tests/phpunit/WebTest/Report/RolePermissionReportTest.php

   1 <?php
   2 /*
   3    +--------------------------------------------------------------------+
   4    | CiviCRM version 4.3                                                |
   5    +--------------------------------------------------------------------+
   6    | Copyright CiviCRM LLC (c) 2004-2013                                |
   7    +--------------------------------------------------------------------+
   8    | This file is a part of CiviCRM.                                    |
   9    |                                                                    |
  10    | CiviCRM is free software; you can copy, modify, and distribute it  |
  11    | under the terms of the GNU Affero General Public License           |
  12    | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13    |                                                                    |
  14    | CiviCRM is distributed in the hope that it will be useful, but     |
  15    | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16    | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17    | See the GNU Affero General Public License for more details.        |
  18    |                                                                    |
  19    | You should have received a copy of the GNU Affero General Public   |
  20    | License along with this program; if not, contact CiviCRM LLC       |
  21    | at info[AT]civicrm[DOT]org. If you have questions about the        |
  22    | GNU Affero General Public License or the licensing of CiviCRM,     |
  23    | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  24    +--------------------------------------------------------------------+
  25   */
  26
  27
  28 require_once 'CiviTest/CiviSeleniumTestCase.php';
  29 class WebTest_Report_RolePermissionReportTest extends CiviSeleniumTestCase {
  30
  31   protected function setUp() {
  32     parent::setUp();
  33   }
  34
  35   function testRolePermissionReport() {
  36     $this->webtestLogin('admin');
  37
  38     //create new roles
  39     $role1 = 'role1' . substr(sha1(rand()), 0, 7);
  40     $role2 = 'role2' . substr(sha1(rand()), 0, 7);
  41     $this->open($this->sboxPath . "admin/people/permissions/roles");
  42     $this->waitForElementPresent("edit-add");
  43     $this->type("edit-name", $role1);
  44     $this->click("edit-add");
  45     $this->waitForPageToLoad($this->getTimeoutMsec());
  46
  47     $this->open($this->sboxPath . "admin/people/permissions/roles");
  48     $this->waitForElementPresent("edit-add");
  49     $this->type("edit-name", $role2);
  50     $this->click("edit-add");
  51     $this->waitForPageToLoad($this->getTimeoutMsec());
  52
  53     $this->open($this->sboxPath . "admin/people/permissions/roles");
  54
  55     $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']");
  56     $roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role1}']/../td[4]/a[text()='edit permissions']/@href"));
  57     $roleId1 = end($roleid);
  58     $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']");
  59     $roleid = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role2}']/../td[4]/a[text()='edit permissions']/@href"));
  60     $roleId2 = end($roleid);
  61
  62     $user1 = $this->_testCreateUser($roleId1);
  63     $user2 = $this->_testCreateUser($roleId2);
  64
  65     // let's give full CiviReport permissions.
  66     $permissions = array(
  67       "edit-2-access-civireport",
  68       "edit-2-view-all-contacts",
  69       "edit-2-administer-civicrm",
  70       "edit-2-access-civicrm",
  71     );
  72     $this->changePermissions($permissions);
  73
  74     // change report setting to for a particular role
  75     $this->openCiviPage('report/instance/1', 'reset=1');
  76     $this->click("css=div.crm-report_setting-accordion div.crm-accordion-header");
  77     $this->waitForElementPresent("_qf_Summary_submit_save");
  78     $this->select("permission", "value=access CiviCRM");
  79     $this->select("grouprole-f", "value=$role1");
  80     $this->click("add");
  81     $this->click("_qf_Summary_submit_save");
  82     $this->waitForPageToLoad($this->getTimeoutMsec());
  83     $this->webtestLogin($user2, 'Test12345');
  84     $this->openCiviPage('report/instance/1', 'reset=1');
  85     $this->assertElementContainsText('crm-container', 'You do not have permission to access this report.');
  86     $this->openCiviPage('report/list', 'reset=1');
  87
  88     //delete roles
  89     $this->webtestLogin('admin');
  90     $this->open($this->sboxPath . "admin/people/permissions/roles");
  91     $this->_roleDelete($role1);
  92     $this->_roleDelete($role2);
  93   }
  94
  95   /*
  96    *check for CRM-10148
  97    */
  98   function testReservedReportPermission() {
  99     $this->webtestLogin('admin');
 100
 101     //create new role
 102     $role = 'role' . substr(sha1(rand()), 0, 7);
 103     $this->open($this->sboxPath . "admin/people/permissions/roles");
 104
 105     $this->waitForElementPresent("edit-add");
 106     $this->type("edit-name", $role);
 107     $this->click("edit-add");
 108     $this->waitForPageToLoad($this->getTimeoutMsec());
 109
 110     $this->open($this->sboxPath . "admin/people/permissions/roles");
 111     $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']");
 112     $roleId = explode('/', $this->getAttribute("xpath=//table[@id='user-roles']/tbody//tr/td[1][text()='{$role}']/../td[4]/a[text()='edit permissions']/@href"));
 113     $roleId = end($roleId);
 114     $user = $this->_testCreateUser($roleId);
 115     $this->openCiviPage('report/instance/1', 'reset=1');
 116     if ($this->isChecked("is_reserved")) {
 117       $this->click("is_reserved");
 118       $this->click("_qf_Summary_submit_save");
 119       $this->waitForPageToLoad($this->getTimeoutMsec());
 120     }
 121     $permissions = array(
 122       "edit-{$roleId}-access-civireport",
 123       "edit-{$roleId}-view-all-contacts",
 124       "edit-{$roleId}-administer-reports",
 125       "edit-{$roleId}-access-civicrm"
 126     );
 127     $this->changePermissions($permissions);
 128
 129     $this->webtestLogin($user, 'Test12345');
 130     $this->openCiviPage('report/instance/1', 'reset=1');
 131
 132     //check if the reserved report field is frozen
 133     $this->assertTrue($this->isElementPresent("xpath=//div[@id='instanceForm']//table[3]/tbody//tr/td[2]/tt[text()='[ ]']"));
 134
 135     // let's give full CiviReport permissions.
 136     $permissions = array(
 137       "edit-{$roleId}-access-civireport",
 138       "edit-{$roleId}-view-all-contacts",
 139       "edit-{$roleId}-administer-reports",
 140       "edit-{$roleId}-access-civicrm",
 141       "edit-{$roleId}-administer-reserved-reports"
 142     );
 143     $this->changePermissions($permissions);
 144
 145     $this->openCiviPage('report/instance/1', 'reset=1');
 146
 147     //make the report reserved
 148     $this->click("is_reserved");
 149     $this->click("_qf_Summary_submit_save");
 150     $this->waitForPageToLoad($this->getTimeoutMsec());
 151
 152     $this->webtestLogin($user, 'Test12345');
 153     $this->openCiviPage('report/instance/1', 'reset=1');
 154
 155     //check if the report criteria and settings is accessible
 156     $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
 157     $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']/table//input[@id='title']"));
 158
 159     //login as admin and remove reserved permission
 160     $this->webtestLogin('admin');
 161     $this->open($this->sboxPath . "admin/people/permissions");
 162     $this->waitForElementPresent("edit-submit");
 163
 164     if ($this->isChecked("edit-2-administer-reserved-reports")) {
 165       $this->click("edit-2-administer-reserved-reports");
 166     } else {
 167       $this->click("edit-{$roleId}-administer-reserved-reports");
 168     }
 169     $this->click("edit-submit");
 170     $this->waitForPageToLoad($this->getTimeoutMsec());
 171
 172     //login as user and check for absence of report criteria and settings
 173     $this->webtestLogin($user, 'Test12345');
 174     $this->openCiviPage('report/instance/1', 'reset=1');
 175
 176     if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div/div/div")) {
 177       $this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div/div/div", "Report Criteria");
 178     }
 179     if ($this->isElementPresent("xpath=//form[@id='Summary']/div[2]/div[2]/div")) {
 180       $this->verifyNotText("xpath=//form[@id='Summary']/div[2]/div[2]/div", "Report Settings");
 181     }
 182
 183     $this->assertFalse($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));
 184
 185     //login as admin and turn the is_reserved flag off for the instance
 186     $this->webtestLogin('admin');
 187     $this->openCiviPage('report/instance/1', 'reset=1');
 188     $this->click("is_reserved");
 189     $this->click("_qf_Summary_submit_save");
 190     $this->waitForPageToLoad($this->getTimeoutMsec());
 191
 192     $this->webtestLogin($user, 'Test12345');
 193     $this->openCiviPage('report/instance/1', 'reset=1');
 194
 195     $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='id_default']//input[@id='fields_email']"));
 196     $this->assertTrue($this->isElementPresent("xpath=//form[@id='Summary']//div[@id='instanceForm']//input[@id='title']"));
 197
 198     //login as admin and delete the role
 199     $this->webtestLogin('admin');
 200     $this->open($this->sboxPath . "admin/people/permissions/roles");
 201     $this->_roleDelete($role);
 202   }
 203
 204   function _roleDelete($role) {
 205     $this->waitForElementPresent("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
 206     $this->click("xpath=//table[@id='user-roles']/tbody//tr/td[text()='{$role}']/..//td/a[text()='edit role']");
 207     $this->waitForElementPresent('edit-delete');
 208     $this->click('edit-delete');
 209     $this->waitForPageToLoad($this->getTimeoutMsec());
 210     $this->click("edit-submit");
 211     $this->waitForTextPresent("The role has been deleted.");
 212   }
 213
 214   function _testCreateUser($roleid) {
 215
 216     $this->open($this->sboxPath . "admin/people/create");
 217
 218     $this->waitForElementPresent("edit-submit");
 219
 220     $name = "TestUser" . substr(sha1(rand()), 0, 4);
 221     $this->type("edit-name", $name);
 222
 223     $emailId = substr(sha1(rand()), 0, 7) . '@web.com';
 224     $this->type("edit-mail", $emailId);
 225     $this->type("edit-pass-pass1", "Test12345");
 226     $this->type("edit-pass-pass2", "Test12345");
 227     $role = "edit-roles-" . $roleid;
 228     $this->check("name=roles[$roleid] value={$roleid}");
 229
 230     //Add profile Details
 231     $firstName = 'Ma' . substr(sha1(rand()), 0, 4);
 232     $lastName = 'An' . substr(sha1(rand()), 0, 7);
 233
 234     $this->type("first_name", $firstName);
 235     $this->type("last_name", $lastName);
 236
 237     //Address Details
 238     $this->type("street_address-1", "902C El Camino Way SW");
 239     $this->type("city-1", "Dumfries");
 240     $this->type("postal_code-1", "1234");
 241     $this->select("state_province-1", "value=1019");
 242
 243     $this->click("edit-submit");
 244     $this->waitForPageToLoad($this->getTimeoutMsec());
 245     return $name;
 246   }
 247 }