mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 23:02:42 +01:00
Add a bunch of policy tests for projects
Summary: Improve test coverage for policy rules in project edits. Test Plan: Ran uint tests. Reviewers: btrahan, vrana Reviewed By: btrahan CC: aran, alanh Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D3294
This commit is contained in:
parent
d8506c325c
commit
91d0d92a9f
1 changed files with 154 additions and 0 deletions
|
@ -24,6 +24,102 @@ final class PhabricatorProjectEditorTestCase extends PhabricatorTestCase {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testViewProject() {
|
||||||
|
$user = $this->createUser();
|
||||||
|
$user->save();
|
||||||
|
|
||||||
|
$user2 = $this->createUser();
|
||||||
|
$user2->save();
|
||||||
|
|
||||||
|
$proj = $this->createProject();
|
||||||
|
$proj->setAuthorPHID($user->getPHID());
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
|
||||||
|
PhabricatorProjectEditor::applyJoinProject($proj, $user);
|
||||||
|
$proj->setViewPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$can_view = PhabricatorPolicyCapability::CAN_VIEW;
|
||||||
|
|
||||||
|
// When the view policy is set to "users", any user can see the project.
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
(bool)$this->refreshProject($proj, $user));
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
(bool)$this->refreshProject($proj, $user2));
|
||||||
|
|
||||||
|
|
||||||
|
// When the view policy is set to "no one", members can still see the
|
||||||
|
// project.
|
||||||
|
$proj->setViewPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
(bool)$this->refreshProject($proj, $user));
|
||||||
|
$this->assertEqual(
|
||||||
|
false,
|
||||||
|
(bool)$this->refreshProject($proj, $user2));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testEditProject() {
|
||||||
|
$user = $this->createUser();
|
||||||
|
$user->save();
|
||||||
|
|
||||||
|
$user2 = $this->createUser();
|
||||||
|
$user2->save();
|
||||||
|
|
||||||
|
$proj = $this->createProject();
|
||||||
|
$proj->setAuthorPHID($user->getPHID());
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
|
||||||
|
// When edit and view policies are set to "user", anyone can edit.
|
||||||
|
$proj->setViewPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
$this->attemptProjectEdit($proj, $user));
|
||||||
|
|
||||||
|
|
||||||
|
// When edit policy is set to "no one", no one can edit.
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$caught = null;
|
||||||
|
try {
|
||||||
|
$this->attemptProjectEdit($proj, $user);
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$caught = $ex;
|
||||||
|
}
|
||||||
|
$this->assertEqual(true, ($caught instanceof Exception));
|
||||||
|
}
|
||||||
|
|
||||||
|
private function attemptProjectEdit(
|
||||||
|
PhabricatorProject $proj,
|
||||||
|
PhabricatorUser $user,
|
||||||
|
$skip_refresh = false) {
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
|
||||||
|
$new_name = $proj->getName().' '.mt_rand();
|
||||||
|
|
||||||
|
$xaction = new PhabricatorProjectTransaction();
|
||||||
|
$xaction->setTransactionType(PhabricatorProjectTransactionType::TYPE_NAME);
|
||||||
|
$xaction->setNewValue($new_name);
|
||||||
|
|
||||||
|
$editor = new PhabricatorProjectEditor($proj);
|
||||||
|
$editor->setUser($user);
|
||||||
|
$editor->applyTransactions(array($xaction));
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
public function testJoinLeaveProject() {
|
public function testJoinLeaveProject() {
|
||||||
$user = $this->createUser();
|
$user = $this->createUser();
|
||||||
$user->save();
|
$user->save();
|
||||||
|
@ -88,6 +184,64 @@ final class PhabricatorProjectEditorTestCase extends PhabricatorTestCase {
|
||||||
false,
|
false,
|
||||||
$proj->isUserMember($user->getPHID()),
|
$proj->isUserMember($user->getPHID()),
|
||||||
'Leaving an already-left project is a no-op.');
|
'Leaving an already-left project is a no-op.');
|
||||||
|
|
||||||
|
|
||||||
|
// If a user can't edit or join a project, joining fails.
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
$caught = null;
|
||||||
|
try {
|
||||||
|
PhabricatorProjectEditor::applyJoinProject($proj, $user);
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$caught = $ex;
|
||||||
|
}
|
||||||
|
$this->assertEqual(true, ($ex instanceof Exception));
|
||||||
|
|
||||||
|
|
||||||
|
// If a user can edit a project, they can join.
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
PhabricatorProjectEditor::applyJoinProject($proj, $user);
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
$proj->isUserMember($user->getPHID()),
|
||||||
|
'Join allowed with edit permission.');
|
||||||
|
PhabricatorProjectEditor::applyLeaveProject($proj, $user);
|
||||||
|
|
||||||
|
|
||||||
|
// If a user can join a project, they can join, even if they can't edit.
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
PhabricatorProjectEditor::applyJoinProject($proj, $user);
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
$this->assertEqual(
|
||||||
|
true,
|
||||||
|
$proj->isUserMember($user->getPHID()),
|
||||||
|
'Join allowed with join permission.');
|
||||||
|
|
||||||
|
|
||||||
|
// A user can leave a project even if they can't edit it or join.
|
||||||
|
$proj->setEditPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->setJoinPolicy(PhabricatorPolicies::POLICY_NOONE);
|
||||||
|
$proj->save();
|
||||||
|
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
PhabricatorProjectEditor::applyLeaveProject($proj, $user);
|
||||||
|
$proj = $this->refreshProject($proj, $user, true);
|
||||||
|
$this->assertEqual(
|
||||||
|
false,
|
||||||
|
$proj->isUserMember($user->getPHID()),
|
||||||
|
'Leave allowed without any permission.');
|
||||||
}
|
}
|
||||||
|
|
||||||
private function refreshProject(
|
private function refreshProject(
|
||||||
|
|
Loading…
Reference in a new issue