1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
/**
* @group functional
*/
class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case
{
public function setUp(): void
{
parent::setUp();
$this->login();
$this->admin_login();
$this->add_lang('acp/permissions');
}
public function test_permissions_tab()
{
// Permissions tab
// XXX hardcoded id
$crawler = self::request('GET', 'adm/index.php?i=16&sid=' . $this->sid);
// these language strings are html
$this->assertContains($this->lang('ACP_PERMISSIONS_EXPLAIN'), $this->get_content());
}
public function test_select_user()
{
// User permissions
$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_user_global&sid=' . $this->sid);
$this->assertContains($this->lang('ACP_USERS_PERMISSIONS_EXPLAIN'), $this->get_content());
// Select admin
$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
$data = array('username[0]' => 'admin');
$form->setValues($data);
$crawler = self::submit($form);
$this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text());
}
public function permissions_data()
{
return array(
// description
// permission type
// permission name
// mode
// object name
// object id
array(
'user permission',
'u_',
'u_hideonline',
'setting_user_global',
'user_id',
2,
),
array(
'moderator permission',
'm_',
'm_ban',
'setting_mod_global',
'group_id',
4,
),
/* Admin does not work yet, probably because founder can do everything
array(
'admin permission',
'a_',
'a_forum',
'setting_admin_global',
'group_id',
5,
),
*/
);
}
/**
* @dataProvider permissions_data
*/
public function test_change_permission($description, $permission_type, $permission, $mode, $object_name, $object_id)
{
// Get the form
$crawler = self::request('GET', "adm/index.php?i=acp_permissions&icat=16&mode=$mode&${object_name}[0]=$object_id&type=$permission_type&sid=" . $this->sid);
$this->assertContains($this->lang('ACL_SET'), $crawler->filter('h1')->eq(1)->text());
// XXX globals for \phpbb\auth\auth, refactor it later
global $db, $cache;
$db = $this->get_db();
$cache = new phpbb_mock_null_cache;
$auth = new \phpbb\auth\auth;
// XXX hardcoded id
$user_data = $auth->obtain_user_data(2);
$auth->acl($user_data);
$this->assertEquals(1, $auth->acl_get($permission));
// Set u_hideonline to never
$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form();
// initially it should be a yes
$values = $form->getValues();
$this->assertEquals(1, $values["setting[$object_id][0][$permission]"]);
// set to never
$data = array("setting[$object_id][0][$permission]" => '0');
$form->setValues($data);
$crawler = self::submit($form);
$this->assertContains($this->lang('AUTH_UPDATED'), $crawler->text());
// check acl again
$auth = new \phpbb\auth\auth;
// XXX hardcoded id
$user_data = $auth->obtain_user_data(2);
$auth->acl($user_data);
$this->assertEquals(0, $auth->acl_get($permission));
}
}
|