FOSSology  4.4.0
Open Source License Compliance by Open Source Software
UploadPermissionDaoTest.php
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2015 Siemens AG
4 
5  SPDX-License-Identifier: GPL-2.0-only
6 */
7 
8 namespace Fossology\Lib\Dao;
9 
10 use Fossology\Lib\Auth\Auth;
11 use Fossology\Lib\Db\DbManager;
12 use Fossology\Lib\Test\TestPgDb;
13 use Mockery as M;
14 
15 require_once __DIR__.'/../../Plugin/FO_Plugin.php';
16 
17 class UploadPermissionDaoTest extends \PHPUnit\Framework\TestCase
18 {
20  private $testDb;
22  private $dbManager;
24  private $uploadPermissionDao;
25 
26  protected function setUp() : void
27  {
28  $this->testDb = new TestPgDb();
29  $this->dbManager = &$this->testDb->getDbManager();
30 
31  $this->testDb->createPlainTables(array('upload','uploadtree'));
32 
33  $this->dbManager->prepare($stmt = 'insert.upload',
34  "INSERT INTO upload (upload_pk, uploadtree_tablename) VALUES ($1, $2)");
35  $uploadArray = array(array(1, 'uploadtree'), array(2, 'uploadtree_a'));
36  foreach ($uploadArray as $uploadEntry) {
37  $this->dbManager->freeResult($this->dbManager->execute($stmt, $uploadEntry));
38  }
39  $logger = M::mock('Monolog\Logger'); // new Logger("UploadDaoTest");
40  $logger->shouldReceive('debug');
41  $this->uploadPermissionDao = new UploadPermissionDao($this->dbManager, $logger);
42 
43  $this->assertCountBefore = \Hamcrest\MatcherAssert::getCount();
44  }
45 
46  protected function tearDown() : void
47  {
48  $this->addToAssertionCount(\Hamcrest\MatcherAssert::getCount()-$this->assertCountBefore);
49  $this->testDb = null;
50  $this->dbManager = null;
51  }
52 
53  public function testmakeAccessibleToGroup()
54  {
55  $this->testDb->createPlainTables(array('perm_upload','group_user_member'));
56  $userId = 501;
57  $groupId = 601;
58  $groupIdAlternative = 602;
59  $this->dbManager->insertTableRow('group_user_member', array('group_fk'=>$groupId,'user_fk'=>$userId,'group_perm'=>Auth::PERM_READ));
60  $this->dbManager->insertTableRow('group_user_member', array('group_fk'=>$groupIdAlternative,'user_fk'=>$userId,'group_perm'=>Auth::PERM_READ));
61 
62  $unaccessibleIsAccessible = $this->uploadPermissionDao->isAccessible($uploadId=1, $groupId);
63  assertThat($unaccessibleIsAccessible,equalTo(false));
64 
65  $this->uploadPermissionDao->makeAccessibleToGroup($uploadId, $groupId, Auth::PERM_WRITE);
66  $accessibleIsAccessible = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
67  assertThat($accessibleIsAccessible,equalTo(true));
68  $stillUnaccessibleIsAccessible = $this->uploadPermissionDao->isAccessible($uploadId, $groupIdAlternative);
69  assertThat($stillUnaccessibleIsAccessible,equalTo(false));
70 
71  $this->uploadPermissionDao->makeAccessibleToAllGroupsOf($uploadId, $userId);
72  $nowAccessibleIsAccessible = $this->uploadPermissionDao->isAccessible($uploadId, $groupIdAlternative);
73  assertThat($nowAccessibleIsAccessible,equalTo(true));
74  }
75 
76  public function testDeletePermissionId()
77  {
78  $this->testDb->createPlainTables(array('perm_upload'));
79  $this->testDb->insertData(array('perm_upload'));
80  $accessibleBefore = $this->uploadPermissionDao->isAccessible($uploadId=1, $groupId=2);
81  assertThat($accessibleBefore,equalTo(true));
82  $this->uploadPermissionDao->updatePermissionId(1,0);
83  $accessibleAfter = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
84  assertThat($accessibleAfter,equalTo(false));
85  }
86 
87  public function testUpdatePermissionId()
88  {
89  $this->testDb->createPlainTables(array('perm_upload'));
90  $this->testDb->insertData(array('perm_upload'));
91  $_SESSION[Auth::USER_LEVEL] = PLUGIN_DB_READ;
92  $adminBefore = $this->uploadPermissionDao->isEditable($uploadId=1, $groupId=2);
93  assertThat($adminBefore,equalTo(true));
94  $this->uploadPermissionDao->updatePermissionId(1,Auth::PERM_READ);
95  $adminNomore = $this->uploadPermissionDao->isEditable($uploadId, $groupId);
96  assertThat($adminNomore,equalTo(false));
97  $this->uploadPermissionDao->updatePermissionId(1,Auth::PERM_WRITE);
98  $adminAgain = $this->uploadPermissionDao->isEditable($uploadId, $groupId);
99  assertThat($adminAgain,equalTo(true));
100  }
101 
102  public function testInsertPermission()
103  {
104  $this->testDb->createPlainTables(array('perm_upload'));
105  $accessibleBefore = $this->uploadPermissionDao->isAccessible($uploadId=1, $groupId=2);
106  assertThat($accessibleBefore,equalTo(false));
107  $this->uploadPermissionDao->insertPermission($uploadId, $groupId, Auth::PERM_READ);
108  $accessibleAfter = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
109  assertThat($accessibleAfter,equalTo(true));
110  $this->uploadPermissionDao->insertPermission($uploadId, $groupId, Auth::PERM_NONE);
111  $accessibleNomore = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
112  assertThat($accessibleNomore,equalTo(false));
113  }
114 
115  public function testGetPublicPermission()
116  {
117  $this->testDb->insertData(array('upload'));
118  $perm = $this->uploadPermissionDao->getPublicPermission(3);
119  assertThat($perm,equalTo(0));
120  }
121 
122  public function testGetPermissionGroups()
123  {
124  $this->testDb->createPlainTables(array('perm_upload','groups'));
125  $this->testDb->insertData(array('perm_upload','groups'));
126  $permissionGroups = $this->uploadPermissionDao->getPermissionGroups(1);
127  assertThat($permissionGroups,is(array(2=>array('perm_upload_pk'=>1, 'perm'=>10, 'group_pk'=>2, 'group_name'=>'fossy'))));
128  }
129 
130  public function testAccessibilityViaNone()
131  {
132  $this->testDb->createPlainTables(array('perm_upload','groups'));
133  $this->testDb->insertData(array('groups'));
134  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_NONE;
135  $accessibilityWithBadGroup = $this->uploadPermissionDao->isAccessible($uploadId=2, $groupId=2);
136  assertThat($accessibilityWithBadGroup, equalTo(false));
137  }
138 
139  public function testAccessibilityViaGroup()
140  {
141  $this->testDb->createPlainTables(array('perm_upload','groups'));
142  $this->testDb->insertData(array('groups','perm_upload'));
143  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_NONE;
144  $accessibilityByGroup = $this->uploadPermissionDao->isAccessible($uploadId=2, $groupId=2);
145  assertThat($accessibilityByGroup, equalTo(true));
146  }
147 
148 
149  public function testAccessibilityViaPublicForUnqualifiedUser()
150  {
151  $this->testDb->createPlainTables(array('perm_upload','groups'));
152  $this->testDb->insertData(array('groups'));
153  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_NONE;
154  $accessibilityByNone = $this->uploadPermissionDao->isAccessible($uploadId=2, $groupId=2);
155  assertThat($accessibilityByNone, equalTo(false));
156 
157  $this->uploadPermissionDao->setPublicPermission($uploadId, Auth::PERM_READ);
158  $accessibilityByPublic = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
159  assertThat($accessibilityByPublic, equalTo(false));
160  }
161 
162  public function testAccessibilityViaPublicForQualifiedUser()
163  {
164  $this->testDb->createPlainTables(array('perm_upload','groups'));
165  $this->testDb->insertData(array('groups'));
166  $_SESSION[Auth::USER_LEVEL] = Auth::PERM_READ;
167  $accessibilityByNone = $this->uploadPermissionDao->isAccessible($uploadId=2, $groupId=2);
168  assertThat($accessibilityByNone, equalTo(false));
169 
170  $this->uploadPermissionDao->setPublicPermission($uploadId, Auth::PERM_READ);
171  $accessibilityByPublic = $this->uploadPermissionDao->isAccessible($uploadId, $groupId);
172  assertThat($accessibilityByPublic, equalTo(true));
173  }
174 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
PLUGIN_DB_READ
#define PLUGIN_DB_READ
Plugin requires read permission on DB.
Definition: libfossology.h:37
dbManager
fo_dbManager * dbManager
fo_dbManager object
Definition: process.c:16