2017-09-19 22:36:16 +05:30
|
|
|
<?php
|
2019-08-01 22:28:18 +05:30
|
|
|
declare(strict_types=1);
|
|
|
|
|
2019-08-02 05:59:20 +05:30
|
|
|
namespace api\tests\unit\rbac\rules;
|
2017-09-19 22:36:16 +05:30
|
|
|
|
|
|
|
use api\components\User\IdentityInterface;
|
2019-08-02 05:59:20 +05:30
|
|
|
use api\rbac\rules\AccountOwner;
|
2017-09-19 22:36:16 +05:30
|
|
|
use common\models\Account;
|
2019-02-21 01:28:52 +05:30
|
|
|
use common\tests\unit\TestCase;
|
2019-08-02 18:27:17 +05:30
|
|
|
use InvalidArgumentException;
|
2017-09-19 22:36:16 +05:30
|
|
|
use Yii;
|
|
|
|
use yii\rbac\Item;
|
|
|
|
use const common\LATEST_RULES_VERSION;
|
|
|
|
|
|
|
|
class AccountOwnerTest extends TestCase {
|
|
|
|
|
2024-12-02 15:40:55 +05:30
|
|
|
public function testExecute(): void {
|
2017-09-19 22:36:16 +05:30
|
|
|
$rule = new AccountOwner();
|
|
|
|
$item = new Item();
|
|
|
|
|
2019-08-02 05:59:20 +05:30
|
|
|
// Identity is null
|
|
|
|
$this->assertFalse($rule->execute('some token', $item, ['accountId' => 123]));
|
|
|
|
|
|
|
|
// Identity presented, but have no account
|
2019-12-14 02:46:05 +05:30
|
|
|
$identity = $this->createMock(IdentityInterface::class);
|
|
|
|
$identity->method('getAccount')->willReturn(null);
|
2019-08-02 05:59:20 +05:30
|
|
|
Yii::$app->user->setIdentity($identity);
|
|
|
|
|
|
|
|
$this->assertFalse($rule->execute('some token', $item, ['accountId' => 123]));
|
|
|
|
|
|
|
|
// Identity has an account
|
2017-09-19 22:36:16 +05:30
|
|
|
$account = new Account();
|
|
|
|
$account->id = 1;
|
|
|
|
$account->status = Account::STATUS_ACTIVE;
|
|
|
|
$account->rules_agreement_version = LATEST_RULES_VERSION;
|
|
|
|
|
2019-12-14 02:46:05 +05:30
|
|
|
$identity = $this->createMock(IdentityInterface::class);
|
|
|
|
$identity->method('getAccount')->willReturn($account);
|
2017-09-19 22:36:16 +05:30
|
|
|
|
2019-08-02 05:59:20 +05:30
|
|
|
Yii::$app->user->setIdentity($identity);
|
2017-09-19 22:36:16 +05:30
|
|
|
|
2020-06-12 02:57:02 +05:30
|
|
|
// Assert that account id matches
|
2017-09-19 22:36:16 +05:30
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => 2]));
|
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => '2']));
|
|
|
|
$this->assertTrue($rule->execute('token', $item, ['accountId' => 1]));
|
|
|
|
$this->assertTrue($rule->execute('token', $item, ['accountId' => '1']));
|
2020-06-12 02:57:02 +05:30
|
|
|
|
|
|
|
// Check accepted latest rules
|
2017-09-19 22:36:16 +05:30
|
|
|
$account->rules_agreement_version = null;
|
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => 1]));
|
|
|
|
$this->assertTrue($rule->execute('token', $item, ['accountId' => 1, 'optionalRules' => true]));
|
|
|
|
$account->rules_agreement_version = LATEST_RULES_VERSION;
|
2020-06-12 02:57:02 +05:30
|
|
|
$this->assertTrue($rule->execute('token', $item, ['accountId' => 1]));
|
|
|
|
|
|
|
|
// Check deleted account behavior
|
|
|
|
$account->status = Account::STATUS_DELETED;
|
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => 1]));
|
|
|
|
$this->assertTrue($rule->execute('token', $item, ['accountId' => 1, 'allowDeleted' => true]));
|
|
|
|
|
|
|
|
// Banned account should always be not allowed
|
2017-09-19 22:36:16 +05:30
|
|
|
$account->status = Account::STATUS_BANNED;
|
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => 1]));
|
|
|
|
$this->assertFalse($rule->execute('token', $item, ['accountId' => 1, 'optionalRules' => true]));
|
|
|
|
}
|
|
|
|
|
2024-12-02 15:40:55 +05:30
|
|
|
public function testExecuteWithoutAccountId(): void {
|
2019-08-02 18:27:17 +05:30
|
|
|
$this->expectException(InvalidArgumentException::class);
|
|
|
|
|
2019-08-02 05:59:20 +05:30
|
|
|
$rule = new AccountOwner();
|
|
|
|
$this->assertFalse($rule->execute('token', new Item(), []));
|
|
|
|
}
|
|
|
|
|
2017-09-19 22:36:16 +05:30
|
|
|
}
|