tonyair/silverstripe-subsites
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-subsites synced 2024-10-22 11:05:55 +02:00
Code Issues Projects Releases Wiki Activity

Fix the test coverage for the subsite access changes.

Browse Source
This commit is contained in:
Mateusz Uzdowski 2013-10-16 16:24:01 +13:00
parent 5b00ba352f
commit d85412adf7
4 changed files with 141 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
tests/LeftAndMainSubsitesTest.php
View File

@ -1,4 +1,5 @@
<?php <?php
class LeftAndMainSubsitesTest extends FunctionalTest { class LeftAndMainSubsitesTest extends FunctionalTest {
static $fixture_file = 'subsites/tests/SubsiteTest.yml'; static $fixture_file = 'subsites/tests/SubsiteTest.yml';
@ -14,7 +15,29 @@ class LeftAndMainSubsitesTest extends FunctionalTest {
return $obj; return $obj;
} }
function testAlternateAccessCheck() { function testSectionSites() {
$member = $this->objFromFixture('Member', 'subsite1member');
$cmsmain = singleton('CMSMain');
$subsites = $cmsmain->sectionSites(true, "Main site", $member);
$this->assertDOSEquals(array(
array('Title' =>'Subsite1 Template')
), $subsites, 'Lists member-accessible sites for the accessible controller.');
$assetadmin = singleton('AssetAdmin');
$subsites = $assetadmin->sectionSites(true, "Main site", $member);
$this->assertDOSEquals(array(), $subsites, 'Does not list any sites for forbidden controller.');
$member = $this->objFromFixture('Member', 'editor');
$cmsmain = singleton('CMSMain');
$subsites = $cmsmain->sectionSites(true, "Main site", $member);
$this->assertDOSContains(array(
array('Title' =>'Main site')
), $subsites, 'Includes the main site for members who can access all sites.');
}
function testAccessChecksDontChangeCurrentSubsite() {
$admin = $this->objFromFixture("Member","admin"); $admin = $this->objFromFixture("Member","admin");
$this->loginAs($admin); $this->loginAs($admin);
$ids = array(); $ids = array();
@ -28,11 +51,17 @@ class LeftAndMainSubsitesTest extends FunctionalTest {
$ids[] = $subsite3->ID; $ids[] = $subsite3->ID;
$ids[] = 0; $ids[] = 0;
// Enable session-based subsite tracking.
Subsite::$use_session_subsiteid = true;
foreach($ids as $id) { foreach($ids as $id) {
Subsite::changeSubsite($id); //switch to main site (subsite ID zero) Subsite::changeSubsite($id);
$this->assertEquals($id, Subsite::currentSubsiteID());
$left = new LeftAndMain(); $left = new LeftAndMain();
$this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '$id'"); $this->assertTrue($left->canView(), "Admin user can view subsites LeftAndMain with id = '$id'");
$this->assertEquals($id, Subsite::currentSubsiteID(), "The current subsite has not been changed in the process of checking permissions for admin user."); $this->assertEquals($id, Subsite::currentSubsiteID(),
"The current subsite has not been changed in the process of checking permissions for admin user.");
} }
} }

1
tests/SiteTreeSubsitesTest.php
View File

@ -41,6 +41,7 @@ class SiteTreeSubsitesTest extends BaseSubsiteTest {
function testBasicSanity() { function testBasicSanity() {
$this->assertTrue(singleton('SiteTree')->getSiteConfig() instanceof SiteConfig); $this->assertTrue(singleton('SiteTree')->getSiteConfig() instanceof SiteConfig);
// The following assert is breaking in Translatable.
$this->assertTrue(singleton('SiteTree')->getCMSFields() instanceof FieldList); $this->assertTrue(singleton('SiteTree')->getCMSFields() instanceof FieldList);
$this->assertTrue(singleton('SubsitesVirtualPage')->getCMSFields() instanceof FieldList); $this->assertTrue(singleton('SubsitesVirtualPage')->getCMSFields() instanceof FieldList);
$this->assertTrue(is_array(singleton('SiteTreeSubsites')->extraStatics())); $this->assertTrue(is_array(singleton('SiteTreeSubsites')->extraStatics()));

95
tests/SubsiteAdminFunctionalTest.php
View File

@ -6,6 +6,35 @@ class SubsiteAdminFunctionalTest extends FunctionalTest {
protected $autoFollowRedirection = false; protected $autoFollowRedirection = false;
/**
* Helper: FunctionalTest is only able to follow redirection once, we want to go all the way.
*/
function getAndFollowAll($url) {
$response = $this->get($url);
while ($location = $response->getHeader('Location')) {
$response = $this->mainSession->followRedirection();
}
echo $response->getHeader('Location');
return $response;
}
/**
* Anonymous user cannot access anything.
*/
function testAnonymousIsForbiddenAdminAccess() {
$response = $this->getAndFollowAll('admin/pages/?SubsiteID=0');
$this->assertRegExp('#^Security/login.*#', $this->mainSession->lastUrl(), 'Admin is disallowed');
$subsite1 = $this->objFromFixture('Subsite', 'subsite1');
$response = $this->getAndFollowAll("admin/pages/?SubsiteID={$subsite1->ID}");
$this->assertRegExp('#^Security/login.*#', $this->mainSession->lastUrl(), 'Admin is disallowed');
$response = $this->getAndFollowAll('SubsiteXHRController');
$this->assertRegExp('#^Security/login.*#', $this->mainSession->lastUrl(),
'SubsiteXHRController is disallowed');
}
/** /**
* Admin should be able to access all subsites and the main site * Admin should be able to access all subsites and the main site
*/ */
@ -13,14 +42,18 @@ class SubsiteAdminFunctionalTest extends FunctionalTest {
$member = $this->objFromFixture('Member', 'admin'); $member = $this->objFromFixture('Member', 'admin');
Session::set("loggedInAs", $member->ID); Session::set("loggedInAs", $member->ID);
$this->get('admin/pages?SubsiteID=0&ajax=1'); $this->getAndFollowAll('admin/pages/?SubsiteID=0');
$this->get('admin'); $this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site.');
$this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site'); $this->assertRegExp('#^admin/pages.*#', $this->mainSession->lastUrl(), 'Lands on the correct section');
$mainSubsite = $this->objFromFixture('Subsite', 'main'); $subsite1 = $this->objFromFixture('Subsite', 'subsite1');
$this->get("admin/pages?SubsiteID={$mainSubsite->ID}&ajax=1"); $this->getAndFollowAll("admin/pages/?SubsiteID={$subsite1->ID}");
$this->get('admin'); $this->assertEquals(Subsite::currentSubsiteID(), $subsite1->ID, 'Can access other subsite.');
$this->assertEquals(Subsite::currentSubsiteID(), $mainSubsite->ID, 'Can access the subsite'); $this->assertRegExp('#^admin/pages.*#', $this->mainSession->lastUrl(), 'Lands on the correct section');
$response = $this->getAndFollowAll('SubsiteXHRController');
$this->assertNotRegExp('#^Security/login.*#', $this->mainSession->lastUrl(),
'SubsiteXHRController is reachable');
} }
/** /**
@ -31,13 +64,47 @@ class SubsiteAdminFunctionalTest extends FunctionalTest {
$member = $this->objFromFixture('Member', 'editor'); $member = $this->objFromFixture('Member', 'editor');
Session::set("loggedInAs", $member->ID); Session::set("loggedInAs", $member->ID);
$this->get('admin/pages?SubsiteID=0&ajax=1'); $this->getAndFollowAll('admin/pages/?SubsiteID=0');
$this->get('admin'); $this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site.');
$this->assertEquals(Subsite::currentSubsiteID(), '0', 'Can access main site'); $this->assertRegExp('#^admin/pages.*#', $this->mainSession->lastUrl(), 'Lands on the correct section');
$mainSubsite = $this->objFromFixture('Subsite', 'main'); $subsite1 = $this->objFromFixture('Subsite', 'subsite1');
$this->get("admin/pages?SubsiteID={$mainSubsite->ID}&ajax=1"); $this->getAndFollowAll("admin/pages/?SubsiteID={$subsite1->ID}");
$this->get('admin'); $this->assertEquals(Subsite::currentSubsiteID(), $subsite1->ID, 'Can access other subsite.');
$this->assertEquals(Subsite::currentSubsiteID(), $mainSubsite->ID, 'Can access the subsite'); $this->assertRegExp('#^admin/pages.*#', $this->mainSession->lastUrl(), 'Lands on the correct section');
$response = $this->getAndFollowAll('SubsiteXHRController');
$this->assertNotRegExp('#^Security/login.*#', $this->mainSession->lastUrl(),
'SubsiteXHRController is reachable');
}
/**
* Test a member who only has access to one subsite (subsite1) and only some sections (pages and security).
*/
function testSubsiteAdmin() {
$member = $this->objFromFixture('Member', 'subsite1member');
Session::set("loggedInAs", $member->ID);
$subsite1 = $this->objFromFixture('Subsite', 'subsite1');
// Check allowed URL.
$this->getAndFollowAll("admin/pages/?SubsiteID={$subsite1->ID}");
$this->assertEquals(Subsite::currentSubsiteID(), $subsite1->ID, 'Can access own subsite.');
$this->assertRegExp('#^admin/pages.*#', $this->mainSession->lastUrl(), 'Can access permitted section.');
// Check forbidden section in allowed subsite.
$this->getAndFollowAll("admin/assets/?SubsiteID={$subsite1->ID}");
$this->assertEquals(Subsite::currentSubsiteID(), $subsite1->ID, 'Is redirected within subsite.');
$this->assertNotRegExp('#^admin/assets/.*#', $this->mainSession->lastUrl(),
'Is redirected away from forbidden section');
// Check forbidden site.
$this->getAndFollowAll("admin/pages/?SubsiteID=0");
$this->assertEquals(Subsite::currentSubsiteID(), $subsite1->ID, 'Is redirected to permitted subsite.');
// Check the standalone XHR controller.
$response = $this->getAndFollowAll('SubsiteXHRController');
$this->assertNotRegExp('#^Security/login.*#', $this->mainSession->lastUrl(),
'SubsiteXHRController is reachable');
} }
} }

22
tests/SubsiteTest.php
View File

@ -242,6 +242,28 @@ class SubsiteTest extends BaseSubsiteTest {
$_SERVER['HTTP_HOST'] = $originalHTTPHost; $_SERVER['HTTP_HOST'] = $originalHTTPHost;
} }
function testAllSites() {
$subsites = Subsite::all_sites();
$this->assertDOSEquals(array(
array('Title' =>'Main site'),
array('Title' =>'Template'),
array('Title' =>'Subsite1 Template'),
array('Title' =>'Subsite2 Template'),
array('Title' =>'Test 1'),
array('Title' =>'Test 2'),
array('Title' =>'Test 3')
), $subsites, 'Lists all subsites');
}
function testAllAccessibleSites() {
$member = $this->objFromFixture('Member', 'subsite1member');
$subsites = Subsite::all_accessible_sites(true, 'Main site', $member);
$this->assertDOSEquals(array(
array('Title' =>'Subsite1 Template')
), $subsites, 'Lists member-accessible sites.');
}
/** /**
* Test Subsite::accessible_sites() * Test Subsite::accessible_sites()
*/ */