diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2014-09-28 14:51:08 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2014-09-28 14:51:08 +0000 |
| commit | 7e7ac5340a281ed767066af0b5f4dd45a3d7076f (patch) | |
| tree | 891640b0548c0d3063daddb219006d120fa312c3 /test | |
| parent | 9a7fb0ad7be0ee3403f5b89eb0c16b68c991d519 (diff) | |
| download | redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.tar.gz redmine-7e7ac5340a281ed767066af0b5f4dd45a3d7076f.zip | |
Adds buit-in groups to give specific permissions to anonymous and non members users per project (#17976).
git-svn-id: http://svn.redmine.org/redmine/trunk@13417 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test')
| -rw-r--r-- | test/extra/redmine_pm/repository_subversion_test.rb | 15 | ||||
| -rw-r--r-- | test/extra/redmine_pm/test_case.rb | 1 | ||||
| -rw-r--r-- | test/fixtures/users.yml | 13 | ||||
| -rw-r--r-- | test/integration/api_test/groups_test.rb | 34 | ||||
| -rw-r--r-- | test/integration/issues_test.rb | 21 | ||||
| -rw-r--r-- | test/unit/group_test.rb | 16 | ||||
| -rw-r--r-- | test/unit/issue_test.rb | 31 | ||||
| -rw-r--r-- | test/unit/principal_test.rb | 16 | ||||
| -rw-r--r-- | test/unit/query_test.rb | 2 | ||||
| -rw-r--r-- | test/unit/user_test.rb | 38 |
10 files changed, 167 insertions, 20 deletions
diff --git a/test/extra/redmine_pm/repository_subversion_test.rb b/test/extra/redmine_pm/repository_subversion_test.rb index 81cf2b840..b40210467 100644 --- a/test/extra/redmine_pm/repository_subversion_test.rb +++ b/test/extra/redmine_pm/repository_subversion_test.rb @@ -27,6 +27,12 @@ class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase assert_success "ls", svn_url end + def test_anonymous_read_on_public_repo_with_anonymous_group_permission_should_succeed + Role.anonymous.remove_permission! :browse_repository + Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [2]) + assert_success "ls", svn_url + end + def test_anonymous_read_on_public_repo_without_permission_should_fail Role.anonymous.remove_permission! :browse_repository assert_failure "ls", svn_url @@ -55,6 +61,15 @@ class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase end end + def test_non_member_read_on_public_repo_with_non_member_group_permission_should_succeed + Role.anonymous.remove_permission! :browse_repository + Role.non_member.remove_permission! :browse_repository + Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [2]) + with_credentials "miscuser8", "foo" do + assert_success "ls", svn_url + end + end + def test_non_member_read_on_public_repo_without_permission_should_fail Role.anonymous.remove_permission! :browse_repository Role.non_member.remove_permission! :browse_repository diff --git a/test/extra/redmine_pm/test_case.rb b/test/extra/redmine_pm/test_case.rb index f1a6b92e8..d9d25bd65 100644 --- a/test/extra/redmine_pm/test_case.rb +++ b/test/extra/redmine_pm/test_case.rb @@ -65,6 +65,7 @@ module RedminePmTest @command = args.join(' ') @status = nil IO.popen("#{command} 2>&1") do |io| + io.set_encoding("ASCII-8BIT") if io.respond_to?(:set_encoding) @response = io.read end @status = $?.exitstatus diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 8136b41d9..9adab5edd 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -161,9 +161,20 @@ groups_010: id: 10 lastname: A Team type: Group + status: 1 groups_011: id: 11 lastname: B Team type: Group + status: 1 +groups_non_member: + id: 12 + lastname: Non member users + type: GroupNonMember + status: 1 +groups_anonymous: + id: 13 + lastname: Anonymous users + type: GroupAnonymous + status: 1 - diff --git a/test/integration/api_test/groups_test.rb b/test/integration/api_test/groups_test.rb index 00752065e..550eb50e5 100644 --- a/test/integration/api_test/groups_test.rb +++ b/test/integration/api_test/groups_test.rb @@ -29,12 +29,13 @@ class Redmine::ApiTest::GroupsTest < Redmine::ApiTest::Base assert_response 401 end - test "GET /groups.xml should return groups" do + test "GET /groups.xml should return givable groups" do get '/groups.xml', {}, credentials('admin') assert_response :success assert_equal 'application/xml', response.content_type assert_select 'groups' do + assert_select 'group', Group.givable.count assert_select 'group' do assert_select 'name', :text => 'A Team' assert_select 'id', :text => '10' @@ -42,6 +43,24 @@ class Redmine::ApiTest::GroupsTest < Redmine::ApiTest::Base end end + test "GET /groups.xml?builtin=1 should return all groups" do + get '/groups.xml?builtin=1', {}, credentials('admin') + assert_response :success + assert_equal 'application/xml', response.content_type + + assert_select 'groups' do + assert_select 'group', Group.givable.count + 2 + assert_select 'group' do + assert_select 'builtin', :text => 'non_member' + assert_select 'id', :text => '12' + end + assert_select 'group' do + assert_select 'builtin', :text => 'anonymous' + assert_select 'id', :text => '13' + end + end + end + test "GET /groups.json should require authentication" do get '/groups.json' assert_response 401 @@ -60,7 +79,7 @@ class Redmine::ApiTest::GroupsTest < Redmine::ApiTest::Base assert_equal({'id' => 10, 'name' => 'A Team'}, group) end - test "GET /groups/:id.xml should return the group with its users" do + test "GET /groups/:id.xml should return the group" do get '/groups/10.xml', {}, credentials('admin') assert_response :success assert_equal 'application/xml', response.content_type @@ -71,6 +90,17 @@ class Redmine::ApiTest::GroupsTest < Redmine::ApiTest::Base end end + test "GET /groups/:id.xml should return the builtin group" do + get '/groups/12.xml', {}, credentials('admin') + assert_response :success + assert_equal 'application/xml', response.content_type + + assert_select 'group' do + assert_select 'builtin', :text => 'non_member' + assert_select 'id', :text => '12' + end + end + test "GET /groups/:id.xml should include users if requested" do get '/groups/10.xml?include=users', {}, credentials('admin') assert_response :success diff --git a/test/integration/issues_test.rb b/test/integration/issues_test.rb index 196f16f5b..21faaa93f 100644 --- a/test/integration/issues_test.rb +++ b/test/integration/issues_test.rb @@ -65,6 +65,27 @@ class IssuesTest < ActionController::IntegrationTest assert_equal 1, issue.status.id end + def test_create_issue_by_anonymous_without_permission_should_fail + Role.anonymous.remove_permission! :add_issues + + assert_no_difference 'Issue.count' do + post 'projects/1/issues', :tracker_id => "1", :issue => {:subject => "new test issue"} + end + assert_response 302 + end + + def test_create_issue_by_anonymous_with_custom_permission_should_succeed + Role.anonymous.remove_permission! :add_issues + Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [3]) + + assert_difference 'Issue.count' do + post 'projects/1/issues', :tracker_id => "1", :issue => {:subject => "new test issue"} + end + assert_response 302 + issue = Issue.order("id DESC").first + assert_equal User.anonymous, issue.author + end + # add then remove 2 attachments to an issue def test_issue_attachments log_user('jsmith', 'jsmith') diff --git a/test/unit/group_test.rb b/test/unit/group_test.rb index 188e9468a..d3b5d20ec 100644 --- a/test/unit/group_test.rb +++ b/test/unit/group_test.rb @@ -133,4 +133,20 @@ class GroupTest < ActiveSupport::TestCase assert_equal nil, Issue.find(1).assigned_to_id end + + def test_builtin_id_with_anonymous_user_should_return_anonymous_group + assert_equal 13, Group.builtin_id(User.anonymous) + end + + def test_builtin_id_with_anonymous_role_should_return_anonymous_group + assert_equal 13, Group.builtin_id(Role.anonymous) + end + + def test_builtin_id_with_user_should_return_non_member_group + assert_equal 12, Group.builtin_id(User.find(1)) + end + + def test_builtin_id_with_non_member_role_should_return_non_member_group + assert_equal 12, Group.builtin_id(Role.non_member) + end end diff --git a/test/unit/issue_test.rb b/test/unit/issue_test.rb index c4cf77c79..3454c71f5 100644 --- a/test/unit/issue_test.rb +++ b/test/unit/issue_test.rb @@ -219,6 +219,16 @@ class IssueTest < ActiveSupport::TestCase assert_visibility_match User.anonymous, issues end + def test_visible_scope_for_anonymous_without_view_issues_permissions_and_membership + Role.anonymous.remove_permission!(:view_issues) + Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [2]) + + issues = Issue.visible(User.anonymous).all + assert issues.any? + assert_equal [1], issues.map(&:project_id).uniq.sort + assert_visibility_match User.anonymous, issues + end + def test_anonymous_should_not_see_private_issues_with_issues_visibility_set_to_default assert Role.anonymous.update_attribute(:issues_visibility, 'default') issue = Issue.generate!(:author => User.anonymous, :assigned_to => User.anonymous, :is_private => true) @@ -265,6 +275,17 @@ class IssueTest < ActiveSupport::TestCase assert_visibility_match user, issues end + def test_visible_scope_for_non_member_without_view_issues_permissions_and_membership + Role.non_member.remove_permission!(:view_issues) + Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [2]) + user = User.find(9) + + issues = Issue.visible(user).all + assert issues.any? + assert_equal [1], issues.map(&:project_id).uniq.sort + assert_visibility_match user, issues + end + def test_visible_scope_for_member user = User.find(9) # User should see issues of projects for which user has view_issues permissions only @@ -1724,6 +1745,16 @@ class IssueTest < ActiveSupport::TestCase end end + def test_assignable_users_should_not_include_builtin_groups + Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [1]) + Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [1]) + issue = Issue.new(:project => Project.find(1)) + + with_settings :issue_group_assignment => '1' do + assert_nil issue.assignable_users.detect {|u| u.is_a?(GroupBuiltin)} + end + end + def test_create_should_send_email_notification ActionMailer::Base.deliveries.clear issue = Issue.new(:project_id => 1, :tracker_id => 1, diff --git a/test/unit/principal_test.rb b/test/unit/principal_test.rb index 2ddcc8b1c..b37f781a3 100644 --- a/test/unit/principal_test.rb +++ b/test/unit/principal_test.rb @@ -55,17 +55,11 @@ class PrincipalTest < ActiveSupport::TestCase end def test_sorted_scope_should_sort_users_before_groups - scope = Principal.where("type <> ?", 'AnonymousUser') - expected_order = scope.all.sort do |a, b| - if a.is_a?(User) && b.is_a?(Group) - -1 - elsif a.is_a?(Group) && b.is_a?(User) - 1 - else - a.name.downcase <=> b.name.downcase - end - end - assert_equal expected_order.map(&:name).map(&:downcase), + scope = Principal.where(:type => ['User', 'Group']) + users = scope.select {|p| p.is_a?(User)}.sort + groups = scope.select {|p| p.is_a?(Group)}.sort + + assert_equal (users + groups).map(&:name).map(&:downcase), scope.sorted.map(&:name).map(&:downcase) end diff --git a/test/unit/query_test.rb b/test/unit/query_test.rb index 084e91a82..102efd4de 100644 --- a/test/unit/query_test.rb +++ b/test/unit/query_test.rb @@ -1240,7 +1240,7 @@ class QueryTest < ActiveSupport::TestCase assert query.available_filters.keys.include?("member_of_group") assert_equal :list_optional, query.available_filters["member_of_group"][:type] assert query.available_filters["member_of_group"][:values].present? - assert_equal Group.all.sort.map {|g| [g.name, g.id.to_s]}, + assert_equal Group.givable.sort.map {|g| [g.name, g.id.to_s]}, query.available_filters["member_of_group"][:values].sort end diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb index 69753960a..187ec7c8b 100644 --- a/test/unit/user_test.rb +++ b/test/unit/user_test.rb @@ -838,14 +838,42 @@ class UserTest < ActiveSupport::TestCase assert_nil membership end - def test_roles_for_project - # user with a role + def test_roles_for_project_with_member_on_public_project_should_return_roles_and_non_member roles = @jsmith.roles_for_project(Project.find(1)) assert_kind_of Role, roles.first - assert_equal "Manager", roles.first.name + assert_equal ["Manager"], roles.map(&:name) + end + + def test_roles_for_project_with_member_on_private_project_should_return_roles + Project.find(1).update_attribute :is_public, false + + roles = @jsmith.roles_for_project(Project.find(1)) + assert_kind_of Role, roles.first + assert_equal ["Manager"], roles.map(&:name) + end + + def test_roles_for_project_with_non_member_with_public_project_should_return_non_member + roles = User.find(8).roles_for_project(Project.find(1)) + assert_equal ["Non member"], roles.map(&:name) + end + + def test_roles_for_project_with_non_member_with_public_project_should_return_no_roles + Project.find(1).update_attribute :is_public, false + + roles = User.find(8).roles_for_project(Project.find(1)) + assert_equal [], roles.map(&:name) + end + + def test_roles_for_project_with_anonymous_with_public_project_should_return_anonymous + roles = User.anonymous.roles_for_project(Project.find(1)) + assert_equal ["Anonymous"], roles.map(&:name) + end - # user with no role - assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?} + def test_roles_for_project_with_anonymous_with_public_project_should_return_no_roles + Project.find(1).update_attribute :is_public, false + + roles = User.anonymous.roles_for_project(Project.find(1)) + assert_equal [], roles.map(&:name) end def test_projects_by_role_for_user_with_role |