Commit | Line | Data |
b3c995e9 |
1 | #!perl |
2 | |
3 | use strict; |
4 | use warnings; |
5 | use DBI; |
6 | use File::Path; |
7 | use FindBin; |
8 | use Test::More; |
9 | use lib "$FindBin::Bin/lib"; |
10 | |
11 | BEGIN { |
12 | eval { require DBD::SQLite } |
13 | or plan skip_all => |
14 | "DBD::SQLite is required for this test"; |
15 | |
16 | eval { require Catalyst::Plugin::Authorization::Roles } |
17 | or plan skip_all => |
18 | "Catalyst::Plugin::Authorization::Roles is required for this test"; |
19 | |
20 | plan tests => 29; |
21 | |
22 | use TestApp; |
23 | TestApp->config( { |
24 | name => 'TestApp', |
25 | authentication => { |
26 | default_realm => "users", |
27 | realms => { |
28 | users => { |
29 | credential => { |
30 | 'class' => "Password", |
31 | 'password_field' => 'password', |
32 | 'password_type' => 'clear' |
33 | }, |
34 | store => { |
35 | 'class' => 'DBIx::Class', |
36 | 'user_model' => 'TestApp::User', |
37 | 'role_column' => 'role_text', |
38 | 'check_roles' => 't_check_roles', |
39 | 'check_roles_any' => 't_check_roles_any' |
40 | }, |
41 | }, |
42 | }, |
43 | }, |
44 | } ); |
45 | |
46 | TestApp->setup( |
47 | qw/Authentication |
48 | Authorization::Roles |
49 | / |
50 | ); |
51 | } |
52 | |
53 | use Catalyst::Test 'TestApp'; |
54 | |
55 | # test user's admin access |
56 | { |
57 | ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin'), 'request ok' ); |
58 | is( $res->content, 'ok', 'user is an admin' ); |
59 | } |
60 | |
61 | # test unauthorized user's admin access |
62 | { |
63 | ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin'), 'request ok' ); |
64 | is( $res->content, 'failed', 'user is not an admin' ); |
65 | } |
66 | |
67 | # test multiple auth roles |
68 | { |
69 | ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin_user'), 'request ok' ); |
70 | is( $res->content, 'ok', 'user is an admin and a user' ); |
71 | } |
72 | |
73 | # test multiple unauth roles |
74 | { |
75 | ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin_user'), 'request ok' ); |
76 | is( $res->content, 'failed', 'user is not an admin and a user' ); |
77 | } |
78 | |
79 | # test assert_any_user_role |
80 | { |
81 | ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_any_admin_user'), 'request ok' ); |
82 | is( $res->content, 'ok', 'user is user' ); |
83 | is ( my @roles = $c->user->roles, 1, 'only 1 role' ); |
84 | is ( $roles[0], 'admin', 'role is admin' ); |
85 | } |
86 | |
87 | # test assert_any_user_role |
88 | { |
89 | ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=nuffin&password=much&detach=is_any_admin_user'), 'request ok' ); |
90 | is( $res->content, 'ok', 'user is user and an admin' ); |
91 | is ( my @roles = $c->user->roles, 2, '2 roles' ); |
92 | is ( $roles[0], 'user', 'role is user' ); |
93 | is ( $roles[1], 'admin', 'role is admin' ); |
94 | } |
95 | |
96 | # test superuser role override |
97 | { |
98 | ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_admin_user'), 'request ok' ); |
99 | is( $res->content, 'ok', 'superuser role is all roles' ); |
100 | is ( my @roles = $c->user->roles, 1, 'only 1 role' ); |
101 | is ( $roles[0], 'superadmin', 'role is user' ); |
102 | } |
103 | |
104 | # test superuser role override none existant roles |
105 | { |
106 | ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_nonexistant_roles'), 'request ok' ); |
107 | is( $res->content, 'ok', 'superuser role is all roles' ); |
108 | is ( my @roles = $c->user->roles, 1, 'only 1 role' ); |
109 | is ( $roles[0], 'superadmin', 'role is user' ); |
110 | } |
111 | |
112 | # test superuser role override any none existant roles |
113 | { |
114 | ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_any_nonexistant_role'), 'request ok' ); |
115 | is( $res->content, 'ok', 'superuser role is all roles' ); |
116 | is ( my @roles = $c->user->roles, 1, 'only 1 role' ); |
117 | is ( $roles[0], 'superadmin', 'role is user' ); |
118 | } |