projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[NFC] Fix PHPUnit8 Deprecation warnings in the api_v4 Test Suite
[civicrm-core.git] / tests / phpunit / api / v4 / Query / PermissionCheckTest.php
1 <?php
2
3 /*
4 +--------------------------------------------------------------------+
5 | Copyright CiviCRM LLC. All rights reserved. |
6 | |
7 | This work is published under the GNU AGPLv3 license with some |
8 | permitted exceptions and without any warranty. For full license |
9 | and copyright information, see https://civicrm.org/licensing |
10 +--------------------------------------------------------------------+
11 */
12
13 /**
14 *
15 * @package CRM
16 * @copyright CiviCRM LLC https://civicrm.org/licensing
17 */
18
19
20 namespace api\v4\Query;
21
22 use api\v4\UnitTestCase;
23 use Civi\API\Exception\UnauthorizedException;
24 use Civi\Api4\Contact;
25 use Civi\Api4\Event;
26 use Civi\Api4\Participant;
27
28 /**
29 * @group headless
30 */
31 class PermissionCheckTest extends UnitTestCase {
32
33 /**
34 * Clean up after test.
35 *
36 * @throws \Exception
37 */
38 public function tearDown(): void {
39 \CRM_Utils_Hook::singleton()->reset();
40 $config = \CRM_Core_Config::singleton();
41 unset($config->userPermissionClass->permissions);
42 parent::tearDown();
43 }
44
45 /**
46 */
47 public function testGatekeeperPermissions() {
48 $config = \CRM_Core_Config::singleton();
49 $config->userPermissionClass->permissions = [
50 'access CiviCRM',
51 'access CiviEvent',
52 'view event info',
53 ];
54 // Above permissions should be sufficient to perform Event::get
55 Event::get()->execute();
56
57 $config->userPermissionClass->permissions = [];
58 // Ensure error is thrown if permissions are not sufficient
59 try {
60 Event::get()->execute();
61 }
62 catch (UnauthorizedException $e) {
63 $err = $e->getMessage();
64 }
65 $this->assertStringContainsString('Authorization failed', $err);
66 }
67
68 /**
69 * Tests that gatekeeper permissions are enforced for implicit joins
70 */
71 public function testImplicitJoinPermissions() {
72 $config = \CRM_Core_Config::singleton();
73 $config->userPermissionClass->permissions = [
74 'access CiviCRM',
75 'access CiviEvent',
76 'view all contacts',
77 'view event info',
78 'view event participants',
79 ];
80 $name = uniqid(__FUNCTION__);
81 $event = Event::create(FALSE)
82 ->addValue('title', 'ABC123 Event')
83 ->addValue('event_type_id', 1)
84 ->addValue('start_date', 'now')
85 ->execute()->first();
86 $contact = Contact::create(FALSE)
87 ->addValue('first_name', $name)
88 ->addChain('participant', Participant::create()
89 ->addValue('contact_id', '$id')
90 ->addValue('event_id', $event['id']),
91 0)
92 ->execute()->first();
93 $participant = Participant::get()
94 ->addSelect('contact.first_name', 'event.title')
95 ->addWhere('event.id', '=', $event['id'])
96 ->execute()
97 ->first();
98
99 $this->assertEquals('ABC123 Event', $participant['event.title']);
100 $this->assertEquals($name, $participant['contact.first_name']);
101
102 // Remove access to view events
103 $config->userPermissionClass->permissions = [
104 'access CiviCRM',
105 'access CiviEvent',
106 'view all contacts',
107 'view event participants',
108 ];
109 $participant = Participant::get()
110 ->addSelect('contact.first_name')
111 ->addSelect('event.title')
112 ->addWhere('id', '=', $contact['participant']['id'])
113 ->execute()
114 ->first();
115
116 $this->assertTrue(empty($participant['event.title']));
117 $this->assertEquals($name, $participant['contact.first_name']);
118
119 }
120
121 /**
122 * Tests that gatekeeper permissions are enforced for explicit joins
123 */
124 public function testExplicitJoinPermissions() {
125 $config = \CRM_Core_Config::singleton();
126 $config->userPermissionClass->permissions = [
127 'access CiviCRM',
128 'access CiviEvent',
129 'view all contacts',
130 'view event info',
131 'view event participants',
132 ];
133 $name = uniqid(__FUNCTION__);
134 $event = Event::create(FALSE)
135 ->addValue('title', 'ABC321 Event')
136 ->addValue('event_type_id', 1)
137 ->addValue('start_date', 'now')
138 ->execute()->first();
139 $contact = Contact::create(FALSE)
140 ->addValue('first_name', $name)
141 ->addChain('participant', Participant::create()
142 ->addValue('contact_id', '$id')
143 ->addValue('event_id', $event['id']),
144 0)
145 ->execute()->first();
146 $participant = Participant::get()
147 ->addJoin('Contact AS contact1', 'INNER', ['contact1.id', '=', 'contact_id'])
148 ->addJoin('Event AS event1', 'INNER')
149 ->addSelect('contact1.first_name', 'event1.title')
150 ->addWhere('event1.id', '=', $event['id'])
151 ->execute()
152 ->first();
153
154 $this->assertEquals('ABC321 Event', $participant['event1.title']);
155 $this->assertEquals($name, $participant['contact1.first_name']);
156
157 // Remove access to view events
158 $config->userPermissionClass->permissions = [
159 'access CiviCRM',
160 'access CiviEvent',
161 'view all contacts',
162 'view event participants',
163 ];
164 $participant = Participant::get()
165 ->addJoin('Contact AS contact1', 'INNER', ['contact1.id', '=', 'contact_id'])
166 ->addJoin('Event AS event1', 'INNER')
167 ->addSelect('contact1.first_name')
168 ->addSelect('event1.title')
169 ->addWhere('id', '=', $contact['participant']['id'])
170 ->execute()
171 ->first();
172
173 $this->assertTrue(empty($participant['event1.title']));
174 $this->assertEquals($name, $participant['contact1.first_name']);
175
176 }
177
178 }