1<?php 2 3namespace Sabre\DAVACL; 4 5use Sabre\DAV; 6use Sabre\HTTP; 7 8 9require_once 'Sabre/DAVACL/MockPrincipal.php'; 10require_once 'Sabre/DAVACL/MockACLNode.php'; 11 12class SimplePluginTest extends \PHPUnit_Framework_TestCase { 13 14 function testValues() { 15 16 $aclPlugin = new Plugin(); 17 $this->assertEquals('acl',$aclPlugin->getPluginName()); 18 $this->assertEquals( 19 array('access-control', 'calendarserver-principal-property-search'), 20 $aclPlugin->getFeatures() 21 ); 22 23 $this->assertEquals( 24 array( 25 '{DAV:}expand-property', 26 '{DAV:}principal-property-search', 27 '{DAV:}principal-search-property-set' 28 ), 29 $aclPlugin->getSupportedReportSet('')); 30 31 $this->assertEquals(array('ACL'), $aclPlugin->getMethods('')); 32 33 34 $this->assertEquals( 35 'acl', 36 $aclPlugin->getPluginInfo()['name'] 37 ); 38 } 39 40 function testGetFlatPrivilegeSet() { 41 42 $expected = array( 43 '{DAV:}all' => array( 44 'privilege' => '{DAV:}all', 45 'abstract' => true, 46 'aggregates' => array( 47 '{DAV:}read', 48 '{DAV:}write', 49 ), 50 'concrete' => null, 51 ), 52 '{DAV:}read' => array( 53 'privilege' => '{DAV:}read', 54 'abstract' => false, 55 'aggregates' => array( 56 '{DAV:}read-acl', 57 '{DAV:}read-current-user-privilege-set', 58 ), 59 'concrete' => '{DAV:}read', 60 ), 61 '{DAV:}read-acl' => array( 62 'privilege' => '{DAV:}read-acl', 63 'abstract' => false, 64 'aggregates' => array(), 65 'concrete' => '{DAV:}read-acl', 66 ), 67 '{DAV:}read-current-user-privilege-set' => array( 68 'privilege' => '{DAV:}read-current-user-privilege-set', 69 'abstract' => false, 70 'aggregates' => array(), 71 'concrete' => '{DAV:}read-current-user-privilege-set', 72 ), 73 '{DAV:}write' => array( 74 'privilege' => '{DAV:}write', 75 'abstract' => false, 76 'aggregates' => array( 77 '{DAV:}write-acl', 78 '{DAV:}write-properties', 79 '{DAV:}write-content', 80 '{DAV:}bind', 81 '{DAV:}unbind', 82 '{DAV:}unlock', 83 ), 84 'concrete' => '{DAV:}write', 85 ), 86 '{DAV:}write-acl' => array( 87 'privilege' => '{DAV:}write-acl', 88 'abstract' => false, 89 'aggregates' => array(), 90 'concrete' => '{DAV:}write-acl', 91 ), 92 '{DAV:}write-properties' => array( 93 'privilege' => '{DAV:}write-properties', 94 'abstract' => false, 95 'aggregates' => array(), 96 'concrete' => '{DAV:}write-properties', 97 ), 98 '{DAV:}write-content' => array( 99 'privilege' => '{DAV:}write-content', 100 'abstract' => false, 101 'aggregates' => array(), 102 'concrete' => '{DAV:}write-content', 103 ), 104 '{DAV:}unlock' => array( 105 'privilege' => '{DAV:}unlock', 106 'abstract' => false, 107 'aggregates' => array(), 108 'concrete' => '{DAV:}unlock', 109 ), 110 '{DAV:}bind' => array( 111 'privilege' => '{DAV:}bind', 112 'abstract' => false, 113 'aggregates' => array(), 114 'concrete' => '{DAV:}bind', 115 ), 116 '{DAV:}unbind' => array( 117 'privilege' => '{DAV:}unbind', 118 'abstract' => false, 119 'aggregates' => array(), 120 'concrete' => '{DAV:}unbind', 121 ), 122 123 ); 124 125 $plugin = new Plugin(); 126 $server = new DAV\Server(); 127 $server->addPlugin($plugin); 128 $this->assertEquals($expected, $plugin->getFlatPrivilegeSet('')); 129 130 } 131 132 function testCurrentUserPrincipalsNotLoggedIn() { 133 134 $acl = new Plugin(); 135 $server = new DAV\Server(); 136 $server->addPlugin($acl); 137 138 $this->assertEquals(array(),$acl->getCurrentUserPrincipals()); 139 140 } 141 142 function testCurrentUserPrincipalsSimple() { 143 144 $tree = array( 145 146 new DAV\SimpleCollection('principals', array( 147 new MockPrincipal('admin','principals/admin'), 148 )) 149 150 ); 151 152 $acl = new Plugin(); 153 $server = new DAV\Server($tree); 154 $server->addPlugin($acl); 155 156 $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 157 $server->addPlugin($auth); 158 159 //forcing login 160 $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 161 162 $this->assertEquals(array('principals/admin'),$acl->getCurrentUserPrincipals()); 163 164 } 165 166 function testCurrentUserPrincipalsGroups() { 167 168 $tree = array( 169 170 new DAV\SimpleCollection('principals', array( 171 new MockPrincipal('admin','principals/admin',array('principals/administrators', 'principals/everyone')), 172 new MockPrincipal('administrators','principals/administrators',array('principals/groups'), array('principals/admin')), 173 new MockPrincipal('everyone','principals/everyone',array(), array('principals/admin')), 174 new MockPrincipal('groups','principals/groups',array(), array('principals/administrators')), 175 )) 176 177 ); 178 179 $acl = new Plugin(); 180 $server = new DAV\Server($tree); 181 $server->addPlugin($acl); 182 183 $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 184 $server->addPlugin($auth); 185 186 //forcing login 187 $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 188 189 $expected = array( 190 'principals/admin', 191 'principals/administrators', 192 'principals/everyone', 193 'principals/groups', 194 ); 195 196 $this->assertEquals($expected,$acl->getCurrentUserPrincipals()); 197 198 // The second one should trigger the cache and be identical 199 $this->assertEquals($expected,$acl->getCurrentUserPrincipals()); 200 201 } 202 203 function testGetACL() { 204 205 $acl = array( 206 array( 207 'principal' => 'principals/admin', 208 'privilege' => '{DAV:}read', 209 ), 210 array( 211 'principal' => 'principals/admin', 212 'privilege' => '{DAV:}write', 213 ), 214 ); 215 216 217 $tree = array( 218 new MockACLNode('foo',$acl), 219 ); 220 221 $server = new DAV\Server($tree); 222 $aclPlugin = new Plugin(); 223 $server->addPlugin($aclPlugin); 224 225 $this->assertEquals($acl,$aclPlugin->getACL('foo')); 226 227 } 228 229 function testGetCurrentUserPrivilegeSet() { 230 231 $acl = array( 232 array( 233 'principal' => 'principals/admin', 234 'privilege' => '{DAV:}read', 235 ), 236 array( 237 'principal' => 'principals/user1', 238 'privilege' => '{DAV:}read', 239 ), 240 array( 241 'principal' => 'principals/admin', 242 'privilege' => '{DAV:}write', 243 ), 244 ); 245 246 247 $tree = array( 248 new MockACLNode('foo',$acl), 249 250 new DAV\SimpleCollection('principals', array( 251 new MockPrincipal('admin','principals/admin'), 252 )), 253 254 ); 255 256 $server = new DAV\Server($tree); 257 $aclPlugin = new Plugin(); 258 $server->addPlugin($aclPlugin); 259 260 $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 261 $server->addPlugin($auth); 262 263 //forcing login 264 $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 265 266 $expected = array( 267 '{DAV:}write', 268 '{DAV:}write-acl', 269 '{DAV:}write-properties', 270 '{DAV:}write-content', 271 '{DAV:}bind', 272 '{DAV:}unbind', 273 '{DAV:}unlock', 274 '{DAV:}read', 275 '{DAV:}read-acl', 276 '{DAV:}read-current-user-privilege-set', 277 ); 278 279 $this->assertEquals($expected,$aclPlugin->getCurrentUserPrivilegeSet('foo')); 280 281 } 282 283 function testCheckPrivileges() { 284 285 $acl = array( 286 array( 287 'principal' => 'principals/admin', 288 'privilege' => '{DAV:}read', 289 ), 290 array( 291 'principal' => 'principals/user1', 292 'privilege' => '{DAV:}read', 293 ), 294 array( 295 'principal' => 'principals/admin', 296 'privilege' => '{DAV:}write', 297 ), 298 ); 299 300 301 $tree = array( 302 new MockACLNode('foo',$acl), 303 304 new DAV\SimpleCollection('principals', array( 305 new MockPrincipal('admin','principals/admin'), 306 )), 307 308 ); 309 310 $server = new DAV\Server($tree); 311 $aclPlugin = new Plugin(); 312 $server->addPlugin($aclPlugin); 313 314 $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 315 $server->addPlugin($auth); 316 317 //forcing login 318 //$auth->beforeMethod('GET','/'); 319 320 $this->assertFalse($aclPlugin->checkPrivileges('foo', array('{DAV:}read'), Plugin::R_PARENT, false)); 321 322 } 323} 324 325 326 327 328