Updated Authorization and added unit test
This commit is contained in:
Eldad Fux
parent
43904a7c74
commit
f44bb22f76
|
|
@ -10,7 +10,7 @@ class Authorization extends Validator
|
|||
/**
|
||||
* @var array
|
||||
*/
|
||||
static $roles = ['*'];
|
||||
static $roles = ['*' => true];
|
||||
|
||||
/**
|
||||
* @var Document
|
||||
|
|
@ -77,7 +77,7 @@ class Authorization extends Validator
|
|||
foreach ($permissions[$this->action] as $permission) {
|
||||
$permission = \str_replace(':{self}', ':'.$this->document->getId(), $permission);
|
||||
|
||||
if (\in_array($permission, self::getRoles())) {
|
||||
if (\array_key_exists($permission, self::$roles)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
@ -92,17 +92,35 @@ class Authorization extends Validator
|
|||
*
|
||||
* @return void
|
||||
*/
|
||||
public static function setRole($role): void
|
||||
public static function setRole(string $role): void
|
||||
{
|
||||
self::$roles[] = $role;
|
||||
self::$roles[$role] = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public static function getRoles()
|
||||
public static function getRoles(): array
|
||||
{
|
||||
return self::$roles;
|
||||
return \array_keys(self::$roles);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return void
|
||||
*/
|
||||
public static function cleanRoles(): void
|
||||
{
|
||||
self::$roles = [];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $role
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public static function isRole(string $role): bool
|
||||
{
|
||||
return (\array_key_exists($role, self::$roles));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
78
tests/unit/Database/Validator/AuthorizationTest.php
Normal file
78
tests/unit/Database/Validator/AuthorizationTest.php
Normal file
|
|
@ -0,0 +1,78 @@
|
|||
<?php
|
||||
|
||||
namespace Appwrite\Tests;
|
||||
|
||||
use Appwrite\Database\Document;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class AuthorizationTest extends TestCase
|
||||
{
|
||||
/**
|
||||
* @var Authorization
|
||||
*/
|
||||
protected $object = null;
|
||||
|
||||
/**
|
||||
* @var Document
|
||||
*/
|
||||
protected $document = null;
|
||||
|
||||
public function setUp(): void
|
||||
{
|
||||
$this->document = new Document([
|
||||
'$id' => uniqid(),
|
||||
'$collection' => uniqid(),
|
||||
'$permissions' => [
|
||||
'read' => ['user:123', 'team:123'],
|
||||
'write' => ['*'],
|
||||
],
|
||||
]);
|
||||
$this->object = new Authorization($this->document, 'read');
|
||||
}
|
||||
|
||||
public function tearDown(): void
|
||||
{
|
||||
}
|
||||
|
||||
public function testValues()
|
||||
{
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), false);
|
||||
|
||||
Authorization::setRole('user:456');
|
||||
Authorization::setRole('user:123');
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), true);
|
||||
|
||||
Authorization::cleanRoles();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), false);
|
||||
|
||||
Authorization::setRole('team:123');
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), true);
|
||||
|
||||
Authorization::cleanRoles();
|
||||
Authorization::disable();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), true);
|
||||
|
||||
Authorization::reset();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), false);
|
||||
|
||||
Authorization::setDefaultStatus(false);
|
||||
Authorization::disable();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), true);
|
||||
|
||||
Authorization::reset();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), true);
|
||||
|
||||
Authorization::enable();
|
||||
|
||||
$this->assertEquals($this->object->isValid($this->document->getPermissions()), false);
|
||||
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue