tests/phpunit/api/v3/FinancialTypeACLTest.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | CiviCRM version 4.7                                                |
   5  +--------------------------------------------------------------------+
   6  | Copyright CiviCRM LLC (c) 2004-2018                                |
   7  +--------------------------------------------------------------------+
   8  | This file is a part of CiviCRM.                                    |
   9  |                                                                    |
  10  | CiviCRM is free software; you can copy, modify, and distribute it  |
  11  | under the terms of the GNU Affero General Public License           |
  12  | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13  |                                                                    |
  14  | CiviCRM is distributed in the hope that it will be useful, but     |
  15  | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17  | See the GNU Affero General Public License for more details.        |
  18  |                                                                    |
  19  | You should have received a copy of the GNU Affero General Public   |
  20  | License and the CiviCRM Licensing Exception along                  |
  21  | with this program; if not, contact CiviCRM LLC                     |
  22  | at info[AT]civicrm[DOT]org. If you have questions about the        |
  23  | GNU Affero General Public License or the licensing of CiviCRM,     |
  24  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  25  +--------------------------------------------------------------------+
  26  */
  27
  28 /**
  29  *  Test APIv3 civicrm_contribute_* functions
  30  *
  31  * @package CiviCRM_APIv3
  32  * @subpackage API_Contribution
  33  */
  34 class api_v3_FinancialTypeACLTest extends CiviUnitTestCase {
  35
  36   use CRMTraits_Financial_FinancialACLTrait;
  37
  38   /**
  39    * Assume empty database with just civicrm_data.
  40    */
  41   protected $_individualId;
  42   protected $_contribution;
  43   protected $_financialTypeId = 1;
  44   protected $_apiversion;
  45   protected $_entity = 'Contribution';
  46   public $debug = 0;
  47   protected $_params;
  48   protected $_ids = array();
  49   protected $_pageParams = array();
  50
  51   /**
  52    * Parameters to create payment processor.
  53    *
  54    * @var array
  55    */
  56   protected $_processorParams = array();
  57
  58   /**
  59    * ID of created event.
  60    *
  61    * @var int
  62    */
  63   protected $_eventID;
  64
  65   /**
  66    * Setup function.
  67    */
  68   public function setUp() {
  69     parent::setUp();
  70
  71     $this->_apiversion = 3;
  72     $this->_individualId = $this->individualCreate();
  73     $this->_params = array(
  74       'contact_id' => $this->_individualId,
  75       'receive_date' => '20120511',
  76       'total_amount' => 100.00,
  77       'financial_type_id' => $this->_financialTypeId,
  78       'non_deductible_amount' => 10.00,
  79       'fee_amount' => 5.00,
  80       'net_amount' => 95.00,
  81       'source' => 'SSF',
  82       'contribution_status_id' => 1,
  83     );
  84     $this->_processorParams = array(
  85       'domain_id' => 1,
  86       'name' => 'Dummy',
  87       'payment_processor_type_id' => 10,
  88       'financial_account_id' => 12,
  89       'is_active' => 1,
  90       'user_name' => '',
  91       'url_site' => 'http://dummy.com',
  92       'url_recur' => 'http://dummy.com',
  93       'billing_mode' => 1,
  94     );
  95     $this->_pageParams = array(
  96       'title' => 'Test Contribution Page',
  97       'financial_type_id' => 1,
  98       'currency' => 'USD',
  99       'financial_account_id' => 1,
 100       'payment_processor' => $this->processorCreate(),
 101       'is_active' => 1,
 102       'is_allow_other_amount' => 1,
 103       'min_amount' => 10,
 104       'max_amount' => 1000,
 105     );
 106   }
 107
 108   /**
 109    * Clean up after each test.
 110    */
 111   public function tearDown() {
 112     $this->quickCleanUpFinancialEntities();
 113     $this->quickCleanup(array('civicrm_uf_match'));
 114     $this->disableFinancialACLs();
 115   }
 116
 117   /**
 118    * Test Get.
 119    */
 120   public function testCreateACLContribution() {
 121     $this->enableFinancialACLs();
 122     $p = array(
 123       'contact_id' => $this->_individualId,
 124       'receive_date' => '2010-01-20',
 125       'total_amount' => 100.00,
 126       'financial_type_id' => $this->_financialTypeId,
 127       'non_deductible_amount' => 10.00,
 128       'fee_amount' => 5.00,
 129       'net_amount' => 95.00,
 130       'trxn_id' => 23456,
 131       'invoice_id' => 78910,
 132       'source' => 'SSF',
 133       'contribution_status_id' => 1,
 134       'check_permissions' => TRUE,
 135     );
 136
 137     $this->setPermissions([
 138       'access CiviCRM',
 139       'access CiviContribute',
 140       'edit contributions',
 141     ]);
 142     $result = $this->callAPIFailure('contribution', 'create', $p);
 143     $this->assertEquals('You do not have permission to create this contribution', $result['error_message']);
 144     $this->addFinancialAclPermissions([['add', 'Donation']]);
 145
 146     $contribution = $this->callAPISuccess('contribution', 'create', $p);
 147
 148     $params = array(
 149       'contribution_id' => $contribution['id'],
 150     );
 151
 152     $this->setPermissions([
 153       'access CiviCRM',
 154       'access CiviContribute',
 155       'edit contributions',
 156       'view contributions of type Donation',
 157       'delete contributions of type Donation',
 158     ]);
 159
 160     $contribution = $this->callAPISuccess('contribution', 'get', $params);
 161
 162     $this->assertEquals(1, $contribution['count']);
 163     $this->assertEquals($contribution['values'][$contribution['id']]['contact_id'], $this->_individualId);
 164     $this->assertEquals($contribution['values'][$contribution['id']]['financial_type_id'], 1);
 165     $this->assertEquals($contribution['values'][$contribution['id']]['total_amount'], 100.00);
 166     $this->assertEquals($contribution['values'][$contribution['id']]['non_deductible_amount'], 10.00);
 167     $this->assertEquals($contribution['values'][$contribution['id']]['fee_amount'], 5.00);
 168     $this->assertEquals($contribution['values'][$contribution['id']]['net_amount'], 95.00);
 169     $this->assertEquals($contribution['values'][$contribution['id']]['trxn_id'], 23456);
 170     $this->assertEquals($contribution['values'][$contribution['id']]['invoice_id'], 78910);
 171     $this->assertEquals($contribution['values'][$contribution['id']]['contribution_source'], 'SSF');
 172     $this->assertEquals($contribution['values'][$contribution['id']]['contribution_status'], 'Completed');
 173     $this->callAPISuccess('Contribution', 'Delete', array(
 174       'id' => $contribution['id'],
 175     ));
 176   }
 177
 178   /**
 179    * Test that acl contributions can be retrieved.
 180    */
 181   public function testGetACLContribution() {
 182     $this->enableFinancialACLs();
 183
 184     $this->setPermissions([
 185       'access CiviCRM',
 186       'access CiviContribute',
 187       'view all contacts',
 188       'add contributions of type Donation',
 189     ]);
 190     $contribution = $this->callAPISuccess('Contribution', 'create', $this->_params);
 191
 192     $params = array(
 193       'id' => $contribution['id'],
 194       'check_permissions' => TRUE,
 195     );
 196     $contribution = $this->callAPISuccess('contribution', 'get', $params);
 197     $this->assertEquals($contribution['count'], 0);
 198
 199     $this->addFinancialAclPermissions([['view', 'Donation']]);
 200     $contribution = $this->callAPISuccess('contribution', 'get', $params);
 201
 202     $this->assertEquals($contribution['count'], 1);
 203   }
 204
 205   /**
 206    * Test checks that passing in line items suppresses the create mechanism.
 207    */
 208   public function testCreateACLContributionChainedLineItems() {
 209     $this->enableFinancialACLs();
 210     $params = array(
 211       'contact_id' => $this->_individualId,
 212       'receive_date' => '20120511',
 213       'total_amount' => 100.00,
 214       'financial_type_id' => $this->_financialTypeId,
 215       'payment_instrument_id' => 1,
 216       'non_deductible_amount' => 10.00,
 217       'fee_amount' => 50.00,
 218       'net_amount' => 90.00,
 219       'source' => 'SSF',
 220       'contribution_status_id' => 1,
 221       'check_permissions' => TRUE,
 222       'api.line_item.create' => array(
 223         array(
 224           'price_field_id' => 1,
 225           'qty' => 2,
 226           'line_total' => '20',
 227           'unit_price' => '10',
 228           'financial_type_id' => 1,
 229         ),
 230         array(
 231           'price_field_id' => 1,
 232           'qty' => 1,
 233           'line_total' => '80',
 234           'unit_price' => '80',
 235           'financial_type_id' => 2,
 236         ),
 237       ),
 238     );
 239
 240     $this->setPermissions([
 241       'access CiviCRM',
 242       'access CiviContribute',
 243       'edit contributions',
 244       'delete in CiviContribute',
 245       'add contributions of type Donation',
 246       'delete contributions of type Donation',
 247     ]);
 248     $this->callAPIFailure('contribution', 'create', $params, 'Error in call to LineItem_create : You do not have permission to create this line item');
 249
 250     // Check that the entire contribution has rolled back.
 251     $contribution = $this->callAPISuccess('contribution', 'get', array());
 252     $this->assertEquals(0, $contribution['count']);
 253
 254     $this->addFinancialAclPermissions([
 255       ['add', 'Member Dues'],
 256       ['view', 'Donation'],
 257       ['view', 'Member Dues'],
 258       ['delete', 'Member Dues'],
 259     ]);
 260     $contribution = $this->callAPISuccess('contribution', 'create', $params);
 261
 262     $lineItemParams = array(
 263       'contribution_id' => $contribution['id'],
 264       'entity_table' => 'civicrm_contribution',
 265     );
 266     $lineItems = $this->callAPISuccess('LineItem', 'get', $lineItemParams);
 267     $this->assertEquals(3, $lineItems['count']);
 268     $this->assertEquals(100.00, $lineItems['values'][3]['line_total']);
 269     $this->assertEquals(20, $lineItems['values'][4]['line_total']);
 270     $this->assertEquals(80, $lineItems['values'][5]['line_total']);
 271     $this->assertEquals(1, $lineItems['values'][3]['financial_type_id']);
 272     $this->assertEquals(1, $lineItems['values'][4]['financial_type_id']);
 273     $this->assertEquals(2, $lineItems['values'][5]['financial_type_id']);
 274
 275     $this->callAPISuccess('Contribution', 'Delete', array(
 276       'id' => $contribution['id'],
 277     ));
 278   }
 279
 280   /**
 281    * Test that acl contributions can be edited.
 282    */
 283   public function testEditACLContribution() {
 284     $this->enableFinancialACLs();
 285     $contribution = $this->callAPISuccess('Contribution', 'create', $this->_params);
 286
 287     $params = array(
 288       'id' => $contribution['id'],
 289       'check_permissions' => TRUE,
 290       'total_amount' => 200.00,
 291     );
 292
 293     $this->setPermissions([
 294       'access CiviCRM',
 295       'access CiviContribute',
 296       'edit contributions',
 297       'view contributions of type Donation',
 298     ]);
 299     $this->callAPIFailure('Contribution', 'create', $params);
 300
 301     $this->addFinancialAclPermissions([['edit', 'Donation']]);
 302     $contribution = $this->callAPISuccess('Contribution', 'create', $params);
 303
 304     $this->assertEquals($contribution['values'][$contribution['id']]['total_amount'], 200.00);
 305   }
 306
 307   /**
 308    * Test that acl contributions can be deleted.
 309    */
 310   public function testDeleteACLContribution() {
 311     $this->enableFinancialACLs();
 312
 313     $this->setPermissions([
 314       'access CiviCRM',
 315       'access CiviContribute',
 316       'view all contacts',
 317       'add contributions of type Donation',
 318     ]);
 319     $contribution = $this->callAPISuccess('Contribution', 'create', $this->_params);
 320
 321     $params = array(
 322       'contribution_id' => $contribution['id'],
 323       'check_permissions' => TRUE,
 324     );
 325     $this->addPermissions(['delete in CiviContribute']);
 326     $this->callAPIFailure('Contribution', 'delete', $params);
 327
 328     $this->addFinancialAclPermissions([['delete', 'Donation']]);
 329     $contribution = $this->callAPISuccess('Contribution', 'delete', $params);
 330
 331     $this->assertEquals($contribution['count'], 1);
 332   }
 333
 334 }