Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/UsersManager/tests/Integration/APITest.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/UsersManager/tests/Integration/APITest.php')
-rw-r--r--plugins/UsersManager/tests/Integration/APITest.php747
1 files changed, 578 insertions, 169 deletions
diff --git a/plugins/UsersManager/tests/Integration/APITest.php b/plugins/UsersManager/tests/Integration/APITest.php
index 20a0c3a046..a6c8454d4d 100644
--- a/plugins/UsersManager/tests/Integration/APITest.php
+++ b/plugins/UsersManager/tests/Integration/APITest.php
@@ -1,4 +1,5 @@
<?php
+
/**
* Matomo - free/libre analytics platform
*
@@ -6,13 +7,16 @@
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
*/
-namespace Piwik\Plugins\UsersManager\tests;
+namespace Piwik\Plugins\UsersManager\tests\Integration;
use Piwik\Access\Role\View;
use Piwik\Access\Role\Write;
use Piwik\Auth\Password;
use Piwik\Config;
+use Piwik\Date;
+use Piwik\EventDispatcher;
use Piwik\Mail;
+use Piwik\NoAccessException;
use Piwik\Option;
use Piwik\Piwik;
use Piwik\Plugins\SitesManager\API as SitesManagerAPI;
@@ -52,9 +56,9 @@ class TestCap1 extends Capability
public function getIncludedInRoles(): array
{
- return array(
- Admin::ID
- );
+ return [
+ Admin::ID
+ ];
}
}
@@ -84,9 +88,10 @@ class TestCap2 extends Capability
public function getIncludedInRoles(): array
{
- return array(
- Write::ID, Admin::ID
- );
+ return [
+ Write::ID,
+ Admin::ID
+ ];
}
}
@@ -116,7 +121,7 @@ class TestCap3 extends Capability
public function getIncludedInRoles(): array
{
- return array(Admin::ID);
+ return [Admin::ID];
}
}
@@ -174,10 +179,10 @@ class APITest extends IntegrationTestCase
Piwik::addAction('UsersManager.removeSiteAccess', function ($login, $idSites) use (&$eventTriggered, $self) {
$eventTriggered = true;
$self->assertEquals($self->login, $login);
- $self->assertEquals(array(1, 2), $idSites);
+ $self->assertEquals([1, 2], $idSites);
});
- $this->api->setUserAccess($this->login, 'noaccess', array(1, 2));
+ $this->api->setUserAccess($this->login, 'noaccess', [1, 2]);
$this->assertTrue($eventTriggered, 'UsersManager.removeSiteAccess event was not triggered');
}
@@ -189,20 +194,20 @@ class APITest extends IntegrationTestCase
$eventTriggered = true;
});
- $this->api->setUserAccess($this->login, 'admin', array(1, 2));
+ $this->api->setUserAccess($this->login, 'admin', [1, 2]);
$this->assertFalse($eventTriggered, 'UsersManager.removeSiteAccess event was triggered but should not');
}
public function test_getAllUsersPreferences_isEmpty_whenNoPreference()
{
- $preferences = $this->api->getAllUsersPreferences(array('preferenceName'));
+ $preferences = $this->api->getAllUsersPreferences(['preferenceName']);
$this->assertEmpty($preferences);
}
public function test_getAllUsersPreferences_isEmpty_whenNoPreferenceAndMultipleRequested()
{
- $preferences = $this->api->getAllUsersPreferences(array('preferenceName', 'randomDoesNotExist'));
+ $preferences = $this->api->getAllUsersPreferences(['preferenceName', 'randomDoesNotExist']);
$this->assertEmpty($preferences);
}
@@ -261,16 +266,20 @@ class APITest extends IntegrationTestCase
$this->api->setUserPreference($user3, API::PREFERENCE_DEFAULT_REPORT_DATE, 'otherPreferenceVALUE');
$this->api->setUserPreference($user3, 'RandomNOTREQUESTED', 'RandomNOTREQUESTED');
- $expected = array(
- $user2 => array(
- API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2'
- ),
- $user3 => array(
- API::PREFERENCE_DEFAULT_REPORT => 'valueForUser3',
- API::PREFERENCE_DEFAULT_REPORT_DATE => 'otherPreferenceVALUE',
- ),
- );
- $result = $this->api->getAllUsersPreferences(array(API::PREFERENCE_DEFAULT_REPORT, API::PREFERENCE_DEFAULT_REPORT_DATE, 'randomDoesNotExist'));
+ $expected = [
+ $user2 => [
+ API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2'
+ ],
+ $user3 => [
+ API::PREFERENCE_DEFAULT_REPORT => 'valueForUser3',
+ API::PREFERENCE_DEFAULT_REPORT_DATE => 'otherPreferenceVALUE',
+ ],
+ ];
+ $result = $this->api->getAllUsersPreferences([
+ API::PREFERENCE_DEFAULT_REPORT,
+ API::PREFERENCE_DEFAULT_REPORT_DATE,
+ 'randomDoesNotExist'
+ ]);
$this->assertSame($expected, $result);
}
@@ -282,12 +291,12 @@ class APITest extends IntegrationTestCase
$this->api->setUserPreference($user2, API::PREFERENCE_DEFAULT_REPORT, 'valueForUser2');
$this->api->setUserPreference($user2, API::PREFERENCE_DEFAULT_REPORT_DATE, 'RandomNOTREQUESTED');
- $expected = array(
- $user2 => array(
- API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2'
- ),
- );
- $result = $this->api->getAllUsersPreferences(array(API::PREFERENCE_DEFAULT_REPORT, 'randomDoesNotExist'));
+ $expected = [
+ $user2 => [
+ API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2'
+ ],
+ ];
+ $result = $this->api->getAllUsersPreferences([API::PREFERENCE_DEFAULT_REPORT, 'randomDoesNotExist']);
$this->assertSame($expected, $result);
}
@@ -310,7 +319,7 @@ class APITest extends IntegrationTestCase
$identity = FakeAccess::$identity;
FakeAccess::$identity = $this->login; // ensure password will be checked against this user
- $this->api->updateUser($this->login, 'newPassword', 'email@example.com', false, $this->password);
+ $this->api->updateUser($this->login, 'newPassword', 'email@example.com', false, $this->password);
FakeAccess::$identity = $identity;
$model = new Model();
@@ -322,11 +331,13 @@ class APITest extends IntegrationTestCase
$this->assertTrue($passwordHelper->verify(UsersManager::getPasswordHash('newPassword'), $user['password']));
- $subjects = array_map(function (Mail $mail) { return $mail->getSubject(); }, $capturedMails);
+ $subjects = array_map(function (Mail $mail) {
+ return $mail->getSubject();
+ }, $capturedMails);
$this->assertEquals([
- 'UsersManager_EmailChangeNotificationSubject', // sent twice to old email and new
- 'UsersManager_EmailChangeNotificationSubject',
- 'UsersManager_PasswordChangeNotificationSubject',
+ 'UsersManager_EmailChangeNotificationSubject', // sent twice to old email and new
+ 'UsersManager_EmailChangeNotificationSubject',
+ 'UsersManager_PasswordChangeNotificationSubject',
], $subjects);
}
@@ -343,7 +354,9 @@ class APITest extends IntegrationTestCase
$this->api->updateUser($this->login, 'newPassword2', 'email2@example.com', false, $this->password);
FakeAccess::$identity = $identity;
- $subjects = array_map(function (Mail $mail) { return $mail->getSubject(); }, $capturedMails);
+ $subjects = array_map(function (Mail $mail) {
+ return $mail->getSubject();
+ }, $capturedMails);
$this->assertEquals([], $subjects);
}
@@ -384,18 +397,24 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionInvalidPasswordTooLong');
- $this->api->updateUser($this->login, str_pad('foo', UsersManager::PASSWORD_MAX_LENGTH + 1), 'email@example.com', false, $this->password);
+ $this->api->updateUser(
+ $this->login,
+ str_pad('foo', UsersManager::PASSWORD_MAX_LENGTH + 1),
+ 'email@example.com',
+ false,
+ $this->password
+ );
}
public function test_update_user_fails_if_email_exists_as_other_user_username()
{
$this->expectException(\Exception::class);
- $this->expectExceptionMessage('UsersManager_CurrentPasswordNotCorrect');
+ $this->expectExceptionMessage('UsersManager_ExceptionEmailExistsAsLogin');
$user2 = 'existed@example.com';
$this->api->addUser($user2, 'password', 'userlogin2@password.de');
- $this->api->updateUser($this->login, $this->password, $user2, false, $this->password);
+ $this->api->updateUser($this->login, $this->password, $user2, false, $this->password);
}
public function test_update_can_update_user_email_to_own_username()
@@ -414,7 +433,7 @@ class APITest extends IntegrationTestCase
public function test_cannot_create_user_if_email_exists_as_username()
{
$this->expectException(\Exception::class);
- $this->expectExceptionMessage('UsersManager_ExceptionLoginExists');
+ $this->expectExceptionMessage('UsersManager_ExceptionEmailExistsAsLogin');
$user2 = 'existed@example.com';
$this->api->addUser($user2, 'password', 'email@example.com');
@@ -444,20 +463,20 @@ class APITest extends IntegrationTestCase
// super user has admin access for every site
$access = $this->api->getSitesAccessFromUser($user2);
- $expected = array(
- array(
- 'site' => 1,
- 'access' => 'admin'
- ),
- array(
- 'site' => 2,
- 'access' => 'admin'
- ),
- array(
- 'site' => 3,
- 'access' => 'admin'
- ),
- );
+ $expected = [
+ [
+ 'site' => 1,
+ 'access' => 'admin'
+ ],
+ [
+ 'site' => 2,
+ 'access' => 'admin'
+ ],
+ [
+ 'site' => 3,
+ 'access' => 'admin'
+ ],
+ ];
$this->assertEquals($expected, $access);
}
@@ -469,7 +488,13 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'view', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => '0'],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => '0',
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -482,7 +507,13 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, $limit = null, $offset = 1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'view', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => '0'],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => '0',
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -496,7 +527,13 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, null, 'superuser');
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'view', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => '0'],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => '0',
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -512,9 +549,25 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'admin', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => false],
- ['login' => 'userLogin3', 'role' => 'view', 'capabilities' => [], 'superuser_access' => false],
- ['login' => 'userLogin4', 'role' => 'admin', 'capabilities' => [], 'superuser_access' => false],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => false,
+ ],
+ [
+ 'login' => 'userLogin3',
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
+ [
+ 'login' => 'userLogin4',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -531,10 +584,31 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'admin', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => false],
- ['login' => 'userLogin3', 'role' => 'view', 'capabilities' => [], 'superuser_access' => false],
- ['login' => 'userLogin4', 'role' => 'admin', 'capabilities' => [], 'superuser_access' => false],
- ['login' => 'userLogin5', 'role' => 'noaccess', 'capabilities' => [], 'superuser_access' => false],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => false,
+ ],
+ [
+ 'login' => 'userLogin3',
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
+ [
+ 'login' => 'userLogin4',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
+ [
+ 'login' => 'userLogin5',
+ 'role' => 'noaccess',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -550,11 +624,46 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin', 'email' => 'userlogin@password.de', 'superuser_access' => false, 'role' => 'noaccess', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin2', 'email' => 'userLogin2@password.de', 'superuser_access' => true, 'role' => 'superuser', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin3', 'email' => 'userLogin3@password.de', 'superuser_access' => false, 'role' => 'view', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin4', 'email' => 'userLogin4@password.de', 'superuser_access' => true, 'role' => 'superuser', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin5', 'email' => 'userLogin5@password.de', 'superuser_access' => false, 'role' => 'noaccess', 'capabilities' => [], 'uses_2fa' => false],
+ [
+ 'login' => 'userLogin',
+ 'email' => 'userlogin@password.de',
+ 'superuser_access' => false,
+ 'role' => 'noaccess',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin2',
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => true,
+ 'role' => 'superuser',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin3',
+ 'email' => 'userLogin3@password.de',
+ 'superuser_access' => false,
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin4',
+ 'email' => 'userLogin4@password.de',
+ 'superuser_access' => true,
+ 'role' => 'superuser',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin5',
+ 'email' => 'userLogin5@password.de',
+ 'superuser_access' => false,
+ 'role' => 'noaccess',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -571,8 +680,18 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, null, 'admin');
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'role' => 'admin', 'capabilities' => [], 'email' => 'userLogin2@password.de', 'superuser_access' => false],
- ['login' => 'userLogin5', 'role' => 'admin', 'capabilities' => [], 'superuser_access' => false],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => false,
+ ],
+ ['login' => 'userLogin5',
+ 'role' => 'admin',
+ 'capabilities' => [],
+ 'superuser_access' => false,
+ ],
];
$this->assertEquals($expected, $users);
@@ -580,7 +699,7 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, null, 'write');
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin6', 'role' => 'write', 'capabilities' => [], 'superuser_access' => false],
+ ['login' => 'userLogin6', 'role' => 'write', 'capabilities' => [], 'superuser_access' => false],
];
$this->assertEquals($expected, $users);
}
@@ -595,9 +714,30 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, null, 'noaccess');
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin', 'role' => 'noaccess', 'superuser_access' => false, 'email' => 'userlogin@password.de', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin2', 'role' => 'noaccess', 'superuser_access' => false, 'email' => 'userLogin2@password.de', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin5', 'role' => 'noaccess', 'superuser_access' => false, 'email' => 'userLogin5@password.de', 'capabilities' => [], 'uses_2fa' => false],
+ [
+ 'login' => 'userLogin',
+ 'role' => 'noaccess',
+ 'superuser_access' => false,
+ 'email' => 'userlogin@password.de',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin2',
+ 'role' => 'noaccess',
+ 'superuser_access' => false,
+ 'email' => 'userLogin2@password.de',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin5',
+ 'role' => 'noaccess',
+ 'superuser_access' => false,
+ 'email' => 'userLogin5@password.de',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -615,8 +755,22 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, null, 'superuser');
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin2', 'email' => 'userLogin2@password.de', 'superuser_access' => true, 'role' => 'superuser', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin4', 'email' => 'userLogin4@password.de', 'superuser_access' => true, 'role' => 'superuser', 'capabilities' => [], 'uses_2fa' => false],
+ [
+ 'login' => 'userLogin2',
+ 'email' => 'userLogin2@password.de',
+ 'superuser_access' => true,
+ 'role' => 'superuser',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin4',
+ 'email' => 'userLogin4@password.de',
+ 'superuser_access' => true,
+ 'role' => 'superuser',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -632,8 +786,22 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, null, null, 'searchText');
$this->cleanUsers($users);
$expected = [
- ['login' => 'searchTextLogin', 'email' => 'someemail@email.com', 'superuser_access' => true, 'role' => 'superuser', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin2', 'email' => 'searchTextdef@email.com', 'superuser_access' => false, 'role' => 'view', 'capabilities' => [], 'uses_2fa' => false],
+ [
+ 'login' => 'searchTextLogin',
+ 'email' => 'someemail@email.com',
+ 'superuser_access' => true,
+ 'role' => 'superuser',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin2',
+ 'email' => 'searchTextdef@email.com',
+ 'superuser_access' => false,
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -649,8 +817,22 @@ class APITest extends IntegrationTestCase
$users = $this->api->getUsersPlusRole(1, $limit = 2, $offset = 1);
$this->cleanUsers($users);
$expected = [
- ['login' => 'userLogin', 'email' => 'userlogin@password.de', 'superuser_access' => false, 'role' => 'noaccess', 'capabilities' => [], 'uses_2fa' => false],
- ['login' => 'userLogin2', 'email' => 'searchTextdef@email.com', 'superuser_access' => false, 'role' => 'view', 'capabilities' => [], 'uses_2fa' => false],
+ [
+ 'login' => 'userLogin',
+ 'email' => 'userlogin@password.de',
+ 'superuser_access' => false,
+ 'role' => 'noaccess',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
+ [
+ 'login' => 'userLogin2',
+ 'email' => 'searchTextdef@email.com',
+ 'superuser_access' => false,
+ 'role' => 'view',
+ 'capabilities' => [],
+ 'uses_2fa' => false,
+ ],
];
$this->assertEquals($expected, $users);
}
@@ -663,9 +845,9 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin');
$expected = [
- ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []],
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -678,8 +860,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin', $limit = null, $offset = 1);
$expected = [
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -692,8 +874,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin', $limit = 2, $offset = 1);
$expected = [
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -709,13 +891,26 @@ class APITest extends IntegrationTestCase
SitesManagerAPI::getInstance()->updateSite(1, 'searchTerm site');
SitesManagerAPI::getInstance()->updateSite(2, null, ['http://searchTerm.com']);
- SitesManagerAPI::getInstance()->updateSite(3, null, null, null, null, null, null, null, null, null, null, 'the searchTerm group');
+ SitesManagerAPI::getInstance()->updateSite(
+ 3,
+ null,
+ null,
+ null,
+ null,
+ null,
+ null,
+ null,
+ null,
+ null,
+ null,
+ 'the searchTerm group'
+ );
$access = $this->api->getSitesAccessForUser('userLogin', null, null, 'searchTerm');
$expected = [
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '1', 'site_name' => 'searchTerm site', 'role' => 'admin', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '1', 'site_name' => 'searchTerm site', 'role' => 'admin', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -728,8 +923,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin', null, null, null, 'view');
$expected = [
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -745,8 +940,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'view');
$expected = [
- ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -761,8 +956,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'noaccess');
$expected = [
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -774,8 +969,8 @@ class APITest extends IntegrationTestCase
$access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'some');
$expected = [
- ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []],
+ ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
}
@@ -784,9 +979,9 @@ class APITest extends IntegrationTestCase
{
$access = $this->api->getSitesAccessForUser('userLogin');
$expected = [
- ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
- ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
- ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
+ ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
+ ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
+ ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []],
];
$this->assertEquals($expected, $access);
@@ -803,7 +998,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionMultipleRoleSet');
- $this->api->setUserAccess($this->login, array('view', 'admin'), array(1));
+ $this->api->setUserAccess($this->login, ['view', 'admin'], [1]);
}
public function test_setUserAccess_NeedsAtLeastOneRole()
@@ -811,7 +1006,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionNoRoleSet');
- $this->api->setUserAccess($this->login, array(TestCap2::ID), array(1));
+ $this->api->setUserAccess($this->login, [TestCap2::ID], [1]);
}
public function test_setUserAccess_NeedsAtLeastOneRoleAsString()
@@ -819,7 +1014,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->setUserAccess($this->login, TestCap2::ID, array(1));
+ $this->api->setUserAccess($this->login, TestCap2::ID, [1]);
}
public function test_setUserAccess_InvalidCapability()
@@ -827,7 +1022,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->setUserAccess($this->login, array('admin', 'foobar'), array(1));
+ $this->api->setUserAccess($this->login, ['admin', 'foobar'], [1]);
}
public function test_setUserAccess_NeedsAtLeastOneRoleNoneGiven()
@@ -835,7 +1030,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionNoRoleSet');
- $this->api->setUserAccess($this->login, array(), array(1));
+ $this->api->setUserAccess($this->login, [], [1]);
}
public function test_setUserAccess_CannotSetAdminToAnonymous()
@@ -843,7 +1038,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAnonymousAccessNotPossible');
- $this->api->setUserAccess('anonymous', 'admin', array(1));
+ $this->api->setUserAccess('anonymous', 'admin', [1]);
}
public function test_setUserAccess_CannotSetWriteToAnonymous()
@@ -851,7 +1046,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAnonymousAccessNotPossible');
- $this->api->setUserAccess('anonymous', 'write', array(1));
+ $this->api->setUserAccess('anonymous', 'write', [1]);
}
public function test_setUserAccess_UserDoesNotExist()
@@ -859,38 +1054,38 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist');
- $this->api->setUserAccess('foobar', Admin::ID, array(1));
+ $this->api->setUserAccess('foobar', Admin::ID, [1]);
}
public function test_setUserAccess_SetRoleAndCapabilities()
{
- $access = array(TestCap2::ID, View::ID, TestCap3::ID);
- $this->api->setUserAccess($this->login, $access, array(1));
+ $access = [TestCap2::ID, View::ID, TestCap3::ID];
+ $this->api->setUserAccess($this->login, $access, [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $expected = array(
- array('site' => '1', 'access' => 'view'),
- array('site' => '1', 'access' => TestCap2::ID),
- array('site' => '1', 'access' => TestCap3::ID),
- );
+ $expected = [
+ ['site' => '1', 'access' => 'view'],
+ ['site' => '1', 'access' => TestCap2::ID],
+ ['site' => '1', 'access' => TestCap3::ID],
+ ];
$this->assertEquals($expected, $access);
}
public function test_setUserAccess_SetRoleAsString()
{
- $this->api->setUserAccess($this->login, View::ID, array(1));
+ $this->api->setUserAccess($this->login, View::ID, [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $this->assertEquals(array(array('site' => '1', 'access' => 'view')), $access);
+ $this->assertEquals([['site' => '1', 'access' => 'view']], $access);
}
public function test_setUserAccess_SetRoleAsArray()
{
- $this->api->setUserAccess($this->login, array(View::ID), array(1));
+ $this->api->setUserAccess($this->login, [View::ID], [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $this->assertEquals(array(array('site' => '1', 'access' => 'view')), $access);
+ $this->assertEquals([['site' => '1', 'access' => 'view']], $access);
}
public function test_addCapabilities_failsWhenNotCapabilityIsGivenAsString()
@@ -898,7 +1093,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->addCapabilities($this->login, View::ID, array(1));
+ $this->api->addCapabilities($this->login, View::ID, [1]);
}
public function test_addCapabilities_failsWhenNotCapabilityIsGivenAsArray()
@@ -906,7 +1101,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->addCapabilities($this->login, array(TestCap2::ID, View::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, View::ID], [1]);
}
public function test_addCapabilities_failsWhenUserDoesNotExist()
@@ -914,31 +1109,31 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist');
- $this->api->addCapabilities('foobar', array(TestCap2::ID), array(1));
+ $this->api->addCapabilities('foobar', [TestCap2::ID], [1]);
}
public function test_addCapabilities_DoesNotAddSameCapabilityTwice()
{
- $addAccess = array(TestCap2::ID, View::ID, TestCap3::ID);
- $this->api->setUserAccess($this->login, $addAccess, array(1));
+ $addAccess = [TestCap2::ID, View::ID, TestCap3::ID];
+ $this->api->setUserAccess($this->login, $addAccess, [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $expected = array(
- array('site' => '1', 'access' => 'view'),
- array('site' => '1', 'access' => TestCap2::ID),
- array('site' => '1', 'access' => TestCap3::ID),
- );
+ $expected = [
+ ['site' => '1', 'access' => 'view'],
+ ['site' => '1', 'access' => TestCap2::ID],
+ ['site' => '1', 'access' => TestCap3::ID],
+ ];
$this->assertEquals($expected, $access);
- $this->api->addCapabilities($this->login, array(TestCap2::ID, TestCap3::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap3::ID], [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
$this->assertEquals($expected, $access);
- $this->api->addCapabilities($this->login, array(TestCap2::ID, TestCap1::ID, TestCap3::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap1::ID, TestCap3::ID], [1]);
- $expected[] = array('site' => '1', 'access' => TestCap1::ID);
+ $expected[] = ['site' => '1', 'access' => TestCap1::ID];
$access = $this->model->getSitesAccessFromUser($this->login);
$this->assertEquals($expected, $access);
}
@@ -947,27 +1142,27 @@ class APITest extends IntegrationTestCase
{
$access = $this->model->getSitesAccessFromUser($this->login);
- $this->assertEquals(array(), $access);
+ $this->assertEquals([], $access);
- $this->api->addCapabilities($this->login, array(TestCap2::ID, TestCap3::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap3::ID], [1]);
- $this->assertEquals(array(), $access);
+ $this->assertEquals([], $access);
}
public function test_addCapabilities_DoesNotAddCapabilitiesWhichAreIncludedInRoleAlready()
{
- $this->api->setUserAccess($this->login, Write::ID, array(1));
+ $this->api->setUserAccess($this->login, Write::ID, [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $expected = array(
- array('site' => '1', 'access' => 'write'),
- );
+ $expected = [
+ ['site' => '1', 'access' => 'write'],
+ ];
$this->assertEquals($expected, $access);
- $this->api->addCapabilities($this->login, array(TestCap2::ID, TestCap3::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap3::ID], [1]);
- $expected[] = array('site' => '1', 'access' => TestCap3::ID);
+ $expected[] = ['site' => '1', 'access' => TestCap3::ID];
$access = $this->model->getSitesAccessFromUser($this->login);
// did not add TestCap2
@@ -976,16 +1171,16 @@ class APITest extends IntegrationTestCase
public function test_addCapabilities_DoesAddCapabilitiesWhichAreNotIncludedInRoleYetAlready()
{
- $this->api->setUserAccess($this->login, Admin::ID, array(1));
+ $this->api->setUserAccess($this->login, Admin::ID, [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
- $expected = array(
- array('site' => '1', 'access' => 'admin'),
- );
+ $expected = [
+ ['site' => '1', 'access' => 'admin'],
+ ];
$this->assertEquals($expected, $access);
- $this->api->addCapabilities($this->login, array(TestCap2::ID, TestCap1::ID, TestCap3::ID), array(1));
+ $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap1::ID, TestCap3::ID], [1]);
$access = $this->model->getSitesAccessFromUser($this->login);
$this->assertEquals($expected, $access);
@@ -996,7 +1191,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->removeCapabilities($this->login, View::ID, array(1));
+ $this->api->removeCapabilities($this->login, View::ID, [1]);
}
public function test_removeCapabilities_failsWhenNotCapabilityIsGivenAsArray()
@@ -1004,7 +1199,7 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionAccessValues');
- $this->api->removeCapabilities($this->login, array(TestCap2::ID, View::ID), array(1));
+ $this->api->removeCapabilities($this->login, [TestCap2::ID, View::ID], [1]);
}
public function test_removeCapabilities_failsWhenUserDoesNotExist()
@@ -1012,21 +1207,21 @@ class APITest extends IntegrationTestCase
$this->expectException(\Exception::class);
$this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist');
- $this->api->removeCapabilities('foobar', array(TestCap2::ID), array(1));
+ $this->api->removeCapabilities('foobar', [TestCap2::ID], [1]);
}
public function test_removeCapabilities()
{
- $addAccess = array(View::ID, TestCap2::ID, TestCap3::ID, TestCap1::ID);
- $this->api->setUserAccess($this->login, $addAccess, array(1));
+ $addAccess = [View::ID, TestCap2::ID, TestCap3::ID, TestCap1::ID];
+ $this->api->setUserAccess($this->login, $addAccess, [1]);
$access = $this->getAccessInSite($this->login, 1);
$this->assertEquals($addAccess, $access);
- $this->api->removeCapabilities($this->login, array(TestCap3::ID, TestCap2::ID), 1);
+ $this->api->removeCapabilities($this->login, [TestCap3::ID, TestCap2::ID], 1);
$access = $this->getAccessInSite($this->login, 1);
- $this->assertEquals(array(View::ID, TestCap1::ID), $access);
+ $this->assertEquals([View::ID, TestCap1::ID], $access);
}
public function test_setSuperUserAccess_failsIfCurrentPasswordIsIncorrect()
@@ -1037,10 +1232,211 @@ class APITest extends IntegrationTestCase
$this->api->setSuperUserAccess($this->login, true, 'asldfkjds');
}
+ public function testInviteUserAsSuperUser()
+ {
+ $eventWasFired = false;
+
+ EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.end', function ($userLogin, $email) use (&$eventWasFired) {
+ self::assertEquals('pendingLoginTest', $userLogin);
+ self::assertEquals('pendingLoginTest@matomo.org', $email);
+ $eventWasFired = true;
+ });
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+ $this->assertTrue($eventWasFired);
+ }
+
+ public function testInviteUserAsAdmin()
+ {
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+ }
+
+ public function testInviteUserAsAdminForAnotherSiteDoesntWork()
+ {
+ self::expectException(\Exception::class);
+
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 2);
+ }
+
+ public function testInviteUserAsWriteUserNotAllowed()
+ {
+ self::expectException(NoAccessException::class);
+
+ $this->addUserWithAccess('anyUser', 'write', 1);
+ $this->setCurrentUser('anyUser', 'write', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ }
+
+ public function testInviteUserAsUserNotAllowed()
+ {
+ self::expectException(NoAccessException::class);
+
+ $this->addUserWithAccess('anyUser', 'view', 1);
+ $this->setCurrentUser('anyUser', 'view', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ }
+
+ public function testInviteUserExpiredInGivenDays()
+ {
+ Date::$now = time(); // freeze time, so it doesn't change between inviting user and comparing the time
+ $expiredDays = 10;
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', null, $expiredDays);
+ $user = $this->model->getUser('pendingLoginTest');
+ $expired = Date::factory($user['invite_expired_at'])->getTimestamp();
+ $now = Date::now()->getTimestamp();
+ $diff = $expired - $now;
+ $this->assertEquals($expiredDays, $diff / 3600 / 24);
+ }
+
+ public function testResendInviteAsSuperUser()
+ {
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ $eventWasFired = false;
+
+ EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.resendInvite', function ($userLogin) use (&$eventWasFired) {
+ self::assertEquals('pendingLoginTest', $userLogin);
+ $eventWasFired = true;
+ });
+
+ $this->api->resendInvite('pendingLoginTest');
+ self::assertTrue($eventWasFired);
+ }
+
+ public function testResendInviteFailsIfUserNotPending()
+ {
+ self::expectException(\Exception::class);
+ self::expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist');
+
+ $this->api->resendInvite('notExistingUser');
+ }
+
+ public function testResendInviteAsInviterWithAdminAccess()
+ {
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ $eventWasFired = false;
+
+ EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.resendInvite', function ($userLogin) use (&$eventWasFired) {
+ self::assertEquals('pendingLoginTest', $userLogin);
+ $eventWasFired = true;
+ });
+
+ $this->api->resendInvite('pendingLoginTest');
+ self::assertTrue($eventWasFired);
+ }
+
+ public function testResendInviteFailsAsInviterWithoutAdminAccess()
+ {
+ self::expectException(NoAccessException::class);
+
+ $this->addUserWithAccess('adminUser', 'write', 1);
+
+ // fake admin access for inviting the user
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ // degraded to write access
+ $this->setCurrentUser('adminUser', 'admin', []);
+ $this->setCurrentUser('adminUser', 'write', 1);
+
+ $this->api->resendInvite('pendingLoginTest');
+ }
+
+ public function testResendInviteFailsAsNotInvitingAdmin()
+ {
+ self::expectException(NoAccessException::class);
+ self::expectExceptionMessage('UsersManager_ExceptionResendInviteDenied');
+
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->addUserWithAccess('anotherAdminUser', 'admin', 1);
+
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ // another admin tries to resend invite
+ $this->setCurrentUser('anotherAdminUser', 'admin', 1);
+
+ $this->api->resendInvite('pendingLoginTest');
+ }
+
+ public function testInvitedUserCanBeRemovedBySuperUser()
+ {
+ Fixture::createSuperUser();
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ $this->setCurrentUser('superUserLogin', 'superuser', 1);
+
+ $this->api->deleteUser('pendingLoginTest');
+ self::assertEmpty($this->model->getUser('pendingLoginTest'));
+ }
+
+ public function testInvitedUserCanBeRemovedByInviter()
+ {
+ Fixture::createSuperUser();
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ $this->api->deleteUser('pendingLoginTest');
+ self::assertEmpty($this->model->getUser('pendingLoginTest'));
+ }
+
+ public function testInvitedUserCanNOTBeRemovedByOtherAdmin()
+ {
+ self::expectException(\Exception::class);
+ self::expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist');
+
+ $this->addUserWithAccess('adminUser', 'admin', 1);
+ $this->addUserWithAccess('adminUser2', 'admin', 1);
+ $this->setCurrentUser('adminUser', 'admin', 1);
+
+ $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1);
+ $user = $this->model->isPendingUser('pendingLoginTest');
+ $this->assertTrue($user);
+
+ $this->setCurrentUser('adminUser2', 'admin', 1);
+
+ $this->api->deleteUser('pendingLoginTest');
+ }
+
private function getAccessInSite($login, $idSite)
{
$access = $this->model->getSitesAccessFromUser($login);
- $ids = array();
+ $ids = [];
foreach ($access as $entry) {
if ($entry['site'] == $idSite) {
$ids[] = $entry['access'];
@@ -1056,17 +1452,24 @@ class APITest extends IntegrationTestCase
public function provideContainerConfig()
{
- return array(
- 'Piwik\Access' => new FakeAccess(),
- 'usersmanager.user_preference_names' => \DI\add(['randomDoesNotExist', 'RandomNOTREQUESTED', 'preferenceName']),
- 'observers.global' => \DI\add([
- ['Access.Capability.addCapabilities', \DI\value(function (&$capabilities) {
- $capabilities[] = new TestCap1();
- $capabilities[] = new TestCap2();
- $capabilities[] = new TestCap3();
- })],
- ]),
- );
+ return [
+ 'Piwik\Access' => new FakeAccess(),
+ 'usersmanager.user_preference_names' => \DI\add([
+ 'randomDoesNotExist',
+ 'RandomNOTREQUESTED',
+ 'preferenceName'
+ ]),
+ 'observers.global' => \DI\add([
+ [
+ 'Access.Capability.addCapabilities',
+ \DI\value(function (&$capabilities) {
+ $capabilities[] = new TestCap1();
+ $capabilities[] = new TestCap2();
+ $capabilities[] = new TestCap3();
+ })
+ ],
+ ]),
+ ];
}
private function addUserWithAccess($username, $accessLevel, $idSite, $email = null)
@@ -1075,7 +1478,7 @@ class APITest extends IntegrationTestCase
if ($accessLevel == 'superuser') {
$userUpdater = new UserUpdater();
$userUpdater->setSuperUserAccessWithoutCurrentPassword($username, true);
- } else if ($accessLevel) {
+ } elseif ($accessLevel) {
$this->api->setUserAccess($username, $accessLevel, $idSite);
}
}
@@ -1086,8 +1489,10 @@ class APITest extends IntegrationTestCase
FakeAccess::$superUser = $accessLevel == 'superuser';
if ($accessLevel == 'view') {
FakeAccess::$idSitesView = is_array($idSite) ? $idSite : [$idSite];
- } else if ($accessLevel == 'admin') {
+ } elseif ($accessLevel == 'admin') {
FakeAccess::$idSitesAdmin = is_array($idSite) ? $idSite : [$idSite];
+ } elseif ($accessLevel == 'write') {
+ FakeAccess::$idSitesWrite = is_array($idSite) ? $idSite : [$idSite];
}
}
@@ -1095,7 +1500,11 @@ class APITest extends IntegrationTestCase
{
foreach ($users as &$user) {
unset($user['date_registered']);
+ unset($user['invite_expired_at']);
+ unset($user['invite_accept_at']);
+ unset($user['invite_token']);
unset($user['invite_status']);
+ unset($user['invited_by']);
}
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 08:35:51 +0300