public function hasRoleWorksWithRecursiveRoles()
{
$everybodyRole = $this->getAccessibleMock(Policy\Role::class, ['dummy'], ['Neos.Flow:Everybody']);
$testRole1 = $this->getAccessibleMock(Policy\Role::class, ['dummy'], ['Acme.Demo:TestRole1']);
$testRole2 = $this->getAccessibleMock(Policy\Role::class, ['dummy'], ['Acme.Demo:TestRole2']);
$mockAuthenticationManager = $this->createMock(AuthenticationManagerInterface::class);
$mockAuthenticationManager->expects($this->atLeastOnce())->method('isAuthenticated')->will($this->returnValue(true));
$mockPolicyService = $this->getAccessibleMock(Policy\PolicyService::class, ['getRole', 'initializeRolesFromPolicy']);
$mockPolicyService->expects($this->atLeastOnce())->method('getRole')->will($this->returnCallback(function ($roleIdentifier) use($everybodyRole, $testRole1, $testRole2) {
switch ($roleIdentifier) {
case 'Neos.Flow:Everybody':
return $everybodyRole;
case 'Acme.Demo:TestRole1':
return $testRole1;
case 'Acme.Demo:TestRole2':
return $testRole2;
}
}));
$everybodyRole->_set('policyService', $mockPolicyService);
$testRole1->_set('policyService', $mockPolicyService);
$testRole2->_set('policyService', $mockPolicyService);
// Set parents
$testRole1->setParentRoles([$testRole2]);
$account = $this->getAccessibleMock(Account::class, ['dummy']);
$account->_set('policyService', $mockPolicyService);
$account->setRoles([$testRole1]);
$mockToken = $this->createMock(TokenInterface::class);
$mockToken->expects($this->atLeastOnce())->method('isAuthenticated')->will($this->returnValue(true));
$mockToken->expects($this->atLeastOnce())->method('getAccount')->will($this->returnValue($account));
$securityContext = $this->getAccessibleMock(Context::class, ['initialize', 'getAccount']);
$securityContext->expects($this->any())->method('getAccount')->will($this->returnValue($account));
$securityContext->_set('activeTokens', [$mockToken]);
$securityContext->_set('policyService', $mockPolicyService);
$securityContext->_set('authenticationManager', $mockAuthenticationManager);
$this->assertTrue($securityContext->hasRole('Acme.Demo:TestRole2'));
}