Merge pull request #358 from svycka/hotfix/issue-357

stop propagation only after MvcEvent::EVENT_DISPATCH_ERROR
ZF-Commons · Oct 26, 2016 · 48df720 · 48df720
2 parents 7344374 + a3afdac
commit 48df720
Show file tree

Hide file tree

Showing 7 changed files with 119 additions and 50 deletions.
diff --git a/src/ZfcRbac/Guard/AbstractGuard.php b/src/ZfcRbac/Guard/AbstractGuard.php
@@ -68,18 +68,13 @@ public function onResult(MvcEvent $event)
             403
         ));
 
-        $event->stopPropagation(true);
-
         $application  = $event->getApplication();
         $eventManager = $application->getEventManager();
 
-        if (method_exists($eventManager, 'triggerEvent')) {
-            // ZF3 EventManager
-            $event->setName(MvcEvent::EVENT_DISPATCH_ERROR);
-            $eventManager->triggerEvent($event);
-        } else {
-            // ZF2 EventManager
-            $eventManager->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
-        }
+        $event->setName(MvcEvent::EVENT_DISPATCH_ERROR);
+        $eventManager->triggerEvent($event);
+
+        // just in case
+        $event->stopPropagation(true);
     }
 }
diff --git a/tests/ZfcRbacTest/Asset/DummyGuard.php b/tests/ZfcRbacTest/Asset/DummyGuard.php
@@ -0,0 +1,35 @@
+<?php
+/*
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * This software consists of voluntary contributions made by many individuals
+ * and is licensed under the MIT license.
+ */
+
+namespace ZfcRbacTest\Asset;
+
+use Zend\Mvc\MvcEvent;
+use ZfcRbac\Guard\AbstractGuard;
+
+class DummyGuard extends AbstractGuard
+{
+    /**
+     * @param  MvcEvent $event
+     *
+     * @return bool
+     */
+    public function isGranted(MvcEvent $event)
+    {
+        return false;
+    }
+}
diff --git a/tests/ZfcRbacTest/Guard/AbstractGuardTest.php b/tests/ZfcRbacTest/Guard/AbstractGuardTest.php
@@ -0,0 +1,63 @@
+<?php
+/*
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * This software consists of voluntary contributions made by many individuals
+ * and is licensed under the MIT license.
+ */
+
+namespace ZfcRbacTest\Guard;
+
+use Zend\EventManager\EventManager;
+use Zend\Mvc\Application;
+use Zend\Mvc\MvcEvent;
+use ZfcRbacTest\Asset\DummyGuard;
+
+/**
+ * @covers \ZfcRbac\Guard\AbstractGuard
+ * @covers \ZfcRbac\Guard\ControllerGuard
+ */
+class AbstractGuardTest extends \PHPUnit_Framework_TestCase
+{
+    public function testDoesNotLimitDispatchErrorEventToOnlyOneListener()
+    {
+        $eventManager = new EventManager();
+        $application = $this->prophesize(Application::class);
+        $application->getEventManager()->willReturn($eventManager);
+
+        $event = new MvcEvent();
+        $event->setApplication($application->reveal());
+
+        $guard = new DummyGuard();
+        $guard->attach($eventManager);
+
+        $eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, function (MvcEvent $event) {
+            $event->setParam('first-listener', true);
+        });
+        $eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, function (MvcEvent $event) {
+            $event->setParam('second-listener', true);
+        });
+
+        // attach listener with lower priority than DummyGuard
+        $eventManager->attach(MvcEvent::EVENT_ROUTE, function (MvcEvent $event) {
+            $this->fail('should not be called, because guard should stop propagation');
+        }, DummyGuard::EVENT_PRIORITY - 1);
+
+        $event->setName(MvcEvent::EVENT_ROUTE);
+        $eventManager->triggerEvent($event);
+
+        $this->assertTrue($event->getParam('first-listener'));
+        $this->assertTrue($event->getParam('second-listener'));
+        $this->assertTrue($event->propagationIsStopped());
+    }
+}
diff --git a/tests/ZfcRbacTest/Guard/ControllerGuardTest.php b/tests/ZfcRbacTest/Guard/ControllerGuardTest.php
@@ -488,21 +488,15 @@ public function testProperlySetUnauthorizedAndTriggerEventOnUnauthorization()
         ]);
 
         $application  = $this->getMock('Zend\Mvc\Application', [], [], '', false);
-        $eventManager = $this->getMock('Zend\EventManager\EventManagerInterface');
+        $eventManager = $this->getMock('Zend\EventManager\EventManager');
 
         $application->expects($this->once())
                     ->method('getEventManager')
                     ->will($this->returnValue($eventManager));
 
-        if (method_exists($eventManager, 'triggerEvent')) {
-            $eventManager->expects($this->once())
-                         ->method('triggerEvent')
-                         ->with($event);
-        } else {
-            $eventManager->expects($this->once())
-                         ->method('trigger')
-                         ->with(MvcEvent::EVENT_DISPATCH_ERROR);
-        }
+        $eventManager->expects($this->once())
+                     ->method('triggerEvent')
+                     ->with($event);
 
         $routeMatch->setParam('controller', 'MyController');
         $routeMatch->setParam('action', 'delete');

diff --git a/tests/ZfcRbacTest/Guard/ControllerPermissionsGuardTest.php b/tests/ZfcRbacTest/Guard/ControllerPermissionsGuardTest.php
@@ -475,21 +475,15 @@ public function testProperlySetUnauthorizedAndTriggerEventOnUnauthorization()
         ]);
 
         $application  = $this->getMock('Zend\Mvc\Application', [], [], '', false);
-        $eventManager = $this->getMock('Zend\EventManager\EventManagerInterface');
+        $eventManager = $this->getMock('Zend\EventManager\EventManager');
 
         $application->expects($this->once())
             ->method('getEventManager')
             ->will($this->returnValue($eventManager));
 
-        if (method_exists($eventManager, 'triggerEvent')) {
-            $eventManager->expects($this->once())
-                ->method('triggerEvent')
-                ->with($event);
-        } else {
-            $eventManager->expects($this->once())
-                ->method('trigger')
-                ->with(MvcEvent::EVENT_DISPATCH_ERROR);
-        }
+        $eventManager->expects($this->once())
+            ->method('triggerEvent')
+            ->with($event);
 
         $event->setRouteMatch($routeMatch);
         $event->setApplication($application);

diff --git a/tests/ZfcRbacTest/Guard/RouteGuardTest.php b/tests/ZfcRbacTest/Guard/RouteGuardTest.php
@@ -433,21 +433,15 @@ public function testProperlySetUnauthorizedAndTriggerEventOnUnauthorization()
         $routeMatch = $this->createRouteMatch();
 
         $application  = $this->getMock('Zend\Mvc\Application', [], [], '', false);
-        $eventManager = $this->getMock('Zend\EventManager\EventManagerInterface');
+        $eventManager = $this->getMock('Zend\EventManager\EventManager');
 
         $application->expects($this->once())
                     ->method('getEventManager')
                     ->will($this->returnValue($eventManager));
 
-        if (method_exists($eventManager, 'triggerEvent')) {
-            $eventManager->expects($this->once())
-                ->method('triggerEvent')
-                ->with($event);
-        } else {
-            $eventManager->expects($this->once())
-                ->method('trigger')
-                ->with(MvcEvent::EVENT_DISPATCH_ERROR);
-        }
+        $eventManager->expects($this->once())
+            ->method('triggerEvent')
+            ->with($event);
 
         $routeMatch->setMatchedRouteName('adminRoute');
         $event->setRouteMatch($routeMatch);

diff --git a/tests/ZfcRbacTest/Guard/RoutePermissionsGuardTest.php b/tests/ZfcRbacTest/Guard/RoutePermissionsGuardTest.php
@@ -410,7 +410,7 @@ public function testProperlyFillEventOnAuthorization()
 
     public function testProperlySetUnauthorizedAndTriggerEventOnUnauthorization()
     {
-        $eventManager = $this->getMock('Zend\EventManager\EventManagerInterface');
+        $eventManager = $this->getMock('Zend\EventManager\EventManager');
 
         $application = $this->getMock('Zend\Mvc\Application', [], [], '', false);
         $application->expects($this->once())
@@ -424,15 +424,9 @@ public function testProperlySetUnauthorizedAndTriggerEventOnUnauthorization()
         $event->setRouteMatch($routeMatch);
         $event->setApplication($application);
 
-        if (method_exists($eventManager, 'triggerEvent')) {
-            $eventManager->expects($this->once())
-                ->method('triggerEvent')
-                ->with($event);
-        } else {
-            $eventManager->expects($this->once())
-                ->method('trigger')
-                ->with(MvcEvent::EVENT_DISPATCH_ERROR);
-        }
+        $eventManager->expects($this->once())
+            ->method('triggerEvent')
+            ->with($event);
 
         $authorizationService = $this->getMock('ZfcRbac\Service\AuthorizationServiceInterface', [], [], '', false);
         $authorizationService->expects($this->once())