You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
110 lines
3.8 KiB
110 lines
3.8 KiB
<?php |
|
|
|
/** |
|
* @file |
|
* Test Authentication Tokens. |
|
*/ |
|
|
|
class IslandoraAuthtokensTestCase extends IslandoraWebTestCase { |
|
|
|
/** |
|
* Get test information for display. |
|
*/ |
|
public static function getInfo() { |
|
return array( |
|
'name' => 'Islandora Authorization Tokens', |
|
'description' => 'Ensure the correct functionality of the tokens to pass authorization to Djatoka in Islandora.', |
|
'group' => 'Islandora', |
|
); |
|
} |
|
|
|
/** |
|
* Set up data for the tests. |
|
*/ |
|
public function setUp() { |
|
parent::setUp(); |
|
} |
|
|
|
/** |
|
* Test redeeming invalid tokens. |
|
*/ |
|
public function testRedeemInvalidToken() { |
|
module_load_include('inc', 'islandora', 'includes/authtokens'); |
|
$token = islandora_get_object_token('test:pid', 'woot', 1); |
|
$this->assertTrue($token, 'Token was generated correctly.', 'Unit Tests'); |
|
// Redeem a token that doesn't exist with real pid and dsid. |
|
$account = islandora_validate_object_token('test:pid', 'woot', 'foo'); |
|
$this->assertFalse($account, 'Redeeming an token that doesn\'t exist returns FALSE', 'Unit Tests'); |
|
} |
|
|
|
/** |
|
* Test redeeming valid tokens. |
|
*/ |
|
public function testRedeemValidToken() { |
|
module_load_include('inc', 'islandora', 'includes/authtokens'); |
|
// Change the current user. |
|
global $user; |
|
$user_backup = $user; |
|
$test_account = $this->drupalCreateUser(); |
|
$user = $test_account; |
|
$token = islandora_get_object_token('test:pid', 'woot', 1); |
|
|
|
// Logout again. |
|
$user = $user_backup; |
|
$token_account = islandora_validate_object_token('test:pid', 'woot', $token); |
|
$this->assertEqual($token_account->uid, $test_account->uid, 'UID from token is correct', 'Unit Tests'); |
|
$this->assertEqual($token_account->pass, $test_account->pass, 'Pass from token is correct', 'Unit Tests'); |
|
$this->assertEqual($token_account->name, $test_account->name, 'Name from token is correct', 'Unit Tests'); |
|
} |
|
|
|
/** |
|
* Test tokened datastream view without XACML. |
|
*/ |
|
public function testTokenedViewDatastreamWithoutXacml() { |
|
// Ingest the fixture. |
|
$fixture_path = drupal_get_path('module', 'islandora') . '/tests/fixtures/bug.jp2'; |
|
$tuque = islandora_get_tuque_connection(); |
|
$newpid = "{$this->randomName()}:{$this->randomName()}"; |
|
$fixture_object = $tuque->repository->constructObject($newpid); |
|
$fixture_datastream = $fixture_object->constructDatastream('JP2'); |
|
$fixture_datastream->setContentFromFile($fixture_path, TRUE); |
|
$fixture_object->ingestDatastream($fixture_datastream); |
|
$tuque->repository->ingestObject($fixture_object); |
|
|
|
$this->drupalGet("islandora/object/{$newpid}/datastream/JP2/view"); |
|
$this->assertResponse(403, 'Page not found as anonymous'); |
|
|
|
$account = $this->drupalCreateUser(array(ISLANDORA_VIEW_OBJECTS)); |
|
$this->drupalLogin($account); |
|
|
|
$this->drupalGet("islandora/object/{$newpid}/datastream/JP2/view"); |
|
$this->assertResponse(200, 'Page loaded as the authorized user'); |
|
|
|
// Do some voodoo to get a token as the user we are connecting as |
|
// to do this we need to change the user we are logged in as. |
|
module_load_include('inc', 'islandora', 'includes/authtokens'); |
|
global $user; |
|
$backup = $user; |
|
$user = $account; |
|
$token = islandora_get_object_token($newpid, 'JP2', 1); |
|
$user = $backup; |
|
|
|
$this->drupalLogout(); |
|
|
|
$this->drupalGet("islandora/object/{$newpid}/datastream/JP2/view", array('query' => array('token' => $token))); |
|
$this->assertResponse(200, 'Page loaded with the token'); |
|
|
|
$this->drupalGet("islandora/object/{$newpid}/datastream/JP2/view", array('query' => array('token' => $token))); |
|
$this->assertResponse(403, 'Token is unable to be reused'); |
|
|
|
// Delete fixture object. |
|
$tuque->repository->purgeObject($newpid); |
|
} |
|
|
|
/** |
|
* This will test something someday. |
|
*/ |
|
public function testTokenedViewDatastreamWithXacml() { |
|
// We need to add this test. |
|
} |
|
}
|
|
|