fix: DockerSecretsResolver - don't normalize absolute paths like /var/www/html/...
Some checks failed
Deploy Application / deploy (push) Has been cancelled
Some checks failed
Deploy Application / deploy (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,146 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Tests\Unit\Framework\LiveComponents\Security;
|
||||
|
||||
require_once __DIR__ . '/TestComponents.php';
|
||||
|
||||
use App\Application\LiveComponents\Counter\CounterState;
|
||||
use App\Framework\Attributes\Execution\AttributeExecutionContext;
|
||||
use App\Framework\Core\ValueObjects\ClassName;
|
||||
use App\Framework\Core\ValueObjects\MethodName;
|
||||
use App\Framework\DI\DefaultContainer;
|
||||
use App\Framework\LiveComponents\Attributes\RequiresPermission;
|
||||
use App\Framework\LiveComponents\Contracts\LiveComponentContract;
|
||||
use App\Framework\LiveComponents\Exceptions\UnauthorizedActionException;
|
||||
use App\Framework\LiveComponents\Security\ActionAuthorizationChecker;
|
||||
use App\Framework\LiveComponents\Security\Guards\LiveComponentPermissionGuard;
|
||||
use App\Framework\LiveComponents\Security\LiveComponentContextHelper;
|
||||
use App\Framework\LiveComponents\ValueObjects\ActionParameters;
|
||||
use App\Framework\LiveComponents\ValueObjects\ComponentId;
|
||||
use App\Framework\LiveComponents\ValueObjects\ComponentRenderData;
|
||||
use PHPUnit\Framework\MockObject\MockObject;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
final class LiveComponentPermissionGuardTest extends TestCase
|
||||
{
|
||||
private LiveComponentPermissionGuard $guard;
|
||||
private ActionAuthorizationChecker&MockObject $authorizationChecker;
|
||||
private DefaultContainer $container;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->authorizationChecker = $this->createMock(ActionAuthorizationChecker::class);
|
||||
$this->container = new DefaultContainer();
|
||||
$this->container->instance(ActionAuthorizationChecker::class, $this->authorizationChecker);
|
||||
|
||||
$this->guard = new LiveComponentPermissionGuard($this->authorizationChecker);
|
||||
}
|
||||
|
||||
public function test_allows_authorized_action(): void
|
||||
{
|
||||
$component = $this->createComponent();
|
||||
$params = ActionParameters::fromArray([]);
|
||||
$context = $this->createContext($component, $params);
|
||||
$permissionAttribute = new RequiresPermission('edit_post');
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('isAuthorized')
|
||||
->with($component, 'testAction', $permissionAttribute)
|
||||
->willReturn(true);
|
||||
|
||||
// Should not throw
|
||||
$this->guard->check($context, $permissionAttribute);
|
||||
$this->assertTrue(true);
|
||||
}
|
||||
|
||||
public function test_rejects_unauthorized_action(): void
|
||||
{
|
||||
$component = $this->createComponent();
|
||||
$params = ActionParameters::fromArray([]);
|
||||
$context = $this->createContext($component, $params);
|
||||
$permissionAttribute = new RequiresPermission('edit_post');
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('isAuthorized')
|
||||
->willReturn(false);
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('isAuthenticated')
|
||||
->willReturn(true);
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('getUserPermissions')
|
||||
->willReturn(['view_post']);
|
||||
|
||||
$this->expectException(UnauthorizedActionException::class);
|
||||
|
||||
$this->guard->check($context, $permissionAttribute);
|
||||
}
|
||||
|
||||
public function test_rejects_unauthenticated_user(): void
|
||||
{
|
||||
$component = $this->createComponent();
|
||||
$params = ActionParameters::fromArray([]);
|
||||
$context = $this->createContext($component, $params);
|
||||
$permissionAttribute = new RequiresPermission('edit_post');
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('isAuthorized')
|
||||
->willReturn(false);
|
||||
|
||||
$this->authorizationChecker
|
||||
->expects($this->once())
|
||||
->method('isAuthenticated')
|
||||
->willReturn(false);
|
||||
|
||||
$this->expectException(UnauthorizedActionException::class);
|
||||
$this->expectExceptionMessage('requires authentication');
|
||||
|
||||
$this->guard->check($context, $permissionAttribute);
|
||||
}
|
||||
|
||||
public function test_rejects_context_without_live_component_data(): void
|
||||
{
|
||||
$context = AttributeExecutionContext::forMethod(
|
||||
container: $this->container,
|
||||
className: ClassName::create('TestComponent'),
|
||||
methodName: MethodName::create('testMethod')
|
||||
);
|
||||
$permissionAttribute = new RequiresPermission('edit_post');
|
||||
|
||||
$this->expectException(\RuntimeException::class);
|
||||
$this->expectExceptionMessage('LiveComponentContextData');
|
||||
|
||||
$this->guard->check($context, $permissionAttribute);
|
||||
}
|
||||
|
||||
private function createComponent(): LiveComponentContract
|
||||
{
|
||||
return new TestComponent(
|
||||
ComponentId::create('test', 'demo'),
|
||||
CounterState::empty()
|
||||
);
|
||||
}
|
||||
|
||||
private function createContext(LiveComponentContract $component, ActionParameters $params): AttributeExecutionContext
|
||||
{
|
||||
return LiveComponentContextHelper::createForAction(
|
||||
container: $this->container,
|
||||
componentClass: ClassName::create($component::class),
|
||||
actionMethod: MethodName::create('testAction'),
|
||||
componentId: $component->id,
|
||||
actionParameters: $params,
|
||||
component: $component
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user