Skip to content

Commit deaa4b5

Browse files
jmschebastien70
jmsche
authored and
bastien70
committed
Add some tests for DatabaseCrudController
1 parent e80c10a commit deaa4b5

File tree

2 files changed

+48
-0
lines changed

2 files changed

+48
-0
lines changed

src/Controller/Admin/DatabaseCrudController.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,7 @@ public function createIndexQueryBuilder(SearchDto $searchDto, EntityDto $entityD
7272
public function launchBackupAction(AdminContext $context): Response
7373
{
7474
$database = $context->getEntity()->getInstance();
75+
$this->denyAccessUnlessGranted(DatabaseVoter::CAN_SHOW_DATABASE, $database);
7576

7677
try {
7778
$this->backupService->backup($database, Backup::CONTEXT_MANUAL);
@@ -89,6 +90,7 @@ public function showDatabaseBackupsAction(AdminContext $context): Response
8990
{
9091
/** @var Database $database */
9192
$database = $context->getEntity()->getInstance();
93+
$this->denyAccessUnlessGranted(DatabaseVoter::CAN_SHOW_DATABASE, $database);
9294

9395
$url = $this->adminUrlGenerator->setController(BackupCrudController::class)
9496
->setAction(Action::INDEX)
@@ -115,6 +117,8 @@ public function configureActions(Actions $actions): Actions
115117
return $actions
116118
->add(Crud::PAGE_INDEX, $launchBackupAction)
117119
->add(Crud::PAGE_INDEX, $showDatabaseBackupsAction)
120+
->setPermission(Action::DELETE, DatabaseVoter::CAN_SHOW_DATABASE)
121+
->setPermission(Action::EDIT, DatabaseVoter::CAN_SHOW_DATABASE)
118122
->setPermission('launchBackup', DatabaseVoter::CAN_SHOW_DATABASE)
119123
->setPermission('showDatabaseBackups', DatabaseVoter::CAN_SHOW_DATABASE)
120124
->remove(Crud::PAGE_NEW, Action::SAVE_AND_ADD_ANOTHER)

tests/Controller/Admin/DatabaseCrudControllerTest.php

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,50 @@
88

99
final class DatabaseCrudControllerTest extends AbstractCrudControllerTest
1010
{
11+
public function testEdit(): void
12+
{
13+
$url = $this->getActionUrl('edit', 1);
14+
15+
self::$client->request('GET', $url);
16+
self::assertResponseRedirects('/');
17+
18+
$this->loginAsAdmin();
19+
self::$client->request('GET', $url);
20+
self::assertResponseStatusCodeSame(403);
21+
22+
$this->loginAsUser();
23+
self::$client->request('GET', $url);
24+
self::assertResponseIsSuccessful();
25+
}
26+
27+
public function testShowDatabaseBackupsAction(): void
28+
{
29+
$url = $this->getActionUrl('showDatabaseBackupsAction', 1);
30+
31+
self::$client->request('GET', $url);
32+
self::assertResponseRedirects('/');
33+
34+
$this->loginAsAdmin();
35+
self::$client->request('GET', $url);
36+
self::assertResponseStatusCodeSame(403);
37+
38+
$this->loginAsUser();
39+
self::$client->request('GET', $url);
40+
self::assertResponseRedirects();
41+
}
42+
43+
public function testDelete(): void
44+
{
45+
$url = $this->getActionUrl('delete', 1);
46+
47+
self::$client->request('GET', $url);
48+
self::assertResponseRedirects('/');
49+
50+
$this->loginAsUser();
51+
self::$client->request('GET', $url);
52+
self::assertResponseRedirects();
53+
}
54+
1155
protected function getControllerClass(): string
1256
{
1357
return DatabaseCrudController::class;

0 commit comments

Comments
 (0)