3 * Copyright 2010, Roland Mas
4 * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
6 * This file is part of FusionForge.
8 * FusionForge is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published
10 * by the Free Software Foundation; either version 2 of the License,
11 * or (at your option) any later version.
13 * FusionForge is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with FusionForge; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
24 require_once dirname(dirname(__FILE__)).'/Testing/SeleniumGforge.php';
26 class RBAC extends FForge_SeleniumTestCase
28 function testAnonymousProjectReadAccess()
32 $this->click("link=Admin");
33 $this->waitForPageToLoad("30000");
34 $this->assertTrue($this->isTextPresent("Project Information"));
35 $this->click("link=Users and permissions");
36 $this->waitForPageToLoad("30000");
37 $this->assertTrue($this->isTextPresent("Members of ProjectA"));
38 $this->click("//tr/td[contains(.,'Anonymous')]/../td/input[contains(@value,'Unlink Role')]");
39 $this->waitForPageToLoad("30000");
40 $this->assertTrue($this->isTextPresent("Role unlinked successfully"));
42 $this->createUser ('staffmember') ;
44 $this->assertFalse($this->isTextPresent("ProjectA"));
46 $this->open( ROOT . '/projects/projecta') ;
47 $this->waitForPageToLoad("30000");
48 $this->assertTrue($this->isLoginRequired());
49 $this->triggeredLogin('staffmember');
50 $this->assertTrue($this->isTextPresent("Project Members"));
53 function testGlobalRolesAndPermissions()
55 $this->login("admin");
57 $this->click("link=Site Admin");
58 $this->waitForPageToLoad("30000");
60 // Create "Project approvers" role
61 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project approvers") ;
62 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
63 $this->waitForPageToLoad("30000");
65 // Grant it permissions
66 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
67 $this->select("//select[@name='data[approve_news][-1]']", "label=Approve news");
68 $this->click ("//input[@value='Submit']") ;
69 $this->waitForPageToLoad("30000");
71 // Check permissions were saved
72 $this->click("link=Site Admin");
73 $this->waitForPageToLoad("30000");
74 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
75 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
76 $this->waitForPageToLoad("30000");
78 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
79 $this->assertNotSelected("//select[@name='data[approve_projects][-1]']", "No access");
80 $this->assertSelected("//select[@name='data[approve_news][-1]']", "Approve news");
82 // Whoops, we don't actually want the news moderation bit, unset it
83 $this->select("//select[@name='data[approve_news][-1]']", "label=No access");
84 $this->click ("//input[@value='Submit']") ;
85 $this->waitForPageToLoad("30000");
86 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
87 $this->assertSelected("//select[@name='data[approve_news][-1]']", "No access");
89 // Create users for "Project approvers" and "News moderators" roles
90 $this->createUser ("projapp") ;
91 $this->createUser ("newsmod") ;
93 // Add them to their respective roles, check they're here
94 $this->click("link=Site Admin");
95 $this->waitForPageToLoad("30000");
96 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
97 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
98 $this->waitForPageToLoad("30000");
99 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
100 $this->click ("//input[@value='Add User']") ;
101 $this->waitForPageToLoad("30000");
102 $this->assertTrue($this->isTextPresent("projapp Lastname"));
104 $this->click("link=Site Admin");
105 $this->waitForPageToLoad("30000");
106 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=News moderators") ;
107 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
108 $this->waitForPageToLoad("30000");
109 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "newsmod") ;
110 $this->click ("//input[@value='Add User']") ;
111 $this->waitForPageToLoad("30000");
112 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
114 // Add a wrong user to the role, then remove it
115 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
116 $this->click ("//input[@value='Add User']") ;
117 $this->waitForPageToLoad("30000");
118 $this->assertTrue($this->isTextPresent("projapp Lastname"));
119 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
120 $this->click ("//a[contains(@href,'/users/projapp')]/../input[@name='rmuser']") ;
121 $this->waitForPageToLoad("30000");
122 $this->assertFalse($this->isTextPresent("projapp Lastname"));
123 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
125 // Register unprivileged user
126 $this->createUser ("toto") ;
128 // Temporarily grant project approval rights to user
129 // (For cases where project_registration_restricted=true)
130 $this->click("link=Site Admin");
131 $this->waitForPageToLoad("30000");
132 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
133 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
134 $this->waitForPageToLoad("30000");
135 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "toto") ;
136 $this->click ("//input[@value='Add User']") ;
137 $this->waitForPageToLoad("30000");
138 $this->assertTrue($this->isTextPresent("toto Lastname"));
141 $this->registerProject ("TotoProject", "toto") ;
143 // Revoke project approval rights
144 $this->click("link=Site Admin");
145 $this->waitForPageToLoad("30000");
146 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
147 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
148 $this->waitForPageToLoad("30000");
149 $this->click ("//a[contains(@href,'/users/toto')]/../input[@name='rmuser']") ;
150 $this->waitForPageToLoad("30000");
151 $this->assertFalse($this->isTextPresent("toto Lastname"));
153 // Try approving it as two users without the right to do so
154 $this->switchUser ("toto") ;
155 $this->open( ROOT . '/admin/approve-pending.php') ;
156 $this->waitForPageToLoad("30000");
157 $this->assertTrue ($this->isPermissionDenied()) ;
158 $this->switchUser ("newsmod") ;
159 $this->open( ROOT . '/admin/approve-pending.php') ;
160 $this->waitForPageToLoad("30000");
161 $this->assertTrue ($this->isPermissionDenied()) ;
163 // Approve it with a user that only has approve_projects
164 $this->approveProject ("TotoProject", "projapp") ;
166 // Submit a news in the project
167 $this->switchUser ("toto") ;
168 $this->gotoProject ("TotoProject") ;
169 $this->click("link=News") ;
170 $this->waitForPageToLoad("30000");
171 $this->click("link=Submit") ;
172 $this->waitForPageToLoad("30000");
173 $this->type("summary", "First TotoNews");
174 $this->type("details", "This is a simple news for Toto's project.");
175 $this->click("submit");
176 $this->waitForPageToLoad("30000");
178 // Try to push it to front page with user toto
179 $this->open( ROOT . '/news/admin/') ;
180 $this->waitForPageToLoad("30000");
181 $this->assertTrue ($this->isPermissionDenied()) ;
183 // Try to push it to front page with user projapp
184 $this->switchUser ("projapp") ;
185 $this->open( ROOT . '/news/admin/') ;
186 $this->waitForPageToLoad("30000");
187 $this->assertTrue ($this->isPermissionDenied()) ;
189 // Push it to front page with user newsmod
190 $this->switchUser ("newsmod") ;
191 $this->open( ROOT . '/news/admin/') ;
192 $this->waitForPageToLoad("30000");
193 $this->assertTrue ($this->isTextPresent("These items need to be approved")) ;
194 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
195 $this->click ("//a[contains(.,'First TotoNews')]") ;
196 $this->waitForPageToLoad("30000");
197 $this->click ("//input[@type='radio' and @value='1']") ;
198 $this->click ("submit") ;
199 $this->waitForPageToLoad("30000");
200 $this->assertTrue ($this->isTextPresent("These items were approved this past week")) ;
201 $this->open( ROOT ) ;
202 $this->waitForPageToLoad("30000");
203 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
206 function testProjectRolesAndPermissions()
208 $this->populateStandardTemplate('trackers');
210 $this->createUser ("bigboss") ;
211 $this->createUser ("guru") ;
212 $this->createUser ("docmaster") ;
213 $this->createUser ("trainee") ;
215 // Create "Project moderators" role
216 $this->click("link=Site Admin");
217 $this->waitForPageToLoad("30000");
218 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project moderators") ;
219 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
220 $this->waitForPageToLoad("30000");
222 // Grant it permissions
223 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
224 $this->click ("//input[@value='Submit']") ;
225 $this->waitForPageToLoad("30000");
228 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "bigboss") ;
229 $this->click ("//input[@value='Add User']") ;
230 $this->waitForPageToLoad("30000");
231 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
233 // Create "Documentation masters" role
234 $this->click("link=Site Admin");
235 $this->waitForPageToLoad("30000");
236 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Documentation masters") ;
237 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
238 $this->waitForPageToLoad("30000");
241 $this->click ("//input[@type='checkbox' and @name='public']") ;
242 $this->click ("//input[@value='Submit']") ;
243 $this->waitForPageToLoad("30000");
246 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "docmaster") ;
247 $this->click ("//input[@value='Add User']") ;
248 $this->waitForPageToLoad("30000");
249 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
252 $this->switchUser ("bigboss") ;
253 $this->registerProject ("MetaProject", "bigboss") ;
254 $this->approveProject ("MetaProject", "bigboss") ;
255 $this->registerProject ("SubProject", "bigboss") ;
256 $this->approveProject ("SubProject", "bigboss") ;
259 $this->gotoProject ("MetaProject") ;
260 $this->click("link=Admin");
261 $this->waitForPageToLoad("30000");
262 $this->click("link=Users and permissions");
263 $this->waitForPageToLoad("30000");
264 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Senior Developer") ;
265 $this->click ("//input[@value='Create Role']") ;
266 $this->waitForPageToLoad("30000");
267 $this->click("link=Users and permissions");
268 $this->waitForPageToLoad("30000");
269 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Junior Developer") ;
270 $this->click ("//input[@value='Create Role']") ;
271 $this->waitForPageToLoad("30000");
272 $this->click("link=Users and permissions");
273 $this->waitForPageToLoad("30000");
274 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Doc Writer") ;
275 $this->click ("//input[@value='Create Role']") ;
276 $this->waitForPageToLoad("30000");
279 $this->gotoProject ("MetaProject") ;
280 $this->click("link=Admin");
281 $this->waitForPageToLoad("30000");
282 $this->click("link=Users and permissions");
283 $this->waitForPageToLoad("30000");
284 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "guru") ;
285 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
286 $this->click ("//input[@value='Add Member']") ;
287 $this->waitForPageToLoad("30000");
288 $this->assertTrue($this->isTextPresent("guru Lastname"));
289 $this->assertTrue($this->isElementPresent("
291 //tr/td/a[.='guru Lastname']/../..//input[@name='user_id']/@value
293 /../td[.='Senior Developer']")) ;
295 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
296 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
297 $this->click ("//input[@value='Add Member']") ;
298 $this->waitForPageToLoad("30000");
299 $this->assertTrue($this->isTextPresent("trainee Lastname"));
300 $this->assertTrue($this->isElementPresent("
302 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
304 /../td[.='Junior Developer']")) ;
306 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "docmaster") ;
307 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Doc Writer");
308 $this->click ("//input[@value='Add Member']") ;
309 $this->waitForPageToLoad("30000");
310 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
311 $this->assertTrue($this->isElementPresent("
313 //tr/td/a[.='docmaster Lastname']/../..//input[@name='user_id']/@value
315 /../td[.='Doc Writer']")) ;
317 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "bigboss") ;
318 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
319 $this->click ("//input[@value='Add Member']") ;
320 $this->waitForPageToLoad("30000");
321 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
322 $this->assertTrue($this->isElementPresent("
324 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
326 /../td[.='Senior Developer']")) ;
328 // Oops, bigboss doesn't need the extra role after all
331 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
333 /../td[.='Senior Developer']/../td/input[@value='Remove']") ;
334 $this->waitForPageToLoad("30000");
335 $this->assertFalse($this->isElementPresent("
337 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
339 /../td[.='Senior Developer']")) ;
341 // Remove/re-add a user
344 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
346 /../td[.='Junior Developer']/../td/input[@value='Remove']") ;
347 $this->waitForPageToLoad("30000");
348 $this->assertFalse($this->isTextPresent("trainee Lastname"));
350 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
351 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
352 $this->click ("//input[@value='Add Member']") ;
353 $this->waitForPageToLoad("30000");
354 $this->assertTrue($this->isTextPresent("trainee Lastname"));
355 $this->assertTrue($this->isElementPresent("
357 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
359 /../td[.='Junior Developer']")) ;
361 // Edit permissions of the JD role
362 $this->gotoProject ("MetaProject") ;
363 $this->click("link=Admin");
364 $this->waitForPageToLoad("30000");
365 $this->click("link=Users and permissions");
366 $this->waitForPageToLoad("30000");
368 $this->click ("//td[.='Junior Developer']/../td/input[@value='Edit Permissions']") ;
369 $this->waitForPageToLoad("30000");
371 $this->select("//select[contains(@name,'data[frs]')]", "label=View public packages only");
372 $this->select("//select[contains(@name,'data[docman]')]", "label=Read only");
373 $this->click ("//input[@value='Submit']") ;
374 $this->waitForPageToLoad("30000");
375 $this->assertSelected("//select[contains(@name,'data[docman]')]", "Read only");
376 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View public packages only");
377 $this->select("//select[contains(@name,'data[frs]')]", "label=View all packages");
378 $this->click ("//input[@value='Submit']") ;
379 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View all packages");
380 $this->waitForPageToLoad("30000");
382 // Check that SD is technician on trackers but DM isn't
383 $this->click("link=Tracker");
384 $this->waitForPageToLoad("30000");
385 $this->click("link=Bugs");
386 $this->waitForPageToLoad("30000");
387 $this->click("link=Submit New");
388 $this->waitForPageToLoad("30000");
389 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
390 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']/option[.='guru Lastname']")) ;
391 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']/option[.='docmaster Lastname']")) ;
393 // Check that SD is a manager on trackers but JD isn't
394 $this->switchUser('guru');
395 $this->gotoProject ("MetaProject") ;
396 $this->click("link=Tracker");
397 $this->waitForPageToLoad("30000");
398 $this->click("link=Bugs");
399 $this->waitForPageToLoad("30000");
400 $this->click("link=Submit New");
401 $this->waitForPageToLoad("30000");
402 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
404 $this->switchUser('trainee');
405 $this->gotoProject ("MetaProject") ;
406 $this->click("link=Tracker");
407 $this->waitForPageToLoad("30000");
408 $this->click("link=Bugs");
409 $this->waitForPageToLoad("30000");
410 $this->click("link=Submit New");
411 $this->waitForPageToLoad("30000");
412 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
414 // Also check that guru isn't a manager on SubProject yet
415 $this->switchUser('guru');
416 $this->gotoProject ("SubProject") ;
417 $this->click("link=Tracker");
418 $this->waitForPageToLoad("30000");
419 $this->click("link=Bugs");
420 $this->waitForPageToLoad("30000");
421 $this->click("link=Submit New");
422 $this->waitForPageToLoad("30000");
423 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
425 // Mark SD role as shared
426 $this->switchUser('bigboss');
427 $this->gotoProject ("MetaProject") ;
428 $this->click("link=Admin");
429 $this->waitForPageToLoad("30000");
430 $this->click("link=Users and permissions");
431 $this->waitForPageToLoad("30000");
432 $this->click ("//td[.='Senior Developer']/../td/input[@value='Edit Permissions']") ;
433 $this->waitForPageToLoad("30000");
434 $this->click ("//input[@type='checkbox' and @name='public']") ;
435 $this->click ("//input[@value='Submit']") ;
436 $this->waitForPageToLoad("30000");
438 // Link MetaProject/SD role into SubProject
439 $this->gotoProject ("SubProject") ;
440 $this->click("link=Admin");
441 $this->waitForPageToLoad("30000");
442 $this->click("link=Users and permissions");
443 $this->waitForPageToLoad("30000");
445 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Senior Developer (in project MetaProject)']")) ;
446 $this->select("//input[@value='Link external role']/../../td/select", "label=Senior Developer (in project MetaProject)") ;
447 $this->click("//input[@value='Link external role']") ;
448 $this->waitForPageToLoad("30000");
449 $this->assertTrue($this->isElementPresent("//tr/td[.='Senior Developer (in project MetaProject)']/../td/input[contains(@value,'Unlink Role')]"));
451 // Grant it tracker manager permissions
452 $this->click ("//td[.='Senior Developer (in project MetaProject)']/../td/input[@value='Edit Permissions']") ;
453 $this->waitForPageToLoad("30000");
454 $this->select("//select[contains(@name,'data[tracker]')]", "label=Manager");
455 $this->click ("//input[@value='Submit']") ;
456 $this->waitForPageToLoad("30000");
458 // Check that guru now has manager permissions on SubProject
459 $this->switchUser('guru');
460 $this->gotoProject ("SubProject") ;
461 $this->click("link=Tracker");
462 $this->waitForPageToLoad("30000");
463 $this->click("link=Bugs");
464 $this->waitForPageToLoad("30000");
465 $this->click("link=Submit New");
466 $this->waitForPageToLoad("30000");
467 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
469 // Link global "Documentation masters" role into SubProject
470 $this->switchUser ("bigboss") ;
471 $this->gotoProject ("SubProject") ;
472 $this->click("link=Admin");
473 $this->waitForPageToLoad("30000");
474 $this->click("link=Users and permissions");
475 $this->waitForPageToLoad("30000");
477 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Documentation masters (global role)']")) ;
478 $this->assertFalse($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Project moderators (global role)']")) ;
479 $this->select("//input[@value='Link external role']/../../td/select", "label=Documentation masters (global role)") ;
480 $this->click("//input[@value='Link external role']") ;
481 $this->waitForPageToLoad("30000");
482 $this->assertTrue($this->isElementPresent("//tr/td[.='Documentation masters (global role)']/../td/input[contains(@value,'Unlink Role')]"));