[Rt-commit] rt branch, 4.0/group-dashboards, updated. rt-4.0.1-125-ga3438d7
Alex Vandiver
alexmv at bestpractical.com
Thu Jul 14 15:09:36 EDT 2011
The branch, 4.0/group-dashboards has been updated
via a3438d7e00940b0e05839b8e5ec8e74a5e994b2a (commit)
via 00746c072bfdd4615593fcd1867085ffea741f1a (commit)
via 4f94d8c95604a2c5d612f3ee147f492b9d15bd94 (commit)
via 47b1c48129a77fe9ef6e6ad69e7860ea27a3e200 (commit)
from 7c85c01001ba272fb8dc7cbe7a8f971b412dafbe (commit)
Summary of changes:
t/api/group-rights.t | 128 +++++++++++++++++++++++++++++++++++++++++++++
t/api/groups.t | 141 ++++++++++---------------------------------------
2 files changed, 157 insertions(+), 112 deletions(-)
create mode 100644 t/api/group-rights.t
- Log -----------------------------------------------------------------
commit 47b1c48129a77fe9ef6e6ad69e7860ea27a3e200
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Thu Jul 14 14:36:00 2011 -0400
Split the group rights checking into its own file
diff --git a/t/api/group-rights.t b/t/api/group-rights.t
new file mode 100644
index 0000000..9e4031a
--- /dev/null
+++ b/t/api/group-rights.t
@@ -0,0 +1,78 @@
+use strict;
+use warnings;
+use RT::Test nodata => 1, tests => 17;
+
+RT::Group->AddRights(
+ 'RTxGroupRight' => 'Just a right for testing rights',
+);
+
+# this company is split into two halves, the hacks and the non-hacks
+# herbert is a hacker but eric is not.
+my $herbert = RT::User->new(RT->SystemUser);
+my ($ok, $msg) = $herbert->Create(Name => 'herbert');
+ok($ok, $msg);
+
+my $eric = RT::User->new(RT->SystemUser);
+($ok, $msg) = $eric->Create(Name => 'eric');
+ok($ok, $msg);
+
+my $hacks = RT::Group->new(RT->SystemUser);
+($ok, $msg) = $hacks->CreateUserDefinedGroup(Name => 'Hackers');
+ok($ok, $msg);
+
+my $employees = RT::Group->new(RT->SystemUser);
+($ok, $msg) = $employees->CreateUserDefinedGroup(Name => 'Employees');
+ok($ok, $msg);
+
+($ok, $msg) = $employees->AddMember($hacks->PrincipalId);
+ok($ok, $msg);
+
+($ok, $msg) = $hacks->AddMember($herbert->PrincipalId);
+ok($ok, $msg);
+
+($ok, $msg) = $employees->AddMember($eric->PrincipalId);
+ok($ok, $msg);
+
+ok($employees->HasMemberRecursively($hacks->PrincipalId), 'employees has member hacks');
+ok($employees->HasMemberRecursively($herbert->PrincipalId), 'employees has member herbert');
+ok($employees->HasMemberRecursively($eric->PrincipalId), 'employees has member eric');
+
+ok($hacks->HasMemberRecursively($herbert->PrincipalId), 'hacks has member herbert');
+ok(!$hacks->HasMemberRecursively($eric->PrincipalId), 'hacks does not have member eric');
+
+{ # Eric doesn't have the right yet
+ my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
+ $groups->LimitToUserDefinedGroups;
+ $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
+
+ is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], [], 'no joined groups have RTxGroupRight yet');
+}
+
+{ # Neither does Herbert
+ my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
+ $groups->LimitToUserDefinedGroups;
+ $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
+ is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], [], 'no joined groups have RTxGroupRight yet');
+}
+
+# Grant it to employees, on employees
+($ok, $msg) = $employees->PrincipalObj->GrantRight(Right => 'RTxGroupRight', Object => $employees);
+ok($ok, $msg);
+
+{ # Eric is an Employee directly, so has it on Employees
+ my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
+ $groups->LimitToUserDefinedGroups;
+ $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
+ is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees']);
+}
+
+{ # Herbert is an Employee by way of Hackers, so should have it on both
+ my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
+ $groups->LimitToUserDefinedGroups;
+ $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
+
+ TODO: {
+ local $TODO = "not recursing across groups within groups yet";
+ is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees', 'Hackers']);
+ }
+}
diff --git a/t/api/groups.t b/t/api/groups.t
index 33f0671..e368283 100644
--- a/t/api/groups.t
+++ b/t/api/groups.t
@@ -1,53 +1,45 @@
use strict;
use warnings;
-use RT::Test nodata => 1, tests => 44;
+use RT::Test nodata => 1, tests => 27;
RT::Group->AddRights(
'RTxGroupRight' => 'Just a right for testing rights',
);
{
-
-# next had bugs
-# Groups->Limit( FIELD => 'id', OPERATOR => '!=', VALUE => xx );
-my $g = RT::Group->new(RT->SystemUser);
-my ($id, $msg) = $g->CreateUserDefinedGroup(Name => 'GroupsNotEqualTest');
-ok ($id, "created group #". $g->id) or diag("error: $msg");
-
-my $groups = RT::Groups->new(RT->SystemUser);
-$groups->Limit( FIELD => 'id', OPERATOR => '!=', VALUE => $g->id );
-$groups->LimitToUserDefinedGroups();
-my $bug = grep $_->id == $g->id, @{$groups->ItemsArrayRef};
-ok (!$bug, "didn't find group");
-
-
+ my $g = RT::Group->new(RT->SystemUser);
+ my ($id, $msg) = $g->CreateUserDefinedGroup(Name => 'GroupsNotEqualTest');
+ ok ($id, "created group #". $g->id) or diag("error: $msg");
+
+ my $groups = RT::Groups->new(RT->SystemUser);
+ $groups->Limit( FIELD => 'id', OPERATOR => '!=', VALUE => $g->id );
+ $groups->LimitToUserDefinedGroups();
+ my $bug = grep $_->id == $g->id, @{$groups->ItemsArrayRef};
+ ok (!$bug, "didn't find group");
}
-{
-
-my $u = RT::User->new(RT->SystemUser);
-my ($id, $msg) = $u->Create( Name => 'Membertests'. $$ );
-ok ($id, 'created user') or diag "error: $msg";
-
-my $g = RT::Group->new(RT->SystemUser);
-($id, $msg) = $g->CreateUserDefinedGroup(Name => 'Membertests');
-ok ($id, $msg);
-
-my ($aid, $amsg) =$g->AddMember($u->id);
-ok ($aid, $amsg);
-ok($g->HasMember($u->PrincipalObj),"G has member u");
-
-my $groups = RT::Groups->new(RT->SystemUser);
-$groups->LimitToUserDefinedGroups();
-$groups->WithMember(PrincipalId => $u->id);
-is ($groups->Count , 1,"found the 1 group - " . $groups->Count);
-is ($groups->First->Id , $g->Id, "it's the right one");
-
+{
+ my $u = RT::User->new(RT->SystemUser);
+ my ($id, $msg) = $u->Create( Name => 'Membertests'. $$ );
+ ok ($id, 'created user') or diag "error: $msg";
+
+ my $g = RT::Group->new(RT->SystemUser);
+ ($id, $msg) = $g->CreateUserDefinedGroup(Name => 'Membertests');
+ ok ($id, $msg);
+
+ my ($aid, $amsg) =$g->AddMember($u->id);
+ ok ($aid, $amsg);
+ ok($g->HasMember($u->PrincipalObj),"G has member u");
+
+ my $groups = RT::Groups->new(RT->SystemUser);
+ $groups->LimitToUserDefinedGroups();
+ $groups->WithMember(PrincipalId => $u->id);
+ is ($groups->Count , 1,"found the 1 group - " . $groups->Count);
+ is ($groups->First->Id , $g->Id, "it's the right one");
}
-{
- no warnings qw/redefine once/;
+no warnings qw/redefine/;
my $q = RT::Queue->new(RT->SystemUser);
my ($id, $msg) =$q->Create( Name => 'GlobalACLTest');
@@ -124,78 +116,3 @@ is($groups->Count, 1, "RTxGroupRight found for RTxObj2");
$groups = RT::Groups->new(RT->SystemUser);
$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxObj2, EquivObjects => [ $RTxSysObj ]);
is($groups->Count, 1, "RTxGroupRight found for RTxObj2");
-
-}
-
-{
- # this company is split into two halves, the hacks and the non-hacks
- # herbert is a hacker but eric is not.
- my $herbert = RT::User->new(RT->SystemUser);
- my ($ok, $msg) = $herbert->Create(Name => 'herbert');
- ok($ok, $msg);
-
- my $eric = RT::User->new(RT->SystemUser);
- ($ok, $msg) = $eric->Create(Name => 'eric');
- ok($ok, $msg);
-
- my $hacks = RT::Group->new(RT->SystemUser);
- ($ok, $msg) = $hacks->CreateUserDefinedGroup(Name => 'Hackers');
- ok($ok, $msg);
-
- my $employees = RT::Group->new(RT->SystemUser);
- ($ok, $msg) = $employees->CreateUserDefinedGroup(Name => 'Employees');
- ok($ok, $msg);
-
- ($ok, $msg) = $employees->AddMember($hacks->PrincipalId);
- ok($ok, $msg);
-
- ($ok, $msg) = $hacks->AddMember($herbert->PrincipalId);
- ok($ok, $msg);
-
- ($ok, $msg) = $employees->AddMember($eric->PrincipalId);
- ok($ok, $msg);
-
- ok($employees->HasMemberRecursively($hacks->PrincipalId), 'employees has member hacks');
- ok($employees->HasMemberRecursively($herbert->PrincipalId), 'employees has member herbert');
- ok($employees->HasMemberRecursively($eric->PrincipalId), 'employees has member eric');
-
- ok($hacks->HasMemberRecursively($herbert->PrincipalId), 'hacks has member herbert');
- ok(!$hacks->HasMemberRecursively($eric->PrincipalId), 'hacks does not have member eric');
-
- {
- my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
- $groups->LimitToUserDefinedGroups;
- $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
-
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], [], 'no joined groups have RTxGroupRight yet');
- }
-
- {
- my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
- $groups->LimitToUserDefinedGroups;
- $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], [], 'no joined groups have RTxGroupRight yet');
- }
-
- ($ok, $msg) = $employees->PrincipalObj->GrantRight(Right => 'RTxGroupRight', Object => $employees);
- ok($ok, $msg);
-
- {
- my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
- $groups->LimitToUserDefinedGroups;
- $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees']);
- }
-
- {
- my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
- $groups->LimitToUserDefinedGroups;
- $groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
-
- TODO: {
- local $TODO = "not recursing across groups within groups yet";
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees', 'Hackers']);
- }
- }
-}
-
commit 4f94d8c95604a2c5d612f3ee147f492b9d15bd94
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Thu Jul 14 14:40:26 2011 -0400
Clarify the tests as to who should have which right if queried directly
diff --git a/t/api/group-rights.t b/t/api/group-rights.t
index 9e4031a..d6c51d6 100644
--- a/t/api/group-rights.t
+++ b/t/api/group-rights.t
@@ -1,6 +1,6 @@
use strict;
use warnings;
-use RT::Test nodata => 1, tests => 17;
+use RT::Test nodata => 1, tests => 21;
RT::Group->AddRights(
'RTxGroupRight' => 'Just a right for testing rights',
@@ -60,6 +60,14 @@ ok(!$hacks->HasMemberRecursively($eric->PrincipalId), 'hacks does not have membe
ok($ok, $msg);
{ # Eric is an Employee directly, so has it on Employees
+ my $e = RT::Group->new(RT::CurrentUser->new($eric));
+ $e->Load($employees->Id);
+ ok($e->CurrentUserHasRight("RTxGroupRight"), "Eric has the right on employees");
+
+ my $h = RT::Group->new(RT::CurrentUser->new($eric));
+ $h->Load($hacks->Id);
+ ok(!$h->CurrentUserHasRight("RTxGroupRight"), "Doesn't have it on hackers");
+
my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
@@ -67,6 +75,14 @@ ok($ok, $msg);
}
{ # Herbert is an Employee by way of Hackers, so should have it on both
+ my $e = RT::Group->new(RT::CurrentUser->new($herbert));
+ $e->Load($employees->Id);
+ ok($e->CurrentUserHasRight("RTxGroupRight"), "Herbert has the right on employees");
+
+ my $h = RT::Group->new(RT::CurrentUser->new($herbert));
+ $h->Load($hacks->Id);
+ ok(!$h->CurrentUserHasRight("RTxGroupRight"), "Also has it on hackers");
+
my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
commit 00746c072bfdd4615593fcd1867085ffea741f1a
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Thu Jul 14 14:59:39 2011 -0400
Test with a group with no rights, but which the user is a member of
This is the _actual_ case that d76fd32 should have added a test for, as
the previous behavior was similar to "in the group directly, and/or has
the right." Both Eric and Herbert had the right previously by way of
the System shenanigans earier in the file.
diff --git a/t/api/group-rights.t b/t/api/group-rights.t
index d6c51d6..3a2ae98 100644
--- a/t/api/group-rights.t
+++ b/t/api/group-rights.t
@@ -1,6 +1,6 @@
use strict;
use warnings;
-use RT::Test nodata => 1, tests => 21;
+use RT::Test nodata => 1, no_plan => 1;
RT::Group->AddRights(
'RTxGroupRight' => 'Just a right for testing rights',
@@ -40,6 +40,16 @@ ok($employees->HasMemberRecursively($eric->PrincipalId), 'employees has member e
ok($hacks->HasMemberRecursively($herbert->PrincipalId), 'hacks has member herbert');
ok(!$hacks->HasMemberRecursively($eric->PrincipalId), 'hacks does not have member eric');
+# There's also a separate group, "Other", which both are a member of.
+my $other = RT::Group->new(RT->SystemUser);
+($ok, $msg) = $other->CreateUserDefinedGroup(Name => 'Other');
+ok($ok, $msg);
+($ok, $msg) = $other->AddMember($eric->PrincipalId);
+ok($ok, $msg);
+($ok, $msg) = $other->AddMember($herbert->PrincipalId);
+ok($ok, $msg);
+
+
{ # Eric doesn't have the right yet
my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
$groups->LimitToUserDefinedGroups;
@@ -59,36 +69,44 @@ ok(!$hacks->HasMemberRecursively($eric->PrincipalId), 'hacks does not have membe
($ok, $msg) = $employees->PrincipalObj->GrantRight(Right => 'RTxGroupRight', Object => $employees);
ok($ok, $msg);
-{ # Eric is an Employee directly, so has it on Employees
- my $e = RT::Group->new(RT::CurrentUser->new($eric));
- $e->Load($employees->Id);
- ok($e->CurrentUserHasRight("RTxGroupRight"), "Eric has the right on employees");
-
- my $h = RT::Group->new(RT::CurrentUser->new($eric));
- $h->Load($hacks->Id);
- ok(!$h->CurrentUserHasRight("RTxGroupRight"), "Doesn't have it on hackers");
+{ # Eric is an Employee directly, so has it on Employees, but not on Hack or Other
+ my $g = RT::Group->new(RT::CurrentUser->new($eric));
+ $g->Load($employees->Id);
+ ok($g->CurrentUserHasRight("RTxGroupRight"), "Eric has the right on employees");
+ $g->Load($hacks->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Doesn't have it on hackers");
+ $g->Load($other->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Nor on other");
my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees']);
+ my %has_right = map { ($_->Name => 1) } @{ $groups->ItemsArrayRef };
+ ok(delete $has_right{Employees}, "Has the right on a group it's in");
+ ok(not(delete $has_right{Hackers}), "Doesn't have the right on a group it's not in");
+ ok(not(delete $has_right{Other}), "Doesn't have the right on a group it's in");
+ ok(not(keys %has_right), "Has no other groups")
}
{ # Herbert is an Employee by way of Hackers, so should have it on both
- my $e = RT::Group->new(RT::CurrentUser->new($herbert));
- $e->Load($employees->Id);
- ok($e->CurrentUserHasRight("RTxGroupRight"), "Herbert has the right on employees");
-
- my $h = RT::Group->new(RT::CurrentUser->new($herbert));
- $h->Load($hacks->Id);
- ok(!$h->CurrentUserHasRight("RTxGroupRight"), "Also has it on hackers");
+ my $g = RT::Group->new(RT::CurrentUser->new($herbert));
+ $g->Load($employees->Id);
+ ok($g->CurrentUserHasRight("RTxGroupRight"), "Herbert has the right on employees");
+ $g->Load($hacks->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Also has it on hackers");
+ $g->Load($other->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "But not on other");
my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
+ my %has_right = map { ($_->Name => 1) } @{ $groups->ItemsArrayRef };
+ ok(delete $has_right{Employees}, "Has the right on a group it's in");
TODO: {
- local $TODO = "not recursing across groups within groups yet";
- is_deeply([sort map { $_->Name } @{ $groups->ItemsArrayRef }], ['Employees', 'Hackers']);
+ local $TODO = "Doesn't recurse properly";
+ ok(delete $has_right{Hackers}, "Grants the right recursively");
}
+ ok(not(delete $has_right{Other}), "Doesn't have the right on a group it's in");
+ ok(not(keys %has_right), "Has no other groups")
}
commit a3438d7e00940b0e05839b8e5ec8e74a5e994b2a
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Thu Jul 14 15:09:16 2011 -0400
Add tests to show that the users don't have the right prior to the grant
diff --git a/t/api/group-rights.t b/t/api/group-rights.t
index 3a2ae98..1219677 100644
--- a/t/api/group-rights.t
+++ b/t/api/group-rights.t
@@ -51,6 +51,14 @@ ok($ok, $msg);
{ # Eric doesn't have the right yet
+ my $g = RT::Group->new(RT::CurrentUser->new($eric));
+ $g->Load($employees->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Eric doesn't yet have the right on employees");
+ $g->Load($hacks->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Nor on hackers");
+ $g->Load($other->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Nor on other");
+
my $groups = RT::Groups->new(RT::CurrentUser->new($eric));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
@@ -59,6 +67,14 @@ ok($ok, $msg);
}
{ # Neither does Herbert
+ my $g = RT::Group->new(RT::CurrentUser->new($herbert));
+ $g->Load($employees->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Herbert doesn't yet have the right on employees");
+ $g->Load($hacks->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Nor on hackers");
+ $g->Load($other->Id);
+ ok(!$g->CurrentUserHasRight("RTxGroupRight"), "Nor on other");
+
my $groups = RT::Groups->new(RT::CurrentUser->new($herbert));
$groups->LimitToUserDefinedGroups;
$groups->ForWhichCurrentUserHasRight(Right => 'RTxGroupRight');
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list