mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-12 23:14:18 +01:00
🐛 N°8522 - check if org id is null when filtering (#727)
This commit is contained in:
Håkon Harnes
@@ -142,7 +142,9 @@ abstract class UserRightsAddOnAPI
|
|||||||
$oFilter = new DBObjectSearch($sClass);
|
$oFilter = new DBObjectSearch($sClass);
|
||||||
$oListExpr = ListExpression::FromScalars($aAllowedOrgs);
|
$oListExpr = ListExpression::FromScalars($aAllowedOrgs);
|
||||||
|
|
||||||
$oCondition = new BinaryExpression($oExpression, 'IN', $oListExpr);
|
$oNullCondition = new FunctionExpression('ISNULL', [$oExpression]);
|
||||||
|
$oInCondition = new BinaryExpression($oExpression, 'IN', $oListExpr);
|
||||||
|
$oCondition = $oNullCondition->LogOr($oInCondition);
|
||||||
$oFilter->AddConditionExpression($oCondition);
|
$oFilter->AddConditionExpression($oCondition);
|
||||||
|
|
||||||
if ($this->HasSharing())
|
if ($this->HasSharing())
|
||||||
|
|||||||
@@ -13,12 +13,14 @@ namespace Combodo\iTop\Test\UnitTest\Core;
|
|||||||
use CMDBSource;
|
use CMDBSource;
|
||||||
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
|
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
|
||||||
use DBObjectSearch;
|
use DBObjectSearch;
|
||||||
|
use DBObjectSet;
|
||||||
use DBSearch;
|
use DBSearch;
|
||||||
use Exception;
|
use Exception;
|
||||||
use MetaModel;
|
use MetaModel;
|
||||||
use OqlInterpreter;
|
use OqlInterpreter;
|
||||||
use QueryBuilderContext;
|
use QueryBuilderContext;
|
||||||
use SQLObjectQueryBuilder;
|
use SQLObjectQueryBuilder;
|
||||||
|
use UserRights;
|
||||||
use utils;
|
use utils;
|
||||||
|
|
||||||
class OQLTest extends ItopDataTestCase
|
class OQLTest extends ItopDataTestCase
|
||||||
@@ -499,4 +501,91 @@ SELECT
|
|||||||
],
|
],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function GivenVMAndLicence(int $iVmOrgId, ?int $iLicenceOrgId): int
|
||||||
|
{
|
||||||
|
$iOsFamilyId = $this->GivenObjectInDB('OSFamily', [
|
||||||
|
'name' => 'Test OS Family',
|
||||||
|
]);
|
||||||
|
|
||||||
|
$iOsVersionId = $this->GivenObjectInDB('OSVersion', [
|
||||||
|
'name' => 'Test OS Version',
|
||||||
|
'osfamily_id' => $iOsFamilyId,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$iOSLicenceId = $this->GivenObjectInDB('OSLicence', [
|
||||||
|
'name' => 'Test OS Licence',
|
||||||
|
'osversion_id' => $iOsVersionId,
|
||||||
|
'org_id' => $iLicenceOrgId,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$iVClusterId = $this->GivenObjectInDB('Hypervisor', [
|
||||||
|
'name' => 'Test Hypervisor',
|
||||||
|
'org_id' => $iVmOrgId,
|
||||||
|
]);
|
||||||
|
|
||||||
|
return $this->GivenObjectInDB('VirtualMachine', [
|
||||||
|
'name' => 'Test VM with OS Licence',
|
||||||
|
'org_id' => $iVmOrgId,
|
||||||
|
'virtualhost_id' => $iVClusterId,
|
||||||
|
'oslicence_id' => $iOSLicenceId,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testMultiColumnQueryBehaviorWithOrganizationRestrictions()
|
||||||
|
{
|
||||||
|
$sAllowedOrgId = $this->GivenObjectInDB('Organization', ['name' => 'Test organization']);
|
||||||
|
$sForbiddenOrgId = $this->GivenObjectInDB('Organization', ['name' => 'Test organization not allowed']);
|
||||||
|
|
||||||
|
$iVmWithOsLicenceAllowed = $this->GivenVMAndLicence($sAllowedOrgId, $sAllowedOrgId);
|
||||||
|
$iVmWithOsLicenceForbidden = $this->GivenVMAndLicence($sAllowedOrgId, $sForbiddenOrgId);
|
||||||
|
$iVmWithoutOsLicence = $this->GivenVMAndLicence($sAllowedOrgId, null);
|
||||||
|
|
||||||
|
$sLoginUserWithAllowedOrg = $this->GivenUserRestrictedToAnOrganizationInDB($sAllowedOrgId, 3);
|
||||||
|
|
||||||
|
$sQuery = <<<OQL
|
||||||
|
SELECT VM, OSL
|
||||||
|
FROM VirtualMachine AS VM
|
||||||
|
JOIN OSLicence AS OSL ON VM.oslicence_id = OSL.id
|
||||||
|
OQL;
|
||||||
|
|
||||||
|
UserRights::Login($sLoginUserWithAllowedOrg);
|
||||||
|
|
||||||
|
$oDbObjectSearch = DBObjectSearch::FromOQL($sQuery);
|
||||||
|
|
||||||
|
$oSet = new DBObjectSet($oDbObjectSearch);
|
||||||
|
|
||||||
|
$aQueryResult = $oSet->ToArray();
|
||||||
|
$this->assertArrayHasKey($iVmWithOsLicenceAllowed, $aQueryResult, 'The VM with OS Licence in allowed org should be found');
|
||||||
|
$this->assertArrayNotHasKey($iVmWithOsLicenceForbidden, $aQueryResult, 'The VM with OS Licence in forbidden org should NOT be found');
|
||||||
|
$this->assertArrayHasKey($iVmWithoutOsLicence, $aQueryResult, 'The VM without OS Licence should be found (cf. #727)');
|
||||||
|
UserRights::Logoff();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testMultiColumnQueryBehaviorWithoutOrganizationRestrictions()
|
||||||
|
{
|
||||||
|
$sOrgId = $this->GivenObjectInDB('Organization', ['name' => 'Test organization']);
|
||||||
|
|
||||||
|
$iVmWithOsLicence = $this->GivenVMAndLicence($sOrgId, $sOrgId);
|
||||||
|
$iVmWithoutOsLicence = $this->GivenVMAndLicence($sOrgId, null);
|
||||||
|
|
||||||
|
$sLoginUserWithNoRestriction = $this->GivenUserInDB('azerty', ['Configuration Manager']);
|
||||||
|
|
||||||
|
$sQuery = <<<OQL
|
||||||
|
SELECT VM, OSL
|
||||||
|
FROM VirtualMachine AS VM
|
||||||
|
JOIN OSLicence AS OSL ON VM.oslicence_id = OSL.id
|
||||||
|
OQL;
|
||||||
|
|
||||||
|
UserRights::Login($sLoginUserWithNoRestriction);
|
||||||
|
|
||||||
|
$oDbObjectSearch = DBObjectSearch::FromOQL($sQuery);
|
||||||
|
|
||||||
|
$oSet = new DBObjectSet($oDbObjectSearch);
|
||||||
|
|
||||||
|
$aQueryResult = $oSet->ToArray();
|
||||||
|
$this->assertArrayHasKey($iVmWithOsLicence, $aQueryResult, 'The VM with OS Licence should be found');
|
||||||
|
$this->assertArrayHasKey($iVmWithoutOsLicence, $aQueryResult, 'The VM without OS Licence should be found');
|
||||||
|
UserRights::Logoff();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user