cacert-testmgr/external/ZendFramework-1.9.5/tests/Zend/Amf/AuthTest.php

349 lines
12 KiB
PHP
Raw Normal View History

<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Amf
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @version $Id$
*/
// Call Zend_Amf_AuthTest::main() if this source file is executed directly.
if (!defined("PHPUnit_MAIN_METHOD")) {
define("PHPUnit_MAIN_METHOD", "Zend_Amf_AuthTest::main");
}
require_once 'PHPUnit/Framework/TestCase.php';
require_once dirname(__FILE__) . '/../../TestHelper.php';
require_once 'Zend/Amf/Server.php';
require_once 'Zend/Amf/Request.php';
require_once 'Zend/Amf/Parse/TypeLoader.php';
require_once 'Zend/Amf/Auth/Abstract.php';
require_once 'Zend/Amf/Value/Messaging/RemotingMessage.php';
require_once 'Zend/Session.php';
require_once 'Zend/Auth/Result.php';
require_once 'Zend/Acl.php';
require_once 'Zend/Acl/Role.php';
/**
* @category Zend
* @package Zend_Amf
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @group Zend_Amf
*/
class Zend_Amf_AuthTest extends PHPUnit_Framework_TestCase
{
/**
* Enter description here...
*
* @var Zend_Amf_Server
*/
protected $_server;
public static function main()
{
$suite = new PHPUnit_Framework_TestSuite("Zend_Amf_AuthTest");
PHPUnit_TextUI_TestRunner::run($suite);
}
public function setUp()
{
$this->_server = new Zend_Amf_Server();
$this->_server->setProduction(false);
Zend_Amf_Parse_TypeLoader::resetMap();
$this->_acl = new Zend_Acl();
}
protected function tearDown()
{
unset($this->_server);
}
protected function _addServiceCall($request, $class = 'Zend_Amf_Auth_testclass', $method = 'hello')
{
$data[] = "12345";
$this->_server->setClass($class);
$newBody = new Zend_Amf_Value_MessageBody("$class.$method","/1",$data);
$request->addAmfBody($newBody);
}
protected function _addLogin($request, $username, $password)
{
$cmdBody = new Zend_Amf_Value_MessageBody("","/1","");
$loginCmd = new Zend_Amf_Value_Messaging_CommandMessage();
$cmdBody->setData($loginCmd);
$loginCmd->operation = Zend_Amf_Value_Messaging_CommandMessage::LOGIN_OPERATION;
$loginCmd->body = "$username:$password";
$request->addAmfBody($cmdBody);
}
protected function _addLogout($request)
{
$cmdBody = new Zend_Amf_Value_MessageBody("","/1","");
$loginCmd = new Zend_Amf_Value_Messaging_CommandMessage();
$cmdBody->setData($loginCmd);
$loginCmd->operation = Zend_Amf_Value_Messaging_CommandMessage::LOGOUT_OPERATION;
$request->addAmfBody($cmdBody);
}
protected function _callService($class = 'Zend_Amf_Auth_testclass', $method = 'hello')
{
$request = new Zend_Amf_Request();
$request->setObjectEncoding(0x03);
$this->_addServiceCall($request, $class, $method);
$this->_server->handle($request);
$response = $this->_server->getResponse();
$responseBody = $response->getAmfBodies();
return $responseBody[0]->getData();
}
protected function _callServiceAuth($username, $password, $class = 'Zend_Amf_Auth_testclass', $method = 'hello')
{
$request = new Zend_Amf_Request();
$request->setObjectEncoding(0x03);
$this->_addLogin($request, $username, $password);
$this->_addServiceCall($request, $class, $method);
$this->_server->handle($request);
return $this->_server->getResponse()->getAmfBodies();
}
public function testService()
{
$resp = $this->_callService();
$this->assertContains("hello", $resp);
}
public function testUnauthenticated()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new WrongPassword());
$this->_server->setAcl($this->_acl);
$data = $this->_callService();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("not allowed", $data->faultString);
}
public function testAnonymousDenied()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new WrongPassword());
$this->_acl->addRole(new Zend_Acl_Role(Zend_Amf_Constants::GUEST_ROLE));
$this->_server->setAcl($this->_acl);
$resp = $this->_callService();
$this->assertTrue($resp instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("not allowed", $resp->faultString);
}
public function testAnonymousOK()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new WrongPassword());
$this->_acl->addRole(new Zend_Acl_Role(Zend_Amf_Constants::GUEST_ROLE));
$this->_acl->allow(Zend_Amf_Constants::GUEST_ROLE, null, null);
$this->_server->setAcl($this->_acl);
$resp = $this->_callService();
$this->assertContains("hello", $resp);
}
public function testNoUsername()
{
$this->_server->setAuth(new WrongPassword());
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("", "");
$data = $resp[0]->getData();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("username not supplied", $data->faultString);
}
public function testWrongPassword()
{
$this->_server->setAuth(new WrongPassword());
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "");
$data = $resp[0]->getData();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("Wrong Password", $data->faultString);
}
public function testRightPassword()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_acl->allow("testrole", null, null);
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "");
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$this->assertContains("hello", $resp[1]->getData());
}
// no ACL to allow access to this method
public function testNoAcl()
{
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "");
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$data = $resp[1]->getData();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("not allowed", $data->faultString);
}
// Class allows everybody to access, even though no ACL is defined
public function testNoClassAcl()
{
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "", 'Zend_Amf_Auth_testclass_NoAcl');
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$this->assertContains("hello", $resp[1]->getData());
}
// Class-defined ACL
public function testClassAclAllowed()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole2"));
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "", 'Zend_Amf_Auth_testclass_Acl');
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$this->assertContains("hello", $resp[1]->getData());
}
// Class-defined ACL
public function testClassAclDenied()
{
$this->_server->setAuth(new RightPassword("testuser", "testrole2"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole2"));
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "", 'Zend_Amf_Auth_testclass_Acl');
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$data = $resp[1]->getData();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("not allowed", $data->faultString);
}
// Class-defined ACL
public function testClassAclAllowed2()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new RightPassword("testuser", "testrole2"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole2"));
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "", 'Zend_Amf_Auth_testclass_Acl', 'hello2');
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$this->assertContains("hello", $resp[1]->getData());
}
public function testLogout()
{
Zend_Session::$_unitTestEnabled = true;
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_acl->addRole(new Zend_Acl_Role("testrole"));
$this->_acl->allow("testrole", null, null);
$this->_server->setAcl($this->_acl);
$resp = $this->_callServiceAuth("testuser", "");
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$this->assertContains("hello", $resp[1]->getData());
// After logout same request should not be allowed
$this->setUp();
$this->_server->setAuth(new RightPassword("testuser", "testrole"));
$this->_server->setAcl($this->_acl);
$request = new Zend_Amf_Request();
$request->setObjectEncoding(0x03);
$this->_addLogout($request);
$this->_addServiceCall($request);
$this->_server->handle($request);
$resp = $this->_server->getResponse()->getAmfBodies();
$this->assertTrue($resp[0]->getData() instanceof Zend_Amf_Value_Messaging_AcknowledgeMessage);
$data = $resp[1]->getData();
$this->assertTrue($data instanceof Zend_Amf_Value_Messaging_ErrorMessage);
$this->assertContains("not allowed", $data->faultString);
}
}
class WrongPassword extends Zend_Amf_Auth_Abstract
{
public function authenticate() {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID,
null,
array('Wrong Password')
);
}
}
class RightPassword extends Zend_Amf_Auth_Abstract
{
public function __construct($name, $role)
{
$this->_name = $name;
$this->_role = $role;
}
public function authenticate()
{
$id = new stdClass();
$id->role = $this->_role;
$id->name = $this->_name;
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $id);
}
}
class Zend_Amf_Auth_testclass {
function hello() {
return "hello!";
}
}
class Zend_Amf_Auth_testclass_Acl {
function hello() {
return "hello!";
}
function hello2() {
return "hello2!";
}
function initAcl(Zend_Acl $acl) {
$acl->allow("testrole", null, "hello");
$acl->allow("testrole2", null, "hello2");
return true;
}
}
class Zend_Amf_Auth_testclass_NoAcl {
function hello() {
return "hello!";
}
function initAcl() {
return false;
}
}
if (PHPUnit_MAIN_METHOD == "Zend_Amf_AuthTest::main") {
Zend_Amf_AuthTest::main();
}