From 147f09676180dfa4bdddd88e82f0ac6464f8019f Mon Sep 17 00:00:00 2001
From: Edsel <edsel.lopez@jmaconsulting.biz>
Date: Mon, 1 Feb 2016 16:23:39 +0530
Subject: [PATCH] CRM-16526 Added financial ACL api test

----------------------------------------
* CRM-16526: ACLs for Financial Types
  https://issues.civicrm.org/jira/browse/CRM-16526
---
 tests/phpunit/api/v3/FinancialTypeACLTest.php | 309 ++++++++++++++++++
 1 file changed, 309 insertions(+)
 create mode 100644 tests/phpunit/api/v3/FinancialTypeACLTest.php

diff --git a/tests/phpunit/api/v3/FinancialTypeACLTest.php b/tests/phpunit/api/v3/FinancialTypeACLTest.php
new file mode 100644
index 0000000000..6f1e4aa0d5
--- /dev/null
+++ b/tests/phpunit/api/v3/FinancialTypeACLTest.php
@@ -0,0 +1,309 @@
+<?php
+/*
+ +--------------------------------------------------------------------+
+ | CiviCRM version 4.7                                                |
+ +--------------------------------------------------------------------+
+ | Copyright CiviCRM LLC (c) 2004-2015                                |
+ +--------------------------------------------------------------------+
+ | This file is a part of CiviCRM.                                    |
+ |                                                                    |
+ | CiviCRM is free software; you can copy, modify, and distribute it  |
+ | under the terms of the GNU Affero General Public License           |
+ | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
+ |                                                                    |
+ | CiviCRM is distributed in the hope that it will be useful, but     |
+ | WITHOUT ANY WARRANTY; without even the implied warranty of         |
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
+ | See the GNU Affero General Public License for more details.        |
+ |                                                                    |
+ | You should have received a copy of the GNU Affero General Public   |
+ | License and the CiviCRM Licensing Exception along                  |
+ | with this program; if not, contact CiviCRM LLC                     |
+ | at info[AT]civicrm[DOT]org. If you have questions about the        |
+ | GNU Affero General Public License or the licensing of CiviCRM,     |
+ | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
+ +--------------------------------------------------------------------+
+ */
+
+require_once 'CiviTest/CiviUnitTestCase.php';
+require_once 'CiviTest/CiviMailUtils.php';
+
+
+/**
+ *  Test APIv3 civicrm_contribute_* functions
+ *
+ * @package CiviCRM_APIv3
+ * @subpackage API_Contribution
+ */
+class api_v3_FinancialTypeACLTest extends CiviUnitTestCase {
+
+  /**
+   * Assume empty database with just civicrm_data.
+   */
+  protected $_individualId;
+  protected $_contribution;
+  protected $_financialTypeId = 1;
+  protected $_apiversion;
+  protected $_entity = 'Contribution';
+  public $debug = 0;
+  protected $_params;
+  protected $_ids = array();
+  protected $_pageParams = array();
+
+  /**
+   * Parameters to create payment processor.
+   *
+   * @var array
+   */
+  protected $_processorParams = array();
+
+  /**
+   * ID of created event.
+   *
+   * @var int
+   */
+  protected $_eventID;
+
+  /**
+   * Setup function.
+   */
+  public function setUp() {
+    //parent::setUp();
+
+    $this->_apiversion = 3;
+    $this->_individualId = $this->individualCreate();
+    $this->_params = array(
+      'contact_id' => $this->_individualId,
+      'receive_date' => '20120511',
+      'total_amount' => 100.00,
+      'financial_type_id' => $this->_financialTypeId,
+      'non_deductible_amount' => 10.00,
+      'fee_amount' => 5.00,
+      'net_amount' => 95.00,
+      'source' => 'SSF',
+      'contribution_status_id' => 1,
+    );
+    $this->_processorParams = array(
+      'domain_id' => 1,
+      'name' => 'Dummy',
+      'payment_processor_type_id' => 10,
+      'financial_account_id' => 12,
+      'is_active' => 1,
+      'user_name' => '',
+      'url_site' => 'http://dummy.com',
+      'url_recur' => 'http://dummy.com',
+      'billing_mode' => 1,
+    );
+    $this->_pageParams = array(
+      'title' => 'Test Contribution Page',
+      'financial_type_id' => 1,
+      'currency' => 'USD',
+      'financial_account_id' => 1,
+      'payment_processor' => $this->processorCreate(),
+      'is_active' => 1,
+      'is_allow_other_amount' => 1,
+      'min_amount' => 10,
+      'max_amount' => 1000,
+    );
+  }
+
+  /**
+   * Clean up after each test.
+   */
+  public function tearDown() {
+    $this->quickCleanUpFinancialEntities();
+    $this->quickCleanup(array('civicrm_uf_match'));
+  }
+
+  public function setACL() {
+    $params = array(
+      'domain_id' => 1,
+      'contribution_invoice_settings' => array('acl_financial_type' => 1),
+    );
+    $this->callAPISuccess('setting', 'create', $params);
+  }
+
+  /**
+   * Test Get.
+   */
+  public function testGetACLContributionCreate() {
+    $this->setACL();
+    $p = array(
+      'contact_id' => $this->_individualId,
+      'receive_date' => '2010-01-20',
+      'total_amount' => 100.00,
+      'financial_type_id' => $this->_financialTypeId,
+      'non_deductible_amount' => 10.00,
+      'fee_amount' => 5.00,
+      'net_amount' => 95.00,
+      'trxn_id' => 23456,
+      'invoice_id' => 78910,
+      'source' => 'SSF',
+      'contribution_status_id' => 1,
+      'check_permissions' => TRUE,
+    );
+    $config = &CRM_Core_Config::singleton();
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'edit contributions',
+    );
+    $result = $this->callAPIFailure('contribution', 'create', $p);
+    $this->assertEquals('You do not have permission to create this contribution', $result['error_message']);
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'edit contributions',
+      'add contributions of type Donation',
+    );
+    $contribution = $this->callAPISuccess('contribution', 'create', $p);
+   
+    $params = array(
+      'contribution_id' => $contribution['id'],
+    );
+    
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'edit contributions',
+      'view contributions of type Donation',
+      'delete contributions of type Donation'
+    );
+   
+    $contribution = $this->callAPISuccess('contribution', 'get', $params);
+   
+    $this->assertEquals(1, $contribution['count']);
+    $this->assertEquals($contribution['values'][$contribution['id']]['contact_id'], $this->_individualId);
+    $this->assertEquals($contribution['values'][$contribution['id']]['financial_type_id'], 1);
+    $this->assertEquals($contribution['values'][$contribution['id']]['total_amount'], 100.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['non_deductible_amount'], 10.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['fee_amount'], 5.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['net_amount'], 95.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['trxn_id'], 23456);
+    $this->assertEquals($contribution['values'][$contribution['id']]['invoice_id'], 78910);
+    $this->assertEquals($contribution['values'][$contribution['id']]['contribution_source'], 'SSF');
+    $this->assertEquals($contribution['values'][$contribution['id']]['contribution_status'], 'Completed');
+    $this->callAPISuccess('Contribution', 'Delete', array(
+      'id' => $contribution['id'],
+    ));
+  }
+
+  /**
+   * Test that acl contributions can be retrieved.
+   */
+  public function testGetACLContribution() {
+    $this->setACL();
+    $contribution = $this->callAPISuccess('Contribution', 'create', $this->_params);
+
+    $params = array(
+      'contribution_id' => $contribution['id'],
+      'check_permissions' => TRUE,
+    );
+    $config = &CRM_Core_Config::singleton();
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'view debug output'
+    );
+    $contribution = $this->callAPISuccess('contribution', 'get', $params);
+    // We should not get any contributions returned since we do not have permissions to view contributions of financial type Donation
+    $this->assertEquals($contribution['count'], 0);
+    
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'view contributions of type Donation',
+      'view debug output'
+    );
+    $contribution = $this->callAPISuccess('contribution', 'get', $params);
+   
+    $this->assertEquals($contribution['count'], 1);
+  }
+
+  /**
+   * Test checks that passing in line items suppresses the create mechanism.
+   */
+  public function testCreateACLContributionChainedLineItems() {
+    $this->setACL();
+    $params = array(
+      'contact_id' => $this->_individualId,
+      'receive_date' => '20120511',
+      'total_amount' => 100.00,
+      'financial_type_id' => $this->_financialTypeId,
+      'payment_instrument_id' => 1,
+      'non_deductible_amount' => 10.00,
+      'fee_amount' => 50.00,
+      'net_amount' => 90.00,
+      'trxn_id' => 12345,
+      'invoice_id' => 67890,
+      'source' => 'SSF',
+      'contribution_status_id' => 1,
+      'check_permissions' => TRUE,
+      'api.line_item.create' => array(
+        array(
+          'price_field_id' => 1,
+          'qty' => 2,
+          'line_total' => '20',
+          'unit_price' => '10',
+          'financial_type_id' => 1,
+        ),
+        array(
+          'price_field_id' => 1,
+          'qty' => 1,
+          'line_total' => '80',
+          'unit_price' => '80',
+          'financial_type_id' => 2,
+        ),
+      ),
+    );
+
+    $description = "Create Contribution with Nested Line Items.";
+    $subfile = "CreateWithNestedLineItems";
+    $config = &CRM_Core_Config::singleton();
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'edit contributions',
+      'add contributions of type Donation',
+    );
+    $contribution = $this->callAPIFailure('contribution', 'create', $params);
+    $this->assertEquals('You do not have permission to create this contribution', $result['error_message'],
+      'lacking financial acl permissions for lineitems should not be enough to create a contribution of type Donation');
+    $config->userPermissionClass->permissions = array(
+      'access CiviCRM',
+      'access CiviContribute',
+      'edit contributions',
+      'add contributions of type Donation',
+      'add contributions of type Member Dues',
+    );
+    $contribution = $this->callAPIAndDocument('contribution', 'create', $params, __FUNCTION__, __FILE__, $description, $subfile);
+    $params = array(
+      'contribution_id' => $contribution['id'],
+    );
+    $contribution = $this->callAPISuccess('contribution', 'get', $params);
+
+    $this->assertEquals(1, $contribution['count']);
+    $this->assertEquals($contribution['values'][$contribution['id']]['contact_id'], $this->_individualId);
+    $this->assertEquals($contribution['values'][$contribution['id']]['financial_type_id'], 1);
+    $this->assertEquals($contribution['values'][$contribution['id']]['total_amount'], 100.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['non_deductible_amount'], 10.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['fee_amount'], 50.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['net_amount'], 90.00);
+    $this->assertEquals($contribution['values'][$contribution['id']]['trxn_id'], 12345);
+    $this->assertEquals($contribution['values'][$contribution['id']]['invoice_id'], 67890);
+    $this->assertEquals($contribution['values'][$contribution['id']]['contribution_source'], 'SSF');
+    $this->assertEquals($contribution['values'][$contribution['id']]['contribution_status'], 'Completed');
+
+    $lineItems = $this->callAPISuccess('line_item', 'get', array(
+      'entity_id' => $contribution['id'],
+      'contribution_id' => $contribution['id'],
+      'entity_table' => 'civicrm_contribution',
+      'sequential' => 1,
+    ));
+    $this->assertEquals(2, $lineItems['count']);
+    $this->callAPISuccess('Contribution', 'Delete', array(
+      'id' => $contribution['id'],
+    ));
+  }
+
+}
-- 
2.25.1