Add integration tests for sharing permissions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
@@ -25,7 +25,7 @@ Feature: acl
|
||||
|
||||
Scenario: Fetch board details of an other users board
|
||||
Given Logging in using web as "admin"
|
||||
And creates a board named "MyPrivateAdminBoard" with color "fafafa"
|
||||
And creates a board named "MyPrivateAdminBoard" with color "ff0000"
|
||||
Given Logging in using web as "user0"
|
||||
When fetches the board named "MyPrivateAdminBoard"
|
||||
Then the response should have a status code "403"
|
||||
@@ -33,13 +33,60 @@ Feature: acl
|
||||
|
||||
Scenario: Share a board
|
||||
Given Logging in using web as "user0"
|
||||
And creates a board named "Shared board" with color "fafafa"
|
||||
And creates a board named "Shared board" with color "ff0000"
|
||||
And shares the board with user "user1"
|
||||
Then the HTTP status code should be "200"
|
||||
| permissionEdit | 0 |
|
||||
| permissionShare | 0 |
|
||||
| permissionManage | 0 |
|
||||
And the response should have a status code 200
|
||||
And shares the board with user "user2"
|
||||
| permissionEdit | 1 |
|
||||
| permissionShare | 1 |
|
||||
| permissionManage | 1 |
|
||||
And the response should have a status code 200
|
||||
|
||||
Given Logging in using web as "user2"
|
||||
When fetches the board named "Shared board"
|
||||
Then the current user should have "read" permissions on the board
|
||||
And the current user should have "edit" permissions on the board
|
||||
And the current user should have "share" permissions on the board
|
||||
And the current user should have "manage" permissions on the board
|
||||
And create a stack named "Stack"
|
||||
And the response should have a status code 200
|
||||
And create a card named "Test"
|
||||
And the response should have a status code 200
|
||||
|
||||
|
||||
Given Logging in using web as "user1"
|
||||
When fetches the board named "Shared board"
|
||||
And the current user should have read permissions on the board
|
||||
And the current user should have write permissions on the board
|
||||
And the current user should have share permissions on the board
|
||||
And the current user should have manage permissions on the board
|
||||
Then the HTTP status code should be "200"
|
||||
And create a card named "Test"
|
||||
And the response should have a status code 403
|
||||
Then the current user should have "read" permissions on the board
|
||||
And the current user should not have "edit" permissions on the board
|
||||
And the current user should not have "share" permissions on the board
|
||||
And the current user should not have "manage" permissions on the board
|
||||
And create a stack named "Stack"
|
||||
And the response should have a status code 403
|
||||
|
||||
|
||||
Scenario: Reshare a board
|
||||
Given Logging in using web as "user0"
|
||||
And creates a board named "Reshared board" with color "ff0000"
|
||||
And shares the board with user "user1"
|
||||
| permissionEdit | 0 |
|
||||
| permissionShare | 1 |
|
||||
| permissionManage | 0 |
|
||||
And the response should have a status code 200
|
||||
Given Logging in using web as "user1"
|
||||
When fetches the board named "Shared board"
|
||||
And shares the board with user "user2"
|
||||
| permissionEdit | 1 |
|
||||
| permissionShare | 1 |
|
||||
| permissionManage | 1 |
|
||||
And the response should have a status code 200
|
||||
Given Logging in using web as "user2"
|
||||
When fetches the board named "Shared board"
|
||||
Then the current user should have "read" permissions on the board
|
||||
And the current user should not have "edit" permissions on the board
|
||||
And the current user should have "share" permissions on the board
|
||||
And the current user should not have "manage" permissions on the board
|
||||
|
||||
@@ -2,9 +2,6 @@
|
||||
|
||||
use Behat\Behat\Context\Context;
|
||||
use Behat\Gherkin\Node\TableNode;
|
||||
use GuzzleHttp\Client;
|
||||
use Behat\Gherkin\Node\PyStringNode;
|
||||
use GuzzleHttp\Exception\ClientException;
|
||||
use PHPUnit\Framework\Assert;
|
||||
|
||||
require_once __DIR__ . '/../../vendor/autoload.php';
|
||||
@@ -29,7 +26,6 @@ class BoardContext implements Context {
|
||||
]);
|
||||
$this->response->getBody()->seek(0);
|
||||
$this->board = json_decode((string)$this->response->getBody(), true);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -42,16 +38,22 @@ class BoardContext implements Context {
|
||||
}
|
||||
|
||||
/**
|
||||
* @When shares the board with user :user
|
||||
*/
|
||||
public function sharesTheBoardWithUser($user)
|
||||
{
|
||||
* @When shares the board with user :user
|
||||
*/
|
||||
public function sharesTheBoardWithUser($user, TableNode $permissions = null) {
|
||||
$defaults = [
|
||||
'permissionEdit' => '0',
|
||||
'permissionShare' => '0',
|
||||
'permissionManage' => '0'
|
||||
];
|
||||
$tableRows = isset($permissions) ? $permissions->getRowsHash() : [];
|
||||
$result = array_merge($defaults, $tableRows);
|
||||
$this->sendJSONrequest('POST', '/index.php/apps/deck/boards/' . $this->board['id'] . '/acl', [
|
||||
'type' => 0,
|
||||
'participant' => $user,
|
||||
'permissionEdit' => true,
|
||||
'permissionShare' => true,
|
||||
'permissionManage' => true,
|
||||
'permissionEdit' => $result['permissionEdit'] === '1',
|
||||
'permissionShare' => $result['permissionShare'] === '1',
|
||||
'permissionManage' => $result['permissionManage'] === '1',
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -95,31 +97,26 @@ class BoardContext implements Context {
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have read permissions on the board$/
|
||||
* @Then /^the current user should have "(read|edit|share|manage)" permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveReadPermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_READ']);
|
||||
public function theCurrentUserShouldHavePermissionsOnTheBoard($permission) {
|
||||
Assert::assertTrue($this->getPermissionsValue($permission));
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have write permissions on the board$/
|
||||
* @Then /^the current user should not have "(read|edit|share|manage)" permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveWritePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_EDIT']);
|
||||
public function theCurrentUserShouldNotHavePermissionsOnTheBoard($permission) {
|
||||
Assert::assertFalse($this->getPermissionsValue($permission));
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have share permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveSharePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_SHARE']);
|
||||
private function getPermissionsValue($permission) {
|
||||
$mapping = [
|
||||
'read' => 'PERMISSION_READ',
|
||||
'edit' => 'PERMISSION_EDIT',
|
||||
'share' => 'PERMISSION_SHARE',
|
||||
'manage' => 'PERMISSION_MANAGE',
|
||||
];
|
||||
return $this->board['permissions'][$mapping[$permission]];
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have manage permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveManagePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_MANAGE']);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,96 +0,0 @@
|
||||
<?php
|
||||
|
||||
use Behat\Behat\Context\Context;
|
||||
use Behat\Gherkin\Node\TableNode;
|
||||
use GuzzleHttp\Client;
|
||||
use Behat\Gherkin\Node\PyStringNode;
|
||||
use GuzzleHttp\Exception\ClientException;
|
||||
use PHPUnit\Framework\Assert;
|
||||
|
||||
require_once __DIR__ . '/../../vendor/autoload.php';
|
||||
|
||||
class BoardContext implements Context {
|
||||
use RequestTrait;
|
||||
|
||||
/** @var array Last board response */
|
||||
private $board = null;
|
||||
|
||||
/**
|
||||
* @Given /^creates a board named "([^"]*)" with color "([^"]*)"$/
|
||||
*/
|
||||
public function createsABoardNamedWithColor($title, $color) {
|
||||
$this->sendJSONrequest('POST', '/index.php/apps/deck/boards', [
|
||||
'title' => $title,
|
||||
'color' => $color
|
||||
]);
|
||||
$this->response->getBody()->seek(0);
|
||||
$this->board = json_decode((string)$this->response->getBody(), true);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @When /^fetches the board named "([^"]*)"$/
|
||||
*/
|
||||
public function fetchesTheBoardNamed($boardName) {
|
||||
$this->sendJSONrequest('GET', '/index.php/apps/deck/boards/' . $this->board['id'], []);
|
||||
$this->response->getBody()->seek(0);
|
||||
$this->board = json_decode((string)$this->response->getBody(), true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @When shares the board with user :user
|
||||
*/
|
||||
public function sharesTheBoardWithUser($user)
|
||||
{
|
||||
$this->sendJSONrequest('POST', '/index.php/apps/deck/boards/' . $this->board['id'] . '/acl', [
|
||||
'type' => 0,
|
||||
'participant' => $user,
|
||||
'permissionEdit' => true,
|
||||
'permissionShare' => true,
|
||||
'permissionManage' => true,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have read permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveReadPermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_READ']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have write permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveWritePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_EDIT']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have share permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveSharePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_SHARE']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @Given /^the current user should have manage permissions on the board$/
|
||||
*/
|
||||
public function theCurrentUserShouldHaveManagePermissionsOnTheBoard() {
|
||||
Assert::assertTrue($this->board['permissions']['PERMISSION_MANAGE']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @When /^fetching the board list$/
|
||||
*/
|
||||
public function fetchingTheBoardList() {
|
||||
$this->sendJSONrequest('GET', '/index.php/apps/deck/boards');
|
||||
}
|
||||
|
||||
/**
|
||||
* @When /^fetching the board with id "([^"]*)"$/
|
||||
*/
|
||||
public function fetchingTheBoardWithId($id) {
|
||||
$this->sendJSONrequest('GET', '/index.php/apps/deck/boards/' . $id);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,18 +1,14 @@
|
||||
<?php
|
||||
|
||||
use Behat\Behat\Context\Context;
|
||||
use Behat\Behat\Hook\Scope\BeforeScenarioScope;
|
||||
use Behat\Gherkin\Node\TableNode;
|
||||
use GuzzleHttp\Client;
|
||||
use Behat\Gherkin\Node\PyStringNode;
|
||||
use GuzzleHttp\Cookie\CookieJar;
|
||||
use GuzzleHttp\Exception\ClientException;
|
||||
use PHPUnit\Framework\Assert;
|
||||
|
||||
require_once __DIR__ . '/../../vendor/autoload.php';
|
||||
|
||||
trait RequestTrait {
|
||||
|
||||
private $baseUrl;
|
||||
private $adminUser;
|
||||
private $regularUser;
|
||||
@@ -30,8 +26,7 @@ trait RequestTrait {
|
||||
private $serverContext;
|
||||
|
||||
/** @BeforeScenario */
|
||||
public function gatherContexts(BeforeScenarioScope $scope)
|
||||
{
|
||||
public function gatherContexts(BeforeScenarioScope $scope) {
|
||||
$environment = $scope->getEnvironment();
|
||||
|
||||
$this->serverContext = $environment->getContext('ServerContext');
|
||||
@@ -106,7 +101,6 @@ trait RequestTrait {
|
||||
}
|
||||
|
||||
private function sendJSONrequest($method, $url, $data = []) {
|
||||
|
||||
$client = new Client;
|
||||
try {
|
||||
$this->response = $client->request(
|
||||
|
||||
@@ -1,11 +1,7 @@
|
||||
<?php
|
||||
|
||||
use Behat\Behat\Context\Context;
|
||||
use Behat\Gherkin\Node\TableNode;
|
||||
use GuzzleHttp\Client;
|
||||
use Behat\Gherkin\Node\PyStringNode;
|
||||
use GuzzleHttp\Cookie\CookieJar;
|
||||
use GuzzleHttp\Exception\ClientException;
|
||||
|
||||
require_once __DIR__ . '/../../vendor/autoload.php';
|
||||
|
||||
|
||||
Reference in New Issue
Block a user