[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: [websites/sso-kde-org] app: Fix issue with field, add test cases for permissions
From: Sayak Banerjee <sayakb () kde ! org>
Date: 2014-10-26 9:14:51
Message-ID: E1XiJuV-0001QZ-1q () scm ! kde ! org
[Download RAW message or body]
Git commit 1c36c4a5c204c0d2734fc166a0fcff1e3853f22d by Sayak Banerjee.
Committed on 26/10/2014 at 09:14.
Pushed by sayakb into branch 'master'.
Fix issue with field, add test cases for permissions
M +20 -15 app/lib/components/Access.php
M +1 -1 app/tests/helpers/TestHelper.php
A +161 -0 app/tests/steps/PermissionTest.php
http://commits.kde.org/websites/sso-kde-org/1c36c4a5c204c0d2734fc166a0fcff1e3853f22d
diff --git a/app/lib/components/Access.php b/app/lib/components/Access.php
index 2821c90..7c59180 100755
--- a/app/lib/components/Access.php
+++ b/app/lib/components/Access.php
@@ -432,10 +432,29 @@ class Access {
// Set up the validation rules
$rules = array(
'subject_type' => 'required',
- 'field' => 'required|exists:fields,id',
'flag' => 'required|exists:acl_flags,name',
);
+ // Set field to 0 for non-field permissions
+ if ( ! str_contains($entry->flag, 'field'))
+ {
+ $entry->field = 0;
+ }
+
+ // Set field to 0 and object to 'all' for manage permissions
+ if (str_contains($entry->flag, 'manage'))
+ {
+ $entry->field = 0;
+ $entry->object_id = 0;
+ $entry->object_type = ACLTypes::ALL;
+ }
+
+ // Determine the field rules
+ if ($entry->field != 0)
+ {
+ $rules['field'] = 'required|exists:fields,id';
+ }
+
// Determine the subject lookup rules
if (isset($entry->subject_type))
{
@@ -497,20 +516,6 @@ class Access {
return $validator->messages()->all('<p>:message</p>');
}
- // Set field to 0 for non-field permissions
- if ( ! str_contains($entry->flag, 'field'))
- {
- $entry->field = 0;
- }
-
- // Set field to 0 and object to 'all' for manage permissions
- if (str_contains($entry->flag, 'manage'))
- {
- $entry->field = 0;
- $entry->object_id = 0;
- $entry->object_type = ACLTypes::ALL;
- }
-
// Check if an existing entry already exists
$acl = ACL::where('flag', $entry->flag)
->where('subject_id', $entry->subject_id)
diff --git a/app/tests/helpers/TestHelper.php b/app/tests/helpers/TestHelper.php
index d5fbdf0..710934c 100755
--- a/app/tests/helpers/TestHelper.php
+++ b/app/tests/helpers/TestHelper.php
@@ -111,7 +111,7 @@ class TestHelper {
public static function createGroup($type = GroupTypes::OPEN, $user = null, $request = false)
{
$group = Group::create(array(
- 'name' => 'unittestgrp',
+ 'name' => str_random(20),
'description' => 'group description',
'type' => $type,
'hash' => str_random(8),
diff --git a/app/tests/steps/PermissionTest.php b/app/tests/steps/PermissionTest.php
new file mode 100755
index 0000000..9c98b77
--- /dev/null
+++ b/app/tests/steps/PermissionTest.php
@@ -0,0 +1,161 @@
+<?php
+
+/**
+ * Keychain
+ *
+ * SSO login provider for enterprise.
+ *
+ * @package Keychain
+ * @copyright (c) Keychain Developers
+ * @license http://opensource.org/licenses/BSD-3-Clause
+ * @link https://github.com/keychain-sso/keychain
+ * @since Version 1.0
+ * @filesource
+ */
+
+/**
+ * PermissionTest class
+ *
+ * Unit test cases for PermissionController
+ *
+ * @package Keychain
+ * @subpackage UnitTests
+ */
+class PermissionTest extends KeychainTestCase {
+
+ /**
+ * Tests the getIndex method of the controller
+ *
+ * @access public
+ * @return void
+ */
+ public function testGetIndex()
+ {
+ $admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+
+ $this->be($admin);
+ $this->call('GET', 'permission');
+
+ $this->assertResponseOk();
+ $this->assertViewHas('acl');
+ }
+
+ /**
+ * Tests the getIndex method of the controller when user does not
+ * have permissions
+ *
+ * @access public
+ * @return void
+ * @expectedException \Symfony\Component\HttpKernel\Exception\HttpException
+ */
+ public function testGetIndexNoPermissions()
+ {
+ $user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+
+ $this->be($user);
+ $this->call('GET', 'permission');
+ }
+
+ /**
+ * Tests the postIndex method of the controller for a global permission
+ *
+ * @access public
+ * @return void
+ */
+ public function testPostIndexGlobal()
+ {
+ $admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+ $user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+
+ $this->be($admin);
+
+ $this->call('POST', 'permission/index', array(
+ 'subject_type' => ACLTypes::USER,
+ 'subject_id' => $user->id,
+ 'flag' => ACLFlags::USER_MANAGE,
+ ));
+
+ $this->be($user);
+ $this->assertSessionHas('messages.success');
+ $this->assertTrue(Access::check(ACLFlags::USER_MANAGE));
+ }
+
+ /**
+ * Tests the postIndex method of the controller for an object-based
+ * permission
+ *
+ * @access public
+ * @return void
+ */
+ public function testPostIndexObject()
+ {
+ $admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+ $user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+ $subject = TestHelper::createGroup(GroupTypes::OPEN, $user)->group;
+ $object = TestHelper::createGroup()->group;
+
+ $this->be($admin);
+
+ $this->call('POST', 'permission/index', array(
+ 'subject_type' => ACLTypes::GROUP,
+ 'subject_id' => $subject->id,
+ 'object_type' => ACLTypes::GROUP,
+ 'object_id' => $object->id,
+ 'flag' => ACLFlags::GROUP_EDIT,
+ ));
+
+ $this->be($user);
+ $this->assertSessionHas('messages.success');
+ $this->assertTrue(Access::check(ACLFlags::GROUP_EDIT, $object));
+ }
+
+ /**
+ * Tests the postIndex method of the controller for a field-based
+ * permission
+ *
+ * @access public
+ * @return void
+ */
+ public function testPostIndexField()
+ {
+ $admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+ $user = TestHelper::createUser(UserStatus::ACTIVE)->user;
+ $object = TestHelper::createGroup(GroupTypes::OPEN, $admin)->group;
+ $field = TestHelper::createField();
+
+ $this->be($admin);
+
+ $this->call('POST', 'permission/index', array(
+ 'subject_type' => ACLTypes::USER,
+ 'subject_id' => $user->id,
+ 'object_type' => ACLTypes::GROUP,
+ 'object_id' => $object->id,
+ 'flag' => ACLFlags::FIELD_EDIT,
+ 'field' => $field->id,
+ ));
+
+ $this->be($user);
+ $this->assertSessionHas('messages.success');
+ $this->assertTrue(Access::check(ACLFlags::FIELD_EDIT, $admin, $field));
+ }
+
+ /**
+ * Tests the getRemove method of the controller
+ *
+ * @access public
+ * @return void
+ */
+ public function testGetRemove()
+ {
+ $admin = TestHelper::createUser(UserStatus::ACTIVE, true)->user;
+ $permission = ACL::where('flag', ACLFlags::USER_MANAGE)->first();
+
+ $this->be($admin);
+ $this->call('GET', "permission/remove/{$permission->id}");
+
+ $this->assertSessionHas('messages.success');
+ $this->assertEquals(null, ACL::find($permission->id));
+ $this->assertFalse(Access::check(ACLFlags::USER_MANAGE));
+ }
+
+}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic