|
15 | 15 |
|
16 | 16 | use ApiPlatform\Metadata\ApiResource; |
17 | 17 | use ApiPlatform\Metadata\Get; |
| 18 | +use ApiPlatform\Metadata\GetCollection; |
| 19 | +use ApiPlatform\Metadata\Link; |
18 | 20 | use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface; |
19 | 21 | use ApiPlatform\Metadata\Resource\ResourceMetadataCollection; |
20 | 22 | use ApiPlatform\Symfony\EventListener\DenyAccessListener; |
@@ -140,6 +142,92 @@ public function testSecurityMessage(): void |
140 | 142 | $listener->onSecurity($event); |
141 | 143 | } |
142 | 144 |
|
| 145 | + public function testIsGrantedLink(): void |
| 146 | + { |
| 147 | + $request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get_collection']); |
| 148 | + |
| 149 | + $eventProphecy = $this->prophesize(RequestEvent::class); |
| 150 | + $eventProphecy->getRequest()->willReturn($request)->shouldBeCalled(); |
| 151 | + $event = $eventProphecy->reveal(); |
| 152 | + |
| 153 | + $resourceMetadataFactoryProphecy = $this->prophesize(ResourceMetadataCollectionFactoryInterface::class); |
| 154 | + $resourceMetadataFactoryProphecy->create('Foo')->shouldBeCalled()->willReturn(new ResourceMetadataCollection('Foo', [ |
| 155 | + new ApiResource( |
| 156 | + uriTemplate: '/bars/{barId}/foos', |
| 157 | + operations: [ |
| 158 | + 'get_collection' => new GetCollection(uriVariables: [ |
| 159 | + 'barId' => new Link(toProperty: 'bar', fromClass: 'Bar', security: 'is_granted("some_voter", "bar")'), |
| 160 | + ], ), |
| 161 | + ], |
| 162 | + ), |
| 163 | + ])); |
| 164 | + |
| 165 | + $resourceAccessCheckerProphecy = $this->prophesize(ResourceAccessCheckerInterface::class); |
| 166 | + $resourceAccessCheckerProphecy->isGranted('Bar', 'is_granted("some_voter", "bar")', Argument::type('array'))->willReturn(true)->shouldBeCalled(); |
| 167 | + |
| 168 | + $listener = $this->getListener($resourceMetadataFactoryProphecy->reveal(), $resourceAccessCheckerProphecy->reveal()); |
| 169 | + $listener->onSecurity($event); |
| 170 | + } |
| 171 | + |
| 172 | + public function testIsNotGrantedLink(): void |
| 173 | + { |
| 174 | + $this->expectException(AccessDeniedException::class); |
| 175 | + |
| 176 | + $request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get_collection']); |
| 177 | + |
| 178 | + $eventProphecy = $this->prophesize(RequestEvent::class); |
| 179 | + $eventProphecy->getRequest()->willReturn($request)->shouldBeCalled(); |
| 180 | + $event = $eventProphecy->reveal(); |
| 181 | + |
| 182 | + $resourceMetadataFactoryProphecy = $this->prophesize(ResourceMetadataCollectionFactoryInterface::class); |
| 183 | + $resourceMetadataFactoryProphecy->create('Foo')->shouldBeCalled()->willReturn(new ResourceMetadataCollection('Foo', [ |
| 184 | + new ApiResource( |
| 185 | + uriTemplate: '/bars/{barId}/foos', |
| 186 | + operations: [ |
| 187 | + 'get_collection' => new GetCollection(uriVariables: [ |
| 188 | + 'barId' => new Link(toProperty: 'bar', fromClass: 'Bar', security: 'is_granted("some_voter", "bar")'), |
| 189 | + ], ), |
| 190 | + ], |
| 191 | + ), |
| 192 | + ])); |
| 193 | + |
| 194 | + $resourceAccessCheckerProphecy = $this->prophesize(ResourceAccessCheckerInterface::class); |
| 195 | + $resourceAccessCheckerProphecy->isGranted('Bar', 'is_granted("some_voter", "bar")', Argument::type('array'))->willReturn(false)->shouldBeCalled(); |
| 196 | + |
| 197 | + $listener = $this->getListener($resourceMetadataFactoryProphecy->reveal(), $resourceAccessCheckerProphecy->reveal()); |
| 198 | + $listener->onSecurity($event); |
| 199 | + } |
| 200 | + |
| 201 | + public function testSecurityMessageLink(): void |
| 202 | + { |
| 203 | + $this->expectException(AccessDeniedException::class); |
| 204 | + $this->expectExceptionMessage('You are not admin.'); |
| 205 | + |
| 206 | + $request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get_collection']); |
| 207 | + |
| 208 | + $eventProphecy = $this->prophesize(RequestEvent::class); |
| 209 | + $eventProphecy->getRequest()->willReturn($request)->shouldBeCalled(); |
| 210 | + $event = $eventProphecy->reveal(); |
| 211 | + |
| 212 | + $resourceMetadataFactoryProphecy = $this->prophesize(ResourceMetadataCollectionFactoryInterface::class); |
| 213 | + $resourceMetadataFactoryProphecy->create('Foo')->shouldBeCalled()->willReturn(new ResourceMetadataCollection('Foo', [ |
| 214 | + new ApiResource( |
| 215 | + uriTemplate: '/bars/{barId}/foos', |
| 216 | + operations: [ |
| 217 | + 'get_collection' => new GetCollection(uriVariables: [ |
| 218 | + 'barId' => new Link(toProperty: 'bar', fromClass: 'Bar', security: 'is_granted("some_voter", "bar")', securityMessage: 'You are not admin.'), |
| 219 | + ], ), |
| 220 | + ], |
| 221 | + ), |
| 222 | + ])); |
| 223 | + |
| 224 | + $resourceAccessCheckerProphecy = $this->prophesize(ResourceAccessCheckerInterface::class); |
| 225 | + $resourceAccessCheckerProphecy->isGranted('Bar', 'is_granted("some_voter", "bar")', Argument::type('array'))->willReturn(false)->shouldBeCalled(); |
| 226 | + |
| 227 | + $listener = $this->getListener($resourceMetadataFactoryProphecy->reveal(), $resourceAccessCheckerProphecy->reveal()); |
| 228 | + $listener->onSecurity($event); |
| 229 | + } |
| 230 | + |
143 | 231 | public function testSecurityComponentNotAvailable(): void |
144 | 232 | { |
145 | 233 | $request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get']); |
|
0 commit comments