-
Notifications
You must be signed in to change notification settings - Fork 1
/
og_subgroups.test
186 lines (150 loc) · 7.79 KB
/
og_subgroups.test
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
<?php
// $Id$
/**
* Test the Organic groups subgroups API.
*/
class OgSubgroupsAccessFromDescendanceTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'Organic groups Subgroups permissions inheritance',
'description' => 'Test the access of users to subgroups.',
'group' => 'Organic groups subgroups'
);
}
function setUp() {
parent::setUp('og_subgroups', 'entity_test','og_access');
// Add OG group field to the entity_test's "main" bundle.
og_create_field(OG_GROUP_FIELD, 'entity_test', 'main');
og_create_field(OG_AUDIENCE_FIELD, 'entity_test', 'main');
og_create_field(OG_AUDIENCE_FIELD, 'article', 'main');
}
/**
* Use cases:
* - Check that parent user has access to all permission he has on groups he
* is not memberof but that are descandents of his group
*/
function testOgSubgroupsGetReverseHierarchyTreePerm() {
// Create user.
$user1 = $this->drupalCreateUser();
$user2 = $this->drupalCreateUser();
$user3 = $this->drupalCreateUser();
$user4 = $this->drupalCreateUser();
$web_user = $this->drupalCreateUser(array('create article content', 'create page content'));
$this->drupalLogin($web_user);
$groups = array();
// Create an entity that is a group.
$entity = entity_create('entity_test', array('name' => 'main', 'uid' => $user1->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->save();
$groups[0] = og_get_group('entity_test', $entity->pid);
// Create a private entity group that is a child group of the group above.
$entity = entity_create('entity_test', array('name' => 'first_child', 'uid' => $user2->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[0]->gid;
$entity->save();
$groups[1] = og_get_group('entity_test', $entity->pid);
// Create an entity that is a child group of the group above.
$entity = entity_create('entity_test', array('name' => 'second_child', 'uid' => $user3->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[1]->gid;
$entity->save();
$groups[2] = og_get_group('entity_test', $entity->pid);
// Create an entity that is a group content of group ID 2.
$node = $this->drupalCreateNode(array('type' => 'article', 'promote' => 1));
$node->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[2]->gid;
node_save($node);
$groups[3] = $node;
$group_content[0] = $entity;
// Associate user4 to the group[2].
og_group($group[2]->gid, 'user', $user4);
// Assert the user is registered to the new group.
$string = 'administer group';
// Check user1 has adminster perm on parent group [0]
debug($groups);
$this->assertTrue(og_user_access($groups[0]->gid, $string, $user1, TRUE) , t('User1 have admister group permission to parent group 0'));
// Check user has admin perm on sub group that is he not member of.
$access_res = og_subgroups_get_reverse_hierarchy_tree_perm(array($groups[2]->gid), $string, $user1);
$this->assertTrue($access_res, t('User1 have admister group permission to subgroup 2'));
// Check permission.
$this->assertFalse(og_user_access($groups[0]->gid, $string, $user3), t('User3 does not have "Administer group" permission.'));
// Check user3 has no adminster perm on parent group [0]
$access_res = og_subgroups_get_reverse_hierarchy_tree_perm(array($groups[0]->gid), $string, $user1);
$this->assertFalse($access_res, t('User3 does not have admister group permission to group 0'));
// Change permissions to authenticated member.
//$roles = array_flip(og_get_global_roles());
// Authenticated role ID.
// $rid = $roles[OG_AUTHENTICATED_ROLE];
// $permissions = array(
// 'delete own article content' => 1,
/// 'administer group' => 1,
// );
// og_role_change_permissions($rid, $permissions);
// Verify proper permission changes.
// $this->assertFalse(og_user_access($group->gid, 'update own article content', $user2), t('User still does not have "update own article content" permission.'));
// $this->assertTrue(og_user_access($group->gid, 'delete own article content', $user2), t('User now has "delete own article content" permission.'));
// $this->assertTrue(og_user_access($group->gid, 'administer group', $user2), t('User now has "administer group" permission.'));
// $permissions = array(
// 'delete own article content' => 1,
// 'administer group' => 0,
// );
// og_role_change_permissions($rid, $permissions);
// $this->assertTrue(og_user_access($group->gid, 'delete own article content', $user2), t('User still has "delete own article content" permission.'));
// $this->assertFalse(og_user_access($group->gid, 'administer group', $user2), t('User no longer has "administer group" permission.'));
}
/**
* Test the view access of child node.
* Use cases:
* 1. grand parent group user tries to view private child groups node (with default
* access), that he is not part of.
* 2. Anonymous user tries to view private child groups node (with public
* access).
*
*/
function testOgSubgroupsNodeAccessRecordsAlter() {
// Create user.
$user1 = $this->drupalCreateUser();
$user2 = $this->drupalCreateUser();
$user3 = $this->drupalCreateUser();
$user4 = $this->drupalCreateUser();
$web_user = $this->drupalCreateUser(array('create article content', 'create page content'));
$this->drupalLogin($web_user);
$groups = array();
// Create an entity that is a group.
$entity = entity_create('entity_test', array('name' => 'main', 'uid' => $user1->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->save();
$groups[0]['group'] = og_get_group('entity_test', $entity->pid);
$groups[0]['entity'] = $entity;
// Create an entity that is a child group of the group above (0).
$entity = entity_create('entity_test', array('name' => 'first_child', 'uid' => $user2->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[0]['group']->gid;
$entity->save();
$groups[1]['group'] = og_get_group('entity_test', $entity->pid);
$groups[1]['entity'] = $entity;
// Create a private entity group that is a child group of the group above. (1).
$entity = entity_create('entity_test', array('name' => 'second_child', 'uid' => $user3->uid));
$entity->{OG_GROUP_FIELD}[LANGUAGE_NONE][0]['value'] = 1;
$entity->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[1]['group']->gid;
$entity->{OG_ACCESS_FIELD}[LANGUAGE_NONE][0]['gid'] = 1;
$entity->save();
$groups[2]['group'] = og_get_group('entity_test', $entity->pid);
$groups[2]['entity'] = $entity;
// Create an entity that is a group content of group ID 2.
$node = $this->drupalCreateNode(array('type' => 'article', 'promote' => 1));
$node->{OG_AUDIENCE_FIELD}[LANGUAGE_NONE][0]['gid'] = $groups[2]['group']->gid;
node_save($node);
$groups[3]['node'] = $node;
$this->drupalLogout();
// Assert the anonymous can't view the node.
$this->drupalGet('node/' . $groups[3]['node']->nid);
$this->assertResponse('403', t('Annonymous cannot view private node.'));
$this->drupalLogin($user4);
$this->drupalGet('node/' . $groups[3]['node']->nid);
$this->assertResponse('403', t('Not group member or parrent cannot view private node.'));
// Assert another user is not a group member.
$this->drupalLogin($user1);
$this->drupalGet('node/' . $groups[3]['node']->nid);
$this->assertResponse('200', t('Parent group user can view the node'));
}
}