Update js/forms-json-utils.js

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

core/config.class.inc.php

@@ -1746,11 +1746,11 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
-		'security.disable_exec_forced_login_for_all_enpoints' => [
+		'security.force_login_when_no_delegated_authentication_endpoints_list' => [
 			'type'                => 'bool',
-			'description'         => 'If true, when no delegated authentication module is defined, no login will be forced on modules exec endpoints',
-			'default'             => true,
-			'value'               => true,
+			'description'         => 'If true, when no execution policy is defined, the user will be forced to log in (instead of being automatically logged in with the default profile)',
+			'default'             => false,
+			'value'               => false,
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],

css/backoffice/components/_search-form.scss

@@ -21,8 +21,6 @@ $ibo-search-form-panel--more-criteria--color: $ibo-color-blue-grey-800 !default;
 $ibo-search-form-panel--more-criteria--background-color: $ibo-color-white-100 !default;
 $ibo-search-form-panel--more-criteria--icon--color: $ibo-color-primary-600 !default;
 $ibo-search-form-panel--more-criteria--border-color: $ibo-search-form-panel--criteria--border-color !default;
-// calc is redundant but avoid SCSS min() from being used instead of CSS min()
-$ibo-search-form-panel--criteria--max-height: calc(min(#{$ibo-size-750}, 50vh)) !default;
 
 $ibo-search-form-panel--items--hover--color: $ibo-color-grey-200 !default;
 
@@ -280,10 +278,9 @@ $ibo-search-results-area--datatable-scrollhead--border--is-sticking: $ibo-search
 				}
 
 				.sfc_form_group {
-                  display: flex;
-                  flex-direction: column;
-                  margin-top: -1px;
-                  z-index: -1;
+          display: block;
+          margin-top: -1px;
+          z-index: -1;
         }
 			}
 
@@ -349,15 +346,11 @@ $ibo-search-results-area--datatable-scrollhead--border--is-sticking: $ibo-search
         display: none;
         max-width: 450px;
         width: max-content;
-        max-height: $ibo-search-form-panel--criteria--max-height;
+        max-height: 520px;
         overflow-x: auto;
         overflow-y: hidden;
 
 				.sfc_fg_operators {
-                    display: flex;
-                    flex-direction: column;
-                    overflow: auto;
-                    min-height: 0;
 					font-size: 12px;
 
 					.sfc_fg_operator {
@@ -394,9 +387,6 @@ $ibo-search-results-area--datatable-scrollhead--border--is-sticking: $ibo-search
 						}
 
 						.sfc_opc_multichoices {
-                            display: flex;
-                            flex-direction: column;
-                            height: 100%;
 							label > input {
 								vertical-align: text-top;
 								margin-left: $ibo-spacing-0;
@@ -408,6 +398,7 @@ $ibo-search-results-area--datatable-scrollhead--border--is-sticking: $ibo-search
 							}
 
 							.sfc_opc_mc_items_wrapper {
+								max-height: 415px; /* Must be less than .sfc_form_group:max-height - .sfc_opc_mc_toggler:height - .sfc_opc_mc_filter:height */
 								overflow-y: auto;
 								margin: $ibo-spacing-0 -8px; /* Compensate .sfc_opc_multichoices side padding so the hover style can take the full with */
 
@@ -569,14 +560,8 @@ $ibo-search-results-area--datatable-scrollhead--border--is-sticking: $ibo-search
 			&.search_form_criteria_enum {
 				.sfc_form_group {
 					.sfc_fg_operator_in {
-                        display: flex;
-                        flex-direction: column;
-                        height: 100%;
-                        min-height: 0;
 						> label {
-							display: flex;
-                            height: 100%;
-                            min-height: 0;
+							display: inline-block;
 							width: 100%;
 							line-height: initial;
 							white-space: nowrap;

datamodels/2.x/itop-hub-connector/ajax.php

@@ -279,24 +279,11 @@ try {
 			$oRuntimeEnv = new RunTimeEnvironment('production', true);
 
 			try {
+				SetupLog::Info('Move to production starts...');
 				$sAuthent = utils::ReadParam('authent', '', false, 'raw_data');
 				if (!file_exists(APPROOT.'data/hub/compile_authent') || $sAuthent !== file_get_contents(APPROOT.'data/hub/compile_authent')) {
 					throw new SecurityException(Dict::S('iTopHub:FailAuthent'));
 				}
-			} catch (Exception $e) {
-				if (file_exists(APPROOT.'data/hub/compile_authent')) {
-					unlink(APPROOT.'data/hub/compile_authent');
-				}
-				// Note: at this point, the dictionnary is not necessarily loaded
-				SetupLog::Error(get_class($e).': '.Dict::S('iTopHub:ConfigurationSafelyReverted')."\n".$e->getMessage());
-				SetupLog::Error('Debug trace: '.$e->getTraceAsString());
-				ReportError($e->getMessage(), $e->getCode());
-				break;
-			}
-
-			try {
-				SetupLog::Info('Move to production starts...');
-
 				unlink(APPROOT.'data/hub/compile_authent');
 				// Load the "production" config file to clone & update it
 				$oConfig = new Config(APPCONF.'production/'.ITOP_CONFIG_FILE);

js/forms-json-utils.js

@@ -301,88 +301,112 @@ function ValidateField(sFieldId, sPattern, bMandatory, sFormId, nullValue, origi
 	return true; // Do not stop propagation ??
 }
 
-function ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue)
+function EvaluateCKEditorValidation(oOptions)
 {
-	let oField = $('#'+sFieldId);
+	let oField = $('#'+oOptions.sFieldId);
 	if (oField.length === 0) {
 		return false;
 	}
 
-	let oCKEditor = CombodoCKEditorHandler.GetInstanceSynchronous('#'+sFieldId);
+	let oCKEditor = CombodoCKEditorHandler.GetInstanceSynchronous('#'+oOptions.sFieldId);
+	let bValid = true;
+	let sExplain = '';
+	let sTextContent;
+	let sTextOriginalContents;
 
-	var bValid;
-	var sExplain = '';
 	if (oField.prop('disabled')) {
 		bValid = true; // disabled fields are not checked
 	} else {
 		// If the CKEditor is not yet loaded, we need to wait for it to be ready
 		// but as we need this function to be synchronous, we need to call it again when the CKEditor is ready
 		if (oCKEditor === undefined){
-			CombodoCKEditorHandler.GetInstance('#'+sFieldId).then((oCKEditor) => {
-				ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue);
+			CombodoCKEditorHandler.GetInstance('#'+oOptions.sFieldId).then((oCKEditor) => {
+				oOptions.onRetry();
 			});
-			return;
+			return false;
 		}
-		let sTextContent;
-		let sFormattedContent = oCKEditor.getData();
 
-		// Get the contents without the tags
-		// Check if we have a formatted content that is HTML, otherwise we just have plain text, and we can use it directly
+		let sFormattedContent = oCKEditor.getData();
 		sTextContent = $(sFormattedContent).length > 0 ? $(sFormattedContent).text() : sFormattedContent;
 
-		if (sTextContent === '') {
+		if (sTextContent === '')
+		{
 			// No plain text, maybe there is just an image
-			let oImg = $(sFormattedContent).find("img");
-			if (oImg.length !== 0) {
+			let oImg = $(sFormattedContent).find('img');
+			if (oImg.length !== 0)
+			{
 				sTextContent = 'image';
 			}
 		}
 
-		// Get the original value without the tags
-		let oFormattedOriginalContents = (originalValue !== undefined) ? $('<div></div>').html(originalValue) : undefined;
-		let sTextOriginalContents = (oFormattedOriginalContents !== undefined) ? oFormattedOriginalContents.text() : undefined;
+		let oFormattedOriginalContents = (oOptions.sOriginalValue !== undefined) ? $('<div></div>').html(oOptions.sOriginalValue) : undefined;
+		sTextOriginalContents = (oFormattedOriginalContents !== undefined) ? oFormattedOriginalContents.text() : undefined;
 
-		if (bMandatory && (sTextContent === nullValue)) {
-			bValid = false;
-			sExplain = Dict.S('UI:ValueMustBeSet');
-		} else if ((sTextOriginalContents !== undefined) && (sTextContent === sTextOriginalContents)) {
-			bValid = false;
-			if (sTextOriginalContents === nullValue) {
-				sExplain = Dict.S('UI:ValueMustBeSet');
-			} else {
-				// Note: value change check is not working well yet as the HTML to Text conversion is not exactly the same when done from the PHP value or the CKEditor value.
-				sExplain = Dict.S('UI:ValueMustBeChanged');
-			}
-		} else {
-			bValid = true;
+		if (oOptions.validate !== undefined) {
+			let oValidation = oOptions.validate(sTextContent, sTextOriginalContents);
+			bValid = oValidation.bValid;
+			sExplain = oValidation.sExplain;
 		}
-		
-		// Put and event to check the field when the content changes, remove the event right after as we'll call this same function again, and we don't want to call the event more than once (especially not ^2 times on each call)
+
+		// Put an event to check the field when the content changes, remove the event right after as we'll call this same function again, and we don't want to call the event more than once (especially not ^2 times on each call)
 		oCKEditor.model.document.once('change:data', (event) => {
-			ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue);
+			oOptions.onChange();
 		});
 	}
-	
-	ReportFieldValidationStatus(sFieldId, sFormId, bValid, sExplain);
+
+	ReportFieldValidationStatus(oOptions.sFieldId, oOptions.sFormId, bValid, sExplain);
 	return bValid;
 }
 
+function ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue)
+{
+	return EvaluateCKEditorValidation({
+		sFieldId: sFieldId,
+		sFormId: sFormId,
+        sOriginalValue: originalValue,
+		onRetry: function() {
+			ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue);
+		},
+		onChange: function() {
+			ValidateCKEditField(sFieldId, sPattern, bMandatory, sFormId, nullValue, originalValue);
+		},
+		validate: function(sTextContent, sTextOriginalContents) {
+			var bValid;
+			var sExplain = '';
+			if (bMandatory && (sTextContent === nullValue)) {
+				bValid = false;
+				sExplain = Dict.S('UI:ValueMustBeSet');
+			} else if ((sTextOriginalContents !== undefined) && (sTextContent === sTextOriginalContents)) {
+				bValid = false;
+				if (sTextOriginalContents === nullValue) {
+					sExplain = Dict.S('UI:ValueMustBeSet');
+				} else {
+					// Note: value change check is not working well yet as the HTML to Text conversion is not exactly the same when done from the PHP value or the CKEditor value.
+					sExplain = Dict.S('UI:ValueMustBeChanged');
+				}
+			} else {
+				bValid = true;
+			}
+			return {bValid: bValid, sExplain: sExplain};
+		}
+	});
+}
 function ResetPwd(id)
 {
-	// Reset the values of the password fields
-	$('#'+id).val('*****');
-	$('#'+id+'_confirm').val('*****');
-	// And reset the flag, to tell it that the password remains unchanged
-	$('#'+id+'_changed').val(0);
-	// Visual feedback, None when it's Ok
-	$('#v_'+id).html('');
+    // Reset the values of the password fields
+    $('#'+id).val('*****');
+    $('#'+id+'_confirm').val('*****');
+    // And reset the flag, to tell it that the password remains unchanged
+    $('#'+id+'_changed').val(0);
+    // Visual feedback, None when it's Ok
+    $('#v_'+id).html('');
 }
 
 // Called whenever the content of a one way encrypted password changes
 function PasswordFieldChanged(id)
 {
-	// Set the flag, to tell that the password changed
-	$('#'+id+'_changed').val(1);
+    // Set the flag, to tell that the password changed
+    $('#'+id+'_changed').val(1);
 }
 
 // Special validation function for one way encrypted password fields
@@ -415,37 +439,48 @@ function ValidatePasswordField(id, sFormId)
 // to determine if the field is empty or not
 function ValidateCaseLogField(sFieldId, bMandatory, sFormId, nullValue, originalValue)
 {
-	var bValid = true;
-	var sExplain = '';
-	var sTextContent;
-	
-	if ($('#'+sFieldId).prop('disabled'))
-	{
-		bValid = true; // disabled fields are not checked
-	}
-	else
-	{
-		// Get the contents (with tags)
-		// Note: For CaseLog we can't retrieve the formatted contents from CKEditor (unlike in ValidateCKEditorField() method) because of the place holder.
-		sTextContent = $('#' + sFieldId).val();
-		var count = $('#'+sFieldId+'_count').val();
+	return EvaluateCKEditorValidation({
+		sFieldId: sFieldId,
+		sFormId: sFormId,
+		sOriginalValue: originalValue,
+		onRetry: function() {
+			ValidateCaseLogField(sFieldId, bMandatory, sFormId, nullValue, originalValue);
+		},
+		onChange: function() {
+			ValidateCaseLogField(sFieldId, bMandatory, sFormId, nullValue, originalValue);
+		},
+		validate: function(sTextContent, sTextOriginalContents) {
+			var bValid;
+			var sExplain = '';
+			// CaseLog is special: history count matters when deciding if the field is empty
+			var count = $('#'+sFieldId+'_count').val();
 
-		if (bMandatory && (count == 0) && (sTextContent == nullValue))
-		{
-			// No previous entry and no content typed
-			bValid = false;
-			sExplain = Dict.S('UI:ValueMustBeSet');
+			if (bMandatory && (count == 0) && (sTextContent === nullValue))
+			{
+				// No previous entry and no content typed
+				bValid = false;
+				sExplain = Dict.S('UI:ValueMustBeSet');
+			}
+			else if ((sTextOriginalContents !== undefined) && (sTextContent === sTextOriginalContents))
+			{
+				bValid = false;
+				if (sTextOriginalContents === nullValue)
+				{
+					sExplain = Dict.S('UI:ValueMustBeSet');
+				}
+				else
+				{
+					// Note: value change check is not working well yet as the HTML to Text conversion is not exactly the same when done from the PHP value or the CKEditor value.
+					sExplain = Dict.S('UI:ValueMustBeChanged');
+				}
+			}
+			else
+			{
+				bValid = true;
+			}
+			return {bValid: bValid, sExplain: sExplain};
 		}
-		else if ((originalValue != undefined) && (sTextContent == originalValue))
-		{
-			bValid = false;
-			sExplain = Dict.S('UI:ValueMustBeChanged');
-		}
-	}
-	ReportFieldValidationStatus(sFieldId, sFormId, bValid, '' /* sExplain */);
-
-	// We need to check periodically as CKEditor doesn't trigger our events. More details in UIHTMLEditorWidget::Display() @ line 92
-	setTimeout(function(){ValidateCaseLogField(sFieldId, bMandatory, sFormId, nullValue, originalValue);}, 500);
+	});
 }
 
 // Validate the inputs depending on the current setting

pages/exec.php

@@ -104,7 +104,7 @@ if ($sTargetPage === false || $sModule === 'core' || $sModule === 'dictionaries'
 $aModuleDelegatedAuthenticationEndpointsList = GetModuleDelegatedAuthenticationEndpoints($sModule);
 // If module doesn't have the delegated authentication endpoints list defined, we rely on the conf. param. to decide if we force login or not.
 if (is_null($aModuleDelegatedAuthenticationEndpointsList)) {
-	$bForceLoginWhenNoDelegatedAuthenticationEndpoints = !utils::GetConfig()->Get('security.disable_exec_forced_login_for_all_enpoints');
+	$bForceLoginWhenNoDelegatedAuthenticationEndpoints = utils::GetConfig()->Get('security.force_login_when_no_delegated_authentication_endpoints_list');
 	if ($bForceLoginWhenNoDelegatedAuthenticationEndpoints) {
 		require_once(APPROOT.'/application/startup.inc.php');
 		LoginWebPage::DoLoginEx();

sources/Application/UI/Base/Layout/ActivityPanel/ActivityPanelFactory.php

@@ -152,7 +152,6 @@ class ActivityPanelFactory
 				if (false === empty($aRelatedTriggersIDs)) {
 					// - Prepare query to retrieve events
 					$oNotifEventsSearch = DBObjectSearch::FromOQL('SELECT EN FROM EventNotification AS EN JOIN Action AS A ON EN.action_id = A.id WHERE EN.trigger_id IN (:triggers_ids) AND EN.object_id = :object_id');
-					$oNotifEventsSearch->AllowAllData();
 					$oNotifEventsSet = new DBObjectSet($oNotifEventsSearch, ['id' => false], ['triggers_ids' => $aRelatedTriggersIDs, 'object_id' => $sObjId]);
 					$oNotifEventsSet->SetLimit(MetaModel::GetConfig()->Get('max_history_length'));
 

tests/php-unit-tests/integration-tests/login-tests/LoginWebPageTest.php

@@ -26,14 +26,14 @@ class LoginWebPageTest extends ItopDataTestCase
 		$this->BackupConfiguration();
 		$sFolderPath = APPROOT.'env-production/extension-with-delegated-authentication-endpoints-list';
 		if (file_exists($sFolderPath)) {
-			$this->RecurseRmdir($sFolderPath);
+			throw new Exception("Folder $sFolderPath already exists, please remove it before running the test");
 		}
 		mkdir($sFolderPath);
 		$this->RecurseCopy(__DIR__.'/extension-with-delegated-authentication-endpoints-list', $sFolderPath);
 
 		$sFolderPath = APPROOT.'env-production/extension-without-delegated-authentication-endpoints-list';
 		if (file_exists($sFolderPath)) {
-			$this->RecurseRmdir($sFolderPath);
+			throw new Exception("Folder $sFolderPath already exists, please remove it before running the test");
 		}
 		mkdir($sFolderPath);
 		$this->RecurseCopy(__DIR__.'/extension-without-delegated-authentication-endpoints-list', $sFolderPath);
@@ -81,7 +81,8 @@ class LoginWebPageTest extends ItopDataTestCase
 
 	public function testUserCanAccessAnyFile()
 	{
-		$sUserLogin = 'user-'.uniqid();
+		// generate random login
+		$sUserLogin = 'user-'.date('YmdHis');
 		$this->CreateUser($sUserLogin, self::$aURP_Profiles['Service Desk Agent'], self::PASSWORD);
 		$this->GivenConfigFileAllowedLoginTypes(explode('|', 'form'));
 
@@ -101,7 +102,7 @@ class LoginWebPageTest extends ItopDataTestCase
 	public function testWithoutDelegatedAuthenticationEndpointsListWithForceLoginConf()
 	{
 		@chmod($this->oConfig->GetLoadedFile(), 0770);
-		$this->oConfig->Set('security.disable_exec_forced_login_for_all_enpoints', false, 'AnythingButEmptyOrUnknownValue'); // 3rd param to write file even if show_in_conf_sample is false
+		$this->oConfig->Set('security.force_login_when_no_delegated_authentication_endpoints_list', true, 'AnythingButEmptyOrUnknownValue'); // 3rd param to write file even if show_in_conf_sample is false
 		$this->oConfig->WriteToFile();
 		@chmod($this->oConfig->GetLoadedFile(), 0444);
 		$sPageContent = $this->CallItopUri(

tests/php-unit-tests/src/BaseTestCase/ItopDataTestCase.php

@@ -1470,19 +1470,4 @@ abstract class ItopDataTestCase extends ItopTestCase
 		@chmod($sConfigPath, 0440);
 		@unlink($this->sConfigTmpBackupFile);
 	}
-	protected function AddLoginModeAndSaveConfiguration(string $sLoginMode): void
-	{
-		$aAllowedLoginTypes = $this->oiTopConfig->GetAllowedLoginTypes();
-		if (!in_array($sLoginMode, $aAllowedLoginTypes)) {
-			$aAllowedLoginTypes[] = $sLoginMode;
-			$this->oiTopConfig->SetAllowedLoginTypes($aAllowedLoginTypes);
-			$this->SaveItopConfFile();
-		}
-	}
-	protected function SaveItopConfFile(): void
-	{
-		@chmod($this->oiTopConfig->GetLoadedFile(), 0770);
-		$this->oiTopConfig->WriteToFile();
-		@chmod($this->oiTopConfig->GetLoadedFile(), 0440);
-	}
 }

tests/php-unit-tests/src/BaseTestCase/ItopTestCase.php

@@ -668,7 +668,7 @@ abstract class ItopTestCase extends KernelTestCase
 		}
 
 		curl_setopt($ch, CURLOPT_URL, $sUrl);
-		curl_setopt($ch, CURLOPT_POST, $aCurlOptions[CURLOPT_POST] ?? 1);// set post data to true
+		curl_setopt($ch, CURLOPT_POST, 1);// set post data to true
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 		// Force disable of certificate check as most of dev / test env have a self-signed certificate
 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

tests/php-unit-tests/unitary-tests/pages/AjaxRenderTest.php

@@ -1,180 +0,0 @@
-<?php
-
-namespace Combodo\iTop\Test\UnitTest\Pages;
-
-use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
-use Dict;
-use UserLocal;
-use UserRequest;
-
-class AjaxRenderTest extends ItopDataTestCase
-{
-	public const USE_TRANSACTION = false;
-	public const AUTHENTICATION_PASSWORD = "tagada-Secret,007";
-
-	private static string $sLogin;
-	private static int $iTicketId;
-
-	protected function setUp(): void
-	{
-		parent::setUp();
-		$this->BackupConfiguration();
-		$this->oiTopConfig->Set('log_level_min', 'Error');
-		$this->oiTopConfig->Set('login_debug', true);
-
-		$this->CreateTestOrganization();
-
-		// Add URL authentication mode
-		$this->AddLoginModeAndSaveConfiguration('url');
-
-		// Create ticket
-		$description = date('dmY H:i:s');
-		$oTicket = $this->createObject('UserRequest', [
-			'org_id' => $this->getTestOrgId(),
-			"title" => "Houston, got a problem",
-			"description" => $description,
-		]);
-		self::$iTicketId = $oTicket->GetKey();
-	}
-
-	// Test that if a user with the right permissions tries to acquire the lock on a ticket, it succeeds and returns the correct success message
-	public function testAcquireLockSuccess(): void
-	{
-		$sOutput = $this->CreateSupportAgentUserAndAcquireLock();
-		$this->assertStringContainsString('"success":true', $sOutput);
-	}
-
-	// Test that if a user tries to acquire the lock on an object that does not exist, it fails and logs the correct error message
-	public function testAcquireLockFailsIfObjectDoesNotExist(): void
-	{
-		// Create a user with Support Agent Profile
-		$this->CreateUserWithProfile(self::$aURP_Profiles['Support Agent']);
-
-		// Try to acquire the lock on a non-existent object
-		$sOutput = $this->AcquireLockAsUser(self::$sLogin, 99999999);
-
-		// The output should indicate a fatal error because we hide the existence of the object when it does not exist or is not accessible by the user
-		$this->assertEquals(Dict::S('UI:PageTitle:FatalError'), $sOutput);
-
-		// Check that the error log contains the expected error message about the object not existing
-		$sLastErrorLogLines = $this->GetErrorLogLastLines(APPROOT.'log/error.log', 10);
-		$this->assertStringContainsString(Dict::S('UI:ObjectDoesNotExist'), $sLastErrorLogLines);
-	}
-
-	// Test that if a user tries to acquire the lock on an object for which they don't have modification rights, it fails and logs the correct error message
-	public function testAcquireLockFailsIfUserHasNoModifyRights(): void
-	{
-		// Create a user with a profile without modification rights on UserRequest
-		$this->CreateUserWithProfile(self::$aURP_Profiles['Configuration Manager']);
-
-		// Try to acquire the lock on the ticket
-		$sOutput = $this->AcquireLockAsUser(self::$sLogin, self::$iTicketId);
-
-		// The output should indicate a fatal error because we hide the existence of the object when it does not exist or is not accessible by the user
-		$this->assertEquals(Dict::S('UI:PageTitle:FatalError'), $sOutput);
-
-		// The user should not have the rights to acquire the lock, and an error should be logged
-		$sLastErrorLogLines = $this->GetErrorLogLastLines(APPROOT.'log/error.log', 10);
-		$this->assertStringContainsString(Dict::S('UI:ObjectDoesNotExist'), $sLastErrorLogLines);
-	}
-
-	// Test that if a user tries to acquire the lock on an object that belongs to another organization, it fails and logs the correct error message
-	public function testAcquireLockFailsIfObjectInOtherOrg(): void
-	{
-		// Create an organization and a ticket in this organization
-		$iOtherOrgId = $this->createObject('Organization', ['name' => 'OtherOrg'])->GetKey();
-		$oTicket = $this->createObject('UserRequest', [
-			'org_id' => $iOtherOrgId,
-			'title' => 'Ticket autre org',
-			'description' => 'Test',
-		]);
-
-		// Create a user who only has access to the main test organization
-		$oUser = $this->CreateUserWithProfile(self::$aURP_Profiles['Support Agent']);
-		$oAllowedOrgList = $oUser->Get('allowed_org_list');
-		$oUserOrg = \MetaModel::NewObject('URP_UserOrg', ['allowed_org_id' => $this->getTestOrgId()]);
-		$oAllowedOrgList->AddItem($oUserOrg);
-		$oUser->Set('allowed_org_list', $oAllowedOrgList);
-		$oUser->DBWrite();
-
-		// Try to acquire the lock on the ticket of the other organization
-		$sOutput = $this->AcquireLockAsUser(self::$sLogin, $oTicket->GetKey());
-
-		// The output should indicate a fatal error because we hide the existence of the object when it does not exist or is not accessible by the user
-		$this->assertEquals(Dict::S('UI:PageTitle:FatalError'), $sOutput);
-
-		// The user should not have access to the ticket of the other organization, so an error should be logged
-		$sLastErrorLogLines = $this->GetErrorLogLastLines(APPROOT.'log/error.log', 10);
-		$this->assertStringContainsString(Dict::S('UI:ObjectDoesNotExist'), $sLastErrorLogLines);
-	}
-
-	// Test that if a user has already acquired the lock on an object, another user cannot acquire it and gets the correct error message
-	public function testAcquireLockFailsIfAlreadyLockedByAnotherUser(): void
-	{
-		// First, acquire the lock with a user (User A)
-		$this->CreateSupportAgentUserAndAcquireLock();
-		$sUserALogin = self::$sLogin;
-
-		// Create a second user (User B) who tries to acquire the lock
-		$sOutput = $this->CreateSupportAgentUserAndAcquireLock();
-
-		// The second user should not be able to acquire the lock, and the output should contain the correct error message indicating that the object is already locked by User A
-		$this->assertStringContainsString('"success":false', $sOutput);
-		$this->assertStringContainsString('"message":"'.Dict::Format('UI:CurrentObjectIsSoftLockedBy_User', $sUserALogin).'"', $sOutput);
-	}
-
-	// Helper method to create a user with Support Agent profile and acquire the lock on the ticket
-	private function CreateSupportAgentUserAndAcquireLock(): string
-	{
-		// Create a user with Support Agent Profile
-		$this->CreateUserWithProfile(self::$aURP_Profiles['Support Agent']);
-
-		return $this->AcquireLockAsUser(self::$sLogin, self::$iTicketId);
-	}
-
-	// Helper method to create a user with a specific profile
-	private function CreateUserWithProfile(int $iProfileId): UserLocal
-	{
-		self::$sLogin = uniqid('AjaxRenderTest');
-		return $this->CreateContactlessUser(self::$sLogin, $iProfileId, self::AUTHENTICATION_PASSWORD);
-	}
-
-	// Helper method to acquire the lock on a ticket as a specific user
-	private function AcquireLockAsUser(string $sLogin, int $iTicketId): string
-	{
-		$aGetFields = [
-			'operation' => 'acquire_lock',
-			'auth_user' => $sLogin,
-			'auth_pwd'  => self::AUTHENTICATION_PASSWORD,
-			'obj_class' => UserRequest::class,
-			'obj_key'   => $iTicketId,
-		];
-
-		return $this->CallItopUri(
-			"pages/ajax.render.php?".http_build_query($aGetFields),
-			[],
-			[
-				CURLOPT_HTTPHEADER => ['X-Combodo-Ajax:1'],
-				CURLOPT_POST       => 0,
-			]
-		);
-	}
-
-	// Returns the last lines of the error log containing only errors (Error level)
-	private function GetErrorLogLastLines(string $sErrorLogPath, int $iLineNumbers = 1): string
-	{
-		if (!file_exists($sErrorLogPath)) {
-			return '';
-		}
-
-		$aLines = file($sErrorLogPath, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
-
-		// Keep only lines containing '| Error |'
-		$aErrorLines = array_filter($aLines, function ($line) {
-			return preg_match('/\|\s*Error\s*\|/', $line);
-		});
-
-		// Return the last requested lines
-		return implode("\n", array_slice($aErrorLines, -$iLineNumbers));
-	}
-}