[catagits/Catalyst-Authentication-Store-DBIx-Class.git] / t / 12-auth-roles-relationship-self_check.t

#!perl

use strict;
use warnings;
use DBI;
use File::Path;
use FindBin;
use Test::More;
use lib "$FindBin::Bin/lib";

BEGIN {
    eval { require DBD::SQLite }
        or plan skip_all =>
        "DBD::SQLite is required for this test";

    eval { require Catalyst::Plugin::Authorization::Roles }
        or plan skip_all =>
        "Catalyst::Plugin::Authorization::Roles is required for this test";

    plan tests => 29;

    use TestApp;
    TestApp->config( {
        name => 'TestApp',
        authentication => {
            default_realm => "users",
            realms => {
                users => {
                    credential => {
                        'class' => "Password",
                        'password_field' => 'password',
                        'password_type' => 'clear'
                    },
                    store => {
                        'class' => 'DBIx::Class',
                        'user_model' => 'TestApp::User',
                        'role_relation' => 'roles',
                        'role_field' => 'role',
                        'check_roles'   => 't_check_roles',
                        'check_roles_any' => 't_check_roles_any'
                    },
                },
            },
        },
    } );

    TestApp->setup(
        qw/Authentication
           Authorization::Roles
           /
    );
}

use Catalyst::Test 'TestApp';

# test user's admin access
{
    ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin'), 'request ok' );
    is( $res->content, 'ok', 'user is an admin' );
}

# test unauthorized user's admin access
{
    ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin'), 'request ok' );
    is( $res->content, 'failed', 'user is not an admin' );
}

# test multiple auth roles
{
    ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is an admin and a user' );
}

# test multiple unauth roles
{
    ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'failed', 'user is not an admin and a user' );
}

# test assert_any_user_role
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=nuffin&password=much&detach=is_any_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is user' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'user', 'role is user' );
}

# test assert_any_user_role
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=jayk&password=letmein&detach=is_any_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is user and an admin' );
    is ( my @roles = $c->user->roles, 2, '2 roles' );
    is ( $roles[0], 'admin', 'role is user' );
    is ( $roles[1], 'user', 'role is admin' );
}

# test superuser role override
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}

# test superuser role override none existant roles
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_nonexistant_roles'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}

# test superuser role override any none existant roles
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_any_nonexistant_role'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}
Commit	Line	Data
b3c995e9	1	#!perl
	2
	3	use strict;
	4	use warnings;
	5	use DBI;
	6	use File::Path;
	7	use FindBin;
	8	use Test::More;
	9	use lib "$FindBin::Bin/lib";
	10
	11	BEGIN {
	12	eval { require DBD::SQLite }
	13	or plan skip_all =>
	14	"DBD::SQLite is required for this test";
	15
	16	eval { require Catalyst::Plugin::Authorization::Roles }
	17	or plan skip_all =>
	18	"Catalyst::Plugin::Authorization::Roles is required for this test";
	19
	20	plan tests => 29;
	21
	22	use TestApp;
	23	TestApp->config( {
	24	name => 'TestApp',
	25	authentication => {
	26	default_realm => "users",
	27	realms => {
	28	users => {
	29	credential => {
	30	'class' => "Password",
	31	'password_field' => 'password',
	32	'password_type' => 'clear'
	33	},
	34	store => {
	35	'class' => 'DBIx::Class',
	36	'user_model' => 'TestApp::User',
	37	'role_relation' => 'roles',
	38	'role_field' => 'role',
	39	'check_roles' => 't_check_roles',
	40	'check_roles_any' => 't_check_roles_any'
	41	},
	42	},
	43	},
	44	},
	45	} );
	46
	47	TestApp->setup(
	48	qw/Authentication
	49	Authorization::Roles
	50	/
	51	);
	52	}
	53
	54	use Catalyst::Test 'TestApp';
	55
	56	# test user's admin access
	57	{
	58	ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin'), 'request ok' );
	59	is( $res->content, 'ok', 'user is an admin' );
	60	}
	61
	62	# test unauthorized user's admin access
	63	{
	64	ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin'), 'request ok' );
65	is( $res->content, 'failed', 'user is not an admin' );
66	}
67
68	# test multiple auth roles
69	{
70	ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin_user'), 'request ok' );
71	is( $res->content, 'ok', 'user is an admin and a user' );
72	}
73
74	# test multiple unauth roles
75	{
76	ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin_user'), 'request ok' );
77	is( $res->content, 'failed', 'user is not an admin and a user' );
78	}
79
80	# test assert_any_user_role
81	{
82	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=nuffin&password=much&detach=is_any_admin_user'), 'request ok' );
83	is( $res->content, 'ok', 'user is user' );
84	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
85	is ( $roles[0], 'user', 'role is user' );
86	}
87
88	# test assert_any_user_role
89	{
90	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=jayk&password=letmein&detach=is_any_admin_user'), 'request ok' );
91	is( $res->content, 'ok', 'user is user and an admin' );
92	is ( my @roles = $c->user->roles, 2, '2 roles' );
93	is ( $roles[0], 'admin', 'role is user' );
94	is ( $roles[1], 'user', 'role is admin' );
95	}
96
97	# test superuser role override
98	{
99	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_admin_user'), 'request ok' );
100	is( $res->content, 'ok', 'superuser role is all roles' );
101	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
102	is ( $roles[0], 'superadmin', 'role is user' );
103	}
104
105	# test superuser role override none existant roles
106	{
107	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_nonexistant_roles'), 'request ok' );
108	is( $res->content, 'ok', 'superuser role is all roles' );
109	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
110	is ( $roles[0], 'superadmin', 'role is user' );
111	}
112
113	# test superuser role override any none existant roles
114	{
115	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=mark&password=secret&detach=is_any_nonexistant_role'), 'request ok' );
116	is( $res->content, 'ok', 'superuser role is all roles' );
117	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
118	is ( $roles[0], 'superadmin', 'role is user' );
119	}