8000 [Security] Readd the correct tests by wouterj · Pull Request #15932 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

[Security] Readd the correct tests #15932

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 2 commits into from
Closed

[Security] Readd the correct tests #15932

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
df36835
Readd the correct tests
wouterj Sep 26, 2015
9f1a345
Rewrote tests to use a data provider
wouterj Sep 27, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
110 changes: 48 additions & 62 deletions src/Symfony/Component/Security/Core/Tests/Authorization/Voter/AbstractVoterTest.php
10000
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,42 +13,59 @@

use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;

/**
* @author Roman Marintšenko <inoryy@gmail.com>
*/
class AbstractVoterTest extends \PHPUnit_Framework_TestCase
{
private $token;
protected $object;
protected $token;

protected function setUp()
{
$tokenMock = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
$tokenMock
->expects($this->any())
->method('getUser')
->will($this->returnValue('user'));
$this->object = $this->getMock('AbstractVoterTest_Object');
$this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
}

public function getTests()
{
$object = $this->getMock('AbstractVoterTest_Object');
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setUp seems to be run after data providers, so we need to redefine object here

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

creating mocks in the data provider is a bad idea. These mocks will not be associated with the test properly (as they are created outside the test), which can lead to weird behaviors.


return array(
array(array('EDIT'), VoterInterface::ACCESS_GRANTED, $object, 'ACCESS_GRANTED if attribute and class are supported and attribute grants access'),
array(array('CREATE'), VoterInterface::ACCESS_DENIED, $object, 'ACCESS_DENIED if attribute and class are supported and attribute does not grant access'),

array(array('DELETE', 'EDIT'), VoterInterface::ACCESS_GRANTED, $object, 'ACCESS_GRANTED if one attribute is supported and grants access'),
array(array('DELETE', 'CREATE'), VoterInterface::ACCESS_DENIED, $object, 'ACCESS_DENIED if one attribute is supported and denies access'),

array(array('CREATE', 'EDIT'), VoterInterface::ACCESS_GRANTED, $object, 'ACCESS_GRANTED if one attribute grants access'),

array(array('DELETE'), VoterInterface::ACCESS_ABSTAIN, $object, 'ACCESS_ABSTAIN if no attribute is supported'),

$this->token = $tokenMock;
array(array('EDIT'), VoterInterface::ACCESS_ABSTAIN, $this->getMock('AbstractVoterTest_Object1'), 'ACCESS_ABSTAIN if class is not supported'),

array(array('EDIT'), VoterInterface::ACCESS_ABSTAIN, null, 'ACCESS_ABSTAIN if object is null'),

array(array(), VoterInterface::ACCESS_ABSTAIN, $object, 'ACCESS_ABSTAIN if no attributes were provided'),
);
}

/**
* @dataProvider getData
* @dataProvider getTests
*/
public function testVote($expectedVote, $object, $attributes, $message)
public function testVote(array $attributes, $expectedVote, $object, $message)
{
$voter = new VoterFixture();
$voter = new AbstractVoterTest_Voter();

$this->assertEquals($expectedVote, $voter->vote($this->token, $object, $attributes), $message);
}

/**
* @dataProvider getData
* @dataProvider getTests
* @group legacy
*/
public function testVoteUsingDeprecatedIsGranted($expectedVote, $object, $attributes, $message)
public function testVoteLegacy(array $attributes, $expectedVote, $object, $message)
{
$voter = new DeprecatedVoterFixture();
$voter = new AbstractVoterTest_LegacyVoter();

$this->assertEquals($expectedVote, $voter->vote($this->token, $object, $attributes), $message);
}
Expand All @@ -59,86 +76,55 @@ public function testVoteUsingDeprecatedIsGranted($expectedVote, $object, $attrib
*/
public function testNoOverriddenMethodsThrowsException()
{
$voter = new DeprecatedVoterNothingImplementedFixture();
$voter->vote($this->token, new ObjectFixture(), array('foo'));
}
$voter = new AbstractVoterTest_NothingImplementedVoter();

public function getData()
{
return array(
array(AbstractVoter::ACCESS_ABSTAIN, null, array(), 'ACCESS_ABSTAIN for null objects'),
array(AbstractVoter::ACCESS_ABSTAIN, new UnsupportedObjectFixture(), array(), 'ACCESS_ABSTAIN for objects with unsupported class'),
array(AbstractVoter::ACCESS_ABSTAIN, new ObjectFixture(), array(), 'ACCESS_ABSTAIN for no attributes'),
array(AbstractVoter::ACCESS_ABSTAIN, new ObjectFixture(), array('foobar'), 'ACCESS_ABSTAIN for unsupported attributes'),
array(AbstractVoter::ACCESS_GRANTED, new ObjectFixture(), array('foo'), 'ACCESS_GRANTED if attribute grants access'),
array(AbstractVoter::ACCESS_GRANTED, new ObjectFixture(), array('bar', 'foo'), 'ACCESS_GRANTED if *at least one* attribute grants access'),
array(AbstractVoter::ACCESS_GRANTED, new ObjectFixture(), array('foobar', 'foo'), 'ACCESS_GRANTED if *at least one* attribute grants access'),
array(AbstractVoter::ACCESS_DENIED, new ObjectFixture(), array('bar', 'baz'), 'ACCESS_DENIED for if no attribute grants access'),
);
$voter->vote($this->token, $this->object, array('EDIT'));
}
}

class VoterFixture extends AbstractVoter
class AbstractVoterTest_Voter extends AbstractVoter
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wouldn't it be possible to keep the existing name for the class, to make merging between 2.7 and 2.8 easier for the next 3 years ?

{
protected function getSupportedClasses()
{
return array(
'Symfony\Component\Security\Core\Tests\Authorization\Voter\ObjectFixture',
);
}

protected function getSupportedAttributes()
protected function voteOnAttribute($attribute, $object, TokenInterface $token)
{
return array('foo', 'bar', 'baz');
return 'EDIT' === $attribute;
}

protected function voteOnAttribute($attribute, $object, TokenInterface $token)
protected function supports($attribute, $class)
{
return $attribute === 'foo';
return $this->isClassInstanceOf($class, 'AbstractVoterTest_Object')
&& in_array($attribute, array('EDIT', 'CREATE'));
}
}

class DeprecatedVoterFixture extends AbstractVoter
class AbstractVoterTest_LegacyVoter extends AbstractVoter
{
protected function getSupportedClasses()
{
return array(
'Symfony\Component\Security\Core\Tests\Authorization\Voter\ObjectFixture',
);
return array('AbstractVoterTest_Object');
}

protected function getSupportedAttributes()
{
return array('foo', 'bar', 'baz');
return array('EDIT', 'CREATE');
}

protected function isGranted($attribute, $object, $user = null)
{
return $attribute === 'foo';
return 'EDIT' === $attribute;
}
}

class DeprecatedVoterNothingImplementedFixture extends AbstractVoter
class AbstractVoterTest_NothingImplementedVoter extends AbstractVoter
{
protected function getSupportedClasses()
{
return array(
'Symfony\Component\Security\Core\Tests\Authorization\Voter\ObjectFixture',
);
return array('AbstractVoterTest_Object');
}

protected function getSupportedAttributes()
{
return array('foo', 'bar', 'baz');
return array('EDIT', 'CREATE');
}

// this is a bad voter that hasn't overridden isGranted or voteOnAttribute
}

class ObjectFixture
{
}

class UnsupportedObjectFixture
{
}
19 changes: 10 additions & 9 deletions src/Symfony/Component/Security/Core/Tests/Authorization/Voter/LegacyAbstractVoterTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,16 @@

use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;

class LegacyAbstractVoterTest extends AbstractVoterTest
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this class still needed if we test the legacy case in the AbstractVoterTest directly ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe it's better to fix the tests in 2.7 and then merge it in 2.8 (where we'll add some scenarios because of deprecations). I'll open a PR soon for 2.7.

{
protected function setUp()
{
parent::setUp();

$this->voter = new LegacyAbstractVoterTest_Voter();
}
}

class LegacyAbstractVoterTest_Voter extends AbstractVoter
{
protected function getSupportedClasses()
Expand All @@ -31,12 +41,3 @@ protected function isGranted($attribute, $object, $user = null)
}
}

class LegacyAbstractVoterTest extends AbstractVoterTest
{
protected function setUp()
{
parent::setUp();

$this->voter = new LegacyAbstractVoterTest_Voter();
}
}
0