From 6e87d261fec27301e942460d96dfb4d7a4ef702a Mon Sep 17 00:00:00 2001 From: Torsten Dittmann Date: Fri, 8 Oct 2021 14:49:45 +0200 Subject: [PATCH 1/5] init draft of permission tests --- .../Database/DatabasePermissionsGuestTest.php | 95 ++++++++++ .../DatabasePermissionsMemberTest.php | 165 ++++++++++++++++++ .../Database/DatabasePermissionsScope.php | 84 +++++++++ 3 files changed, 344 insertions(+) create mode 100644 tests/e2e/Services/Database/DatabasePermissionsGuestTest.php create mode 100644 tests/e2e/Services/Database/DatabasePermissionsMemberTest.php create mode 100644 tests/e2e/Services/Database/DatabasePermissionsScope.php diff --git a/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php b/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php new file mode 100644 index 0000000000..706ce2b848 --- /dev/null +++ b/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php @@ -0,0 +1,95 @@ + ['role:all'], + 'write' => [] + ], + [ + 'read' => ['role:member'], + 'write' => [] + ], + [ + 'read' => ['user:random'], + 'write' => [] + ], + [ + 'read' => [], + 'write' => ['role:all'] + ], + [ + 'read' => ['role:all'], + 'write' => ['role:all'] + ], + [ + 'read' => ['role:member'], + 'write' => ['role:member'] + ], + [ + 'read' => ['role:all'], + 'write' => ['role:member'] + ] + ]; + + public function createCollection(): array + { + $movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + 'collectionId' => 'unique()', + 'name' => 'Movies', + 'read' => ['role:all'], + 'write' => ['role:all'], + 'permission' => 'document', + ]); + + $collection = ['id' => $movies['body']['$id']]; + + $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/attributes/string', $this->getServerHeader(), [ + 'attributeId' => 'title', + 'size' => 256, + 'required' => true, + ]); + + sleep(2); + + return $collection; + } + + public function testReadDocuments() + { + $collection = $this->createCollection(); + + foreach ($this->mockPermissions as $permissions) { + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $permissions['read'], + 'write' => $permissions['write'], + ]); + $this->assertEquals(201, $response['headers']['status-code']); + } + + $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collection['id'] . '/documents', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ]); + + foreach ($documents['body']['documents'] as $document) { + $this->assertContains('role:all', $document['$read']); + } + } +} diff --git a/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php b/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php new file mode 100644 index 0000000000..d9f8eb6773 --- /dev/null +++ b/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php @@ -0,0 +1,165 @@ + ['role:all'], + 'write' => [] + ], + [ + 'read' => ['role:member'], + 'write' => [] + ], + [ + 'read' => ['user:random'], + 'write' => [] + ], + [ + 'read' => ['user:lorem'], + 'write' => ['user:lorem'] + ], + [ + 'read' => ['user:dolor'], + 'write' => ['user:dolor'] + ], + [ + 'read' => ['user:dolor', 'user:lorem'], + 'write' => ['user:dolor'] + ], + [ + 'read' => [], + 'write' => ['role:all'] + ], + [ + 'read' => ['role:all'], + 'write' => ['role:all'] + ], + [ + 'read' => ['role:member'], + 'write' => ['role:member'] + ], + [ + 'read' => ['role:all'], + 'write' => ['role:member'] + ] + ]; + + public function createCollections(): array + { + $movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + 'collectionId' => 'unique()', + 'name' => 'Movies', + 'read' => ['role:all'], + 'write' => ['role:all'], + 'permission' => 'document', + ]); + + $collections = ['public' => $movies['body']['$id']]; + + $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/attributes/string', $this->getServerHeader(), [ + 'attributeId' => 'title', + 'size' => 256, + 'required' => true, + ]); + + $private = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + 'collectionId' => 'unique()', + 'name' => 'Private Movies', + 'read' => ['role:member'], + 'write' => ['role:member'], + 'permission' => 'document', + ]); + + $collections['private'] = $private['body']['$id']; + + $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/attributes/string', $this->getServerHeader(), [ + 'attributeId' => 'title', + 'size' => 256, + 'required' => true, + ]); + + sleep(2); + + return $collections; + } + + public function testReadDocuments() + { + $user1 = $this->createUser('lorem', 'lorem@ipsum.com'); + $user2 = $this->createUser('dolor', 'dolor@ipsum.com'); + + $collections = $this->createCollections(); + + foreach ($this->mockPermissions as $permissions) { + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $permissions['read'], + 'write' => $permissions['write'], + ]); + $this->assertEquals(201, $response['headers']['status-code']); + } + + foreach ($this->mockPermissions as $permissions) { + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $permissions['read'], + 'write' => $permissions['write'], + ]); + $this->assertEquals(201, $response['headers']['status-code']); + } + + /** + * Check role:all collection + */ + $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collections['public'] . '/documents', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'], + ]); + + foreach ($documents['body']['documents'] as $document) { + $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) { + return $carry ? true : \in_array($item, $document['$read']); + }, false); + $this->assertTrue($hasPermissions); + } + + /** + * Check role:member collection + */ + $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collections['private'] . '/documents', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'], + ]); + + foreach ($documents['body']['documents'] as $document) { + $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) { + return $carry ? true : \in_array($item, $document['$read']); + }, false); + $this->assertTrue($hasPermissions); + } + + + } +} diff --git a/tests/e2e/Services/Database/DatabasePermissionsScope.php b/tests/e2e/Services/Database/DatabasePermissionsScope.php new file mode 100644 index 0000000000..37ece1f252 --- /dev/null +++ b/tests/e2e/Services/Database/DatabasePermissionsScope.php @@ -0,0 +1,84 @@ +client->call(Client::METHOD_POST, '/account', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], [ + 'userId' => $id, + 'email' => $email, + 'password' => $password + ]); + + $this->assertEquals(201, $user['headers']['status-code']); + + $session = $this->client->call(Client::METHOD_POST, '/account/sessions', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], [ + 'email' => $email, + 'password' => $password, + ]); + + $session = $this->client->parseCookie((string)$session['headers']['set-cookie'])['a_session_' . $this->getProject()['$id']]; + + $user = [ + '$id' => $user['body']['$id'], + 'email' => $user['body']['email'], + 'session' => $session, + ]; + $this->users[$email] = $user; + + return $user; + } + + public function getCreatedUser(string $id): array + { + return $this->users[$id] ?? []; + } + + public function createTeam(string $id, string $name): array + { + $team = $this->client->call(Client::METHOD_POST, '/teams', $this->getServerHeader(), [ + 'teamId' => $id, + 'name' => $name + ]); + + return $team; + } + + public function addToTeam(string $user, string $team, array $roles = []): array + { + $membership = $this->client->call(Client::METHOD_POST, '/teams/' . $team . '/memberships', $this->getServerHeader(), [ + 'teamId' => $team, + 'email' => $this->getCreatedUser($user)['email'], + 'roles' => $roles, + 'url' => 'http://localhost:5000/join-us#title' + ]); + + return [ + 'user' => $membership['body']['userId'], + 'membership' => $membership['body']['$id'] + ]; + } + + public function getServerHeader(): array + { + return [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'] + ]; + } +} From ab7f2fa69c198ddfb2c6b5cf120e345265110ac4 Mon Sep 17 00:00:00 2001 From: kodumbeats Date: Tue, 12 Oct 2021 21:09:02 -0400 Subject: [PATCH 2/5] Test team/role permissions --- .../Database/DatabasePermissionsScope.php | 6 +- .../Database/DatabasePermissionsTeamTest.php | 189 ++++++++++++++++++ 2 files changed, 193 insertions(+), 2 deletions(-) create mode 100644 tests/e2e/Services/Database/DatabasePermissionsTeamTest.php diff --git a/tests/e2e/Services/Database/DatabasePermissionsScope.php b/tests/e2e/Services/Database/DatabasePermissionsScope.php index 37ece1f252..7a8c3e0186 100644 --- a/tests/e2e/Services/Database/DatabasePermissionsScope.php +++ b/tests/e2e/Services/Database/DatabasePermissionsScope.php @@ -7,6 +7,7 @@ use Tests\E2E\Client; trait DatabasePermissionsScope { public array $users = []; + public array $teams = []; public function createUser(string $id, string $email, string $password = 'test123'): array { @@ -38,7 +39,7 @@ trait DatabasePermissionsScope 'email' => $user['body']['email'], 'session' => $session, ]; - $this->users[$email] = $user; + $this->users[$id] = $user; return $user; } @@ -54,8 +55,9 @@ trait DatabasePermissionsScope 'teamId' => $id, 'name' => $name ]); + $this->teams[$id] = $team['body']; - return $team; + return $team['body']; } public function addToTeam(string $user, string $team, array $roles = []): array diff --git a/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php b/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php new file mode 100644 index 0000000000..6774dd1087 --- /dev/null +++ b/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php @@ -0,0 +1,189 @@ + $this->createTeam('team1', 'Team 1'), + 'team2' => $this->createTeam('team2', 'Team 2'), + ]; + } + + public function createUsers(): array + { + return [ + 'user1' => $this->createUser('user1', 'lorem@ipsum.com'), + 'user2' => $this->createUser('user2', 'dolor@ipsum.com'), + 'user3' => $this->createUser('user3', 'sit@ipsum.com'), + ]; + } + + public function createCollections($teams) + { + $collection1 = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + 'collectionId' => 'collection1', + 'name' => 'Collection 1', + 'read' => ['team:' . $teams['team1']['$id']], + 'write' => ['team:' . $teams['team1']['$id'] . '/admin'], + 'permission' => 'collection', + ]); + + $this->collections['collection1'] = $collection1['body']['$id']; + + $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['collection1'] . '/attributes/string', $this->getServerHeader(), [ + 'attributeId' => 'title', + 'size' => 256, + 'required' => true, + ]); + + $collection2 = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + 'collectionId' => 'collection2', + 'name' => 'Collection 2', + 'read' => ['team:' . $teams['team2']['$id']], + 'write' => ['team:' . $teams['team2']['$id'] . '/owner'], + 'permission' => 'collection', + ]); + + $this->collections['collection2'] = $collection2['body']['$id']; + + $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['collection2'] . '/attributes/string', $this->getServerHeader(), [ + 'attributeId' => 'title', + 'size' => 256, + 'required' => true, + ]); + + sleep(2); + + return $this->collections; + } + + /* + * $success = can $user read from $collection + * [$user, $collection, $success] + */ + public function readDocumentsProvider(): array + { + return [ + ['user1', 'collection1', true], + ['user2', 'collection1', false], + ['user3', 'collection1', true], + ['user1', 'collection2', false], + ['user2', 'collection2', true], + ['user3', 'collection2', true], + ]; + } + + /* + * $success = can $user write to $collection + * [$user, $collection, $success] + */ + public function writeDocumentsProvider(): array + { + return [ + ['user1', 'collection1', true], + ['user2', 'collection1', false], + ['user3', 'collection1', false], + ['user1', 'collection2', false], + ['user2', 'collection2', true], + ['user3', 'collection2', false], + ]; + } + + /** + * @return array $users + */ + public function testSetupDatabase(): array + { + $this->createUsers(); + $this->createTeams(); + + $this->addToTeam('user1', 'team1', ['admin']); + $this->addToTeam('user2', 'team2', ['owner']); + + // user3 in both teams but with no roles + $this->addToTeam('user3', 'team1'); + $this->addToTeam('user3', 'team2'); + + $this->createCollections($this->teams); + + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['collection1'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + ]); + $this->assertEquals(201, $response['headers']['status-code']); + + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['collection2'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Ipsum', + ], + ]); + $this->assertEquals(201, $response['headers']['status-code']); + + return $this->users; + } + + /** + * @depends testSetupDatabase + * @dataProvider readDocumentsProvider + */ + public function testReadDocuments($user, $collection, $success, $users) + { + $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collection . '/documents', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $users[$user]['session'], + ]); + + if ($success) { + $this->assertCount(1, $documents['body']['documents']); + } else { + $this->assertEquals(404, $documents['headers']['status-code']); + } + + } + + /** + * @depends testSetupDatabase + * @dataProvider writeDocumentsProvider + */ + public function testWriteDocuments($user, $collection, $success, $users) + { + $documents = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection . '/documents', [ + 'origin' => 'http://localhost', + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $users[$user]['session'], + ], [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Ipsum', + ], + ]); + + if ($success) { + $this->assertEquals(201, $documents['headers']['status-code']); + } else { + // 401 if user is a part of team, 404 otherwise + $this->assertContains($documents['headers']['status-code'], [401, 404]); + } + + } +} From 46c3ce7a154f1039d3ab04c941e73f61cd5479e3 Mon Sep 17 00:00:00 2001 From: kodumbeats Date: Thu, 21 Oct 2021 20:38:01 -0400 Subject: [PATCH 3/5] Explain data provider state --- .../e2e/Services/Database/DatabasePermissionsTeamTest.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php b/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php index 6774dd1087..218c9cd78a 100644 --- a/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php +++ b/tests/e2e/Services/Database/DatabasePermissionsTeamTest.php @@ -104,6 +104,10 @@ class DatabasePermissionsTeamTest extends Scope } /** + * Setup database + * + * Data providers lose object state + * so explicitly pass $users to each iteration * @return array $users */ public function testSetupDatabase(): array @@ -140,6 +144,7 @@ class DatabasePermissionsTeamTest extends Scope } /** + * Data provider params are passed before test dependencies * @depends testSetupDatabase * @dataProvider readDocumentsProvider */ @@ -157,7 +162,6 @@ class DatabasePermissionsTeamTest extends Scope } else { $this->assertEquals(404, $documents['headers']['status-code']); } - } /** @@ -184,6 +188,5 @@ class DatabasePermissionsTeamTest extends Scope // 401 if user is a part of team, 404 otherwise $this->assertContains($documents['headers']['status-code'], [401, 404]); } - } } From d3745c0b401eaee341f28c7fc6c7ba860f034be8 Mon Sep 17 00:00:00 2001 From: kodumbeats Date: Thu, 21 Oct 2021 20:38:17 -0400 Subject: [PATCH 4/5] Refactor member tests to use dataproviders --- .../DatabasePermissionsMemberTest.php | 162 +++++++++--------- 1 file changed, 81 insertions(+), 81 deletions(-) diff --git a/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php b/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php index d9f8eb6773..e28fb559ac 100644 --- a/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php +++ b/tests/e2e/Services/Database/DatabasePermissionsMemberTest.php @@ -13,66 +13,63 @@ class DatabasePermissionsMemberTest extends Scope use SideClient; use DatabasePermissionsScope; - public array $mockPermissions = [ - [ - 'read' => ['role:all'], - 'write' => [] - ], - [ - 'read' => ['role:member'], - 'write' => [] - ], - [ - 'read' => ['user:random'], - 'write' => [] - ], - [ - 'read' => ['user:lorem'], - 'write' => ['user:lorem'] - ], - [ - 'read' => ['user:dolor'], - 'write' => ['user:dolor'] - ], - [ - 'read' => ['user:dolor', 'user:lorem'], - 'write' => ['user:dolor'] - ], - [ - 'read' => [], - 'write' => ['role:all'] - ], - [ - 'read' => ['role:all'], - 'write' => ['role:all'] - ], - [ - 'read' => ['role:member'], - 'write' => ['role:member'] - ], - [ - 'read' => ['role:all'], - 'write' => ['role:member'] - ] - ]; + public array $collections = []; - public function createCollections(): array + public function createUsers(): array { - $movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ + return [ + 'user1' => $this->createUser('user1', 'lorem@ipsum.com'), + 'user2' => $this->createUser('user2', 'dolor@ipsum.com'), + ]; + } + + /** + * [string[] $read, string[] $write] + */ + public function readDocumentsProvider() + { + return [ + [['role:all'], []], + [['role:member'], []], + [['user:random'], []], + [['user:lorem'] ,['user:lorem']], + [['user:dolor'] ,['user:dolor']], + [['user:dolor', 'user:lorem'] ,['user:dolor']], + [[], ['role:all']], + [['role:all'], ['role:all']], + [['role:member'], ['role:member']], + [['role:all'], ['role:member']], + ]; + } + + /** + * Setup database + * + * Data providers lose object state + * so explicitly pass [$users, $collections] to each iteration + * @return array + */ + public function testSetupDatabase(): array + { + $this->createUsers(); + + $public = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ 'collectionId' => 'unique()', 'name' => 'Movies', 'read' => ['role:all'], 'write' => ['role:all'], 'permission' => 'document', ]); + $this->assertEquals(201, $public['headers']['status-code']); - $collections = ['public' => $movies['body']['$id']]; + $this->collections = ['public' => $public['body']['$id']]; - $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/attributes/string', $this->getServerHeader(), [ + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['public'] . '/attributes/string', $this->getServerHeader(), [ 'attributeId' => 'title', 'size' => 256, 'required' => true, ]); + $this->assertEquals(201, $response['headers']['status-code']); $private = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ 'collectionId' => 'unique()', @@ -81,50 +78,54 @@ class DatabasePermissionsMemberTest extends Scope 'write' => ['role:member'], 'permission' => 'document', ]); + $this->assertEquals(201, $private['headers']['status-code']); - $collections['private'] = $private['body']['$id']; + $this->collections['private'] = $private['body']['$id']; - $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/attributes/string', $this->getServerHeader(), [ + $this->client->call(Client::METHOD_POST, '/database/collections/' . $this->collections['private'] . '/attributes/string', $this->getServerHeader(), [ 'attributeId' => 'title', 'size' => 256, 'required' => true, ]); + $this->assertEquals(201, $response['headers']['status-code']); sleep(2); - return $collections; + return [ + 'users' => $this->users, + 'collections' => $this->collections + ]; } - public function testReadDocuments() + /** + * Data provider params are passed before test dependencies + * @dataProvider readDocumentsProvider + * @depends testSetupDatabase + */ + public function testReadDocuments($read, $write, $data) { - $user1 = $this->createUser('lorem', 'lorem@ipsum.com'); - $user2 = $this->createUser('dolor', 'dolor@ipsum.com'); + $users = $data['users']; + $collections = $data['collections']; - $collections = $this->createCollections(); + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $read, + 'write' => $write, + ]); + $this->assertEquals(201, $response['headers']['status-code']); - foreach ($this->mockPermissions as $permissions) { - $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/documents', $this->getServerHeader(), [ - 'documentId' => 'unique()', - 'data' => [ - 'title' => 'Lorem', - ], - 'read' => $permissions['read'], - 'write' => $permissions['write'], - ]); - $this->assertEquals(201, $response['headers']['status-code']); - } - - foreach ($this->mockPermissions as $permissions) { - $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/documents', $this->getServerHeader(), [ - 'documentId' => 'unique()', - 'data' => [ - 'title' => 'Lorem', - ], - 'read' => $permissions['read'], - 'write' => $permissions['write'], - ]); - $this->assertEquals(201, $response['headers']['status-code']); - } + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $read, + 'write' => $write, + ]); + $this->assertEquals(201, $response['headers']['status-code']); /** * Check role:all collection @@ -133,11 +134,11 @@ class DatabasePermissionsMemberTest extends Scope 'origin' => 'http://localhost', 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], - 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $users['user1']['session'], ]); foreach ($documents['body']['documents'] as $document) { - $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) { + $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $users['user1']['$id']], function ($carry, $item) use ($document) { return $carry ? true : \in_array($item, $document['$read']); }, false); $this->assertTrue($hasPermissions); @@ -150,16 +151,15 @@ class DatabasePermissionsMemberTest extends Scope 'origin' => 'http://localhost', 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], - 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'], + 'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $users['user1']['session'], ]); foreach ($documents['body']['documents'] as $document) { - $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) { + $hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $users['user1']['$id']], function ($carry, $item) use ($document) { return $carry ? true : \in_array($item, $document['$read']); }, false); $this->assertTrue($hasPermissions); } - } } From 656ceb9c94875ba93fa0e55e0b524ebdf54e3c25 Mon Sep 17 00:00:00 2001 From: kodumbeats Date: Thu, 21 Oct 2021 20:38:27 -0400 Subject: [PATCH 5/5] Refactor guest tests to use dataproviders --- .../Database/DatabasePermissionsGuestTest.php | 71 ++++++++----------- 1 file changed, 28 insertions(+), 43 deletions(-) diff --git a/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php b/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php index 706ce2b848..1e6c6b7e18 100644 --- a/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php +++ b/tests/e2e/Services/Database/DatabasePermissionsGuestTest.php @@ -13,37 +13,6 @@ class DatabasePermissionsGuestTest extends Scope use SideClient; use DatabasePermissionsScope; - public array $mockPermissions = [ - [ - 'read' => ['role:all'], - 'write' => [] - ], - [ - 'read' => ['role:member'], - 'write' => [] - ], - [ - 'read' => ['user:random'], - 'write' => [] - ], - [ - 'read' => [], - 'write' => ['role:all'] - ], - [ - 'read' => ['role:all'], - 'write' => ['role:all'] - ], - [ - 'read' => ['role:member'], - 'write' => ['role:member'] - ], - [ - 'read' => ['role:all'], - 'write' => ['role:member'] - ] - ]; - public function createCollection(): array { $movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [ @@ -67,21 +36,37 @@ class DatabasePermissionsGuestTest extends Scope return $collection; } - public function testReadDocuments() + /** + * [string[] $read, string[] $write] + */ + public function readDocumentsProvider() + { + return [ + [['role:all'], []], + [['role:member'], []], + [[] ,['role:all']], + [['role:all'], ['role:all']], + [['role:member'], ['role:member']], + [['role:all'], ['role:member']], + ]; + } + + /** + * @dataProvider readDocumentsProvider + */ + public function testReadDocuments($read, $write) { $collection = $this->createCollection(); - foreach ($this->mockPermissions as $permissions) { - $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/documents', $this->getServerHeader(), [ - 'documentId' => 'unique()', - 'data' => [ - 'title' => 'Lorem', - ], - 'read' => $permissions['read'], - 'write' => $permissions['write'], - ]); - $this->assertEquals(201, $response['headers']['status-code']); - } + $response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/documents', $this->getServerHeader(), [ + 'documentId' => 'unique()', + 'data' => [ + 'title' => 'Lorem', + ], + 'read' => $read, + 'write' => $write, + ]); + $this->assertEquals(201, $response['headers']['status-code']); $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collection['id'] . '/documents', [ 'content-type' => 'application/json',