From 91d0d92a9fd7153116835fcbb7fda093d1f95c4e Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Thu, 16 Aug 2012 12:45:55 -0700
Subject: [PATCH] Add a bunch of policy tests for projects

Summary: Improve test coverage for policy rules in project edits.

Test Plan: Ran uint tests.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, alanh

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D3294
---
 .../PhabricatorProjectEditorTestCase.php      | 154 ++++++++++++++++++
 1 file changed, 154 insertions(+)

diff --git a/src/applications/project/editor/__tests__/PhabricatorProjectEditorTestCase.php b/src/applications/project/editor/__tests__/PhabricatorProjectEditorTestCase.php
index dafedfe23b..649a7c8361 100644
--- a/src/applications/project/editor/__tests__/PhabricatorProjectEditorTestCase.php
+++ b/src/applications/project/editor/__tests__/PhabricatorProjectEditorTestCase.php
@@ -24,6 +24,102 @@ final class PhabricatorProjectEditorTestCase extends PhabricatorTestCase {
     );
   }
 
+  public function testViewProject() {
+    $user = $this->createUser();
+    $user->save();
+
+    $user2 = $this->createUser();
+    $user2->save();
+
+    $proj = $this->createProject();
+    $proj->setAuthorPHID($user->getPHID());
+    $proj->save();
+
+    $proj = $this->refreshProject($proj, $user, true);
+
+    PhabricatorProjectEditor::applyJoinProject($proj, $user);
+    $proj->setViewPolicy(PhabricatorPolicies::POLICY_USER);
+    $proj->save();
+
+    $can_view = PhabricatorPolicyCapability::CAN_VIEW;
+
+    // When the view policy is set to "users", any user can see the project.
+    $this->assertEqual(
+      true,
+      (bool)$this->refreshProject($proj, $user));
+    $this->assertEqual(
+      true,
+      (bool)$this->refreshProject($proj, $user2));
+
+
+    // When the view policy is set to "no one", members can still see the
+    // project.
+    $proj->setViewPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->save();
+
+    $this->assertEqual(
+      true,
+      (bool)$this->refreshProject($proj, $user));
+    $this->assertEqual(
+      false,
+      (bool)$this->refreshProject($proj, $user2));
+  }
+
+  public function testEditProject() {
+    $user = $this->createUser();
+    $user->save();
+
+    $user2 = $this->createUser();
+    $user2->save();
+
+    $proj = $this->createProject();
+    $proj->setAuthorPHID($user->getPHID());
+    $proj->save();
+
+
+    // When edit and view policies are set to "user", anyone can edit.
+    $proj->setViewPolicy(PhabricatorPolicies::POLICY_USER);
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_USER);
+    $proj->save();
+
+    $this->assertEqual(
+      true,
+      $this->attemptProjectEdit($proj, $user));
+
+
+    // When edit policy is set to "no one", no one can edit.
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->save();
+
+    $caught = null;
+    try {
+      $this->attemptProjectEdit($proj, $user);
+    } catch (Exception $ex) {
+      $caught = $ex;
+    }
+    $this->assertEqual(true, ($caught instanceof Exception));
+  }
+
+  private function attemptProjectEdit(
+    PhabricatorProject $proj,
+    PhabricatorUser $user,
+    $skip_refresh = false) {
+
+    $proj = $this->refreshProject($proj, $user, true);
+
+    $new_name = $proj->getName().' '.mt_rand();
+
+    $xaction = new PhabricatorProjectTransaction();
+    $xaction->setTransactionType(PhabricatorProjectTransactionType::TYPE_NAME);
+    $xaction->setNewValue($new_name);
+
+    $editor = new PhabricatorProjectEditor($proj);
+    $editor->setUser($user);
+    $editor->applyTransactions(array($xaction));
+
+    return true;
+  }
+
   public function testJoinLeaveProject() {
     $user = $this->createUser();
     $user->save();
@@ -88,6 +184,64 @@ final class PhabricatorProjectEditorTestCase extends PhabricatorTestCase {
       false,
       $proj->isUserMember($user->getPHID()),
       'Leaving an already-left project is a no-op.');
+
+
+    // If a user can't edit or join a project, joining fails.
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->save();
+
+    $proj = $this->refreshProject($proj, $user, true);
+    $caught = null;
+    try {
+      PhabricatorProjectEditor::applyJoinProject($proj, $user);
+    } catch (Exception $ex) {
+      $caught = $ex;
+    }
+    $this->assertEqual(true, ($ex instanceof Exception));
+
+
+    // If a user can edit a project, they can join.
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_USER);
+    $proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->save();
+
+    $proj = $this->refreshProject($proj, $user, true);
+    PhabricatorProjectEditor::applyJoinProject($proj, $user);
+    $proj = $this->refreshProject($proj, $user, true);
+    $this->assertEqual(
+      true,
+      $proj->isUserMember($user->getPHID()),
+      'Join allowed with edit permission.');
+    PhabricatorProjectEditor::applyLeaveProject($proj, $user);
+
+
+    // If a user can join a project, they can join, even if they can't edit.
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
+    $proj->save();
+
+    $proj = $this->refreshProject($proj, $user, true);
+    PhabricatorProjectEditor::applyJoinProject($proj, $user);
+    $proj = $this->refreshProject($proj, $user, true);
+    $this->assertEqual(
+      true,
+      $proj->isUserMember($user->getPHID()),
+      'Join allowed with join permission.');
+
+
+    // A user can leave a project even if they can't edit it or join.
+    $proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
+    $proj->save();
+
+    $proj = $this->refreshProject($proj, $user, true);
+    PhabricatorProjectEditor::applyLeaveProject($proj, $user);
+    $proj = $this->refreshProject($proj, $user, true);
+    $this->assertEqual(
+      false,
+      $proj->isUserMember($user->getPHID()),
+      'Leave allowed without any permission.');
   }
 
   private function refreshProject(