From 33a133fb2af985086949e16f4a0dc2b7f911f9cb Mon Sep 17 00:00:00 2001 From: Eileen McNaughton Date: Sat, 14 Oct 2023 11:38:21 +1300 Subject: [PATCH] Move financial acl test to extension --- CRM/Financial/BAO/FinancialType.php | 2 + .../Civi/Financialacls/FinancialTypeTest.php | 88 ++++++++++++++++++- .../CRM/Financial/BAO/FinancialTypeTest.php | 84 ------------------ 3 files changed, 89 insertions(+), 85 deletions(-) diff --git a/CRM/Financial/BAO/FinancialType.php b/CRM/Financial/BAO/FinancialType.php index a8a47383fe..4581140150 100644 --- a/CRM/Financial/BAO/FinancialType.php +++ b/CRM/Financial/BAO/FinancialType.php @@ -347,6 +347,8 @@ class CRM_Financial_BAO_FinancialType extends CRM_Financial_DAO_FinancialType im /** * Function to check if lineitems present in a contribution have permissioned FTs. * + * @deprecated since 5.68 not part of core - to be handled within financialacls extension + * * @param int $id * contribution id * @param string $op diff --git a/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php b/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php index e88e563afe..ef9f5f58cc 100644 --- a/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php +++ b/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php @@ -3,6 +3,9 @@ namespace Civi\Financialacls; use Civi; +use Civi\Api4\PriceField; +use Civi\Api4\PriceFieldValue; +use Civi\Api4\PriceSet; use CRM_Core_Session; // I fought the Autoloader and the autoloader won. @@ -47,7 +50,10 @@ class FinancialTypeTest extends BaseTestClass { foreach ($actions as $action => $action_ts) { $this->assertEquals( [ - ts('CiviCRM: %1 contributions of type %2', [1 => $action_ts, 2 => $type]), + ts('CiviCRM: %1 contributions of type %2', [ + 1 => $action_ts, + 2 => $type, + ]), ts('%1 contributions of type %2', [1 => $action_ts, 2 => $type]), ], $permissions[$action . ' contributions of type ' . $type] @@ -71,4 +77,84 @@ class FinancialTypeTest extends BaseTestClass { $this->assertEquals([1 => 'Donation'], $type); } + /** + * Check method testCheckPermissionedLineItems() + * + * @throws \CRM_Core_Exception + */ + public function testCheckPermissionedLineItems(): void { + $priceSetID = PriceSet::create()->setValues([ + 'title' => 'Price Set Financial ACLS', + 'name' => 'test_price_set', + 'extends' => 1, + 'financial_type_id:name' => 'Donation', + ])->execute()->first()['id']; + + $paramsField = [ + 'label' => 'Price Field', + 'name' => 'test_price_field', + 'html_type' => 'CheckBox', + 'is_display_amounts' => 1, + 'weight' => 1, + 'options_per_line' => 1, + 'price_set_id' => $priceSetID, + 'is_enter_qty' => 1, + 'financial_type_id:name' => 'Donation', + ]; + $priceFieldID = PriceField::create() + ->setValues($paramsField) + ->execute() + ->first()['id']; + $priceFieldValueID = PriceFieldValue::create()->setValues([ + 'price_field_id' => $priceFieldID, + 'amount' => 100, + 'name' => 'price_field_value', + 'label' => 'Price Field 1', + 'financial_type_id:name' => 'Donation', + 'weight' => 1, + ])->execute()->first()['id']; + $contributionParams = [ + 'total_amount' => 300, + 'currency' => 'USD', + 'contact_id' => $this->individualCreate(), + 'financial_type_id' => 'Donation', + 'line_items' => [ + [ + 'line_item' => [ + [ + 'price_field_id' => $priceFieldID, + 'price_field_value_id' => $priceFieldValueID, + 'qty' => 3, + ], + ], + ], + ], + ]; + + $contribution = $this->callAPISuccess('Order', 'create', $contributionParams); + Civi::settings()->set('acl_financial_type', TRUE); + + $this->setPermissions([ + 'view contributions of type Member Dues', + ]); + + try { + \CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contribution['id'], 'view'); + $this->fail('Missed expected exception'); + } + catch (\CRM_Core_Exception $e) { + $this->assertEquals('You do not have permission to access this page.', $e->getMessage()); + } + + $this->setPermissions([ + 'view contributions of type Donation', + ]); + try { + \CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contribution['id'], 'view'); + } + catch (\CRM_Core_Exception $e) { + $this->fail('permissions should be established'); + } + } + } diff --git a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php index 7496eddb6e..5429ee9be8 100644 --- a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php +++ b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php @@ -136,88 +136,4 @@ class CRM_Financial_BAO_FinancialTypeTest extends CiviUnitTestCase { $this->assertEquals($expectedResult, $types, 'Verify that removing permission for a financial type restricts the available membership types'); } - /** - * Check method testCheckPermissionedLineItems() - * - * @throws \CRM_Core_Exception - */ - public function testCheckPermissionedLineItems(): void { - $contactId = $this->individualCreate(); - $paramsSet['title'] = 'Price Set_test'; - $paramsSet['name'] = CRM_Utils_String::titleToVar($paramsSet['title']); - $paramsSet['is_active'] = TRUE; - $paramsSet['financial_type_id'] = 1; - $paramsSet['extends'] = 1; - - $priceSet = CRM_Price_BAO_PriceSet::create($paramsSet); - $priceSetId = $priceSet->id; - - //Checking for price set added in the table. - $this->assertDBCompareValue('CRM_Price_BAO_PriceSet', $priceSetId, 'title', - 'id', $paramsSet['title'], 'Check DB for created price set' - ); - $paramsField = [ - 'label' => 'Price Field', - 'name' => CRM_Utils_String::titleToVar('Price Field'), - 'html_type' => 'CheckBox', - 'option_label' => ['1' => 'Price Field 1', '2' => 'Price Field 2'], - 'option_value' => ['1' => 100, '2' => 200], - 'option_name' => ['1' => 'Price Field 1', '2' => 'Price Field 2'], - 'option_weight' => ['1' => 1, '2' => 2], - 'option_amount' => ['1' => 100, '2' => 200], - 'is_display_amounts' => 1, - 'weight' => 1, - 'options_per_line' => 1, - 'is_active' => ['1' => 1, '2' => 1], - 'price_set_id' => $priceSet->id, - 'is_enter_qty' => 1, - 'financial_type_id' => 1, - ]; - $priceField = CRM_Price_BAO_PriceField::create($paramsField); - $priceFields = $this->callAPISuccess('PriceFieldValue', 'get', ['price_field_id' => $priceField->id]); - $contributionParams = [ - 'total_amount' => 300, - 'currency' => 'USD', - 'contact_id' => $contactId, - 'financial_type_id' => 1, - 'contribution_status_id' => 1, - 'skipCleanMoney' => TRUE, - ]; - - foreach ($priceFields['values'] as $key => $priceField) { - $lineItems[1][$key] = [ - 'price_field_id' => $priceField['price_field_id'], - 'price_field_value_id' => $priceField['id'], - 'label' => $priceField['label'], - 'field_title' => $priceField['label'], - 'qty' => 1, - 'unit_price' => $priceField['amount'], - 'line_total' => $priceField['amount'], - 'financial_type_id' => $priceField['financial_type_id'], - ]; - } - $contributionParams['line_item'] = $lineItems; - $contributions = CRM_Contribute_BAO_Contribution::create($contributionParams); - CRM_Financial_BAO_FinancialType::$_statusACLFt = []; - $this->setACL(); - - $this->setPermissions([ - 'view contributions of type Member Dues', - ]); - - try { - CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contributions->id, 'view'); - $this->fail('Missed expected exception'); - } - catch (CRM_Core_Exception $e) { - $this->assertEquals('You do not have permission to access this page.', $e->getMessage()); - } - - $this->setPermissions([ - 'view contributions of type Donation', - ]); - $perm = CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contributions->id, 'view'); - $this->assertEquals(TRUE, $perm, 'Verify that line items now have permission.'); - } - } -- 2.25.1