oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix group membership by scratch variables for Visitor. Fixes bug #12195. Kudos to trex for the base patch. Also fix the same problem in the IP based group membership.

Browse source
This commit is contained in:
Colin Kuskie 2011-08-22 19:17:58 -07:00
parent 8ab2dcca05
commit e65368c7c1
4 changed files with 71 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

22
t/Group.t
View file

@ -640,15 +640,17 @@ WebGUI::Test->addToCleanup(@sessionBank);
#isInGroup test
foreach my $scratchTest (@scratchTests) {
is($scratchTest->{user}->isInGroup($gS->getId), $scratchTest->{expect}, $scratchTest->{comment});
is($scratchTest->{user}->isInGroup($gS->getId), $scratchTest->{expect}, $scratchTest->{comment});
}
WebGUI::Cache->new($session, $gS->getId)->delete(); ##Delete cached key for testing
$session->stow->delete("isInGroup");
#hasScratchUser test
foreach my $scratchTest (@scratchTests) {
is($gS->hasScratchUser($scratchTest->{user}->getId), $scratchTest->{expect}, $scratchTest->{comment}." - hasScratchUser");
foreach my $idx (0..$#scratchTests) {
my $scratchTest = $scratchTests[$idx];
my $sessionId = $sessionBank[$idx]->getId;
is($gS->hasScratchUser($scratchTest->{user}->getId, $sessionId), $scratchTest->{expect}, $scratchTest->{comment}." - hasScratchUser");
}
@ -666,7 +668,7 @@ cmp_bag(
{ ##Add scope to force cleanup
note "Checking for user Visitor session leak";
note "Checking for user Visitor session leak with scratch";
my $remoteSession = WebGUI::Test->newSession;
$remoteSession->user({userId => 1});
@ -681,13 +683,12 @@ cmp_bag(
my $localSession = WebGUI::Test->newSession;
WebGUI::Test->addToCleanup($localScratchGroup, $remoteSession, $localSession);
$localSession->user({userId => 1});
$remoteSession->scratch->set('local','ok');
$localSession->scratch->set('local','ok');
$localScratchGroup->clearCaches;
ok $localSession->user->isInGroup($localScratchGroup->getId), 'Local Visitor is in the scratch group';
$remoteSession->stow->delete('isInGroup');
$localScratchGroup->clearCaches;
ok !$remoteSession->user->isInGroup($localScratchGroup->getId), 'Remote Visitor is not in the scratch group, even though a different Visitor passed';
}
@ -710,8 +711,9 @@ foreach my $idx (0..$#ipTests) {
##Name this user for convenience
$tcps[$idx]->username("tcp$idx");
##Assign this user to this test to be fetched later
$ipTests[$idx]->{user} = $tcps[$idx];
##Assign this user and session to this test to be fetched later
$ipTests[$idx]->{user} = $tcps[$idx];
$ipTests[$idx]->{session} = $sessionBank[$idx];
}
WebGUI::Test->addToCleanup(@tcps);
WebGUI::Test->addToCleanup(@sessionBank);
@ -734,7 +736,7 @@ cmp_bag(
);
is_deeply(
[ (map { $gI->hasIpUser($_->{user}->getId) } @ipTests) ],
[ (map { $gI->hasIpUser($_->{user}->getId, $_->{session}->getId) } @ipTests) ],
[ (map { $_->{expect} } @ipTests) ],
'hasIpUsers for group with IP filter'
);
@ -745,7 +747,7 @@ foreach my $ipTest (@ipTests) {
{ ##Add scope to force cleanup
note "Checking for user Visitor session leak";
note "Checking for user Visitor session leak via IP address";
$ENV{REMOTE_ADDR} = '191.168.1.1';
my $remoteSession = WebGUI::Test->newSession;

46
t/Group/group_scratch.t
View file

@ -20,27 +20,49 @@ use WebGUI::Group;
#----------------------------------------------------------------------------
# Init
my $session = WebGUI::Test->session;
my $session1 = WebGUI::Test->session;
my $session2 = WebGUI::Session->open(WebGUI::Test::root, WebGUI::Test::file);
#----------------------------------------------------------------------------
# Tests
### Updates by DRT test that group membership is restricted by user session
### ...specifically for Visitors to have separate scratch group memberships
plan tests => 5; # Increment this number for each test you create
plan tests => 14; # Increment this number for each test you create
my $group = WebGUI::Group->new($session, 'new');
my $group = WebGUI::Group->new($session1, 'new');
WebGUI::Test->addToCleanup($group);
$group->scratchFilter("itchy=test_value");
is( $group->scratchFilter(), "itchy=test_value",'Group->scratchFilter is properly set and retrieved');
$group->groupCacheTimeout(0);
is( $group->groupCacheTimeout(), 0, 'set groupCacheTimeout to 0');
$session->user({userId => 1});
ok( !$session->user->isInGroup($group->getId), 'Visitor is NOT in the group BEFORE scratch value is set');
$session->scratch->set('itchy', 'test_value');
is ($group->hasScratchUser($session->user->getId), 1, 'Group->hasScratchUser correctly returns 1 immediately after scratch is set');
$session1->user({userId => 1});
$session2->user({userId => 1});
##Simulate another page view by clearing stow, which is volatile
$session->stow->deleteAll;
$session->scratch->delete('itchy');
is ($group->hasScratchUser($session->user->getId), 0, 'after clearing scratch, user is not in the group any longer');
### Test group membership before scratch is set
### NOTE: test hasScratchUser first, because isInGroup sets stow & cache
is ($group->hasScratchUser($session1->user->getId,$session1->user->session->getId), 0, 'Group->hasScratchUser correctly returns 0 for Visitor 1 before scratch is set');
is ($group->hasScratchUser($session2->user->getId,$session2->user->session->getId), 0, 'Group->hasScratchUser correctly returns 0 for Visitor 2 before scratch is set');
ok( !$session1->user->isInGroup($group->getId), 'user1->isInGroup correctly returns 0 before scratch is set');
ok( !$session2->user->isInGroup($group->getId), 'user2->isInGroup correctly returns 0 before scratch is set');
### Test group membership after scratch is set
### Clear stow, which is volatile, to simulate new page view
$session1->stow->deleteAll;
$session2->stow->deleteAll;
$session1->scratch->set('itchy', 'test_value');
is ($group->hasScratchUser($session1->user->getId,$session1->user->session->getId), 1, 'Group->hasScratchUser correctly returns 1 for Visitor 1 after scratch for Visitor 1 is set');
is ($group->hasScratchUser($session2->user->getId,$session2->user->session->getId), 0, 'Group->hasScratchUser correctly returns 0 for Visitor 2 after scratch for Visitor 1 is set');
ok( $session1->user->isInGroup($group->getId), 'user1->isInGroup correctly returns 1 after scratch for Visitor 1 is set');
ok( !$session2->user->isInGroup($group->getId), 'user2->isInGroup correctly returns 0 after scratch for Visitor 1 is set');
### Test group membership after scratch is deleted
### Clear stow, which is volatile, to simulate new page view
$session1->stow->deleteAll;
$session2->stow->deleteAll;
$session1->scratch->delete('itchy');
is ($group->hasScratchUser($session1->user->getId,$session1->user->session->getId), 0, 'Group->hasScratchUser for Visitor 1 correctly returns 0 after clearing scratch for Visitor 1');
is ($group->hasScratchUser($session2->user->getId,$session2->user->session->getId), 0, 'Group->hasScratchUser for Visitor 2 correctly returns 0 after clearing scratch for Visitor 1');
ok( !$session1->user->isInGroup($group->getId), 'user1->isInGroup correctly returns 0 after scratch for Visitor 1 is deleted');
ok( !$session2->user->isInGroup($group->getId), 'user2->isInGroup correctly returns 0 after scratch for Visitor 1 is deleted');