1*a1a3b679SAndreas Boehler<?php 2*a1a3b679SAndreas Boehler 3*a1a3b679SAndreas Boehlernamespace Sabre\DAVACL; 4*a1a3b679SAndreas Boehler 5*a1a3b679SAndreas Boehleruse Sabre\DAV; 6*a1a3b679SAndreas Boehleruse Sabre\HTTP; 7*a1a3b679SAndreas Boehler 8*a1a3b679SAndreas Boehler 9*a1a3b679SAndreas Boehlerrequire_once 'Sabre/DAVACL/MockPrincipal.php'; 10*a1a3b679SAndreas Boehlerrequire_once 'Sabre/DAVACL/MockACLNode.php'; 11*a1a3b679SAndreas Boehler 12*a1a3b679SAndreas Boehlerclass SimplePluginTest extends \PHPUnit_Framework_TestCase { 13*a1a3b679SAndreas Boehler 14*a1a3b679SAndreas Boehler function testValues() { 15*a1a3b679SAndreas Boehler 16*a1a3b679SAndreas Boehler $aclPlugin = new Plugin(); 17*a1a3b679SAndreas Boehler $this->assertEquals('acl',$aclPlugin->getPluginName()); 18*a1a3b679SAndreas Boehler $this->assertEquals( 19*a1a3b679SAndreas Boehler array('access-control', 'calendarserver-principal-property-search'), 20*a1a3b679SAndreas Boehler $aclPlugin->getFeatures() 21*a1a3b679SAndreas Boehler ); 22*a1a3b679SAndreas Boehler 23*a1a3b679SAndreas Boehler $this->assertEquals( 24*a1a3b679SAndreas Boehler array( 25*a1a3b679SAndreas Boehler '{DAV:}expand-property', 26*a1a3b679SAndreas Boehler '{DAV:}principal-property-search', 27*a1a3b679SAndreas Boehler '{DAV:}principal-search-property-set' 28*a1a3b679SAndreas Boehler ), 29*a1a3b679SAndreas Boehler $aclPlugin->getSupportedReportSet('')); 30*a1a3b679SAndreas Boehler 31*a1a3b679SAndreas Boehler $this->assertEquals(array('ACL'), $aclPlugin->getMethods('')); 32*a1a3b679SAndreas Boehler 33*a1a3b679SAndreas Boehler 34*a1a3b679SAndreas Boehler $this->assertEquals( 35*a1a3b679SAndreas Boehler 'acl', 36*a1a3b679SAndreas Boehler $aclPlugin->getPluginInfo()['name'] 37*a1a3b679SAndreas Boehler ); 38*a1a3b679SAndreas Boehler } 39*a1a3b679SAndreas Boehler 40*a1a3b679SAndreas Boehler function testGetFlatPrivilegeSet() { 41*a1a3b679SAndreas Boehler 42*a1a3b679SAndreas Boehler $expected = array( 43*a1a3b679SAndreas Boehler '{DAV:}all' => array( 44*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}all', 45*a1a3b679SAndreas Boehler 'abstract' => true, 46*a1a3b679SAndreas Boehler 'aggregates' => array( 47*a1a3b679SAndreas Boehler '{DAV:}read', 48*a1a3b679SAndreas Boehler '{DAV:}write', 49*a1a3b679SAndreas Boehler ), 50*a1a3b679SAndreas Boehler 'concrete' => null, 51*a1a3b679SAndreas Boehler ), 52*a1a3b679SAndreas Boehler '{DAV:}read' => array( 53*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 54*a1a3b679SAndreas Boehler 'abstract' => false, 55*a1a3b679SAndreas Boehler 'aggregates' => array( 56*a1a3b679SAndreas Boehler '{DAV:}read-acl', 57*a1a3b679SAndreas Boehler '{DAV:}read-current-user-privilege-set', 58*a1a3b679SAndreas Boehler ), 59*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}read', 60*a1a3b679SAndreas Boehler ), 61*a1a3b679SAndreas Boehler '{DAV:}read-acl' => array( 62*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read-acl', 63*a1a3b679SAndreas Boehler 'abstract' => false, 64*a1a3b679SAndreas Boehler 'aggregates' => array(), 65*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}read-acl', 66*a1a3b679SAndreas Boehler ), 67*a1a3b679SAndreas Boehler '{DAV:}read-current-user-privilege-set' => array( 68*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read-current-user-privilege-set', 69*a1a3b679SAndreas Boehler 'abstract' => false, 70*a1a3b679SAndreas Boehler 'aggregates' => array(), 71*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}read-current-user-privilege-set', 72*a1a3b679SAndreas Boehler ), 73*a1a3b679SAndreas Boehler '{DAV:}write' => array( 74*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write', 75*a1a3b679SAndreas Boehler 'abstract' => false, 76*a1a3b679SAndreas Boehler 'aggregates' => array( 77*a1a3b679SAndreas Boehler '{DAV:}write-acl', 78*a1a3b679SAndreas Boehler '{DAV:}write-properties', 79*a1a3b679SAndreas Boehler '{DAV:}write-content', 80*a1a3b679SAndreas Boehler '{DAV:}bind', 81*a1a3b679SAndreas Boehler '{DAV:}unbind', 82*a1a3b679SAndreas Boehler '{DAV:}unlock', 83*a1a3b679SAndreas Boehler ), 84*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}write', 85*a1a3b679SAndreas Boehler ), 86*a1a3b679SAndreas Boehler '{DAV:}write-acl' => array( 87*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write-acl', 88*a1a3b679SAndreas Boehler 'abstract' => false, 89*a1a3b679SAndreas Boehler 'aggregates' => array(), 90*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}write-acl', 91*a1a3b679SAndreas Boehler ), 92*a1a3b679SAndreas Boehler '{DAV:}write-properties' => array( 93*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write-properties', 94*a1a3b679SAndreas Boehler 'abstract' => false, 95*a1a3b679SAndreas Boehler 'aggregates' => array(), 96*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}write-properties', 97*a1a3b679SAndreas Boehler ), 98*a1a3b679SAndreas Boehler '{DAV:}write-content' => array( 99*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write-content', 100*a1a3b679SAndreas Boehler 'abstract' => false, 101*a1a3b679SAndreas Boehler 'aggregates' => array(), 102*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}write-content', 103*a1a3b679SAndreas Boehler ), 104*a1a3b679SAndreas Boehler '{DAV:}unlock' => array( 105*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}unlock', 106*a1a3b679SAndreas Boehler 'abstract' => false, 107*a1a3b679SAndreas Boehler 'aggregates' => array(), 108*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}unlock', 109*a1a3b679SAndreas Boehler ), 110*a1a3b679SAndreas Boehler '{DAV:}bind' => array( 111*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}bind', 112*a1a3b679SAndreas Boehler 'abstract' => false, 113*a1a3b679SAndreas Boehler 'aggregates' => array(), 114*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}bind', 115*a1a3b679SAndreas Boehler ), 116*a1a3b679SAndreas Boehler '{DAV:}unbind' => array( 117*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}unbind', 118*a1a3b679SAndreas Boehler 'abstract' => false, 119*a1a3b679SAndreas Boehler 'aggregates' => array(), 120*a1a3b679SAndreas Boehler 'concrete' => '{DAV:}unbind', 121*a1a3b679SAndreas Boehler ), 122*a1a3b679SAndreas Boehler 123*a1a3b679SAndreas Boehler ); 124*a1a3b679SAndreas Boehler 125*a1a3b679SAndreas Boehler $plugin = new Plugin(); 126*a1a3b679SAndreas Boehler $server = new DAV\Server(); 127*a1a3b679SAndreas Boehler $server->addPlugin($plugin); 128*a1a3b679SAndreas Boehler $this->assertEquals($expected, $plugin->getFlatPrivilegeSet('')); 129*a1a3b679SAndreas Boehler 130*a1a3b679SAndreas Boehler } 131*a1a3b679SAndreas Boehler 132*a1a3b679SAndreas Boehler function testCurrentUserPrincipalsNotLoggedIn() { 133*a1a3b679SAndreas Boehler 134*a1a3b679SAndreas Boehler $acl = new Plugin(); 135*a1a3b679SAndreas Boehler $server = new DAV\Server(); 136*a1a3b679SAndreas Boehler $server->addPlugin($acl); 137*a1a3b679SAndreas Boehler 138*a1a3b679SAndreas Boehler $this->assertEquals(array(),$acl->getCurrentUserPrincipals()); 139*a1a3b679SAndreas Boehler 140*a1a3b679SAndreas Boehler } 141*a1a3b679SAndreas Boehler 142*a1a3b679SAndreas Boehler function testCurrentUserPrincipalsSimple() { 143*a1a3b679SAndreas Boehler 144*a1a3b679SAndreas Boehler $tree = array( 145*a1a3b679SAndreas Boehler 146*a1a3b679SAndreas Boehler new DAV\SimpleCollection('principals', array( 147*a1a3b679SAndreas Boehler new MockPrincipal('admin','principals/admin'), 148*a1a3b679SAndreas Boehler )) 149*a1a3b679SAndreas Boehler 150*a1a3b679SAndreas Boehler ); 151*a1a3b679SAndreas Boehler 152*a1a3b679SAndreas Boehler $acl = new Plugin(); 153*a1a3b679SAndreas Boehler $server = new DAV\Server($tree); 154*a1a3b679SAndreas Boehler $server->addPlugin($acl); 155*a1a3b679SAndreas Boehler 156*a1a3b679SAndreas Boehler $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 157*a1a3b679SAndreas Boehler $server->addPlugin($auth); 158*a1a3b679SAndreas Boehler 159*a1a3b679SAndreas Boehler //forcing login 160*a1a3b679SAndreas Boehler $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 161*a1a3b679SAndreas Boehler 162*a1a3b679SAndreas Boehler $this->assertEquals(array('principals/admin'),$acl->getCurrentUserPrincipals()); 163*a1a3b679SAndreas Boehler 164*a1a3b679SAndreas Boehler } 165*a1a3b679SAndreas Boehler 166*a1a3b679SAndreas Boehler function testCurrentUserPrincipalsGroups() { 167*a1a3b679SAndreas Boehler 168*a1a3b679SAndreas Boehler $tree = array( 169*a1a3b679SAndreas Boehler 170*a1a3b679SAndreas Boehler new DAV\SimpleCollection('principals', array( 171*a1a3b679SAndreas Boehler new MockPrincipal('admin','principals/admin',array('principals/administrators', 'principals/everyone')), 172*a1a3b679SAndreas Boehler new MockPrincipal('administrators','principals/administrators',array('principals/groups'), array('principals/admin')), 173*a1a3b679SAndreas Boehler new MockPrincipal('everyone','principals/everyone',array(), array('principals/admin')), 174*a1a3b679SAndreas Boehler new MockPrincipal('groups','principals/groups',array(), array('principals/administrators')), 175*a1a3b679SAndreas Boehler )) 176*a1a3b679SAndreas Boehler 177*a1a3b679SAndreas Boehler ); 178*a1a3b679SAndreas Boehler 179*a1a3b679SAndreas Boehler $acl = new Plugin(); 180*a1a3b679SAndreas Boehler $server = new DAV\Server($tree); 181*a1a3b679SAndreas Boehler $server->addPlugin($acl); 182*a1a3b679SAndreas Boehler 183*a1a3b679SAndreas Boehler $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 184*a1a3b679SAndreas Boehler $server->addPlugin($auth); 185*a1a3b679SAndreas Boehler 186*a1a3b679SAndreas Boehler //forcing login 187*a1a3b679SAndreas Boehler $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 188*a1a3b679SAndreas Boehler 189*a1a3b679SAndreas Boehler $expected = array( 190*a1a3b679SAndreas Boehler 'principals/admin', 191*a1a3b679SAndreas Boehler 'principals/administrators', 192*a1a3b679SAndreas Boehler 'principals/everyone', 193*a1a3b679SAndreas Boehler 'principals/groups', 194*a1a3b679SAndreas Boehler ); 195*a1a3b679SAndreas Boehler 196*a1a3b679SAndreas Boehler $this->assertEquals($expected,$acl->getCurrentUserPrincipals()); 197*a1a3b679SAndreas Boehler 198*a1a3b679SAndreas Boehler // The second one should trigger the cache and be identical 199*a1a3b679SAndreas Boehler $this->assertEquals($expected,$acl->getCurrentUserPrincipals()); 200*a1a3b679SAndreas Boehler 201*a1a3b679SAndreas Boehler } 202*a1a3b679SAndreas Boehler 203*a1a3b679SAndreas Boehler function testGetACL() { 204*a1a3b679SAndreas Boehler 205*a1a3b679SAndreas Boehler $acl = array( 206*a1a3b679SAndreas Boehler array( 207*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 208*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 209*a1a3b679SAndreas Boehler ), 210*a1a3b679SAndreas Boehler array( 211*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 212*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write', 213*a1a3b679SAndreas Boehler ), 214*a1a3b679SAndreas Boehler ); 215*a1a3b679SAndreas Boehler 216*a1a3b679SAndreas Boehler 217*a1a3b679SAndreas Boehler $tree = array( 218*a1a3b679SAndreas Boehler new MockACLNode('foo',$acl), 219*a1a3b679SAndreas Boehler ); 220*a1a3b679SAndreas Boehler 221*a1a3b679SAndreas Boehler $server = new DAV\Server($tree); 222*a1a3b679SAndreas Boehler $aclPlugin = new Plugin(); 223*a1a3b679SAndreas Boehler $server->addPlugin($aclPlugin); 224*a1a3b679SAndreas Boehler 225*a1a3b679SAndreas Boehler $this->assertEquals($acl,$aclPlugin->getACL('foo')); 226*a1a3b679SAndreas Boehler 227*a1a3b679SAndreas Boehler } 228*a1a3b679SAndreas Boehler 229*a1a3b679SAndreas Boehler function testGetCurrentUserPrivilegeSet() { 230*a1a3b679SAndreas Boehler 231*a1a3b679SAndreas Boehler $acl = array( 232*a1a3b679SAndreas Boehler array( 233*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 234*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 235*a1a3b679SAndreas Boehler ), 236*a1a3b679SAndreas Boehler array( 237*a1a3b679SAndreas Boehler 'principal' => 'principals/user1', 238*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 239*a1a3b679SAndreas Boehler ), 240*a1a3b679SAndreas Boehler array( 241*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 242*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write', 243*a1a3b679SAndreas Boehler ), 244*a1a3b679SAndreas Boehler ); 245*a1a3b679SAndreas Boehler 246*a1a3b679SAndreas Boehler 247*a1a3b679SAndreas Boehler $tree = array( 248*a1a3b679SAndreas Boehler new MockACLNode('foo',$acl), 249*a1a3b679SAndreas Boehler 250*a1a3b679SAndreas Boehler new DAV\SimpleCollection('principals', array( 251*a1a3b679SAndreas Boehler new MockPrincipal('admin','principals/admin'), 252*a1a3b679SAndreas Boehler )), 253*a1a3b679SAndreas Boehler 254*a1a3b679SAndreas Boehler ); 255*a1a3b679SAndreas Boehler 256*a1a3b679SAndreas Boehler $server = new DAV\Server($tree); 257*a1a3b679SAndreas Boehler $aclPlugin = new Plugin(); 258*a1a3b679SAndreas Boehler $server->addPlugin($aclPlugin); 259*a1a3b679SAndreas Boehler 260*a1a3b679SAndreas Boehler $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 261*a1a3b679SAndreas Boehler $server->addPlugin($auth); 262*a1a3b679SAndreas Boehler 263*a1a3b679SAndreas Boehler //forcing login 264*a1a3b679SAndreas Boehler $auth->beforeMethod(new HTTP\Request(), new HTTP\Response()); 265*a1a3b679SAndreas Boehler 266*a1a3b679SAndreas Boehler $expected = array( 267*a1a3b679SAndreas Boehler '{DAV:}write', 268*a1a3b679SAndreas Boehler '{DAV:}write-acl', 269*a1a3b679SAndreas Boehler '{DAV:}write-properties', 270*a1a3b679SAndreas Boehler '{DAV:}write-content', 271*a1a3b679SAndreas Boehler '{DAV:}bind', 272*a1a3b679SAndreas Boehler '{DAV:}unbind', 273*a1a3b679SAndreas Boehler '{DAV:}unlock', 274*a1a3b679SAndreas Boehler '{DAV:}read', 275*a1a3b679SAndreas Boehler '{DAV:}read-acl', 276*a1a3b679SAndreas Boehler '{DAV:}read-current-user-privilege-set', 277*a1a3b679SAndreas Boehler ); 278*a1a3b679SAndreas Boehler 279*a1a3b679SAndreas Boehler $this->assertEquals($expected,$aclPlugin->getCurrentUserPrivilegeSet('foo')); 280*a1a3b679SAndreas Boehler 281*a1a3b679SAndreas Boehler } 282*a1a3b679SAndreas Boehler 283*a1a3b679SAndreas Boehler function testCheckPrivileges() { 284*a1a3b679SAndreas Boehler 285*a1a3b679SAndreas Boehler $acl = array( 286*a1a3b679SAndreas Boehler array( 287*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 288*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 289*a1a3b679SAndreas Boehler ), 290*a1a3b679SAndreas Boehler array( 291*a1a3b679SAndreas Boehler 'principal' => 'principals/user1', 292*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}read', 293*a1a3b679SAndreas Boehler ), 294*a1a3b679SAndreas Boehler array( 295*a1a3b679SAndreas Boehler 'principal' => 'principals/admin', 296*a1a3b679SAndreas Boehler 'privilege' => '{DAV:}write', 297*a1a3b679SAndreas Boehler ), 298*a1a3b679SAndreas Boehler ); 299*a1a3b679SAndreas Boehler 300*a1a3b679SAndreas Boehler 301*a1a3b679SAndreas Boehler $tree = array( 302*a1a3b679SAndreas Boehler new MockACLNode('foo',$acl), 303*a1a3b679SAndreas Boehler 304*a1a3b679SAndreas Boehler new DAV\SimpleCollection('principals', array( 305*a1a3b679SAndreas Boehler new MockPrincipal('admin','principals/admin'), 306*a1a3b679SAndreas Boehler )), 307*a1a3b679SAndreas Boehler 308*a1a3b679SAndreas Boehler ); 309*a1a3b679SAndreas Boehler 310*a1a3b679SAndreas Boehler $server = new DAV\Server($tree); 311*a1a3b679SAndreas Boehler $aclPlugin = new Plugin(); 312*a1a3b679SAndreas Boehler $server->addPlugin($aclPlugin); 313*a1a3b679SAndreas Boehler 314*a1a3b679SAndreas Boehler $auth = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock(),'SabreDAV'); 315*a1a3b679SAndreas Boehler $server->addPlugin($auth); 316*a1a3b679SAndreas Boehler 317*a1a3b679SAndreas Boehler //forcing login 318*a1a3b679SAndreas Boehler //$auth->beforeMethod('GET','/'); 319*a1a3b679SAndreas Boehler 320*a1a3b679SAndreas Boehler $this->assertFalse($aclPlugin->checkPrivileges('foo', array('{DAV:}read'), Plugin::R_PARENT, false)); 321*a1a3b679SAndreas Boehler 322*a1a3b679SAndreas Boehler } 323*a1a3b679SAndreas Boehler} 324*a1a3b679SAndreas Boehler 325*a1a3b679SAndreas Boehler 326*a1a3b679SAndreas Boehler 327*a1a3b679SAndreas Boehler 328