FOSSology  4.4.0
Open Source License Compliance by Open Source Software
GroupControllerTest.php
Go to the documentation of this file.
1 <?php
2 /*
3  * SPDX-FileCopyrightText: © 2022 Samuel Dushimimana <dushsam100@gmail.com>
4  *
5  * SPDX-License-Identifier: GPL-2.0-only
6 */
12 namespace Fossology\UI\Api\Test\Controllers;
13 
14 require_once dirname(__DIR__, 4) . '/lib/php/Plugin/FO_Plugin.php';
15 
16 
17 use Fossology\Lib\Auth\Auth;
18 use Fossology\Lib\Dao\UserDao;
19 use Fossology\Lib\Db\DbManager;
20 use Fossology\UI\Api\Controllers\GroupController;
21 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
22 use Fossology\UI\Api\Exceptions\HttpForbiddenException;
23 use Fossology\UI\Api\Helper\DbHelper;
24 use Fossology\UI\Api\Helper\ResponseHelper;
25 use Fossology\UI\Api\Helper\RestHelper;
26 use Fossology\UI\Api\Models\Info;
27 use Fossology\UI\Api\Models\InfoType;
28 use Fossology\UI\Api\Models\ApiVersion;
29 use Fossology\UI\Api\Models\User;
30 use Fossology\UI\Api\Models\UserGroupMember;
31 use Mockery as M;
32 use Slim\Psr7\Factory\StreamFactory;
33 use Slim\Psr7\Headers;
34 use Slim\Psr7\Request;
35 use Slim\Psr7\Uri;
36 
37 
42 class GroupControllerTest extends \PHPUnit\Framework\TestCase
43 {
44 
49  const YAML_LOC = __DIR__ . '/../../../ui/api/documentation/openapi.yaml';
50 
55  private $assertCountBefore;
56 
61  private $dbHelper;
62 
67  private $restHelper;
68 
73  private $adminPlugin;
74 
79  protected function setUp() : void
80  {
81  global $container;
82  $container = M::mock('ContainerBuilder');
83  $this->dbHelper = M::mock(DbHelper::class);
84  $this->restHelper = M::mock(RestHelper::class);
85  $this->userDao = M::mock(UserDao::class);
86  $this->adminPlugin = M::mock('AdminGroupUsers');
87 
88  $this->restHelper->shouldReceive('getDbHelper')->andReturn($this->dbHelper);
89  $this->restHelper->shouldReceive('getUserDao')
90  ->andReturn($this->userDao);
91 
92  $this->restHelper->shouldReceive('getPlugin')
93  ->withArgs(array('group_manage_users'))->andReturn($this->adminPlugin);
94 
95  $container->shouldReceive('get')->withArgs(array(
96  'helper.restHelper'))->andReturn($this->restHelper);
97  $this->groupController = new GroupController($container);
98  $this->assertCountBefore = \Hamcrest\MatcherAssert::getCount();
99  $this->dbManager = M::mock(DbManager::class);
100  $this->dbHelper->shouldReceive('getDbManager')->andReturn($this->dbManager);
101  $this->streamFactory = new StreamFactory();
102  }
103 
104 
109  protected function tearDown() : void
110  {
111  $this->addToAssertionCount(
112  \Hamcrest\MatcherAssert::getCount() - $this->assertCountBefore);
113  M::close();
114  }
115 
122  private function getResponseJson($response)
123  {
124  $response->getBody()->seek(0);
125  return json_decode($response->getBody()->getContents(), true);
126  }
127 
133  private function getGroupMembers($userIds)
134  {
135  $groupPermissions = array("NONE" => -1, UserDao::USER => 0,
136  UserDao::ADMIN => 1, UserDao::ADVISOR => 2);
137 
138  $memberList = array();
139  foreach ($userIds as $userId) {
140  $key = array_rand($groupPermissions);
141  $userGroupMember = new UserGroupMember(new User($userId, "user$userId", "User $userId",
142  null, null, null, null, null),$groupPermissions[$key]) ;
143  $memberList[] = $userGroupMember->getArray();
144  }
145  return $memberList;
146  }
147 
153  private function getUsersWithGroup($userIds)
154  {
155  $groupPermissions = array("NONE" => -1, UserDao::USER => 0,
156  UserDao::ADMIN => 1, UserDao::ADVISOR => 2);
157 
158  $usersWithGroup = array();
159  foreach ($userIds as $userId) {
160  $perm = array_rand($groupPermissions);
161  $user = [
162  "user_pk" => $userId,
163  "group_perm"=> $perm,
164  "user_name" => $userId."username",
165  "user_desc" => $userId."desc",
166  "user_status"=> 'active'
167  ];
168  $usersWithGroup[] = $user;
169  }
170  return $usersWithGroup;
171  }
172 
173 
174 
180  public function testDeleteGroup()
181  {
182  $groupName = 'fossy';
183  $groupId = 4;
184  $userId = 1;
185  $request = M::mock(Request::class);
186  $request->shouldReceive('getAttribute')->andReturn(ApiVersion::V1);
187  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
188  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
189  $this->dbHelper->shouldReceive('doesIdExist')
190  ->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
191  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
192  $this->userDao->shouldReceive('getDeletableAdminGroupMap')->withArgs([$userId,$_SESSION[Auth::USER_LEVEL]]);
193  $this->userDao->shouldReceive('deleteGroup')->withArgs([$groupId]);
194 
195  $info = new Info(202, "User Group will be deleted", InfoType::INFO);
196  $expectedResponse = (new ResponseHelper())->withJson($info->getArray(),
197  $info->getCode());
198  $actualResponse = $this->groupController->deleteGroup($request, new ResponseHelper(),
199  ['pathParam' => $groupId]);
200 
201  $this->assertEquals($expectedResponse->getStatusCode(),
202  $actualResponse->getStatusCode());
203  $this->assertEquals($this->getResponseJson($expectedResponse),
204  $this->getResponseJson($actualResponse));
205  }
206 
212  public function testGetDeletableGroups()
213  {
214  $userId = 2;
215  $groupList = array();
216  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
217  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
218  $this->userDao->shouldReceive('getDeletableAdminGroupMap')->withArgs([$userId,
219  $_SESSION[Auth::USER_LEVEL]])->andReturn([]);
220  $expectedResponse = (new ResponseHelper())->withJson($groupList, 200);
221  $actualResponse = $this->groupController->getDeletableGroups(null, new ResponseHelper(), []);
222  $this->assertEquals($expectedResponse->getStatusCode(), $actualResponse->getStatusCode());
223  $this->assertEquals($this->getResponseJson($expectedResponse), $this->getResponseJson($actualResponse));
224  }
230  public function testGetGroupMembers()
231  {
232  $userIds = [2];
233  $groupName = 'fossy';
234  $groupId = 1;
235  $memberList = $this->getGroupMembers($userIds);
236  $request = M::mock(Request::class);
237  $request->shouldReceive('getAttribute')->andReturn(ApiVersion::V1);
238  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
239  $this->restHelper->shouldReceive('getUserId')->andReturn($userIds[0]);
240  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
241  $this->userDao->shouldReceive('getAdminGroupMap')->withArgs([$userIds[0],$_SESSION[Auth::USER_LEVEL]])->andReturn([1]);
242 
243  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
244  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId)])->andReturn(1);
245  $this->dbManager->shouldReceive('fetchAll')->withArgs([1])->andReturn($this->getUsersWithGroup($userIds));
246  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
247 
248  $user = $this->getUsersWithGroup($userIds)[0];
249  $users = [];
250  $users[] = new User($user["user_pk"], $user["user_name"], $user["user_desc"],
251  null, null, null, null, null);
252  $this->dbHelper->shouldReceive("getUsers")->withArgs([$user['user_pk']])->andReturn($users);
253 
254  $expectedResponse = (new ResponseHelper())->withJson($memberList, 200);
255 
256  $actualResponse = $this->groupController->getGroupMembers($request, new ResponseHelper(), ['pathParam' => $groupId]);
257  $this->assertEquals($expectedResponse->getStatusCode(),$actualResponse->getStatusCode());
258  }
259 
260 
269  public function testAddMemberUserNotMember()
270  {
271  $groupName = "fossy";
272  $userName = "user";
273  $groupId = 1;
274  $newuser = 1;
275  $userArray = ['user_pk' => $newuser];
276  $newPerm = 2;
277  $emptyArr=[];
278  $userId = 1;
279  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
280  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
281  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userName])->andReturn($userArray);
282  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
283  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
284  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn($emptyArr);
285  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
286  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
287 
288  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
289  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId, $newuser,$newPerm)])->andReturn(1);
290  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
291 
292 
293  $body = $this->streamFactory->createStream(json_encode([
294  "perm" => $newPerm
295  ]));
296  $requestHeaders = new Headers();
297  $requestHeaders->setHeader('Content-Type', 'application/json');
298  $request = new Request("POST", new Uri("HTTP", "localhost"),
299  $requestHeaders, [], [], $body);
300 
301  $expectedResponse = new Info(200, "User will be added to group.", InfoType::INFO);
302 
303  $actualResponse = $this->groupController->addMember($request, new ResponseHelper(), ['pathParam' => $groupId,'userPathParam' => $newuser]);
304  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
305  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
306  }
307 
314  public function testAddMemberUserNotAdmin()
315  {
316  $groupName = "fossy";
317  $userName = "user";
318  $groupId = 1;
319  $newuser = 1;
320  $userArray = ['user_pk' => $newuser];
321  $newPerm = 2;
322  $userId = 1;
323 
324  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
325  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
326  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userName])->andReturn($userArray);
327  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
328  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
329  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
330  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(false);
331 
332  $body = $this->streamFactory->createStream(json_encode([
333  "perm" => $newPerm
334  ]));
335  $requestHeaders = new Headers();
336  $requestHeaders->setHeader('Content-Type', 'application/json');
337  $request = new Request("POST", new Uri("HTTP", "localhost"),
338  $requestHeaders, [], [], $body);
339 
340  $this->expectException(HttpForbiddenException::class);
341 
342  $this->groupController->addMember($request, new ResponseHelper(),
343  ['pathParam' => $groupId,'userPathParam' => $newuser]);
344  }
345 
352  public function testAddMemberUserGroupAdmin()
353  {
354  $groupName = "fossy";
355  $userName = "user";
356  $groupId = 1;
357  $newuser = 1;
358  $userArray = ['user_pk' => $newuser];
359  $newPerm = 2;
360  $emptyArr=[];
361  $userId = 1;
362 
363  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
364  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
365  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userName])->andReturn($userArray);
366  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
367  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
368  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn($emptyArr);
369  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
370  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
371 
372  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
373  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId, $newuser,$newPerm)])->andReturn(1);
374  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
375 
376  $body = $this->streamFactory->createStream(json_encode([
377  "perm" => $newPerm
378  ]));
379  $requestHeaders = new Headers();
380  $requestHeaders->setHeader('Content-Type', 'application/json');
381  $request = new Request("POST", new Uri("HTTP", "localhost"),
382  $requestHeaders, [], [], $body);
383 
384  $expectedResponse = new Info(200, "User will be added to group.", InfoType::INFO);
385 
386  $actualResponse = $this->groupController->addMember($request, new ResponseHelper(), ['pathParam' => $groupId,'userPathParam' => $newuser]);
387  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
388  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
389  }
390 
391 
400  public function testAddMemberUserAlreadyMember()
401  {
402  $groupName = "fossy";
403  $userName = "user";
404  $groupId = 1;
405  $newuser = 1;
406  $userArray = ['user_pk' => $newuser];
407  $newPerm = 2;
408  $userId = 1;
409 
410  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
411  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
412  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userName])->andReturn($userArray);
413  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
414  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
415  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn(true);
416  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
417  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
418 
419  $body = $this->streamFactory->createStream(json_encode([
420  "perm" => $newPerm
421  ]));
422  $requestHeaders = new Headers();
423  $requestHeaders->setHeader('Content-Type', 'application/json');
424  $request = new Request("POST", new Uri("HTTP", "localhost"),
425  $requestHeaders, [], [], $body);
426 
427  $this->expectException(HttpBadRequestException::class);
428 
429  $this->groupController->addMember($request, new ResponseHelper(),
430  ['pathParam' => $groupId,'userPathParam' => $newuser]);
431  }
437  public function testChangeUserPermission()
438  {
439  $groupIds = [1,2,3,4,5,6];
440  $groupName = "fossy";
441  $userName = "user";
442  $userId = 1;
443  $group_user_member_pk = 1;
444  $newPerm = 2;
445  $userPk = 1;
446  $userArray = ['user_pk' => $userId];
447 
448  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
449  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupIds[0]);
450  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userName])->andReturn($userArray);
451  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupIds[0]])->andReturn(true);
452  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$userId])->andReturn(true);
453  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn(['group_pk'=>$groupIds[0],'group_user_member_pk'=>$group_user_member_pk,'permission'=>$newPerm]);
454  $this->restHelper->shouldReceive('getUserId')->andReturn($userPk);
455  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userPk, $groupIds[0]])->andReturn(true);
456 
457  $this->adminPlugin->shouldReceive('updateGUMPermission')->withArgs([$group_user_member_pk,$newPerm, $this->dbManager ]);
458 
459  $body = $this->streamFactory->createStream(json_encode([
460  "perm" => $newPerm
461  ]));
462  $requestHeaders = new Headers();
463  $requestHeaders->setHeader('Content-Type', 'application/json');
464  $request = new Request("POST", new Uri("HTTP", "localhost"),
465  $requestHeaders, [], [], $body);
466 
467  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
468  $expectedResponse = new Info(202, "Permission updated successfully.", InfoType::INFO);
469 
470  $actualResponse = $this->groupController->changeUserPermission($request, new ResponseHelper(), ['pathParam' => $groupIds[0],'userPathParam' => $userId]);
471  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
472  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
473  }
474 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
Fossology\UI\Api\Helper\DbHelper
Provides helper methods to access database for REST api.
Definition: DbHelper.php:38
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Helper\RestHelper
Provides various DAO helper functions for REST api.
Definition: RestHelper.php:32
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19
Fossology\UI\Api\Models\User
Model to hold user information.
Definition: User.php:21
dbManager
fo_dbManager * dbManager
fo_dbManager object
Definition: process.c:16