[civicrm-core.git] / tests / phpunit / WebTest / Report / RolePermissionReportTest.php

<?php
/*
   +--------------------------------------------------------------------+
   | CiviCRM version 4.5                                                |
   +--------------------------------------------------------------------+
   | Copyright CiviCRM LLC (c) 2004-2014                                |
   +--------------------------------------------------------------------+
   | This file is a part of CiviCRM.                                    |
   |                                                                    |
   | CiviCRM is free software; you can copy, modify, and distribute it  |
   | under the terms of the GNU Affero General Public License           |
   | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
   |                                                                    |
   | CiviCRM is distributed in the hope that it will be useful, but     |
   | WITHOUT ANY WARRANTY; without even the implied warranty of         |
   | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
   | See the GNU Affero General Public License for more details.        |
   |                                                                    |
   | You should have received a copy of the GNU Affero General Public   |
   | License along with this program; if not, contact CiviCRM LLC       |
   | at info[AT]civicrm[DOT]org. If you have questions about the        |
   | GNU Affero General Public License or the licensing of CiviCRM,     |
   | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
   +--------------------------------------------------------------------+
  */

require_once 'CiviTest/CiviSeleniumTestCase.php';
class WebTest_Report_RolePermissionReportTest extends CiviSeleniumTestCase {

  protected function setUp() {
    parent::setUp();
  }

  function testRolePermissionReport() {
    $this->webtestLogin('admin');

    //create new roles
    $role1 = 'role1' . substr(sha1(rand()), 0, 7);
    $role2 = 'role2' . substr(sha1(rand()), 0, 7);
    $this->open($this->sboxPath . "admin/people/permissions/roles");
    $this->waitForElementPresent("edit-add");
    $this->type("edit-name", $role1);
    $this->click("edit-add");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    $this->open($this->sboxPath . "admin/people/permissions/roles");
    $this->waitForElementPresent("edit-add");
    $this->type("edit-name", $role2);
    $this->click("edit-add");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    $this->open($this->sboxPath . "admin/people/permissions/roles");

    $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']");
    $roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']/../td[4]/a[text()='edit permissions']/@href"));
    $roleId1 = end($roleid);
    $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']");
    $roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']/../td[4]/a[text()='edit permissions']/@href"));
    $roleId2 = end($roleid);

    $user1 = $this->_testCreateUser($roleId1);
    $user2 = $this->_testCreateUser($roleId2);

    // let's give full CiviReport permissions.
    $permissions = array(
      "edit-2-access-civireport",
      "edit-2-view-all-contacts",
      "edit-2-administer-civicrm",
      "edit-2-access-civicrm",
    );
    $this->changePermissions($permissions);

    // change report setting to for a particular role
    $this->openCiviPage('report/instance/1', 'reset=1');
    $this->click("css=div.crm-report_setting-accordion div.crm-accordion-header");
    $this->waitForElementPresent("_qf_Summary_submit_save");
    $this->select("permission", "value=access CiviCRM");
    $this->select("grouprole-f", "value=$role1");
    $this->click("add");
    $this->click("_qf_Summary_submit_save");
    $this->waitForPageToLoad($this->getTimeoutMsec());
    $this->webtestLogin($user2, 'Test12345');
    $this->openCiviPage('report/instance/1', 'reset=1');
    $this->assertElementContainsText('crm-container', 'You do not have permission to access this report.');
    $this->openCiviPage('report/list', 'reset=1');

    //delete roles
    $this->webtestLogin('admin');
    $this->open($this->sboxPath . "admin/people/permissions/roles");
    $this->_roleDelete($role1);
    $this->_roleDelete($role2);
  }

  /*
   *check for CRM-10148
   */
  function testReservedReportPermission() {
    $this->webtestLogin('admin');

    //create new role
    $role = 'role' . substr(sha1(rand()), 0, 7);
    $this->open($this->sboxPath . "admin/people/permissions/roles");

    $this->waitForElementPresent("edit-add");
    $this->type("edit-name", $role);
    $this->click("edit-add");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    $this->open($this->sboxPath . "admin/people/permissions/roles");
    $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']");
    $roleId = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']/../td[4]/a[text()='edit permissions']/@href"));
    $roleId = end($roleId);
    $user = $this->_testCreateUser($roleId);
    $this->openCiviPage('report/instance/1', 'reset=1');
    if ($this->isChecked("is_reserved")) {
      $this->click("is_reserved");
      $this->click("_qf_Summary_submit_save");
      $this->waitForPageToLoad($this->getTimeoutMsec());
    }
    $permissions = array(
      "edit-{$roleId}-access-civireport",
      "edit-{$roleId}-view-all-contacts",
      "edit-{$roleId}-administer-reports",
      "edit-{$roleId}-access-civicrm"
    );
    $this->changePermissions($permissions);

    $this->webtestLogin($user, 'Test12345');
    $this->openCiviPage('report/instance/1', 'reset=1');

    //check if the reserved report field is frozen
    $this->assertTrue($this->isElementPresent("xpath=//div[@id='instanceForm']//table[3]/tbody//tr/td[2]/tt[text()='[ ]']"));

    // let's give full CiviReport permissions.
    $permissions = array(
      "edit-{$roleId}-access-civireport",
      "edit-{$roleId}-view-all-contacts",
      "edit-{$roleId}-administer-reports",
      "edit-{$roleId}-access-civicrm",
      "edit-{$roleId}-administer-reserved-reports"
    );
    $this->changePermissions($permissions);

    $this->openCiviPage('report/instance/1', 'reset=1');

    //make the report reserved
    $this->click("is_reserved");
    $this->click("_qf_Summary_submit_save");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    $this->webtestLogin($user, 'Test12345');
    $this->openCiviPage('report/instance/1', 'reset=1');

    //check if the report criteria and settings is accessible
    $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
    $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']/table//input[@id='title']"));

    //login as admin and remove reserved permission
    $this->webtestLogin('admin');
    $this->open($this->sboxPath . "admin/people/permissions");
    $this->waitForElementPresent("edit-submit");

    if ($this->isChecked("edit-2-administer-reserved-reports")) {
      $this->click("edit-2-administer-reserved-reports");
    } else {
      $this->click("edit-{$roleId}-administer-reserved-reports");
    }
    $this->click("edit-submit");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    //login as user and check for absence of report criteria and settings
    $this->webtestLogin($user, 'Test12345');
    $this->openCiviPage('report/instance/1', 'reset=1');

    if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div/div/div")) {
      $this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div/div/div", "Report Criteria");
    }
    if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div[2]/div")) {
      $this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div[2]/div", "Report Settings");
    }

    $this->assertFalse($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));

    //login as admin and turn the is_reserved flag off for the instance
    $this->webtestLogin('admin');
    $this->openCiviPage('report/instance/1', 'reset=1');
    $this->click("is_reserved");
    $this->click("_qf_Summary_submit_save");
    $this->waitForPageToLoad($this->getTimeoutMsec());

    $this->webtestLogin($user, 'Test12345');
    $this->openCiviPage('report/instance/1', 'reset=1');

    $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
    $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));

    //login as admin and delete the role
    $this->webtestLogin('admin');
    $this->open($this->sboxPath . "admin/people/permissions/roles");
    $this->_roleDelete($role);
  }

  function _roleDelete($role) {
    $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
    $this->click("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
    $this->waitForElementPresent('edit-delete');
    $this->click('edit-delete');
    $this->waitForPageToLoad($this->getTimeoutMsec());
    $this->click("edit-submit");
    $this->waitForTextPresent("The role has been deleted.");
  }

  function _testCreateUser($roleid) {

    $this->open($this->sboxPath . "admin/people/create");

    $this->waitForElementPresent("edit-submit");

    $name = "TestUser" . substr(sha1(rand()), 0, 4);
    $this->type("edit-name", $name);

    $emailId = substr(sha1(rand()), 0, 7) . '@web.com';
    $this->type("edit-mail", $emailId);
    $this->type("edit-pass-pass1", "Test12345");
    $this->type("edit-pass-pass2", "Test12345");
    $role = "edit-roles-" . $roleid;
    $this->check("name=roles[$roleid] value={$roleid}");

    //Add profile Details
    $firstName = 'Ma' . substr(sha1(rand()), 0, 4);
    $lastName = 'An' . substr(sha1(rand()), 0, 7);

    $this->type("first_name", $firstName);
    $this->type("last_name", $lastName);

    //Address Details
    $this->type("street_address-1", "902C El Camino Way SW");
    $this->type("city-1", "Dumfries");
    $this->type("postal_code-1", "1234");
    $this->select("state_province-1", "value=1019");

    $this->click("edit-submit");
    $this->waitForPageToLoad($this->getTimeoutMsec());
    return $name;
  }
}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
06a1bc01	4	\| CiviCRM version 4.5 \|
6a488035	5	+--------------------------------------------------------------------+
06a1bc01	6	\| Copyright CiviCRM LLC (c) 2004-2014 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License along with this program; if not, contact CiviCRM LLC \|
	21	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	22	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	23	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	24	+--------------------------------------------------------------------+
	25	*/
	26
6a488035 TO	27	require_once 'CiviTest/CiviSeleniumTestCase.php';
	28	class WebTest_Report_RolePermissionReportTest extends CiviSeleniumTestCase {
	29
	30	protected function setUp() {
	31	parent::setUp();
	32	}
	33
	34	function testRolePermissionReport() {
42daf119	35	$this->webtestLogin('admin');
6a488035 TO	36
	37	//create new roles
	38	$role1 = 'role1' . substr(sha1(rand()), 0, 7);
	39	$role2 = 'role2' . substr(sha1(rand()), 0, 7);
	40	$this->open($this->sboxPath . "admin/people/permissions/roles");
	41	$this->waitForElementPresent("edit-add");
	42	$this->type("edit-name", $role1);
	43	$this->click("edit-add");
	44	$this->waitForPageToLoad($this->getTimeoutMsec());
331a5c18	45
6a488035 TO	46	$this->open($this->sboxPath . "admin/people/permissions/roles");
	47	$this->waitForElementPresent("edit-add");
	48	$this->type("edit-name", $role2);
	49	$this->click("edit-add");
	50	$this->waitForPageToLoad($this->getTimeoutMsec());
	51
	52	$this->open($this->sboxPath . "admin/people/permissions/roles");
	53
	54	$this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']");
	55	$roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']/../td[4]/a[text()='edit permissions']/@href"));
	56	$roleId1 = end($roleid);
	57	$this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']");
	58	$roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']/../td[4]/a[text()='edit permissions']/@href"));
	59	$roleId2 = end($roleid);
	60
	61	$user1 = $this->_testCreateUser($roleId1);
	62	$user2 = $this->_testCreateUser($roleId2);
6a488035 TO	63
	64	// let's give full CiviReport permissions.
	65	$permissions = array(
	66	"edit-2-access-civireport",
	67	"edit-2-view-all-contacts",
	68	"edit-2-administer-civicrm",
	69	"edit-2-access-civicrm",
	70	);
	71	$this->changePermissions($permissions);
	72
	73	// change report setting to for a particular role
8fe1f83e	74	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	75	$this->click("css=div.crm-report_setting-accordion div.crm-accordion-header");
	76	$this->waitForElementPresent("_qf_Summary_submit_save");
	77	$this->select("permission", "value=access CiviCRM");
	78	$this->select("grouprole-f", "value=$role1");
	79	$this->click("add");
	80	$this->click("_qf_Summary_submit_save");
	81	$this->waitForPageToLoad($this->getTimeoutMsec());
42daf119	82	$this->webtestLogin($user2, 'Test12345');
8fe1f83e RN	83	$this->openCiviPage('report/instance/1', 'reset=1');
	84	$this->assertElementContainsText('crm-container', 'You do not have permission to access this report.');
	85	$this->openCiviPage('report/list', 'reset=1');
6a488035 TO	86
6a488035 TO	87	//delete roles
42daf119	88	$this->webtestLogin('admin');
6a488035 TO	89	$this->open($this->sboxPath . "admin/people/permissions/roles");
	90	$this->_roleDelete($role1);
	91	$this->_roleDelete($role2);
	92	}
331a5c18	93
6a488035 TO	94	/*
	95	*check for CRM-10148
	96	*/
	97	function testReservedReportPermission() {
42daf119	98	$this->webtestLogin('admin');
6a488035 TO	99
	100	//create new role
	101	$role = 'role' . substr(sha1(rand()), 0, 7);
	102	$this->open($this->sboxPath . "admin/people/permissions/roles");
	103
	104	$this->waitForElementPresent("edit-add");
	105	$this->type("edit-name", $role);
	106	$this->click("edit-add");
	107	$this->waitForPageToLoad($this->getTimeoutMsec());
331a5c18	108
6a488035 TO	109	$this->open($this->sboxPath . "admin/people/permissions/roles");
	110	$this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']");
	111	$roleId = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']/../td[4]/a[text()='edit permissions']/@href"));
	112	$roleId = end($roleId);
	113	$user = $this->_testCreateUser($roleId);
8fe1f83e	114	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	115	if ($this->isChecked("is_reserved")) {
	116	$this->click("is_reserved");
	117	$this->click("_qf_Summary_submit_save");
	118	$this->waitForPageToLoad($this->getTimeoutMsec());
	119	}
	120	$permissions = array(
	121	"edit-{$roleId}-access-civireport",
	122	"edit-{$roleId}-view-all-contacts",
	123	"edit-{$roleId}-administer-reports",
	124	"edit-{$roleId}-access-civicrm"
331a5c18	125	);
6a488035	126	$this->changePermissions($permissions);
331a5c18	127
42daf119	128	$this->webtestLogin($user, 'Test12345');
8fe1f83e	129	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	130
	131	//check if the reserved report field is frozen
	132	$this->assertTrue($this->isElementPresent("xpath=//div[@id='instanceForm']//table[3]/tbody//tr/td[2]/tt[text()='[ ]']"));
	133
6a488035 TO	134	// let's give full CiviReport permissions.
	135	$permissions = array(
	136	"edit-{$roleId}-access-civireport",
	137	"edit-{$roleId}-view-all-contacts",
	138	"edit-{$roleId}-administer-reports",
	139	"edit-{$roleId}-access-civicrm",
	140	"edit-{$roleId}-administer-reserved-reports"
	141	);
	142	$this->changePermissions($permissions);
331a5c18	143
8fe1f83e	144	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	145
	146	//make the report reserved
	147	$this->click("is_reserved");
	148	$this->click("_qf_Summary_submit_save");
	149	$this->waitForPageToLoad($this->getTimeoutMsec());
331a5c18	150
42daf119	151	$this->webtestLogin($user, 'Test12345');
8fe1f83e	152	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	153
	154	//check if the report criteria and settings is accessible
	155	$this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
	156	$this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']/table//input[@id='title']"));
331a5c18	157
6a488035	158	//login as admin and remove reserved permission
42daf119	159	$this->webtestLogin('admin');
6a488035 TO	160	$this->open($this->sboxPath . "admin/people/permissions");
6a488035 TO	161	$this->waitForElementPresent("edit-submit");
331a5c18	162
6a488035 TO	163	if ($this->isChecked("edit-2-administer-reserved-reports")) {
	164	$this->click("edit-2-administer-reserved-reports");
	165	} else {
	166	$this->click("edit-{$roleId}-administer-reserved-reports");
	167	}
	168	$this->click("edit-submit");
	169	$this->waitForPageToLoad($this->getTimeoutMsec());
	170
	171	//login as user and check for absence of report criteria and settings
42daf119	172	$this->webtestLogin($user, 'Test12345');
8fe1f83e	173	$this->openCiviPage('report/instance/1', 'reset=1');
331a5c18	174
6a488035	175	if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div/div/div")) {
331a5c18	176	$this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div/div/div", "Report Criteria");
6a488035 TO	177	}
6a488035 TO	178	if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div[2]/div")) {
331a5c18	179	$this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div[2]/div", "Report Settings");
6a488035	180	}
331a5c18	181
6a488035 TO	182	$this->assertFalse($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));
	183
	184	//login as admin and turn the is_reserved flag off for the instance
42daf119	185	$this->webtestLogin('admin');
8fe1f83e	186	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	187	$this->click("is_reserved");
	188	$this->click("_qf_Summary_submit_save");
	189	$this->waitForPageToLoad($this->getTimeoutMsec());
331a5c18	190
42daf119	191	$this->webtestLogin($user, 'Test12345');
8fe1f83e	192	$this->openCiviPage('report/instance/1', 'reset=1');
6a488035 TO	193
	194	$this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
	195	$this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));
331a5c18	196
6a488035	197	//login as admin and delete the role
42daf119	198	$this->webtestLogin('admin');
6a488035 TO	199	$this->open($this->sboxPath . "admin/people/permissions/roles");
	200	$this->_roleDelete($role);
	201	}
331a5c18	202
6a488035 TO	203	function _roleDelete($role) {
	204	$this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
	205	$this->click("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
	206	$this->waitForElementPresent('edit-delete');
	207	$this->click('edit-delete');
	208	$this->waitForPageToLoad($this->getTimeoutMsec());
	209	$this->click("edit-submit");
	210	$this->waitForTextPresent("The role has been deleted.");
	211	}
	212
	213	function _testCreateUser($roleid) {
	214
6a488035 TO	215	$this->open($this->sboxPath . "admin/people/create");
	216
	217	$this->waitForElementPresent("edit-submit");
	218
	219	$name = "TestUser" . substr(sha1(rand()), 0, 4);
	220	$this->type("edit-name", $name);
	221
	222	$emailId = substr(sha1(rand()), 0, 7) . '@web.com';
	223	$this->type("edit-mail", $emailId);
	224	$this->type("edit-pass-pass1", "Test12345");
	225	$this->type("edit-pass-pass2", "Test12345");
	226	$role = "edit-roles-" . $roleid;
	227	$this->check("name=roles[$roleid] value={$roleid}");
	228
	229	//Add profile Details
	230	$firstName = 'Ma' . substr(sha1(rand()), 0, 4);
	231	$lastName = 'An' . substr(sha1(rand()), 0, 7);
	232
	233	$this->type("first_name", $firstName);
	234	$this->type("last_name", $lastName);
	235
	236	//Address Details
	237	$this->type("street_address-1", "902C El Camino Way SW");
	238	$this->type("city-1", "Dumfries");
	239	$this->type("postal_code-1", "1234");
	240	$this->select("state_province-1", "value=1019");
	241
	242	$this->click("edit-submit");
	243	$this->waitForPageToLoad($this->getTimeoutMsec());
	244	return $name;
	245	}
42daf119	246	}