[catagits/Catalyst-Authentication-Store-DBIx-Class.git] / t / 13-auth-roles-column-self_check.t

#!perl

use strict;
use warnings;
use DBI;
use File::Path;
use FindBin;
use Test::More;
use lib "$FindBin::Bin/lib";

BEGIN {
    eval { require DBD::SQLite }
        or plan skip_all =>
        "DBD::SQLite is required for this test";

    eval { require Catalyst::Plugin::Authorization::Roles }
        or plan skip_all =>
        "Catalyst::Plugin::Authorization::Roles is required for this test";

    plan tests => 29;

    use TestApp;
    TestApp->config( {
        name => 'TestApp',
        authentication => {
            default_realm => "users",
            realms => {
                users => {
                    credential => {
                        'class' => "Password",
                        'password_field' => 'password',
                        'password_type' => 'clear'
                    },
                    store => {
                        'class' => 'DBIx::Class',
                        'user_model' => 'TestApp::User',
                        'role_column' => 'role_text',
                        'check_roles'   => 't_check_roles',
                        'check_roles_any' => 't_check_roles_any'
                    },
                },
            },
        },
    } );

    TestApp->setup(
        qw/Authentication
           Authorization::Roles
           /
    );
}

use Catalyst::Test 'TestApp';

# test user's admin access
{
    ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin'), 'request ok' );
    is( $res->content, 'ok', 'user is an admin' );
}

# test unauthorized user's admin access
{
    ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin'), 'request ok' );
    is( $res->content, 'failed', 'user is not an admin' );
}

# test multiple auth roles
{
    ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is an admin and a user' );
}

# test multiple unauth roles
{
    ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'failed', 'user is not an admin and a user' );
}

# test assert_any_user_role
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_any_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is user' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'admin', 'role is admin' );
}

# test assert_any_user_role
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=nuffin&password=much&detach=is_any_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'user is user and an admin' );
    is ( my @roles = $c->user->roles, 2, '2 roles' );
    is ( $roles[0], 'user', 'role is user' );
    is ( $roles[1], 'admin', 'role is admin' );
}

# test superuser role override
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_admin_user'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}

# test superuser role override none existant roles
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_nonexistant_roles'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}

# test superuser role override any none existant roles
{
    ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_any_nonexistant_role'), 'request ok' );
    is( $res->content, 'ok', 'superuser role is all roles' );
    is ( my @roles = $c->user->roles, 1, 'only 1 role' );
    is ( $roles[0], 'superadmin', 'role is user' );
}
Commit	Line	Data
b3c995e9	1	#!perl
	2
	3	use strict;
	4	use warnings;
	5	use DBI;
	6	use File::Path;
	7	use FindBin;
	8	use Test::More;
	9	use lib "$FindBin::Bin/lib";
	10
	11	BEGIN {
	12	eval { require DBD::SQLite }
	13	or plan skip_all =>
	14	"DBD::SQLite is required for this test";
	15
	16	eval { require Catalyst::Plugin::Authorization::Roles }
	17	or plan skip_all =>
	18	"Catalyst::Plugin::Authorization::Roles is required for this test";
	19
	20	plan tests => 29;
	21
	22	use TestApp;
	23	TestApp->config( {
	24	name => 'TestApp',
	25	authentication => {
	26	default_realm => "users",
	27	realms => {
	28	users => {
	29	credential => {
	30	'class' => "Password",
	31	'password_field' => 'password',
	32	'password_type' => 'clear'
	33	},
	34	store => {
	35	'class' => 'DBIx::Class',
	36	'user_model' => 'TestApp::User',
	37	'role_column' => 'role_text',
	38	'check_roles' => 't_check_roles',
	39	'check_roles_any' => 't_check_roles_any'
	40	},
	41	},
	42	},
	43	},
	44	} );
	45
	46	TestApp->setup(
	47	qw/Authentication
	48	Authorization::Roles
	49	/
	50	);
	51	}
	52
	53	use Catalyst::Test 'TestApp';
	54
	55	# test user's admin access
	56	{
	57	ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin'), 'request ok' );
	58	is( $res->content, 'ok', 'user is an admin' );
	59	}
	60
	61	# test unauthorized user's admin access
	62	{
	63	ok( my $res = request('http://localhost/user_login?username=jayk&password=letmein&detach=is_admin'), 'request ok' );
	64	is( $res->content, 'failed', 'user is not an admin' );
65	}
66
67	# test multiple auth roles
68	{
69	ok( my $res = request('http://localhost/user_login?username=nuffin&password=much&detach=is_admin_user'), 'request ok' );
70	is( $res->content, 'ok', 'user is an admin and a user' );
71	}
72
73	# test multiple unauth roles
74	{
75	ok( my $res = request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_admin_user'), 'request ok' );
76	is( $res->content, 'failed', 'user is not an admin and a user' );
77	}
78
79	# test assert_any_user_role
80	{
81	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=joeuser&password=hackme&detach=is_any_admin_user'), 'request ok' );
82	is( $res->content, 'ok', 'user is user' );
83	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
84	is ( $roles[0], 'admin', 'role is admin' );
85	}
86
87	# test assert_any_user_role
88	{
89	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=nuffin&password=much&detach=is_any_admin_user'), 'request ok' );
90	is( $res->content, 'ok', 'user is user and an admin' );
91	is ( my @roles = $c->user->roles, 2, '2 roles' );
92	is ( $roles[0], 'user', 'role is user' );
93	is ( $roles[1], 'admin', 'role is admin' );
94	}
95
96	# test superuser role override
97	{
98	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_admin_user'), 'request ok' );
99	is( $res->content, 'ok', 'superuser role is all roles' );
100	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
101	is ( $roles[0], 'superadmin', 'role is user' );
102	}
103
104	# test superuser role override none existant roles
105	{
106	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_nonexistant_roles'), 'request ok' );
107	is( $res->content, 'ok', 'superuser role is all roles' );
108	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
109	is ( $roles[0], 'superadmin', 'role is user' );
110	}
111
112	# test superuser role override any none existant roles
113	{
114	ok( my ( $res, $c )= ctx_request('http://localhost/user_login?username=graeme&password=supersecret&detach=is_any_nonexistant_role'), 'request ok' );
115	is( $res->content, 'ok', 'superuser role is all roles' );
116	is ( my @roles = $c->user->roles, 1, 'only 1 role' );
117	is ( $roles[0], 'superadmin', 'role is user' );
118	}