mirror of
https://github.com/friendica/friendica
synced 2024-12-23 08:40:16 +00:00
Merge pull request #10944 from nupplaphil/bug/friendica-10943
Add default value for PermissionSet Regex
This commit is contained in:
commit
c5aa4396d4
4 changed files with 438 additions and 58 deletions
|
@ -0,0 +1,13 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\PermissionSet\Exception;
|
||||||
|
|
||||||
|
use Exception;
|
||||||
|
|
||||||
|
class PermissionSetNotFoundException extends \RuntimeException
|
||||||
|
{
|
||||||
|
public function __construct($message = '', Exception $previous = null)
|
||||||
|
{
|
||||||
|
parent::__construct($message, 404, $previous);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\PermissionSet\Exception;
|
||||||
|
|
||||||
|
use Throwable;
|
||||||
|
|
||||||
|
class PermissionSetPersistenceException extends \RuntimeException
|
||||||
|
{
|
||||||
|
public function __construct($message = "", Throwable $previous = null)
|
||||||
|
{
|
||||||
|
parent::__construct($message, 500, $previous);
|
||||||
|
}
|
||||||
|
}
|
|
@ -27,6 +27,8 @@ use Friendica\Database\Database;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Group;
|
use Friendica\Model\Group;
|
||||||
use Friendica\Network\HTTPException\NotFoundException;
|
use Friendica\Network\HTTPException\NotFoundException;
|
||||||
|
use Friendica\Security\PermissionSet\Exception\PermissionSetNotFoundException;
|
||||||
|
use Friendica\Security\PermissionSet\Exception\PermissionSetPersistenceException;
|
||||||
use Friendica\Security\PermissionSet\Factory;
|
use Friendica\Security\PermissionSet\Factory;
|
||||||
use Friendica\Security\PermissionSet\Collection;
|
use Friendica\Security\PermissionSet\Collection;
|
||||||
use Friendica\Security\PermissionSet\Entity;
|
use Friendica\Security\PermissionSet\Entity;
|
||||||
|
@ -53,34 +55,22 @@ class PermissionSet extends BaseRepository
|
||||||
$this->aclFormatter = $aclFormatter;
|
$this->aclFormatter = $aclFormatter;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* replaces the PUBLIC id for the public permissionSet
|
|
||||||
* (no need to create the default permission set over and over again)
|
|
||||||
*
|
|
||||||
* @param $condition
|
|
||||||
*/
|
|
||||||
private function checkPublicSelect(&$condition)
|
|
||||||
{
|
|
||||||
if (empty($condition['allow_cid']) &&
|
|
||||||
empty($condition['allow_gid']) &&
|
|
||||||
empty($condition['deny_cid']) &&
|
|
||||||
empty($condition['deny_gid'])) {
|
|
||||||
$condition['uid'] = self::PUBLIC;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $condition
|
* @param array $condition
|
||||||
* @param array $params
|
* @param array $params
|
||||||
*
|
*
|
||||||
* @return Entity\PermissionSet
|
* @return Entity\PermissionSet
|
||||||
* @throws NotFoundException
|
* @throws NotFoundException
|
||||||
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
private function selectOne(array $condition, array $params = []): Entity\PermissionSet
|
private function selectOne(array $condition, array $params = []): Entity\PermissionSet
|
||||||
{
|
{
|
||||||
return parent::_selectOne($condition, $params);
|
return parent::_selectOne($condition, $params);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
private function select(array $condition, array $params = []): Collection\PermissionSets
|
private function select(array $condition, array $params = []): Collection\PermissionSets
|
||||||
{
|
{
|
||||||
return new Collection\PermissionSets(parent::_select($condition, $params)->getArrayCopy());
|
return new Collection\PermissionSets(parent::_select($condition, $params)->getArrayCopy());
|
||||||
|
@ -108,7 +98,9 @@ class PermissionSet extends BaseRepository
|
||||||
* @param int $id A PermissionSet table row id or self::PUBLIC
|
* @param int $id A PermissionSet table row id or self::PUBLIC
|
||||||
* @param int $uid The owner of the PermissionSet
|
* @param int $uid The owner of the PermissionSet
|
||||||
* @return Entity\PermissionSet
|
* @return Entity\PermissionSet
|
||||||
* @throws NotFoundException
|
*
|
||||||
|
* @throws PermissionSetNotFoundException
|
||||||
|
* @throws PermissionSetPersistenceException
|
||||||
*/
|
*/
|
||||||
public function selectOneById(int $id, int $uid): Entity\PermissionSet
|
public function selectOneById(int $id, int $uid): Entity\PermissionSet
|
||||||
{
|
{
|
||||||
|
@ -116,7 +108,13 @@ class PermissionSet extends BaseRepository
|
||||||
return $this->factory->createFromString($uid);
|
return $this->factory->createFromString($uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->selectOne(['id' => $id, 'uid' => $uid]);
|
try {
|
||||||
|
return $this->selectOne(['id' => $id, 'uid' => $uid]);
|
||||||
|
} catch (NotFoundException $exception) {
|
||||||
|
throw new PermissionSetNotFoundException(sprintf('PermissionSet with id %d for user %u doesn\'t exist.', $id, $uid), $exception);
|
||||||
|
} catch (Exception $exception) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('Cannot select PermissionSet %d for user %d', $id, $uid), $exception);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -126,45 +124,51 @@ class PermissionSet extends BaseRepository
|
||||||
* @param int $uid User id whom the items belong, used for ownership check.
|
* @param int $uid User id whom the items belong, used for ownership check.
|
||||||
*
|
*
|
||||||
* @return Collection\PermissionSets
|
* @return Collection\PermissionSets
|
||||||
|
*
|
||||||
|
* @throws PermissionSetPersistenceException
|
||||||
*/
|
*/
|
||||||
public function selectByContactId(int $cid, int $uid): Collection\PermissionSets
|
public function selectByContactId(int $cid, int $uid): Collection\PermissionSets
|
||||||
{
|
{
|
||||||
$cdata = Contact::getPublicAndUserContactID($cid, $uid);
|
try {
|
||||||
if (!empty($cdata)) {
|
$cdata = Contact::getPublicAndUserContactID($cid, $uid);
|
||||||
$public_contact_str = $this->aclFormatter->toString($cdata['public']);
|
if (!empty($cdata)) {
|
||||||
$user_contact_str = $this->aclFormatter->toString($cdata['user']);
|
$public_contact_str = $this->aclFormatter->toString($cdata['public']);
|
||||||
$cid = $cdata['user'];
|
$user_contact_str = $this->aclFormatter->toString($cdata['user']);
|
||||||
} else {
|
$cid = $cdata['user'];
|
||||||
$public_contact_str = $this->aclFormatter->toString($cid);
|
} else {
|
||||||
$user_contact_str = '';
|
$public_contact_str = $this->aclFormatter->toString($cid);
|
||||||
}
|
$user_contact_str = '';
|
||||||
|
}
|
||||||
|
|
||||||
$groups = [];
|
$groups = [];
|
||||||
if (!empty($user_contact_str) && $this->db->exists('contact', [
|
if (!empty($user_contact_str) && $this->db->exists('contact', [
|
||||||
'id' => $cid,
|
'id' => $cid,
|
||||||
'uid' => $uid,
|
'uid' => $uid,
|
||||||
'blocked' => false
|
'blocked' => false
|
||||||
])) {
|
])) {
|
||||||
$groups = Group::getIdsByContactId($cid);
|
$groups = Group::getIdsByContactId($cid);
|
||||||
}
|
}
|
||||||
|
|
||||||
$group_str = '<<>>'; // should be impossible to match
|
$group_str = '<<>>'; // should be impossible to match
|
||||||
foreach ($groups as $group_id) {
|
foreach ($groups as $group_id) {
|
||||||
$group_str .= '|<' . preg_quote($group_id) . '>';
|
$group_str .= '|<' . preg_quote($group_id) . '>';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($user_contact_str)) {
|
if (!empty($user_contact_str)) {
|
||||||
$condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR `deny_cid` REGEXP ? OR deny_gid REGEXP ?)
|
$condition = ["`uid` = ? AND (NOT (LOCATE(?, `deny_cid`) OR LOCATE(?, `deny_cid`) OR deny_gid REGEXP ?)
|
||||||
AND (allow_cid REGEXP ? OR allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",
|
AND (LOCATE(?, allow_cid) OR LOCATE(?, allow_cid) OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",
|
||||||
$uid, $user_contact_str, $public_contact_str, $group_str,
|
$uid, $user_contact_str, $public_contact_str, $group_str,
|
||||||
$user_contact_str, $public_contact_str, $group_str];
|
$user_contact_str, $public_contact_str, $group_str];
|
||||||
} else {
|
} else {
|
||||||
$condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR deny_gid REGEXP ?)
|
$condition = ["`uid` = ? AND (NOT (LOCATE(?, `deny_cid`) OR deny_gid REGEXP ?)
|
||||||
AND (allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",
|
AND (LOCATE(?, allow_cid) OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",
|
||||||
$uid, $public_contact_str, $group_str, $public_contact_str, $group_str];
|
$uid, $public_contact_str, $group_str, $public_contact_str, $group_str];
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->select($condition);
|
return $this->select($condition);
|
||||||
|
} catch (Exception $exception) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('Cannot select PermissionSet for contact %d and user %d', $cid, $uid), $exception);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -173,11 +177,20 @@ class PermissionSet extends BaseRepository
|
||||||
* @param int $uid
|
* @param int $uid
|
||||||
*
|
*
|
||||||
* @return Entity\PermissionSet
|
* @return Entity\PermissionSet
|
||||||
* @throws Exception
|
*
|
||||||
|
* @throws PermissionSetPersistenceException
|
||||||
*/
|
*/
|
||||||
public function selectDefaultForUser(int $uid): Entity\PermissionSet
|
public function selectDefaultForUser(int $uid): Entity\PermissionSet
|
||||||
{
|
{
|
||||||
$self_contact = Contact::selectFirst(['id'], ['uid' => $uid, 'self' => true]);
|
try {
|
||||||
|
$self_contact = Contact::selectFirst(['id'], ['uid' => $uid, 'self' => true]);
|
||||||
|
} catch (Exception $exception) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('Cannot select Contact for user %d', $uid));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->db->isResult($self_contact)) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('No "self" contact found for user %d', $uid));
|
||||||
|
}
|
||||||
|
|
||||||
return $this->selectOrCreate($this->factory->createFromString(
|
return $this->selectOrCreate($this->factory->createFromString(
|
||||||
$uid,
|
$uid,
|
||||||
|
@ -203,6 +216,8 @@ class PermissionSet extends BaseRepository
|
||||||
* @param Entity\PermissionSet $permissionSet
|
* @param Entity\PermissionSet $permissionSet
|
||||||
*
|
*
|
||||||
* @return Entity\PermissionSet
|
* @return Entity\PermissionSet
|
||||||
|
*
|
||||||
|
* @throws PermissionSetPersistenceException
|
||||||
*/
|
*/
|
||||||
public function selectOrCreate(Entity\PermissionSet $permissionSet): Entity\PermissionSet
|
public function selectOrCreate(Entity\PermissionSet $permissionSet): Entity\PermissionSet
|
||||||
{
|
{
|
||||||
|
@ -219,6 +234,8 @@ class PermissionSet extends BaseRepository
|
||||||
return $this->selectOne($this->convertToTableRow($permissionSet));
|
return $this->selectOne($this->convertToTableRow($permissionSet));
|
||||||
} catch (NotFoundException $exception) {
|
} catch (NotFoundException $exception) {
|
||||||
return $this->save($permissionSet);
|
return $this->save($permissionSet);
|
||||||
|
} catch (Exception $exception) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('Cannot select PermissionSet %d', $permissionSet->id ?? 0), $exception);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -226,7 +243,8 @@ class PermissionSet extends BaseRepository
|
||||||
* @param Entity\PermissionSet $permissionSet
|
* @param Entity\PermissionSet $permissionSet
|
||||||
*
|
*
|
||||||
* @return Entity\PermissionSet
|
* @return Entity\PermissionSet
|
||||||
* @throws NotFoundException
|
*
|
||||||
|
* @throws PermissionSetPersistenceException
|
||||||
*/
|
*/
|
||||||
public function save(Entity\PermissionSet $permissionSet): Entity\PermissionSet
|
public function save(Entity\PermissionSet $permissionSet): Entity\PermissionSet
|
||||||
{
|
{
|
||||||
|
@ -237,12 +255,16 @@ class PermissionSet extends BaseRepository
|
||||||
|
|
||||||
$fields = $this->convertToTableRow($permissionSet);
|
$fields = $this->convertToTableRow($permissionSet);
|
||||||
|
|
||||||
if ($permissionSet->id) {
|
try {
|
||||||
$this->db->update(self::$table_name, $fields, ['id' => $permissionSet->id]);
|
if ($permissionSet->id) {
|
||||||
} else {
|
$this->db->update(self::$table_name, $fields, ['id' => $permissionSet->id]);
|
||||||
$this->db->insert(self::$table_name, $fields);
|
} else {
|
||||||
|
$this->db->insert(self::$table_name, $fields);
|
||||||
|
|
||||||
$permissionSet = $this->selectOneById($this->db->lastInsertId(), $permissionSet->uid);
|
$permissionSet = $this->selectOneById($this->db->lastInsertId(), $permissionSet->uid);
|
||||||
|
}
|
||||||
|
} catch (Exception $exception) {
|
||||||
|
throw new PermissionSetPersistenceException(sprintf('Cannot save PermissionSet %d', $permissionSet->id ?? 0), $exception);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $permissionSet;
|
return $permissionSet;
|
||||||
|
|
|
@ -2,6 +2,9 @@
|
||||||
|
|
||||||
namespace Friendica\Test\src\Security\PermissionSet\Repository;
|
namespace Friendica\Test\src\Security\PermissionSet\Repository;
|
||||||
|
|
||||||
|
use Friendica\Database\Database;
|
||||||
|
use Friendica\Security\PermissionSet\Collection\PermissionSets;
|
||||||
|
use Friendica\Security\PermissionSet\Exception\PermissionSetNotFoundException;
|
||||||
use Friendica\Security\PermissionSet\Repository\PermissionSet as PermissionSetRepository;
|
use Friendica\Security\PermissionSet\Repository\PermissionSet as PermissionSetRepository;
|
||||||
use Friendica\Security\PermissionSet\Entity\PermissionSet;
|
use Friendica\Security\PermissionSet\Entity\PermissionSet;
|
||||||
use Friendica\Security\PermissionSet\Factory\PermissionSet as PermissionSetFactory;
|
use Friendica\Security\PermissionSet\Factory\PermissionSet as PermissionSetFactory;
|
||||||
|
@ -61,4 +64,333 @@ class PermissionSetTest extends FixtureTest
|
||||||
|
|
||||||
self::assertEquals($savedPermissionSet, $permissionSetSavedSelected);
|
self::assertEquals($savedPermissionSet, $permissionSetSavedSelected);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Asserts that the actual permissionset is equal to the expected permissionset
|
||||||
|
* --> It skips the "id" fields
|
||||||
|
*
|
||||||
|
* @param PermissionSets $expected
|
||||||
|
* @param PermissionSets $actual
|
||||||
|
*/
|
||||||
|
public static function assertEqualPermissionSets(PermissionSets $expected, PermissionSets $actual)
|
||||||
|
{
|
||||||
|
self::assertEquals($expected->count(), $actual->count(), 'PermissionSets not even ' . PHP_EOL . 'expected: ' . print_r($expected, true) . 'actual: ' . print_r($actual, true));
|
||||||
|
|
||||||
|
foreach ($expected as $outputPermissionSet) {
|
||||||
|
self::assertCount(1, $actual->filter(function (PermissionSet $actualPermissionSet) use ($outputPermissionSet) {
|
||||||
|
return (
|
||||||
|
$actualPermissionSet->uid == $outputPermissionSet->uid &&
|
||||||
|
$actualPermissionSet->allow_cid == $outputPermissionSet->allow_cid &&
|
||||||
|
$actualPermissionSet->allow_gid == $outputPermissionSet->allow_gid &&
|
||||||
|
$actualPermissionSet->deny_cid == $outputPermissionSet->deny_cid &&
|
||||||
|
$actualPermissionSet->deny_gid == $outputPermissionSet->deny_gid
|
||||||
|
);
|
||||||
|
}), 'PermissionSet not found: ' . print_r($outputPermissionSet, true));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function dataSet()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
'standard' => [
|
||||||
|
'group_member' => [],
|
||||||
|
'permissionSets' => [
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '<43>',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '<44>',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '<44>',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'assertions' => [
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 43,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [43], [], [44], []),
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 44,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
new PermissionSet(42, [44], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 47,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'empty' => [
|
||||||
|
'group_member' => [],
|
||||||
|
'permissionSets' => [
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'assertions' => [
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 43,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 44,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 47,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], []),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
]
|
||||||
|
],
|
||||||
|
'nothing' => [
|
||||||
|
'group_member' => [],
|
||||||
|
'permissionSets' => [
|
||||||
|
],
|
||||||
|
'assertions' => [
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 43,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets(),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 44,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets(),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 47,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets(),
|
||||||
|
],
|
||||||
|
]
|
||||||
|
],
|
||||||
|
'with_groups' => [
|
||||||
|
'group_member' => [
|
||||||
|
[
|
||||||
|
'id' => 1,
|
||||||
|
'gid' => 1,
|
||||||
|
'contact-id' => 47,
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'id' => 2,
|
||||||
|
'gid' => 1,
|
||||||
|
'contact-id' => 42,
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'id' => 3,
|
||||||
|
'gid' => 2,
|
||||||
|
'contact-id' => 43,
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'permissionSets' => [
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '<43>',
|
||||||
|
'allow_gid' => '<3>',
|
||||||
|
'deny_cid' => '<44>,<46>',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '<2>',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '<44>',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '<1>',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'uid' => 42,
|
||||||
|
'allow_cid' => '<45>',
|
||||||
|
'allow_gid' => '',
|
||||||
|
'deny_cid' => '',
|
||||||
|
'deny_gid' => '<1><2>',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'assertions' => [
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 42,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 43,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [43], [3], [44, 46], []),
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
new PermissionSet(42, [], [], [], [1]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 44,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
new PermissionSet(42, [44], [], [], []),
|
||||||
|
new PermissionSet(42, [], [], [], [1]),
|
||||||
|
new PermissionSet(42, [45], [], [], [1, 2]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 45,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
new PermissionSet(42, [44], [], [], []),
|
||||||
|
new PermissionSet(42, [], [], [], [1]),
|
||||||
|
new PermissionSet(42, [45], [], [], [1, 2]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 46,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
new PermissionSet(42, [], [], [], [1]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'input' => [
|
||||||
|
'cid' => 47,
|
||||||
|
'uid' => 42,
|
||||||
|
],
|
||||||
|
'output' => new PermissionSets([
|
||||||
|
new PermissionSet(42, [], [], [], [2]),
|
||||||
|
new PermissionSet(42, [], [], [], [1]),
|
||||||
|
]),
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider dataSet
|
||||||
|
*/
|
||||||
|
public function testSelectContactId(array $group_member, array $inputPermissionSets, array $assertions)
|
||||||
|
{
|
||||||
|
/** @var Database $db */
|
||||||
|
$db = $this->dice->create(Database::class);
|
||||||
|
|
||||||
|
foreach ($group_member as $gmember) {
|
||||||
|
$db->insert('group_member', $gmember, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ($inputPermissionSets as $inputPermissionSet) {
|
||||||
|
$db->insert('permissionset', $inputPermissionSet, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ($assertions as $assertion) {
|
||||||
|
$permissionSets = $this->repository->selectByContactId($assertion['input']['cid'], $assertion['input']['uid']);
|
||||||
|
self::assertInstanceOf(PermissionSets::class, $permissionSets);
|
||||||
|
self::assertEqualPermissionSets($assertion['output'], $permissionSets);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testSelectOneByIdInvalid()
|
||||||
|
{
|
||||||
|
self::expectException(PermissionSetNotFoundException::class);
|
||||||
|
self::expectExceptionMessage('PermissionSet with id -1 for user 42 doesn\'t exist.');
|
||||||
|
|
||||||
|
$this->repository->selectOneById(-1, 42);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider dataSet
|
||||||
|
*/
|
||||||
|
public function testSelectOneById(array $group_member, array $inputPermissionSets, array $assertions)
|
||||||
|
{
|
||||||
|
if (count($inputPermissionSets) === 0) {
|
||||||
|
self::markTestSkipped('Nothing to assert.');
|
||||||
|
}
|
||||||
|
|
||||||
|
/** @var Database $db */
|
||||||
|
$db = $this->dice->create(Database::class);
|
||||||
|
|
||||||
|
foreach ($inputPermissionSets as $inputPermissionSet) {
|
||||||
|
$db->insert('permissionset', $inputPermissionSet);
|
||||||
|
$id = $db->lastInsertId();
|
||||||
|
|
||||||
|
self::assertInstanceOf(PermissionSet::class, $this->repository->selectOneById($id, $inputPermissionSet['uid']));
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue