add access denied listener tests

Author: lsmith77

Tests/Functional/AccessDeniedListenerTest.php

@@ -0,0 +1,93 @@
+<?php
+
+/*
+ * This file is part of the FOSRestBundle package.
+ *
+ * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace FOS\RestBundle\Tests\Functional;
+
+use Symfony\Component\ErrorHandler\ErrorRenderer\ErrorRendererInterface;
+
+class AccessDeniedListenerTest extends WebTestCase
+{
+    private static $client;
+
+    public static function setUpBeforeClass()
+    {
+        parent::setUpBeforeClass();
+        static::$client = static::createClient(['test_case' => 'AccessDeniedListener']);
+    }
+
+    public static function tearDownAfterClass()
+    {
+        self::deleteTmpDir('AccessDeniedListener');
+        parent::tearDownAfterClass();
+    }
+
+    protected function setUp()
+    {
+        if (!interface_exists(ErrorRendererInterface::class)) {
+            $this->markTestSkipped();
+        }
+    }
+
+    public function testBundleListenerHandlesExceptionsInRestZonesWithoutLogin()
+    {
+        static::$client->request('GET', '/api/comments');
+
+        $this->assertEquals(401, static::$client->getResponse()->getStatusCode());
+        $this->assertEquals('application/json', static::$client->getResponse()->headers->get('Content-Type'));
+    }
+
+    public function testBundleListenerHandlesExceptionsInRestZonesWithLogin()
+    {
+        $credentials = [
+            'PHP_AUTH_USER' => 'restapi',
+            'PHP_AUTH_PW' => 'secretpw',
+        ];
+
+        static::$client->request('GET', '/api/comments', [], [], $credentials);
+
+        $this->assertEquals(200, static::$client->getResponse()->getStatusCode());
+        $this->assertEquals('application/json', static::$client->getResponse()->headers->get('Content-Type'));
+    }
+
+    public function testBundleListenerHandlesExceptionsInRestZonesWrongLogin()
+    {
+        $credentials = [
+            'PHP_AUTH_USER' => 'admin',
+            'PHP_AUTH_PW' => 'secretpw',
+        ];
+
+        static::$client->request('GET', '/api/comments', [], [], $credentials);
+
+        $this->assertEquals(403, static::$client->getResponse()->getStatusCode());
+        $this->assertEquals('application/json', static::$client->getResponse()->headers->get('Content-Type'));
+    }
+
+    public function testBundleListenerHandlesExceptionsInRestZonesWithIncorrectLogin()
+    {
+        $credentials = [
+            'PHP_AUTH_USER' => 'restapi',
+            'PHP_AUTH_PW' => 'foobar',
+        ];
+
+        static::$client->request('GET', '/api/comments', [], [], $credentials);
+
+        $this->assertEquals(401, static::$client->getResponse()->getStatusCode());
+        $this->assertEquals('application/json', static::$client->getResponse()->headers->get('Content-Type'));
+    }
+
+    public function testSymfonyListenerHandlesExceptionsOutsideRestZones()
+    {
+        static::$client->request('GET', '/admin/comments');
+
+        $this->assertEquals(302, static::$client->getResponse()->getStatusCode());
+        $this->assertEquals('text/html; charset=UTF-8', static::$client->getResponse()->headers->get('Content-Type'));
+    }
+}

Tests/Functional/Bundle/TestBundle/Controller/Api/CommentController.php

@@ -19,4 +19,9 @@ public function getCommentAction($id)
     {
         return new JsonResponse(array('id' => (int) $id));
     }
+
+    public function getComments()
+    {
+        return new JsonResponse(array());
+    }
 }

Tests/Functional/Bundle/TestBundle/Controller/CommentController.php

@@ -0,0 +1,27 @@
+<?php
+
+/*
+ * This file is part of the FOSRestBundle package.
+ *
+ * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace FOS\RestBundle\Tests\Functional\Bundle\TestBundle\Controller;
+
+use Symfony\Component\HttpFoundation\Response;
+
+class CommentController
+{
+    public function getCommentAction($id)
+    {
+        return new Response("<html><body>$id</body>");
+    }
+
+    public function getComments()
+    {
+        return new Response('<html><body>comments ..</body>');
+    }
+}

Tests/Functional/app/AccessDeniedListener/bundles.php

@@ -0,0 +1,17 @@
+<?php
+
+/*
+ * This file is part of the FOSRestBundle package.
+ *
+ * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+return [
+    new \Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
+    new \Symfony\Bundle\SecurityBundle\SecurityBundle(),
+    new \FOS\RestBundle\FOSRestBundle(),
+    new \FOS\RestBundle\Tests\Functional\Bundle\TestBundle\TestBundle(),
+];

Tests/Functional/app/AccessDeniedListener/config.yml

@@ -0,0 +1,23 @@
+imports:
+    - { resource: ../config/default.yml }
+    - { resource: security.php }
+
+framework:
+    serializer:
+        enabled: true
+    router: { resource: "%kernel.project_dir%/AccessDeniedListener/routing.yml" }
+
+fos_rest:
+    access_denied_listener:
+        json: true
+    exception:
+        exception_listener: false
+        serialize_exceptions: false
+    routing_loader: false
+    service:
+        templating: null
+    view:
+        default_engine: null
+        force_redirects: []
+    zone:
+        - { path: ^/api/* }

Tests/Functional/app/AccessDeniedListener/routing.yml

@@ -0,0 +1,11 @@
+api:
+    path:     /api/comments
+    defaults:
+        _controller: FOS\RestBundle\Tests\Functional\Bundle\TestBundle\Controller\Api\CommentController::getComments
+        _format: json
+
+admin:
+    path:     /admin/comments
+    defaults:
+        _controller: FOS\RestBundle\Tests\Functional\Bundle\TestBundle\Controller\CommentController::getComments
+        _format: html

Tests/Functional/app/AccessDeniedListener/security.php

@@ -0,0 +1,50 @@
+<?php
+
+/*
+ * This file is part of the FOSRestBundle package.
+ *
+ * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+use Symfony\Component\Security\Core\Security;
+use Symfony\Component\Security\Http\Controller\UserValueResolver;
+
+$defaultFirewall = [];
+if (method_exists(Security::class, 'getUser') && !class_exists(UserValueResolver::class)) {
+    $defaultFirewall['logout_on_user_change'] = true;
+}
+
+$container->loadFromExtension('security', [
+    'encoders' => ['Symfony\Component\Security\Core\User\User' => 'plaintext'],
+    'providers' => [
+        'in_memory' => [
+            'memory' => [
+                'users' => [
+                    'restapi' => ['password' => 'secretpw', 'roles' => ['ROLE_API']],
+                    'admin' => ['password' => 'secretpw', 'roles' => ['ROLE_ADMIN']],
+                ],
+            ],
+        ],
+    ],
+    'firewalls' => [
+        'api' => array_merge($defaultFirewall, [
+            'pattern' => '^/api',
+            'stateless' => true,
+            'http_basic' => ['realm' => 'Demo REST API'],
+            'json_login' => [
+                'check_path' => '/api/login',
+            ],
+        ]),
+        'default' => array_merge($defaultFirewall, [
+            'anonymous' => null,
+            'form_login' => null,
+        ]),
+    ],
+    'access_control' => [
+        ['path' => '^/admin', 'roles' => 'ROLE_ADMIN'],
+        ['path' => '^/api', 'roles' => 'ROLE_API'],
+    ],
+]);