15
15
use Symfony \Component \Security \Core \Authentication \AuthenticationTrustResolver ;
16
16
use Symfony \Component \Security \Core \Authentication \Token \AnonymousToken ;
17
17
use Symfony \Component \Security \Core \Authentication \Token \RememberMeToken ;
18
+ use Symfony \Component \Security \Core \Authentication \Token \Storage \TokenStorage ;
18
19
use Symfony \Component \Security \Core \Authentication \Token \UsernamePasswordToken ;
20
+ use Symfony \Component \Security \Core \Authorization \AccessDecisionManager ;
21
+ use Symfony \Component \Security \Core \Authorization \AuthorizationChecker ;
19
22
use Symfony \Component \Security \Core \Authorization \ExpressionLanguage ;
23
+ use Symfony \Component \Security \Core \Authorization \Voter \RoleVoter ;
20
24
use Symfony \Component \Security \Core \User \User ;
21
25
22
26
class ExpressionLanguageTest extends TestCase
@@ -39,6 +43,29 @@ public function testIsAuthenticated($token, $expression, $result, array $roles =
39
43
$ this ->assertEquals ($ result , $ expressionLanguage ->evaluate ($ expression , $ context ));
40
44
}
41
45
46
+ /**
47
+ * @dataProvider provider
48
+ */
49
+ public function testIsAuthenticatedWithAuthorizationChecker ($ token , $ expression , $ result , array $ roles = array ())
50
+ {
51
+ $ anonymousTokenClass = 'Symfony \\Component \\Security \\Core \\Authentication \\Token \\AnonymousToken ' ;
52
+ $ rememberMeTokenClass = 'Symfony \\Component \\Security \\Core \\Authentication \\Token \\RememberMeToken ' ;
53
+ $ expressionLanguage = new ExpressionLanguage ();
54
+ $ trustResolver = new AuthenticationTrustResolver ($ anonymousTokenClass , $ rememberMeTokenClass );
55
+
56
+ $ tokenStorage = new TokenStorage ();
57
+ $ tokenStorage ->setToken ($ token );
58
+ $ authorizationChecker = new AuthorizationChecker ($ tokenStorage , $ this ->getMockBuilder ('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface ' )->getMock (), new AccessDecisionManager (array (new RoleVoter ())));
59
+
60
+ $ context = array ();
61
+ $ context ['auth_checker ' ] = $ authorizationChecker ;
62
+ $ context ['trust_resolver ' ] = $ trustResolver ;
63
+ $ context ['token ' ] = $ token ;
64
+ $ context ['roles ' ] = $ roles ;
65
+
66
+ $ this ->assertSame ($ result , $ expressionLanguage ->evaluate ($ expression , $ context ));
67
+ }
68
+
42
69
public function provider ()
43
70
{
44
71
$ roles = array ('ROLE_USER ' , 'ROLE_ADMIN ' );
@@ -77,4 +104,33 @@ public function provider()
77
104
array ($ usernamePasswordToken , "has_role('ROLE_USER') " , true , $ roles ),
78
105
);
79
106
}
107
+
108
+ public function testHasRoleTriggersTokenAuthentication ()
109
+ {
110
+ $ token = new UsernamePasswordToken ('username ' , 'password ' , 'provider ' , array ('ROLE_ADMIN ' ));
111
+ $ refreshedToken = new UsernamePasswordToken ('username ' , 'password ' , 'provider ' , array ('ROLE_USER ' ));
112
+
113
+ $ tokenStorage = new TokenStorage ();
114
+ $ tokenStorage ->setToken ($ token );
115
+
116
+ $ authenticationManager = $ this ->getMockBuilder ('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface ' )->getMock ();
117
+ $ authenticationManager ->method ('authenticate ' )->willReturn ($ refreshedToken );
118
+
119
+ $ authorizationChecker = new AuthorizationChecker ($ tokenStorage , $ authenticationManager , new AccessDecisionManager (array (new RoleVoter ())), true );
120
+
121
+ $ context = array (
122
+ 'auth_checker ' => $ authorizationChecker ,
123
+ 'trust_resolver ' => $ this ->getMockBuilder ('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface ' )->getMock (),
124
+ 'token ' => $ token ,
125
+ 'roles ' => array ('ROLE_ADMIN ' ),
126
+ );
127
+ $ expressionLanguage = new ExpressionLanguage ();
128
+
129
+ $ this ->assertFalse ($ expressionLanguage ->evaluate ('has_role("ROLE_ADMIN") ' , array (
130
+ 'auth_checker ' => $ authorizationChecker ,
131
+ 'trust_resolver ' => $ this ->getMockBuilder ('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface ' )->getMock (),
132
+ 'token ' => $ token ,
133
+ 'roles ' => array ('ROLE_ADMIN ' ),
134
+ )));
135
+ }
80
136
}
0 commit comments