Skip to content

add tests for approving, denying PI membership requests #198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 25 commits into from
Apr 30, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
0fe9751
add tests for approving, denying PI membership requests
simonLeary42 Apr 22, 2025
787c166
use uids instead of objects for assertions
simonLeary42 Apr 22, 2025
244bc7e
add tests for removing group members
simonLeary42 Apr 22, 2025
92016c2
unityLDAP use its own getEntry method
simonLeary42 Apr 23, 2025
932958c
write test for PI group disband (requires changes in phpopenldaper)
simonLeary42 Apr 23, 2025
310595c
remove print debugging
simonLeary42 Apr 23, 2025
970414b
add comment
simonLeary42 Apr 23, 2025
2ace549
remove checks on write success
simonLeary42 Apr 23, 2025
4903860
add phpopenldaper as a submodule
simonLeary42 Apr 23, 2025
a1bc279
make sure github actions does recursive checkout
simonLeary42 Apr 23, 2025
93381b2
remove junk submodule
simonLeary42 Apr 23, 2025
af68f5e
update submodule
simonLeary42 Apr 23, 2025
bc05b95
phpcs:disable not needed in test/
simonLeary42 Apr 23, 2025
507fc9e
new exception type
simonLeary42 Apr 23, 2025
c8e01e1
no more delete return success
simonLeary42 Apr 23, 2025
4b80bc2
update submodule
simonLeary42 Apr 23, 2025
5f7e61d
ignore phpunit result cache
simonLeary42 Apr 23, 2025
e21f6c2
PI disbanding has been removed
simonLeary42 Apr 25, 2025
c5a9f1c
Merge branch 'main' into testing6
simonLeary42 Apr 25, 2025
33c4d86
revert redirect changes
simonLeary42 Apr 30, 2025
4171c3c
Merge branch 'main' into testing6
simonLeary42 Apr 30, 2025
2899012
Merge branch 'main' into testing6
simonLeary42 Apr 30, 2025
24af282
remove old submodule
simonLeary42 Apr 30, 2025
03b9b18
revert gitignore change
simonLeary42 Apr 30, 2025
fcadc59
revert autoload change
simonLeary42 Apr 30, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions resources/lib/UnityGroup.php
Original file line number Diff line number Diff line change
Expand Up @@ -218,8 +218,7 @@ public function denyGroup($operator = null, $send_mail = true)
// // now we delete the ldap entry
// $ldapPiGroupEntry = $this->getLDAPPiGroup();
// if ($ldapPiGroupEntry->exists()) {
// ldapPiGroupEntry->delete();

// $ldapPiGroupEntry->delete();
// $this->REDIS->removeCacheArray("sorted_groups", "", $this->getPIUID());
// foreach ($users as $user) {
// $this->REDIS->removeCacheArray($user->getUID(), "groups", $this->getPIUID());
Expand Down
12 changes: 4 additions & 8 deletions resources/lib/UnityLDAP.php
Original file line number Diff line number Diff line change
Expand Up @@ -312,28 +312,24 @@ public function getAllOrgGroups($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebh
public function getUserEntry($uid)
{
$uid = ldap_escape($uid, LDAP_ESCAPE_DN);
$ldap_entry = new LDAPEntry($this->getConn(), unityLDAP::RDN . "=$uid," . $this->STR_USEROU);
return $ldap_entry;
return $this->getEntry(unityLDAP::RDN . "=$uid," . $this->STR_USEROU);
}

public function getGroupEntry($gid)
{
$uid = ldap_escape($gid, LDAP_ESCAPE_DN);
$ldap_entry = new LDAPEntry($this->getConn(), unityLDAP::RDN . "=$gid," . $this->STR_GROUPOU);
return $ldap_entry;
return $this->getEntry(unityLDAP::RDN . "=$gid," . $this->STR_GROUPOU);
}

public function getPIGroupEntry($gid)
{
$uid = ldap_escape($gid, LDAP_ESCAPE_DN);
$ldap_entry = new LDAPEntry($this->getConn(), unityLDAP::RDN . "=$gid," . $this->STR_PIGROUPOU);
return $ldap_entry;
return $this->getEntry(unityLDAP::RDN . "=$gid," . $this->STR_PIGROUPOU);
}

public function getOrgGroupEntry($gid)
{
$uid = ldap_escape($gid, LDAP_ESCAPE_DN);
$ldap_entry = new LDAPEntry($this->getConn(), unityLDAP::RDN . "=$gid," . $this->STR_ORGGROUPOU);
return $ldap_entry;
return $this->getEntry(unityLDAP::RDN . "=$gid," . $this->STR_ORGGROUPOU);
}
}
2 changes: 0 additions & 2 deletions test/functional/LoginShellSetTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,7 @@ public function tearDown(): void
public static function getShells()
{
global $HTTP_HEADER_TEST_INPUTS;
// phpcs:disable
return [["/bin/bash"]] + array_map(function($x){return [$x];}, $HTTP_HEADER_TEST_INPUTS);
// phpcs:enable
}

private function isShellValid(string $shell)
Expand Down
74 changes: 74 additions & 0 deletions test/functional/PiMemberApproveTest.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
<?php

use PHPUnit\Framework\TestCase;
use PHPUnit\Framework\Attributes\DataProvider;
use UnityWebPortal\lib\UnityUser;

class PiMemberApproveTest extends TestCase {
static $requestUid;
static $noRequestUid;

public static function setUpBeforeClass(): void{
global $USER;
switchUser(...getNormalUser());
self::$requestUid = $USER->getUID();
switchUser(...getNormalUser2());
self::$noRequestUid = $USER->getUID();
}

private function approveUser(string $uid)
{
post(
__DIR__ . "/../../webroot/panel/pi.php",
["form_type" => "userReq", "action" => "approve", "uid" => $uid]
);
}

public function testApproveRequest()
{
global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
$pi = $USER;
$piGroup = $USER->getPIGroup();
$this->assertTrue($piGroup->exists());
$this->assertEquals([$pi->getUID()], $piGroup->getGroupMemberUIDs());
$this->assertEmpty($piGroup->getRequests());
$requestedUser = new UnityUser(self::$requestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
try {
$piGroup->newUserRequest($requestedUser);
$this->assertFalse($piGroup->userExists($requestedUser));

$piGroup->approveUser($requestedUser);
$this->assertEmpty($piGroup->getRequests());

$this->assertEquals([$pi->getUID(), self::$requestUid], $piGroup->getGroupMemberUIDs());
$this->assertTrue($piGroup->userExists($requestedUser));
} finally {
$piGroup->removeUser($requestedUser);
$SQL->removeRequest(self::$requestUid, $piGroup->getPIUID());
}
}

public function testApproveNonexistentRequest()
{
global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
$pi = $USER;
$piGroup = $USER->getPIGroup();
$this->assertTrue($piGroup->exists());
$this->assertEquals([$pi->getUID()], $piGroup->getGroupMemberUIDs());
$this->assertEmpty($piGroup->getRequests());

$notRequestedUser = new UnityUser(self::$noRequestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
$this->assertFalse($piGroup->userExists($notRequestedUser));
$this->assertEmpty($piGroup->getRequests());

try {
$piGroup->approveUser($notRequestedUser);
$this->assertEquals([$pi->getUID()], $piGroup->getGroupMemberUIDs());
$this->assertFalse($piGroup->userExists($notRequestedUser));
} finally {
$piGroup->removeUser($notRequestedUser);
}
}
}
46 changes: 46 additions & 0 deletions test/functional/PiMemberDenyTest.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
<?php

use PHPUnit\Framework\TestCase;
use PHPUnit\Framework\Attributes\DataProvider;
use UnityWebPortal\lib\UnityUser;

class PiMemberDenyTest extends TestCase {
static $requestUid;

public static function setUpBeforeClass(): void{
global $USER;
switchUser(...getNormalUser());
self::$requestUid = $USER->getUID();
}

private function denyUser(string $uid)
{
post(
__DIR__ . "/../../webroot/panel/pi.php",
["form_type" => "userReq", "action" => "approve", "uid" => $uid]
);
}

public function testDenyRequest()
{
global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
$pi = $USER;
$piGroup = $USER->getPIGroup();
$this->assertTrue($piGroup->exists());
$this->assertEquals([$pi->getUID()], $piGroup->getGroupMemberUIDs());
$this->assertEmpty($piGroup->getRequests());
$requestedUser = new UnityUser(self::$requestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
try {
$piGroup->newUserRequest($requestedUser);
$this->assertFalse($piGroup->userExists($requestedUser));

$piGroup->denyUser($requestedUser);
$this->assertEmpty($piGroup->getRequests());
$this->assertEquals([$pi->getUID()], $piGroup->getGroupMemberUIDs());
$this->assertFalse($piGroup->userExists($requestedUser));
} finally {
$SQL->removeRequest(self::$requestUid, $piGroup->getPIUID());
}
}
}
68 changes: 68 additions & 0 deletions test/functional/PiRemoveUserTest.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
<?php

use PHPUnit\Framework\TestCase;
use PHPUnit\Framework\Attributes\DataProvider;
use UnityWebPortal\lib\UnityUser;

class PiRemoveUserTest extends TestCase {
private function removeUser(string $uid)
{
post(
__DIR__ . "/../../webroot/panel/pi.php",
["form_name" => "remUser", "uid" => $uid]
);
}

public function testRemoveUser()
{
global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
switchUser(...getUserIsPIHasAtLeastOneMember());
$pi = $USER;
$piUid = $USER->getUID();
$piGroup = $USER->getPIGroup();
$this->assertTrue($piGroup->exists());
$memberUIDs = $piGroup->getGroupMemberUIDs();
// the 0th member of the PI group is the PI
$this->assertGreaterThan(1, count($memberUIDs));
// the ordering of the uids in getGroupMemberUIDs is different each time
// use a linear search to find a user who is not the PI
$memberToDelete = null;
foreach ($memberUIDs as $uid) {
if ($uid != $piUid) {
$memberToDelete = new UnityUser($uid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
break;
}
}
$this->assertNotEquals($pi->getUID(), $memberToDelete->getUID());
$this->assertTrue($piGroup->userExists($memberToDelete));
try {
$this->removeUser($memberToDelete->getUID());
$this->assertFalse($piGroup->userExists($memberToDelete));
} finally {
if (!$piGroup->userExists($memberToDelete)) {
$piGroup->newUserRequest($memberToDelete);
$piGroup->approveUser($memberToDelete);
}
}
}

public function testRemovePIFromTheirOwnGroup()
{
global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
switchUser(...getUserIsPIHasAtLeastOneMember());
$pi = $USER;
$piGroup = $USER->getPIGroup();
$this->assertTrue($piGroup->exists());
$this->assertTrue($piGroup->userExists($pi));
$this->expectException(Exception::class);
try {
$this->removeUser($pi->getUID());
$this->assertTrue($piGroup->userExists($pi));
} finally {
if (!$piGroup->userExists($pi)) {
$piGroup->newUserRequest($pi);
$piGroup->approveUser($pi);
}
}
}
}
15 changes: 15 additions & 0 deletions test/phpunit-bootstrap.php
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,11 @@ function getNormalUser()
return ["[email protected]", "foo", "bar", "[email protected]"];
}

function getNormalUser2()
{
return ["[email protected]", "foo", "bar", "[email protected]"];
}

function getUserHasNotRequestedAccountDeletionHasGroup()
{
return ["[email protected]", "foo", "bar", "[email protected]"];
Expand Down Expand Up @@ -136,6 +141,16 @@ function getUserWithOneKey()
return ["[email protected]", "foo", "bar", "[email protected]"];
}

function getUserIsPIHasNoMembersNoMemberRequests()
{
return ["[email protected]", "foo", "bar", "[email protected]"];
}

function getUserIsPIHasAtLeastOneMember()
{
return ["[email protected]", "foo", "bar", "[email protected]"];
}

function getNonExistentUser()
{
return ["[email protected]", "foo", "bar", "[email protected]"];
Expand Down
2 changes: 0 additions & 2 deletions test/unit/AjaxSshValidateTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,7 @@ public static function providerTestSshValidate()
// sanity check only, see UnitySiteTest for more comprehensive test cases
return [
[false, "foobar"],
// phpcs:disable
[true, "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+XqO25MUB9x/pS04I3JQ7rMGboWyGXh0GUzkOrTi7a"],
// phpcs:enable
];
}

Expand Down
2 changes: 0 additions & 2 deletions test/unit/UnityGithubTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,7 @@ public static function providerTestGetGithubKeys()
# user with no keys
["sheldor1510", []],
# user with 1 key
//phpcs:disable
["simonLeary42", ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGRl6JWPj+Gq2Lz9GjYdUl4/unLoFOyfgeiII1CxutpabPByRJbeuonR0zTpn51tZeYuAUOJBOeKt+Lj4i4UDGl6igpdXXSwkBXl7jxfRPwJ6WuTkDx7Z8ynwnqlDV2q089q4OX/b/uuHgsIhIBwrouKsRQaZIqTbwNMfiqQ2zl14V0KMrTPzOiwR6Q+hqSaR5Z29WKE7ff/OWzSC3/0T6avCmcCbQaRPJdVM+QC17B0vl8FzPwRjorMngwZ0cImdQ/0Ww1d12YAL7UWp1c2egfnthKP3MuQZnNF8ixsAk1eIIwTRdiI87BOoorW8NXhxXmhyheRCsFwyP4LJBqyUVoZJ0UYyk0AO4G9EStnfpiz8YXGK+M1G4tUrWgzs1cdjlHtgCWUmITtgabnYCC4141m7n4GZTk2H/lSrJcvAs3JEiwLTj1lzeGgzeSsz/XKsnOJyzjEVr2Jp3iT+J9PbQpfS0SxTCIGgxMqllovv79pfsF/zc+vaxqSShyHW7oyn7hLMHM60LO/IIX1RWGL3rD9ecXx2pXXQ1RhIkVteIi13XkFt+KW00cstFlAd3EHCoY/XorShd2jeID7tpnYlmNfotYUs6IKefvpNC0PWkh5UXFEv3SUfw4Wd8O0DiHfhkrhxn1W/GajqSIlZ5DKgPzFg8EHexv8lSa7WJg0H3YQ=="]]
//phpcs:enable
];
}

Expand Down
7 changes: 6 additions & 1 deletion tools/docker-dev/sql/bootstrap-users.sql
Original file line number Diff line number Diff line change
@@ -1 +1,6 @@
INSERT INTO `account_deletion_requests` (`id`, `timestamp`, `uid`) VALUES (1, '1970-01-01 00:00:01', 'user4_org1_test');
INSERT INTO `account_deletion_requests` (`id`, `timestamp`, `uid`) VALUES
(1, '1970-01-01 00:00:01', 'user4_org1_test');

-- INSERT INTO `requests` (`id`, `request_for`, `uid`, `timestamp`) VALUES
-- (1, 'pi_user1_org1_test', 'user6_org1_test', '1970-01-01 00:00:01'),
-- (2, 'pi_user1_org1_test', 'user7_org1_test', '1970-01-01 00:00:01');
Loading