Commits

eugenio pombi committed 09b3508

adds delete function for admin user

Comments (0)

Files changed (4)

app/config/security.yml

             anonymous: ~
             http_basic:
                 realm: "Secured Book Creation"
+    role_hierarchy:
+        ROLE_ADMIN: ROLE_USER
     access_control:
         - { path: ^/books/create, roles: ROLE_USER }
+        - { path: ^/books/delete, roles: ROLE_ADMIN }
     providers:
         in_memory:
             memory:
                 users:
                     user1:  { password: 1234, roles: 'ROLE_USER' }
+                    admin:  { password: admin, roles: 'ROLE_ADMIN' }
     encoders:
         Symfony\Component\Security\Core\User\User: plaintext

src/PUGX/BookBundle/Controller/DefaultController.php

         $form = $this->createForm(new BookType(), $book);
 
         if ($request->isMethod('POST')) {
-            $form->bind($request);
+            $form->handleRequest($request);
 
             if ($form->isValid()) {
                 $em = $this->getDoctrine()->getManager();
 
         return $this->render('PUGXBookBundle:Default:bookCreate.html.twig', array('form' => $form->createView()));
     }
+
+    public function bookDeleteAction($bookId)
+    {
+        $em   = $this->getDoctrine()->getManager();
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneById($bookId);
+
+        if (!$book) {
+            throw $this->createNotFoundException('Book not found');
+        }
+
+        $em->remove($book);
+        $em->flush();
+
+        $this->get('session')->getFlashBag()->add('notice', 'Book successfully deleted');
+
+        return $this->redirect($this->generateUrl('pugx_book_list'));
+    }
+
 }

src/PUGX/BookBundle/Resources/config/routing.yml

 pugx_book_create:
     pattern:  /books/create
     defaults: { _controller: PUGXBookBundle:Default:bookCreate }
+
+pugx_book_delete:
+    pattern:  /books/delete/{bookId}
+    defaults: { _controller: PUGXBookBundle:Default:bookDelete }

src/PUGX/BookBundle/Tests/Controller/DefaultControllerTest.php

 namespace PUGX\BookBundle\Tests\Controller;
 
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use PUGX\BookBundle\Entity\Book;
 
 class DefaultControllerTest extends WebTestCase
 {
         $this->assertTrue($client->getResponse()->isNotFound());
     }
 
+    public function testCreate_401()
+    {
+        $client = static::createClient(array(), array(
+            'PHP_AUTH_USER' => 'incorrect',
+            'PHP_AUTH_PW'   => 'credentials',
+        ));
+
+        $crawler = $client->request('GET', '/books/create');
+
+        $this->assertEquals(401, $client->getResponse()->getStatusCode());
+    }
+
     public function testCreate()
     {
         $client = static::createClient(array(), array(
         $this->assertEquals('Beck', $book->getAuthor()->getSurname());
     }
 
+    public function testDelete_401()
+    {
+        $em = static::$kernel->getContainer()->get('doctrine')->getManager();
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneByTitle('The Clean Coder');
+
+        $client = static::createClient(array(), array(
+            'PHP_AUTH_USER' => 'incorrect',
+            'PHP_AUTH_PW'   => 'credentials',
+        ));
+
+        $crawler = $client->request('GET', '/books/delete/' . $book->getId());
+
+        $this->assertEquals(401, $client->getResponse()->getStatusCode());
+    }
+
+    public function testDelete_403()
+    {
+        $em = static::$kernel->getContainer()->get('doctrine')->getManager();
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneByTitle('The Clean Coder');
+
+        $client = static::createClient(array(), array(
+            'PHP_AUTH_USER' => 'user1',
+            'PHP_AUTH_PW'   => '1234',
+        ));
+
+        $crawler = $client->request('GET', '/books/delete/' . $book->getId());
+
+        $this->assertEquals(403, $client->getResponse()->getStatusCode());
+    }
+
+    public function testDelete_404()
+    {
+        $client = static::createClient(array(), array(
+            'PHP_AUTH_USER' => 'admin',
+            'PHP_AUTH_PW'   => 'admin',
+        ));
+
+        $crawler = $client->request('GET', '/books/delete/non-existing');
+
+        $this->assertEquals(404, $client->getResponse()->getStatusCode());
+    }
+
+    public function testDelete()
+    {
+        $em = static::$kernel->getContainer()->get('doctrine')->getManager();
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneByTitle('The Clean Coder');
+
+        $client = static::createClient(array(), array(
+            'PHP_AUTH_USER' => 'admin',
+            'PHP_AUTH_PW'   => 'admin',
+        ));
+
+        $crawler = $client->request('GET', '/books/delete/' . $book->getId());
+
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $crawler = $client->followRedirect();
+        $this->assertTrue($client->getResponse()->isSuccessful());
+        $this->assertTrue($crawler->filter('.notice')->count() == 1);
+
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneByTitle("The Clean Coder");
+        $this->assertNull($book);
+    }
+
     public function tearDown()
     {
         $em = static::$kernel->getContainer()->get('doctrine')->getManager();
 
         if ($book) {
             $em->remove($book);
-            $em->flush();
         }
+
+        $book = $em->getRepository('PUGXBookBundle:Book')->findOneBy(array(
+            'title' => "The Clean Coder",
+        ));
+        if (!$book) {
+            $martin = $em->getRepository('PUGXBookBundle:Author')->findOneBy(array(
+                'surname' => "Martin",
+            ));
+            $book = new Book(
+                "The Clean Coder",
+                $martin,
+                new \DateTime('2011-5-23')
+            );
+
+            $em->persist($book);
+        }
+
+        $em->flush();
     }
 }