Skip to content
This repository has been archived by the owner on Sep 10, 2021. It is now read-only.

Commit

Permalink
ENH: refs #953. created testing to fail on itemListPermissions bug.
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Grauer committed Mar 1, 2013
1 parent ea02275 commit 2bb7f77
Show file tree
Hide file tree
Showing 4 changed files with 138 additions and 117 deletions.
5 changes: 5 additions & 0 deletions core/tests/databaseDataset/default.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,7 @@
<itempolicyuser item_id="1006" user_id="1" policy='2' />
<item2folder item_id="1006" folder_id='1014' />


<user user_id="4" firstname="community2001" lastname="Member"
admin="0" email="[email protected]" password="35fd8ba86ba403ffcc00feac5355ad20" creation="2011-01-27 12:11:02" folder_id="1006" />
<user2group group_id="3005" user_id="4" />
Expand All @@ -178,6 +179,10 @@
admin="0" email="[email protected]" password="35fd8ba86ba403ffcc00feac5355ad20" creation="2011-01-27 12:11:02" folder_id="1006" />
<user2group group_id="3003" user_id="6" />

<itempolicyuser item_id="1006" user_id="4" policy='0' />
<itempolicyuser item_id="1006" user_id="5" policy='1' />


<newuserinvitation newuserinvitation_id="1001" email="[email protected]" auth_key="12345" inviter_id="4" community_id="2001" group_id="3003" date_creation="2011-01-27 12:11:02" />
<pendinguser pendinguser_id="1001" email="[email protected]" auth_key="12345" password="abcdef" firstname="Dummy" lastname="Dummy" date_creation="2011-01-27 12:11:02" />
</dataset>
104 changes: 0 additions & 104 deletions modules/api/tests/controllers/ApiCallGroupMethodsTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,110 +27,6 @@ public function setUp()
parent::setUp();
}

/**
* helper function to test simple invalid cases:
* will test all invalid users sending in all required valid params
* will also test all combinations of invalid params with a valid user
* for each required param
* @param type $method
* @param type $validUser
* @param type $invalidUsers
* @param type $requiredParams
*/
protected function exerciseInvalidCases($method, $validUser, $invalidUsers, $requiredParams)
{
// test all invalid users with valid params
foreach($invalidUsers as $invalidUser)
{
$this->resetAll();
if($invalidUser != null)
{
$this->params['token'] = $this->_loginAsUser($invalidUser);
}
$this->params['method'] = $method;
foreach($requiredParams as $requiredParam)
{
$this->params[$requiredParam['name']] = $requiredParam['valid'];
}
$resp = $this->_callJsonApi();
$this->_assertStatusFail($resp, MIDAS_INVALID_POLICY);
}

// test valid user with all combinations of missing/invalid/valid params
// will not test a case of valid user and all valid params

$numParams = sizeof($requiredParams);
// create an int array that is initially all 0
$requiredParamStates = array_fill(0, $numParams, 0);
$allTwosSum = 2 * $numParams;

while(array_sum($requiredParamStates) < $allTwosSum)
{
$this->resetAll();
$this->params['token'] = $this->_loginAsUser($validUser);
$this->params['method'] = $method;
$skipTestCase = false;
foreach($requiredParams as $ind => $requiredParam)
{
// find the state corresponding to this param
$state = $requiredParamStates[$ind];
// 0s mean the param is missing (not sent)
if($state == 1)
{
// 1s mean an invalid form of the param is sent
if(!array_key_exists('invalid', $requiredParam))
{
// some params may not have an invalid form
// skip this test case as it would repeat the case of the missing param
$skipTestCase = true;
break;
}
$this->params[$requiredParam['name']] = $requiredParam['invalid'];
}
elseif($state == 2)
{
// 2s mean a valid form of the param is sent
$this->params[$requiredParam['name']] = $requiredParam['valid'];
}
elseif($state < 0 || $state > 2)
{
throw new Exception("left most param state is invalid value: ".$state);
}
}
if(!$skipTestCase)
{
$resp = $this->_callJsonApi();
$this->_assertStatusFail($resp, MIDAS_INVALID_PARAMETER);
}

// now increment the parameter states
// add 1 to the right most value
$incrementIndex = $numParams - 1;
$rightMost = $requiredParamStates[$incrementIndex];
$rightMost += 1;
$requiredParamStates[$incrementIndex] = $rightMost;
while($rightMost == 3)
{
// if the right most goes to 3, set it to 0
// and repeat the process one index to the left, stop moving
// to the left when the last increment doesn't go to 3,
// i.e. there are no more carry bits
$rightMost = 0;
$requiredParamStates[$incrementIndex] = $rightMost;
if($incrementIndex > 0)
{
$incrementIndex -= 1;
$rightMost = $requiredParamStates[$incrementIndex];
$rightMost += 1;
$requiredParamStates[$incrementIndex] = $rightMost;
}
else
{
throw new Exception("left most param state is 3");
}
}
}
}

/** Test adding and removing a user from a group */
public function testGroupUserAddRemove()
Expand Down
38 changes: 25 additions & 13 deletions modules/api/tests/controllers/ApiCallItemMethodsTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1851,22 +1851,34 @@ public function testItemListPermissions()
$readItem = $itemModel->load('1004');
$writeItem = $itemModel->load('1005');
$adminItem = $itemModel->load('1006');
$nonAdmins = array($readItem, $writeItem);

$params = array('method' => 'midas.item.list.permissions',
'token' => $this->_loginAsUser($userDao));

// try to list permissions without admin, should fail
foreach($nonAdmins as $item)
{
$this->resetAll();
$params['item_id'] = $item->getItemId();
$this->params = $params;
$resp = $this->_callJsonApi();
$this->_assertStatusFail($resp, MIDAS_INVALID_POLICY);
}

// now with admin perms
$invalidItemId = -10;

// test with item the user has admin over
$requiredParams = array(
array('name' => 'item_id', 'valid' => $adminItem->getItemId(), 'invalid' => $invalidItemId));

$memberUser = $userModel->load('4');
$modUser = $userModel->load('5');

// first assert that these invalid users have the expected rights
$this->assertFalse($itemModel->policyCheck($adminItem, null, MIDAS_POLICY_READ), 'anonymous user should not have read access to admin item');
$this->assertFalse($itemModel->policyCheck($adminItem, null, MIDAS_POLICY_WRITE), 'anonymous user should not have write access to admin item');
$this->assertFalse($itemModel->policyCheck($adminItem, null, MIDAS_POLICY_ADMIN), 'anonymous user should not have admin access to admin item');
$this->assertTrue($itemModel->policyCheck($adminItem, $memberUser, MIDAS_POLICY_READ), 'member user should have read access to admin item');
$this->assertFalse($itemModel->policyCheck($adminItem, $memberUser, MIDAS_POLICY_WRITE), 'member user should not have write access to admin item');
$this->assertFalse($itemModel->policyCheck($adminItem, $memberUser, MIDAS_POLICY_ADMIN), 'member user should not have admin access to admin item');
$this->assertTrue($itemModel->policyCheck($adminItem, $modUser, MIDAS_POLICY_READ), 'moderator user should have read access to admin item');
$this->assertTrue($itemModel->policyCheck($adminItem, $modUser, MIDAS_POLICY_WRITE), 'moderator user should have write access to admin item');
$this->assertFalse($itemModel->policyCheck($adminItem, $modUser, MIDAS_POLICY_ADMIN), 'moderator user should not have admin access to admin item');

$invalidUsers = array($memberUser, $modUser, null);
$this->exerciseInvalidCases($params['method'], $userDao, $invalidUsers, $requiredParams);

// now with admin perms which are valid
$this->assertTrue($itemModel->policyCheck($adminItem, $userDao, MIDAS_POLICY_ADMIN), 'admin user should have admin access to admin item');

// first check both privacy statuses
$privacyCodes = array("Public" => MIDAS_PRIVACY_PUBLIC, "Private" => MIDAS_PRIVACY_PRIVATE);
Expand Down
108 changes: 108 additions & 0 deletions modules/api/tests/controllers/ApiCallMethodsTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,4 +314,112 @@ protected function assertPolicyuserNonexistence($testFolders, $testItems, $user)
}
}

/**
* helper function to test simple invalid cases:
* will test all invalid users sending in all required valid params
* will also test all combinations of invalid params with a valid user
* for each required param
* @param $method full name of api method
* @param type $validUser userDao of a user authorized to make the api call
* @param type $invalidUsers array of userDaos not authorized to call api
* @param type $requiredParams array of
* 'name' => name of param,
* 'valid' => a valid value for the param
* 'invalid' => an invalid value for the param, is optional
*/
protected function exerciseInvalidCases($method, $validUser, $invalidUsers, $requiredParams)
{
// test all invalid users with valid params
foreach($invalidUsers as $invalidUser)
{
$this->resetAll();
if($invalidUser != null)
{
$this->params['token'] = $this->_loginAsUser($invalidUser);
}
$this->params['method'] = $method;
foreach($requiredParams as $requiredParam)
{
$this->params[$requiredParam['name']] = $requiredParam['valid'];
}
$resp = $this->_callJsonApi();
$this->_assertStatusFail($resp, MIDAS_INVALID_POLICY);
}

// test valid user with all combinations of missing/invalid/valid params
// will not test a case of valid user and all valid params

$numParams = sizeof($requiredParams);
// create an int array that is initially all 0
$requiredParamStates = array_fill(0, $numParams, 0);
$allTwosSum = 2 * $numParams;

while(array_sum($requiredParamStates) < $allTwosSum)
{
$this->resetAll();
$this->params['token'] = $this->_loginAsUser($validUser);
$this->params['method'] = $method;
$skipTestCase = false;
foreach($requiredParams as $ind => $requiredParam)
{
// find the state corresponding to this param
$state = $requiredParamStates[$ind];
// 0s mean the param is missing (not sent)
if($state == 1)
{
// 1s mean an invalid form of the param is sent
if(!array_key_exists('invalid', $requiredParam))
{
// some params may not have an invalid form
// skip this test case as it would repeat the case of the missing param
$skipTestCase = true;
break;
}
$this->params[$requiredParam['name']] = $requiredParam['invalid'];
}
elseif($state == 2)
{
// 2s mean a valid form of the param is sent
$this->params[$requiredParam['name']] = $requiredParam['valid'];
}
elseif($state < 0 || $state > 2)
{
throw new Exception("left most param state is invalid value: ".$state);
}
}
if(!$skipTestCase)
{
$resp = $this->_callJsonApi();
$this->_assertStatusFail($resp, MIDAS_INVALID_PARAMETER);
}

// now increment the parameter states
// add 1 to the right most value
$incrementIndex = $numParams - 1;
$rightMost = $requiredParamStates[$incrementIndex];
$rightMost += 1;
$requiredParamStates[$incrementIndex] = $rightMost;
while($rightMost == 3)
{
// if the right most goes to 3, set it to 0
// and repeat the process one index to the left, stop moving
// to the left when the last increment doesn't go to 3,
// i.e. there are no more carry bits
$rightMost = 0;
$requiredParamStates[$incrementIndex] = $rightMost;
if($incrementIndex > 0)
{
$incrementIndex -= 1;
$rightMost = $requiredParamStates[$incrementIndex];
$rightMost += 1;
$requiredParamStates[$incrementIndex] = $rightMost;
}
else
{
throw new Exception("left most param state is 3");
}
}
}
}

}

0 comments on commit 2bb7f77

Please sign in to comment.