FOSSology  4.4.0
Open Source License Compliance by Open Source Software
GroupControllerTest.php
Go to the documentation of this file.
1 <?php
2 /*
3  * SPDX-FileCopyrightText: © 2022 Samuel Dushimimana <dushsam100@gmail.com>
4  *
5  * SPDX-License-Identifier: GPL-2.0-only
6 */
12 namespace Fossology\UI\Api\Test\Controllers;
13 
14 require_once dirname(__DIR__, 4) . '/lib/php/Plugin/FO_Plugin.php';
15 
16 
17 use Fossology\Lib\Auth\Auth;
18 use Fossology\Lib\Dao\UserDao;
19 use Fossology\Lib\Db\DbManager;
20 use Fossology\UI\Api\Controllers\GroupController;
21 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
22 use Fossology\UI\Api\Exceptions\HttpForbiddenException;
23 use Fossology\UI\Api\Helper\DbHelper;
24 use Fossology\UI\Api\Helper\ResponseHelper;
25 use Fossology\UI\Api\Helper\RestHelper;
26 use Fossology\UI\Api\Models\Info;
27 use Fossology\UI\Api\Models\InfoType;
28 use Fossology\UI\Api\Models\ApiVersion;
29 use Fossology\UI\Api\Models\User;
30 use Fossology\UI\Api\Models\UserGroupMember;
31 use Mockery as M;
32 use Slim\Psr7\Factory\StreamFactory;
33 use Slim\Psr7\Headers;
34 use Slim\Psr7\Request;
35 use Slim\Psr7\Uri;
36 
37 
42 class GroupControllerTest extends \PHPUnit\Framework\TestCase
43 {
44 
49  const YAML_LOC = __DIR__ . '/../../../ui/api/documentation/openapi.yaml';
50 
55  private $assertCountBefore;
56 
61  private $dbHelper;
62 
67  private $restHelper;
68 
73  private $adminPlugin;
74 
79  protected function setUp() : void
80  {
81  global $container;
82  $container = M::mock('ContainerBuilder');
83  $this->dbHelper = M::mock(DbHelper::class);
84  $this->restHelper = M::mock(RestHelper::class);
85  $this->userDao = M::mock(UserDao::class);
86  $this->adminPlugin = M::mock('AdminGroupUsers');
87 
88  $this->restHelper->shouldReceive('getDbHelper')->andReturn($this->dbHelper);
89  $this->restHelper->shouldReceive('getUserDao')
90  ->andReturn($this->userDao);
91 
92  $this->restHelper->shouldReceive('getPlugin')
93  ->withArgs(array('group_manage_users'))->andReturn($this->adminPlugin);
94 
95  $container->shouldReceive('get')->withArgs(array(
96  'helper.restHelper'))->andReturn($this->restHelper);
97  $this->groupController = new GroupController($container);
98  $this->assertCountBefore = \Hamcrest\MatcherAssert::getCount();
99  $this->dbManager = M::mock(DbManager::class);
100  $this->dbHelper->shouldReceive('getDbManager')->andReturn($this->dbManager);
101  $this->streamFactory = new StreamFactory();
102  }
103 
104 
109  protected function tearDown() : void
110  {
111  $this->addToAssertionCount(
112  \Hamcrest\MatcherAssert::getCount() - $this->assertCountBefore);
113  M::close();
114  }
115 
122  private function getResponseJson($response)
123  {
124  $response->getBody()->seek(0);
125  return json_decode($response->getBody()->getContents(), true);
126  }
127 
133  private function getGroupMembers($userIds)
134  {
135  $groupPermissions = array("NONE" => -1, UserDao::USER => 0,
136  UserDao::ADMIN => 1, UserDao::ADVISOR => 2);
137 
138  $memberList = array();
139  foreach ($userIds as $userId) {
140  $key = array_rand($groupPermissions);
141  $userGroupMember = new UserGroupMember(new User($userId, "user$userId", "User $userId",
142  null, null, null, null, null),$groupPermissions[$key]) ;
143  $memberList[] = $userGroupMember->getArray();
144  }
145  return $memberList;
146  }
147 
153  private function getUsersWithGroup($userIds)
154  {
155  $groupPermissions = array("NONE" => -1, UserDao::USER => 0,
156  UserDao::ADMIN => 1, UserDao::ADVISOR => 2);
157 
158  $usersWithGroup = array();
159  foreach ($userIds as $userId) {
160  $perm = array_rand($groupPermissions);
161  $user = [
162  "user_pk" => $userId,
163  "group_perm"=> $perm,
164  "user_name" => $userId."username",
165  "user_desc" => $userId."desc",
166  "user_status"=> 'active'
167  ];
168  $usersWithGroup[] = $user;
169  }
170  return $usersWithGroup;
171  }
177  public function testDeleteGroupV1()
178  {
179  $this->testDeleteGroup(ApiVersion::V1);
180  }
186  public function testDeleteGroupV2()
187  {
188  $this->testDeleteGroup();
189  }
194  private function testDeleteGroup($version = ApiVersion::V2)
195  {
196  $groupId = 4;
197  $userId = 1;
198  $userPk = 1;
199  $newUser = 2;
200  $request = M::mock(Request::class);
201  $userArray = ['user_pk' => $newUser];
202 
203  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
204  if ($version == ApiVersion::V2) {
205  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupId])->andReturn($groupId);
206  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userPk])->andReturn($userArray);
207  }
208  $request->shouldReceive('getAttribute')->andReturn($version);
209  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
210  $this->dbHelper->shouldReceive('doesIdExist')
211  ->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
212  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
213  $this->userDao->shouldReceive('getDeletableAdminGroupMap')->withArgs([$userId,$_SESSION[Auth::USER_LEVEL]]);
214  $this->userDao->shouldReceive('deleteGroup')->withArgs([$groupId]);
215 
216  $info = new Info(202, "User Group will be deleted", InfoType::INFO);
217  $expectedResponse = (new ResponseHelper())->withJson($info->getArray(),
218  $info->getCode());
219  $actualResponse = $this->groupController->deleteGroup($request, new ResponseHelper(),
220  ['pathParam' => $groupId]);
221 
222  $this->assertEquals($expectedResponse->getStatusCode(),
223  $actualResponse->getStatusCode());
224  $this->assertEquals($this->getResponseJson($expectedResponse),
225  $this->getResponseJson($actualResponse));
226  }
232  public function testGetDeletableGroupsV1()
233  {
234  $this->testGetDeletableGroups(ApiVersion::V1);
235  }
241  public function testGetDeletableGroupsV2()
242  {
243  $this->testGetDeletableGroups();
244  }
249  private function testGetDeletableGroups($version = ApiVersion::V2)
250  {
251  $userId = 2;
252  $groupList = array();
253  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
254  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
255  $this->userDao->shouldReceive('getDeletableAdminGroupMap')->withArgs([$userId,
256  $_SESSION[Auth::USER_LEVEL]])->andReturn([]);
257  $expectedResponse = (new ResponseHelper())->withJson($groupList, 200);
258  $actualResponse = $this->groupController->getDeletableGroups(null, new ResponseHelper(), []);
259  $this->assertEquals($expectedResponse->getStatusCode(), $actualResponse->getStatusCode());
260  $this->assertEquals($this->getResponseJson($expectedResponse), $this->getResponseJson($actualResponse));
261  }
267  public function testGetGroupMembersV2()
268  {
269  $this->testGetGroupMembers();
270  }
276  public function testGetGroupMembersV1()
277  {
278  $this->testGetGroupMembers(APiVersion::V1);
279  }
284  private function testGetGroupMembers($version = ApiVersion::V2)
285  {
286  $userIds = [2];
287  $groupName = 'fossy';
288  $groupId = 1;
289  $newuser = 3;
290  $userPk = 2;
291  $memberList = $this->getGroupMembers($userIds);
292  $request = M::mock(Request::class);
293  $groupIds = [1,2,3,4,5,6];
294  $userArray = ['user_pk' => $newuser];
295 
296  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
297  if ($version == ApiVersion::V2) {
298  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupIds[0]);
299  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userPk])->andReturn($userArray);
300  }
301  $request->shouldReceive('getAttribute')->andReturn($version);
302  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupName])->andReturn($groupId);
303  $this->restHelper->shouldReceive('getUserId')->andReturn($userIds[0]);
304  $this->userDao->shouldReceive('getAdminGroupMap')->withArgs([$userIds[0],$_SESSION[Auth::USER_LEVEL]])->andReturn([1]);
305 
306  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
307  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId)])->andReturn(1);
308  $this->dbManager->shouldReceive('fetchAll')->withArgs([1])->andReturn($this->getUsersWithGroup($userIds));
309  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
310 
311  $user = $this->getUsersWithGroup($userIds)[0];
312  $users = [];
313  $users[] = new User($user["user_pk"], $user["user_name"], $user["user_desc"],
314  null, null, null, null, null);
315  $this->dbHelper->shouldReceive("getUsers")->withArgs([$user['user_pk']])->andReturn($users);
316 
317  $expectedResponse = (new ResponseHelper())->withJson($memberList, 200);
318 
319  $actualResponse = $this->groupController->getGroupMembers($request, new ResponseHelper(), ['pathParam' => $groupId]);
320  $this->assertEquals($expectedResponse->getStatusCode(),$actualResponse->getStatusCode());
321  }
330  public function testAddMemberUserNotMemberV1()
331  {
332  $this->testAddMemberUserNotMember(ApiVersion::V1);
333  }
342  public function testAddMemberUserNotMemberV2()
343  {
344  $this->testAddMemberUserNotMember();
345  }
350  public function testAddMemberUserNotMember($version = ApiVersion::V2)
351  {
352  $groupId = 1;
353  $newuser = 1;
354  $newPerm = 2;
355  $emptyArr=[];
356  $groupIds = [1,2,3,4,5,6];
357  $userArray = ['user_pk' => $newuser];
358  $userId = 1;
359 
360  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
361  if ($version == ApiVersion::V2) {
362  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupId);
363  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userId])->andReturn($userArray);
364  }
365  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
366  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
367  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn($emptyArr);
368  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
369  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
370 
371  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
372  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId, $newuser,$newPerm)])->andReturn(1);
373  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
374 
375  $body = $this->streamFactory->createStream(json_encode([
376  "perm" => $newPerm
377  ]));
378  $requestHeaders = new Headers();
379  $requestHeaders->setHeader('Content-Type', 'application/json');
380  $request = new Request("POST", new Uri("HTTP", "localhost"),
381  $requestHeaders, [], [], $body);
382  $request = $request->withAttribute(ApiVersion::ATTRIBUTE_NAME,$version);
383  $expectedResponse = new Info(200, "User will be added to group.", InfoType::INFO);
384 
385  $actualResponse = $this->groupController->addMember($request, new ResponseHelper(), ['pathParam' => $groupId,'userPathParam' => $newuser]);
386  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
387  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
388  }
395  public function testAddMemberUserNotAdminV2()
396  {
397  $this->testAddMemberUserNotAdmin();
398  }
405  public function testAddMemberUserNotAdminV1()
406  {
407  $this->testAddMemberUserNotAdmin(ApiVersion::V1);
408  }
413  private function testAddMemberUserNotAdmin($version = ApiVersion::V2)
414  {
415  $groupId = 1;
416  $newuser = 1;
417  $newPerm = 2;
418  $groupIds = [1,2,3,4,5,6];
419  $userArray = ['user_pk' => $newuser];
420  $userId = 1;
421 
422  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
423  if ($version == ApiVersion::V2) {
424  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupId);
425  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userId])->andReturn($userArray);
426  }
427  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
428  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
429  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
430  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(false);
431 
432  $body = $this->streamFactory->createStream(json_encode([
433  "perm" => $newPerm
434  ]));
435  $requestHeaders = new Headers();
436  $requestHeaders->setHeader('Content-Type', 'application/json');
437  $request = new Request("POST", new Uri("HTTP", "localhost"),
438  $requestHeaders, [], [], $body);
439  $request = $request->withAttribute(ApiVersion::ATTRIBUTE_NAME,$version);
440  $this->expectException(HttpForbiddenException::class);
441 
442  $this->groupController->addMember($request, new ResponseHelper(),
443  ['pathParam' => $groupId,'userPathParam' => $newuser]);
444  }
445 
452  public function testAddMemberUserGroupAdminV1()
453  {
454  $this->testAddMemberUserGroupAdmin(ApiVersion::V1);
455  }
462  public function testAddMemberUserGroupAdminV2()
463  {
464  $this->testAddMemberUserGroupAdmin();
465  }
466  private function testAddMemberUserGroupAdmin($version = ApiVersion::V2)
467  {
468  $groupId = 1;
469  $newuser = 1;
470  $newPerm = 2;
471  $emptyArr=[];
472  $groupIds = [1,2,3,4,5,6];
473  $userArray = ['user_pk' => $newuser];
474  $userId = 1;
475 
476  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_WRITE;
477  if ($version == ApiVersion::V2) {
478  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupId);
479  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userId])->andReturn($userArray);
480  }
481  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
482  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
483  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn($emptyArr);
484  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
485  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
486 
487  $this->dbManager->shouldReceive('prepare')->withArgs([M::any(),M::any()]);
488  $this->dbManager->shouldReceive('execute')->withArgs([M::any(),array($groupId, $newuser,$newPerm)])->andReturn(1);
489  $this->dbManager->shouldReceive('freeResult')->withArgs([1]);
490 
491  $body = $this->streamFactory->createStream(json_encode([
492  "perm" => $newPerm
493  ]));
494  $requestHeaders = new Headers();
495  $requestHeaders->setHeader('Content-Type', 'application/json');
496  $request = new Request("POST", new Uri("HTTP", "localhost"),
497  $requestHeaders, [], [], $body);
498  $request = $request->withAttribute(ApiVersion::ATTRIBUTE_NAME,$version);
499  $expectedResponse = new Info(200, "User will be added to group.", InfoType::INFO);
500 
501  $actualResponse = $this->groupController->addMember($request, new ResponseHelper(), ['pathParam' => $groupId,'userPathParam' => $newuser]);
502  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
503  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
504  }
505 
514  public function testAddMemberUserAlreadyMemberV2()
515  {
516  $this->testAddMemberUserAlreadyMember();
517  }
526  public function testAddMemberUserAlreadyMemberV1()
527  {
528  $this->testAddMemberUserAlreadyMember(ApiVersion::V1);
529  }
530 
535  private function testAddMemberUserAlreadyMember($version = ApiVersion::V2)
536  {
537  $groupId = 1;
538  $newuser = 1;
539  $newPerm = 2;
540  $groupIds = [1,2,3,4,5,6];
541  $userArray = ['user_pk' => $newuser];
542  $userId = 1;
543 
544  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
545  if ($version == ApiVersion::V2) {
546  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupId);
547  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userId])->andReturn($userArray);
548  }
549  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupId])->andReturn(true);
550  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$newuser])->andReturn(true);
551  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn(true);
552  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
553  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userId, $groupId])->andReturn(true);
554 
555  $body = $this->streamFactory->createStream(json_encode([
556  "perm" => $newPerm
557  ]));
558  $requestHeaders = new Headers();
559  $requestHeaders->setHeader('Content-Type', 'application/json');
560  $request = new Request("POST", new Uri("HTTP", "localhost"),
561  $requestHeaders, [], [], $body);
562  $request = $request->withAttribute(ApiVersion::ATTRIBUTE_NAME,$version);
563  $this->expectException(HttpBadRequestException::class);
564 
565  $this->groupController->addMember($request, new ResponseHelper(),
566  ['pathParam' => $groupId,'userPathParam' => $newuser]);
567  }
568 
574  public function testChangeUserPermissionV2()
575  {
576  $this->testChangeUserPermission();
577  }
583  public function testChangeUserPermissionV1()
584  {
585  $this->testChangeUserPermission(ApiVersion::V1);
586  }
591  private function testChangeUserPermission($version = ApiVersion::V2)
592  {
593  $group_user_member_pk = 1;
594  $newPerm = 2;
595  $userPk = 1;
596  $groupId = 1;
597  $groupIds = [1,2,3,4,5,6];
598  $userArray = ['user_pk' => $userPk];
599  $userId = 1;
600 
601  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_ADMIN;
602  if ($version == ApiVersion::V2) {
603  $this->restHelper->getUserDao()->shouldReceive('getGroupIdByName')->withArgs([$groupIds[0]])->andReturn($groupId);
604  $this->restHelper->getUserDao()->shouldReceive('getUserByName')->withArgs([$userId])->andReturn($userArray);
605  }
606  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["groups", "group_pk", $groupIds[0]])->andReturn(true);
607  $this->dbHelper->shouldReceive('doesIdExist')->withArgs(["users","user_pk",$userPk])->andReturn(true);
608  $this->dbManager->shouldReceive('getSingleRow')->withArgs([M::any(),M::any(),M::any()])->andReturn(['group_pk'=>$groupIds[0],'group_user_member_pk'=>$group_user_member_pk,'permission'=>$newPerm]);
609  $this->restHelper->shouldReceive('getUserId')->andReturn($userId);
610  $this->userDao->shouldReceive('isAdvisorOrAdmin')->withArgs([$userPk, $groupIds[0]])->andReturn(true);
611  $this->userDao->shouldReceive('getUserByName')->withArgs([M::any(),M::any()]);
612 
613  $this->adminPlugin->shouldReceive('updateGUMPermission')->withArgs([$group_user_member_pk,$newPerm, $this->dbManager ]);
614 
615  $body = $this->streamFactory->createStream(json_encode([
616  "perm" => $newPerm
617  ]));
618  $requestHeaders = new Headers();
619  $requestHeaders->setHeader('Content-Type', 'application/json');
620  $request = new Request("POST", new Uri("HTTP", "localhost"),
621  $requestHeaders, [], [], $body);
622  $request = $request->withAttribute(ApiVersion::ATTRIBUTE_NAME,$version);
623  $expectedResponse = new Info(202, "Permission updated successfully.", InfoType::INFO);
624 
625  $actualResponse = $this->groupController->changeUserPermission($request, new ResponseHelper(), ['pathParam' => $groupIds[0],'userPathParam' => $userId]);
626  $this->assertEquals($expectedResponse->getCode(),$actualResponse->getStatusCode());
627  $this->assertEquals($expectedResponse->getArray(),$this->getResponseJson($actualResponse));
628  }
629 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
Fossology\UI\Api\Helper\DbHelper
Provides helper methods to access database for REST api.
Definition: DbHelper.php:38
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Helper\RestHelper
Provides various DAO helper functions for REST api.
Definition: RestHelper.php:32
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19
Fossology\UI\Api\Models\User
Model to hold user information.
Definition: User.php:21
dbManager
fo_dbManager * dbManager
fo_dbManager object
Definition: process.c:16