diff options
| author | Thomas Steur <thomas.steur@googlemail.com> | 2014-08-08 18:03:56 +0400 |
|---|---|---|
| committer | Thomas Steur <thomas.steur@googlemail.com> | 2014-08-08 18:03:56 +0400 |
| commit | ce0adb8e1198cb5ae0d0e1dc09ddc785e586ea7d (patch) | |
| tree | 5579e5b377e49fef6aed142d4e00a3d5da3d4c3d /plugins | |
| parent | 24cbc0f5a395f0b862113a35455693187aaea3fd (diff) | |
refs #5943 remove a users reports that belong to a specific site if the user has no longer access to this site. To make sure it works I added a usersManagerApiTest to verify whether an event is triggered in this case, and added a ScheduledReportsTest to make sure it listens to this event and that it only removes sites that belongs to the user/sites.
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/ScheduledReports/ScheduledReports.php | 15 | ||||
| -rw-r--r-- | plugins/ScheduledReports/tests/ScheduledReportsTest.php | 163 | ||||
| -rw-r--r-- | plugins/UsersManager/API.php | 6 | ||||
| -rw-r--r-- | plugins/UsersManager/tests/APITest.php | 71 |
4 files changed, 255 insertions, 0 deletions
diff --git a/plugins/ScheduledReports/ScheduledReports.php b/plugins/ScheduledReports/ScheduledReports.php index 08dc94ee6d..ca5ebb9b41 100644 --- a/plugins/ScheduledReports/ScheduledReports.php +++ b/plugins/ScheduledReports/ScheduledReports.php @@ -85,6 +85,7 @@ class ScheduledReports extends \Piwik\Plugin 'ScheduledReports.sendReport' => 'sendReport', 'Template.reportParametersScheduledReports' => 'template_reportParametersScheduledReports', 'UsersManager.deleteUser' => 'deleteUserReport', + 'UsersManager.removeSiteAccess' => 'deleteUserReportForSites', 'SitesManager.deleteSite.end' => 'deleteSiteReport', 'SegmentEditor.deactivate' => 'segmentDeactivation', 'SegmentEditor.update' => 'segmentUpdated', @@ -528,6 +529,20 @@ class ScheduledReports extends \Piwik\Plugin Db::query('DELETE FROM ' . Common::prefixTable('report') . ' WHERE login = ?', $userLogin); } + public function deleteUserReportForSites($userLogin, $idSites) + { + if (empty($idSites) || empty($userLogin)) { + return; + } + + $table = Common::prefixTable('report'); + + foreach ($idSites as $idSite) { + Db::query('DELETE FROM ' . $table . ' WHERE login = ? and idsite = ?', + array($userLogin, $idSite)); + } + } + public function install() { $reportTable = "`idreport` INT(11) NOT NULL AUTO_INCREMENT, diff --git a/plugins/ScheduledReports/tests/ScheduledReportsTest.php b/plugins/ScheduledReports/tests/ScheduledReportsTest.php new file mode 100644 index 0000000000..d11a8e402e --- /dev/null +++ b/plugins/ScheduledReports/tests/ScheduledReportsTest.php @@ -0,0 +1,163 @@ +<?php +/** + * Piwik - free/libre analytics platform + * + * @link http://piwik.org + * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later + */ + +namespace Piwik\Plugins\ScheduledReports\tests; +use Piwik\Access; +use Piwik\Db; +use Piwik\Piwik; +use Piwik\Plugins\ScheduledReports\API; +use Piwik\Plugins\ScheduledReports\ScheduledReports; +use Piwik\Tests\Fixture; + +/** + * @group ScheduledReports + * @group ScheduledReportsTest + * @group Database + */ +class ScheduledReportsTest extends \DatabaseTestCase +{ + /** + * @var ScheduledReports + */ + private $reports; + private $reportIds = array(); + + public function setUp() + { + parent::setUp(); + + $this->reports = new ScheduledReports(); + $this->setIdentity('userlogin'); + + for ($i = 1; $i <= 4; $i++) { + Fixture::createWebsite('2014-01-01 00:00:00'); + $this->addReport('userlogin', $i); + } + + $this->addReport('otherUser', 1); + $this->addReport('anotherUser', 2); + } + + public function test_deleteUserReportForSites_shouldNotRemoveAnythingIfNoSitesOrNoLogin() + { + $this->reports->deleteUserReportForSites('userLogin', array()); + + $this->assertHasReport('userlogin', 1); + $this->assertHasReport('userlogin', 2); + $this->assertHasReport('userlogin', 3); + $this->assertHasReport('userlogin', 4); + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + + $this->reports->deleteUserReportForSites('', array(1, 2, 3, 4)); + + $this->assertHasReport('userlogin', 1); + $this->assertHasReport('userlogin', 2); + $this->assertHasReport('userlogin', 3); + $this->assertHasReport('userlogin', 4); + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + } + + public function test_deleteUserReportForSites_shouldNotFailIfUserHasNoReports() + { + $this->reports->deleteUserReportForSites('unk', array()); + + $this->assertHasReport('userlogin', 1); + $this->assertHasReport('userlogin', 2); + $this->assertHasReport('userlogin', 3); + $this->assertHasReport('userlogin', 4); + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + } + + public function test_deleteUserReportForSites_shouldRemoveOnlyReportsForGivenSitesAndLogin() + { + $this->reports->deleteUserReportForSites('userLogin', array(1, 2)); + + $this->assertHasNotReport('userlogin', 1); + $this->assertHasNotReport('userlogin', 2); + + $this->assertHasReport('userlogin', 3); + $this->assertHasReport('userlogin', 4); + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + } + + public function test_ScheduledReports_shouldRemoveOnlyReportsForGivenSitesAndLogin_IfEventIsTriggered() + { + Piwik::postEvent('UsersManager.removeSiteAccess', array('userLogin', array(1, 2))); + + $this->assertHasNotReport('userlogin', 1); + $this->assertHasNotReport('userlogin', 2); + + $this->assertHasReport('userlogin', 3); + $this->assertHasReport('userlogin', 4); + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + } + + public function test_deleteUserReport_shouldRemoveAllReportsOfASpecificUser() + { + $this->reports->deleteUserReport('userLogin'); + + $this->assertHasNotReport('userlogin', 1); + $this->assertHasNotReport('userlogin', 2); + $this->assertHasNotReport('userlogin', 3); + $this->assertHasNotReport('userlogin', 4); + + $this->assertHasReport('otherUser', 1); + $this->assertHasReport('anotherUser', 2); + } + + private function assertHasReport($login, $idSite) + { + $report = $this->getReport($login, $idSite); + + $this->assertNotEmpty($report, "Report for $login, $idSite should exist but does not"); + } + + private function assertHasNotReport($login, $idSite) + { + try { + $this->getReport($login, $idSite); + $this->fail("Report for $login, $idSite should not exist but does"); + } catch (\Exception $e) { + $this->assertContains("Requested report couldn't be found", $e->getMessage()); + } + } + + private function getReport($login, $idSite) + { + $this->setIdentity($login); + + return API::getInstance()->getReports($idSite, 'day', $this->reportIds[$login . '_' . $idSite]); + } + + private function addReport($login, $idSite) + { + $this->setIdentity($login); + + $reportType = 'email'; + $reportFormat = 'pdf'; + $reports = array(); + $parameters = array(ScheduledReports::DISPLAY_FORMAT_PARAMETER => ScheduledReports::DISPLAY_FORMAT_TABLES_ONLY); + + $reportId = API::getInstance()->addReport($idSite, 'description', 'day', 3, $reportType, $reportFormat, $reports, $parameters); + $this->reportIds[$login . '_' . $idSite] = $reportId; + } + + private function setIdentity($login) + { + $pseudoMockAccess = new \FakeAccess(); + $pseudoMockAccess::$identity = $login; + $pseudoMockAccess::$superUser = true; + Access::setSingletonInstance($pseudoMockAccess); + } + +} diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php index 5eb0df261f..61b26323da 100644 --- a/plugins/UsersManager/API.php +++ b/plugins/UsersManager/API.php @@ -567,6 +567,12 @@ class API extends \Piwik\Plugin\API // when no access are specified if ($access != 'noaccess') { $this->model->addUserAccess($userLogin, $access, $idSites); + } else { + if (!empty($idSites) && !is_array($idSites)) { + $idSites = array($idSites); + } + + Piwik::postEvent('UsersManager.removeSiteAccess', array($userLogin, $idSites)); } // we reload the access list which doesn't yet take in consideration this new user access diff --git a/plugins/UsersManager/tests/APITest.php b/plugins/UsersManager/tests/APITest.php new file mode 100644 index 0000000000..60a53af07f --- /dev/null +++ b/plugins/UsersManager/tests/APITest.php @@ -0,0 +1,71 @@ +<?php +/** + * Piwik - free/libre analytics platform + * + * @link http://piwik.org + * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later + */ + +namespace Piwik\Plugins\UsersManager\tests; +use Piwik\Access; +use FakeAccess; +use Piwik\Piwik; +use Piwik\Plugins\UsersManager\API; +use Piwik\Tests\Fixture; + +/** + * @group UsersManager + * @group APITest + * @group Database + */ +class APITest extends \DatabaseTestCase +{ + /** + * @var API + */ + private $api; + + public function setUp() + { + parent::setUp(); + + $this->api = API::getInstance(); + + $pseudoMockAccess = new FakeAccess(); + FakeAccess::$superUser = true; + Access::setSingletonInstance($pseudoMockAccess); + + Fixture::createWebsite('2014-01-01 00:00:00'); + Fixture::createWebsite('2014-01-01 00:00:00'); + Fixture::createWebsite('2014-01-01 00:00:00'); + $this->api->addUser('userLogin', 'password', 'userlogin@password.de'); + } + + public function test_setUserAccess_ShouldTriggerRemoveSiteAccessEvent_IfAccessToAWebsiteIsRemoved() + { + $eventTriggered = false; + $self = $this; + Piwik::addAction('UsersManager.removeSiteAccess', function ($login, $idSites) use (&$eventTriggered, $self) { + $eventTriggered = true; + $self->assertEquals('userLogin', $login); + $self->assertEquals(array(1, 2), $idSites); + }); + + $this->api->setUserAccess('userLogin', 'noaccess', array(1, 2)); + + $this->assertTrue($eventTriggered, 'UsersManager.removeSiteAccess event was not triggered'); + } + + public function test_setUserAccess_ShouldNotTriggerRemoveSiteAccessEvent_IfAccessIsAdded() + { + $eventTriggered = false; + Piwik::addAction('UsersManager.removeSiteAccess', function () use (&$eventTriggered) { + $eventTriggered = true; + }); + + $this->api->setUserAccess('userLogin', 'admin', array(1, 2)); + + $this->assertFalse($eventTriggered, 'UsersManager.removeSiteAccess event was triggered but should not'); + } + +} |