throw an exception when using not registered resource object [closes #8]

Carrooi · Aug 28, 2015 · 54283f1 · 54283f1
1 parent e74b40a
commit 54283f1
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 0 deletions.
diff --git a/src/Authorization/Authorizator.php b/src/Authorization/Authorizator.php
@@ -4,6 +4,7 @@
 
 use Carrooi\Security\InvalidStateException;
 use Carrooi\Security\StrictModeException;
+use Carrooi\Security\UnknownResourceObjectException;
 use Carrooi\Security\User\User;
 use Nette\Application\UI\Presenter;
 use Nette\Object;
@@ -31,6 +32,9 @@ class Authorizator extends Object
 	/** @var bool */
 	private $default = false;
 
+	/** @var bool */
+	private $debugMode = false;
+
 	/** @var int */
 	private $actionsMode = self::MODE_ON;
 
@@ -50,6 +54,17 @@ public function __construct(ResourcesManager $resourcesManager)
 	}
 
 
+	/**
+	 * @param bool $debugMode
+	 * @return $this
+	 */
+	public function setDebugMode($debugMode = true)
+	{
+		$this->debugMode = (bool) $debugMode;
+		return $this;
+	}
+
+
 	/**
 	 * @return \Carrooi\Security\Authorization\ResourcesManager
 	 */
@@ -181,6 +196,10 @@ public function isAllowed(User $user, $resource, $action)
 
 		$name = $this->resourcesManages->getTargetResource($resource);
 		if (!$name) {
+			if ($this->debugMode) {
+				throw new UnknownResourceObjectException('Object '. get_class($resource). ' is not registered security resource target.');
+			}
+
 			return $this->default;
 		}
 

diff --git a/src/Authorization/ResourcesManager.php b/src/Authorization/ResourcesManager.php
@@ -4,6 +4,7 @@
 
 use Carrooi\Security\AuthorizatorClassNotExistsException;
 use Carrooi\Security\AuthorizatorInvalidTypeException;
+use Carrooi\Security\InvalidArgumentException;
 use Nette\DI\Container;
 use Nette\Object;
 use Nette\Reflection\ClassType;
@@ -57,6 +58,10 @@ public function getTargetResource($resource)
 			return $resource;
 		}
 
+		if (!is_object($resource)) {
+			throw new InvalidArgumentException('Security resource target can be only string or an object, '. gettype($resource). ' given.');
+		}
+
 		$className = get_class($resource);
 
 		if (!isset($this->targetResources[$className])) {

diff --git a/src/DI/SecurityExtension.php b/src/DI/SecurityExtension.php
@@ -54,6 +54,7 @@ public function loadConfiguration()
 
 		$builder->addDefinition($this->prefix('authorizator'))
 			->setClass('Carrooi\Security\Authorization\Authorizator')
+			->addSetup('setDebugMode', [$builder->parameters['debugMode']])
 			->addSetup('setDefault', [$config['default']])
 			->addSetup('setComponentsMode', [$this->parseMode($config['components'])])
 			->addSetup('setSignalsMode', [$this->parseMode($config['signals'])])

diff --git a/src/exceptions.php b/src/exceptions.php
@@ -6,6 +6,8 @@ class RuntimeException extends \RuntimeException {}
 
 class LogicException extends \LogicException {}
 
+class InvalidArgumentException extends \InvalidArgumentException {}
+
 class InvalidStateException extends RuntimeException {}
 
 class NotImplementedException extends LogicException {}
@@ -15,3 +17,5 @@ class StrictModeException extends LogicException {}
 class AuthorizatorClassNotExistsException extends LogicException {}
 
 class AuthorizatorInvalidTypeException extends LogicException {}
+
+class UnknownResourceObjectException extends LogicException {}
diff --git a/tests/CarrooiTests/Security/Authorization/Authorizator.phpt b/tests/CarrooiTests/Security/Authorization/Authorizator.phpt
@@ -76,6 +76,18 @@ class AuthorizatorTest extends TestCase
 	}
 
 
+	public function testIsAllowed_targetResource_unknown_debugMode()
+	{
+		$this->manager->shouldReceive('getTargetResource')->once()->andReturnNull()->getMock();
+
+		$this->authorizator->setDebugMode(true);
+
+		Assert::exception(function() {
+			$this->authorizator->isAllowed($this->user, new \stdClass, 'view');
+		}, 'Carrooi\Security\UnknownResourceObjectException', 'Object stdClass is not registered security resource target.');
+	}
+
+
 	public function testIsAllowed_targetResource()
 	{
 		$booksAuthorizator = \Mockery::mock('Carrooi\Security\Authorizator\IResourceAuthorizator')

diff --git a/tests/CarrooiTests/Security/Authorization/ResourceManager.phpt b/tests/CarrooiTests/Security/Authorization/ResourceManager.phpt
@@ -49,6 +49,14 @@ class ResourceManagerTest extends TestCase
 	}
 
 
+	public function testGetTargetResource_invalid()
+	{
+		Assert::exception(function() {
+			$this->manager->getTargetResource([]);
+		}, 'Carrooi\Security\InvalidArgumentException', 'Security resource target can be only string or an object, array given.');
+	}
+
+
 	public function testGetTargetResource_exactClass()
 	{
 		$this->manager->addTargetResource('stdClass', 'book');