public function testSiteMoves() { print __METHOD__ . "\n"; //Insert initial data $N1 = TestUtil::createSampleNGI("NGI1"); $N2 = TestUtil::createSampleNGI("NGI2"); $S1 = TestUtil::createSampleSite("Site1"); $S2 = TestUtil::createSampleSite("Site2"); $S3 = TestUtil::createSampleSite("Site3"); $SE1 = TestUtil::createSampleService("SEP1"); $dummy_user = TestUtil::createSampleUser('Test', 'User', '/Some/string'); //Make dummy user a GOCDB admin so it can perfirm site moves etc. $dummy_user->setAdmin(true); /* * Current code in TestUtil does not set sites up as being owned by an an NGI by default. *Add them to NGI */ $N1->addSiteDoJoin($S1); $N2->addSiteDoJoin($S2); $N2->addSiteDoJoin($S3); //Add service end point to service 1 $S1->addServiceDoJoin($SE1); //Persist initial data $this->em->persist($N1); $this->em->persist($N2); $this->em->persist($S1); $this->em->persist($S2); $this->em->persist($S3); $this->em->persist($SE1); $this->em->persist($dummy_user); $this->em->flush(); //Use DB connection to check data $con = $this->getConnection(); /* * Check both that each NGI is present and that the ID matches the doctrine one */ $N1_ID = $N1->getId(); $sql = "SELECT 1 FROM ngis WHERE name = 'NGI1' AND ID = '{$N1_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); $N2_ID = $N2->getId(); $sql = "SELECT 1 FROM ngis WHERE name = 'NGI2' AND ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); /* * Check each site is: present, has the right ID & parent NGI */ $S1_id = $S1->getId(); $sql = "SELECT 1 FROM sites WHERE shortname = 'Site1' AND ID = '{$S1_id}' AND NGI_ID = '{$N1_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); $S2_id = $S2->getId(); $sql = "SELECT 1 FROM sites WHERE shortname = 'Site2' AND ID = '{$S2_id}' AND NGI_ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); $S3_id = $S3->getId(); $sql = "SELECT 1 FROM sites WHERE shortname = 'Site3' AND ID = '{$S3_id}' AND NGI_ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //Check the SEP has correct id and Site $sql = "SELECT 1 FROM services WHERE hostname = 'SEP1' AND parentsite_id = '{$S1_id}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //Move sites $serv = new org\gocdb\services\Site(); $serv->setEntityManager($this->em); $serv->moveSite($S1, $N2, $dummy_user); $serv->moveSite($S2, $N1, $dummy_user); $serv->moveSite($S3, $N2, $dummy_user); //No change //flush movement $this->em->flush(); //Use doctrine to check movement //Check correct NGI for each site $this->assertEquals($N2, $S1->getNgi()); $this->assertEquals($N1, $S2->getNgi()); $this->assertEquals($N2, $S3->getNgi()); //Check correct sites for each NGI //NGI1 $ngisites = $N1->getSites(); foreach ($ngisites as $site) { $this->assertEquals($S2, $site); } //NGI2 $ngisites = $N2->getSites(); foreach ($ngisites as $site) { $this->assertTrue($site == $S1 or $site == $S3); } //check Service End Point $this->assertEquals($S1, $SE1->getParentSite()); //Use database connection to check movememrnt $con = $this->getConnection(); //Check NGIs are still present and their ID is unchanged $sql = "SELECT 1 FROM ngis WHERE name = 'NGI1' AND ID = '{$N1_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); $sql = "SELECT 1 FROM ngis WHERE name = 'NGI2' AND ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //Check each NGI has the correct number of sites //NGI1 $sql = "SELECT 1 FROM sites WHERE NGI_ID = '{$N1_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //NGI2 $sql = "SELECT 1 FROM sites WHERE NGI_ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(2, $result->getRowCount()); //check Site IDs are unchanged and they are assigned to the correct NGI //Site 1 $sql = "SELECT 1 FROM sites WHERE shortname = 'Site1' AND ID = '{$S1_id}' AND NGI_ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //Site 2 $sql = "SELECT 1 FROM sites WHERE shortname = 'Site2' AND ID = '{$S2_id}' AND NGI_ID = '{$N1_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); //Site 3 $sql = "SELECT 1 FROM sites WHERE shortname = 'Site3' AND ID = '{$S3_id}' AND NGI_ID = '{$N2_ID}'"; $result = $con->createQueryTable('', $sql); $this->assertEquals(1, $result->getRowCount()); }
public function testGetOwnedEntityDiscriminator() { print __METHOD__ . "\n"; $entity = TestUtil::createSampleNGI("NGI_1"); // get the disriminator value $cmf = $this->em->getMetadataFactory(); $meta = $cmf->getMetadataFor(get_class($entity)); $entityTypeName = $meta->discriminatorValue; $this->assertEquals('ngi', $entityTypeName); $this->assertEquals('ngi', $entity->getType()); }
* - Scope5 */ $scopeCount = 6; $scopes = array(); // create scopes and persist for ($i = 0; $i < $scopeCount; $i++) { $scopes[] = TestUtil::createSampleScope("Proj scope " . $i, "Scope" . $i); $this->em->persist($scopes[$i]); } // NGIs **************************** // create ngis and persist $ngi0 = TestUtil::createSampleNGI("MYNGI0"); $ngi1 = TestUtil::createSampleNGI("MYNGI1"); $ngi2 = TestUtil::createSampleNGI("MYNGI2"); $ngi3 = TestUtil::createSampleNGI("MYNGI3"); $ngi4 = TestUtil::createSampleNGI("MYNGI4"); $this->em->persist($ngi0); $this->em->persist($ngi1); $this->em->persist($ngi2); $this->em->persist($ngi3); $this->em->persist($ngi4); // Add different scopes to selected ngis: // ngi0 has no scope // ngi1 has one scope $ngi1->addScope($scopes[0]); // ngi2 has 2 scopes $ngi2->addScope($scopes[0]); $ngi2->addScope($scopes[1]); // ngi3 has 3 scopes $ngi3->addScope($scopes[0]); $ngi3->addScope($scopes[1]);
/** * @expectedException \Doctrine\ORM\ORMInvalidArgumentException */ public function testShowMergeIsRequiredBetweenDifferentPersistenceCtxt() { print __METHOD__ . "\n"; // User $u = TestUtil::createSampleUser("Test", "Testing", "/c=test"); $regFLSupportRT = TestUtil::createSampleRoleType(RoleTypeName::REG_FIRST_LINE_SUPPORT); $this->em->persist($u); $this->em->persist($regFLSupportRT); $this->em->flush(); // If we create a new $this->em as below, we would need to merge detatched $u // and $regFLSupportRT entities back into this persistence context // before we can call a persist again (a persist on these entities // called either by a CASCADE or direct call)! $this->em = $this->createEntityManager(); // simply requires bootstrap_doctrine.php //$u = $this->em->merge($u); //$regFLSupportRT = $this->em->merge($regFLSupportRT); // Create new NGI $n = TestUtil::createSampleNGI("MYNGI"); $this->em->persist($n); $roleNgi = TestUtil::createSampleRole($u, $regFLSupportRT, $n, RoleStatus::GRANTED); $this->em->persist($roleNgi); // the flush below is what causes the expected exception $this->em->flush(); }
* include this file as the tests assume a known fixture data structure. * * See the corresponding fixtureDataERD.svg file for an ERD of this fixture data * * @author David Meredith */ $roleType1 = TestUtil::createSampleRoleType("NAME"); $roleType2 = TestUtil::createSampleRoleType("NAME2"); $this->em->persist($roleType1); $this->em->persist($roleType2); // Create a user $userWithRoles = TestUtil::createSampleUser("Test", "Testing", "/c=test"); $this->em->persist($userWithRoles); $userId = $userWithRoles->getId(); // Create an NGI, site and services $ngi = TestUtil::createSampleNGI("MYNGI"); $site1 = TestUtil::createSampleSite('site1'); $site2 = TestUtil::createSampleSite('site2'); $service1 = TestUtil::createSampleService('site1_service1'); $service2 = TestUtil::createSampleService('site1_service2'); $endpoint1 = TestUtil::createSampleEndpointLocation(); $downtime1 = TestUtil::createSampleDowntime(); $downtime2 = TestUtil::createSampleDowntime(); $service1->addEndpointLocationDoJoin($endpoint1); $downtime1->addEndpointLocation($endpoint1); $downtime2->addEndpointLocation($endpoint1); $site1->addServiceDoJoin($service1); $site1->addServiceDoJoin($service2); $ngi->addSiteDoJoin($site1); $ngi->addSiteDoJoin($site2); $certStatusLog1 = TestUtil::createSampleCertStatusLog();
public function testGetUserRoles() { print __METHOD__ . "\n"; // Create two roletypes $ngiRoleType = TestUtil::createSampleRoleType("RT1_NAME"); $siteRoleType = TestUtil::createSampleRoleType("RT2_NAME"); $this->em->persist($ngiRoleType); $this->em->persist($siteRoleType); // Create a user $u = TestUtil::createSampleUser("Test", "Testing", "/c=test"); $this->em->persist($u); // Create an NGI $ngi = TestUtil::createSampleNGI("MYNGI"); $this->em->persist($ngi); // Create a Role and link to the User, ngiRoleType and ngi $roleNgi = TestUtil::createSampleRole($u, $ngiRoleType, $ngi, RoleStatus::GRANTED); $this->em->persist($roleNgi); // Create a site $site1 = TestUtil::createSampleSite("SITENAME"); $this->em->persist($site1); // Create another role and link to the User, siteRoleType and site $roleSite = TestUtil::createSampleRole($u, $siteRoleType, $site1, RoleStatus::GRANTED); $this->em->persist($roleSite); // Create a second and third sites and add to the NGI, but DO NOT add direct // roles over those sites for the user. The user will still have role // over the sites because they have a role over the NGI ! $site2 = TestUtil::createSampleSite("SITENAME2"); $site3 = TestUtil::createSampleSite("SITENAME3"); $this->em->persist($site2); $this->em->persist($site3); $ngi->addSiteDoJoin($site2); $ngi->addSiteDoJoin($site3); $this->em->flush(); // ********MUST******** start a new connection to test transactional // isolation of RoleService methods. $em = $this->createEntityManager(); $roleService = new org\gocdb\services\Role(); $roleService->setEntityManager($em); // assert that user has expected roles $roles = $roleService->getUserRoles($u, RoleStatus::GRANTED); $this->assertEquals(2, sizeof($roles)); $this->assertTrue(count($roleService->getUserRoleNamesOverEntity($ngi, $u)) == 1); $this->assertTrue(count($roleService->getUserRoleNamesOverEntity($site1, $u)) == 1); $this->assertTrue(count($roleService->getUserRoleNamesOverEntity($site2, $u)) == 0); $this->assertTrue(count($roleService->getUserRoleNamesOverEntity($site3, $u)) == 0); // assert that the user has an expected site count with roles over those sites $mySites = $roleService->getReachableSitesFromOwnedObjectRoles($u); $this->assertEquals(3, sizeof($mySites)); // assert user don't have these pending/revoked roles $roles = $roleService->getUserRoles($u, RoleStatus::PENDING); $this->assertEmpty($roles); }
/** * Persist some seed data - roletypes, user, Project, NGI, sites and SEs and * assert that the user has the expected number of roles that grant specific * actions over the owned objects. For example, assert that the user has 'n' * number of roles that allow a particular site to be edited, or 'n' number * of roles that allow an NGI certification status change. */ public function testAuthorizeAction1() { print __METHOD__ . "\n"; // Create roletypes $siteAdminRT = TestUtil::createSampleRoleType(RoleTypeName::SITE_ADMIN); $ngiManRT = TestUtil::createSampleRoleType(RoleTypeName::NGI_OPS_MAN); $rodRT = TestUtil::createSampleRoleType(RoleTypeName::REG_STAFF_ROD); $codRT = TestUtil::createSampleRoleType(RoleTypeName::COD_ADMIN); $this->em->persist($siteAdminRT); // edit site1 (but not cert status) $this->em->persist($ngiManRT); // edit owned site1/site2 and cert status $this->em->persist($rodRT); // edit owned sites 1and2 (but not cert status) $this->em->persist($codRT); // edit all sites cert status only // Create a user $u = TestUtil::createSampleUser("Test", "Testing", "/c=test"); $this->em->persist($u); // Create a linked object graph // NGI->Site1->SE // |->Site2 $ngi = TestUtil::createSampleNGI("MYNGI"); $this->em->persist($ngi); $site1 = TestUtil::createSampleSite("SITENAME"); //$site1->setNgiDoJoin($ngi); $ngi->addSiteDoJoin($site1); $this->em->persist($site1); $se1 = TestUtil::createSampleService('somelabel'); $site1->addServiceDoJoin($se1); $this->em->persist($se1); $site2_userHasNoDirectRole = TestUtil::createSampleSite("SITENAME_2"); $ngi->addSiteDoJoin($site2_userHasNoDirectRole); //$site2_userHasNoDirectRole->setNgiDoJoin($ngi); $this->em->persist($site2_userHasNoDirectRole); // Create ngiManagerRole, ngiUserRole, siteAdminRole and link user and owned entities $ngiManagerRole = TestUtil::createSampleRole($u, $ngiManRT, $ngi, RoleStatus::GRANTED); $this->em->persist($ngiManagerRole); $rodUserRole = TestUtil::createSampleRole($u, $rodRT, $ngi, RoleStatus::GRANTED); $this->em->persist($rodUserRole); $siteAdminRole = TestUtil::createSampleRole($u, $siteAdminRT, $site1, RoleStatus::GRANTED); $this->em->persist($siteAdminRole); $this->em->flush(); // ********MUST******** start a new connection to test transactional // isolation of RoleService methods. $em = $this->createEntityManager(); $siteService = new org\gocdb\services\Site(); $siteService->setEntityManager($em); // Assert user can edit site using 3 enabling roles $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site1, $u); $this->assertEquals(3, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::SITE_ADMIN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::REG_STAFF_ROD, $enablingRoles)); // Assert user can only edit cert status through his NGI_OPS_MAN role $enablingRoles = $siteService->authorizeAction(\Action::SITE_EDIT_CERT_STATUS, $site1, $u); $this->assertEquals(1, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); // Add a new project and link ngi and give user COD_ADMIN Project role (use $this->em to isolate) // Project->NGI->Site1->SE // |->Site2 $proj = new Project('EGI project'); $proj->addNgi($ngi); //$ngi->addProject($proj); // not strictly needed $this->em->persist($proj); $codRole = TestUtil::createSampleRole($u, $codRT, $proj, RoleStatus::GRANTED); $this->em->persist($codRole); $this->em->flush(); // Assert user now has 2 roles that enable SITE_EDIT_CERT_STATUS change action $enablingRoles = $siteService->authorizeAction(\Action::SITE_EDIT_CERT_STATUS, $site1, $u); $this->assertEquals(2, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::COD_ADMIN, $enablingRoles)); // Assert user can edit SE using SITE_ADMIN, NGI_OPS_MAN, REG_STAFF_ROD roles (but not COD role) $seService = new org\gocdb\services\ServiceService(); $seService->setEntityManager($em); $enablingRoles = $seService->authorizeAction(\Action::EDIT_OBJECT, $se1, $u); $this->assertEquals(3, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::SITE_ADMIN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::REG_STAFF_ROD, $enablingRoles)); // Assert User can only edit Site2 through his 2 indirect ngi roles // (user don't have any direct site level roles on this site and COD don't give edit perm) $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site2_userHasNoDirectRole, $u); $this->assertEquals(2, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::REG_STAFF_ROD, $enablingRoles)); // Delete the user's Project COD role $this->em->remove($codRole); $this->em->flush(); // Assert user can only SITE_EDIT_CERT_STATUS through 1 role for both sites $enablingRoles = $siteService->authorizeAction(\Action::SITE_EDIT_CERT_STATUS, $site2_userHasNoDirectRole, $u); $this->assertEquals(1, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); $enablingRoles = $siteService->authorizeAction(\Action::SITE_EDIT_CERT_STATUS, $site1, $u); $this->assertEquals(1, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::NGI_OPS_MAN, $enablingRoles)); // Delete the user's NGI manager role $this->em->remove($ngiManagerRole); $this->em->flush(); // Assert user can't edit site2 cert status $enablingRoles = $siteService->authorizeAction(\Action::SITE_EDIT_CERT_STATUS, $site2_userHasNoDirectRole, $u); $this->assertEquals(0, count($enablingRoles)); // Assert user can still edit site via his ROD role $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site2_userHasNoDirectRole, $u); $this->assertEquals(1, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::REG_STAFF_ROD, $enablingRoles)); // Delete the user's NGI ROD role $this->em->remove($rodUserRole); $this->em->flush(); // User can't edit site2 $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site2_userHasNoDirectRole, $u); $this->assertEquals(0, count($enablingRoles)); // Assert user can still edit SITE1 through his direct site level role (this role has not been deleted) $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site1, $u); $this->assertEquals(1, count($enablingRoles)); $this->assertTrue(in_array(\RoleTypeName::SITE_ADMIN, $enablingRoles)); // Delete user's remaining Site role $this->em->remove($siteAdminRole); $this->em->flush(); // User can't edit site1 $enablingRoles = $siteService->authorizeAction(\Action::EDIT_OBJECT, $site1, $u); $this->assertEquals(0, count($enablingRoles)); }
/** * Show the creation of an endpoint and properties and that * all data is removed on deletion of an endpoint or property */ public function testEndpointPropertyDeletions() { print __METHOD__ . "\n"; $service = TestUtil::createSampleService("TestService"); $ngi = TestUtil::createSampleNGI("TestNGI"); $site = TestUtil::createSampleSite("TestSite"); $endpoint = TestUtil::createSampleEndpointLocation(); //Join service to site, and site to NGI. $ngi->addSiteDoJoin($site); $site->addServiceDoJoin($service); $service->addEndpointLocationDoJoin($endpoint); //Create properties $prop1 = TestUtil::createSampleEndpointProperty("VO", "Atlas"); $prop2 = TestUtil::createSampleEndpointProperty("VO", "CMS"); $prop3 = TestUtil::createSampleEndpointProperty("VO", "Alice"); $endpoint->addEndpointPropertyDoJoin($prop1); $endpoint->addEndpointPropertyDoJoin($prop2); $endpoint->addEndpointPropertyDoJoin($prop3); //Persist in the entity manager $this->em->persist($service); $this->em->persist($ngi); $this->em->persist($site); $this->em->persist($endpoint); $this->em->persist($prop1); $this->em->persist($prop2); $this->em->persist($prop3); //Commit to the database $this->em->flush(); //Check endpoint has 3 properties associated with it $properties = $endpoint->getEndpointProperties(); $this->assertTrue(count($properties) == 3); //Create an admin user that can delete a property $adminUser = TestUtil::createSampleUser('my', 'admin', '/my/admin'); $adminUser->setAdmin(TRUE); $this->em->persist($adminUser); //Delete the property from the service $serviceService = new org\gocdb\services\ServiceService(); $serviceService->setEntityManager($this->em); $serviceService->deleteEndpointProperty($adminUser, $prop1); //Check that the service now only has 2 properties $properties = $endpoint->getEndpointProperties(); $this->assertTrue(count($properties) == 2); $this->em->flush(); //Print names of properties foreach ($properties as $prop) { print $prop->getKeyName() . "-"; print $prop->getKeyValue() . "\n"; } //Check this via the database $con = $this->getConnection(); //Get service id to use in sql statements $endpointId = $endpoint->getId(); $result = $con->createQueryTable('results', "SELECT * FROM endpoint_properties WHERE PARENTENDPOINT_ID = '{$endpointId}'"); //Assert that only 2 service properties exist in the database for this service $this->assertEquals(2, $result->getRowCount()); //Now delete the endpont and check that it cascade deletes //the endpoint's associated properties $serviceService->deleteEndpoint($endpoint, $adminUser); $this->em->flush(); //Check endpoint is gone $result = $con->createQueryTable('results', "SELECT * FROM EndpointLocations WHERE ID = '{$endpointId}'"); $this->assertEquals(0, $result->getRowCount()); //Check properties are gone $result = $con->createQueryTable('results', "SELECT * FROM endpoint_properties WHERE PARENTENDPOINT_ID = '{$endpointId}'"); $this->assertEquals(0, $result->getRowCount()); }
/** * Test Role's discriminator column * Add a role type, user, NGI and a role linking * them all together. Assert that $newRole->getOwnedEntity() * returns an instance of NGI. * @expectedException \Doctrine\DBAL\DBALException */ public function testRoleTypeIntegrityConstraint() { print __METHOD__ . "\n"; // Create a roletype $rt = TestUtil::createSampleRoleType("NAME"); $this->em->persist($rt); // Create a user $u = TestUtil::createSampleUser("Test", "Testing", "/c=test"); $this->em->persist($u); // Create an NGI $n = TestUtil::createSampleNGI("MYNGI"); $this->em->persist($n); // Create a role and link to the user, role type and ngi $r = TestUtil::createSampleRole($u, $rt, $n, RoleStatus::GRANTED); $this->em->persist($r); $this->em->flush(); // try to delete the role type before deleting // the dependant role $this->em->remove($rt); $this->em->flush(); }