3 * Copyright 2010, Roland Mas
4 * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
6 * This file is part of FusionForge.
8 * FusionForge is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published
10 * by the Free Software Foundation; either version 2 of the License,
11 * or (at your option) any later version.
13 * FusionForge is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with FusionForge; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
24 require_once dirname(dirname(__FILE__)).'/Testing/SeleniumGforge.php';
26 class RBAC extends FForge_SeleniumTestCase
28 function testAnonymousProjectReadAccess()
32 $this->click("link=Admin");
33 $this->waitForPageToLoad("30000");
34 $this->assertTrue($this->isTextPresent("Project Information"));
35 $this->click("link=Users and permissions");
36 $this->waitForPageToLoad("30000");
37 $this->assertTrue($this->isTextPresent("Members of ProjectA"));
38 $this->click("//tr/td[contains(.,'Anonymous')]/../td/input[contains(@value,'Unlink Role')]");
39 $this->waitForPageToLoad("30000");
40 $this->assertTrue($this->isTextPresent("Role unlinked successfully"));
42 $this->createUser ('staffmember') ;
44 $this->assertFalse($this->isTextPresent("ProjectA"));
46 $this->open( ROOT . '/projects/projecta') ;
47 $this->waitForPageToLoad("30000");
48 $this->assertTrue($this->isLoginRequired());
49 $this->triggeredLogin('staffmember');
50 $this->assertTrue($this->isTextPresent("Project Members"));
53 function testGlobalRolesAndPermissions()
55 $this->login("admin");
57 $this->click("link=Site Admin");
58 $this->waitForPageToLoad("30000");
60 // Create "Project approvers" role
61 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project approvers") ;
62 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
63 $this->waitForPageToLoad("30000");
65 // Grant it permissions
66 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
67 $this->select("//select[@name='data[approve_news][-1]']", "label=Approve news");
68 $this->click ("//input[@value='Submit']") ;
69 $this->waitForPageToLoad("30000");
71 // Check permissions were saved
72 $this->click("link=Site Admin");
73 $this->waitForPageToLoad("30000");
74 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
75 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
76 $this->waitForPageToLoad("30000");
78 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
79 $this->assertNotSelected("//select[@name='data[approve_projects][-1]']", "No access");
80 $this->assertSelected("//select[@name='data[approve_news][-1]']", "Approve news");
82 // Whoops, we don't actually want the news moderation bit, unset it
83 $this->select("//select[@name='data[approve_news][-1]']", "label=No access");
84 $this->click ("//input[@value='Submit']") ;
85 $this->waitForPageToLoad("30000");
86 $this->assertSelected("//select[@name='data[approve_projects][-1]']", "Approve projects");
87 $this->assertSelected("//select[@name='data[approve_news][-1]']", "No access");
89 // Create users for "Project approvers" and "News moderators" roles
90 $this->createUser ("projapp") ;
91 $this->createUser ("newsmod") ;
93 // Add them to their respective roles, check they're here
94 $this->click("link=Site Admin");
95 $this->waitForPageToLoad("30000");
96 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
97 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
98 $this->waitForPageToLoad("30000");
99 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
100 $this->click ("//input[@value='Add User']") ;
101 $this->waitForPageToLoad("30000");
102 $this->assertTrue($this->isTextPresent("projapp Lastname"));
104 $this->click("link=Site Admin");
105 $this->waitForPageToLoad("30000");
106 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=News moderators") ;
107 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
108 $this->waitForPageToLoad("30000");
109 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "newsmod") ;
110 $this->click ("//input[@value='Add User']") ;
111 $this->waitForPageToLoad("30000");
112 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
114 // Add a wrong user to the role, then remove it
115 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "projapp") ;
116 $this->click ("//input[@value='Add User']") ;
117 $this->waitForPageToLoad("30000");
118 $this->assertTrue($this->isTextPresent("projapp Lastname"));
119 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
120 $this->click ("//a[contains(@href,'/users/projapp')]/../input[@name='rmuser']") ;
121 $this->waitForPageToLoad("30000");
122 $this->assertFalse($this->isTextPresent("projapp Lastname"));
123 $this->assertTrue($this->isTextPresent("newsmod Lastname"));
125 // Register unprivileged user
126 $this->createUser ("toto") ;
128 // Temporarily grant project approval rights to user
129 // (For cases where project_registration_restricted=true)
130 $this->click("link=Site Admin");
131 $this->waitForPageToLoad("30000");
132 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
133 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
134 $this->waitForPageToLoad("30000");
135 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "toto") ;
136 $this->click ("//input[@value='Add User']") ;
137 $this->waitForPageToLoad("30000");
138 $this->assertTrue($this->isTextPresent("toto Lastname"));
141 $this->registerProject ("TotoProject", "toto") ;
143 // Revoke project approval rights
144 $this->click("link=Site Admin");
145 $this->waitForPageToLoad("30000");
146 $this->select ("//form[contains(@action,'globalroleedit.php')]//select[@name='role_id']", "label=Project approvers") ;
147 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Edit Role']") ;
148 $this->waitForPageToLoad("30000");
149 $this->click ("//a[contains(@href,'/users/toto')]/../input[@name='rmuser']") ;
150 $this->waitForPageToLoad("30000");
151 $this->assertFalse($this->isTextPresent("toto Lastname"));
153 // Try approving it as two users without the right to do so
154 $this->switchUser ("toto") ;
155 $this->open( ROOT . '/admin/approve-pending.php') ;
156 $this->waitForPageToLoad("30000");
157 $this->assertTrue ($this->isPermissionDenied()) ;
158 $this->switchUser ("newsmod") ;
159 $this->open( ROOT . '/admin/approve-pending.php') ;
160 $this->waitForPageToLoad("30000");
161 $this->assertTrue ($this->isPermissionDenied()) ;
163 // Approve it with a user that only has approve_projects
164 $this->approveProject ("TotoProject", "projapp") ;
166 // Submit a news in the project
167 $this->switchUser ("toto") ;
168 $this->gotoProject ("TotoProject") ;
169 $this->click("link=News") ;
170 $this->waitForPageToLoad("30000");
171 $this->click("link=Submit") ;
172 $this->waitForPageToLoad("30000");
173 $this->type("summary", "First TotoNews");
174 $this->type("details", "This is a simple news for Toto's project.");
175 $this->click("submit");
176 $this->waitForPageToLoad("30000");
178 // Try to push it to front page with user toto
179 $this->open( ROOT . '/news/admin/') ;
180 $this->waitForPageToLoad("30000");
181 $this->assertTrue ($this->isPermissionDenied()) ;
183 // Try to push it to front page with user projapp
184 $this->switchUser ("projapp") ;
185 $this->open( ROOT . '/news/admin/') ;
186 $this->waitForPageToLoad("30000");
187 $this->assertTrue ($this->isPermissionDenied()) ;
189 // Push it to front page with user newsmod
190 $this->switchUser ("newsmod") ;
191 $this->open( ROOT . '/news/admin/') ;
192 $this->waitForPageToLoad("30000");
193 $this->assertTrue ($this->isTextPresent("These items need to be approved")) ;
194 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
195 $this->click ("//a[contains(.,'First TotoNews')]") ;
196 $this->waitForPageToLoad("30000");
197 $this->click ("//input[@type='radio' and @value='1']") ;
198 $this->click ("submit") ;
199 $this->waitForPageToLoad("30000");
200 $this->assertTrue ($this->isTextPresent("These items were approved this past week")) ;
201 $this->open( ROOT ) ;
202 $this->waitForPageToLoad("30000");
203 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
206 $this->open( ROOT ) ;
207 $this->waitForPageToLoad("30000");
208 $this->assertTrue ($this->isTextPresent("First TotoNews")) ;
211 function testProjectRolesAndPermissions()
213 $this->populateStandardTemplate('trackers');
215 $this->createUser ("bigboss") ;
216 $this->createUser ("guru") ;
217 $this->createUser ("docmaster") ;
218 $this->createUser ("trainee") ;
220 // Create "Project moderators" role
221 $this->click("link=Site Admin");
222 $this->waitForPageToLoad("30000");
223 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Project moderators") ;
224 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
225 $this->waitForPageToLoad("30000");
227 // Grant it permissions
228 $this->select("//select[@name='data[approve_projects][-1]']", "label=Approve projects");
229 $this->click ("//input[@value='Submit']") ;
230 $this->waitForPageToLoad("30000");
233 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "bigboss") ;
234 $this->click ("//input[@value='Add User']") ;
235 $this->waitForPageToLoad("30000");
236 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
238 // Create "Documentation masters" role
239 $this->click("link=Site Admin");
240 $this->waitForPageToLoad("30000");
241 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='role_name']", "Documentation masters") ;
242 $this->click ("//form[contains(@action,'globalroleedit.php')]//input[@value='Create Role']") ;
243 $this->waitForPageToLoad("30000");
246 $this->click ("//input[@type='checkbox' and @name='public']") ;
247 $this->click ("//input[@value='Submit']") ;
248 $this->waitForPageToLoad("30000");
251 $this->type ("//form[contains(@action,'globalroleedit.php')]//input[@name='form_unix_name']", "docmaster") ;
252 $this->click ("//input[@value='Add User']") ;
253 $this->waitForPageToLoad("30000");
254 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
257 $this->switchUser ("bigboss") ;
258 $this->registerProject ("MetaProject", "bigboss") ;
259 $this->approveProject ("MetaProject", "bigboss") ;
260 $this->registerProject ("SubProject", "bigboss") ;
261 $this->approveProject ("SubProject", "bigboss") ;
264 $this->gotoProject ("MetaProject") ;
265 $this->click("link=Admin");
266 $this->waitForPageToLoad("30000");
267 $this->click("link=Users and permissions");
268 $this->waitForPageToLoad("30000");
269 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Senior Developer") ;
270 $this->click ("//input[@value='Create Role']") ;
271 $this->waitForPageToLoad("30000");
272 $this->click("link=Users and permissions");
273 $this->waitForPageToLoad("30000");
274 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Junior Developer") ;
275 $this->click ("//input[@value='Create Role']") ;
276 $this->waitForPageToLoad("30000");
277 $this->click("link=Users and permissions");
278 $this->waitForPageToLoad("30000");
279 $this->type ("//form[contains(@action,'roleedit.php')]/..//input[@name='role_name']", "Doc Writer") ;
280 $this->click ("//input[@value='Create Role']") ;
281 $this->waitForPageToLoad("30000");
284 $this->gotoProject ("MetaProject") ;
285 $this->click("link=Admin");
286 $this->waitForPageToLoad("30000");
287 $this->click("link=Users and permissions");
288 $this->waitForPageToLoad("30000");
289 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "guru") ;
290 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
291 $this->click ("//input[@value='Add Member']") ;
292 $this->waitForPageToLoad("30000");
293 $this->assertTrue($this->isTextPresent("guru Lastname"));
294 $this->assertTrue($this->isElementPresent("
296 //tr/td/a[.='guru Lastname']/../..//input[@name='user_id']/@value
298 /../td[.='Senior Developer']")) ;
300 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
301 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
302 $this->click ("//input[@value='Add Member']") ;
303 $this->waitForPageToLoad("30000");
304 $this->assertTrue($this->isTextPresent("trainee Lastname"));
305 $this->assertTrue($this->isElementPresent("
307 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
309 /../td[.='Junior Developer']")) ;
311 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "docmaster") ;
312 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Doc Writer");
313 $this->click ("//input[@value='Add Member']") ;
314 $this->waitForPageToLoad("30000");
315 $this->assertTrue($this->isTextPresent("docmaster Lastname"));
316 $this->assertTrue($this->isElementPresent("
318 //tr/td/a[.='docmaster Lastname']/../..//input[@name='user_id']/@value
320 /../td[.='Doc Writer']")) ;
322 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "bigboss") ;
323 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Senior Developer");
324 $this->click ("//input[@value='Add Member']") ;
325 $this->waitForPageToLoad("30000");
326 $this->assertTrue($this->isTextPresent("bigboss Lastname"));
327 $this->assertTrue($this->isElementPresent("
329 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
331 /../td[.='Senior Developer']")) ;
333 // Oops, bigboss doesn't need the extra role after all
336 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
338 /../td[.='Senior Developer']/../td/input[@value='Remove']") ;
339 $this->waitForPageToLoad("30000");
340 $this->assertFalse($this->isElementPresent("
342 //tr/td/a[.='bigboss Lastname']/../..//input[@name='user_id']/@value
344 /../td[.='Senior Developer']")) ;
346 // Remove/re-add a user
349 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
351 /../td[.='Junior Developer']/../td/input[@value='Remove']") ;
352 $this->waitForPageToLoad("30000");
353 $this->assertFalse($this->isTextPresent("trainee Lastname"));
355 $this->type ("//form[contains(@action,'users.php')]//input[@name='form_unix_name' and @type='text']", "trainee") ;
356 $this->select("//input[@value='Add Member']/../select[@name='role_id']", "label=Junior Developer");
357 $this->click ("//input[@value='Add Member']") ;
358 $this->waitForPageToLoad("30000");
359 $this->assertTrue($this->isTextPresent("trainee Lastname"));
360 $this->assertTrue($this->isElementPresent("
362 //tr/td/a[.='trainee Lastname']/../..//input[@name='user_id']/@value
364 /../td[.='Junior Developer']")) ;
366 // Edit permissions of the JD role
367 $this->gotoProject ("MetaProject") ;
368 $this->click("link=Admin");
369 $this->waitForPageToLoad("30000");
370 $this->click("link=Users and permissions");
371 $this->waitForPageToLoad("30000");
373 $this->click ("//td[.='Junior Developer']/../td/input[@value='Edit Permissions']") ;
374 $this->waitForPageToLoad("30000");
376 $this->select("//select[contains(@name,'data[frs]')]", "label=View public packages only");
377 $this->select("//select[contains(@name,'data[docman]')]", "label=Read only");
378 $this->click ("//input[@value='Submit']") ;
379 $this->waitForPageToLoad("30000");
380 $this->assertSelected("//select[contains(@name,'data[docman]')]", "Read only");
381 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View public packages only");
382 $this->select("//select[contains(@name,'data[frs]')]", "label=View all packages");
383 $this->click ("//input[@value='Submit']") ;
384 $this->waitForPageToLoad("30000");
385 $this->assertSelected("//select[contains(@name,'data[frs]')]", "View all packages");
387 // Check that SD is technician on trackers but DM isn't
388 $this->click("link=Tracker");
389 $this->waitForPageToLoad("30000");
390 $this->click("link=Bugs");
391 $this->waitForPageToLoad("30000");
392 $this->click("link=Submit New");
393 $this->waitForPageToLoad("30000");
394 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
395 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']/option[.='guru Lastname']")) ;
396 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']/option[.='docmaster Lastname']")) ;
398 // Check that SD is a manager on trackers but JD isn't
399 $this->switchUser('guru');
400 $this->gotoProject ("MetaProject") ;
401 $this->click("link=Tracker");
402 $this->waitForPageToLoad("30000");
403 $this->click("link=Bugs");
404 $this->waitForPageToLoad("30000");
405 $this->click("link=Submit New");
406 $this->waitForPageToLoad("30000");
407 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
409 $this->switchUser('trainee');
410 $this->gotoProject ("MetaProject") ;
411 $this->click("link=Tracker");
412 $this->waitForPageToLoad("30000");
413 $this->click("link=Bugs");
414 $this->waitForPageToLoad("30000");
415 $this->click("link=Submit New");
416 $this->waitForPageToLoad("30000");
417 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
419 // Also check that guru isn't a manager on SubProject yet
420 $this->switchUser('guru');
421 $this->gotoProject ("SubProject") ;
422 $this->click("link=Tracker");
423 $this->waitForPageToLoad("30000");
424 $this->click("link=Bugs");
425 $this->waitForPageToLoad("30000");
426 $this->click("link=Submit New");
427 $this->waitForPageToLoad("30000");
428 $this->assertFalse($this->isElementPresent("//select[@name='assigned_to']")) ;
430 // Mark SD role as shared
431 $this->switchUser('bigboss');
432 $this->gotoProject ("MetaProject") ;
433 $this->click("link=Admin");
434 $this->waitForPageToLoad("30000");
435 $this->click("link=Users and permissions");
436 $this->waitForPageToLoad("30000");
437 $this->click ("//td[.='Senior Developer']/../td/input[@value='Edit Permissions']") ;
438 $this->waitForPageToLoad("30000");
439 $this->click ("//input[@type='checkbox' and @name='public']") ;
440 $this->click ("//input[@value='Submit']") ;
441 $this->waitForPageToLoad("30000");
443 // Link MetaProject/SD role into SubProject
444 $this->gotoProject ("SubProject") ;
445 $this->click("link=Admin");
446 $this->waitForPageToLoad("30000");
447 $this->click("link=Users and permissions");
448 $this->waitForPageToLoad("30000");
450 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Senior Developer (in project MetaProject)']")) ;
451 $this->select("//input[@value='Link external role']/../../td/select", "label=Senior Developer (in project MetaProject)") ;
452 $this->click("//input[@value='Link external role']") ;
453 $this->waitForPageToLoad("30000");
454 $this->assertTrue($this->isElementPresent("//tr/td[.='Senior Developer (in project MetaProject)']/../td/input[contains(@value,'Unlink Role')]"));
456 // Grant it tracker manager permissions
457 $this->click ("//td[.='Senior Developer (in project MetaProject)']/../td/input[@value='Edit Permissions']") ;
458 $this->waitForPageToLoad("30000");
459 $this->select("//select[contains(@name,'data[tracker]')]", "label=Manager");
460 $this->click ("//input[@value='Submit']") ;
461 $this->waitForPageToLoad("30000");
463 // Check that guru now has manager permissions on SubProject
464 $this->switchUser('guru');
465 $this->gotoProject ("SubProject") ;
466 $this->click("link=Tracker");
467 $this->waitForPageToLoad("30000");
468 $this->click("link=Bugs");
469 $this->waitForPageToLoad("30000");
470 $this->click("link=Submit New");
471 $this->waitForPageToLoad("30000");
472 $this->assertTrue($this->isElementPresent("//select[@name='assigned_to']")) ;
474 // Link global "Documentation masters" role into SubProject
475 $this->switchUser ("bigboss") ;
476 $this->gotoProject ("SubProject") ;
477 $this->click("link=Admin");
478 $this->waitForPageToLoad("30000");
479 $this->click("link=Users and permissions");
480 $this->waitForPageToLoad("30000");
482 $this->assertTrue($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Documentation masters (global role)']")) ;
483 $this->assertFalse($this->isElementPresent("//input[@value='Link external role']/../../td/select/option[.='Project moderators (global role)']")) ;
484 $this->select("//input[@value='Link external role']/../../td/select", "label=Documentation masters (global role)") ;
485 $this->click("//input[@value='Link external role']") ;
486 $this->waitForPageToLoad("30000");
487 $this->assertTrue($this->isElementPresent("//tr/td[.='Documentation masters (global role)']/../td/input[contains(@value,'Unlink Role')]"));