ElggCoreAccessCollectionsTest.php 7.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297
  1. <?php
  2. /**
  3. * Access Collections tests
  4. *
  5. * @package Elgg
  6. * @subpackage Test
  7. *
  8. * TODO(ewinslow): Move this to Elgg\Database\AccessCollectionsTest
  9. */
  10. class ElggCoreAccessCollectionsTest extends \ElggCoreUnitTest {
  11. /**
  12. * Called before each test object.
  13. */
  14. public function __construct() {
  15. parent::__construct();
  16. $this->dbPrefix = get_config("dbprefix");
  17. $user = new \ElggUser();
  18. $user->username = 'test_user_' . rand();
  19. $user->email = 'fake_email@fake.com' . rand();
  20. $user->name = 'fake user';
  21. $user->access_id = ACCESS_PUBLIC;
  22. $user->setPassword(rand());
  23. $user->owner_guid = 0;
  24. $user->container_guid = 0;
  25. $user->save();
  26. $this->user = $user;
  27. }
  28. /**
  29. * Called after each test object.
  30. */
  31. public function __destruct() {
  32. // all __destruct() code should go above here
  33. $this->user->delete();
  34. parent::__destruct();
  35. }
  36. public function testCreateGetDeleteACL() {
  37. $acl_name = 'test access collection';
  38. $acl_id = create_access_collection($acl_name);
  39. $this->assertTrue(is_int($acl_id));
  40. $q = "SELECT * FROM {$this->dbPrefix}access_collections WHERE id = $acl_id";
  41. $acl = get_data_row($q);
  42. $this->assertEqual($acl->id, $acl_id);
  43. if ($acl) {
  44. $this->assertEqual($acl->name, $acl_name);
  45. $result = delete_access_collection($acl_id);
  46. $this->assertTrue($result);
  47. $q = "SELECT * FROM {$this->dbPrefix}access_collections WHERE id = $acl_id";
  48. $data = get_data($q);
  49. $this->assertIdentical(array(), $data);
  50. }
  51. }
  52. public function testAddRemoveUserToACL() {
  53. $acl_id = create_access_collection('test acl');
  54. $result = add_user_to_access_collection($this->user->guid, $acl_id);
  55. $this->assertTrue($result);
  56. if ($result) {
  57. $result = remove_user_from_access_collection($this->user->guid, $acl_id);
  58. $this->assertIdentical(true, $result);
  59. }
  60. delete_access_collection($acl_id);
  61. }
  62. public function testUpdateACL() {
  63. // another fake user to test with
  64. $user = new \ElggUser();
  65. $user->username = 'test_user_' . rand();
  66. $user->email = 'fake_email@fake.com' . rand();
  67. $user->name = 'fake user';
  68. $user->access_id = ACCESS_PUBLIC;
  69. $user->setPassword(rand());
  70. $user->owner_guid = 0;
  71. $user->container_guid = 0;
  72. $user->save();
  73. $acl_id = create_access_collection('test acl');
  74. $member_lists = array(
  75. // adding
  76. array(
  77. $this->user->guid,
  78. $user->guid
  79. ),
  80. // removing one, keeping one.
  81. array(
  82. $user->guid
  83. ),
  84. // removing one, adding one
  85. array(
  86. $this->user->guid,
  87. ),
  88. // removing all.
  89. array()
  90. );
  91. foreach ($member_lists as $members) {
  92. $result = update_access_collection($acl_id, $members);
  93. $this->assertTrue($result);
  94. if ($result) {
  95. $q = "SELECT * FROM {$this->dbPrefix}access_collection_membership
  96. WHERE access_collection_id = $acl_id";
  97. $data = get_data($q);
  98. if (count($members) == 0) {
  99. $this->assertFalse($data);
  100. } else {
  101. $this->assertEqual(count($members), count($data));
  102. }
  103. foreach ($data as $row) {
  104. $this->assertTrue(in_array($row->user_guid, $members));
  105. }
  106. }
  107. }
  108. delete_access_collection($acl_id);
  109. $user->delete();
  110. }
  111. public function testCanEditACL() {
  112. $acl_id = create_access_collection('test acl', $this->user->guid);
  113. // should be true since it's the owner
  114. $result = can_edit_access_collection($acl_id, $this->user->guid);
  115. $this->assertTrue($result);
  116. // should be true since IA is on.
  117. $ia = elgg_set_ignore_access(true);
  118. $result = can_edit_access_collection($acl_id);
  119. $this->assertTrue($result);
  120. elgg_set_ignore_access($ia);
  121. // should be false since IA is off
  122. $ia = elgg_set_ignore_access(false);
  123. $result = can_edit_access_collection($acl_id);
  124. $this->assertFalse($result);
  125. elgg_set_ignore_access($ia);
  126. delete_access_collection($acl_id);
  127. }
  128. public function testCanEditACLHook() {
  129. // if only we supported closures!
  130. global $acl_test_info;
  131. $acl_id = create_access_collection('test acl');
  132. $acl_test_info = array(
  133. 'acl_id' => $acl_id,
  134. 'user' => $this->user
  135. );
  136. function test_acl_access_hook($hook, $type, $value, $params) {
  137. global $acl_test_info;
  138. if ($params['user_id'] == $acl_test_info['user']->guid) {
  139. $acl = get_access_collection($acl_test_info['acl_id']);
  140. $value[$acl->id] = $acl->name;
  141. }
  142. return $value;
  143. }
  144. elgg_register_plugin_hook_handler('access:collections:write', 'all', 'test_acl_access_hook');
  145. // enable security since we usually run as admin
  146. $ia = elgg_set_ignore_access(false);
  147. $result = can_edit_access_collection($acl_id, $this->user->guid);
  148. $this->assertTrue($result);
  149. $ia = elgg_set_ignore_access($ia);
  150. elgg_unregister_plugin_hook_handler('access:collections:write', 'all', 'test_acl_access_hook');
  151. delete_access_collection($acl_id);
  152. }
  153. // groups interface
  154. // only runs if the groups plugin is enabled because implementation is split between
  155. // core and the plugin.
  156. public function testCreateDeleteGroupACL() {
  157. if (!elgg_is_active_plugin('groups')) {
  158. return;
  159. }
  160. $group = new \ElggGroup();
  161. $group->name = 'Test group';
  162. $group->save();
  163. $acl = get_access_collection($group->group_acl);
  164. // ACLs are owned by groups
  165. $this->assertEqual($acl->owner_guid, $group->guid);
  166. // removing group and acl
  167. $this->assertTrue($group->delete());
  168. $acl = get_access_collection($group->group_acl);
  169. $this->assertFalse($acl);
  170. $group->delete();
  171. }
  172. public function testJoinLeaveGroupACL() {
  173. if (!elgg_is_active_plugin('groups')) {
  174. return;
  175. }
  176. $group = new \ElggGroup();
  177. $group->name = 'Test group';
  178. $group->save();
  179. $result = $group->join($this->user);
  180. $this->assertTrue($result);
  181. // disable security since we run as admin
  182. $ia = elgg_set_ignore_access(false);
  183. // need to set the page owner to emulate being in a group context.
  184. // this is kinda hacky.
  185. elgg_set_page_owner_guid($group->getGUID());
  186. if ($result) {
  187. $can_edit = can_edit_access_collection($group->group_acl, $this->user->guid);
  188. $this->assertTrue($can_edit);
  189. }
  190. $result = $group->leave($this->user);
  191. $this->assertTrue($result);
  192. if ($result) {
  193. $can_edit = can_edit_access_collection($group->group_acl, $this->user->guid);
  194. $this->assertFalse($can_edit);
  195. }
  196. elgg_set_ignore_access($ia);
  197. $group->delete();
  198. }
  199. public function testAccessCaching() {
  200. // create a new user to check against
  201. $user = new \ElggUser();
  202. $user->username = 'access_test_user';
  203. $user->save();
  204. foreach (array('get_access_list', 'get_access_array') as $func) {
  205. _elgg_services()->accessCache->clear();
  206. // admin users run tests, so disable access
  207. elgg_set_ignore_access(true);
  208. $access = $func($user->getGUID());
  209. elgg_set_ignore_access(false);
  210. $access2 = $func($user->getGUID());
  211. $this->assertNotEqual($access, $access2, "Access test for $func");
  212. }
  213. $user->delete();
  214. }
  215. public function testAddMemberToACLRemoveMember() {
  216. // create a new user to check against
  217. $user = new \ElggUser();
  218. $user->username = 'access_test_user';
  219. $user->save();
  220. $acl_id = create_access_collection('test acl');
  221. $result = add_user_to_access_collection($user->guid, $acl_id);
  222. $this->assertTrue($result);
  223. if ($result) {
  224. $this->assertTrue($user->delete());
  225. // since there are no more members this should return false
  226. $acl_members = get_members_of_access_collection($acl_id, true);
  227. $this->assertFalse($acl_members);
  228. }
  229. delete_access_collection($acl_id);
  230. }
  231. }