ENH: refs #0340. Add testing for user deletion functionality

zachmullen · zachmullen · commit 1f0b30eebb9a · 2012-01-14T20:17:18.000-05:00
diff --git a/core/database/upgrade/3.2.1.php b/core/database/upgrade/3.2.1.php
@@ -17,10 +17,11 @@ public function pgsql()
   public function postUpgrade()
     {
     $user = new Zend_Session_Namespace('Auth_User');
+    $id = $user && $user->Dao ? $user->Dao->getKey() : '1';
 
     $modelLoader = new MIDAS_ModelLoader();
     $settingModel = $modelLoader->loadModel('Setting');
-    $settingModel->setConfig('adminuser', $user->Dao->getKey());
+    $settingModel->setConfig('adminuser', $id);
     }
 }
 ?>
diff --git a/core/models/base/BitstreamModelBase.php b/core/models/base/BitstreamModelBase.php
@@ -59,13 +59,14 @@ function delete($bitstream)
     {
     if(!$bitstream instanceof BitstreamDao)
       {
-      throw new Zend_Exception("Error param.");
+      throw new Zend_Exception('Must pass a bitstream dao');
       }
     $checksum = $bitstream->getChecksum();
     $path = $bitstream->getFullPath();
     $assetstore = $bitstream->getAssetstore();
     parent::delete($bitstream);
-    if($assetstore->getType() != MIDAS_ASSETSTORE_REMOTE && $this->getByChecksum($checksum) == false)
+    if(file_exists($path) && $assetstore->getType() != MIDAS_ASSETSTORE_REMOTE
+       && $this->getByChecksum($checksum) == false)
       {
       unlink($path);
       }
diff --git a/core/tests/controllers/UserControllerTest.php b/core/tests/controllers/UserControllerTest.php
@@ -70,10 +70,7 @@ public function testRegisterAction()
     $this->dispatchUrI("/user/register");
 
     $userDao = $this->User->getByEmail($this->params['email']);
-    if($userDao == false)
-      {
-      $this->fail('Unable to register');
-      }
+    $this->assertTrue($userDao != false, 'Unable to register');
     }
 
   /** test login*/
@@ -99,12 +96,8 @@ public function testLoginAction()
     $this->params['email'] = 'user1@user1.com';
     $this->params['password'] = 'test';
     $this->request->setMethod('POST');
-    $this->dispatchUrI("/user/login");
-
-    if(strpos($this->getBody(), 'Test Pass') === false)
-      {
-      $this->fail('Unable to authenticate');
-      }
+    $this->dispatchUrI('/user/login');
+    $this->assertTrue(strpos($this->getBody(), 'Test Pass') !== false, 'Unable to authenticate');
     }
 
   /** test terms */
@@ -136,10 +129,7 @@ public function testRecoverpasswordAction()
     $this->dispatchUrI("/user/recoverpassword", null);
 
     $userDao2 = $this->User->getByEmail($this->params['email']);
-    if($userDao->getPassword() == $userDao2->getPassword())
-      {
-      $this->fail('Unable to change password');
-      }
+    $this->assertNotEquals($userDao->getPassword(), $userDao2->getPassword(), 'Unable to change password');
     $this->setupDatabase(array('default'));
     }
 
@@ -149,10 +139,7 @@ public function testSettingsAction()
     $this->resetAll();
     $this->dispatchUrI("/user/settings", null, false);
     $body = $this->getBody();
-    if(!empty($body))
-      {
-      $this->fail('Should return nothing');
-      }
+    $this->assertTrue(empty($body), 'Should return nothing');
 
     $usersFile = $this->loadData('User', 'default');
     $userDao = $this->User->load($usersFile[0]->getKey());
@@ -170,10 +157,8 @@ public function testSettingsAction()
     $this->dispatchUrI("/user/settings", $userDao);
 
     $userCheckDao = $this->User->getByEmail($userDao->getEmail());
-    if($userDao->getPassword() == $userCheckDao->getPassword())
-      {
-      $this->fail('Unable to change password');
-      }
+    $this->assertNotEquals($userDao->getPassword(), $userCheckDao->getPassword(), 'Unable to change password');
+
     $this->setupDatabase(array('default'));
 
     $this->resetAll();
@@ -187,10 +172,7 @@ public function testSettingsAction()
     $this->dispatchUrI("/user/settings", $userDao);
 
     $userCheckDao = $this->User->load($userDao->getKey());
-    if($this->params['firstname'] != $userCheckDao->getFirstname())
-      {
-      $this->fail('Unable to change account information');
-      }
+    $this->assertEquals($this->params['firstname'], $userCheckDao->getFirstname(), 'Unable to change account information');
 
     $this->resetAll();
     $this->params = array();
@@ -201,10 +183,7 @@ public function testSettingsAction()
     $userCheckDao = $this->User->load($userDao->getKey());
 
     $thumbnail = $userCheckDao->getThumbnail();
-    if(empty($thumbnail))
-      {
-      $this->fail('Unable to change avatar');
-      }
+    $this->assertTrue(!empty($thumbnail), 'Unable to change avatar');
 
     $this->setupDatabase(array('default'));
     }
@@ -216,10 +195,7 @@ public function testManageAction()
     $this->dispatchUrI("/user/manage", null, false);
 
     $body = $this->getBody();
-    if(!empty($body))
-      {
-      $this->fail('The page should be empty');
-      }
+    $this->assertTrue(empty($body), 'The page should be empty');
 
     $usersFile = $this->loadData('User', 'default');
     $userDao = $this->User->load($usersFile[0]->getKey());
@@ -258,53 +234,141 @@ public function testUserpageAction()
   public function testValidentryAction()
     {
     $this->resetAll();
-    $this->dispatchUrI("/user/validentry");
-    if(strpos($this->getBody(), 'false') === false)
-      {
-      $this->fail();
-      }
+    $this->dispatchUrI('/user/validentry');
+    $this->assertTrue(strpos($this->getBody(), 'false') !== false);
 
     $this->resetAll();
     $this->params = array();
     $this->params['entry'] = 'user1@user1.com';
     $this->params['type'] = 'dbuser';
-    $this->dispatchUrI("/user/validentry");
-    if(strpos($this->getBody(), 'true') === false)
-      {
-      $this->fail();
-      }
+    $this->dispatchUrI('/user/validentry');
+    $this->assertTrue(strpos($this->getBody(), 'true') !== false);
 
     $this->resetAll();
     $this->params = array();
     $this->params['entry'] = 'test_email_not_in_db';
     $this->params['type'] = 'dbuser';
-    $this->dispatchUrI("/user/validentry");
-    if(strpos($this->getBody(), 'false') === false)
-      {
-      $this->fail();
-      }
+    $this->dispatchUrI('/user/validentry');
+    $this->assertTrue(strpos($this->getBody(), 'false') !== false);
 
     $this->resetAll();
     $this->params = array();
     $this->params['entry'] = 'user1@user1.com';
     $this->params['type'] = 'login';
     $this->params['password'] = 'wrong_password';
-    $this->dispatchUrI("/user/validentry");
-    if(strpos($this->getBody(), 'false') === false)
-      {
-      $this->fail();
-      }
+    $this->dispatchUrI('/user/validentry');
+    $this->assertTrue(strpos($this->getBody(), 'false') !== false);
 
     $this->resetAll();
     $this->params = array();
     $this->params['entry'] = 'user1@user1.com';
     $this->params['type'] = 'login';
     $this->params['password'] = 'test';
-    $this->dispatchUrI("/user/validentry");
-    if(strpos($this->getBody(), 'true') === false)
+    $this->dispatchUrI('/user/validentry');
+    $this->assertTrue(strpos($this->getBody(), 'true') !== false);
+    }
+
+  /** Test admin ability to delete a user */
+  public function testDeleteUserAction()
+    {
+    $modelLoader = new MIDAS_ModelLoader();
+    $settingModel = $modelLoader->loadModel('Setting');
+    $adminuserSetting = $settingModel->getValueByName('adminuser');
+    $usersFile = $this->loadData('User', 'default');
+    $user1 = $this->User->load($usersFile[0]->getKey());
+    $user2 = $this->User->load($usersFile[1]->getKey());
+    $adminUser = $this->User->load($usersFile[2]->getKey());
+
+    // Render the delete dialog and make sure it has correct text
+    $this->resetAll();
+    $this->dispatchUrI('/user/deletedialog?userId='.$user1->getKey(), $adminUser);
+    $this->assertQueryContentContains('#deleteDialogUserName', $user1->getFirstname().' '.$user1->getLastname());
+
+    // Should fail if we aren't logged in
+    $this->resetAll();
+    $this->dispatchUrI('/user/delete?userId='.$user1->getKey(), null, true);
+
+    // Should fail if we try to delete an admin user
+    $this->resetAll();
+    $this->dispatchUrI('/user/delete?userId='.$adminUser->getKey(), $adminUser, true);
+
+    // Should fail if a non admin user tries to delete a different user
+    $this->resetAll();
+    $this->dispatchUrI('/user/delete?userId='.$user2->getKey(), $user1, true);
+
+    $oldRevisions = $user1->getItemrevisions();
+    $this->assertTrue(count($oldRevisions) > 0);
+    $revisionKeys = array();
+    foreach($oldRevisions as $oldRevision)
       {
-      $this->fail();
+      $this->assertEquals($oldRevision->getUserId(), $user1->getKey());
+      $revisionKeys[] = $oldRevision->getKey();
       }
+    // Delete user 1 as administrator
+    $key = $user1->getKey();
+    $this->resetAll();
+    $this->dispatchUrI('/user/delete?userId='.$user1->getKey(), $adminUser);
+
+    // Make sure user record is now gone
+    $this->assertFalse($this->User->load($key));
+
+    // Make sure all of user's revisions that weren't removed are now listed as uploaded by superadmin
+    $revisionModel = $modelLoader->loadModel('ItemRevision');
+    $revisionNotDeleted = false;
+    foreach($revisionKeys as $revisionKey)
+      {
+      $revision = $revisionModel->load($revisionKey);
+      $this->assertTrue($revision === false || $revision->getUserId() == $adminuserSetting);
+      if($revision !== false)
+        {
+        $revisionNotDeleted = true;
+        }
+      }
+    $this->assertTrue($revisionNotDeleted, 'At least one revision should not have been deleted');
     }
 
+  /** Test user's ability to delete himself */
+  public function testDeleteSelfAction()
+    {
+    $modelLoader = new MIDAS_ModelLoader();
+    $settingModel = $modelLoader->loadModel('Setting');
+    $adminuserSetting = $settingModel->getValueByName('adminuser');
+    $usersFile = $this->loadData('User', 'default');
+    $user1 = $this->User->load($usersFile[0]->getKey());
+
+    // Render the delete dialog and make sure it has correct text for self-deletion
+    $this->resetAll();
+    $this->dispatchUrI('/user/deletedialog?userId='.$user1->getKey(), $user1);
+    $this->assertTrue(strpos($this->getBody(), 'Are you sure you want to delete your user account?') !== false);
+
+    $oldRevisions = $user1->getItemrevisions();
+    $this->assertTrue(count($oldRevisions) > 0);
+    $revisionKeys = array();
+    foreach($oldRevisions as $oldRevision)
+      {
+      $this->assertEquals($oldRevision->getUserId(), $user1->getKey());
+      $revisionKeys[] = $oldRevision->getKey();
+      }
+    // Delete user 1 as user 1
+    $key = $user1->getKey();
+    $this->resetAll();
+    $this->dispatchUrI('/user/delete?userId='.$user1->getKey(), $user1);
+
+    // Make sure user record is now gone
+    $this->assertFalse($this->User->load($key));
+
+    // Make sure all of user's revisions that weren't removed are now listed as uploaded by superadmin
+    $revisionModel = $modelLoader->loadModel('ItemRevision');
+    $revisionNotDeleted = false;
+    foreach($revisionKeys as $revisionKey)
+      {
+      $revision = $revisionModel->load($revisionKey);
+      $this->assertTrue($revision === false || $revision->getUserId() == $adminuserSetting);
+      if($revision !== false)
+        {
+        $revisionNotDeleted = true;
+        }
+      }
+    $this->assertTrue($revisionNotDeleted, 'At least one revision should not have been deleted');
+    }
   }
diff --git a/core/tests/databaseDataset/default.xml b/core/tests/databaseDataset/default.xml
@@ -65,14 +65,14 @@
 	<itemrevision itemrevision_id="3" item_id="1" revision="2"
 		date="2011-01-27 12:09:02" user_id='1' changes="Description 1" />
 	<itempolicygroup item_id="1" group_id="0" policy='0'  />
-	<item2folder  item_id="1" folder_id='1001' />
+	<item2folder item_id="1" folder_id='1001' />
+  <item2folder item_id="1" folder_id="1004" />
 	<item item_id="2" name="name 2" description="Description 2" type="4" uuid='4e311fdf82007c245b07d8d6c4fcb4205f2621eb72751' />
 	<itemrevision itemrevision_id="2" item_id="2" revision="1"
 		date="2011-01-27 12:09:02" user_id='1' changes="Description 1" />
 	<itempolicyuser item_id="2" user_id="1" policy='2' />
 	<item2folder item_id="2" folder_id='1001' />
 	<item item_id="3" name="name 3" description="Description 3" type="3" uuid='4e311fdf82007c245b07d8d6c4fcb4205f2621eb72752' />
-
 	<bitstream bitstream_id="1" itemrevision_id="3" name="foo.png" mimetype="image/png" sizebytes="64" checksum="f283bc88b24491ba85c65ba960642753"
 		path="f2/83/f283bc88b24491ba85c65ba960642753" assetstore_id="1" date="2011-01-27 12:09:02" />
 
@@ -113,4 +113,6 @@
 	<!-- MIDAS_FEED_CREATE_REVISION -->
 	<feed feed_id="10" date="2011-01-27 12:09:02" user_id='1' type="40"
 		ressource="1" />
+
+  <setting name="adminuser" module="core" value="3" />
 </dataset>

Original file line number	Diff line number	Diff line change
`@@ -17,10 +17,11 @@ public function pgsql()`
`17`	`17`	`public function postUpgrade()`
`18`	`18`	`{`
`19`	`19`	`$user = new Zend_Session_Namespace('Auth_User');`
	`20`	`+ $id = $user && $user->Dao ? $user->Dao->getKey() : '1';`
`20`	`21`
`21`	`22`	`$modelLoader = new MIDAS_ModelLoader();`
`22`	`23`	`$settingModel = $modelLoader->loadModel('Setting');`
`23`		`- $settingModel->setConfig('adminuser', $user->Dao->getKey());`
	`24`	`+ $settingModel->setConfig('adminuser', $id);`
`24`	`25`	`}`
`25`	`26`	`}`
`26`	`27`	`?>`
Original file line number	Diff line number	Diff line change
`@@ -59,13 +59,14 @@ function delete($bitstream)`
`59`	`59`	`{`
`60`	`60`	`if(!$bitstream instanceof BitstreamDao)`
`61`	`61`	`{`
`62`		`- throw new Zend_Exception("Error param.");`
	`62`	`+ throw new Zend_Exception('Must pass a bitstream dao');`
`63`	`63`	`}`
`64`	`64`	`$checksum = $bitstream->getChecksum();`
`65`	`65`	`$path = $bitstream->getFullPath();`
`66`	`66`	`$assetstore = $bitstream->getAssetstore();`
`67`	`67`	`parent::delete($bitstream);`
`68`		`- if($assetstore->getType() != MIDAS_ASSETSTORE_REMOTE && $this->getByChecksum($checksum) == false)`
	`68`	`+ if(file_exists($path) && $assetstore->getType() != MIDAS_ASSETSTORE_REMOTE`
	`69`	`+ && $this->getByChecksum($checksum) == false)`
`69`	`70`	`{`
`70`	`71`	`unlink($path);`
`71`	`72`	`}`