'[websites/sso-kde-org] app: Fix issue with field, add test cases for permissions'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    [websites/sso-kde-org] app: Fix issue with field, add test cases for permissions
From:       Sayak Banerjee <sayakb () kde ! org>
Date:       2014-10-26 9:14:51
Message-ID: E1XiJuV-0001QZ-1q () scm ! kde ! org
[Download RAW message or body]

Git commit 1c36c4a5c204c0d2734fc166a0fcff1e3853f22d by Sayak Banerjee.
Committed on 26/10/2014 at 09:14.
Pushed by sayakb into branch 'master'.

Fix issue with field, add test cases for permissions

M  +20   -15   app/lib/components/Access.php
M  +1    -1    app/tests/helpers/TestHelper.php
A  +161  -0    app/tests/steps/PermissionTest.php

http://commits.kde.org/websites/sso-kde-org/1c36c4a5c204c0d2734fc166a0fcff1e3853f22d

diff --git a/app/lib/components/Access.php b/app/lib/components/Access.php
index 2821c90..7c59180 100755
--- a/app/lib/components/Access.php
+++ b/app/lib/components/Access.php
@@ -432,10 +432,29 @@ class Access {
 		// Set up the validation rules
 		$rules = array(
 			'subject_type' => 'required',
-			'field'        => 'required|exists:fields,id',
 			'flag'         => 'required|exists:acl_flags,name',
 		);
 
+		// Set field to 0 for non-field permissions
+		if ( ! str_contains($entry->flag, 'field'))
+		{
+			$entry->field = 0;
+		}
+
+		// Set field to 0 and object to 'all' for manage permissions
+		if (str_contains($entry->flag, 'manage'))
+		{
+			$entry->field = 0;
+			$entry->object_id = 0;
+			$entry->object_type = ACLTypes::ALL;
+		}
+
+		// Determine the field rules
+		if ($entry->field != 0)
+		{
+			$rules['field'] = 'required|exists:fields,id';
+		}
+
 		// Determine the subject lookup rules
 		if (isset($entry->subject_type))
 		{
@@ -497,20 +516,6 @@ class Access {
 			return $validator->messages()->all('<p>:message</p>');
 		}
 
-		// Set field to 0 for non-field permissions
-		if ( ! str_contains($entry->flag, 'field'))
-		{
-			$entry->field = 0;
-		}
-
-		// Set field to 0 and object to 'all' for manage permissions
-		if (str_contains($entry->flag, 'manage'))
-		{
-			$entry->field = 0;
-			$entry->object_id = 0;
-			$entry->object_type = ACLTypes::ALL;
-		}
-
 		// Check if an existing entry already exists
 		$acl = ACL::where('flag', $entry->flag)
 		          ->where('subject_id', $entry->subject_id)
diff --git a/app/tests/helpers/TestHelper.php b/app/tests/helpers/TestHelper.php
index d5fbdf0..710934c 100755
--- a/app/tests/helpers/TestHelper.php
+++ b/app/tests/helpers/TestHelper.php
@@ -111,7 +111,7 @@ class TestHelper {
 	public static function createGroup($type = GroupTypes::OPEN, $user = null, $request = false)
 	{
 		$group = Group::create(array(
-			'name'        => 'unittestgrp',
+			'name'        => str_random(20),
 			'description' => 'group description',
 			'type'        => $type,
 			'hash'        => str_random(8),
diff --git a/app/tests/steps/PermissionTest.php b/app/tests/steps/PermissionTest.php
new file mode 100755
index 0000000..9c98b77
--- /dev/null
+++ b/app/tests/steps/PermissionTest.php
@@ -0,0 +1,161 @@
+<?php
+
+/**
+ * Keychain
+ *
+ * SSO login provider for enterprise.
+ *
+ * @package     Keychain
+ * @copyright   (c) Keychain Developers
+ * @license     http://opensource.org/licenses/BSD-3-Clause
+ * @link        https://github.com/keychain-sso/keychain
+ * @since       Version 1.0
+ * @filesource
+ */
+
+/**
+ * PermissionTest class
+ *
+ * Unit test cases for PermissionController
+ *
+ * @package     Keychain
+ * @subpackage  UnitTests
+ */
+class PermissionTest extends KeychainTestCase {
+
+	/**
+	 * Tests the getIndex method of the controller
+	 *
+	 * @access public
+	 * @return void
+	 */
+	public function testGetIndex()
+	{
+		$admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+
+		$this->be($admin);
+		$this->call('GET', 'permission');
+
+		$this->assertResponseOk();
+		$this->assertViewHas('acl');
+	}
+
+	/**
+	 * Tests the getIndex method of the controller when user does not
+	 * have permissions
+	 *
+	 * @access public
+	 * @return void
+	 * @expectedException \Symfony\Component\HttpKernel\Exception\HttpException
+	 */
+	public function testGetIndexNoPermissions()
+	{
+		$user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+
+		$this->be($user);
+		$this->call('GET', 'permission');
+	}
+
+	/**
+	 * Tests the postIndex method of the controller for a global permission
+	 *
+	 * @access public
+	 * @return void
+	 */
+	public function testPostIndexGlobal()
+	{
+		$admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+		$user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+
+		$this->be($admin);
+
+		$this->call('POST', 'permission/index', array(
+			'subject_type' => ACLTypes::USER,
+			'subject_id'   => $user->id,
+			'flag'         => ACLFlags::USER_MANAGE,
+		));
+
+		$this->be($user);
+		$this->assertSessionHas('messages.success');
+		$this->assertTrue(Access::check(ACLFlags::USER_MANAGE));
+	}
+
+	/**
+	 * Tests the postIndex method of the controller for an object-based
+	 * permission
+	 *
+	 * @access public
+	 * @return void
+	 */
+	public function testPostIndexObject()
+	{
+		$admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+		$user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+		$subject = TestHelper::createGroup(GroupTypes::OPEN, $user)->group;
+		$object = TestHelper::createGroup()->group;
+
+		$this->be($admin);
+
+		$this->call('POST', 'permission/index', array(
+			'subject_type' => ACLTypes::GROUP,
+			'subject_id'   => $subject->id,
+			'object_type'  => ACLTypes::GROUP,
+			'object_id'    => $object->id,
+			'flag'         => ACLFlags::GROUP_EDIT,
+		));
+
+		$this->be($user);
+		$this->assertSessionHas('messages.success');
+		$this->assertTrue(Access::check(ACLFlags::GROUP_EDIT, $object));
+	}
+
+	/**
+	 * Tests the postIndex method of the controller for a field-based
+	 * permission
+	 *
+	 * @access public
+	 * @return void
+	 */
+	public function testPostIndexField()
+	{
+		$admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+		$user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+		$object = TestHelper::createGroup(GroupTypes::OPEN, $admin)->group;
+		$field = TestHelper::createField();
+
+		$this->be($admin);
+
+		$this->call('POST', 'permission/index', array(
+			'subject_type' => ACLTypes::USER,
+			'subject_id'   => $user->id,
+			'object_type'  => ACLTypes::GROUP,
+			'object_id'    => $object->id,
+			'flag'         => ACLFlags::FIELD_EDIT,
+			'field'        => $field->id,
+		));
+
+		$this->be($user);
+		$this->assertSessionHas('messages.success');
+		$this->assertTrue(Access::check(ACLFlags::FIELD_EDIT, $admin, $field));
+	}
+
+	/**
+	 * Tests the getRemove method of the controller
+	 *
+	 * @access public
+	 * @return void
+	 */
+	public function testGetRemove()
+	{
+		$admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+		$permission = ACL::where('flag', ACLFlags::USER_MANAGE)->first();
+
+		$this->be($admin);
+		$this->call('GET', "permission/remove/{$permission->id}");
+
+		$this->assertSessionHas('messages.success');
+		$this->assertEquals(null, ACL::find($permission->id));
+		$this->assertFalse(Access::check(ACLFlags::USER_MANAGE));
+	}
+
+}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic