From 45058209303f51216367f07fde54f83a6928e1e6 Mon Sep 17 00:00:00 2001 From: Peter Zhang Date: Thu, 28 Jul 2022 20:41:23 +1200 Subject: Params name not matching, caused first website granted not working (#19575) * Update API.php update Param name * add invite User initialIdSite tests add invite User initialIdSite tests * Revert "add invite User initialIdSite tests" This reverts commit 9044fc63f5df0c41051d3cb161028e4c33937b72. * add 2 new tests add 2 new tests * Update plugins/UsersManager/tests/Integration/APITest.php * update invite User check, if initialIdSite is null throw error update invite User check, if initialIdSite is null throw error * Update plugins/UsersManager/API.php * update tests update tests * update tests update tests * Update UsersManagerTest.php remove another function * update tests update tests * Update UsersManagerTest.php revert a tests * update screenshots update screenshots * updates expected test files * apply PSR12 code formatting Co-authored-by: Ben Burgess <88810029+bx80@users.noreply.github.com> Co-authored-by: sgiehl --- plugins/UsersManager/API.php | 19 +- plugins/UsersManager/Repository/UserRepository.php | 11 +- plugins/UsersManager/tests/Integration/APITest.php | 807 +++++++++++---------- .../tests/Integration/UserInviteTest.php | 2 +- ...UsersManager_permissions_all_rows_in_search.png | 4 +- .../UsersManager_permissions_edit.png | 4 +- .../UsersManager_user_created.png | 4 +- 7 files changed, 454 insertions(+), 397 deletions(-) (limited to 'plugins/UsersManager') diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php index 9accb8f35c..c0da2e5ab4 100644 --- a/plugins/UsersManager/API.php +++ b/plugins/UsersManager/API.php @@ -729,8 +729,16 @@ class API extends \Piwik\Plugin\API $password = Common::unsanitizeInputValue($password); UsersManager::checkPassword($password); + + $initialIdSite = $initialIdSite === null ? null : intval($initialIdSite); + if (!Piwik::hasUserSuperUserAccess()) { + if (empty($initialIdSite)) { + throw new \Exception(Piwik::translate("UsersManager_AddUserNoInitialAccessError")); + } + } + $this->userRepository->create( (string) $userLogin, (string) $email, @@ -752,7 +760,7 @@ class API extends \Piwik\Plugin\API /** * @throws Exception */ - public function inviteUser($userLogin, $email, $idSite = null, $expiryInDays = null) + public function inviteUser($userLogin, $email, $initialIdSite = null, $expiryInDays = null) { Piwik::checkUserHasSomeAdminAccess(); UsersManager::dieIfUsersAdminIsDisabled(); @@ -761,9 +769,14 @@ class API extends \Piwik\Plugin\API $expiryInDays = Config\GeneralConfig::getConfigValue('default_invite_user_token_expiry_days'); } - $idSite = $idSite === null ? null : intval($idSite); + if (empty($initialIdSite)) { + throw new \Exception(Piwik::translate("UsersManager_AddUserNoInitialAccessError")); + } else { + // check if the site exists + new Site($initialIdSite); + } - $this->userRepository->inviteUser((string) $userLogin, (string) $email, $idSite, (int) $expiryInDays); + $this->userRepository->inviteUser((string) $userLogin, (string) $email, intval($initialIdSite), (int) $expiryInDays); /** * Triggered after a new user was invited. diff --git a/plugins/UsersManager/Repository/UserRepository.php b/plugins/UsersManager/Repository/UserRepository.php index e806211abc..59f1946813 100644 --- a/plugins/UsersManager/Repository/UserRepository.php +++ b/plugins/UsersManager/Repository/UserRepository.php @@ -7,6 +7,7 @@ use Piwik\Container\StaticContainer; use Piwik\Date; use Piwik\Metrics\Formatter; use Piwik\Piwik; +use Piwik\Plugin; use Piwik\Plugins\CoreAdminHome\Emails\UserCreatedEmail; use Piwik\Plugins\UsersManager\API; use Piwik\Plugins\UsersManager\Emails\UserInviteEmail; @@ -18,8 +19,6 @@ use Piwik\Plugins\UsersManager\Validators\Email; use Piwik\Plugins\UsersManager\Validators\Login; use Piwik\Site; use Piwik\Validators\BaseValidator; -use Piwik\Validators\IdSite; -use Piwik\Plugin; class UserRepository { @@ -60,12 +59,10 @@ class UserRepository string $password = '', bool $isPasswordHashed = false ): void { + + if (!Piwik::hasUserSuperUserAccess()) { - if (empty($initialIdSite)) { - throw new \Exception(Piwik::translate("UsersManager_AddUserNoInitialAccessError")); - } - // check if the site exists - BaseValidator::check('siteId', $initialIdSite, [new IdSite()]); + // check if the user has admin access to the site Piwik::checkUserHasAdminAccess($initialIdSite); } diff --git a/plugins/UsersManager/tests/Integration/APITest.php b/plugins/UsersManager/tests/Integration/APITest.php index a6c8454d4d..bdf3f00a69 100644 --- a/plugins/UsersManager/tests/Integration/APITest.php +++ b/plugins/UsersManager/tests/Integration/APITest.php @@ -3,14 +3,17 @@ /** * Matomo - free/libre analytics platform * - * @link https://matomo.org + * @link https://matomo.org * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later */ namespace Piwik\Plugins\UsersManager\tests\Integration; +use Piwik\Access\Capability; +use Piwik\Access\Role\Admin; use Piwik\Access\Role\View; use Piwik\Access\Role\Write; +use Piwik\API\Request; use Piwik\Auth\Password; use Piwik\Config; use Piwik\Date; @@ -27,8 +30,6 @@ use Piwik\Plugins\UsersManager\UserUpdater; use Piwik\Tests\Framework\Fixture; use Piwik\Tests\Framework\Mock\FakeAccess; use Piwik\Tests\Framework\TestCase\IntegrationTestCase; -use Piwik\Access\Role\Admin; -use Piwik\Access\Capability; class TestCap1 extends Capability { @@ -57,7 +58,7 @@ class TestCap1 extends Capability public function getIncludedInRoles(): array { return [ - Admin::ID + Admin::ID, ]; } } @@ -89,8 +90,8 @@ class TestCap2 extends Capability public function getIncludedInRoles(): array { return [ - Write::ID, - Admin::ID + Write::ID, + Admin::ID, ]; } } @@ -153,7 +154,7 @@ class APITest extends IntegrationTestCase { parent::setUp(); - $this->api = API::getInstance(); + $this->api = API::getInstance(); $this->model = new Model(); FakeAccess::clearAccess(); @@ -172,10 +173,10 @@ class APITest extends IntegrationTestCase parent::tearDown(); } - public function test_setUserAccess_ShouldTriggerRemoveSiteAccessEvent_IfAccessToAWebsiteIsRemoved() + public function testSetUserAccessShouldTriggerRemoveSiteAccessEventIfAccessToAWebsiteIsRemoved() { $eventTriggered = false; - $self = $this; + $self = $this; Piwik::addAction('UsersManager.removeSiteAccess', function ($login, $idSites) use (&$eventTriggered, $self) { $eventTriggered = true; $self->assertEquals($self->login, $login); @@ -187,7 +188,7 @@ class APITest extends IntegrationTestCase $this->assertTrue($eventTriggered, 'UsersManager.removeSiteAccess event was not triggered'); } - public function test_setUserAccess_ShouldNotTriggerRemoveSiteAccessEvent_IfAccessIsAdded() + public function testSetUserAccessShouldNotTriggerRemoveSiteAccessEventIfAccessIsAdded() { $eventTriggered = false; Piwik::addAction('UsersManager.removeSiteAccess', function () use (&$eventTriggered) { @@ -199,25 +200,25 @@ class APITest extends IntegrationTestCase $this->assertFalse($eventTriggered, 'UsersManager.removeSiteAccess event was triggered but should not'); } - public function test_getAllUsersPreferences_isEmpty_whenNoPreference() + public function testGetAllUsersPreferencesIsEmptyWhenNoPreference() { $preferences = $this->api->getAllUsersPreferences(['preferenceName']); $this->assertEmpty($preferences); } - public function test_getAllUsersPreferences_isEmpty_whenNoPreferenceAndMultipleRequested() + public function testGetAllUsersPreferencesIsEmptyWhenNoPreferenceAndMultipleRequested() { $preferences = $this->api->getAllUsersPreferences(['preferenceName', 'randomDoesNotExist']); $this->assertEmpty($preferences); } - public function test_getUserPreference_ShouldReturnADefaultPreference_IfNoneIsSet() + public function testGetUserPreferenceShouldReturnADefaultPreferenceIfNoneIsSet() { $siteId = $this->api->getUserPreference(API::PREFERENCE_DEFAULT_REPORT, $this->login); $this->assertEquals('1', $siteId); } - public function test_getUserPreference_ShouldReturnASetreference_IfNoneIsSet() + public function testGetUserPreferenceShouldReturnASetreferenceIfNoneIsSet() { $this->api->setUserPreference($this->login, API::PREFERENCE_DEFAULT_REPORT, 5); @@ -225,7 +226,7 @@ class APITest extends IntegrationTestCase $this->assertEquals('5', $siteId); } - public function test_initUserPreferenceWithDefault_ShouldSaveTheDefaultPreference_IfPreferenceIsNotSet() + public function testInitUserPreferenceWithDefaultShouldSaveTheDefaultPreferenceIfPreferenceIsNotSet() { // make sure there is no value saved so it will use default preference $siteId = Option::get($this->getPreferenceId(API::PREFERENCE_DEFAULT_REPORT)); @@ -238,7 +239,7 @@ class APITest extends IntegrationTestCase $this->assertEquals('1', $siteId); } - public function test_initUserPreferenceWithDefault_ShouldNotSaveTheDefaultPreference_IfPreferenceIsAlreadySet() + public function testInitUserPreferenceWithDefaultShouldNotSaveTheDefaultPreferenceIfPreferenceIsAlreadySet() { // set value so there will already be a default Option::set($this->getPreferenceId(API::PREFERENCE_DEFAULT_REPORT), '999'); @@ -253,7 +254,7 @@ class APITest extends IntegrationTestCase $this->assertEquals('999', $siteId); } - public function test_getAllUsersPreferences_shouldGetMultiplePreferences() + public function testGetAllUsersPreferencesShouldGetMultiplePreferences() { $user2 = 'userLogin2'; $user3 = 'userLogin3'; @@ -267,24 +268,24 @@ class APITest extends IntegrationTestCase $this->api->setUserPreference($user3, 'RandomNOTREQUESTED', 'RandomNOTREQUESTED'); $expected = [ - $user2 => [ - API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2' - ], - $user3 => [ - API::PREFERENCE_DEFAULT_REPORT => 'valueForUser3', - API::PREFERENCE_DEFAULT_REPORT_DATE => 'otherPreferenceVALUE', - ], + $user2 => [ + API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2', + ], + $user3 => [ + API::PREFERENCE_DEFAULT_REPORT => 'valueForUser3', + API::PREFERENCE_DEFAULT_REPORT_DATE => 'otherPreferenceVALUE', + ], ]; - $result = $this->api->getAllUsersPreferences([ - API::PREFERENCE_DEFAULT_REPORT, - API::PREFERENCE_DEFAULT_REPORT_DATE, - 'randomDoesNotExist' - ]); + $result = $this->api->getAllUsersPreferences([ + API::PREFERENCE_DEFAULT_REPORT, + API::PREFERENCE_DEFAULT_REPORT_DATE, + 'randomDoesNotExist', + ]); $this->assertSame($expected, $result); } - public function test_getAllUsersPreferences_whenLoginContainsUnderscore() + public function testGetAllUsersPreferencesWhenLoginContainsUnderscore() { $user2 = 'user_Login2'; $this->api->addUser($user2, 'password', 'userlogin2@password.de'); @@ -292,16 +293,16 @@ class APITest extends IntegrationTestCase $this->api->setUserPreference($user2, API::PREFERENCE_DEFAULT_REPORT_DATE, 'RandomNOTREQUESTED'); $expected = [ - $user2 => [ - API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2' - ], + $user2 => [ + API::PREFERENCE_DEFAULT_REPORT => 'valueForUser2', + ], ]; - $result = $this->api->getAllUsersPreferences([API::PREFERENCE_DEFAULT_REPORT, 'randomDoesNotExist']); + $result = $this->api->getAllUsersPreferences([API::PREFERENCE_DEFAULT_REPORT, 'randomDoesNotExist']); $this->assertSame($expected, $result); } - public function test_setUserPreference_throws_whenPreferenceNameContainsUnderscore() + public function testSetUserPreferenceThrowsWhenPreferenceNameContainsUnderscore() { $this->expectException(\Exception::class); @@ -310,20 +311,20 @@ class APITest extends IntegrationTestCase $this->api->setUserPreference($user2, 'ohOH_myPreferenceName', 'valueForUser2'); } - public function test_updateUser() + public function testUpdateUser() { $capturedMails = []; Piwik::addAction('Mail.send', function (Mail $mail) use (&$capturedMails) { $capturedMails[] = $mail; }); - $identity = FakeAccess::$identity; + $identity = FakeAccess::$identity; FakeAccess::$identity = $this->login; // ensure password will be checked against this user $this->api->updateUser($this->login, 'newPassword', 'email@example.com', false, $this->password); FakeAccess::$identity = $identity; $model = new Model(); - $user = $model->getUser($this->login); + $user = $model->getUser($this->login); $this->assertSame('email@example.com', $user['email']); @@ -335,21 +336,21 @@ class APITest extends IntegrationTestCase return $mail->getSubject(); }, $capturedMails); $this->assertEquals([ - 'UsersManager_EmailChangeNotificationSubject', // sent twice to old email and new - 'UsersManager_EmailChangeNotificationSubject', - 'UsersManager_PasswordChangeNotificationSubject', - ], $subjects); + 'UsersManager_EmailChangeNotificationSubject', // sent twice to old email and new + 'UsersManager_EmailChangeNotificationSubject', + 'UsersManager_PasswordChangeNotificationSubject', + ], $subjects); } - public function test_updateUser_doesNotSendEmailsIfTurnedOffInConfig() + public function testUpdateUserDoesNotSendEmailsIfTurnedOffInConfig() { Config::getInstance()->General['enable_update_users_email'] = 0; - $capturedMails = []; + $capturedMails = []; Piwik::addAction('Mail.send', function (Mail $mail) use (&$capturedMails) { $capturedMails[] = $mail; }); - $identity = FakeAccess::$identity; + $identity = FakeAccess::$identity; FakeAccess::$identity = $this->login; // en $this->api->updateUser($this->login, 'newPassword2', 'email2@example.com', false, $this->password); FakeAccess::$identity = $identity; @@ -361,14 +362,14 @@ class APITest extends IntegrationTestCase } - public function test_updateUser_doesNotSendEmailIfNoChangeAndDoesNotRequirePassword() + public function testUpdateUserDoesNotSendEmailIfNoChangeAndDoesNotRequirePassword() { $capturedMails = []; Piwik::addAction('Mail.send', function (Mail $mail) use (&$capturedMails) { $capturedMails[] = $mail; }); - $identity = FakeAccess::$identity; + $identity = FakeAccess::$identity; FakeAccess::$identity = $this->login; // en $this->api->updateUser($this->login, false, strtoupper($this->email)); FakeAccess::$identity = $identity; @@ -376,12 +377,12 @@ class APITest extends IntegrationTestCase $this->assertEquals([], $capturedMails); } - public function test_updateUser_doesNotChangePasswordIfFalsey() + public function testUpdateUserDoesNotChangePasswordIfFalsey() { - $model = new Model(); + $model = new Model(); $userBefore = $model->getUser($this->login); - $identity = FakeAccess::$identity; + $identity = FakeAccess::$identity; FakeAccess::$identity = $this->login; // ensure password will be checked against this user $this->api->updateUser($this->login, false, 'email@example.com', false, $this->password); FakeAccess::$identity = $identity; @@ -392,7 +393,7 @@ class APITest extends IntegrationTestCase $this->assertSame($userBefore['ts_password_modified'], $user['ts_password_modified']); } - public function test_updateUser_failsIfPasswordTooLong() + public function testUpdateUserFailsIfPasswordTooLong() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionInvalidPasswordTooLong'); @@ -406,7 +407,7 @@ class APITest extends IntegrationTestCase ); } - public function test_update_user_fails_if_email_exists_as_other_user_username() + public function testUpdateUserFailsIfEmailExistsAsOtherUserUsername() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionEmailExistsAsLogin'); @@ -417,9 +418,9 @@ class APITest extends IntegrationTestCase $this->api->updateUser($this->login, $this->password, $user2, false, $this->password); } - public function test_update_can_update_user_email_to_own_username() + public function testUpdateCanUpdateUserEmailToOwnUsername() { - $user2 = 'ownemail@example.com'; + $user2 = 'ownemail@example.com'; $password = 'password'; $this->api->addUser($user2, $password, 'ownemail_wrong@example.com'); @@ -430,7 +431,7 @@ class APITest extends IntegrationTestCase $this->assertEquals($user2Array['email'], $user2); } - public function test_cannot_create_user_if_email_exists_as_username() + public function testCannotCreateUserIfEmailExistsAsUsername() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionEmailExistsAsLogin'); @@ -441,7 +442,7 @@ class APITest extends IntegrationTestCase $this->api->addUser('user3', 'password', $user2); } - public function test_cannot_create_user_if_username_exists_as_email() + public function testCannotCreateUserIfUsernameExistsAsEmail() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionLoginExistsAsEmail'); @@ -449,7 +450,7 @@ class APITest extends IntegrationTestCase $this->api->addUser($this->email, 'password', 'new_user@example.com'); } - public function test_getSitesAccessFromUser_forSuperUser() + public function testGetSitesAccessFromUserForSuperUser() { $user2 = 'userLogin2'; $this->api->addUser($user2, 'password', 'userlogin2@password.de'); @@ -462,25 +463,25 @@ class APITest extends IntegrationTestCase $userUpdater->setSuperUserAccessWithoutCurrentPassword($user2, true); // super user has admin access for every site - $access = $this->api->getSitesAccessFromUser($user2); + $access = $this->api->getSitesAccessFromUser($user2); $expected = [ - [ - 'site' => 1, - 'access' => 'admin' - ], - [ - 'site' => 2, - 'access' => 'admin' - ], - [ - 'site' => 3, - 'access' => 'admin' - ], + [ + 'site' => 1, + 'access' => 'admin', + ], + [ + 'site' => 2, + 'access' => 'admin', + ], + [ + 'site' => 3, + 'access' => 'admin', + ], ]; $this->assertEquals($expected, $access); } - public function test_getUsersPlusRole_shouldReturnSelfIfUserDoesNotHaveAdminAccessToSite() + public function testGetUsersPlusRoleShouldReturnSelfIfUserDoesNotHaveAdminAccessToSite() { $this->addUserWithAccess('userLogin2', 'view', 1); $this->setCurrentUser('userLogin2', 'view', 1); @@ -488,18 +489,18 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'view', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => '0', - ], + [ + 'login' => 'userLogin2', + 'role' => 'view', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => '0', + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldIgnoreOffsetIfLimitIsNotSupplied() + public function testGetUsersPlusRoleShouldIgnoreOffsetIfLimitIsNotSupplied() { $this->addUserWithAccess('userLogin2', 'view', 1); $this->setCurrentUser('userLogin2', 'view', 1); @@ -507,18 +508,18 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, $limit = null, $offset = 1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'view', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => '0', - ], + [ + 'login' => 'userLogin2', + 'role' => 'view', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => '0', + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldNotAllowSuperuserFilter_ifUserIsNotSuperUser() + public function testGetUsersPlusRoleShouldNotAllowSuperuserFilterIfUserIsNotSuperUser() { $this->addUserWithAccess('userLogin2', 'view', 1); $this->addUserWithAccess('userLogin3', 'superuser', 1); @@ -527,18 +528,18 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, null, 'superuser'); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'view', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => '0', - ], + [ + 'login' => 'userLogin2', + 'role' => 'view', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => '0', + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldReturnAllUsersAndAccess_ifUserHasAdminAccess() + public function testGetUsersPlusRoleShouldReturnAllUsersAndAccessIfUserHasAdminAccess() { $this->addUserWithAccess('userLogin2', 'admin', 1); $this->addUserWithAccess('userLogin3', 'view', 1); @@ -549,30 +550,30 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'admin', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => false, - ], - [ - 'login' => 'userLogin3', - 'role' => 'view', - 'capabilities' => [], - 'superuser_access' => false, - ], - [ - 'login' => 'userLogin4', - 'role' => 'admin', - 'capabilities' => [], - 'superuser_access' => false, - ], + [ + 'login' => 'userLogin2', + 'role' => 'admin', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin3', + 'role' => 'view', + 'capabilities' => [], + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin4', + 'role' => 'admin', + 'capabilities' => [], + 'superuser_access' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldLimitUsersReturnedToThoseWithAccessToSitesAsCurrentUsersAdminSites_IfCurrentUserIsAdmin() + public function testGetUsersPlusRoleForAdminShouldLimitUsersToThoseWithAccessToSitesAsCurrentUsersAdminSites() { $this->addUserWithAccess('userLogin2', 'admin', [1, 2]); $this->addUserWithAccess('userLogin3', 'view', 1); @@ -584,36 +585,36 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'admin', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => false, - ], - [ - 'login' => 'userLogin3', - 'role' => 'view', - 'capabilities' => [], - 'superuser_access' => false, - ], - [ - 'login' => 'userLogin4', - 'role' => 'admin', - 'capabilities' => [], - 'superuser_access' => false, - ], - [ - 'login' => 'userLogin5', - 'role' => 'noaccess', - 'capabilities' => [], - 'superuser_access' => false, - ], + [ + 'login' => 'userLogin2', + 'role' => 'admin', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin3', + 'role' => 'view', + 'capabilities' => [], + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin4', + 'role' => 'admin', + 'capabilities' => [], + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin5', + 'role' => 'noaccess', + 'capabilities' => [], + 'superuser_access' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldReturnAllUsersAndAccess_ifUserHasSuperuserAccess() + public function testGetUsersPlusRoleShouldReturnAllUsersAndAccessIfUserHasSuperuserAccess() { $this->addUserWithAccess('userLogin2', 'superuser', 1); $this->addUserWithAccess('userLogin3', 'view', 1); @@ -624,51 +625,51 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin', - 'email' => 'userlogin@password.de', - 'superuser_access' => false, - 'role' => 'noaccess', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin2', - 'email' => 'userLogin2@password.de', - 'superuser_access' => true, - 'role' => 'superuser', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin3', - 'email' => 'userLogin3@password.de', - 'superuser_access' => false, - 'role' => 'view', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin4', - 'email' => 'userLogin4@password.de', - 'superuser_access' => true, - 'role' => 'superuser', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin5', - 'email' => 'userLogin5@password.de', - 'superuser_access' => false, - 'role' => 'noaccess', - 'capabilities' => [], - 'uses_2fa' => false, - ], + [ + 'login' => 'userLogin', + 'email' => 'userlogin@password.de', + 'superuser_access' => false, + 'role' => 'noaccess', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin2', + 'email' => 'userLogin2@password.de', + 'superuser_access' => true, + 'role' => 'superuser', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin3', + 'email' => 'userLogin3@password.de', + 'superuser_access' => false, + 'role' => 'view', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin4', + 'email' => 'userLogin4@password.de', + 'superuser_access' => true, + 'role' => 'superuser', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin5', + 'email' => 'userLogin5@password.de', + 'superuser_access' => false, + 'role' => 'noaccess', + 'capabilities' => [], + 'uses_2fa' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldFilterUsersByAccessCorrectly() + public function testGetUsersPlusRoleShouldFilterUsersByAccessCorrectly() { $this->addUserWithAccess('userLogin2', 'admin', 1); $this->addUserWithAccess('userLogin3', 'view', 1); @@ -680,18 +681,19 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, null, 'admin'); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'role' => 'admin', - 'capabilities' => [], - 'email' => 'userLogin2@password.de', - 'superuser_access' => false, - ], - ['login' => 'userLogin5', - 'role' => 'admin', - 'capabilities' => [], - 'superuser_access' => false, - ], + [ + 'login' => 'userLogin2', + 'role' => 'admin', + 'capabilities' => [], + 'email' => 'userLogin2@password.de', + 'superuser_access' => false, + ], + [ + 'login' => 'userLogin5', + 'role' => 'admin', + 'capabilities' => [], + 'superuser_access' => false, + ], ]; $this->assertEquals($expected, $users); @@ -699,12 +701,12 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, null, 'write'); $this->cleanUsers($users); $expected = [ - ['login' => 'userLogin6', 'role' => 'write', 'capabilities' => [], 'superuser_access' => false], + ['login' => 'userLogin6', 'role' => 'write', 'capabilities' => [], 'superuser_access' => false], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldReturnUsersWithNoAccessCorrectly() + public function testGetUsersPlusRoleShouldReturnUsersWithNoAccessCorrectly() { $this->addUserWithAccess('userLogin2', 'noaccess', 1); $this->addUserWithAccess('userLogin3', 'view', 1); @@ -714,35 +716,35 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, null, 'noaccess'); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin', - 'role' => 'noaccess', - 'superuser_access' => false, - 'email' => 'userlogin@password.de', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin2', - 'role' => 'noaccess', - 'superuser_access' => false, - 'email' => 'userLogin2@password.de', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin5', - 'role' => 'noaccess', - 'superuser_access' => false, - 'email' => 'userLogin5@password.de', - 'capabilities' => [], - 'uses_2fa' => false, - ], + [ + 'login' => 'userLogin', + 'role' => 'noaccess', + 'superuser_access' => false, + 'email' => 'userlogin@password.de', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin2', + 'role' => 'noaccess', + 'superuser_access' => false, + 'email' => 'userLogin2@password.de', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin5', + 'role' => 'noaccess', + 'superuser_access' => false, + 'email' => 'userLogin5@password.de', + 'capabilities' => [], + 'uses_2fa' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldSearchForSuperUsersCorrectly() + public function testGetUsersPlusRoleShouldSearchForSuperUsersCorrectly() { $this->addUserWithAccess('userLogin2', 'admin', 1); $userUpdater = new UserUpdater(); @@ -755,27 +757,27 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, null, 'superuser'); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin2', - 'email' => 'userLogin2@password.de', - 'superuser_access' => true, - 'role' => 'superuser', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin4', - 'email' => 'userLogin4@password.de', - 'superuser_access' => true, - 'role' => 'superuser', - 'capabilities' => [], - 'uses_2fa' => false, - ], + [ + 'login' => 'userLogin2', + 'email' => 'userLogin2@password.de', + 'superuser_access' => true, + 'role' => 'superuser', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin4', + 'email' => 'userLogin4@password.de', + 'superuser_access' => true, + 'role' => 'superuser', + 'capabilities' => [], + 'uses_2fa' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldSearchByTextCorrectly() + public function testGetUsersPlusRoleShouldSearchByTextCorrectly() { $this->addUserWithAccess('searchTextLogin', 'superuser', 1, 'someemail@email.com'); $this->addUserWithAccess('userLogin2', 'view', 1, 'searchTextdef@email.com'); @@ -786,27 +788,27 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, null, null, 'searchText'); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'searchTextLogin', - 'email' => 'someemail@email.com', - 'superuser_access' => true, - 'role' => 'superuser', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin2', - 'email' => 'searchTextdef@email.com', - 'superuser_access' => false, - 'role' => 'view', - 'capabilities' => [], - 'uses_2fa' => false, - ], + [ + 'login' => 'searchTextLogin', + 'email' => 'someemail@email.com', + 'superuser_access' => true, + 'role' => 'superuser', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin2', + 'email' => 'searchTextdef@email.com', + 'superuser_access' => false, + 'role' => 'view', + 'capabilities' => [], + 'uses_2fa' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getUsersPlusRole_shouldApplyLimitAndOffsetCorrectly() + public function testGetUsersPlusRoleShouldApplyLimitAndOffsetCorrectly() { $this->addUserWithAccess('searchTextLogin', 'superuser', 1, 'someemail@email.com'); $this->addUserWithAccess('userLogin2', 'view', 1, 'searchTextdef@email.com'); @@ -817,70 +819,71 @@ class APITest extends IntegrationTestCase $users = $this->api->getUsersPlusRole(1, $limit = 2, $offset = 1); $this->cleanUsers($users); $expected = [ - [ - 'login' => 'userLogin', - 'email' => 'userlogin@password.de', - 'superuser_access' => false, - 'role' => 'noaccess', - 'capabilities' => [], - 'uses_2fa' => false, - ], - [ - 'login' => 'userLogin2', - 'email' => 'searchTextdef@email.com', - 'superuser_access' => false, - 'role' => 'view', - 'capabilities' => [], - 'uses_2fa' => false, - ], + [ + 'login' => 'userLogin', + 'email' => 'userlogin@password.de', + 'superuser_access' => false, + 'role' => 'noaccess', + 'capabilities' => [], + 'uses_2fa' => false, + ], + [ + 'login' => 'userLogin2', + 'email' => 'searchTextdef@email.com', + 'superuser_access' => false, + 'role' => 'view', + 'capabilities' => [], + 'uses_2fa' => false, + ], ]; $this->assertEquals($expected, $users); } - public function test_getSitesAccessForUser_shouldReturnAccessForUser() + public function testGetSitesAccessForUserShouldReturnAccessForUser() { $this->api->setUserAccess('userLogin', 'admin', [1]); $this->api->setUserAccess('userLogin', 'view', [2]); $this->api->setUserAccess('userLogin', 'view', [3]); - $access = $this->api->getSitesAccessForUser('userLogin'); + $access = $this->api->getSitesAccessForUser('userLogin'); $expected = [ - ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []], - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function getSitesAccessForUser_shouldIgnoreOffsetIfLimitNotSupplied() + public function testGetSitesAccessForUserShouldIgnoreOffsetIfLimitNotSupplied() { $this->api->setUserAccess('userLogin', 'admin', [1]); $this->api->setUserAccess('userLogin', 'view', [2]); $this->api->setUserAccess('userLogin', 'view', [3]); - $access = $this->api->getSitesAccessForUser('userLogin', $limit = null, $offset = 1); + $access = $this->api->getSitesAccessForUser('userLogin', $limit = null, $offset = 1); $expected = [ - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldApplyLimitAndOffsetCorrectly() + public function testGetSitesAccessForUserShouldApplyLimitAndOffsetCorrectly() { $this->api->setUserAccess('userLogin', 'admin', [1]); $this->api->setUserAccess('userLogin', 'view', [2]); $this->api->setUserAccess('userLogin', 'view', [3]); - $access = $this->api->getSitesAccessForUser('userLogin', $limit = 2, $offset = 1); + $access = $this->api->getSitesAccessForUser('userLogin', $limit = 2, $offset = 1); $expected = [ - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldSearchSitesCorrectly() + public function testGetSitesAccessForUserShouldSearchSitesCorrectly() { Fixture::createWebsite('2010-01-02 00:00:00'); @@ -906,30 +909,30 @@ class APITest extends IntegrationTestCase 'the searchTerm group' ); - $access = $this->api->getSitesAccessForUser('userLogin', null, null, 'searchTerm'); + $access = $this->api->getSitesAccessForUser('userLogin', null, null, 'searchTerm'); $expected = [ - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '1', 'site_name' => 'searchTerm site', 'role' => 'admin', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'searchTerm site', 'role' => 'admin', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldFilterByAccessCorrectly() + public function testGetSitesAccessForUserShouldFilterByAccessCorrectly() { $this->api->setUserAccess('userLogin', 'admin', [1]); $this->api->setUserAccess('userLogin', 'view', [2]); $this->api->setUserAccess('userLogin', 'view', [3]); - $access = $this->api->getSitesAccessForUser('userLogin', null, null, null, 'view'); + $access = $this->api->getSitesAccessForUser('userLogin', null, null, null, 'view'); $expected = [ - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldLimitSitesIfUserIsAdmin() + public function testGetSitesAccessForUserShouldLimitSitesIfUserIsAdmin() { $this->addUserWithAccess('userLogin2', 'view', [1, 2, 3], 'userlogin2@email.com'); @@ -938,15 +941,15 @@ class APITest extends IntegrationTestCase $this->setCurrentUser('userLogin', 'admin', [1, 2]); - $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'view'); + $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'view'); $expected = [ - ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldLimitSitesIfUserIsAdmin_AndStillSelectNoAccessSitesCorrectly() + public function testGetSitesAccessForUserShouldLimitSitesIfUserIsAdminAndStillSelectNoAccessSitesCorrectly() { $this->addUserWithAccess('userLogin2', 'view', [1], 'userlogin2@email.com'); @@ -954,46 +957,46 @@ class APITest extends IntegrationTestCase $this->setCurrentUser('userLogin', 'admin', [1, 2, 3]); - $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'noaccess'); + $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'noaccess'); $expected = [ - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldSelectSitesCorrectlyIfAtLeastViewRequested() + public function testGetSitesAccessForUserShouldSelectSitesCorrectlyIfAtLeastViewRequested() { $this->addUserWithAccess('userLogin2', 'view', [1], 'userlogin2@email.com'); $this->api->setUserAccess('userLogin2', 'admin', [2]); - $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'some'); + $access = $this->api->getSitesAccessForUser('userLogin2', null, null, null, 'some'); $expected = [ - ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'view', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'admin', 'capabilities' => []], ]; $this->assertEquals($expected, $access); } - public function test_getSitesAccessForUser_shouldReportIfUserHasNoAccessToSites() + public function testGetSitesAccessForUserShouldReportIfUserHasNoAccessToSites() { - $access = $this->api->getSitesAccessForUser('userLogin'); + $access = $this->api->getSitesAccessForUser('userLogin'); $expected = [ - ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], - ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], - ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], + ['idsite' => '1', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], + ['idsite' => '2', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], + ['idsite' => '3', 'site_name' => 'Piwik test', 'role' => 'noaccess', 'capabilities' => []], ]; $this->assertEquals($expected, $access); // test when search returns empty result $this->api->setUserAccess('userLogin', 'view', 1); - $access = $this->api->getSitesAccessForUser('userLogin', null, null, 'asdklfjds'); + $access = $this->api->getSitesAccessForUser('userLogin', null, null, 'asdklfjds'); $expected = []; $this->assertEquals($expected, $access); } - public function test_setUserAccess_MultipleRolesCannotBeSet() + public function testSetUserAccessMultipleRolesCannotBeSet() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionMultipleRoleSet'); @@ -1001,7 +1004,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess($this->login, ['view', 'admin'], [1]); } - public function test_setUserAccess_NeedsAtLeastOneRole() + public function testSetUserAccessNeedsAtLeastOneRole() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionNoRoleSet'); @@ -1009,7 +1012,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess($this->login, [TestCap2::ID], [1]); } - public function test_setUserAccess_NeedsAtLeastOneRoleAsString() + public function testSetUserAccessNeedsAtLeastOneRoleAsString() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1017,7 +1020,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess($this->login, TestCap2::ID, [1]); } - public function test_setUserAccess_InvalidCapability() + public function testSetUserAccessInvalidCapability() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1025,7 +1028,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess($this->login, ['admin', 'foobar'], [1]); } - public function test_setUserAccess_NeedsAtLeastOneRoleNoneGiven() + public function testSetUserAccessNeedsAtLeastOneRoleNoneGiven() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionNoRoleSet'); @@ -1033,7 +1036,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess($this->login, [], [1]); } - public function test_setUserAccess_CannotSetAdminToAnonymous() + public function testSetUserAccessCannotSetAdminToAnonymous() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAnonymousAccessNotPossible'); @@ -1041,7 +1044,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess('anonymous', 'admin', [1]); } - public function test_setUserAccess_CannotSetWriteToAnonymous() + public function testSetUserAccessCannotSetWriteToAnonymous() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAnonymousAccessNotPossible'); @@ -1049,7 +1052,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess('anonymous', 'write', [1]); } - public function test_setUserAccess_UserDoesNotExist() + public function testSetUserAccessUserDoesNotExist() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist'); @@ -1057,7 +1060,7 @@ class APITest extends IntegrationTestCase $this->api->setUserAccess('foobar', Admin::ID, [1]); } - public function test_setUserAccess_SetRoleAndCapabilities() + public function testSetUserAccessSetRoleAndCapabilities() { $access = [TestCap2::ID, View::ID, TestCap3::ID]; $this->api->setUserAccess($this->login, $access, [1]); @@ -1065,14 +1068,14 @@ class APITest extends IntegrationTestCase $access = $this->model->getSitesAccessFromUser($this->login); $expected = [ - ['site' => '1', 'access' => 'view'], - ['site' => '1', 'access' => TestCap2::ID], - ['site' => '1', 'access' => TestCap3::ID], + ['site' => '1', 'access' => 'view'], + ['site' => '1', 'access' => TestCap2::ID], + ['site' => '1', 'access' => TestCap3::ID], ]; $this->assertEquals($expected, $access); } - public function test_setUserAccess_SetRoleAsString() + public function testSetUserAccessSetRoleAsString() { $this->api->setUserAccess($this->login, View::ID, [1]); @@ -1080,7 +1083,7 @@ class APITest extends IntegrationTestCase $this->assertEquals([['site' => '1', 'access' => 'view']], $access); } - public function test_setUserAccess_SetRoleAsArray() + public function testSetUserAccessSetRoleAsArray() { $this->api->setUserAccess($this->login, [View::ID], [1]); @@ -1088,7 +1091,7 @@ class APITest extends IntegrationTestCase $this->assertEquals([['site' => '1', 'access' => 'view']], $access); } - public function test_addCapabilities_failsWhenNotCapabilityIsGivenAsString() + public function testAddCapabilitiesFailsWhenNotCapabilityIsGivenAsString() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1096,7 +1099,7 @@ class APITest extends IntegrationTestCase $this->api->addCapabilities($this->login, View::ID, [1]); } - public function test_addCapabilities_failsWhenNotCapabilityIsGivenAsArray() + public function testAddCapabilitiesFailsWhenNotCapabilityIsGivenAsArray() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1104,7 +1107,7 @@ class APITest extends IntegrationTestCase $this->api->addCapabilities($this->login, [TestCap2::ID, View::ID], [1]); } - public function test_addCapabilities_failsWhenUserDoesNotExist() + public function testAddCapabilitiesFailsWhenUserDoesNotExist() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist'); @@ -1112,7 +1115,7 @@ class APITest extends IntegrationTestCase $this->api->addCapabilities('foobar', [TestCap2::ID], [1]); } - public function test_addCapabilities_DoesNotAddSameCapabilityTwice() + public function testAddCapabilitiesDoesNotAddSameCapabilityTwice() { $addAccess = [TestCap2::ID, View::ID, TestCap3::ID]; $this->api->setUserAccess($this->login, $addAccess, [1]); @@ -1120,9 +1123,9 @@ class APITest extends IntegrationTestCase $access = $this->model->getSitesAccessFromUser($this->login); $expected = [ - ['site' => '1', 'access' => 'view'], - ['site' => '1', 'access' => TestCap2::ID], - ['site' => '1', 'access' => TestCap3::ID], + ['site' => '1', 'access' => 'view'], + ['site' => '1', 'access' => TestCap2::ID], + ['site' => '1', 'access' => TestCap3::ID], ]; $this->assertEquals($expected, $access); @@ -1134,11 +1137,11 @@ class APITest extends IntegrationTestCase $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap1::ID, TestCap3::ID], [1]); $expected[] = ['site' => '1', 'access' => TestCap1::ID]; - $access = $this->model->getSitesAccessFromUser($this->login); + $access = $this->model->getSitesAccessFromUser($this->login); $this->assertEquals($expected, $access); } - public function test_addCapabilities_DoesNotAddCapabilityToUserWithNoRole() + public function testAddCapabilitiesDoesNotAddCapabilityToUserWithNoRole() { $access = $this->model->getSitesAccessFromUser($this->login); @@ -1149,34 +1152,34 @@ class APITest extends IntegrationTestCase $this->assertEquals([], $access); } - public function test_addCapabilities_DoesNotAddCapabilitiesWhichAreIncludedInRoleAlready() + public function testAddCapabilitiesDoesNotAddCapabilitiesWhichAreIncludedInRoleAlready() { $this->api->setUserAccess($this->login, Write::ID, [1]); $access = $this->model->getSitesAccessFromUser($this->login); $expected = [ - ['site' => '1', 'access' => 'write'], + ['site' => '1', 'access' => 'write'], ]; $this->assertEquals($expected, $access); $this->api->addCapabilities($this->login, [TestCap2::ID, TestCap3::ID], [1]); $expected[] = ['site' => '1', 'access' => TestCap3::ID]; - $access = $this->model->getSitesAccessFromUser($this->login); + $access = $this->model->getSitesAccessFromUser($this->login); // did not add TestCap2 $this->assertEquals($expected, $access); } - public function test_addCapabilities_DoesAddCapabilitiesWhichAreNotIncludedInRoleYetAlready() + public function testAddCapabilitiesDoesAddCapabilitiesWhichAreNotIncludedInRoleYetAlready() { $this->api->setUserAccess($this->login, Admin::ID, [1]); $access = $this->model->getSitesAccessFromUser($this->login); $expected = [ - ['site' => '1', 'access' => 'admin'], + ['site' => '1', 'access' => 'admin'], ]; $this->assertEquals($expected, $access); @@ -1186,7 +1189,7 @@ class APITest extends IntegrationTestCase $this->assertEquals($expected, $access); } - public function test_removeCapabilities_failsWhenNotCapabilityIsGivenAsString() + public function testRemoveCapabilitiesFailsWhenNotCapabilityIsGivenAsString() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1194,7 +1197,7 @@ class APITest extends IntegrationTestCase $this->api->removeCapabilities($this->login, View::ID, [1]); } - public function test_removeCapabilities_failsWhenNotCapabilityIsGivenAsArray() + public function testRemoveCapabilitiesFailsWhenNotCapabilityIsGivenAsArray() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionAccessValues'); @@ -1202,7 +1205,7 @@ class APITest extends IntegrationTestCase $this->api->removeCapabilities($this->login, [TestCap2::ID, View::ID], [1]); } - public function test_removeCapabilities_failsWhenUserDoesNotExist() + public function testRemoveCapabilitiesFailsWhenUserDoesNotExist() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_ExceptionUserDoesNotExist'); @@ -1210,7 +1213,7 @@ class APITest extends IntegrationTestCase $this->api->removeCapabilities('foobar', [TestCap2::ID], [1]); } - public function test_removeCapabilities() + public function testRemoveCapabilities() { $addAccess = [View::ID, TestCap2::ID, TestCap3::ID, TestCap1::ID]; $this->api->setUserAccess($this->login, $addAccess, [1]); @@ -1224,7 +1227,7 @@ class APITest extends IntegrationTestCase $this->assertEquals([View::ID, TestCap1::ID], $access); } - public function test_setSuperUserAccess_failsIfCurrentPasswordIsIncorrect() + public function testSetSuperUserAccessFailsIfCurrentPasswordIsIncorrect() { $this->expectException(\Exception::class); $this->expectExceptionMessage('UsersManager_CurrentPasswordNotCorrect'); @@ -1232,15 +1235,49 @@ class APITest extends IntegrationTestCase $this->api->setSuperUserAccess($this->login, true, 'asldfkjds'); } + + public function testInviteUserInitialIdSiteMissing() + { + $this->expectException(\Exception::class); + $this->expectExceptionMessage('UsersManager_AddUserNoInitialAccessError'); + Request::processRequest( + 'UsersManager.inviteUser', + [ + 'userLogin' => "testInviteUser", + 'email' => "testInviteUser@example.com", + 'expiryInDays' => 7, + ] + ); + } + + public function testInviteUserInitialIdSiteError() + { + $this->expectException(\Exception::class); + $this->expectExceptionMessage("An unexpected website was found in the request: website id was set to '10'"); + Request::processRequest( + 'UsersManager.inviteUser', + [ + 'userLogin' => "testInviteUser", + 'email' => "testInviteUser@example.com", + 'initialIdSite' => 10, + 'expiryInDays' => 7, + ] + ); + } + + public function testInviteUserAsSuperUser() { $eventWasFired = false; - EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.end', function ($userLogin, $email) use (&$eventWasFired) { - self::assertEquals('pendingLoginTest', $userLogin); - self::assertEquals('pendingLoginTest@matomo.org', $email); - $eventWasFired = true; - }); + EventDispatcher::getInstance()->addObserver( + 'UsersManager.inviteUser.end', + function ($userLogin, $email) use (&$eventWasFired) { + self::assertEquals('pendingLoginTest', $userLogin); + self::assertEquals('pendingLoginTest@matomo.org', $email); + $eventWasFired = true; + } + ); $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1); $user = $this->model->isPendingUser('pendingLoginTest'); @@ -1290,13 +1327,13 @@ class APITest extends IntegrationTestCase public function testInviteUserExpiredInGivenDays() { - Date::$now = time(); // freeze time, so it doesn't change between inviting user and comparing the time + Date::$now = time(); // freeze time, so it doesn't change between inviting user and comparing the time $expiredDays = 10; - $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', null, $expiredDays); - $user = $this->model->getUser('pendingLoginTest'); + $this->api->inviteUser('pendingLoginTest', 'pendingLoginTest@matomo.org', 1, $expiredDays); + $user = $this->model->getUser('pendingLoginTest'); $expired = Date::factory($user['invite_expired_at'])->getTimestamp(); - $now = Date::now()->getTimestamp(); - $diff = $expired - $now; + $now = Date::now()->getTimestamp(); + $diff = $expired - $now; $this->assertEquals($expiredDays, $diff / 3600 / 24); } @@ -1308,10 +1345,13 @@ class APITest extends IntegrationTestCase $eventWasFired = false; - EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.resendInvite', function ($userLogin) use (&$eventWasFired) { - self::assertEquals('pendingLoginTest', $userLogin); - $eventWasFired = true; - }); + EventDispatcher::getInstance()->addObserver( + 'UsersManager.inviteUser.resendInvite', + function ($userLogin) use (&$eventWasFired) { + self::assertEquals('pendingLoginTest', $userLogin); + $eventWasFired = true; + } + ); $this->api->resendInvite('pendingLoginTest'); self::assertTrue($eventWasFired); @@ -1336,10 +1376,13 @@ class APITest extends IntegrationTestCase $eventWasFired = false; - EventDispatcher::getInstance()->addObserver('UsersManager.inviteUser.resendInvite', function ($userLogin) use (&$eventWasFired) { - self::assertEquals('pendingLoginTest', $userLogin); - $eventWasFired = true; - }); + EventDispatcher::getInstance()->addObserver( + 'UsersManager.inviteUser.resendInvite', + function ($userLogin) use (&$eventWasFired) { + self::assertEquals('pendingLoginTest', $userLogin); + $eventWasFired = true; + } + ); $this->api->resendInvite('pendingLoginTest'); self::assertTrue($eventWasFired); @@ -1436,7 +1479,7 @@ class APITest extends IntegrationTestCase private function getAccessInSite($login, $idSite) { $access = $this->model->getSitesAccessFromUser($login); - $ids = []; + $ids = []; foreach ($access as $entry) { if ($entry['site'] == $idSite) { $ids[] = $entry['access']; @@ -1453,22 +1496,26 @@ class APITest extends IntegrationTestCase public function provideContainerConfig() { return [ - 'Piwik\Access' => new FakeAccess(), - 'usersmanager.user_preference_names' => \DI\add([ - 'randomDoesNotExist', - 'RandomNOTREQUESTED', - 'preferenceName' - ]), - 'observers.global' => \DI\add([ - [ - 'Access.Capability.addCapabilities', - \DI\value(function (&$capabilities) { - $capabilities[] = new TestCap1(); - $capabilities[] = new TestCap2(); - $capabilities[] = new TestCap3(); - }) - ], - ]), + 'Piwik\Access' => new FakeAccess(), + 'usersmanager.user_preference_names' => \DI\add( + [ + 'randomDoesNotExist', + 'RandomNOTREQUESTED', + 'preferenceName', + ] + ), + 'observers.global' => \DI\add( + [ + [ + 'Access.Capability.addCapabilities', + \DI\value(function (&$capabilities) { + $capabilities[] = new TestCap1(); + $capabilities[] = new TestCap2(); + $capabilities[] = new TestCap3(); + }), + ], + ] + ), ]; } @@ -1485,7 +1532,7 @@ class APITest extends IntegrationTestCase public function setCurrentUser($username, $accessLevel, $idSite) { - FakeAccess::$identity = $username; + FakeAccess::$identity = $username; FakeAccess::$superUser = $accessLevel == 'superuser'; if ($accessLevel == 'view') { FakeAccess::$idSitesView = is_array($idSite) ? $idSite : [$idSite]; diff --git a/plugins/UsersManager/tests/Integration/UserInviteTest.php b/plugins/UsersManager/tests/Integration/UserInviteTest.php index 3c70b7068a..61017a860d 100644 --- a/plugins/UsersManager/tests/Integration/UserInviteTest.php +++ b/plugins/UsersManager/tests/Integration/UserInviteTest.php @@ -56,7 +56,7 @@ class UserInviteTest extends IntegrationTestCase [ 'userLogin' => $this->pendingUser['login'], 'email' => $this->pendingUser['email'], - 'idSite' => 1, + 'initialIdSite' => 1, 'expiryInDays' => 7 ] ); diff --git a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_all_rows_in_search.png b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_all_rows_in_search.png index 793b53faa1..5446e90a8f 100644 --- a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_all_rows_in_search.png +++ b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_all_rows_in_search.png @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:79a3ac1d3b23ba1e7796be19ffd00441047d4b8a5bd012a922dbf93796601d6d -size 108004 +oid sha256:a828ac11b951dad41d2c9fde7ef4dba7fb3a0054a6f5642062fc5e2e90960ecb +size 92981 diff --git a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_edit.png b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_edit.png index 3682b1348e..ef51a6b1dd 100644 --- a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_edit.png +++ b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_permissions_edit.png @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:0f73adc2c884b138c888a1edb0632ad192331cb4c8d8d17141a285a9a0f0e725 -size 96478 +oid sha256:030cf64820bb2651df8089d886d22d734c8bf4db15003a1a03358808e6d22923 +size 81545 diff --git a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_user_created.png b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_user_created.png index 9184f1a37d..0d4934988b 100644 --- a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_user_created.png +++ b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_user_created.png @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f97cfaa64c56e51a88d1f4727be80753f5e51956fd474d4d1ec89a5dfd0d5508 -size 22833 +oid sha256:406437e042339b681e39ce9e745e8ee5e391fd758a3bee0b8a1651a9c80f5c96 +size 22488 -- cgit v1.2.3