Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 0ebd218

Browse files
javiereguiluzjaviereguiluz
committed
Fixed tests
1 parent 3608348 commit 0ebd218

5 files changed

Lines changed: 24 additions & 18 deletions

File tree

composer.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/AppBundle/Controller/Admin/BlogController.php

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -101,13 +101,16 @@ public function newAction(Request $request)
101101
*
102102
* @Route("/{id}", requirements={"id" = "\d+"}, name="admin_post_show")
103103
* @Method("GET")
104-
* @Security("post.isAuthor(user)")
105-
*
106-
* NOTE: You can also centralize security logic by using a "voter"
107-
* See http://symfony.com/doc/current/cookbook/security/voters_data_permission.html
108104
*/
109105
public function showAction(Post $post)
110106
{
107+
// This security check can also be performed:
108+
// 1. Using an annotation: @Security("post.isAuthor(user)")
109+
// 2. Using a "voter" (see http://symfony.com/doc/current/cookbook/security/voters_data_permission.html)
110+
if (null === $this->getUser() || !$post->isAuthor($this->getUser())) {
111+
throw $this->createAccessDeniedException('Posts can only be shown to their authors.');
112+
}
113+
111114
$deleteForm = $this->createDeleteForm($post);
112115

113116
return $this->render('admin/blog/show.html.twig', array(
@@ -121,10 +124,13 @@ public function showAction(Post $post)
121124
*
122125
* @Route("/{id}/edit", requirements={"id" = "\d+"}, name="admin_post_edit")
123126
* @Method({"GET", "POST"})
124-
* @Security("post.isAuthor(user)")
125127
*/
126128
public function editAction(Post $post, Request $request)
127129
{
130+
if (null === $this->getUser() || !$post->isAuthor($this->getUser())) {
131+
throw $this->createAccessDeniedException('Posts can only be edited by their authors.');
132+
}
133+
128134
$em = $this->getDoctrine()->getManager();
129135

130136
$editForm = $this->createForm(new PostType(), $post);

src/AppBundle/Tests/Controller/Admin/BlogControllerTest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ public function testRegularUsersCannotAccessToTheBackend()
3939
'PHP_AUTH_PW' => 'kitten',
4040
));
4141

42-
$client->request('GET', '/admin/post/');
42+
$client->request('GET', '/en/admin/post/');
4343

4444
$this->assertEquals(Response::HTTP_FORBIDDEN, $client->getResponse()->getStatusCode());
4545
}
@@ -51,7 +51,7 @@ public function testAdministratorUsersCanAccessToTheBackend()
5151
'PHP_AUTH_PW' => 'kitten',
5252
));
5353

54-
$client->request('GET', '/admin/post/');
54+
$client->request('GET', '/en/admin/post/');
5555

5656
$this->assertEquals(Response::HTTP_OK, $client->getResponse()->getStatusCode());
5757
}
@@ -63,7 +63,7 @@ public function testIndex()
6363
'PHP_AUTH_PW' => 'kitten',
6464
));
6565

66-
$crawler = $client->request('GET', '/admin/post/');
66+
$crawler = $client->request('GET', '/en/admin/post/');
6767

6868
$this->assertCount(
6969
Post::NUM_ITEMS,

src/AppBundle/Tests/Controller/BlogControllerTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ class BlogControllerTest extends WebTestCase
2929
public function testIndex()
3030
{
3131
$client = static::createClient();
32-
$crawler = $client->request('GET', '/blog/');
32+
$crawler = $client->request('GET', '/en/blog/');
3333

3434
$this->assertCount(
3535
Post::NUM_ITEMS,

src/AppBundle/Tests/Controller/DefaultControllerTest.php

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ public function testSecureUrls($url)
5959
$this->assertTrue($client->getResponse()->isRedirect());
6060

6161
$this->assertEquals(
62-
'http://localhost/login',
62+
'http://localhost/en/login',
6363
$client->getResponse()->getTargetUrl(),
6464
sprintf('The %s secure URL redirects to the login form.', $url)
6565
);
@@ -69,19 +69,19 @@ public function getPublicUrls()
6969
{
7070
return array(
7171
array('/'),
72-
array('/blog/'),
73-
array('/blog/posts/morbi-tempus-commodo-mattis'),
74-
array('/login'),
72+
array('/en/blog/'),
73+
array('/en/blog/posts/morbi-tempus-commodo-mattis'),
74+
array('/en/login'),
7575
);
7676
}
7777

7878
public function getSecureUrls()
7979
{
8080
return array(
81-
array('/admin/post/'),
82-
array('/admin/post/new'),
83-
array('/admin/post/1'),
84-
array('/admin/post/1/edit'),
81+
array('/en/admin/post/'),
82+
array('/en/admin/post/new'),
83+
array('/en/admin/post/1'),
84+
array('/en/admin/post/1/edit'),
8585
);
8686
}
8787
}

0 commit comments

Comments
 (0)