From 11fa49fea6b6fde38b512f8decc480ed546eb124 Mon Sep 17 00:00:00 2001
From: eileen <emcnaughton@wikimedia.org>
Date: Sun, 2 Aug 2020 21:39:33 +1200
Subject: [PATCH] Test - attempt to replicate #17852

---
 .../CRM/Event/BAO/EventPermissionsTest.php    | 13 +++++++++-
 .../phpunit/CRMTraits/ACL/PermissionTrait.php | 24 +++++++++++++++++--
 2 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/tests/phpunit/CRM/Event/BAO/EventPermissionsTest.php b/tests/phpunit/CRM/Event/BAO/EventPermissionsTest.php
index 421afbef93..120253be36 100644
--- a/tests/phpunit/CRM/Event/BAO/EventPermissionsTest.php
+++ b/tests/phpunit/CRM/Event/BAO/EventPermissionsTest.php
@@ -15,6 +15,8 @@
  */
 class CRM_Event_BAO_EventPermissionsTest extends CiviUnitTestCase {
 
+  use CRMTraits_ACL_PermissionTrait;
+
   public function setUp() {
     parent::setUp();
     $this->_contactId = $this->createLoggedInUser();
@@ -99,9 +101,18 @@ class CRM_Event_BAO_EventPermissionsTest extends CiviUnitTestCase {
     $this->assertTrue($permissions);
   }
 
+  /**
+   * Test that the contact can view an event with an ACL permitting everyone to view it.
+   */
+  public function testViewAclEventAllowed() {
+    $this->setupScenarioCoreACLEveryonePermittedToEvent();
+    $permittedEventID = CRM_Core_Permission::event(CRM_Core_Permission::VIEW, $this->scenarioIDs['Event']['permitted_event']);
+    $this->assertEquals($this->scenarioIDs['Event']['permitted_event'], $permittedEventID);
+  }
+
   public function testEditOtherEventDenied() {
     $this->_loggedInUser = CRM_Core_Session::singleton()->get('userID');
-    self::setViewAllEventPermissions();
+    $this->setViewAllEventPermissions();
     unset(\Civi::$statics['CRM_Event_BAO_Event']['permissions']);
     $permissions = CRM_Event_BAO_Event::checkPermission($this->_otherEventId, CRM_Core_Permission::EDIT);
     $this->assertFalse($permissions);
diff --git a/tests/phpunit/CRMTraits/ACL/PermissionTrait.php b/tests/phpunit/CRMTraits/ACL/PermissionTrait.php
index b9d6d9ae4d..dc0c2882e0 100644
--- a/tests/phpunit/CRMTraits/ACL/PermissionTrait.php
+++ b/tests/phpunit/CRMTraits/ACL/PermissionTrait.php
@@ -107,7 +107,7 @@ trait CRMTraits_ACL_PermissionTrait {
    *
    * @throws CRM_Core_Exception
    */
-  public function setupCoreACLPermittedToGroup($permissionedEntities = [], $groupAllowedAccess = 'Everyone', $operation = 'View', $entity = 'Group') {
+  public function setupCoreACLPermittedAcl($permissionedEntities = [], $groupAllowedAccess = 'Everyone', $operation = 'View', $entity = 'Group') {
     $tableMap = ['Group' => 'civicrm_saved_search', 'CustomGroup' => 'civicrm_custom_group', 'Profile' => 'civicrm_uf_match', 'Event' => 'civicrm_event'];
     $entityTable = $tableMap[$entity];
 
@@ -146,7 +146,27 @@ trait CRMTraits_ACL_PermissionTrait {
     $result = $this->callAPISuccess('GroupContact', 'create', ['group_id' => $this->scenarioIDs['Group']['permitted_group'], 'contact_id' => $this->scenarioIDs['Contact']['permitted_contact'], 'status' => 'Added']);
     $this->scenarioIDs['Contact']['non_permitted_contact'] = $this->individualCreate();
     CRM_Core_Config::singleton()->userPermissionClass->permissions = [];
-    $this->setupCoreACLPermittedToGroup([$this->scenarioIDs['Group']['permitted_group']]);
+    $this->setupCoreACLPermittedAcl([$this->scenarioIDs['Group']['permitted_group']]);
+  }
+
+  /**
+   * Set up a scenario where everyone can access the permissioned group.
+   *
+   * A scenario in this class involves multiple defined assets. In this case we create
+   * - a group to which the everyone has permission
+   * - a contact in the group
+   * - a contact not in the group
+   *
+   * These are arrayed as follows
+   *   $this->scenarioIDs['Contact'] = ['permitted_contact' => x, 'non_permitted_contact' => y]
+   *   $this->scenarioIDs['Group'] = ['permitted_group' => x]
+   */
+  public function setupScenarioCoreACLEveryonePermittedToEvent() {
+    $this->quickCleanup(['civicrm_acl_cache', 'civicrm_acl_contact_cache']);
+    $this->scenarioIDs['Event']['permitted_event'] = $this->eventCreate()['id'];
+    $this->scenarioIDs['Contact']['permitted_contact'] = $this->individualCreate();
+    CRM_Core_Config::singleton()->userPermissionClass->permissions = ['view event info'];
+    $this->setupCoreACLPermittedAcl([$this->scenarioIDs['Event']['permitted_event']], 'Everyone', 'View', 'Event');
   }
 
   /**
-- 
2.25.1