2 declare(strict_types = 1);
18 use PHPUnit\Framework\MockObject\MockObject;
19 use Prophecy\Argument;
20 use Prophecy\Prophecy\ObjectProphecy;
21 use Psr\Log\NullLogger;
33 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
50 'renameFile' =>
false,
51 'deleteFile' =>
false,
54 'readFolder' =>
false,
55 'writeFolder' =>
false,
56 'copyFolder' =>
false,
57 'moveFolder' =>
false,
58 'renameFolder' =>
false,
59 'deleteFolder' =>
false,
60 'recursivedeleteFolder' => false
81 $connection = $this->prophesize(Connection::class);
82 $connection->delete(
'sys_lockedrecords', Argument::cetera())->willReturn(1);
85 $connectionPool = $this->prophesize(ConnectionPool::class);
86 $connectionPool->getConnectionForTable(Argument::cetera())->willReturn($connection->reveal());
88 GeneralUtility::addInstance(ConnectionPool::class, $connectionPool->reveal());
91 $formProtection = $this->prophesize(BackendFormProtection::class);
92 $formProtection->clean()->shouldBeCalled();
96 $formProtection->reveal()
99 $GLOBALS[
'BE_USER'] = $this->getMockBuilder(BackendUserAuthentication::class)->getMock();
102 'ses_backuserid' => 0,
104 $GLOBALS[
'BE_USER']->setLogger(
new NullLogger());
107 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
108 ->setMethods([
'dummy'])
109 ->disableOriginalConstructor()
112 $subject->setLogger(
new NullLogger());
122 'Only read permissions' => [
138 'recursivedeleteFolder' => 0,
141 'Uploading allowed' => [
157 'recursivedeleteFolder' => 0
160 'One value is enough' => [
176 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
177 ->setMethods([
'isAdmin',
'getTSConfig'])
181 ->expects($this->any())
183 ->will($this->returnValue(
false));
185 $subject->setLogger(
new NullLogger());
187 ->expects($this->any())
188 ->method(
'getTSConfig')
189 ->will($this->returnValue([
192 'default.' => $userTsConfiguration
197 $expectedPermissions = array_merge($this->defaultFilePermissions, $userTsConfiguration);
199 $expectedPermissions,
201 $value = (bool)$value;
205 $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
213 $defaultPermissions = [
219 'renameFile' =>
true,
220 'deleteFile' =>
true,
222 'readFolder' =>
true,
223 'copyFolder' =>
true,
224 'moveFolder' =>
true,
225 'renameFolder' =>
true,
226 'writeFolder' =>
true,
227 'deleteFolder' =>
true,
228 'recursivedeleteFolder' => true
232 'Overwrites given storage permissions with default permissions' => [
237 'recursivedeleteFolder' =>0
254 'recursivedeleteFolder' => 0
257 'Overwrites given storage 0 permissions with default permissions' => [
262 'recursivedeleteFolder' =>0
270 'renameFile' =>
true,
271 'deleteFile' =>
true,
273 'readFolder' =>
true,
274 'copyFolder' =>
true,
275 'moveFolder' =>
true,
276 'renameFolder' =>
true,
277 'writeFolder' =>
true,
278 'deleteFolder' =>
true,
279 'recursivedeleteFolder' => false
282 'Returns default permissions if no storage permissions are found' => [
292 'renameFile' =>
true,
293 'deleteFile' =>
true,
295 'readFolder' =>
true,
296 'copyFolder' =>
true,
297 'moveFolder' =>
true,
298 'renameFolder' =>
true,
299 'writeFolder' =>
true,
300 'deleteFolder' =>
true,
301 'recursivedeleteFolder' => true
318 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
319 ->setMethods([
'isAdmin',
'getFilePermissions',
'getTSConfig'])
321 $storageMock = $this->createMock(ResourceStorage::class);
322 $storageMock->expects($this->any())->method(
'getUid')->will($this->returnValue($storageUid));
325 ->expects($this->any())
327 ->will($this->returnValue(
false));
330 ->expects($this->any())
331 ->method(
'getFilePermissions')
332 ->will($this->returnValue($defaultPermissions));
335 ->expects($this->any())
336 ->method(
'getTSConfig')
337 ->will($this->returnValue([
341 $storageUid .
'.' => $storagePermissions
347 $this->assertEquals($expectedPermissions, $subject->getFilePermissionsForStorage($storageMock));
360 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
361 ->setMethods([
'isAdmin',
'getFilePermissions',
'getTSConfig'])
363 $storageMock = $this->createMock(ResourceStorage::class);
364 $storageMock->expects($this->any())->method(
'getUid')->will($this->returnValue($storageUid));
367 ->expects($this->any())
369 ->will($this->returnValue(
true));
372 ->expects($this->any())
373 ->method(
'getFilePermissions')
374 ->will($this->returnValue($defaultPermissions));
377 ->expects($this->any())
378 ->method(
'getTSConfig')
379 ->will($this->returnValue([
383 $storageUid .
'.' => $storagePermissions
389 $this->assertEquals($defaultPermissions, $subject->getFilePermissionsForStorage($storageMock));
403 'writeFile' =>
false,
406 'renameFile' =>
false,
407 'deleteFile' =>
false,
408 'addFolder' =>
false,
409 'readFolder' =>
false,
410 'copyFolder' =>
false,
411 'moveFolder' =>
false,
412 'renameFolder' =>
false,
413 'writeFolder' =>
false,
414 'deleteFolder' =>
false,
415 'recursivedeleteFolder' => false
418 'Standard file permissions' => [
419 'addFile,readFile,writeFile,copyFile,moveFile,renameFile,deleteFile',
426 'renameFile' =>
true,
427 'deleteFile' =>
true,
428 'addFolder' =>
false,
429 'readFolder' =>
false,
430 'copyFolder' =>
false,
431 'moveFolder' =>
false,
432 'renameFolder' =>
false,
433 'writeFolder' =>
false,
434 'deleteFolder' =>
false,
435 'recursivedeleteFolder' => false
438 'Standard folder permissions' => [
439 'addFolder,readFolder,moveFolder,renameFolder,writeFolder,deleteFolder',
443 'writeFile' =>
false,
446 'renameFile' =>
false,
447 'deleteFile' =>
false,
449 'readFolder' =>
true,
450 'writeFolder' =>
true,
451 'copyFolder' =>
false,
452 'moveFolder' =>
true,
453 'renameFolder' =>
true,
454 'deleteFolder' =>
true,
455 'recursivedeleteFolder' => false
458 'Copy folder allowed' => [
459 'readFolder,copyFolder',
463 'writeFile' =>
false,
466 'renameFile' =>
false,
467 'deleteFile' =>
false,
468 'addFolder' =>
false,
469 'readFolder' =>
true,
470 'writeFolder' =>
false,
471 'copyFolder' =>
true,
472 'moveFolder' =>
false,
473 'renameFolder' =>
false,
474 'deleteFolder' =>
false,
475 'recursivedeleteFolder' => false
478 'Copy folder and remove subfolders allowed' => [
479 'readFolder,copyFolder,recursivedeleteFolder',
483 'writeFile' =>
false,
486 'renameFile' =>
false,
487 'deleteFile' =>
false,
488 'addFolder' =>
false,
489 'readFolder' =>
true,
490 'writeFolder' =>
false,
491 'copyFolder' =>
true,
492 'moveFolder' =>
false,
493 'renameFolder' =>
false,
494 'deleteFolder' =>
false,
495 'recursivedeleteFolder' => true
512 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
513 ->setMethods([
'isAdmin',
'getTSConfig'])
517 ->expects($this->any())
519 ->will($this->returnValue(
false));
522 ->expects($this->any())
523 ->method(
'getTSConfig')
524 ->will($this->returnValue([]));
525 $subject->groupData[
'file_permissions'] = $permissionValue;
526 $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
535 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
536 ->setMethods([
'isAdmin'])
540 ->expects($this->any())
542 ->will($this->returnValue(
true));
544 $expectedPermissions = [
550 'renameFile' =>
true,
551 'deleteFile' =>
true,
553 'readFolder' =>
true,
554 'writeFolder' =>
true,
555 'copyFolder' =>
true,
556 'moveFolder' =>
true,
557 'renameFolder' =>
true,
558 'deleteFolder' =>
true,
559 'recursivedeleteFolder' => true
562 $this->assertEquals($expectedPermissions, $subject->getFilePermissions());
571 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
572 ->setMethods([
'getTSConfig'])
574 $subject->method(
'getTSConfig')->with()->willReturn([
589 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
590 ->setMethods([
'getTSConfig'])
592 $subject->method(
'getTSConfig')->with()->willReturn([
614 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
615 ->setMethods([
'getTSConfig'])
617 $subject->method(
'getTSConfig')->with()->willReturn([
619 'alertPopups' => $jsConfirmation
635 'All except "type change" and "copy/move/paste"' => [
643 'All except "other"' => [
660 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
661 ->setMethods([
'getTSConfig'])
663 $subject->method(
'getTSConfig')->with()->willReturn([
678 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
679 ->setMethods([
'getTSConfig'])
704 'for admin with groups' => [
714 ' ((`pages`.`perms_everybody` & 2 = 2) OR' .
715 ' ((`pages`.`perms_userid` = 123) AND (`pages`.`perms_user` & 2 = 2)))'
717 'for user with groups' => [
721 ' ((`pages`.`perms_everybody` & 8 = 8) OR' .
722 ' ((`pages`.`perms_userid` = 123) AND (`pages`.`perms_user` & 8 = 8))' .
723 ' OR ((`pages`.`perms_groupid` IN (1, 2)) AND (`pages`.`perms_group` & 8 = 8)))'
744 $connectionProphecy = $this->prophesize(Connection::class);
745 $connectionProphecy->getDatabasePlatform()->willReturn(
new MockPlatform());
746 $connectionProphecy->quoteIdentifier(Argument::cetera())->will(
function (
$args) {
747 return '`' . str_replace(
'.',
'`.`',
$args[0]) .
'`';
751 $queryBuilderProphecy = $this->prophesize(QueryBuilder::class);
752 $queryBuilderProphecy->expr()->willReturn(
757 $databaseProphecy = $this->prophesize(ConnectionPool::class);
758 $databaseProphecy->getQueryBuilderForTable(
'pages')->willReturn($queryBuilderProphecy->reveal());
760 GeneralUtility::makeInstance(ConnectionPool::class);
761 GeneralUtility::addInstance(ConnectionPool::class, $databaseProphecy->reveal());
765 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
766 ->setMethods([
'isAdmin'])
768 $subject->setLogger(
new NullLogger());
769 $subject->expects($this->any())
771 ->will($this->returnValue($admin));
773 $subject->user = [
'uid' => 123];
774 $subject->groupList = $groups;
776 $this->assertEquals($expected, $subject->getPagePermsClause($perms));
789 $subject = $this->getMockBuilder(BackendUserAuthentication::class)
790 ->disableOriginalConstructor()
791 ->setMethods([
'isAdmin'])
795 ->expects(self::any())
799 $subject->groupData[
'explicit_allowdeny'] =
800 'dummytable:dummyfield:explicitly_allowed_value:ALLOW,'
801 .
'dummytable:dummyfield:explicitly_denied_value:DENY';
803 $result = $subject->checkAuthMode(
'dummytable',
'dummyfield', $theValue, $authMode);
804 self::assertEquals($expectedResult, $result);
810 'explicit allow, not allowed value' => [
815 'explicit allow, allowed value' => [
816 'explicitly_allowed_value',
820 'explicit deny, not denied value' => [
825 'explicit deny, denied value' => [
826 'explicitly_denied_value',
830 'invalid value colon' => [
831 'containing:invalid:chars',
835 'invalid value comma' => [
836 'containing,invalid,chars',