From 6f040d030ff5ec461db925de60580586b8fb6482 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Wed, 30 Dec 2020 17:38:17 +0100 Subject: [PATCH] Add integration tests for sharing permissions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- tests/integration/features/acl.feature | 63 ++++++++++-- .../features/bootstrap/BoardContext.php | 57 ++++++----- .../features/bootstrap/CardContext.php | 96 ------------------- .../features/bootstrap/RequestTrait.php | 8 +- .../features/bootstrap/ServerContext.php | 4 - 5 files changed, 83 insertions(+), 145 deletions(-) delete mode 100644 tests/integration/features/bootstrap/CardContext.php diff --git a/tests/integration/features/acl.feature b/tests/integration/features/acl.feature index d431d5b87..2937a377f 100644 --- a/tests/integration/features/acl.feature +++ b/tests/integration/features/acl.feature @@ -25,7 +25,7 @@ Feature: acl Scenario: Fetch board details of an other users board Given Logging in using web as "admin" - And creates a board named "MyPrivateAdminBoard" with color "fafafa" + And creates a board named "MyPrivateAdminBoard" with color "ff0000" Given Logging in using web as "user0" When fetches the board named "MyPrivateAdminBoard" Then the response should have a status code "403" @@ -33,13 +33,60 @@ Feature: acl Scenario: Share a board Given Logging in using web as "user0" - And creates a board named "Shared board" with color "fafafa" + And creates a board named "Shared board" with color "ff0000" And shares the board with user "user1" - Then the HTTP status code should be "200" + | permissionEdit | 0 | + | permissionShare | 0 | + | permissionManage | 0 | + And the response should have a status code 200 + And shares the board with user "user2" + | permissionEdit | 1 | + | permissionShare | 1 | + | permissionManage | 1 | + And the response should have a status code 200 + + Given Logging in using web as "user2" + When fetches the board named "Shared board" + Then the current user should have "read" permissions on the board + And the current user should have "edit" permissions on the board + And the current user should have "share" permissions on the board + And the current user should have "manage" permissions on the board + And create a stack named "Stack" + And the response should have a status code 200 + And create a card named "Test" + And the response should have a status code 200 + + Given Logging in using web as "user1" When fetches the board named "Shared board" - And the current user should have read permissions on the board - And the current user should have write permissions on the board - And the current user should have share permissions on the board - And the current user should have manage permissions on the board - Then the HTTP status code should be "200" + And create a card named "Test" + And the response should have a status code 403 + Then the current user should have "read" permissions on the board + And the current user should not have "edit" permissions on the board + And the current user should not have "share" permissions on the board + And the current user should not have "manage" permissions on the board + And create a stack named "Stack" + And the response should have a status code 403 + + + Scenario: Reshare a board + Given Logging in using web as "user0" + And creates a board named "Reshared board" with color "ff0000" + And shares the board with user "user1" + | permissionEdit | 0 | + | permissionShare | 1 | + | permissionManage | 0 | + And the response should have a status code 200 + Given Logging in using web as "user1" + When fetches the board named "Shared board" + And shares the board with user "user2" + | permissionEdit | 1 | + | permissionShare | 1 | + | permissionManage | 1 | + And the response should have a status code 200 + Given Logging in using web as "user2" + When fetches the board named "Shared board" + Then the current user should have "read" permissions on the board + And the current user should not have "edit" permissions on the board + And the current user should have "share" permissions on the board + And the current user should not have "manage" permissions on the board diff --git a/tests/integration/features/bootstrap/BoardContext.php b/tests/integration/features/bootstrap/BoardContext.php index b71ca1d15..de32b077b 100644 --- a/tests/integration/features/bootstrap/BoardContext.php +++ b/tests/integration/features/bootstrap/BoardContext.php @@ -2,9 +2,6 @@ use Behat\Behat\Context\Context; use Behat\Gherkin\Node\TableNode; -use GuzzleHttp\Client; -use Behat\Gherkin\Node\PyStringNode; -use GuzzleHttp\Exception\ClientException; use PHPUnit\Framework\Assert; require_once __DIR__ . '/../../vendor/autoload.php'; @@ -29,7 +26,6 @@ class BoardContext implements Context { ]); $this->response->getBody()->seek(0); $this->board = json_decode((string)$this->response->getBody(), true); - } /** @@ -42,16 +38,22 @@ class BoardContext implements Context { } /** - * @When shares the board with user :user - */ - public function sharesTheBoardWithUser($user) - { + * @When shares the board with user :user + */ + public function sharesTheBoardWithUser($user, TableNode $permissions = null) { + $defaults = [ + 'permissionEdit' => '0', + 'permissionShare' => '0', + 'permissionManage' => '0' + ]; + $tableRows = isset($permissions) ? $permissions->getRowsHash() : []; + $result = array_merge($defaults, $tableRows); $this->sendJSONrequest('POST', '/index.php/apps/deck/boards/' . $this->board['id'] . '/acl', [ 'type' => 0, 'participant' => $user, - 'permissionEdit' => true, - 'permissionShare' => true, - 'permissionManage' => true, + 'permissionEdit' => $result['permissionEdit'] === '1', + 'permissionShare' => $result['permissionShare'] === '1', + 'permissionManage' => $result['permissionManage'] === '1', ]); } @@ -95,31 +97,26 @@ class BoardContext implements Context { } /** - * @Given /^the current user should have read permissions on the board$/ + * @Then /^the current user should have "(read|edit|share|manage)" permissions on the board$/ */ - public function theCurrentUserShouldHaveReadPermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_READ']); + public function theCurrentUserShouldHavePermissionsOnTheBoard($permission) { + Assert::assertTrue($this->getPermissionsValue($permission)); } /** - * @Given /^the current user should have write permissions on the board$/ + * @Then /^the current user should not have "(read|edit|share|manage)" permissions on the board$/ */ - public function theCurrentUserShouldHaveWritePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_EDIT']); + public function theCurrentUserShouldNotHavePermissionsOnTheBoard($permission) { + Assert::assertFalse($this->getPermissionsValue($permission)); } - /** - * @Given /^the current user should have share permissions on the board$/ - */ - public function theCurrentUserShouldHaveSharePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_SHARE']); + private function getPermissionsValue($permission) { + $mapping = [ + 'read' => 'PERMISSION_READ', + 'edit' => 'PERMISSION_EDIT', + 'share' => 'PERMISSION_SHARE', + 'manage' => 'PERMISSION_MANAGE', + ]; + return $this->board['permissions'][$mapping[$permission]]; } - - /** - * @Given /^the current user should have manage permissions on the board$/ - */ - public function theCurrentUserShouldHaveManagePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_MANAGE']); - } - } diff --git a/tests/integration/features/bootstrap/CardContext.php b/tests/integration/features/bootstrap/CardContext.php deleted file mode 100644 index 53ae99a1c..000000000 --- a/tests/integration/features/bootstrap/CardContext.php +++ /dev/null @@ -1,96 +0,0 @@ -sendJSONrequest('POST', '/index.php/apps/deck/boards', [ - 'title' => $title, - 'color' => $color - ]); - $this->response->getBody()->seek(0); - $this->board = json_decode((string)$this->response->getBody(), true); - - } - - /** - * @When /^fetches the board named "([^"]*)"$/ - */ - public function fetchesTheBoardNamed($boardName) { - $this->sendJSONrequest('GET', '/index.php/apps/deck/boards/' . $this->board['id'], []); - $this->response->getBody()->seek(0); - $this->board = json_decode((string)$this->response->getBody(), true); - } - - /** - * @When shares the board with user :user - */ - public function sharesTheBoardWithUser($user) - { - $this->sendJSONrequest('POST', '/index.php/apps/deck/boards/' . $this->board['id'] . '/acl', [ - 'type' => 0, - 'participant' => $user, - 'permissionEdit' => true, - 'permissionShare' => true, - 'permissionManage' => true, - ]); - } - - /** - * @Given /^the current user should have read permissions on the board$/ - */ - public function theCurrentUserShouldHaveReadPermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_READ']); - } - - /** - * @Given /^the current user should have write permissions on the board$/ - */ - public function theCurrentUserShouldHaveWritePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_EDIT']); - } - - /** - * @Given /^the current user should have share permissions on the board$/ - */ - public function theCurrentUserShouldHaveSharePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_SHARE']); - } - - /** - * @Given /^the current user should have manage permissions on the board$/ - */ - public function theCurrentUserShouldHaveManagePermissionsOnTheBoard() { - Assert::assertTrue($this->board['permissions']['PERMISSION_MANAGE']); - } - - /** - * @When /^fetching the board list$/ - */ - public function fetchingTheBoardList() { - $this->sendJSONrequest('GET', '/index.php/apps/deck/boards'); - } - - /** - * @When /^fetching the board with id "([^"]*)"$/ - */ - public function fetchingTheBoardWithId($id) { - $this->sendJSONrequest('GET', '/index.php/apps/deck/boards/' . $id); - } - -} diff --git a/tests/integration/features/bootstrap/RequestTrait.php b/tests/integration/features/bootstrap/RequestTrait.php index cd136fe97..726eb04fe 100644 --- a/tests/integration/features/bootstrap/RequestTrait.php +++ b/tests/integration/features/bootstrap/RequestTrait.php @@ -1,18 +1,14 @@ getEnvironment(); $this->serverContext = $environment->getContext('ServerContext'); @@ -106,7 +101,6 @@ trait RequestTrait { } private function sendJSONrequest($method, $url, $data = []) { - $client = new Client; try { $this->response = $client->request( diff --git a/tests/integration/features/bootstrap/ServerContext.php b/tests/integration/features/bootstrap/ServerContext.php index 2923f93f1..8b5522c84 100644 --- a/tests/integration/features/bootstrap/ServerContext.php +++ b/tests/integration/features/bootstrap/ServerContext.php @@ -1,11 +1,7 @@