From 2a0eb20bc74c07fe23dfd9e7a0ddf50d53fbc68b Mon Sep 17 00:00:00 2001 From: Colin Kuskie Date: Fri, 23 Feb 2007 23:39:35 +0000 Subject: [PATCH] Tests for the canUseAdminMode method of User.pm Uncovered and fixed a bug where $session->user instead of $self was used in canUseAdminMode Added an explicit test in Config.pm to make sure that array refs can be passed to ->set. --- lib/WebGUI/User.pm | 3 ++- t/Config.t | 10 +++++++++- t/User.t | 46 +++++++++++++++++++++++++++++++++++++++++++--- 3 files changed, 54 insertions(+), 5 deletions(-) diff --git a/lib/WebGUI/User.pm b/lib/WebGUI/User.pm index 73a438d37..6fe0a86ef 100644 --- a/lib/WebGUI/User.pm +++ b/lib/WebGUI/User.pm @@ -134,7 +134,8 @@ sub canUseAdminMode { if (scalar(@$subnets)) { $pass = WebGUI::Utility::isInSubnet($self->session->env->getIp, $subnets); } - return $pass && $self->session->user->isInGroup(12) + + return $pass && $self->isInGroup(12) } #------------------------------------------------------------------- diff --git a/t/Config.t b/t/Config.t index 65c175463..7aeec90c9 100644 --- a/t/Config.t +++ b/t/Config.t @@ -13,7 +13,8 @@ use strict; use lib "$FindBin::Bin/lib"; use WebGUI::Test; -use Test::More tests => 14; # increment this value for each test you create +use Test::More tests => 15; # increment this value for each test you create +use Test::Deep; my $config = WebGUI::Test->config; my $configFile = WebGUI::Test->file; @@ -82,3 +83,10 @@ if ($cookieName eq "") { ok($ok, "asset classes are all valid asset classes"); } + +$config->set('privateArray', ['a', 'b', 'c']); +cmp_bag($config->get('privateArray'), ['a', 'b', 'c'], 'set: array, not scalar'); + +END: { + $config->delete('privateArray'); +} diff --git a/t/User.t b/t/User.t index 3b780f3b4..6ae4db2ec 100644 --- a/t/User.t +++ b/t/User.t @@ -18,7 +18,7 @@ use WebGUI::Utility; use WebGUI::Cache; use WebGUI::User; -use Test::More tests => 84; # increment this value for each test you create +use Test::More tests => 90; # increment this value for each test you create my $session = WebGUI::Test->session; @@ -301,14 +301,54 @@ WebGUI::Group->new($session, '7')->addUsers([1]); ok($visitor->isInGroup(1), "Visitor added back to group Visitor"); ok($visitor->isInGroup(7), "Visitor added back to group Everyone"); +################################################################ +# +# canUseAdminMode +# +################################################################ + +my $dude = WebGUI::User->new($session, "new"); + +ok(!$dude->canUseAdminMode, 'canUseAdminMode: newly created users cannot'); + +$dude->addToGroups([12]); + +ok($dude->isInGroup(12), 'user successfully added to group 12'); + +ok($dude->canUseAdminMode, 'canUseAdminMode: with no subnets set, user canUseAdminMode'); + +$dude->deleteFromGroups([12]); + +##Spoof the IP address to test subnet level access control to adminMode +my $origEnvHash = $session->env->{_env}; +my %newEnv = ( REMOTE_ADDR => '192.168.0.2' ); +$session->env->{_env} = \%newEnv; +$session->config->set('adminModeSubnets', ['192.168.0.0/24']); + +ok(!$dude->isInGroup(12), 'user is not in group 12'); +ok(!$dude->canUseAdminMode, 'canUseAdminMode: just being in the subnet does not allow adminMode access'); + +$dude->addToGroups([12]); + +ok($dude->canUseAdminMode, 'canUseAdminMode: with no subnets set, user canUseAdminMode'); + +$newEnv{REMOTE_ADDR} = '10.0.0.2'; + +ok(!$dude->canUseAdminMode, 'canUseAdminMode: even with the right group permission, user must be in subnet if subnet is set'); + +##restore the original session variables +$session->env->{_env} = $origEnvHash; +$session->config->delete('adminModeSubnets'); + TODO: { local $TODO = "Untested methods"; - ok(0, 'canUseAdminMode'); ok(0, 'newByEmail'); } END { - (defined $user and ref $user eq 'WebGUI::User') and $user->delete; + (defined $user and ref $user eq 'WebGUI::User') and $user->delete; + (defined $dude and ref $dude eq 'WebGUI::User') and $dude->delete; + $session->config->delete('adminModeSubnets'); $testCache->flush; }