144 lines
4.6 KiB
Perl
144 lines
4.6 KiB
Perl
#-------------------------------------------------------------------
|
|
# WebGUI is Copyright 2001-2009 Plain Black Corporation.
|
|
#-------------------------------------------------------------------
|
|
# Please read the legal notices (docs/legal.txt) and the license
|
|
# (docs/license.txt) that came with this distribution before using
|
|
# this software.
|
|
#-------------------------------------------------------------------
|
|
# http://www.plainblack.com info@plainblack.com
|
|
#-------------------------------------------------------------------
|
|
|
|
# Test permissions of Photo assets
|
|
|
|
use FindBin;
|
|
use strict;
|
|
use lib "$FindBin::Bin/../../../../lib";
|
|
|
|
use WebGUI::Test;
|
|
use WebGUI::Session;
|
|
use WebGUI::Friends;
|
|
use Test::More;
|
|
use WebGUI::Test::Maker::Permission;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Init
|
|
my $session = WebGUI::Test->session;
|
|
my $node = WebGUI::Asset->getImportNode($session);
|
|
my $maker = WebGUI::Test::Maker::Permission->new;
|
|
|
|
$session->user({ userId => 3 });
|
|
my $versionTag = WebGUI::VersionTag->getWorking($session);
|
|
$versionTag->set({name=>"Photo Test, add Gallery, Album and 1 Photo"});
|
|
WebGUI::Test->addToCleanup($versionTag);
|
|
|
|
# Add a new user to the test user's friends list
|
|
my $friend = WebGUI::User->new($session, "new");
|
|
WebGUI::Test->addToCleanup($friend);
|
|
WebGUI::Friends->new($session)->add( [ $friend->userId ] );
|
|
|
|
# Add a new registered user
|
|
my $notFriend = WebGUI::User->new( $session, "new" );
|
|
WebGUI::Test->addToCleanup($notFriend);
|
|
|
|
my $gallery
|
|
= $node->addChild({
|
|
className => "WebGUI::Asset::Wobject::Gallery",
|
|
groupIdView => "2", # Registered Users
|
|
groupIdEdit => "3", # Admins
|
|
groupIdComment => "2", # Registered Users
|
|
ownerUserId => $session->user->userId,
|
|
});
|
|
|
|
my $album
|
|
= $gallery->addChild({
|
|
className => "WebGUI::Asset::Wobject::GalleryAlbum",
|
|
groupIdView => "2", # Registered Users
|
|
groupIdEdit => "3", # Admins
|
|
ownerUserId => $session->user->userId,
|
|
},
|
|
undef,
|
|
undef,
|
|
{
|
|
skipAutoCommitWorkflows => 1,
|
|
});
|
|
|
|
my $photo
|
|
= $album->addChild({
|
|
className => "WebGUI::Asset::File::GalleryFile::Photo",
|
|
friendsOnly => 0,
|
|
},
|
|
undef,
|
|
undef,
|
|
{
|
|
skipAutoCommitWorkflows => 1,
|
|
});
|
|
|
|
my $photo2 = $photo->cloneFromDb;
|
|
my $album2 = $album->cloneFromDb;
|
|
|
|
$session->stow->delete('assetRevision');
|
|
$versionTag->leaveTag;
|
|
|
|
$session->user({userId => $notFriend->userId});
|
|
note "If you get stuck here, then there is an infinite loop in getParent/getGallery";
|
|
my $album2a = WebGUI::Asset->new($session, $photo2->getId);
|
|
$session->user({userId => 1});
|
|
|
|
$versionTag->commit;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Tests
|
|
plan tests => 40;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Photo inherits view from parent Album
|
|
$maker->prepare({
|
|
object => $photo,
|
|
method => 'canView',
|
|
pass => [ '3', $friend, $notFriend ],
|
|
fail => [ '1', ],
|
|
})->run;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Photo can only be edited by owner or those who can edit the parent album
|
|
$maker->prepare({
|
|
object => $photo,
|
|
method => 'canEdit',
|
|
pass => [ '3', ],
|
|
fail => [ '1', $notFriend, $friend, ],
|
|
})->run;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Photo can be commented on by those who can view and can comment on the
|
|
# parent album and gallery.
|
|
$maker->prepare({
|
|
object => $photo,
|
|
method => 'canComment',
|
|
pass => [ '3', $friend, $notFriend ],
|
|
fail => [ '1', ],
|
|
})->run;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Photo set as friends only can only be viewed by owner's friends
|
|
$photo->update({ friendsOnly => 1, });
|
|
$maker->prepare({
|
|
object => $photo,
|
|
method => 'canView',
|
|
pass => [ '3', $friend ],
|
|
fail => [ '1', $notFriend ],
|
|
})->run;
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Photo can be commented on by those who can view and can comment on the
|
|
# parent album and gallery.
|
|
$maker->prepare({
|
|
object => $photo,
|
|
method => 'canComment',
|
|
pass => [ '3', $friend ],
|
|
fail => [ '1', $notFriend ],
|
|
})->run;
|
|
|
|
$photo->update({ friendsOnly => 0, });
|
|
|
|
#----------------------------------------------------------------------------
|
|
# Cleanup
|