mirror of
				https://github.com/alchemy-fr/Phraseanet.git
				synced 2025-10-25 19:03:13 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			780 lines
		
	
	
		
			33 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			780 lines
		
	
	
		
			33 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| use Alchemy\Phrasea\Application;
 | |
| 
 | |
| class ACLTest extends PhraseanetPHPUnitAuthenticatedAbstract
 | |
| {
 | |
|     /**
 | |
|      * @var ACL
 | |
|      */
 | |
|     protected static $object;
 | |
| 
 | |
|     public static function setUpBeforeClass()
 | |
|     {
 | |
|         parent::setUpBeforeClass();
 | |
|         self::$object = self::$DI['user']->ACL();
 | |
|     }
 | |
| 
 | |
|     public static function tearDownAfterClass()
 | |
|     {
 | |
|         /**
 | |
|          * In case first test fails
 | |
|          */
 | |
|         $application = new Application('test');
 | |
|         $usr_id = User_Adapter::get_usr_id_from_login($application, 'test_phpunit2');
 | |
|         try {
 | |
|             $template = User_Adapter::getInstance($usr_id, $application);
 | |
|             $template->delete();
 | |
|         } catch (Exception $e) {
 | |
| 
 | |
|         }
 | |
|         $usr_id = User_Adapter::get_usr_id_from_login($application, 'test_phpunit3');
 | |
|         try {
 | |
|             $cobaye = User_Adapter::getInstance($usr_id, $application);
 | |
|             $cobaye->delete();
 | |
|         } catch (Exception $e) {
 | |
| 
 | |
|         }
 | |
| 
 | |
|         self::giveRightsToUser($application, self::$DI['user']);
 | |
|         self::$DI['user']->ACL()->revoke_access_from_bases(array(self::$DI['collection_no_access']->get_base_id()));
 | |
|         self::$DI['user']->ACL()->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000');
 | |
| 
 | |
|         parent::tearDownAfterClass();
 | |
|     }
 | |
| 
 | |
|     public function testHasAccesToRecord()
 | |
|     {
 | |
|         $this->assertTrue(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
|     }
 | |
| 
 | |
|     public function testHasAccesToRecordStatus()
 | |
|     {
 | |
|         self::$DI['record_1']->set_binary_status(str_repeat('0', 32));
 | |
| 
 | |
|         self::$object->set_masks_on_base(self::$DI['record_1']->get_base_id(), '10000', '10000', '0', '0');
 | |
| 
 | |
|         self::$DI['record_1']->set_binary_status('10000');
 | |
|         $this->assertFalse(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
| 
 | |
|         self::$DI['record_1']->set_binary_status('00000');
 | |
|         $this->assertTrue(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
| 
 | |
|         self::$object->set_masks_on_base(self::$DI['record_1']->get_base_id(), '10000', '10000', '10000', '10000');
 | |
| 
 | |
|         $this->assertFalse(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
| 
 | |
|         self::$DI['record_1']->set_binary_status('10000');
 | |
|         $this->assertTrue(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
| 
 | |
|         self::$object->set_masks_on_base(self::$DI['record_1']->get_base_id(), '0', '0', '0', '0');
 | |
| 
 | |
|         $this->assertTrue(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
|         self::$DI['record_1']->set_binary_status(str_repeat('0', 32));
 | |
|         $this->assertTrue(self::$object->has_status_access_to_record(self::$DI['record_1']));
 | |
|     }
 | |
| 
 | |
|     public function testHasAccesToRecordFailsOnBase()
 | |
|     {
 | |
|         $this->assertFalse(self::$object->has_access_to_record(self::$DI['record_no_access']));
 | |
|     }
 | |
| 
 | |
|     public function testHasAccesToRecordFailsOnStatus()
 | |
|     {
 | |
|         $this->assertFalse(self::$object->has_access_to_record(self::$DI['record_no_access_by_status']));
 | |
|     }
 | |
| 
 | |
|     public function testApply_model()
 | |
|     {
 | |
|         $template = User_Adapter::create(self::$DI['app'], 'test_phpunit2', 'blabla2', 'test2@example.com', false);
 | |
|         $template->set_template(self::$DI['user']);
 | |
| 
 | |
|         $base_ids = array();
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $base_ids[] = $base_id;
 | |
|             }
 | |
|         }
 | |
|         $template->ACL()->give_access_to_base($base_ids);
 | |
| 
 | |
|         $cobaye = User_Adapter::create(self::$DI['app'], 'test_phpunit3', 'blabla3', 'test3@example.com', false);
 | |
|         $cobaye->ACL()->apply_model($template, $base_ids);
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $this->assertTrue($cobaye->ACL()->has_access_to_base($base_id));
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         foreach ($base_ids as $base_id) {
 | |
|             $this->assertNull($cobaye->ACL()->get_limits($base_id));
 | |
|         }
 | |
| 
 | |
|         $template->delete();
 | |
|         $cobaye->delete();
 | |
|     }
 | |
| 
 | |
|     public function testApply_model_with_time_limit()
 | |
|     {
 | |
|         $template = User_Adapter::create(self::$DI['app'], 'test_phpunit2', 'blabla2', 'test2@example.com', false);
 | |
|         $template->set_template(self::$DI['user']);
 | |
| 
 | |
|         $base_ids = array();
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $base_ids[] = $base_id;
 | |
|             }
 | |
|         }
 | |
|         $template->ACL()->give_access_to_base($base_ids);
 | |
| 
 | |
|         $limit_from = new \DateTime('-1 day');
 | |
|         $limit_to = new \DateTime('+1 day');
 | |
| 
 | |
|         foreach ($base_ids as $base_id) {
 | |
|             $template->ACL()->set_limits($base_id, 1, $limit_from, $limit_to);
 | |
|         }
 | |
| 
 | |
|         $cobaye = User_Adapter::create(self::$DI['app'], 'test_phpunit3', 'blabla3', 'test3@example.com', false);
 | |
|         $cobaye->ACL()->apply_model($template, $base_ids);
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $this->assertTrue($cobaye->ACL()->has_access_to_base($base_id));
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         foreach ($base_ids as $base_id) {
 | |
|             $this->assertEquals(array('dmin' => $limit_from, 'dmax' => $limit_to), $cobaye->ACL()->get_limits($base_id));
 | |
|         }
 | |
| 
 | |
|         $template->delete();
 | |
|         $cobaye->delete();
 | |
|     }
 | |
| 
 | |
|     public function testRevoke_access_from_bases()
 | |
|     {
 | |
| 
 | |
|         $base_ids = array();
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 self::$DI['user']->ACL()->revoke_access_from_bases(array($base_id));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|                 $base_ids[] = $base_id;
 | |
|             }
 | |
|         }
 | |
|         self::$DI['user']->ACL()->revoke_access_from_bases($base_ids);
 | |
| 
 | |
|         foreach ($base_ids as $base_id) {
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testGive_access_to_base()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testGive_access_to_sbas()
 | |
|     {
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             $sbas_id = $databox->get_sbas_id();
 | |
|             $base_ids = array();
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_ids[] = $collection->get_base_id();
 | |
|             }
 | |
| 
 | |
|             self::$DI['user']->ACL()->revoke_access_from_bases($base_ids);
 | |
|             self::$DI['user']->ACL()->revoke_unused_sbas_rights();
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_sbas($sbas_id));
 | |
|             self::$DI['user']->ACL()->give_access_to_sbas(array($sbas_id));
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_sbas($sbas_id));
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testRevoke_unused_sbas_rights()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             $sbas_id = $databox->get_sbas_id();
 | |
|             $base_ids = array();
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_ids[] = $collection->get_base_id();
 | |
|             }
 | |
| 
 | |
|             self::$DI['user']->ACL()->revoke_access_from_bases($base_ids);
 | |
|             self::$DI['user']->ACL()->give_access_to_sbas(array($sbas_id));
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_sbas($sbas_id));
 | |
|             self::$DI['user']->ACL()->revoke_unused_sbas_rights();
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_sbas($sbas_id));
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testRemove_quotas_on_base()
 | |
|     {
 | |
|         $this->testSet_quotas_on_base();
 | |
|     }
 | |
| 
 | |
|     public function testSet_quotas_on_base()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $droits = 50;
 | |
|                 $restes = 40;
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_quotas_on_base($base_id, $droits, $restes);
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->is_restricted_download($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->remove_quotas_on_base($base_id);
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_restricted_download($base_id));
 | |
| 
 | |
|                 return;
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testDuplicate_right_from_bas()
 | |
|     {
 | |
| 
 | |
|         $first = true;
 | |
|         $base_ref = null;
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
| 
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
| 
 | |
|                 if ($first) {
 | |
|                     self::$DI['user']->ACL()->update_rights_to_base($base_id, array('imgtools'      => true, 'chgstatus'     => true, 'canaddrecord'  => true, 'canputinalbum' => true));
 | |
|                     $base_ref = $base_id;
 | |
|                 } else {
 | |
|                     self::$DI['user']->ACL()->duplicate_right_from_bas($base_ref, $base_id);
 | |
|                 }
 | |
| 
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'imgtools'));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'chgstatus'));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canaddrecord'));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canputinalbum'));
 | |
| 
 | |
|                 $first = false;
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testHas_hd_grant()
 | |
|     {
 | |
|         // Remove the following lines when you implement this test.
 | |
|         $this->markTestIncomplete(
 | |
|             'This test has not been implemented yet.'
 | |
|         );
 | |
|     }
 | |
| 
 | |
|     public function testHas_right_on_base()
 | |
|     {
 | |
| 
 | |
|         $rights_false = array(
 | |
|             'imgtools'      => false
 | |
|             , 'chgstatus'     => false
 | |
|             , 'canaddrecord'  => false
 | |
|             , 'canputinalbum' => false
 | |
|         );
 | |
| 
 | |
|         $rights_true = array(
 | |
|             'imgtools'     => true
 | |
|             , 'chgstatus'    => true
 | |
|             , 'canaddrecord' => true
 | |
|         );
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, $rights_false);
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'imgtools'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'chgstatus'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canaddrecord'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canputinalbum'));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, $rights_true);
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'imgtools'));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'chgstatus'));
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canaddrecord'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canputinalbum'));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, $rights_false);
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'imgtools'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'chgstatus'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canaddrecord'));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->has_right_on_base($base_id, 'canputinalbum'));
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * @covers \ACL::get_order_master_collections
 | |
|      * @covers \ACL::set_order_master
 | |
|      */
 | |
|     public function testGetSetOrder_master()
 | |
|     {
 | |
|         $appbox = self::$DI['app']['phraseanet.appbox'];
 | |
|         $acl = self::$DI['user']->ACL();
 | |
| 
 | |
|         foreach ($appbox->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $acl->set_order_master($collection, false);
 | |
|             }
 | |
|         }
 | |
|         $this->assertEquals(0, count($acl->get_order_master_collections()));
 | |
| 
 | |
|         $tbas = array();
 | |
|         foreach ($appbox->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $bid = $collection->get_base_id();
 | |
|                 if (!$acl->has_access_to_base($bid)) {
 | |
|                     $acl->give_access_to_base(array($bid));
 | |
|                 }
 | |
|                 $acl->set_order_master($collection, true);
 | |
|                 $tbas[] = $bid;
 | |
|             }
 | |
|         }
 | |
|         $tbas = array_diff($tbas, array_map(function (\collection $collection) {
 | |
|             return $collection->get_base_id();
 | |
|         }, $acl->get_order_master_collections()));
 | |
|         $this->assertEquals(0, count($tbas));
 | |
|     }
 | |
| 
 | |
|     public function testIs_restricted_download()
 | |
|     {
 | |
|         $this->testSet_quotas_on_base();
 | |
|     }
 | |
| 
 | |
|     public function testRemaining_download()
 | |
|     {
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $droits = 50;
 | |
|                 $restes = 40;
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_quotas_on_base($base_id, $droits, $restes);
 | |
|                 $this->assertEquals(40, self::$DI['user']->ACL()->remaining_download($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->remove_quotas_on_base($base_id);
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_restricted_download($base_id));
 | |
| 
 | |
|                 return;
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testRemove_remaining()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $droits = 50;
 | |
|                 $restes = 40;
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_quotas_on_base($base_id, $droits, $restes);
 | |
|                 $this->assertEquals(40, self::$DI['user']->ACL()->remaining_download($base_id));
 | |
|                 self::$DI['user']->ACL()->remove_remaining($base_id, 1);
 | |
|                 $this->assertEquals(39, self::$DI['user']->ACL()->remaining_download($base_id));
 | |
|                 self::$DI['user']->ACL()->remove_remaining($base_id, 10);
 | |
|                 $this->assertEquals(29, self::$DI['user']->ACL()->remaining_download($base_id));
 | |
|                 self::$DI['user']->ACL()->remove_remaining($base_id, 100);
 | |
|                 $this->assertEquals(0, self::$DI['user']->ACL()->remaining_download($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->remove_quotas_on_base($base_id);
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_restricted_download($base_id));
 | |
| 
 | |
|                 return;
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testHas_right()
 | |
|     {
 | |
| 
 | |
|         $rights = array(
 | |
|             'bas_modify_struct' => true
 | |
|         );
 | |
| 
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_right('bas_modify_struct'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_right('bas_modif_th'));
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             self::$DI['user']->ACL()->give_access_to_sbas(array($databox->get_sbas_id()));
 | |
|             self::$DI['user']->ACL()->update_rights_to_sbas($databox->get_sbas_id(), $rights);
 | |
|             break;
 | |
|         }
 | |
| 
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_right('bas_modify_struct'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_right('bas_modif_th'));
 | |
|     }
 | |
| 
 | |
|     public function testHas_right_on_sbas()
 | |
|     {
 | |
| 
 | |
|         $rights_false = array(
 | |
|             'bas_modify_struct' => false
 | |
|             , 'bas_manage'        => false
 | |
|             , 'bas_chupub'        => false
 | |
|             , 'bas_modif_th'      => false
 | |
|         );
 | |
| 
 | |
|         $rights_true = array(
 | |
|             'bas_modify_struct' => true
 | |
|             , 'bas_manage'        => true
 | |
|             , 'bas_chupub'        => true
 | |
|             , 'bas_modif_th'      => true
 | |
|         );
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             self::$DI['user']->ACL()->give_access_to_sbas(array($databox->get_sbas_id()));
 | |
|             self::$DI['user']->ACL()->update_rights_to_sbas($databox->get_sbas_id(), $rights_false);
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modify_struct'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_manage'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_chupub'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modif_th'));
 | |
|             self::$DI['user']->ACL()->update_rights_to_sbas($databox->get_sbas_id(), $rights_true);
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modify_struct'));
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_manage'));
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_chupub'));
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modif_th'));
 | |
|             self::$DI['user']->ACL()->update_rights_to_sbas($databox->get_sbas_id(), $rights_false);
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modify_struct'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_manage'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_chupub'));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_right_on_sbas($databox->get_sbas_id(), 'bas_modif_th'));
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testGet_mask_and()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
| 
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => false));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->get_mask_and($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_and' => 42));
 | |
|                 $this->assertEquals('42', self::$DI['user']->ACL()->get_mask_and($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_and' => 1));
 | |
|                 $this->assertEquals('1', self::$DI['user']->ACL()->get_mask_and($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_and' => 0));
 | |
|                 $this->assertEquals('0', self::$DI['user']->ACL()->get_mask_and($base_id));
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testGet_mask_xor()
 | |
|     {
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
| 
 | |
|                 self::$DI['user']->ACL()->give_access_to_base(array($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => false));
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->get_mask_xor($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => true));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_xor' => 42));
 | |
|                 $this->assertEquals('42', self::$DI['user']->ACL()->get_mask_xor($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_xor' => 1));
 | |
|                 $this->assertEquals('1', self::$DI['user']->ACL()->get_mask_xor($base_id));
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('mask_xor' => 0));
 | |
|                 $this->assertEquals('0', self::$DI['user']->ACL()->get_mask_xor($base_id));
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testHas_access_to_base()
 | |
|     {
 | |
|         $base_ids = array();
 | |
|         $n = 0;
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_ids[] = $collection->get_base_id();
 | |
|                 $n ++;
 | |
|             }
 | |
|             self::$DI['user']->ACL()->give_access_to_sbas(array($databox->get_sbas_id()));
 | |
|         }
 | |
| 
 | |
|         if ($n === 0)
 | |
|             $this->fail('Not enough collection to test');
 | |
| 
 | |
|         self::$DI['user']->ACL()->give_access_to_base($base_ids);
 | |
|         $bases = array_keys(self::$DI['user']->ACL()->get_granted_base());
 | |
| 
 | |
|         $this->assertEquals(count($base_ids), count($bases));
 | |
| 
 | |
|         $sql = 'SELECT actif FROM basusr WHERE usr_id = :usr_id AND base_id = :base_id';
 | |
|         $stmt = self::$DI['app']['phraseanet.appbox']->get_connection()->prepare($sql);
 | |
| 
 | |
|         foreach ($bases as $base_id) {
 | |
|             $stmt->execute(array(':usr_id'  => self::$DI['app']['authentication']->getUser()->get_id(), ':base_id' => $base_id));
 | |
|             $row = $stmt->fetch(PDO::FETCH_ASSOC);
 | |
|             $this->assertEquals(1, $row['actif']);
 | |
| 
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|             self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => false));
 | |
| 
 | |
|             $stmt->execute(array(':usr_id'  => self::$DI['app']['authentication']->getUser()->get_id(), ':base_id' => $base_id));
 | |
|             $row = $stmt->fetch(PDO::FETCH_ASSOC);
 | |
|             $this->assertEquals(0, $row['actif']);
 | |
| 
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|             self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => true));
 | |
| 
 | |
|             $stmt->execute(array(':usr_id'  => self::$DI['app']['authentication']->getUser()->get_id(), ':base_id' => $base_id));
 | |
|             $row = $stmt->fetch(PDO::FETCH_ASSOC);
 | |
|             $this->assertEquals(1, $row['actif']);
 | |
| 
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|             self::$DI['user']->ACL()->update_rights_to_base($base_id, array('actif' => false));
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|         }
 | |
|         self::$DI['user']->ACL()->give_access_to_base($base_ids);
 | |
| 
 | |
|         foreach ($bases as $base_id) {
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_base($base_id));
 | |
|         }
 | |
|         $stmt->closeCursor();
 | |
|     }
 | |
| 
 | |
|     public function testGet_granted_base()
 | |
|     {
 | |
| 
 | |
|         $base_ids = array();
 | |
|         $n = 0;
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_ids[] = $collection->get_base_id();
 | |
|                 $n ++;
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if ($n === 0)
 | |
|             $this->fail('Not enough collection to test');
 | |
| 
 | |
|         self::$DI['user']->ACL()->give_access_to_base($base_ids);
 | |
|         $bases = array_keys(self::$DI['user']->ACL()->get_granted_base());
 | |
| 
 | |
|         $this->assertEquals(count($bases), count($base_ids));
 | |
|         $this->assertEquals($n, count($base_ids));
 | |
| 
 | |
|         foreach ($bases as $base_id) {
 | |
|             try {
 | |
|                 $collection = collection::get_from_base_id(self::$DI['app'], $base_id);
 | |
|                 $this->assertTrue($collection instanceof collection);
 | |
|                 $this->assertEquals($base_id, $collection->get_base_id());
 | |
|                 unset($collection);
 | |
|             } catch (Exception $e) {
 | |
|                 $this->fail('get granted base should returned OK collection');
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testGet_granted_sbas()
 | |
|     {
 | |
|         $sbas_ids = array();
 | |
|         $n = 0;
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             $sbas_ids[] = $databox->get_sbas_id();
 | |
|             $n ++;
 | |
|         }
 | |
|         self::$DI['user']->ACL()->give_access_to_sbas($sbas_ids);
 | |
| 
 | |
|         $sbas = self::$DI['user']->ACL()->get_granted_sbas();
 | |
| 
 | |
|         $this->assertEquals(count($sbas), count($sbas_ids));
 | |
|         $this->assertEquals($n, count($sbas_ids));
 | |
| 
 | |
|         foreach ($sbas as $sbas_id => $databox) {
 | |
|             try {
 | |
|                 $this->assertTrue($databox instanceof databox);
 | |
|                 $this->assertEquals($sbas_id, $databox->get_sbas_id());
 | |
|                 unset($databox);
 | |
|             } catch (Exception $e) {
 | |
|                 $this->fail('get granted sbas should returned OK collection');
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     public function testHas_access_to_module()
 | |
|     {
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             $base_ids = array();
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $base_ids[] = $base_id;
 | |
|             }
 | |
|             self::$DI['user']->ACL()->revoke_access_from_bases($base_ids);
 | |
|             self::$DI['user']->ACL()->revoke_unused_sbas_rights();
 | |
|         }
 | |
| 
 | |
|         if (self::$DI['user']->ACL()->is_admin())
 | |
|             $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('admin'));
 | |
|         else
 | |
|             $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('admin'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('thesaurus'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('upload'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('report'));
 | |
| 
 | |
|         $found = false;
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $base_ids[] = $base_id;
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('canreport' => true));
 | |
|                 $found = true;
 | |
|                 break;
 | |
|             }
 | |
|             if ($found)
 | |
|                 break;
 | |
|         }
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('report'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('thesaurus'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('upload'));
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             self::$DI['user']->ACL()->update_rights_to_sbas($databox->get_sbas_id(), array('bas_modif_th' => true));
 | |
|             $found = true;
 | |
|         }
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('report'));
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('thesaurus'));
 | |
|         $this->assertFalse(self::$DI['user']->ACL()->has_access_to_module('upload'));
 | |
| 
 | |
|         $found = false;
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
|                 $base_ids[] = $base_id;
 | |
|                 self::$DI['user']->ACL()->update_rights_to_base($base_id, array('canaddrecord' => true));
 | |
|                 $found = true;
 | |
|                 break;
 | |
|             }
 | |
|             if ($found)
 | |
|                 break;
 | |
|         }
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('report'));
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('thesaurus'));
 | |
|         $this->assertTrue(self::$DI['user']->ACL()->has_access_to_module('upload'));
 | |
|     }
 | |
| 
 | |
|     public function testis_limited()
 | |
|     {
 | |
| 
 | |
|         $found = false;
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
| 
 | |
|                 if ( ! self::$DI['user']->ACL()->has_access_to_base($base_id))
 | |
|                     continue;
 | |
| 
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, new DateTime('-1 day'), new DateTime('+1 day'));
 | |
| 
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, false, new DateTime('-1 day'), new DateTime('+1 day'));
 | |
| 
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, new DateTime('+1 day'), new DateTime('+2 day'));
 | |
| 
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, new DateTime('-2 day'), new DateTime('-1 day'));
 | |
| 
 | |
|                 $this->assertTrue(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, new DateTime('-2 day'), new DateTime('+2 day'));
 | |
| 
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, false, new DateTime('-2 day'), new DateTime('+2 day'));
 | |
| 
 | |
|                 $this->assertFalse(self::$DI['user']->ACL()->is_limited($base_id));
 | |
| 
 | |
|                 $found = true;
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if ( ! $found)
 | |
|             $this->fail('Unable to test');
 | |
|     }
 | |
| 
 | |
|     public function testget_limits()
 | |
|     {
 | |
| 
 | |
|         $found = false;
 | |
| 
 | |
|         foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) {
 | |
|             foreach ($databox->get_collections() as $collection) {
 | |
|                 $base_id = $collection->get_base_id();
 | |
| 
 | |
|                 if ( ! self::$DI['user']->ACL()->has_access_to_base($base_id))
 | |
|                     continue;
 | |
| 
 | |
|                 $minusone = new DateTime('-1 day');
 | |
| 
 | |
|                 $plusone = new DateTime('+1 day');
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, $minusone, $plusone);
 | |
| 
 | |
|                 $limits = self::$DI['user']->ACL()->get_limits($base_id);
 | |
| 
 | |
|                 $this->assertEquals($limits['dmin'], $minusone);
 | |
| 
 | |
|                 $this->assertEquals($limits['dmax'], $plusone);
 | |
| 
 | |
|                 $minustwo = new DateTime('-2 day');
 | |
| 
 | |
|                 $plustwo = new DateTime('-2 day');
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, true, $minustwo, $plustwo);
 | |
| 
 | |
|                 $limits = self::$DI['user']->ACL()->get_limits($base_id);
 | |
| 
 | |
|                 $this->assertEquals($limits['dmin'], $minustwo);
 | |
| 
 | |
|                 $this->assertEquals($limits['dmax'], $plustwo);
 | |
| 
 | |
|                 self::$DI['user']->ACL()->set_limits($base_id, false);
 | |
| 
 | |
|                 $this->assertNull(self::$DI['user']->ACL()->get_limits($base_id));
 | |
| 
 | |
|                 $found = true;
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if ( ! $found)
 | |
|             $this->fail('Unable to test');
 | |
|     }
 | |
| 
 | |
|     public function testset_limits()
 | |
|     {
 | |
|         $this->testget_limits();
 | |
|     }
 | |
| }
 | 
