mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-10-14 10:54:50 +08:00
06868e412a
Enables automated testing of urls and redirects with querystring Adds bindings for: -Creating account with a fixed set of permissions -Login of a user -Success criteria for seeing text on a page -Success criteria for being denied access to a page --HG-- branch : dev extra : rebase_source : 66e7b33cf7a596050d27eda6351605ed86420af2
74 lines
3.2 KiB
C#
74 lines
3.2 KiB
C#
using System;
|
|
using NUnit.Framework;
|
|
using Orchard.ContentManagement;
|
|
using Orchard.ContentManagement.Aspects;
|
|
using Orchard.Core.Contents;
|
|
using Orchard.Data;
|
|
using Orchard.Roles.Models;
|
|
using Orchard.Roles.Services;
|
|
using Orchard.Security;
|
|
using Orchard.Security.Permissions;
|
|
using Orchard.Specs.Hosting.Orchard.Web;
|
|
using TechTalk.SpecFlow;
|
|
|
|
namespace Orchard.Specs.Bindings {
|
|
[Binding]
|
|
public class ContentRights : BindingBase {
|
|
|
|
[Then(@"""(.*)\"" should be able to ""(.*)\"" a ""(.*)\"" owned by ""(.*)\""")]
|
|
public void UserShouldBeAbleToForOthers(string username, string action, string contentType, string otherName) {
|
|
|
|
var webApp = Binding<WebAppHosting>();
|
|
webApp.Host.Execute(() => {
|
|
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
|
|
var memberShipService = environment.Resolve<IMembershipService>();
|
|
var athorizationService = environment.Resolve<IAuthorizationService>();
|
|
var contentManager = environment.Resolve<IContentManager>();
|
|
|
|
var contentItem = contentManager.Create(contentType);
|
|
var user = memberShipService.GetUser(username);
|
|
var otherUser = memberShipService.GetUser(otherName);
|
|
contentItem.As<ICommonPart>().Owner = otherUser;
|
|
|
|
Assert.That(athorizationService.TryCheckAccess(GetPermissionForAction(action), user, contentItem), Is.True);
|
|
}
|
|
});
|
|
}
|
|
|
|
[Then(@"""(.*)\"" should not be able to ""(.*)\"" a ""(.*)\"" owned by ""(.*)\""")]
|
|
public void UserShouldNotBeAbleToForOthers(string username, string action, string contentType, string otherName) {
|
|
|
|
var webApp = Binding<WebAppHosting>();
|
|
webApp.Host.Execute(() => {
|
|
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
|
|
var memberShipService = environment.Resolve<IMembershipService>();
|
|
var athorizationService = environment.Resolve<IAuthorizationService>();
|
|
var contentManager = environment.Resolve<IContentManager>();
|
|
|
|
var contentItem = contentManager.Create(contentType);
|
|
var user = memberShipService.GetUser(username);
|
|
var otherUser = memberShipService.GetUser(otherName);
|
|
contentItem.As<ICommonPart>().Owner = otherUser;
|
|
|
|
Assert.That(athorizationService.TryCheckAccess(GetPermissionForAction(action), user, contentItem), Is.False);
|
|
}
|
|
});
|
|
}
|
|
|
|
// returns permissions as they are used in controllers for each action
|
|
private static Permission GetPermissionForAction(string action) {
|
|
switch ( action ) {
|
|
case "publish":
|
|
return Permissions.PublishOthersContent;
|
|
case "edit":
|
|
return Permissions.EditOthersContent;
|
|
case "delete":
|
|
return Permissions.DeleteOthersContent;
|
|
default:
|
|
return null;
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|