1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Authorization\Model;
/**
* @magentoAppArea adminhtml
*/
class RulesTest extends \PHPUnit\Framework\TestCase
{
/**
* @var \Magento\Authorization\Model\Rules
*/
protected $_model;
/**
* @var \Magento\User\Model\User
*/
protected $user;
protected function setUp()
{
$this->_model = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()->create(
\Magento\Authorization\Model\Rules::class
);
$this->user = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()->create(
\Magento\User\Model\User::class
);
}
/**
* @magentoDbIsolation enabled
*/
public function testCRUD()
{
$this->_model
->setRoleType('G')
->setResourceId('Magento_Backend::all')
->setPrivileges("")
->setAssertId(0)
->setRoleId(1)
->setPermission('allow');
$crud = new \Magento\TestFramework\Entity($this->_model, ['permission' => 'deny']);
$crud->testCrud();
}
/**
* @magentoDbIsolation enabled
*/
public function testInitialUserPermissions()
{
$expectedDefaultPermissions = ['Magento_Backend::all'];
$this->_checkExistingPermissions($expectedDefaultPermissions);
}
/**
* @covers \Magento\Authorization\Model\Rules::saveRel
* @magentoDbIsolation enabled
*/
public function testSetAllowForAllResources()
{
$resources = ['Magento_Backend::all'];
$this->user->loadByUsername(\Magento\TestFramework\Bootstrap::ADMIN_NAME);
$roleId = $this->user->getRole()->getRoleId();
$this->_model->setRoleId($roleId)->setResources($resources)->saveRel();
$expectedPermissions = ['Magento_Backend::all'];
$this->_checkExistingPermissions($expectedPermissions);
}
/**
* Ensure that only expected permissions are set.
*/
protected function _checkExistingPermissions($expectedDefaultPermissions)
{
$connection = $this->_model->getResource()->getConnection();
$this->user->loadByUsername(\Magento\TestFramework\Bootstrap::ADMIN_NAME);
$roleId = $this->user->getRole()->getRoleId();
$ruleSelect = $connection->select()
->from($this->_model->getResource()->getMainTable())
->where('role_id = ?', $roleId);
$rules = $ruleSelect->query()->fetchAll();
$actualPermissions = [];
foreach ($rules as $rule) {
$actualPermissions[] = $rule['resource_id'];
$this->assertEquals(
'allow',
$rule['permission'],
"Permission for '{$rule['resource_id']}' resource should be 'allow'"
);
}
$this->assertEquals($expectedDefaultPermissions, $actualPermissions, 'Default permissions are invalid');
}
}