diff options
author | Thomas Steur <tsteur@users.noreply.github.com> | 2018-09-01 01:55:40 +0300 |
---|---|---|
committer | diosmosis <diosmosis@users.noreply.github.com> | 2018-09-01 01:55:40 +0300 |
commit | 2a3b1e85611c75b4573aaf77715659d69e6832ba (patch) | |
tree | 5e3af96b33922743158921d56f6f10780b78dfba /tests | |
parent | d43bef4d97afe0bdbef188be702087bc518b8ccc (diff) |
Fix capabilities weren't detected correctly (#13368)
* Fix capabilities weren't detected correctly
* added test
Diffstat (limited to 'tests')
-rw-r--r-- | tests/PHPUnit/Integration/AccessTest.php | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/tests/PHPUnit/Integration/AccessTest.php b/tests/PHPUnit/Integration/AccessTest.php index dcb1aca0cf..0a442fd955 100644 --- a/tests/PHPUnit/Integration/AccessTest.php +++ b/tests/PHPUnit/Integration/AccessTest.php @@ -11,12 +11,35 @@ namespace Piwik\Tests\Integration; use Exception; use Piwik\Access; use Piwik\AuthResult; +use Piwik\Cache\Cache; use Piwik\Db; use Piwik\NoAccessException; +use Piwik\Piwik; use Piwik\Plugins\UsersManager\API as UsersManagerAPI; use Piwik\Tests\Framework\Fixture; use Piwik\Tests\Framework\TestCase\IntegrationTestCase; +class TestCustomCap extends Access\Capability { + + const ID = 'testcustomcap'; + public function getId() { + return self::ID; + } + public function getName() { + return 'customcap'; + } + public function getCategory() { + return 'test'; + } + public function getDescription() { + return 'lorem ipsum'; + } + public function getIncludedInRoles() { + return array(Access\Role\Admin::ID); + } + +} + /** * @group Core */ @@ -35,6 +58,51 @@ class AccessTest extends IntegrationTestCase return new Access(new Access\RolesProvider(), new Access\CapabilitiesProvider()); } + public function test_loadSitesIfNeeded_automaticallyAssignsCapabilityWhenIncludedInRole() + { + Piwik::addAction('Access.Capability.addCapabilities', function (&$cap) { + $cap[] = new TestCustomCap(); + }); + \Piwik\Cache::flushAll(); + + $idSite = Fixture::createWebsite('2010-01-03 00:00:00'); + UsersManagerAPI::getInstance()->addUser('testuser', 'testpass', 'testuser@email.com'); + UsersManagerAPI::getInstance()->setUserAccess('testuser', 'admin', $idSite); + + $this->switchUser('testuser'); + + $access = Access::getInstance(); + $access->setSuperUserAccess(false); + $this->assertEquals('admin', $access->getRoleForSite($idSite)); + $access->checkUserHasCapability($idSite, TestCustomCap::ID); + $this->assertTrue(true); + } + + public function test_loadSitesIfNeeded_doesNotAutomaticallyAssignCapabilityWhenNotIncludedInRole() + { + Piwik::addAction('Access.Capability.addCapabilities', function (&$cap) { + $cap[] = new TestCustomCap(); + }); + + $idSite = Fixture::createWebsite('2010-01-03 00:00:00'); + UsersManagerAPI::getInstance()->addUser('testuser', 'testpass', 'testuser@email.com'); + UsersManagerAPI::getInstance()->setUserAccess('testuser', 'write', $idSite); + + $this->switchUser('testuser'); + + $access = Access::getInstance(); + $access->setSuperUserAccess(false); + $this->assertEquals('write', $access->getRoleForSite($idSite)); + + try { + + $access->checkUserHasCapability($idSite, TestCustomCap::ID); + $this->fail('an expected exception has not been triggered'); + } catch (NoAccessException $e) { + $this->assertTrue(true); + } + } + public function testGetTokenAuthWithEmptyAccess() { $access = $this->getAccess(); |