diff options
author | Shawn M Moore <shawn@bestpractical.com> | 2017-04-13 18:49:29 +0300 |
---|---|---|
committer | sunnavy <sunnavy@bestpractical.com> | 2022-10-19 00:25:59 +0300 |
commit | a126fafd8b105f279a9b5d2829f0993790d63c6d (patch) | |
tree | 7833781b1eca145c2caa5de6d9b9a5ef61fb67d0 | |
parent | a25e815eec6414668cb25d014b461316cdc97664 (diff) |
Add API and web tests for interacting with custom roles on assets
-rw-r--r-- | t/customroles/assets.t | 330 | ||||
-rw-r--r-- | t/customroles/web-assets.t | 279 |
2 files changed, 609 insertions, 0 deletions
diff --git a/t/customroles/assets.t b/t/customroles/assets.t new file mode 100644 index 0000000000..314041f908 --- /dev/null +++ b/t/customroles/assets.t @@ -0,0 +1,330 @@ +use strict; +use warnings; + +use RT::Test::Assets tests => undef; + +my $general = create_catalog( Name => 'General' ); +my $inbox = create_catalog( Name => 'Inbox' ); +my $specs = create_catalog( Name => 'Specs' ); +my $development = create_catalog( Name => 'Development' ); + +my $engineer = RT::CustomRole->new(RT->SystemUser); +my $sales = RT::CustomRole->new(RT->SystemUser); +my $unapplied = RT::CustomRole->new(RT->SystemUser); + +my $linus = RT::Test->load_or_create_user( EmailAddress => 'linus@example.com' ); +my $blake = RT::Test->load_or_create_user( EmailAddress => 'blake@example.com' ); +my $williamson = RT::Test->load_or_create_user( EmailAddress => 'williamson@example.com' ); +my $moss = RT::Test->load_or_create_user( EmailAddress => 'moss@example.com' ); +my $ricky = RT::Test->load_or_create_user( EmailAddress => 'ricky.roma@example.com' ); + +my $team = RT::Test->load_or_create_group( + 'Team', + Members => [$blake, $williamson, $moss, $ricky], +); + +sub txn_messages_like { + local $Test::Builder::Level = $Test::Builder::Level + 1; + + my $a = shift; + my $re = shift; + + my $txns = $a->Transactions; + $txns->Limit(FIELD => 'Type', VALUE => 'SetWatcher'); + $txns->Limit(FIELD => 'Type', VALUE => 'AddWatcher'); + $txns->Limit(FIELD => 'Type', VALUE => 'DelWatcher'); + + is($txns->Count, scalar(@$re), 'expected number of transactions'); + + while (my $txn = $txns->Next) { + like($txn->BriefDescription, (shift(@$re) || qr/(?!)/)); + } +} + +diag 'setup' if $ENV{'TEST_VERBOSE'}; +{ + ok( RT::Test->add_rights( { Principal => 'Privileged', Right => [ qw(CreateAsset ShowAsset ModifyAsset ShowCatalog) ] } )); + + my ($ok, $msg) = $engineer->Create( + Name => 'Engineer-' . $$, + LookupType => RT::Asset->CustomFieldLookupType, + MaxValues => 1, + ); + ok($ok, "created Engineer role: $msg"); + + ($ok, $msg) = $sales->Create( + Name => 'Sales-' . $$, + LookupType => RT::Asset->CustomFieldLookupType, + MaxValues => 0, + ); + ok($ok, "created Sales role: $msg"); + + ($ok, $msg) = $unapplied->Create( + Name => 'Unapplied-' . $$, + LookupType => RT::Asset->CustomFieldLookupType, + MaxValues => 0, + ); + ok($ok, "created Unapplied role: $msg"); + + ($ok, $msg) = $sales->AddToObject($inbox->id); + ok($ok, "added Sales to Inbox: $msg"); + + ($ok, $msg) = $sales->AddToObject($specs->id); + ok($ok, "added Sales to Specs: $msg"); + + ($ok, $msg) = $engineer->AddToObject($specs->id); + ok($ok, "added Engineer to Specs: $msg"); + + ($ok, $msg) = $engineer->AddToObject($development->id); + ok($ok, "added Engineer to Development: $msg"); +} + +diag 'create assets in General (no custom roles)' if $ENV{'TEST_VERBOSE'}; +{ + my $general1 = create_asset( + Catalog => 'General', + Name => 'an asset', + Owner => $williamson->PrincipalId, + Contact => [$blake->EmailAddress], + ); + is($general1->Owner->id, $williamson->id, 'owner is correct'); + is($general1->RoleAddresses('Contact'), $blake->EmailAddress, 'contacts correct'); + is($general1->RoleAddresses('HeldBy'), '', 'no heldby'); + is($general1->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($general1->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $general2 = create_asset( + Catalog => 'General', + Name => 'another asset', + Owner => $linus->PrincipalId, + Contact => [$moss->EmailAddress, $williamson->EmailAddress], + HeldBy => [$blake->EmailAddress], + ); + is($general2->Owner->id, $linus->id, 'owner is correct'); + is($general2->RoleAddresses('Contact'), (join ', ', sort $moss->EmailAddress, $williamson->EmailAddress), 'contacts correct'); + is($general2->RoleAddresses('HeldBy'), $blake->EmailAddress, 'heldby correct'); + is($general2->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($general2->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $general3 = create_asset( + Catalog => 'General', + Name => 'oops', + Owner => $ricky->PrincipalId, + $engineer->GroupType => $linus, + $sales->GroupType => [$blake->EmailAddress], + ); + is($general3->Owner->id, $ricky->id, 'owner is correct'); + is($general3->RoleAddresses('Contact'), '', 'no contacts'); + is($general3->RoleAddresses('HeldBy'), '', 'no heldby'); + is($general3->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($general3->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); +} + +diag 'create assets in Inbox (sales role)' if $ENV{'TEST_VERBOSE'}; +{ + my $inbox1 = create_asset( + Catalog => 'Inbox', + Name => 'an asset', + Owner => $williamson->PrincipalId, + Contact => [$blake->EmailAddress], + ); + is($inbox1->Owner->id, $williamson->id, 'owner is correct'); + is($inbox1->RoleAddresses('Contact'), $blake->EmailAddress, 'contacts correct'); + is($inbox1->RoleAddresses('HeldBy'), '', 'no heldby'); + is($inbox1->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($inbox1->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $inbox2 = create_asset( + Catalog => 'Inbox', + Name => 'another asset', + Owner => $linus->PrincipalId, + Contact => [$moss->EmailAddress, $williamson->EmailAddress], + HeldBy => [$blake->EmailAddress], + ); + is($inbox2->Owner->id, $linus->id, 'owner is correct'); + is($inbox2->RoleAddresses('Contact'), (join ', ', sort $moss->EmailAddress, $williamson->EmailAddress), 'contacts correct'); + is($inbox2->RoleAddresses('HeldBy'), $blake->EmailAddress, 'heldby correct'); + is($inbox2->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($inbox2->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $inbox3 = create_asset( + Catalog => 'Inbox', + Name => 'oops', + Owner => $ricky->PrincipalId, + $engineer->GroupType => $linus, + $sales->GroupType => [$blake->EmailAddress], + ); + is($inbox3->Owner->id, $ricky->id, 'owner is correct'); + is($inbox3->RoleAddresses('Contact'), '', 'no contacts'); + is($inbox3->RoleAddresses('HeldBy'), '', 'no heldby'); + is($inbox3->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($inbox3->RoleAddresses($sales->GroupType), $blake->EmailAddress, 'got sales'); + + my $inbox4 = create_asset( + Catalog => 'Inbox', + Name => 'more', + Owner => $ricky->PrincipalId, + $engineer->GroupType => $linus, + $sales->GroupType => [$blake->EmailAddress, $williamson->EmailAddress], + ); + is($inbox4->Owner->id, $ricky->id, 'owner is correct'); + is($inbox4->RoleAddresses('Contact'), '', 'no contacts'); + is($inbox4->RoleAddresses('HeldBy'), '', 'no heldby'); + is($inbox4->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($inbox4->RoleAddresses($sales->GroupType), (join ', ', sort $blake->EmailAddress, $williamson->EmailAddress), 'got sales'); +} + +diag 'create assets in Specs (both roles)' if $ENV{'TEST_VERBOSE'}; +{ + my $specs1 = create_asset( + Catalog => 'Specs', + Name => 'an asset', + Owner => $williamson->PrincipalId, + Contact => [$blake->EmailAddress], + ); + is($specs1->Owner->id, $williamson->id, 'owner is correct'); + is($specs1->RoleAddresses('Contact'), $blake->EmailAddress, 'contacts correct'); + is($specs1->RoleAddresses('HeldBy'), '', 'no heldby'); + is($specs1->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($specs1->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $specs2 = create_asset( + Catalog => 'Specs', + Name => 'another asset', + Owner => $linus->PrincipalId, + Contact => [$moss->EmailAddress, $williamson->EmailAddress], + HeldBy => [$blake->EmailAddress], + ); + is($specs2->Owner->id, $linus->id, 'owner is correct'); + is($specs2->RoleAddresses('Contact'), (join ', ', sort $moss->EmailAddress, $williamson->EmailAddress), 'contacts correct'); + is($specs2->RoleAddresses('HeldBy'), $blake->EmailAddress, 'heldby correct'); + is($specs2->RoleAddresses($engineer->GroupType), '', 'no engineer (role not applied to catalog)'); + is($specs2->RoleAddresses($sales->GroupType), '', 'no sales (role not applied to catalog)'); + + my $specs3 = create_asset( + Catalog => 'Specs', + Name => 'oops', + Owner => $ricky->PrincipalId, + $engineer->GroupType => $linus, + $sales->GroupType => [$blake->EmailAddress], + ); + is($specs3->Owner->id, $ricky->id, 'owner is correct'); + is($specs3->RoleAddresses('Contact'), '', 'no contacts'); + is($specs3->RoleAddresses('HeldBy'), '', 'no heldby'); + is($specs3->RoleAddresses($engineer->GroupType), $linus->EmailAddress, 'got engineer'); + is($specs3->RoleAddresses($sales->GroupType), $blake->EmailAddress, 'got sales'); + + my $specs4 = create_asset( + Catalog => 'Specs', + Name => 'more', + Owner => $ricky->PrincipalId, + $engineer->GroupType => $linus, + $sales->GroupType => [$blake->EmailAddress, $williamson->EmailAddress], + ); + is($specs4->Owner->id, $ricky->id, 'owner is correct'); + is($specs4->RoleAddresses('Contact'), '', 'no contacts'); + is($specs4->RoleAddresses('HeldBy'), '', 'no heldby'); + is($specs4->RoleAddresses($engineer->GroupType), $linus->EmailAddress, 'got engineer'); + is($specs4->RoleAddresses($sales->GroupType), (join ', ', sort $blake->EmailAddress, $williamson->EmailAddress), 'got sales'); +} + +diag 'update asset in Specs' if $ENV{'TEST_VERBOSE'}; +{ + my $a = create_asset( + Catalog => 'Specs', + Name => 'updates', + ); + + is($a->Owner->id, RT->Nobody->id, 'owner nobody'); + is($a->RoleAddresses('Contact'), '', 'no contacts'); + is($a->RoleAddresses('HeldBy'), '', 'no heldby'); + is($a->RoleAddresses($engineer->GroupType), '', 'no engineer'); + is($a->RoleAddresses($sales->GroupType), '', 'no sales'); + is($a->RoleAddresses($unapplied->GroupType), '', 'no unapplied'); + + my ($ok, $msg) = $a->AddRoleMember(Type => 'Owner', Principal => $linus->PrincipalObj); + ok($ok, "set owner: $msg"); + is($a->Owner->id, $linus->id, 'owner linus'); + + ($ok, $msg) = $a->AddRoleMember(Type => 'Contact', Principal => $ricky->PrincipalObj); + ok($ok, "add contact: $msg"); + is($a->RoleAddresses('Contact'), $ricky->EmailAddress, 'contact ricky'); + + ($ok, $msg) = $a->AddRoleMember(Type => 'HeldBy', Principal => $blake->PrincipalObj); + ok($ok, "add heldby: $msg"); + is($a->RoleAddresses('HeldBy'), $blake->EmailAddress, 'heldby blake'); + + ($ok, $msg) = $a->AddRoleMember(Type => $sales->GroupType, Principal => $ricky->PrincipalObj); + ok($ok, "add sales: $msg"); + is($a->RoleAddresses($sales->GroupType), $ricky->EmailAddress, 'sales ricky'); + + ($ok, $msg) = $a->AddRoleMember(Type => $sales->GroupType, Principal => $moss->PrincipalObj); + ok($ok, "add sales: $msg"); + is($a->RoleAddresses($sales->GroupType), (join ', ', sort $ricky->EmailAddress, $moss->EmailAddress), 'sales ricky and moss'); + + ($ok, $msg) = $a->AddRoleMember(Type => $sales->GroupType, Principal => RT->Nobody->PrincipalObj); + ok($ok, "add sales: $msg"); + is($a->RoleAddresses($sales->GroupType), (join ', ', sort $ricky->EmailAddress, $moss->EmailAddress), 'sales ricky and moss'); + + ($ok, $msg) = $a->DeleteRoleMember(Type => $sales->GroupType, PrincipalId => $moss->PrincipalId); + ok($ok, "remove sales: $msg"); + is($a->RoleAddresses($sales->GroupType), $ricky->EmailAddress, 'sales ricky'); + + ($ok, $msg) = $a->DeleteRoleMember(Type => $sales->GroupType, PrincipalId => $ricky->PrincipalId); + ok($ok, "remove sales: $msg"); + is($a->RoleAddresses($sales->GroupType), '', 'sales empty'); + + ($ok, $msg) = $a->AddRoleMember(Type => $engineer->GroupType, Principal => $linus->PrincipalObj); + ok($ok, "add engineer: $msg"); + is($a->RoleAddresses($engineer->GroupType), $linus->EmailAddress, 'engineer linus'); + + ($ok, $msg) = $a->AddRoleMember(Type => $engineer->GroupType, Principal => $blake->PrincipalObj); + ok($ok, "add engineer: $msg"); + is($a->RoleAddresses($engineer->GroupType), $blake->EmailAddress, 'engineer blake (single-member role so linus gets displaced)'); + + ($ok, $msg) = $a->AddRoleMember(Type => $engineer->GroupType, Principal => RT->Nobody->PrincipalObj); + ok($ok, "add engineer: $msg"); + is($a->RoleAddresses($engineer->GroupType), '', 'engineer nobody (single-member role so blake gets displaced)'); + + ($ok, $msg) = $a->AddRoleMember(Type => $unapplied->GroupType, Principal => $linus->PrincipalObj); + ok(!$ok, "did not add unapplied role member: $msg"); + like($msg, qr/That role is invalid for this object/); + is($a->RoleAddresses($unapplied->GroupType), '', 'no unapplied members'); + + txn_messages_like($a, [ + qr/Owner set to linus\@example\.com/, + qr/Contact ricky\.roma\@example\.com added/, + qr/Held By blake\@example\.com added/, + qr/Sales-$$ ricky\.roma\@example\.com added/, + qr/Sales-$$ moss\@example\.com added/, + qr/Sales-$$ Nobody in particular added/, + qr/Sales-$$ moss\@example\.com deleted/, + qr/Sales-$$ ricky\.roma\@example\.com deleted/, + qr/Engineer-$$ set to linus\@example\.com/, + qr/Engineer-$$ set to blake\@example\.com/, + qr/Engineer-$$ set to Nobody in particular/, + ]); +} + +diag 'groups can be role members' if $ENV{'TEST_VERBOSE'}; +{ + my $a = create_asset( + Catalog => 'Specs', + Name => 'groups', + ); + + my ($ok, $msg) = $a->AddRoleMember(Type => $sales->GroupType, Principal => $team->PrincipalObj); + ok($ok, "add team: $msg"); + is($a->RoleAddresses($sales->GroupType), (join ', ', sort $blake->EmailAddress, $ricky->EmailAddress, $moss->EmailAddress, $williamson->EmailAddress), 'sales is all the team members'); + + ($ok, $msg) = $a->AddRoleMember(Type => $engineer->GroupType, Principal => $team->PrincipalObj); + ok(!$ok, "could not add team: $msg"); + like($msg, qr/cannot be a group/); + is($a->RoleAddresses($engineer->GroupType), '', 'engineer is still nobody'); + + txn_messages_like($a, [ + qr/Sales-$$ group Team added/, + ]); +} + +done_testing; diff --git a/t/customroles/web-assets.t b/t/customroles/web-assets.t new file mode 100644 index 0000000000..0d236aaf06 --- /dev/null +++ b/t/customroles/web-assets.t @@ -0,0 +1,279 @@ +use strict; +use warnings; +use RT::Test::Assets tests => undef; +my ($baseurl, $m) = RT::Test::Assets->started_ok; +ok $m->login, "Logged in agent"; + + +my $catalog = create_catalog( Name => "Software" ); +ok $catalog->id, "Created Catalog"; + +my $owner = RT::Test->load_or_create_user(Name => 'owner', EmailAddress => 'owner@example.com'); +my $licensee = RT::Test->load_or_create_user(Name => 'licensee@example.com', EmailAddress => 'licensee@example.com', Password => 'password'); + +my $role; +my ($asset, $asset2, $asset3); + +diag "Create custom role and apply it to General assets"; +{ + $m->follow_link_ok({ id => "admin-custom-roles-create" }, "Custom Role create link"); + $m->submit_form_ok({ + with_fields => { + Name => 'Licensee', + Description => 'The person who licensed the software', + LookupType => RT::Asset->CustomFieldLookupType, + EntryHint => 'Make sure user has real name set', + }, + }, "submitted create form"); + $m->text_like(qr/Custom role created/, "Found created message"); + my ($id) = $m->uri =~ /id=(\d+)/; + ok($id, 'Got role id'); + + $role = RT::CustomRole->new(RT->SystemUser); + $role->Load($id); + is $role->id, $id, "id matches"; + is $role->Name, "Licensee", "Name matches"; + is $role->Description, "The person who licensed the software", "Description matches"; + is $role->LookupType, RT::Asset->CustomFieldLookupType, "LookupType matches"; + is $role->EntryHint, "Make sure user has real name set", "EntryHint matches"; + + ok(!$role->IsAdded($catalog->Id), 'not added to catalog yet'); + + $m->follow_link_ok({ id => "page-applies-to" }, "Applies to link"); + $m->submit_form_ok({ + with_fields => { + ("AddRole-" . $id) => $catalog->Id, + }, + button => 'Update', + }, "submitted applies to form"); + $m->text_contains('Licensee added to queue Software', "Found update message"); + + # refresh cache + RT::CustomRoles->RegisterRoles; + + ok($role->IsAdded($catalog->Id), 'added to catalog now'); + is_deeply([sort $catalog->Roles], [sort 'Contact', 'HeldBy', 'Owner', $role->GroupType], '->Roles'); +} + +diag "Create asset with custom role"; +{ + $m->follow_link_ok({ id => "assets-create" }, "Asset create link"); + $m->submit_form_ok({ with_fields => { Catalog => $catalog->id, CatalogChanged => 1 } }, "Picked a catalog"); + $m->text_contains('Licensee', 'custom role name'); + $m->content_contains('Make sure user has real name set', 'custom role entry hint'); + + $m->submit_form_ok({ + with_fields => { + id => 'new', + Name => 'Some Software', + Owner => 'owner@example.com', + $role->GroupType => 'licensee@example.com', + }, + }, "submitted create form"); + $m->text_like(qr/Asset .* created/, "Found created message"); + my ($id) = $m->uri =~ /id=(\d+)/; + + $asset = RT::Asset->new( RT->SystemUser ); + $asset->Load($id); + is $asset->id, $id, "id matches"; + is $asset->Name, "Some Software", "Name matches"; + is $asset->Owner->EmailAddress, 'owner@example.com', "Owner matches"; + is $asset->RoleAddresses($role->GroupType), 'licensee@example.com', "Licensee matches"; +} + +diag "Grant permissions on Licensee"; +{ + $m->follow_link_ok({ id => "admin-assets-catalogs-select" }, "Admin assets"); + $m->follow_link_ok({ text => 'Software' }, "Picked a catalog"); + $m->follow_link_ok({ id => 'page-group-rights' }, "Group rights"); + + $m->text_contains('Licensee', 'role group name'); + + my $acl_id = $catalog->RoleGroup($role->GroupType)->Id; + + $m->form_name('ModifyGroupRights'); + $m->tick("SetRights-" . $acl_id . '-RT::Catalog-' . $catalog->id, 'ShowAsset'); + $m->tick("SetRights-" . $acl_id . '-RT::Catalog-' . $catalog->id, 'ShowCatalog'); + $m->submit; + $m->text_contains("Granted right 'ShowAsset' to Licensee"); + $m->text_contains("Granted right 'ShowCatalog' to Licensee"); + + RT::Principal::InvalidateACLCache(); +} + +diag "Create asset without custom role"; +{ + $m->follow_link_ok({ id => "assets-create" }, "Asset create link"); + $m->submit_form_ok({ with_fields => { Catalog => $catalog->id, CatalogChanged => 1 } }, "Picked a catalog"); + $m->text_contains('Licensee', 'custom role name'); + $m->content_contains('Make sure user has real name set', 'custom role entry hint'); + + $m->submit_form_ok({ + with_fields => { + id => 'new', + Name => 'More Software', + Owner => 'owner@example.com', + }, + }, "submitted create form"); + $m->text_like(qr/Asset .* created/, "Found created message"); + my ($id) = $m->uri =~ /id=(\d+)/; + + $asset2 = RT::Asset->new( RT->SystemUser ); + $asset2->Load($id); + is $asset2->id, $id, "id matches"; + is $asset2->Name, "More Software", "Name matches"; + is $asset2->Owner->EmailAddress, 'owner@example.com', "Owner matches"; + is $asset2->RoleAddresses($role->GroupType), '', "No Licensee"; +} + +diag "Search by custom role"; +{ + $m->follow_link_ok({ id => "assets-simple_search" }, "Asset simple search link"); + $m->submit_form_ok({ with_fields => { Catalog => $catalog->Id } }, "Picked a catalog"); + $m->submit_form_ok({ + with_fields => { + 'Role.' . $role->GroupType => 'licensee@example.com', + }, + button => 'SearchAssets', + }, "Search by role"); + + $m->text_contains('Some Software', 'search hit'); + $m->text_lacks('More Software', 'search miss'); + + $m->submit_form_ok({ + with_fields => { + 'Role.' . $role->GroupType => '', + '!Role.' . $role->GroupType => 'licensee@example.com', + }, + button => 'SearchAssets', + }, "Search by role"); + + $m->text_lacks('Some Software', 'search miss'); + $m->text_contains('More Software', 'search hit'); +} + +diag "Search by custom role"; +{ + $m->follow_link_ok({ id => "assets-search" }, "Asset search link"); + $m->submit_form_ok({ with_fields => { ValueOfCatalog => $catalog->Id }, button => 'AddClause' }, "Picked a catalog"); + + my $form = $m->form_name('BuildQuery'); + my @watcher_options = ( '', qw/Owner HeldBy Contact CustomRole.{Licensee}/ ); + is_deeply( [ $form->find_input('WatcherField')->possible_values ], \@watcher_options, 'WatcherField options' ); + + $m->submit_form_ok({ + with_fields => { + WatcherField => 'CustomRole.{Licensee}', + ValueOfWatcher => 'licensee@example.com', + }, + button => 'DoSearch', + }, "Search by role"); + + $m->text_contains('Some Software', 'search hit'); + $m->text_lacks('More Software', 'search miss'); + + $m->follow_link_ok({ id => "assets-search" }, "Asset search link"); + $m->submit_form_ok({ with_fields => { ValueOfCatalog => $catalog->Id }, button => 'AddClause' }, "Picked a catalog"); + $m->submit_form_ok({ + with_fields => { + WatcherField => 'CustomRole.{Licensee}', + ValueOfWatcher => 'licensee@example.com', + WatcherOp => 'NOT LIKE', + }, + button => 'DoSearch', + }, "Search by role"); + + $m->text_lacks('Some Software', 'search miss'); + $m->text_contains('More Software', 'search hit'); +} + +diag "Test permissions on Licensee"; +{ + $m->logout; + $m->login('licensee@example.com', 'password'); + + $m->get_ok("$baseurl/Asset/Display.html?id=".$asset->Id); + $m->text_contains('Some Software', 'asset name shows on page'); + $m->text_contains('Licensee', 'role name shows on page'); + + $m->get_ok("$baseurl/Asset/Display.html?id=".$asset2->Id); + $m->text_lacks('More Software', 'asset name does not show on page'); + $m->text_lacks('Licensee', 'role name does not show on page'); + $m->text_contains("You don't have permission to view this asset."); + $m->warning_like( qr/You don't have permission to view this asset/, 'got warning' ); +} + +$m->logout; +$m->login; # log back in as root + +diag "Disable role"; +{ + $m->follow_link_ok({ id => "admin-custom-roles-select" }, "Custom Role select link"); + $m->follow_link_ok({ text => 'Licensee' }, "Picked a custom role"); + $m->submit_form_ok({ + with_fields => { + Enabled => 0, + }, + }, "submitted update form"); + $m->text_contains('Custom role disabled'); + + # refresh cache + RT::CustomRoles->RegisterRoles; + + $role->Load($role->Id); + is $role->Name, "Licensee", "Name matches"; + ok $role->Disabled, "now disabled"; + + my $catalog_id = $catalog->Id; + $catalog = RT::Catalog->new( RT->SystemUser ); + $catalog->Load($catalog_id); + is_deeply([sort $catalog->Roles], [sort 'Contact', 'HeldBy', 'Owner'], '->Roles no longer includes Licensee'); +} + +diag "Test permissions on Licensee"; +{ + $m->logout; + $m->login('licensee@example.com', 'password'); + + $m->get_ok("$baseurl/Asset/Display.html?id=".$asset->Id); + $m->text_lacks('Some Software', 'asset name does not show on page'); + $m->text_lacks('Licensee', 'role name does not show on page'); + $m->text_contains("You don't have permission to view this asset."); + $m->warning_like( qr/You don't have permission to view this asset/, 'got warning' ); + + $m->get_ok("$baseurl/Asset/Display.html?id=".$asset2->Id); + $m->text_lacks('More Software', 'asset name does not show on page'); + $m->text_lacks('Licensee', 'role name does not show on page'); + $m->text_contains("You don't have permission to view this asset."); + $m->warning_like( qr/You don't have permission to view this asset/, 'got warning' ); +} + +$m->logout; +$m->login; # log back in as root + +diag "Create asset with disabled custom role"; +{ + $m->follow_link_ok({ id => "assets-create" }, "Asset create link"); + $m->submit_form_ok({ with_fields => { Catalog => $catalog->id, CatalogChanged => 1 } }, "Picked a catalog"); + $m->text_lacks('Licensee', 'custom role name'); + $m->text_lacks('Make sure user has real name set', 'custom role entry hint'); + + $m->submit_form_ok({ + with_fields => { + id => 'new', + Name => 'All Software', + Owner => 'owner@example.com', + }, + }, "submitted create form"); + $m->text_like(qr/Asset .* created/, "Found created message"); + my ($id) = $m->uri =~ /id=(\d+)/; + + $asset3 = RT::Asset->new( RT->SystemUser ); + $asset3->Load($id); + is $asset3->id, $id, "id matches"; + is $asset3->Name, "All Software", "Name matches"; + is $asset3->Owner->EmailAddress, 'owner@example.com', "Owner matches"; + is $asset3->RoleAddresses($role->GroupType), '', "No Licensee"; +} + +done_testing; |