silverstripe-subsites/tests/LeftAndMainSubsitesTest.php

<?php

use SilverStripe\Admin\LeftAndMain;
use SilverStripe\AssetAdmin\Controller\AssetAdmin;
use SilverStripe\Core\Config\Config;
use SilverStripe\Dev\FunctionalTest;
use SilverStripe\Subsites\Model\Subsite;


class LeftAndMainSubsitesTest extends FunctionalTest
{

    static $fixture_file = 'subsites/tests/SubsiteTest.yml';

    /**
     * Avoid subsites filtering on fixture fetching.
     */
    function objFromFixture($class, $id)
    {
        Subsite::disable_subsite_filter(true);
        $obj = parent::objFromFixture($class, $id);
        Subsite::disable_subsite_filter(false);

        return $obj;
    }

    function testSectionSites()
    {
        $member = $this->objFromFixture('SilverStripe\\Security\\Member', 'subsite1member');

        $cmsmain = singleton('SilverStripe\\CMS\\Controllers\\CMSMain');
        $subsites = $cmsmain->sectionSites(true, "Main site", $member);
        $this->assertDOSEquals([
            ['Title' => 'Subsite1 Template']
        ], $subsites, 'Lists member-accessible sites for the accessible controller.');

        $assetadmin = singleton(AssetAdmin::class);
        $subsites = $assetadmin->sectionSites(true, "Main site", $member);
        $this->assertDOSEquals([], $subsites, 'Does not list any sites for forbidden controller.');

        $member = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');

        $cmsmain = singleton('SilverStripe\\CMS\\Controllers\\CMSMain');
        $subsites = $cmsmain->sectionSites(true, "Main site", $member);
        $this->assertDOSContains([
            ['Title' => 'Main site']
        ], $subsites, 'Includes the main site for members who can access all sites.');
    }

    function testAccessChecksDontChangeCurrentSubsite()
    {
        $admin = $this->objFromFixture("SilverStripe\\Security\\Member", "admin");
        $this->loginAs($admin);
        $ids = [];

        $subsite1 = $this->objFromFixture(Subsite::class, 'domaintest1');
        $subsite2 = $this->objFromFixture(Subsite::class, 'domaintest2');
        $subsite3 = $this->objFromFixture(Subsite::class, 'domaintest3');

        $ids[] = $subsite1->ID;
        $ids[] = $subsite2->ID;
        $ids[] = $subsite3->ID;
        $ids[] = 0;

        // Enable session-based subsite tracking.
        Subsite::$use_session_subsiteid = true;

        foreach ($ids as $id) {
            Subsite::changeSubsite($id);
            $this->assertEquals($id, Subsite::currentSubsiteID());

            $left = new LeftAndMain();
            $this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '$id'");
            $this->assertEquals($id, Subsite::currentSubsiteID(),
                "The current subsite has not been changed in the process of checking permissions for admin user.");
        }

    }

    function testShouldChangeSubsite()
    {
        $l = new LeftAndMain();
        Config::inst()->nest();

        Config::modify()->set('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 'treats_subsite_0_as_global',
            false);
        $this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 5));
        $this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 0));
        $this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 5));
        $this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 1));

        Config::modify()->set('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 'treats_subsite_0_as_global',
            true);
        $this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 5));
        $this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 0));
        $this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 5));
        $this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 1));

        Config::inst()->unnest();
    }

}
Fix the test coverage for the subsite access changes. 2013-10-16 05:24:01 +02:00			`<?php`

SS4 namespaces compatibility 2016-09-22 16:38:29 +02:00			`use SilverStripe\Admin\LeftAndMain;`
reformat code and tests 2017-05-24 15:26:28 +02:00			`use SilverStripe\AssetAdmin\Controller\AssetAdmin;`
SS4 namespaces compatibility 2016-09-22 16:38:29 +02:00			`use SilverStripe\Core\Config\Config;`
			`use SilverStripe\Dev\FunctionalTest;`
upgrade tests 2017-05-24 15:25:34 +02:00			`use SilverStripe\Subsites\Model\Subsite;`
SS4 namespaces compatibility 2016-09-22 16:38:29 +02:00
BUG Prevent session-interface mismatch. Disables transparent subsite switch on AJAX requests. Makes sure the subsite is appropriately set up when opening up the CMS with a link to subsited object. 2013-11-07 00:03:52 +01:00
reformat code and tests 2017-05-24 15:26:28 +02:00			`class LeftAndMainSubsitesTest extends FunctionalTest`
			`{`

			`static $fixture_file = 'subsites/tests/SubsiteTest.yml';`

			`/**`
			`* Avoid subsites filtering on fixture fetching.`
			`*/`
			`function objFromFixture($class, $id)`
			`{`
			`Subsite::disable_subsite_filter(true);`
			`$obj = parent::objFromFixture($class, $id);`
			`Subsite::disable_subsite_filter(false);`

			`return $obj;`
			`}`

			`function testSectionSites()`
			`{`
			`$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'subsite1member');`

			`$cmsmain = singleton('SilverStripe\\CMS\\Controllers\\CMSMain');`
			`$subsites = $cmsmain->sectionSites(true, "Main site", $member);`
			`$this->assertDOSEquals([`
			`['Title' => 'Subsite1 Template']`
			`], $subsites, 'Lists member-accessible sites for the accessible controller.');`

			`$assetadmin = singleton(AssetAdmin::class);`
			`$subsites = $assetadmin->sectionSites(true, "Main site", $member);`
			`$this->assertDOSEquals([], $subsites, 'Does not list any sites for forbidden controller.');`

			`$member = $this->objFromFixture('SilverStripe\\Security\\Member', 'editor');`

			`$cmsmain = singleton('SilverStripe\\CMS\\Controllers\\CMSMain');`
			`$subsites = $cmsmain->sectionSites(true, "Main site", $member);`
			`$this->assertDOSContains([`
			`['Title' => 'Main site']`
			`], $subsites, 'Includes the main site for members who can access all sites.');`
			`}`

			`function testAccessChecksDontChangeCurrentSubsite()`
			`{`
			`$admin = $this->objFromFixture("SilverStripe\\Security\\Member", "admin");`
			`$this->loginAs($admin);`
			`$ids = [];`

			`$subsite1 = $this->objFromFixture(Subsite::class, 'domaintest1');`
			`$subsite2 = $this->objFromFixture(Subsite::class, 'domaintest2');`
			`$subsite3 = $this->objFromFixture(Subsite::class, 'domaintest3');`

			`$ids[] = $subsite1->ID;`
			`$ids[] = $subsite2->ID;`
			`$ids[] = $subsite3->ID;`
			`$ids[] = 0;`

			`// Enable session-based subsite tracking.`
			`Subsite::$use_session_subsiteid = true;`

			`foreach ($ids as $id) {`
			`Subsite::changeSubsite($id);`
			`$this->assertEquals($id, Subsite::currentSubsiteID());`

			`$left = new LeftAndMain();`
			`$this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '$id'");`
			`$this->assertEquals($id, Subsite::currentSubsiteID(),`
			`"The current subsite has not been changed in the process of checking permissions for admin user.");`
			`}`

			`}`

			`function testShouldChangeSubsite()`
			`{`
			`$l = new LeftAndMain();`
			`Config::inst()->nest();`

			`Config::modify()->set('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 'treats_subsite_0_as_global',`
			`false);`
			`$this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 5));`
			`$this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 0));`
			`$this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 5));`
			`$this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 1));`

			`Config::modify()->set('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 'treats_subsite_0_as_global',`
			`true);`
			`$this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 5));`
			`$this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 0, 0));`
			`$this->assertTrue($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 5));`
			`$this->assertFalse($l->shouldChangeSubsite('SilverStripe\\CMS\\Controllers\\CMSPageEditController', 1, 1));`

			`Config::inst()->unnest();`
			`}`
BUG Prevent session-interface mismatch. Disables transparent subsite switch on AJAX requests. Makes sure the subsite is appropriately set up when opening up the CMS with a link to subsited object. 2013-11-07 00:03:52 +01:00
BUGFIX: admin user can now access subsite zero (main site) without the LeftAndMain access check reverting them back to a previous subsite (includes test for this edge-case). 2010-07-26 05:56:03 +02:00			`}`