3 * Copyright 2010, Roland Mas
4 * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
6 * This file is part of FusionForge.
8 * FusionForge is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published
10 * by the Free Software Foundation; either version 2 of the License,
11 * or (at your option) any later version.
13 * FusionForge is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 require_once dirname(dirname(__FILE__)).'/Testing/SeleniumGforge.php';
25 class RBAC extends FForge_SeleniumTestCase
27 function testAnonymousProjectReadAccess()
31 $this->click("link=Admin");
32 $this->waitForPageToLoad("30000");
33 $this->assertTrue($this->isTextPresent("Project Information"));
34 $this->click("link=Users and permissions");
35 $this->waitForPageToLoad("30000");
36 $this->assertTrue($this->isTextPresent("Members of ProjectA"));
37 $this->click("//tr/td/form/div[contains(.,'Anonymous')]/../../../td/form/div/input[contains(@value,'Unlink Role')]");
38 $this->waitForPageToLoad("30000");
39 $this->assertTrue($this->isTextPresent("Role unlinked successfully"));
41 $this->createUser ('staffmember') ;
43 $this->assertFalse($this->isTextPresent("ProjectA"));
45 $this->open( ROOT . '/projects/projecta') ;
46 $this->waitForPageToLoad("30000");
47 $this->assertTrue($this->isLoginRequired());
48 $this->triggeredLogin('staffmember');
49 $this->assertTrue($this->isTextPresent("Project Members"));
52 function testGlobalRolesAndPermissions()
54 $this->login("admin");
56 $this->click("link=Site Admin");
57 $this->waitForPageToLoad("30000");
59 // Create "Project approvers" role
60 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project approvers") ;
61 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
62 $this->waitForPageToLoad("30000");
64 // Grant it permissions
65 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
66 $this->select("//select[@name='data[approve_news][-1]']", "label=Approve news");
67 $this->click ("//input[@value='Submit']") ;
68 $this->waitForPageToLoad("30000");
70 // Check permissions were saved
71 $this->click("link=Site Admin");
72 $this->waitForPageToLoad("30000");
73 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
74 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
75 $this->waitForPageToLoad("30000");
77 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
78 $this->assertNotSelected("//select[@name='data[approve_projects][-1]']", "No access");
79 $this->assertSelected("//select[@name='data[approve_news][-1]']", "Approve news");
81 // Whoops, we don't actually want the news moderation bit, unset it
82 $this->select("//select[@name='data[approve_news][-1]']", "label=No access");
83 $this->click ("//input[@value='Submit']") ;
84 $this->waitForPageToLoad("30000");
85 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
86 $this->assertSelected("//select[@name='data[approve_news][-1]']", "No access");
88 // Create users for "Project approvers" and "News moderators" roles
89 $this->createUser ("projapp") ;
90 $this->createUser ("newsmod") ;
92 // Add them to their respective roles, check they're here
93 $this->click("link=Site Admin");
94 $this->waitForPageToLoad("30000");
95 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
96 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
97 $this->waitForPageToLoad("30000");
98 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
99 $this->click ("//input[@value='Add User']") ;
100 $this->waitForPageToLoad("30000");
101 $this->assertTrue($this->isTextPresent("projapp Lastname"));
103 $this->click("link=Site Admin");
104 $this->waitForPageToLoad("30000");
105 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=News moderators") ;
106 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
107 $this->waitForPageToLoad("30000");
108 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "newsmod") ;
109 $this->click ("//input[@value='Add User']") ;
110 $this->waitForPageToLoad("30000");
111 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
113 // Add a wrong user to the role, then remove it
114 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
115 $this->click ("//input[@value='Add User']") ;
116 $this->waitForPageToLoad("30000");
117 $this->assertTrue($this->isTextPresent("projapp Lastname"));
118 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
119 $this->click ("//a[contains(@href,'/users/projapp')]/../input[@name='rmuser']") ;
120 $this->waitForPageToLoad("30000");
121 $this->assertFalse($this->isTextPresent("projapp Lastname"));
122 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
124 // Register unprivileged user
125 $this->createUser ("toto") ;
127 // Temporarily grant project approval rights to user
128 // (For cases where project_registration_restricted=true)
129 $this->click("link=Site Admin");
130 $this->waitForPageToLoad("30000");
131 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
132 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
133 $this->waitForPageToLoad("30000");
134 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "toto") ;
135 $this->click ("//input[@value='Add User']") ;
136 $this->waitForPageToLoad("30000");
137 $this->assertTrue($this->isTextPresent("toto Lastname"));
140 $this->registerProject ("TotoProject", "toto") ;
142 // Revoke project approval rights
143 $this->click("link=Site Admin");
144 $this->waitForPageToLoad("30000");
145 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
146 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
147 $this->waitForPageToLoad("30000");
148 $this->click ("//a[contains(@href,'/users/toto')]/../input[@name='rmuser']") ;
149 $this->waitForPageToLoad("30000");
150 $this->assertFalse($this->isTextPresent("toto Lastname"));
152 // Try approving it as two users without the right to do so
153 $this->switchUser ("toto") ;
154 $this->open( ROOT . '/admin/approve-pending.php') ;
155 $this->waitForPageToLoad("30000");
156 $this->assertTrue ($this->isPermissionDenied()) ;
157 $this->switchUser ("newsmod") ;
158 $this->open( ROOT . '/admin/approve-pending.php') ;
159 $this->waitForPageToLoad("30000");
160 $this->assertTrue ($this->isPermissionDenied()) ;
162 // Approve it with a user that only has approve_projects
163 $this->approveProject ("TotoProject", "projapp") ;
165 // Submit a news in the project
166 $this->switchUser ("toto") ;
167 $this->gotoProject ("TotoProject") ;
168 $this->click("link=News") ;
169 $this->waitForPageToLoad("30000");
170 $this->click("link=Submit") ;
171 $this->waitForPageToLoad("30000");
172 $this->type("summary", "First TotoNews");
173 $this->type("details", "This is a simple news for Toto's project.");
174 $this->click("submit");
175 $this->waitForPageToLoad("30000");
177 // Try to push it to front page with user toto
178 $this->open( ROOT . '/admin/pending-news.php') ;
179 $this->waitForPageToLoad("30000");
180 $this->assertTrue ($this->isPermissionDenied()) ;
182 // Try to push it to front page with user projapp
183 $this->switchUser ("projapp") ;
184 $this->open( ROOT . '/admin/pending-news.php') ;
185 $this->waitForPageToLoad("30000");
186 $this->assertTrue ($this->isPermissionDenied()) ;
188 // Push it to front page with user newsmod
189 $this->switchUser ("newsmod") ;
190 $this->open( ROOT . '/admin/pending-news.php') ;
191 $this->waitForPageToLoad("30000");
192 $this->assertTrue ($this->isTextPresent("These items need to be approved")) ;
193 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
194 $this->click ("//a[contains(.,'First TotoNews')]") ;
195 $this->waitForPageToLoad("30000");
196 $this->click ("//input[@type='radio' and @value='1']") ;
197 $this->click ("submit") ;
198 $this->waitForPageToLoad("30000");
199 $this->assertTrue ($this->isTextPresent("These items were approved this past week")) ;
200 $this->open( ROOT ) ;
201 $this->waitForPageToLoad("30000");
202 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
204 // Non-regression test for #265
206 $this->open( ROOT ) ;
207 $this->waitForPageToLoad("30000");
208 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
209 $this->click("link=First TotoNews") ;
210 $this->waitForPageToLoad("30000");
211 $this->assertFalse ($this->isPermissionDenied()) ;
214 function testProjectRolesAndPermissions()
216 $this->populateStandardTemplate('trackers');
218 $this->createUser ("bigboss") ;
219 $this->createUser ("guru") ;
220 $this->createUser ("docmaster") ;
221 $this->createUser ("trainee") ;
223 // Create "Project moderators" role
224 $this->click("link=Site Admin");
225 $this->waitForPageToLoad("30000");
226 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project moderators") ;
227 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
228 $this->waitForPageToLoad("30000");
230 // Grant it permissions
231 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
232 $this->click ("//input[@value='Submit']") ;
233 $this->waitForPageToLoad("30000");
236 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "bigboss") ;
237 $this->click ("//input[@value='Add User']") ;
238 $this->waitForPageToLoad("30000");
239 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
241 // Create "Documentation masters" role
242 $this->click("link=Site Admin");
243 $this->waitForPageToLoad("30000");
244 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Documentation masters") ;
245 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
246 $this->waitForPageToLoad("30000");
249 $this->click ("//input[@type='checkbox' and @name='public']") ;
250 $this->click ("//input[@value='Submit']") ;
251 $this->waitForPageToLoad("30000");
254 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "docmaster") ;
255 $this->click ("//input[@value='Add User']") ;
256 $this->waitForPageToLoad("30000");
257 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
260 $this->switchUser ("bigboss") ;
261 $this->registerProject ("MetaProject", "bigboss") ;
262 $this->approveProject ("MetaProject", "bigboss") ;
263 $this->registerProject ("SubProject", "bigboss") ;
264 $this->approveProject ("SubProject", "bigboss") ;
267 $this->gotoProject ("MetaProject") ;
268 $this->click("link=Admin");
269 $this->waitForPageToLoad("30000");
270 $this->click("link=Users and permissions");
271 $this->waitForPageToLoad("30000");
272 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Senior Developer") ;
273 $this->click ("//input[@value='Create Role']") ;
274 $this->waitForPageToLoad("30000");
275 $this->click("link=Users and permissions");
276 $this->waitForPageToLoad("30000");
277 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Junior Developer") ;
278 $this->click ("//input[@value='Create Role']") ;
279 $this->waitForPageToLoad("30000");
280 $this->click("link=Users and permissions");
281 $this->waitForPageToLoad("30000");
282 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Doc Writer") ;
283 $this->click ("//input[@value='Create Role']") ;
284 $this->waitForPageToLoad("30000");
287 $this->gotoProject ("MetaProject") ;
288 $this->click("link=Admin");
289 $this->waitForPageToLoad("30000");
290 $this->click("link=Users and permissions");
291 $this->waitForPageToLoad("30000");
292 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "guru") ;
293 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
294 $this->click ("//input[@value='Add Member']") ;
295 $this->waitForPageToLoad("30000");
296 $this->assertTrue($this->isTextPresent("guru Lastname"));
297 $this->assertTrue($this->isElementPresent("
299 //tr/td/a[.='guru Lastname']/../..//input[@name='user_id']/@value
301 /../td[.='Senior Developer']")) ;
303 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
304 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
305 $this->click ("//input[@value='Add Member']") ;
306 $this->waitForPageToLoad("30000");
307 $this->assertTrue($this->isTextPresent("trainee Lastname"));
308 $this->assertTrue($this->isElementPresent("
310 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
312 /../td[.='Junior Developer']")) ;
314 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "docmaster") ;
315 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Doc Writer");
316 $this->click ("//input[@value='Add Member']") ;
317 $this->waitForPageToLoad("30000");
318 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
319 $this->assertTrue($this->isElementPresent("
321 //tr/td/a[.='docmaster Lastname']/../..//input[@name='user_id']/@value
323 /../td[.='Doc Writer']")) ;
325 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "bigboss") ;
326 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
327 $this->click ("//input[@value='Add Member']") ;
328 $this->waitForPageToLoad("30000");
329 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
330 $this->assertTrue($this->isElementPresent("
332 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
334 /../td[.='Senior Developer']")) ;
336 // Oops, bigboss doesn't need the extra role after all
339 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
341 /../td[.='Senior Developer']/../td/input[@value='Remove']") ;
342 $this->waitForPageToLoad("30000");
343 $this->assertFalse($this->isElementPresent("
345 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
347 /../td[.='Senior Developer']")) ;
349 // Remove/re-add a user
352 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
354 /../td[.='Junior Developer']/../td/input[@value='Remove']") ;
355 $this->waitForPageToLoad("30000");
356 $this->assertFalse($this->isTextPresent("trainee Lastname"));
358 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
359 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
360 $this->click ("//input[@value='Add Member']") ;
361 $this->waitForPageToLoad("30000");
362 $this->assertTrue($this->isTextPresent("trainee Lastname"));
363 $this->assertTrue($this->isElementPresent("
365 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
367 /../td[.='Junior Developer']")) ;
369 // Edit permissions of the JD role
370 $this->gotoProject ("MetaProject") ;
371 $this->click("link=Admin");
372 $this->waitForPageToLoad("30000");
373 $this->click("link=Users and permissions");
374 $this->waitForPageToLoad("30000");
376 $this->click ("//td[.='Junior Developer']/../td/input[@value='Edit Permissions']") ;
377 $this->waitForPageToLoad("30000");
379 $this->select("//select[contains(@name,'data[frs]')]", "label=View public packages only");
380 $this->select("//select[contains(@name,'data[docman]')]", "label=Read only");
381 $this->click ("//input[@value='Submit']") ;
382 $this->waitForPageToLoad("30000");
383 $this->assertSelected("//select[contains(@name,'data[docman]')]", "Read only");
384 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View public packages only");
385 $this->select("//select[contains(@name,'data[frs]')]", "label=View all packages");
386 $this->click ("//input[@value='Submit']") ;
387 $this->waitForPageToLoad("30000");
388 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View all packages");
390 // Check that SD is technician on trackers but DM isn't
391 $this->click("link=Tracker");
392 $this->waitForPageToLoad("30000");
393 $this->click("link=Bugs");
394 $this->waitForPageToLoad("30000");
395 $this->click("link=Submit New");
396 $this->waitForPageToLoad("30000");
397 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
398 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']/option[.='guru Lastname']")) ;
399 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']/option[.='docmaster Lastname']")) ;
401 // Check that SD is a manager on trackers but JD isn't
402 $this->switchUser('guru');
403 $this->gotoProject ("MetaProject") ;
404 $this->click("link=Tracker");
405 $this->waitForPageToLoad("30000");
406 $this->click("link=Bugs");
407 $this->waitForPageToLoad("30000");
408 $this->click("link=Submit New");
409 $this->waitForPageToLoad("30000");
410 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
412 $this->switchUser('trainee');
413 $this->gotoProject ("MetaProject") ;
414 $this->click("link=Tracker");
415 $this->waitForPageToLoad("30000");
416 $this->click("link=Bugs");
417 $this->waitForPageToLoad("30000");
418 $this->click("link=Submit New");
419 $this->waitForPageToLoad("30000");
420 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
422 // Also check that guru isn't a manager on SubProject yet
423 $this->switchUser('guru');
424 $this->gotoProject ("SubProject") ;
425 $this->click("link=Tracker");
426 $this->waitForPageToLoad("30000");
427 $this->click("link=Bugs");
428 $this->waitForPageToLoad("30000");
429 $this->click("link=Submit New");
430 $this->waitForPageToLoad("30000");
431 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
433 // Mark SD role as shared
434 $this->switchUser('bigboss');
435 $this->gotoProject ("MetaProject") ;
436 $this->click("link=Admin");
437 $this->waitForPageToLoad("30000");
438 $this->click("link=Users and permissions");
439 $this->waitForPageToLoad("30000");
440 $this->click ("//td[.='Senior Developer']/../td/input[@value='Edit Permissions']") ;
441 $this->waitForPageToLoad("30000");
442 $this->click ("//input[@type='checkbox' and @name='public']") ;
443 $this->click ("//input[@value='Submit']") ;
444 $this->waitForPageToLoad("30000");
446 // Link MetaProject/SD role into SubProject
447 $this->gotoProject ("SubProject") ;
448 $this->click("link=Admin");
449 $this->waitForPageToLoad("30000");
450 $this->click("link=Users and permissions");
451 $this->waitForPageToLoad("30000");
453 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Senior Developer (in project MetaProject)']")) ;
454 $this->select("//input[@value='Link external role']/../../td/select", "label=Senior Developer (in project MetaProject)") ;
455 $this->click("//input[@value='Link external role']") ;
456 $this->waitForPageToLoad("30000");
457 $this->assertTrue($this->isElementPresent("//tr/td[.='Senior Developer (in project MetaProject)']/../td/input[contains(@value,'Unlink Role')]"));
459 // Grant it tracker manager permissions
460 $this->click ("//td[.='Senior Developer (in project MetaProject)']/../td/input[@value='Edit Permissions']") ;
461 $this->waitForPageToLoad("30000");
462 $this->select("//select[contains(@name,'data[tracker]')]", "label=Manager");
463 $this->click ("//input[@value='Submit']") ;
464 $this->waitForPageToLoad("30000");
466 // Check that guru now has manager permissions on SubProject
467 $this->switchUser('guru');
468 $this->gotoProject ("SubProject") ;
469 $this->click("link=Tracker");
470 $this->waitForPageToLoad("30000");
471 $this->click("link=Bugs");
472 $this->waitForPageToLoad("30000");
473 $this->click("link=Submit New");
474 $this->waitForPageToLoad("30000");
475 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
477 // Link global "Documentation masters" role into SubProject
478 $this->switchUser ("bigboss") ;
479 $this->gotoProject ("SubProject") ;
480 $this->click("link=Admin");
481 $this->waitForPageToLoad("30000");
482 $this->click("link=Users and permissions");
483 $this->waitForPageToLoad("30000");
485 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Documentation masters (global role)']")) ;
486 $this->assertFalse($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Project moderators (global role)']")) ;
487 $this->select("//input[@value='Link external role']/../../td/select", "label=Documentation masters (global role)") ;
488 $this->click("//input[@value='Link external role']") ;
489 $this->waitForPageToLoad("30000");
490 $this->assertTrue($this->isElementPresent("//tr/td[.='Documentation masters (global role)']/../td/input[contains(@value,'Unlink Role')]"));