CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
setPermissions example
$customerGroup,
$taxRules,
$payment,
$base->getShippingMethod(),
$shippingLocation,
$customer,
$itemRounding,
$totalRounding
);
if (\array_key_exists(SalesChannelContextService::PERMISSIONS, $options)) {
$salesChannelContext->setPermissions($options[SalesChannelContextService::PERMISSIONS]);
$event = new SalesChannelContextPermissionsChangedEvent($salesChannelContext, $options[SalesChannelContextService::PERMISSIONS]);
$this->eventDispatcher->dispatch($event);
$salesChannelContext->lockPermissions();
}
$salesChannelContext->setTaxState($this->taxDetector->getTaxState($salesChannelContext));
return $salesChannelContext;
}
$taxRules,
$payment,
$base->getShippingMethod(),
$shippingLocation,
$customer,
$itemRounding,
$totalRounding
);
if (\array_key_exists(SalesChannelContextService::PERMISSIONS, $options)) {
$salesChannelContext->setPermissions($options[SalesChannelContextService::PERMISSIONS]);
$event = new SalesChannelContextPermissionsChangedEvent($salesChannelContext, $options[SalesChannelContextService::PERMISSIONS]);
$this->eventDispatcher->dispatch($event);
$salesChannelContext->lockPermissions();
}
$salesChannelContext->setTaxState($this->taxDetector->getTaxState($salesChannelContext));
return $salesChannelContext;
}
$result = $orderRepository->search(
new Criteria([$payload['id']]),
$context
)->first();
static::assertEquals($userId, $result->getUpdatedById());
}
private function getAdminContext($userId): Context
{
$source = new AdminApiSource($userId);
$source->setPermissions([
'order:list',
'order:create',
'order:update',
'order_customer:create',
'order_address:create',
]);
return new Context($source);
}
private function createOrderPayload(): array
{
new Criteria([$payload['id']]),
$context
)->first();
static::assertEquals($userId, $result->getUpdatedById());
}
private function getAdminContext($userId): Context
{
$source = new AdminApiSource($userId);
$source->setPermissions([
'order:list',
'order:create',
'order:update',
'order_customer:create',
'order_address:create',
]);
return new Context($source);
}
private function createOrderPayload(): array
{
'taxRate' => 5,
'percentage' => 100,
],
],
],
], $this->context);
}
public function testCreateProductWithPriceDefinitionWithPermissions(): void
{
$this->context->setPermissions([ProductCartProcessor::ALLOW_PRODUCT_PRICE_OVERWRITES => true]);
$lineItem = $this->service->create([
'type' => 'product',
'referencedId' => 'test',
'priceDefinition' => [
'price' => 100.0,
'type' => 'quantity',
'precision' => 1,
'taxRules' => [
[
'taxRate' => 5,
$result = $orderRepository->search(
new Criteria([$payload['id']]),
$context
)->first();
static::assertEquals($userId, $result->getCreatedById());
}
private function getAdminContext($userId): Context
{
$source = new AdminApiSource($userId);
$source->setPermissions([
'order:list',
'order:create',
'order:update',
'order_customer:create',
'order_address:create',
]);
return new Context($source);
}
private function createOrderPayload(): array
{
new Criteria([$payload['id']]),
$context
)->first();
static::assertEquals($userId, $result->getCreatedById());
}
private function getAdminContext($userId): Context
{
$source = new AdminApiSource($userId);
$source->setPermissions([
'order:list',
'order:create',
'order:update',
'order_customer:create',
'order_address:create',
]);
return new Context($source);
}
private function createOrderPayload(): array
{
$resultWithPermissions = $this->searcher->search($queries, $this->context);
static::assertCount(2, $resultWithPermissions);
static::assertNotEmpty($resultWithPermissions['category']);
static::assertNotEmpty($resultWithPermissions['product']);
$adminSource = new AdminApiSource($this->userId);
$adminSource->setIsAdmin(false);
$adminSource->setPermissions(['category:read']);
$this->context->assign([
'source' => $adminSource,
]);
$resultWithoutPermissions = $this->searcher->search($queries, $this->context);
static::assertCount(1, $resultWithoutPermissions);
static::assertNotEmpty($resultWithoutPermissions['category']);
static::assertArrayNotHasKey('product', $resultWithoutPermissions);
}
}
parent::setUp();
$this->validator = $this->getContainer()->get(AclCriteriaValidator::class);
}
/** * @dataProvider criteriaProvider */
public function testValidateCriteria(array $privileges, Criteria $criteria, bool $pass): void
{
$source = new AdminApiSource(null, null);
$source->setPermissions($privileges);
$context = new Context(
$source,
[],
Defaults::CURRENCY,
[Defaults::LANGUAGE_SYSTEM]
);
$missing = $this->validator->validate(ProductDefinition::ENTITY_NAME, $criteria, $context);
if ($pass) {
use PHPUnit\Framework\TestCase;
use Shopware\Core\Framework\Api\Context\AdminApiSource;
/** * @internal */
class AdminApiSourceTest extends TestCase
{
public function testPermissions(): void
{
$apiSource = new AdminApiSource(null, null);
$apiSource->setPermissions([
'product:list',
'order:delete',
]);
static::assertTrue($apiSource->isAllowed('product:list'));
static::assertTrue($apiSource->isAllowed('order:delete'));
static::assertFalse($apiSource->isAllowed('product:delete'));
static::assertFalse($apiSource->isAllowed('order:list'));
}
}
use Shopware\Core\Framework\Api\Context\AdminApiSource;
/** * @internal */
class AdminApiSourceTest extends TestCase
{
public function testPermissions(): void
{
$apiSource = new AdminApiSource(null, null);
$apiSource->setPermissions([
'product:list',
'order:delete',
]);
static::assertTrue($apiSource->isAllowed('product:list'));
static::assertTrue($apiSource->isAllowed('order:delete'));
static::assertFalse($apiSource->isAllowed('product:delete'));
static::assertFalse($apiSource->isAllowed('order:list'));
}
}
private function getAppContextSource(ScriptAppInformation $scriptAppInformation): AdminApiSource
{
if (\array_key_exists($scriptAppInformation->getAppId(), $this->appSources)) {
return $this->appSources[$scriptAppInformation->getAppId()];
}
$privileges = $this->fetchPrivileges($scriptAppInformation->getAppId());
$source = new AdminApiSource(null, $scriptAppInformation->getIntegrationId());
$source->setIsAdmin(false);
$source->setPermissions($privileges);
return $this->appSources[$scriptAppInformation->getAppId()] = $source;
}
private function fetchPrivileges(string $appId): array
{
$privileges = $this->connection->fetchOne(' SELECT `acl_role`.`privileges` AS `privileges` FROM `acl_role` INNER JOIN `app` ON `app`.`acl_role_id` = `acl_role`.`id` WHERE `app`.`id` = :appId ',
/** * @dataProvider annotationProvider * * @param list<string> $privileges * @param list<string> $acl */
public function testValidateRequestAsRouteAttribute(array $privileges, array $acl, bool $pass): void
{
$source = new AdminApiSource(null, null);
$source->setPermissions($privileges);
$context = new Context(
$source,
[],
Defaults::CURRENCY,
[Defaults::LANGUAGE_SYSTEM]
);
$request = new Request();
$request->attributes->set(PlatformRequest::ATTRIBUTE_ACL, $acl);
$request->attributes->set(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT, $context);
->addAssociation('deliveries.shippingOrderAddress.countryState');
/** @var OrderEntity $order */
$order = $this->getContainer()->get('order.repository')
->search($criteria, $context->getContext())
->get($orderId);
static::assertNotNull($order);
$cart = $this->getContainer()->get(OrderConverter::class)
->convertToCart($order, $context->getContext());
$context->setPermissions([
PromotionProcessor::SKIP_PROMOTION => true,
]);
$cart = $this->cartService->recalculate($cart, $context);
static::assertCount(2, $cart->getLineItems());
$promotion = $cart->getLineItems()->filterType(LineItem::PROMOTION_LINE_ITEM_TYPE);
static::assertCount(1, $promotion, 'Promotion was removed');
}
/** * This test verifies that our cart services * does also correctly remove the matching code * within our extension, if existing AND a fixed discount has been added that * is discounting TWO products. * We add two products and promotion code, then we grab one promotion discount * line item id and remove it. * After that we verify that our code array is empty in our extension (both discounts on the * two products are removed). * * @group promotions */
/** @var OrderEntity $order */
$order = $this->getContainer()->get('order.repository')
->search($criteria, $context->getContext())
->get($orderId);
static::assertNotNull($order);
$cart = $this->getContainer()->get(OrderConverter::class)
->convertToCart($order, $context->getContext());
$context->setPermissions([
PromotionProcessor::SKIP_PROMOTION => true,
]);
$cart = $this->cartService->recalculate($cart, $context);
static::assertCount(2, $cart->getLineItems());
$promotion = $cart->getLineItems()->filterType(LineItem::PROMOTION_LINE_ITEM_TYPE);
static::assertCount(1, $promotion, 'Promotion was removed');
}
/** * This test verifies that our cart services * does also correctly remove the matching code * within our extension, if existing AND a fixed discount has been added that * is discounting TWO products. * We add two products and promotion code, then we grab one promotion discount * line item id and remove it. * After that we verify that our code array is empty in our extension (both discounts on the * two products are removed). * * @group promotions */
return Uuid::fromBytesToHex($id);
}
private function getAdminApiSource(?string $userId, ?string $integrationId = null): AdminApiSource
{
$source = new AdminApiSource($userId, $integrationId);
// Use the permissions associated to that app, if the request is made by an integration associated to an app $appPermissions = $this->fetchPermissionsIntegrationByApp($integrationId);
if ($appPermissions !== null) {
$source->setIsAdmin(false);
$source->setPermissions($appPermissions);
return $source;
}
if ($userId !== null) {
$source->setPermissions($this->fetchPermissions($userId));
$source->setIsAdmin($this->isAdmin($userId));
return $source;
}
}
private function getAdminApiSource(?string $userId, ?string $integrationId = null): AdminApiSource
{
$source = new AdminApiSource($userId, $integrationId);
// Use the permissions associated to that app, if the request is made by an integration associated to an app $appPermissions = $this->fetchPermissionsIntegrationByApp($integrationId);
if ($appPermissions !== null) {
$source->setIsAdmin(false);
$source->setPermissions($appPermissions);
return $source;
}
if ($userId !== null) {
$source->setPermissions($this->fetchPermissions($userId));
$source->setIsAdmin($this->isAdmin($userId));
return $source;
}