function CasRolesTestCase::testRequireRole in CAS roles 7
Same name and namespace in other branches
- 7.2 cas_roles.test \CasRolesTestCase::testRequireRole()
Test the denial of login if a role is missing.
File
- ./
cas_roles.test, line 216 - Tests for CAS roles.
Class
- CasRolesTestCase
- Test case for CAS attribute setting.
Code
function testRequireRole() {
// Set up cas_roles
variable_set('cas_user_register', TRUE);
variable_set('cas_roles_sync_every_login', 1);
variable_set('cas_roles_behavior', CAS_ROLES_MATCH_REGEX);
variable_set('cas_roles_roles', '[cas:attribute:department]');
variable_set('cas_roles_require_a_role_create', FALSE);
variable_set('cas_roles_require_a_role_login', TRUE);
variable_set('cas_roles_relations', array(
'authenticated user' => '/^(Math)$/',
));
// Create a new CAS user.
$cas_name = $this
->randomName();
$attributes = array(
'department' => 'Physics',
);
$cas_user = array(
'name' => $cas_name,
'attributes' => $attributes,
);
variable_set('cas_test_cas_user', $cas_user);
// Test that the user is not automatically registered.
$this
->drupalGet('cas');
$this
->assertRaw(t('The user account %cas_name is not available on this site.', array(
'%cas_name' => $cas_name,
)));
$this
->drupalLogout();
// Set to allow users attributes.
variable_set('cas_roles_relations', array(
'authenticated user' => '/^(Physics)$/',
));
$this
->drupalGet('cas');
$this->loggedInUser = cas_user_load_by_name($cas_name, TRUE);
$this
->assertRaw(t('Logged in via CAS as %cas_username.', array(
'%cas_username' => $cas_name,
)));
$this
->drupalLogout();
// Set to forbid users attributes.
variable_set('cas_roles_relations', array(
'authenticated user' => '/^(Math)$/',
));
$this
->drupalGet('cas');
$this
->assertRaw(t('The user account %cas_name is not available on this site.', array(
'%cas_name' => $cas_name,
)));
$this
->drupalLogout();
// Test that the user is can log in again when only creation is blocked.
variable_set('cas_roles_require_a_role_create', TRUE);
variable_set('cas_roles_require_a_role_login', FALSE);
$this
->drupalGet('cas');
$this->loggedInUser = cas_user_load_by_name($cas_name, TRUE);
$this
->assertRaw(t('Logged in via CAS as %cas_username.', array(
'%cas_username' => $cas_name,
)));
$this
->drupalLogout();
$this
->clearCasUser();
// But a new user is still blocked.
$cas_name = $this
->randomName();
$cas_user = array(
'name' => $cas_name,
'attributes' => $attributes,
);
variable_set('cas_test_cas_user', $cas_user);
$this
->drupalGet('cas');
$this
->assertRaw(t('No account found for %cas_name.', array(
'%cas_name' => $cas_name,
)));
}