mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-21 01:28:47 +02:00
🎨 cleanup code
This commit is contained in:
Eric
@@ -380,7 +380,7 @@ abstract class User extends cmdbAbstractObject
|
||||
|
||||
// Check if the user is yet allowed to modify Users
|
||||
if (method_exists($oAddon, 'ResetCache')) {
|
||||
$aCurrentProfiles = $_SESSION['profile_list'];
|
||||
$aCurrentProfiles = $_SESSION['profile_list'] ?? null;
|
||||
// Set the current profiles into a session variable (not yet in the database)
|
||||
$_SESSION['profile_list'] = $aProfiles;
|
||||
|
||||
@@ -390,7 +390,11 @@ abstract class User extends cmdbAbstractObject
|
||||
}
|
||||
$oAddon->ResetCache();
|
||||
|
||||
$_SESSION['profile_list'] = $aCurrentProfiles;
|
||||
if (is_null($aCurrentProfiles)) {
|
||||
unset($_SESSION['profile_list']);
|
||||
} else {
|
||||
$_SESSION['profile_list'] = $aCurrentProfiles;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -594,6 +598,9 @@ abstract class User extends cmdbAbstractObject
|
||||
*/
|
||||
private function IsCurrentUser(): bool
|
||||
{
|
||||
if (is_null(UserRights::GetUserId())) {
|
||||
return false;
|
||||
}
|
||||
return UserRights::GetUserId() == $this->GetKey();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,7 +27,10 @@
|
||||
namespace Combodo\iTop\Test\UnitTest\Core;
|
||||
|
||||
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
|
||||
use CoreCannotSaveObjectException;
|
||||
use DBObject;
|
||||
use UserRights;
|
||||
use utils;
|
||||
|
||||
/**
|
||||
* @group itopRequestMgmt
|
||||
@@ -40,24 +43,23 @@ class UserRightsTest extends ItopDataTestCase
|
||||
{
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp(); // TODO: Change the autogenerated stub
|
||||
parent::setUp();
|
||||
|
||||
try{
|
||||
\utils::GetConfig()->SetModuleSetting('authent-local', 'password_validation.pattern', '' );
|
||||
try {
|
||||
utils::GetConfig()->SetModuleSetting('authent-local', 'password_validation.pattern', '');
|
||||
self::CreateUser('admin', 1);
|
||||
}
|
||||
catch(\CoreCannotSaveObjectException $e)
|
||||
{
|
||||
catch (CoreCannotSaveObjectException $e) {
|
||||
}
|
||||
}
|
||||
|
||||
public static $aClasses = array(
|
||||
'FunctionalCI' => array('class' => 'FunctionalCI', 'attcode' => 'name'),
|
||||
'URP_UserProfile' => array('class' => 'URP_UserProfile', 'attcode' => 'reason'),
|
||||
'UserLocal' => array('class' => 'UserLocal', 'attcode' => 'login'),
|
||||
'UserRequest' => array('class' => 'UserRequest', 'attcode' => 'title'),
|
||||
'ModuleInstallation' => array('class' => 'ModuleInstallation', 'attcode' => 'name'),
|
||||
);
|
||||
public static $aClasses = [
|
||||
'FunctionalCI' => ['class' => 'FunctionalCI', 'attcode' => 'name'],
|
||||
'URP_UserProfile' => ['class' => 'URP_UserProfile', 'attcode' => 'reason'],
|
||||
'UserLocal' => ['class' => 'UserLocal', 'attcode' => 'login'],
|
||||
'UserRequest' => ['class' => 'UserRequest', 'attcode' => 'title'],
|
||||
'ModuleInstallation' => ['class' => 'ModuleInstallation', 'attcode' => 'name'],
|
||||
];
|
||||
|
||||
|
||||
public function testIsLoggedIn()
|
||||
@@ -67,78 +69,92 @@ class UserRightsTest extends ItopDataTestCase
|
||||
|
||||
/**
|
||||
* Test Login validation
|
||||
*
|
||||
* @dataProvider LoginProvider
|
||||
*
|
||||
* @param $sLogin
|
||||
* @param $bResult
|
||||
*
|
||||
* @throws \DictExceptionUnknownLanguage
|
||||
* @throws \OQLException
|
||||
*/
|
||||
public function testLogin($sLogin, $bResult)
|
||||
{
|
||||
$_SESSION = array();
|
||||
$_SESSION = [];
|
||||
$this->assertEquals($bResult, UserRights::Login($sLogin));
|
||||
$this->assertEquals($bResult, UserRights::IsLoggedIn());
|
||||
}
|
||||
|
||||
public function LoginProvider()
|
||||
public function LoginProvider(): array
|
||||
{
|
||||
return array(
|
||||
array('admin', true),
|
||||
array('NotALoginForUnitTests', false),
|
||||
array('', false),
|
||||
);
|
||||
return [
|
||||
['admin', true],
|
||||
['NotALoginForUnitTests', false],
|
||||
['', false],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $sLogin
|
||||
* @param int $iProfileId initial profile
|
||||
*
|
||||
* @return \DBObject
|
||||
* @throws \CoreException
|
||||
* @throws \Exception
|
||||
*/
|
||||
protected function AddUser($sLogin, $iProfileId)
|
||||
protected function AddUser(string $sLogin, int $iProfileId): DBObject
|
||||
{
|
||||
$oUser = self::CreateUser('test1', $iProfileId);
|
||||
$oUser = self::CreateUser($sLogin, $iProfileId);
|
||||
$oUser->DBUpdate();
|
||||
|
||||
return $oUser;
|
||||
}
|
||||
|
||||
/** Test IsActionAllowed when not logged => always true
|
||||
*
|
||||
* @dataProvider ActionAllowedNotLoggedProvider
|
||||
*
|
||||
* @param $aClassAction
|
||||
*
|
||||
* @throws \CoreException
|
||||
*/
|
||||
public function testIsActionAllowedNotLogged($aClassAction)
|
||||
{
|
||||
$bRes = (UserRights::IsActionAllowed($aClassAction['class'], $aClassAction['action'])) ? true : false;
|
||||
$bRes = UserRights::IsActionAllowed($aClassAction['class'], $aClassAction['action']) == UR_ALLOWED_YES;
|
||||
$this->assertEquals(true, $bRes);
|
||||
}
|
||||
|
||||
public function ActionAllowedNotLoggedProvider()
|
||||
public function ActionAllowedNotLoggedProvider(): array
|
||||
{
|
||||
$aClassActions = array();
|
||||
$aClassActions = [];
|
||||
|
||||
foreach(array_keys(self::$aClasses) as $sClass)
|
||||
{
|
||||
for ($i = 1; $i < 8; $i++)
|
||||
{
|
||||
$aClassAction = array('class' => $sClass, 'action' => $i);
|
||||
$aClassActions[] = array($aClassAction);
|
||||
foreach (array_keys(self::$aClasses) as $sClass) {
|
||||
for ($i = 1; $i < 8; $i++) {
|
||||
$aClassAction = ['class' => $sClass, 'action' => $i];
|
||||
$aClassActions[] = [$aClassAction];
|
||||
}
|
||||
}
|
||||
|
||||
return $aClassActions;
|
||||
}
|
||||
|
||||
/** Test IsActionAllowed
|
||||
*
|
||||
* @dataProvider ActionAllowedProvider
|
||||
* @param $iProfileId
|
||||
* @param $aClassActionResult
|
||||
*
|
||||
* @param int $iProfileId
|
||||
* @param array $aClassActionResult
|
||||
*
|
||||
* @throws \CoreException
|
||||
* @throws \Exception
|
||||
* @throws \DictExceptionUnknownLanguage
|
||||
* @throws \OQLException
|
||||
*/
|
||||
public function _testIsActionAllowed($iProfileId, $aClassActionResult)
|
||||
public function testIsActionAllowed(int $iProfileId, array $aClassActionResult)
|
||||
{
|
||||
$this->AddUser('test1', $iProfileId);
|
||||
$_SESSION = array();
|
||||
$this->assertTrue(UserRights::Login('test1'));
|
||||
$bRes = (UserRights::IsActionAllowed($aClassActionResult['class'], $aClassActionResult['action'])) ? true : false;
|
||||
$bRes = UserRights::IsActionAllowed($aClassActionResult['class'], $aClassActionResult['action']) == UR_ALLOWED_YES;
|
||||
$this->assertEquals($aClassActionResult['res'], $bRes);
|
||||
}
|
||||
|
||||
@@ -150,69 +166,73 @@ class UserRightsTest extends ItopDataTestCase
|
||||
* ModuleInstallation => core view_in_gui
|
||||
*
|
||||
*/
|
||||
public function ActionAllowedProvider()
|
||||
public function ActionAllowedProvider(): array
|
||||
{
|
||||
return array(
|
||||
return [
|
||||
/* Administrator (7 = UR_ACTION_CREATE) */
|
||||
'Administrator FunctionalCI write' => array(1 , array('class' => 'FunctionalCI', 'action' => 7, 'res' => true)),
|
||||
'Administrator UserRequest write' => array(1 , array('class' => 'UserRequest', 'action' => 7, 'res' => true)),
|
||||
'Administrator URP_UserProfile write' => array(1 , array('class' => 'URP_UserProfile', 'action' => 7, 'res' => true)),
|
||||
'Administrator UserLocal write' => array(1 , array('class' => 'UserLocal', 'action' => 7, 'res' => true)),
|
||||
'Administrator ModuleInstallation write' => array(1 , array('class' => 'ModuleInstallation', 'action' => 7, 'res' => true)),
|
||||
'Administrator FunctionalCI write' => [1, ['class' => 'FunctionalCI', 'action' => 7, 'res' => true]],
|
||||
'Administrator UserRequest write' => [1, ['class' => 'UserRequest', 'action' => 7, 'res' => true]],
|
||||
'Administrator URP_UserProfile write' => [1, ['class' => 'URP_UserProfile', 'action' => 7, 'res' => true]],
|
||||
'Administrator UserLocal write' => [1, ['class' => 'UserLocal', 'action' => 7, 'res' => true]],
|
||||
'Administrator ModuleInstallation write' => [1, ['class' => 'ModuleInstallation', 'action' => 7, 'res' => true]],
|
||||
|
||||
/* User Portal (7 = UR_ACTION_CREATE) */
|
||||
'User Portal FunctionalCI write' => array(2 , array('class' => 'FunctionalCI', 'action' => 7, 'res' => false)),
|
||||
'User Portal UserRequest write' => array(2 , array('class' => 'UserRequest', 'action' => 7, 'res' => true)),
|
||||
'User Portal URP_UserProfile write' => array(2 , array('class' => 'URP_UserProfile', 'action' => 7, 'res' => false)),
|
||||
'User Portal UserLocal write' => array(2 , array('class' => 'UserLocal', 'action' => 7, 'res' => false)),
|
||||
'User Portal ModuleInstallation write' => array(2 , array('class' => 'ModuleInstallation', 'action' => 7, 'res' => false)),
|
||||
'User Portal FunctionalCI write' => [2, ['class' => 'FunctionalCI', 'action' => 7, 'res' => false]],
|
||||
'User Portal UserRequest write' => [2, ['class' => 'UserRequest', 'action' => 7, 'res' => true]],
|
||||
'User Portal URP_UserProfile write' => [2, ['class' => 'URP_UserProfile', 'action' => 7, 'res' => false]],
|
||||
'User Portal UserLocal write' => [2, ['class' => 'UserLocal', 'action' => 7, 'res' => false]],
|
||||
'User Portal ModuleInstallation write' => [2, ['class' => 'ModuleInstallation', 'action' => 7, 'res' => false]],
|
||||
|
||||
/* Configuration manager (7 = UR_ACTION_CREATE) */
|
||||
'Configuration manager FunctionalCI write' => array(3 , array('class' => 'FunctionalCI', 'action' => 7, 'res' => true)),
|
||||
'Configuration manager UserRequest write' => array(3 , array('class' => 'UserRequest', 'action' => 7, 'res' => false)),
|
||||
'Configuration manager URP_UserProfile write' => array(3 , array('class' => 'URP_UserProfile', 'action' => 7, 'res' => false)),
|
||||
'Configuration manager UserLocal write' => array(3 , array('class' => 'UserLocal', 'action' => 7, 'res' => false)),
|
||||
'Configuration manager ModuleInstallation write' => array(3 , array('class' => 'ModuleInstallation', 'action' => 7, 'res' => false)),
|
||||
'Configuration manager FunctionalCI write' => [3, ['class' => 'FunctionalCI', 'action' => 7, 'res' => true]],
|
||||
'Configuration manager UserRequest write' => [3, ['class' => 'UserRequest', 'action' => 7, 'res' => false]],
|
||||
'Configuration manager URP_UserProfile write' => [3, ['class' => 'URP_UserProfile', 'action' => 7, 'res' => false]],
|
||||
'Configuration manager UserLocal write' => [3, ['class' => 'UserLocal', 'action' => 7, 'res' => false]],
|
||||
'Configuration manager ModuleInstallation write' => [3, ['class' => 'ModuleInstallation', 'action' => 7, 'res' => false]],
|
||||
|
||||
/* Administrator (1 = UR_ACTION_READ) */
|
||||
'Administrator FunctionalCI read' => array(1 , array('class' => 'FunctionalCI', 'action' => 1, 'res' => true)),
|
||||
'Administrator UserRequest read' => array(1 , array('class' => 'UserRequest', 'action' => 1, 'res' => true)),
|
||||
'Administrator URP_UserProfile read' => array(1 , array('class' => 'URP_UserProfile', 'action' => 1, 'res' => true)),
|
||||
'Administrator UserLocal read' => array(1 , array('class' => 'UserLocal', 'action' => 1, 'res' => true)),
|
||||
'Administrator ModuleInstallation read' => array(1 , array('class' => 'ModuleInstallation', 'action' => 1, 'res' => true)),
|
||||
'Administrator FunctionalCI read' => [1, ['class' => 'FunctionalCI', 'action' => 1, 'res' => true]],
|
||||
'Administrator UserRequest read' => [1, ['class' => 'UserRequest', 'action' => 1, 'res' => true]],
|
||||
'Administrator URP_UserProfile read' => [1, ['class' => 'URP_UserProfile', 'action' => 1, 'res' => true]],
|
||||
'Administrator UserLocal read' => [1, ['class' => 'UserLocal', 'action' => 1, 'res' => true]],
|
||||
'Administrator ModuleInstallation read' => [1, ['class' => 'ModuleInstallation', 'action' => 1, 'res' => true]],
|
||||
|
||||
/* User Portal (1 = UR_ACTION_READ) */
|
||||
'User Portal FunctionalCI read' => array(2 , array('class' => 'FunctionalCI', 'action' => 1, 'res' => true)),
|
||||
'User Portal UserRequest read' => array(2 , array('class' => 'UserRequest', 'action' => 1, 'res' => true)),
|
||||
'User Portal URP_UserProfile read' => array(2 , array('class' => 'URP_UserProfile', 'action' => 1, 'res' => false)),
|
||||
'User Portal UserLocal read' => array(2 , array('class' => 'UserLocal', 'action' => 1, 'res' => false)),
|
||||
'User Portal ModuleInstallation read' => array(2 , array('class' => 'ModuleInstallation', 'action' => 1, 'res' => true)),
|
||||
'User Portal FunctionalCI read' => [2, ['class' => 'FunctionalCI', 'action' => 1, 'res' => true]],
|
||||
'User Portal UserRequest read' => [2, ['class' => 'UserRequest', 'action' => 1, 'res' => true]],
|
||||
'User Portal URP_UserProfile read' => [2, ['class' => 'URP_UserProfile', 'action' => 1, 'res' => false]],
|
||||
'User Portal UserLocal read' => [2, ['class' => 'UserLocal', 'action' => 1, 'res' => false]],
|
||||
'User Portal ModuleInstallation read' => [2, ['class' => 'ModuleInstallation', 'action' => 1, 'res' => true]],
|
||||
|
||||
/* Configuration manager (1 = UR_ACTION_READ) */
|
||||
'Configuration manager FunctionalCI read' => array(3 , array('class' => 'FunctionalCI', 'action' => 1, 'res' => true)),
|
||||
'Configuration manager UserRequest read' => array(3 , array('class' => 'UserRequest', 'action' => 1, 'res' => true)),
|
||||
'Configuration manager URP_UserProfile read' => array(3 , array('class' => 'URP_UserProfile', 'action' => 1, 'res' => false)),
|
||||
'Configuration manager UserLocal read' => array(3 , array('class' => 'UserLocal', 'action' => 1, 'res' => false)),
|
||||
'Configuration manager ModuleInstallation read' =>array(3 , array('class' => 'ModuleInstallation', 'action' => 1, 'res' => true)),
|
||||
);
|
||||
'Configuration manager FunctionalCI read' => [3, ['class' => 'FunctionalCI', 'action' => 1, 'res' => true]],
|
||||
'Configuration manager UserRequest read' => [3, ['class' => 'UserRequest', 'action' => 1, 'res' => true]],
|
||||
'Configuration manager URP_UserProfile read' => [3, ['class' => 'URP_UserProfile', 'action' => 1, 'res' => false]],
|
||||
'Configuration manager UserLocal read' => [3, ['class' => 'UserLocal', 'action' => 1, 'res' => false]],
|
||||
'Configuration manager ModuleInstallation read' => [3, ['class' => 'ModuleInstallation', 'action' => 1, 'res' => true]],
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
/** Test IsActionAllowedOnAttribute
|
||||
*
|
||||
* @dataProvider ActionAllowedOnAttributeProvider
|
||||
* @param $iProfileId
|
||||
* @param $aClassActionResult
|
||||
* @throws \Exception
|
||||
*
|
||||
* @param int $iProfileId
|
||||
* @param array $aClassActionResult
|
||||
*
|
||||
* @throws \CoreException
|
||||
* @throws \DictExceptionUnknownLanguage
|
||||
* @throws \OQLException
|
||||
*/
|
||||
public function testIsActionAllowedOnAttribute($iProfileId, $aClassActionResult)
|
||||
public function testIsActionAllowedOnAttribute(int $iProfileId, array $aClassActionResult)
|
||||
{
|
||||
$this->AddUser('test1', $iProfileId);
|
||||
$_SESSION = array();
|
||||
$_SESSION = [];
|
||||
$this->assertTrue(UserRights::Login('test1'));
|
||||
$sClass = $aClassActionResult['class'];
|
||||
$bRes = (UserRights::IsActionAllowedOnAttribute($sClass, self::$aClasses[$sClass]['attcode'], $aClassActionResult['action'])) ? true : false;
|
||||
$bRes = UserRights::IsActionAllowedOnAttribute($sClass, self::$aClasses[$sClass]['attcode'], $aClassActionResult['action']) == UR_ALLOWED_YES;
|
||||
$this->assertEquals($aClassActionResult['res'], $bRes);
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -223,31 +243,29 @@ class UserRightsTest extends ItopDataTestCase
|
||||
* ModuleInstallation => core view_in_gui
|
||||
*
|
||||
*/
|
||||
public function ActionAllowedOnAttributeProvider()
|
||||
public function ActionAllowedOnAttributeProvider(): array
|
||||
{
|
||||
$aClassActionResult = array(
|
||||
return [
|
||||
/* Administrator (2 = UR_ACTION_MODIFY) */
|
||||
'Administrator FunctionalCI' => array(1 , array('class' => 'FunctionalCI', 'action' => 2, 'res' => true)),
|
||||
'Administrator UserRequest' => array(1 , array('class' => 'UserRequest', 'action' => 2, 'res' => true)),
|
||||
'Administrator URP_UserProfile' => array(1 , array('class' => 'URP_UserProfile', 'action' => 2, 'res' => true)),
|
||||
'Administrator UserLocal' => array(1 , array('class' => 'UserLocal', 'action' => 2, 'res' => true)),
|
||||
'Administrator ModuleInstallation' => array(1 , array('class' => 'ModuleInstallation', 'action' => 2, 'res' => true)),
|
||||
'Administrator FunctionalCI' => [1, ['class' => 'FunctionalCI', 'action' => 2, 'res' => true]],
|
||||
'Administrator UserRequest' => [1, ['class' => 'UserRequest', 'action' => 2, 'res' => true]],
|
||||
'Administrator URP_UserProfile' => [1, ['class' => 'URP_UserProfile', 'action' => 2, 'res' => true]],
|
||||
'Administrator UserLocal' => [1, ['class' => 'UserLocal', 'action' => 2, 'res' => true]],
|
||||
'Administrator ModuleInstallation' => [1, ['class' => 'ModuleInstallation', 'action' => 2, 'res' => true]],
|
||||
|
||||
/* User Portal (2 = UR_ACTION_MODIFY) */
|
||||
'User Portal FunctionalCI' => array(2 , array('class' => 'FunctionalCI', 'action' => 2, 'res' => false)),
|
||||
'User Portal UserRequest' => array(2 , array('class' => 'UserRequest', 'action' => 2, 'res' => true)),
|
||||
'User Portal URP_UserProfile' => array(2 , array('class' => 'URP_UserProfile', 'action' => 2, 'res' => false)),
|
||||
'User Portal UserLocal' => array(2 , array('class' => 'UserLocal', 'action' => 2, 'res' => false)),
|
||||
'User Portal ModuleInstallation' => array(2 , array('class' => 'ModuleInstallation', 'action' => 2, 'res' => true)),
|
||||
'User Portal FunctionalCI' => [2, ['class' => 'FunctionalCI', 'action' => 2, 'res' => false]],
|
||||
'User Portal UserRequest' => [2, ['class' => 'UserRequest', 'action' => 2, 'res' => true]],
|
||||
'User Portal URP_UserProfile' => [2, ['class' => 'URP_UserProfile', 'action' => 2, 'res' => false]],
|
||||
'User Portal UserLocal' => [2, ['class' => 'UserLocal', 'action' => 2, 'res' => false]],
|
||||
'User Portal ModuleInstallation' => [2, ['class' => 'ModuleInstallation', 'action' => 2, 'res' => true]],
|
||||
|
||||
/* Configuration manager (2 = UR_ACTION_MODIFY) */
|
||||
'Configuration manager FunctionalCI' => array(3, array('class' => 'FunctionalCI', 'action' => 2, 'res' => true)),
|
||||
'Configuration manager UserRequest' => array(3, array('class' => 'UserRequest', 'action' => 2, 'res' => false)),
|
||||
'Configuration manager URP_UserProfile' => array(3, array('class' => 'URP_UserProfile', 'action' => 2, 'res' => false)),
|
||||
'Configuration manager UserLocal' => array(3, array('class' => 'UserLocal', 'action' => 2, 'res' => false)),
|
||||
'Configuration manager ModuleInstallation' => array(3, array('class' => 'ModuleInstallation', 'action' => 2, 'res' => true)),
|
||||
);
|
||||
|
||||
return $aClassActionResult;
|
||||
'Configuration manager FunctionalCI' => [3, ['class' => 'FunctionalCI', 'action' => 2, 'res' => true]],
|
||||
'Configuration manager UserRequest' => [3, ['class' => 'UserRequest', 'action' => 2, 'res' => false]],
|
||||
'Configuration manager URP_UserProfile' => [3, ['class' => 'URP_UserProfile', 'action' => 2, 'res' => false]],
|
||||
'Configuration manager UserLocal' => [3, ['class' => 'UserLocal', 'action' => 2, 'res' => false]],
|
||||
'Configuration manager ModuleInstallation' => [3, ['class' => 'ModuleInstallation', 'action' => 2, 'res' => true]],
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user