OilfieldToolsNet/shlink
4
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Ensured API keys cannot be generated with domain-only roles linked to default domain

Browse Source
This commit is contained in:
Alejandro Celaya
2022-02-19 19:23:36 +01:00
parent 3e3d255edf
commit c98ea6055b
5 changed files with 78 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
module/CLI/test/ApiKey/RoleResolverTest.php
View File

@@ -8,6 +8,7 @@ use PHPUnit\Framework\TestCase;
use Prophecy\PhpUnit\ProphecyTrait;
use Prophecy\Prophecy\ObjectProphecy;
use Shlinkio\Shlink\CLI\ApiKey\RoleResolver;
use Shlinkio\Shlink\CLI\Exception\InvalidRoleConfigException;
use Shlinkio\Shlink\Core\Domain\DomainServiceInterface;
use Shlinkio\Shlink\Core\Entity\Domain;
use Shlinkio\Shlink\Rest\ApiKey\Model\RoleDefinition;
@@ -23,7 +24,7 @@ class RoleResolverTest extends TestCase
protected function setUp(): void
{
$this->domainService = $this->prophesize(DomainServiceInterface::class);
$this->resolver = new RoleResolver($this->domainService->reveal());
$this->resolver = new RoleResolver($this->domainService->reveal(), 'default.com');
}
/**
@@ -94,4 +95,16 @@ class RoleResolverTest extends TestCase
1,
];
}
/** @test */
public function exceptionIsThrownWhenTryingToAddDomainOnlyLinkedToDefaultDomain(): void
{
$input = $this->prophesize(InputInterface::class);
$input->getOption(RoleResolver::DOMAIN_ONLY_PARAM)->willReturn('default.com');
$input->getOption(RoleResolver::AUTHOR_ONLY_PARAM)->willReturn(null);
$this->expectException(InvalidRoleConfigException::class);
$this->resolver->determineRoles($input->reveal());
}
}

26
module/CLI/test/Exception/InvalidRoleConfigExceptionTest.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace ShlinkioTest\Shlink\CLI\Exception;
use PHPUnit\Framework\TestCase;
use Shlinkio\Shlink\CLI\Exception\InvalidRoleConfigException;
use Shlinkio\Shlink\Rest\ApiKey\Role;
use function sprintf;
class InvalidRoleConfigExceptionTest extends TestCase
{
/** @test */
public function forDomainOnlyWithDefaultDomainGeneratesExpectedException(): void
{
$e = InvalidRoleConfigException::forDomainOnlyWithDefaultDomain();
self::assertEquals(sprintf(
'You cannot create an API key with the "%s" role attached to the default domain. '
. 'The role is currently limited to non-default domains.',
Role::DOMAIN_SPECIFIC,
), $e->getMessage());
}
}