[Workflow] Added tests for the is_valid() guard expression

lyrixx · lyrixx · commit c193d3767f39 · 2017-08-21T11:45:11.000+02:00
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Compiler/WorkflowGuardListenerPass.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Compiler/WorkflowGuardListenerPass.php
@@ -31,20 +31,18 @@ public function process(ContainerBuilder $container)
 
         $container->getParameterBag()->remove('workflow.has_guard_listeners');
 
-        if (!$container->has('security.token_storage')) {
-            throw new LogicException('The "security.token_storage" service is needed to be able to use the workflow guard listener.');
-        }
-
-        if (!$container->has('security.authorization_checker')) {
-            throw new LogicException('The "security.authorization_checker" service is needed to be able to use the workflow guard listener.');
-        }
-
-        if (!$container->has('security.authentication.trust_resolver')) {
-            throw new LogicException('The "security.authentication.trust_resolver" service is needed to be able to use the workflow guard listener.');
-        }
-
-        if (!$container->has('security.role_hierarchy')) {
-            throw new LogicException('The "security.role_hierarchy" service is needed to be able to use the workflow guard listener.');
+        $servicesNeeded = array(
+            'security.token_storage',
+            'security.authorization_checker',
+            'security.authentication.trust_resolver',
+            'security.role_hierarchy',
+            'validator',
+        );
+
+        foreach ($servicesNeeded as $service) {
+            if (!$container->has($service)) {
+                throw new LogicException(sprintf('The "%s" service is needed to be able to use the workflow guard listener.', $service));
+            }
         }
     }
 }
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -74,6 +74,7 @@
 use Symfony\Component\Translation\Command\XliffLintCommand as BaseXliffLintCommand;
 use Symfony\Component\Validator\ConstraintValidatorInterface;
 use Symfony\Component\Validator\ObjectInitializerInterface;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
 use Symfony\Component\WebLink\HttpHeaderSerializer;
 use Symfony\Component\Workflow;
 use Symfony\Component\Yaml\Command\LintCommand as BaseYamlLintCommand;
@@ -645,6 +646,10 @@ private function registerWorkflowConfiguration(array $workflows, ContainerBuilde
                     throw new LogicException('Cannot guard workflows as the Security component is not installed.');
                 }
 
+                if (!interface_exists(ValidatorInterface::class)) {
+                    throw new LogicException('Cannot guard workflows as the Validator component is not installed.');
+                }
+
                 $eventName = sprintf('workflow.%s.guard.%s', $name, $transitionName);
                 $guard->addTag('kernel.event_listener', array('event' => $eventName, 'method' => 'onTransition'));
                 $configuration[$eventName] = $config['guard'];
@@ -657,7 +662,7 @@ private function registerWorkflowConfiguration(array $workflows, ContainerBuilde
                     new Reference('security.authorization_checker'),
                     new Reference('security.authentication.trust_resolver'),
                     new Reference('security.role_hierarchy'),
-                    new Reference('validator', ContainerInterface::NULL_ON_INVALID_REFERENCE),
+                    new Reference('validator'),
                 ));
 
                 $container->setDefinition(sprintf('%s.listener.guard', $workflowId), $guard);
diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Compiler/WorkflowGuardListenerPassTest.php b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Compiler/WorkflowGuardListenerPassTest.php
@@ -14,12 +14,11 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Bundle\FrameworkBundle\DependencyInjection\Compiler\WorkflowGuardListenerPass;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
-use Symfony\Component\DependencyInjection\Exception\LogicException;
 use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Security\Core\Role\RoleHierarchy;
-use Symfony\Component\Workflow\EventListener\GuardListener;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
 
 class WorkflowGuardListenerPassTest extends TestCase
 {
@@ -29,53 +28,37 @@ class WorkflowGuardListenerPassTest extends TestCase
     protected function setUp()
     {
         $this->container = new ContainerBuilder();
-        $this->container->register('foo.listener.guard', GuardListener::class);
-        $this->container->register('bar.listener.guard', GuardListener::class);
         $this->compilerPass = new WorkflowGuardListenerPass();
     }
 
-    public function testListenersAreNotRemovedIfParameterIsNotSet()
+    public function testNoExeptionIfParameterIsNotSet()
     {
         $this->compilerPass->process($this->container);
 
-        $this->assertTrue($this->container->hasDefinition('foo.listener.guard'));
-        $this->assertTrue($this->container->hasDefinition('bar.listener.guard'));
-    }
-
-    public function testParameterIsRemovedWhenThePassIsProcessed()
-    {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
-
-        try {
-            $this->compilerPass->process($this->container);
-        } catch (LogicException $e) {
-            // Here, we are not interested in the exception handling. This is tested further down.
-        }
-
         $this->assertFalse($this->container->hasParameter('workflow.has_guard_listeners'));
     }
 
-    public function testListenersAreNotRemovedIfAllDependenciesArePresent()
+    public function testNoExeptionIfAllDependenciesArePresent()
     {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
+        $this->container->setParameter('workflow.has_guard_listeners', true);
         $this->container->register('security.token_storage', TokenStorageInterface::class);
         $this->container->register('security.authorization_checker', AuthorizationCheckerInterface::class);
         $this->container->register('security.authentication.trust_resolver', AuthenticationTrustResolverInterface::class);
         $this->container->register('security.role_hierarchy', RoleHierarchy::class);
+        $this->container->register('validator', ValidatorInterface::class);
 
         $this->compilerPass->process($this->container);
 
-        $this->assertTrue($this->container->hasDefinition('foo.listener.guard'));
-        $this->assertTrue($this->container->hasDefinition('bar.listener.guard'));
+        $this->assertFalse($this->container->hasParameter('workflow.has_guard_listeners'));
     }
 
     /**
      * @expectedException \Symfony\Component\DependencyInjection\Exception\LogicException
      * @expectedExceptionMessage The "security.token_storage" service is needed to be able to use the workflow guard listener.
      */
-    public function testListenersAreRemovedIfTheTokenStorageServiceIsNotPresent()
+    public function testExceptionIfTheTokenStorageServiceIsNotPresent()
     {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
+        $this->container->setParameter('workflow.has_guard_listeners', true);
         $this->container->register('security.authorization_checker', AuthorizationCheckerInterface::class);
         $this->container->register('security.authentication.trust_resolver', AuthenticationTrustResolverInterface::class);
         $this->container->register('security.role_hierarchy', RoleHierarchy::class);
@@ -87,9 +70,9 @@ public function testListenersAreRemovedIfTheTokenStorageServiceIsNotPresent()
      * @expectedException \Symfony\Component\DependencyInjection\Exception\LogicException
      * @expectedExceptionMessage The "security.authorization_checker" service is needed to be able to use the workflow guard listener.
      */
-    public function testListenersAreRemovedIfTheAuthorizationCheckerServiceIsNotPresent()
+    public function testExceptionIfTheAuthorizationCheckerServiceIsNotPresent()
     {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
+        $this->container->setParameter('workflow.has_guard_listeners', true);
         $this->container->register('security.token_storage', TokenStorageInterface::class);
         $this->container->register('security.authentication.trust_resolver', AuthenticationTrustResolverInterface::class);
         $this->container->register('security.role_hierarchy', RoleHierarchy::class);
@@ -101,9 +84,9 @@ public function testListenersAreRemovedIfTheAuthorizationCheckerServiceIsNotPres
      * @expectedException \Symfony\Component\DependencyInjection\Exception\LogicException
      * @expectedExceptionMessage The "security.authentication.trust_resolver" service is needed to be able to use the workflow guard listener.
      */
-    public function testListenersAreRemovedIfTheAuthenticationTrustResolverServiceIsNotPresent()
+    public function testExceptionIfTheAuthenticationTrustResolverServiceIsNotPresent()
     {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
+        $this->container->setParameter('workflow.has_guard_listeners', true);
         $this->container->register('security.token_storage', TokenStorageInterface::class);
         $this->container->register('security.authorization_checker', AuthorizationCheckerInterface::class);
         $this->container->register('security.role_hierarchy', RoleHierarchy::class);
@@ -115,12 +98,27 @@ public function testListenersAreRemovedIfTheAuthenticationTrustResolverServiceIs
      * @expectedException \Symfony\Component\DependencyInjection\Exception\LogicException
      * @expectedExceptionMessage The "security.role_hierarchy" service is needed to be able to use the workflow guard listener.
      */
-    public function testListenersAreRemovedIfTheRoleHierarchyServiceIsNotPresent()
+    public function testExceptionIfTheRoleHierarchyServiceIsNotPresent()
+    {
+        $this->container->setParameter('workflow.has_guard_listeners', true);
+        $this->container->register('security.token_storage', TokenStorageInterface::class);
+        $this->container->register('security.authorization_checker', AuthorizationCheckerInterface::class);
+        $this->container->register('security.authentication.trust_resolver', AuthenticationTrustResolverInterface::class);
+
+        $this->compilerPass->process($this->container);
+    }
+
+    /**
+     * @expectedException \Symfony\Component\DependencyInjection\Exception\LogicException
+     * The "validator" service is needed to be able to use the workflow guard listener.
+     */
+    public function testExceptionIfTheValidatorIsNotPresent()
     {
-        $this->container->setParameter('workflow.has_guard_listeners', array('foo.listener.guard', 'bar.listener.guard'));
+        $this->container->setParameter('workflow.has_guard_listeners', true);
         $this->container->register('security.token_storage', TokenStorageInterface::class);
         $this->container->register('security.authorization_checker', AuthorizationCheckerInterface::class);
         $this->container->register('security.authentication.trust_resolver', AuthenticationTrustResolverInterface::class);
+        $this->container->register('security.role_hierarchy', RoleHierarchy::class);
 
         $this->compilerPass->process($this->container);
     }
diff --git a/src/Symfony/Component/Workflow/CHANGELOG.md b/src/Symfony/Component/Workflow/CHANGELOG.md
@@ -4,7 +4,7 @@ CHANGELOG
 3.4.0
 -----
 
- * Add guard `is_valid()` method support
+ * Add guard `is_valid()` method support.
  * Added support for `Event::getWorkflowName()` for "announce" events.
  * Added `workflow.completed` events which are fired after a transition is completed.
 
diff --git a/src/Symfony/Component/Workflow/Tests/EventListener/GuardListenerTest.php b/src/Symfony/Component/Workflow/Tests/EventListener/GuardListenerTest.php
@@ -8,6 +8,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
 use Symfony\Component\Security\Core\Role\Role;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
 use Symfony\Component\Workflow\EventListener\ExpressionLanguage;
 use Symfony\Component\Workflow\EventListener\GuardListener;
 use Symfony\Component\Workflow\Event\GuardEvent;
@@ -16,59 +17,85 @@
 
 class GuardListenerTest extends TestCase
 {
-    private $tokenStorage;
+    private $authenticationChecker;
+    private $validator;
     private $listener;
 
     protected function setUp()
     {
         $configuration = array(
-            'event_name_a' => 'true',
-            'event_name_b' => 'false',
+            'test_is_granted' => 'is_granted("something")',
+            'test_is_valid' => 'is_valid(subject)',
         );
-
         $expressionLanguage = new ExpressionLanguage();
-        $this->tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->getMock();
-        $authenticationChecker = $this->getMockBuilder(AuthorizationCheckerInterface::class)->getMock();
+        $token = $this->getMockBuilder(TokenInterface::class)->getMock();
+        $token->expects($this->any())->method('getRoles')->willReturn(array(new Role('ROLE_USER')));
+        $tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->getMock();
+        $tokenStorage->expects($this->any())->method('getToken')->willReturn($token);
+        $this->authenticationChecker = $this->getMockBuilder(AuthorizationCheckerInterface::class)->getMock();
         $trustResolver = $this->getMockBuilder(AuthenticationTrustResolverInterface::class)->getMock();
-
-        $this->listener = new GuardListener($configuration, $expressionLanguage, $this->tokenStorage, $authenticationChecker, $trustResolver);
+        $this->validator = $this->getMockBuilder(ValidatorInterface::class)->getMock();
+        $this->listener = new GuardListener($configuration, $expressionLanguage, $tokenStorage, $this->authenticationChecker, $trustResolver, null, $this->validator);
     }
 
     protected function tearDown()
     {
+        $this->authenticationChecker = null;
+        $this->validator = null;
         $this->listener = null;
     }
 
     public function testWithNotSupportedEvent()
     {
         $event = $this->createEvent();
-        $this->configureTokenStorage(false);
+        $this->configureAuthenticationChecker(false);
+        $this->configureValidator(false);
 
         $this->listener->onTransition($event, 'not supported');
 
         $this->assertFalse($event->isBlocked());
     }
 
-    public function testWithSupportedEventAndReject()
+    public function testWithSecuritySupportedEventAndReject()
     {
         $event = $this->createEvent();
-        $this->configureTokenStorage(true);
+        $this->configureAuthenticationChecker(true, false);
 
-        $this->listener->onTransition($event, 'event_name_a');
+        $this->listener->onTransition($event, 'test_is_granted');
+
+        $this->assertTrue($event->isBlocked());
+    }
+
+    public function testWithSecuritySupportedEventAndAccept()
+    {
+        $event = $this->createEvent();
+        $this->configureAuthenticationChecker(true, true);
+
+        $this->listener->onTransition($event, 'test_is_granted');
 
         $this->assertFalse($event->isBlocked());
     }
 
-    public function testWithSupportedEventAndAccept()
+    public function testWithValidatorSupportedEventAndReject()
     {
         $event = $this->createEvent();
-        $this->configureTokenStorage(true);
+        $this->configureValidator(true, false);
 
-        $this->listener->onTransition($event, 'event_name_b');
+        $this->listener->onTransition($event, 'test_is_valid');
 
         $this->assertTrue($event->isBlocked());
     }
 
+    public function testWithValidatorSupportedEventAndAccept()
+    {
+        $event = $this->createEvent();
+        $this->configureValidator(true, true);
+
+        $this->listener->onTransition($event, 'test_is_valid');
+
+        $this->assertFalse($event->isBlocked());
+    }
+
     private function createEvent()
     {
         $subject = new \stdClass();
@@ -78,28 +105,39 @@ private function createEvent()
         return new GuardEvent($subject, $subject->marking, $transition);
     }
 
-    private function configureTokenStorage($hasUser)
+    private function configureAuthenticationChecker($isUsed, $granted = true)
     {
-        if (!$hasUser) {
-            $this->tokenStorage
+        if (!$isUsed) {
+            $this->authenticationChecker
                 ->expects($this->never())
-                ->method('getToken')
+                ->method('isGranted')
             ;
 
             return;
         }
 
-        $token = $this->getMockBuilder(TokenInterface::class)->getMock();
-        $token
+        $this->authenticationChecker
             ->expects($this->once())
-            ->method('getRoles')
-            ->willReturn(array(new Role('ROLE_ADMIN')))
+            ->method('isGranted')
+            ->willReturn($granted)
         ;
+    }
+
+    private function configureValidator($isUsed, $valid = true)
+    {
+        if (!$isUsed) {
+            $this->validator
+                ->expects($this->never())
+                ->method('validate')
+            ;
+
+            return;
+        }
 
-        $this->tokenStorage
+        $this->validator
             ->expects($this->once())
-            ->method('getToken')
-            ->willReturn($token)
+            ->method('validate')
+            ->willReturn($valid ? array() : array('a violation'))
         ;
     }
 }
diff --git a/src/Symfony/Component/Workflow/composer.json b/src/Symfony/Component/Workflow/composer.json
@@ -28,7 +28,8 @@
         "symfony/dependency-injection": "~2.8|~3.0|~4.0",
         "symfony/event-dispatcher": "~2.1|~3.0|~4.0",
         "symfony/expression-language": "~2.8|~3.0|~4.0",
-        "symfony/security-core": "~2.8|~3.0|~4.0"
+        "symfony/security-core": "~2.8|~3.0|~4.0",
+        "symfony/validator": "~2.8|~3.0|~4.0"
     },
     "autoload": {
         "psr-4": { "Symfony\\Component\\Workflow\\": "" }
