From c33940f64a1e5b59afd700010247382f5b7b2df3 Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Mon, 12 Nov 2018 14:41:23 +0100
Subject: Moved permission checks to Authenticator class

---
 tests/Unit/Helpers/AuthenticatorTest.php | 52 ++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

(limited to 'tests/Unit/Helpers')

diff --git a/tests/Unit/Helpers/AuthenticatorTest.php b/tests/Unit/Helpers/AuthenticatorTest.php
index 2c03b968..05c7d16e 100644
--- a/tests/Unit/Helpers/AuthenticatorTest.php
+++ b/tests/Unit/Helpers/AuthenticatorTest.php
@@ -99,4 +99,56 @@ class AuthenticatorTest extends ServiceProviderTest
         UserModelImplementation::$user = null;
         $this->assertEquals($user, $auth->apiUser());
     }
+
+    /**
+     * @covers \Engelsystem\Helpers\Authenticator::can
+     */
+    public function testCan()
+    {
+        /** @var ServerRequestInterface|MockObject $request */
+        $request = $this->getMockForAbstractClass(ServerRequestInterface::class);
+        /** @var Session|MockObject $session */
+        $session = $this->createMock(Session::class);
+        /** @var UserModelImplementation|MockObject $userRepository */
+        $userRepository = new UserModelImplementation();
+        /** @var User|MockObject $user */
+        $user = $this->createMock(User::class);
+
+        $user->expects($this->once())
+            ->method('save');
+
+        $session->expects($this->exactly(2))
+            ->method('get')
+            ->with('uid')
+            ->willReturn(42);
+        $session->expects($this->once())
+            ->method('remove')
+            ->with('uid');
+
+        /** @var Authenticator|MockObject $auth */
+        $auth = $this->getMockBuilder(Authenticator::class)
+            ->setConstructorArgs([$request, $session, $userRepository])
+            ->setMethods(['getPermissionsByGroup', 'getPermissionsByUser', 'user'])
+            ->getMock();
+        $auth->expects($this->exactly(1))
+            ->method('getPermissionsByGroup')
+            ->with(-10)
+            ->willReturn([]);
+        $auth->expects($this->exactly(1))
+            ->method('getPermissionsByUser')
+            ->with($user)
+            ->willReturn(['bar']);
+        $auth->expects($this->exactly(2))
+            ->method('user')
+            ->willReturnOnConsecutiveCalls(null, $user);
+
+        // No user, no permissions
+        $this->assertFalse($auth->can('foo'));
+
+        // User exists, has permissions
+        $this->assertTrue($auth->can('bar'));
+
+        // Permissions cached
+        $this->assertTrue($auth->can('bar'));
+    }
 }
-- 
cgit v1.2.3-70-g09d2