File: 02-action-class.t

package info (click to toggle)
libcatalyst-actionrole-acl-perl 0.07-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 236 kB
  • sloc: perl: 1,874; makefile: 2
file content (85 lines) | stat: -rw-r--r-- 2,492 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
#!/usr/bin/env perl

use strict;
use warnings;
use Test::More tests => 21;

# setup library path
use FindBin qw($Bin);
use lib "$Bin/lib";

# make sure testapp works
BEGIN {
    use_ok('TestApp');
}

use Catalyst::Test 'TestApp';

my ($query, $resp, $user, $uid, $pwd);

my ($res, $c) = ctx_request('/');

$user = $c->user;
$user->supports(qw/roles/);


$user->id('jrandomuser');
$user->roles(qw/delete editor/);

$query = '/edit';
$resp = request($query);
ok($resp->code == 200, "fetch $query 200 OK");
is($resp->content, 'action: edit', "content correct");

$query = '/killit';
$resp = request($query);
ok($resp->code == 403, "fetch $query 403 Forbidden");
is($resp->content, 'access denied', "content correct");

$query = '/crews';
$resp = request($query);
ok($resp->code == 403, "fetch $query 403 Forbidden");
is($resp->content, 'access denied', "content correct");

# add the required role (banana) so user can visit the action
$user->roles(qw/delete editor banana/);

$query = '/crews?someparm=42';
$resp = request($query);
ok($resp->code == 200, "fetch $query 200 OK");
is($resp->content, 'action: crews', "content correct");

# /reese' ACL permits users with either 'sarah' or 'shahi' role
$query = '/reese';
$resp = request($query);
ok($resp->code == 403, "fetch $query 403 Forbidden");
is($resp->content, 'access denied', "content correct");

# add one of the AllowedRole roles (sarah) so user can visit the action
$user->roles(qw/delete editor banana sarah/);
$resp = request($query);
ok($resp->code == 200, "fetch $query 200 OK");
is($resp->content, 'action: reese', "content correct");

# remove all roles, save one of the AllowedRole roles
$user->roles('shahi');
ok($resp->code == 200, "fetch $query 200 OK");
is($resp->content, 'action: reese', "content correct");

# action requires role 'swayze' and at least one of 'actor'
# or 'guerilla'
$query = '/wolverines?attacker=spetznatz';
$resp = request($query);
ok($resp->code == 403, "fetch $query 403 Forbidden");
is($resp->content, 'access denied', "content correct");
# give user the RequiresRole role
$user->roles($user->roles, 'swayze');
# request should fail because AllowedRole still not satisfied
ok($resp->code == 403, "fetch $query 403 Forbidden");
is($resp->content, 'access denied', "content correct");
# give user one of the AllowedRoles roles
$user->roles($user->roles, 'actor');
$resp = request($query);
ok($resp->code == 200, "fetch $query 200 OK");
is($resp->content, 'action: wolverines', "content correct");