Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge branch 'MDL-38498-25' of git://github.com/FMCorz/moodle into MO…

…ODLE_25_STABLE
  • Loading branch information...
commit 5cc84acabed6d4825bf7864e027ace575c4324b7 2 parents 543b5fe + cdd041e
@damyon damyon authored
Showing with 228 additions and 1 deletion.
  1. +228 −1 repository/tests/repository_test.php
View
229 repository/tests/repository_test.php
@@ -161,7 +161,6 @@ public function test_can_be_edited_by_user() {
$course = $this->getDataGenerator()->create_course();
$coursecontext = context_course::instance($course->id);
$roleid = create_role('A role', 'arole', 'A role', '');
- set_role_contextlevels($roleid, array($syscontext->contextlevel, $coursecontext->contextlevel));
$user = $this->getDataGenerator()->create_user();
$this->setUser($user);
@@ -237,4 +236,232 @@ public function test_can_be_edited_by_user() {
}
+ public function test_check_capability() {
+ $this->resetAfterTest(true);
+
+ $syscontext = context_system::instance();
+ $course1 = $this->getDataGenerator()->create_course();
+ $course1context = context_course::instance($course1->id);
+ $course2 = $this->getDataGenerator()->create_course();
+ $course2context = context_course::instance($course2->id);
+
+ $forumdata = new stdClass();
+ $forumdata->course = $course1->id;
+ $forumc1 = $this->getDataGenerator()->create_module('forum', $forumdata);
+ $forumc1context = context_module::instance($forumc1->id);
+ $forumdata->course = $course2->id;
+ $forumc2 = $this->getDataGenerator()->create_module('forum', $forumdata);
+ $forumc2context = context_module::instance($forumc2->id);
+
+ $blockdata = new stdClass();
+ $blockdata->parentcontextid = $course1context->id;
+ $blockc1 = $this->getDataGenerator()->create_block('online_users', $blockdata);
+ $blockc1context = context_block::instance($blockc1->id);
+ $blockdata->parentcontextid = $course2context->id;
+ $blockc2 = $this->getDataGenerator()->create_block('online_users', $blockdata);
+ $blockc2context = context_block::instance($blockc2->id);
+
+ $user1 = $this->getDataGenerator()->create_user();
+ $user1context = context_user::instance($user1->id);
+ $user2 = $this->getDataGenerator()->create_user();
+ $user2context = context_user::instance($user2->id);
+
+ // New role prohibiting Flickr Public access.
+ $roleid = create_role('No Flickr Public', 'noflickrpublic', 'No Flickr Public', '');
+ set_role_contextlevels($roleid, array(CONTEXT_SYSTEM, CONTEXT_COURSE));
+ assign_capability('repository/flickr_public:view', CAP_PROHIBIT, $roleid, $syscontext, true);
+
+ // Disallow system access to Flickr Public to user 2.
+ role_assign($roleid, $user2->id, $syscontext->id);
+ accesslib_clear_all_caches_for_unit_testing();
+
+ // Enable repositories.
+ $plugintype = new repository_type('flickr_public');
+ $plugintype->create(true);
+ $plugintype = new repository_type('dropbox');
+ $plugintype->create(true);
+ $params = array(
+ 'name' => 'Flickr Public'
+ );
+
+ // Instance on a site level.
+ $repoid = repository::static_function('flickr_public', 'create', 'flickr_public', 0, $syscontext, $params);
+ $systemrepo = repository::get_repository_by_id($repoid, $syscontext);
+
+ // Check that everyone with right capability can view a site-wide repository.
+ $this->setUser($user1);
+ $this->assertTrue($systemrepo->check_capability());
+
+ // Without the capability, we cannot view a site-wide repository.
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $systemrepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // Instance on a course level.
+ $courserepoid = repository::static_function('flickr_public', 'create', 'flickr_public', 0, $course1context, $params);
+
+ // Within the course, I can view the repository.
+ $courserepo = repository::get_repository_by_id($courserepoid, $course1context);
+ $this->setUser($user1);
+ $this->assertTrue($courserepo->check_capability());
+ // But not without the capability.
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // From another course I cannot, with or without the capability.
+ $courserepo = repository::get_repository_by_id($courserepoid, $course2context);
+ $this->setUser($user1);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // From a module within the course, I can view the repository.
+ $courserepo = repository::get_repository_by_id($courserepoid, $forumc1context);
+ $this->setUser($user1);
+ $this->assertTrue($courserepo->check_capability());
+ // But not without the capability.
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // From a module in the wrong course, I cannot view the repository.
+ $courserepo = repository::get_repository_by_id($courserepoid, $forumc2context);
+ $this->setUser($user1);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // From a block within the course, I can view the repository.
+ $courserepo = repository::get_repository_by_id($courserepoid, $blockc1context);
+ $this->setUser($user1);
+ $this->assertTrue($courserepo->check_capability());
+ // But not without the capability.
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // From a block in the wrong course, I cannot view the repository.
+ $courserepo = repository::get_repository_by_id($courserepoid, $blockc2context);
+ $this->setUser($user1);
+ $caughtexception = false;
+ try {
+ $courserepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // Instance on a user level.
+ $user1repoid = repository::static_function('flickr_public', 'create', 'flickr_public', 0, $user1context, $params);
+ $user2repoid = repository::static_function('flickr_public', 'create', 'flickr_public', 0, $user2context, $params);
+
+ // Check that a user can see its own repository.
+ $userrepo = repository::get_repository_by_id($user1repoid, $syscontext);
+ $this->setUser($user1);
+ $this->assertTrue($userrepo->check_capability());
+ // But not without the capability.
+ $userrepo = repository::get_repository_by_id($user2repoid, $syscontext);
+ $this->setUser($user2);
+ $caughtexception = false;
+ try {
+ $userrepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // Check that a user cannot see someone's repository.
+ $userrepo = repository::get_repository_by_id($user2repoid, $syscontext);
+ $this->setUser($user1);
+ $caughtexception = false;
+ try {
+ $userrepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+ // Make sure the repo from user 2 was accessible.
+ role_unassign($roleid, $user2->id, $syscontext->id);
+ accesslib_clear_all_caches_for_unit_testing();
+ $this->setUser($user2);
+ $this->assertTrue($userrepo->check_capability());
+ role_assign($roleid, $user2->id, $syscontext->id);
+ accesslib_clear_all_caches_for_unit_testing();
+
+ // Check that a user can view SOME repositories when logged in as someone else.
+ $params = new stdClass();
+ $params->name = 'Dropbox';
+ $params->dropbox_key = 'key';
+ $params->dropbox_secret = 'secret';
+ $privaterepoid = repository::static_function('dropbox', 'create', 'dropbox', 0, $syscontext, $params);
+ $params = new stdClass();
+ $params->name = 'Upload';
+ $notprivaterepoid = repository::static_function('upload', 'create', 'upload', 0, $syscontext, $params);
+
+ $privaterepo = repository::get_repository_by_id($privaterepoid, $syscontext);
+ $notprivaterepo = repository::get_repository_by_id($notprivaterepoid, $syscontext);
+ $userrepo = repository::get_repository_by_id($user1repoid, $syscontext);
+
+ $this->setAdminUser();
+ session_loginas($user1->id, $syscontext);
+
+ // Logged in as, I cannot view a user instance.
+ $caughtexception = false;
+ try {
+ $userrepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // Logged in as, I cannot view a private instance.
+ $caughtexception = false;
+ try {
+ $privaterepo->check_capability();
+ } catch (repository_exception $e) {
+ $caughtexception = true;
+ }
+ $this->assertTrue($caughtexception);
+
+ // Logged in as, I can view a non-private instance.
+ $this->assertTrue($notprivaterepo->check_capability());
+ }
+
}
Please sign in to comment.
Something went wrong with that request. Please try again.