[Rt-commit] r2448 - in rt/branches/PLATANO-EXPERIMENTAL-CSS: . lib/RT lib/t/regression

jesse at bestpractical.com jesse at bestpractical.com
Mon Mar 14 03:02:54 EST 2005


Author: jesse
Date: Mon Mar 14 03:02:54 2005
New Revision: 2448

Added:
   rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/t/regression/17multiple_deleg_revocation.t
Modified:
   rt/branches/PLATANO-EXPERIMENTAL-CSS/   (props changed)
   rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/ACE_Overlay.pm
   rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/Group_Overlay.pm
Log:
 r8608 at hualien:  jesse | 2005-03-14 02:43:00 -0500
  r8496 at hualien:  jesse | 2005-03-14 02:28:14 -0500
   r6372 at hualien:  jesse | 2005-03-05 19:29:51 -0500
    r6268 at hualien (orig r2274):  mwhitson | 2005-03-03 12:34:13 -0500
    rt-ticket: 6450
    rt-status: resolved
    rt-update: correspond
    Correct inaccurate POD for RT::Group::MembersObj and DeepMembersObj.
    
    r6269 at hualien (orig r2275):  mwhitson | 2005-03-03 13:55:06 -0500
    RT-Ticket: 6482
    RT-Status: resolved
    RT-Update: correspond
    Fix incorrect loop exit test in RT::ACE::_Delete such that multiply delegated ACEs are all
    cleaned up when the parent ACE is revoked.
    
   
  
 


Modified: rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/ACE_Overlay.pm
==============================================================================
--- rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/ACE_Overlay.pm	(original)
+++ rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/ACE_Overlay.pm	Mon Mar 14 03:02:54 2005
@@ -700,7 +700,7 @@
     while ( my $delegated_ace = $delegated_from_this->Next ) {
         ( $delete_succeeded, $submsg ) =
           $delegated_ace->_Delete( InsideTransaction => 1 );
-        last if ($delete_succeeded);
+        last unless ($delete_succeeded);
     }
 
     unless ($delete_succeeded) {

Modified: rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/Group_Overlay.pm
==============================================================================
--- rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/Group_Overlay.pm	(original)
+++ rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/RT/Group_Overlay.pm	Mon Mar 14 03:02:54 2005
@@ -795,7 +795,8 @@
 
 =head2 DeepMembersObj
 
-Returns an RT::CachedGroupMembers object of this group's members.
+Returns an RT::CachedGroupMembers object of this group's members,
+including all members of subgroups.
 
 =cut
 
@@ -848,7 +849,7 @@
 
 =head2 MembersObj
 
-Returns an RT::CachedGroupMembers object of this group's members.
+Returns an RT::GroupMembers object of this group's direct members.
 
 =cut
 

Added: rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/t/regression/17multiple_deleg_revocation.t
==============================================================================
--- (empty file)
+++ rt/branches/PLATANO-EXPERIMENTAL-CSS/lib/t/regression/17multiple_deleg_revocation.t	Mon Mar 14 03:02:54 2005
@@ -0,0 +1,135 @@
+#!/usr/bin/perl -w
+
+use Test::More qw(no_plan);
+
+use RT;
+
+ok( RT::LoadConfig, "Locating config files" );
+ok( RT::Init,       "Basic initialization and DB connectivity" );
+
+my ($u1, $g1, $pg1, $pg2, $ace, @groups, @users, @principals);
+ at groups = (\$g1, \$pg1, \$pg2);
+ at users = (\$u1);
+ at principals = (@groups, @users);
+
+my($ret, $msg);
+
+$u1 = RT::User->new($RT::SystemUser);
+( $ret, $msg ) = $u1->LoadOrCreateByEmail('delegtest1 at example.com');
+ok( $ret, "Load / Create test user 1: $msg" );
+$u1->SetPrivileged(1);
+
+$g1 = RT::Group->new($RT::SystemUser);
+( $ret, $msg) = $g1->LoadUserDefinedGroup('dg1');
+unless ($ret) {
+    ( $ret, $msg ) = $g1->CreateUserDefinedGroup( Name => 'dg1' );
+}
+$pg1 = RT::Group->new($RT::SystemUser);
+( $ret, $msg ) = $pg1->LoadPersonalGroup( Name => 'dpg1',
+					  User => $u1->PrincipalId );
+unless ($ret) {
+    ( $ret, $msg ) = $pg1->CreatePersonalGroup( Name => 'dpg1',
+						PrincipalId => $u1->PrincipalId );
+}
+ok( $ret, "Load / Create test personal group 1: $msg" );
+$pg2 = RT::Group->new($RT::SystemUser);
+( $ret, $msg ) = $pg2->LoadPersonalGroup( Name => 'dpg2',
+					  User => $u1->PrincipalId );
+unless ($ret) {
+    ( $ret, $msg ) = $pg2->CreatePersonalGroup( Name => 'dpg2',
+						PrincipalId => $u1->PrincipalId );
+}
+ok( $ret, "Load / Create test personal group 2: $msg" );
+
+clear_acls_and_groups();
+
+( $ret, $msg ) = $u1->PrincipalObj->GrantRight( Right => 'DelegateRights' );
+ok( $ret, "Grant DelegateRights to u1: $msg" );
+( $ret, $msg ) = $g1->PrincipalObj->GrantRight( Right => 'ShowConfigTab' );
+ok( $ret, "Grant ShowConfigTab to g1: $msg" );
+( $ret, $msg ) = $g1->AddMember( $u1->PrincipalId );
+ok( $ret, "Add test user 1 to g1: $msg" );
+
+$ace = RT::ACE->new($u1);
+( $ret, $msg ) = $ace->LoadByValues(
+    RightName     => 'ShowConfigTab',
+    Object        => $RT::System,
+    PrincipalType => 'Group',
+    PrincipalId   => $g1->PrincipalId
+);
+ok( $ret, "Look up ACE to be delegated: $msg" );
+( $ret, $msg ) = $ace->Delegate( PrincipalId => $pg1->PrincipalId );
+ok( $ret, "Delegate ShowConfigTab to pg1: $msg" );
+( $ret, $msg ) = $ace->Delegate( PrincipalId => $pg2->PrincipalId );
+ok( $ret, "Delegate ShowConfigTab to pg2: $msg" );
+
+ok(( $pg1->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				   Object => $RT::System ) and
+     $pg2->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				   Object => $RT::System )),
+   "Test personal groups have ShowConfigTab right after delegation" );
+
+( $ret, $msg ) = $g1->DeleteMember( $u1->PrincipalId );
+ok( $ret, "Delete test user 1 from g1: $msg" );
+
+ok( not( $pg1->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				       Object => $RT::System )),
+    "Test personal group 1 lacks ShowConfigTab after user removed from g1" );
+ok( not( $pg2->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				       Object => $RT::System )),
+    "Test personal group 2 lacks ShowConfigTab after user removed from g1" );
+
+( $ret, $msg ) = $g1->AddMember( $u1->PrincipalId );
+ok( $ret, "Add test user 1 to g1: $msg" );
+( $ret, $msg ) = $ace->Delegate( PrincipalId => $pg1->PrincipalId );
+ok( $ret, "Delegate ShowConfigTab to pg1: $msg" );
+( $ret, $msg ) = $ace->Delegate( PrincipalId => $pg2->PrincipalId );
+ok( $ret, "Delegate ShowConfigTab to pg2: $msg" );
+
+ok(( $pg1->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				   Object => $RT::System ) and
+     $pg2->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				   Object => $RT::System )),
+   "Test personal groups have ShowConfigTab right after delegation" );
+
+( $ret, $msg ) = $g1->PrincipalObj->RevokeRight( Right => 'ShowConfigTab' );
+ok( $ret, "Revoke ShowConfigTab from g1: $msg" );
+
+ok( not( $pg1->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				       Object => $RT::System )),
+    "Test personal group 1 lacks ShowConfigTab after user removed from g1" );
+ok( not( $pg2->PrincipalObj->HasRight( Right  => 'ShowConfigTab',
+				       Object => $RT::System )),
+    "Test personal group 2 lacks ShowConfigTab after user removed from g1" );
+
+
+
+#######
+
+sub clear_acls_and_groups {
+    # Revoke all rights granted to our cast
+    my $acl = RT::ACL->new($RT::SystemUser);
+    foreach (@principals) {
+	$acl->LimitToPrincipal(Type => $$_->PrincipalObj->PrincipalType,
+			       Id => $$_->PrincipalObj->Id);
+    }
+    while (my $ace = $acl->Next()) {
+	$ace->Delete();
+    }
+
+    # Remove all group memberships
+    my $members = RT::GroupMembers->new($RT::SystemUser);
+    foreach (@groups) {
+	$members->LimitToMembersOfGroup( $$_->PrincipalId );
+    }
+    while (my $member = $members->Next()) {
+	$member->Delete();
+    }
+
+    $acl->RedoSearch();
+    ok( $acl->Count() == 0,
+       "All principals have no rights after clearing ACLs" );
+    $members->RedoSearch();
+    ok( $members->Count() == 0,
+       "All groups have no members after clearing groups" );
+}


More information about the Rt-commit mailing list