[REF] Move ACLPermission Trait into Civi Folder so that it can be accessed by Extensions

[civicrm-core.git] / tests / phpunit / CRM / Core / Permission / BaseTest.php

diff --git a/tests/phpunit/CRM/Core/Permission/BaseTest.php b/tests/phpunit/CRM/Core/Permission/BaseTest.php
index dca187540c7a06c588217662ae223e5b4b57609e..63ddc5fee4533420ec45211747f8abaf4a8309c2 100644 (file)
--- a/tests/phpunit/CRM/Core/Permission/BaseTest.php
+++ b/tests/phpunit/CRM/Core/Permission/BaseTest.php
@@ -6,20 +6,22 @@
  */
 class CRM_Core_Permission_BaseTest extends CiviUnitTestCase {
 
+  use Civi\Test\ACLPermissionTrait;
+
   /**
    * @return array
    *   (0 => input to translatePermission, 1 => expected output from translatePermission)
    */
-  public function translateData() {
+  public function translateData(): array {
     $cases = [];
 
-    $cases[] = ["administer CiviCRM", "administer CiviCRM"];
-    $cases[] = ["cms:universal name", "local name"];
-    $cases[] = ["cms:universal name2", "local name2"];
-    $cases[] = ["cms:unknown universal name", CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
-    $cases[] = ["myruntime:foo", "foo"];
-    $cases[] = ["otherruntime:foo", CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
-    $cases[] = ["otherruntime:foo:bar", CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
+    $cases[] = ['administer CiviCRM', 'administer CiviCRM'];
+    $cases[] = ['cms:universal name', 'local name'];
+    $cases[] = ['cms:universal name2', 'local name2'];
+    $cases[] = ['cms:unknown universal name', CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
+    $cases[] = ['myruntime:foo', 'foo'];
+    $cases[] = ['otherruntime:foo', CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
+    $cases[] = ['otherruntime:foo:bar', CRM_Core_Permission::ALWAYS_DENY_PERMISSION];
     $cases[] = [CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION, CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION];
 
     return $cases;
@@ -27,14 +29,15 @@ class CRM_Core_Permission_BaseTest extends CiviUnitTestCase {
 
   /**
    * @dataProvider translateData
+   *
    * @param string $input
    *   The name of a permission which should be translated.
    * @param string $expected
    *   The name of an actual permission (based on translation matrix for "runtime").
    */
-  public function testTranslate($input, $expected) {
+  public function testTranslate(string $input, string $expected): void {
     $perm = new CRM_Core_Permission_Base();
-    $actual = $perm->translatePermission($input, "myruntime", [
+    $actual = $perm->translatePermission($input, 'myruntime', [
       'universal name' => 'local name',
       'universal name2' => 'local name2',
       'gunk' => 'gunky',
@@ -42,4 +45,26 @@ class CRM_Core_Permission_BaseTest extends CiviUnitTestCase {
     $this->assertEquals($expected, $actual);
   }
 
+  /**
+   * Test that the user has the implied permission of administer CiviCRM data by virtue of having administer CiviCRM.
+   */
+  public function testImpliedPermission(): void {
+    $this->createLoggedInUser();
+    CRM_Core_Config::singleton()->userPermissionClass->permissions = [
+      'administer CiviCRM',
+    ];
+    $this->assertTrue(CRM_Core_Permission::check('administer CiviCRM data'));
+  }
+
+  /**
+   * Test that the super permission gives the implied permission of the whole shebang.
+   */
+  public function testImpliedPermissionSuperDuper(): void {
+    $this->createLoggedInUser();
+    CRM_Core_Config::singleton()->userPermissionClass->permissions = [
+      'all CiviCRM permissions and ACLs',
+    ];
+    $this->assertTrue(CRM_Core_Permission::check('view all contacts'));
+  }
+
 }