<?php
/*
* This file is part of the Silex framework.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* This source file is subject to the MIT license that is bundled
* with this source code in the file LICENSE.
*/
namespace Silex\Tests\Route;
use PHPUnit\Framework\TestCase;
use Silex\Application;
use Silex\Provider\SecurityServiceProvider;
use Symfony\Component\HttpFoundation\Request;
/**
* SecurityTrait test cases.
*
* @author Fabien Potencier <fabien@symfony.com>
*/
class SecurityTraitTest extends TestCase
{
public function testSecureWithNoAuthenticatedUser()
{
$app = $this->createApplication();
$app->get('/', function () { return 'foo'; })
->secure('ROLE_ADMIN')
;
$request = Request::create('/');
$response = $app->handle($request);
$this->assertEquals(401, $response->getStatusCode());
}
public function testSecureWithAuthorizedRoles()
{
$app = $this->createApplication();
$app->get('/', function () { return 'foo'; })
->secure('ROLE_ADMIN')
;
$request = Request::create('/');
$request->headers->set('PHP_AUTH_USER', 'fabien');
$request->headers->set('PHP_AUTH_PW', 'foo');
$response = $app->handle($request);
$this->assertEquals(200, $response->getStatusCode());
}
public function testSecureWithUnauthorizedRoles()
{
$app = $this->createApplication();
$app->get('/', function () { return 'foo'; })
->secure('ROLE_SUPER_ADMIN')
;
$request = Request::create('/');
$request->headers->set('PHP_AUTH_USER', 'fabien');
$request->headers->set('PHP_AUTH_PW', 'foo');
$response = $app->handle($request);
$this->assertEquals(403, $response->getStatusCode());
}
private function createApplication()
{
$app = new Application();
$app['route_class'] = 'Silex\Tests\Route\SecurityRoute';
$app->register(new SecurityServiceProvider(), [
'security.firewalls' => [
'default' => [
'http' => true,
'users' => [
'fabien' => ['ROLE_ADMIN', '$2y$15$lzUNsTegNXvZW3qtfucV0erYBcEqWVeyOmjolB7R1uodsAVJ95vvu'],
],
],
],
]);
return $app;
}
}