d:foo /></d:privilege></d:grant> 167 <d:principal><d:href>/principals/foo/</d:href></d:principal> 168 </d:ace> 169</d:acl>'; 170 $server->httpRequest->setBody($body); 171 $server->addPlugin(new DAV\Auth\Plugin()); 172 $server->addPlugin($acl); 173 174 $acl->httpACL($server->httpRequest, $server->httpResponse); 175 176 } 177 178 /** 179 * @expectedException Sabre\DAVACL\Exception\AceConflict 180 */ 181 function testUpdateProtectedPrivilege() { 182 183 $oldACL = [ 184 [ 185 'principal' => 'principals/notfound', 186 'privilege' => '{DAV:}write', 187 'protected' => true, 188 ], 189 ]; 190 191 $tree = [ 192 new MockACLNode('test', $oldACL), 193 ]; 194 $acl = new Plugin(); 195 $server = new DAV\Server($tree); 196 $server->httpRequest = new HTTP\Request('ACL', '/test'); 197 $body = '<?xml version="1.0"?> 198<d:acl xmlns:d="DAV:"> 199 <d:ace> 200 <d:grant><d:privilege><d:read /></d:privilege></d:grant> 201 <d:principal><d:href>/principals/notfound</d:href></d:principal> 202 </d:ace> 203</d:acl>'; 204 $server->httpRequest->setBody($body); 205 $server->addPlugin(new DAV\Auth\Plugin()); 206 $server->addPlugin($acl); 207 208 $acl->httpACL($server->httpRequest, $server->httpResponse); 209 210 } 211 212 /** 213 * @expectedException Sabre\DAVACL\Exception\AceConflict 214 */ 215 function testUpdateProtectedPrivilege2() { 216 217 $oldACL = [ 218 [ 219 'principal' => 'principals/notfound', 220 'privilege' => '{DAV:}write', 221 'protected' => true, 222 ], 223 ]; 224 225 $tree = [ 226 new MockACLNode('test', $oldACL), 227 ]; 228 $acl = new Plugin(); 229 $server = new DAV\Server($tree); 230 $server->httpRequest = new HTTP\Request('ACL', '/test'); 231 $body = '<?xml version="1.0"?> 232<d:acl xmlns:d="DAV:"> 233 <d:ace> 234 <d:grant><d:privilege><d:write /></d:privilege></d:grant> 235 <d:principal><d:href>/principals/foo</d:href></d:principal> 236 </d:ace> 237</d:acl>'; 238 $server->httpRequest->setBody($body); 239 $server->addPlugin(new DAV\Auth\Plugin()); 240 $server->addPlugin($acl); 241 242 $acl->httpACL($server->httpRequest, $server->httpResponse); 243 244 } 245 246 /** 247 * @expectedException Sabre\DAVACL\Exception\AceConflict 248 */ 249 function testUpdateProtectedPrivilege3() { 250 251 $oldACL = [ 252 [ 253 'principal' => 'principals/notfound', 254 'privilege' => '{DAV:}write', 255 'protected' => true, 256 ], 257 ]; 258 259 $tree = [ 260 new MockACLNode('test', $oldACL), 261 ]; 262 $acl = new Plugin(); 263 $server = new DAV\Server($tree); 264 $server->httpRequest = new HTTP\Request('ACL', '/test'); 265 $body = '<?xml version="1.0"?> 266<d:acl xmlns:d="DAV:"> 267 <d:ace> 268 <d:grant><d:privilege><d:write /></d:privilege></d:grant> 269 <d:principal><d:href>/principals/notfound</d:href></d:principal> 270 </d:ace> 271</d:acl>'; 272 $server->httpRequest->setBody($body); 273 $server->addPlugin(new DAV\Auth\Plugin()); 274 $server->addPlugin($acl); 275 276 $acl->httpACL($server->httpRequest, $server->httpResponse); 277 278 } 279 280 function testSuccessComplex() { 281 282 $oldACL = [ 283 [ 284 'principal' => 'principals/foo', 285 'privilege' => '{DAV:}write', 286 'protected' => true, 287 ], 288 [ 289 'principal' => 'principals/bar', 290 'privilege' => '{DAV:}read', 291 ], 292 ]; 293 294 $tree = [ 295 $node = new MockACLNode('test', $oldACL), 296 new DAV\SimpleCollection('principals', [ 297 new MockPrincipal('foo', 'principals/foo'), 298 new MockPrincipal('baz', 'principals/baz'), 299 ]), 300 ]; 301 $acl = new Plugin(); 302 $server = new DAV\Server($tree); 303 $server->httpRequest = new HTTP\Request('ACL', '/test'); 304 $body = '<?xml version="1.0"?> 305<d:acl xmlns:d="DAV:"> 306 <d:ace> 307 <d:grant><d:privilege><d:write /></d:privilege></d:grant> 308 <d:principal><d:href>/principals/foo</d:href></d:principal> 309 <d:protected /> 310 </d:ace> 311 <d:ace> 312 <d:grant><d:privilege><d:write /></d:privilege></d:grant> 313 <d:principal><d:href>/principals/baz</d:href></d:principal> 314 </d:ace> 315</d:acl>'; 316 $server->httpRequest->setBody($body); 317 $server->addPlugin(new DAV\Auth\Plugin()); 318 $server->addPlugin($acl); 319 320 321 $this->assertFalse($acl->httpAcl($server->httpRequest, $server->httpResponse)); 322 323 $this->assertEquals([ 324 [ 325 'principal' => 'principals/foo', 326 'privilege' => '{DAV:}write', 327 'protected' => true, 328 ], 329 [ 330 'principal' => 'principals/baz', 331 'privilege' => '{DAV:}write', 332 'protected' => false, 333 ], 334 ], $node->getACL()); 335 336 } 337} 338