public function checkApplicationableAccess(ApiTester $I)
{
$first_user = $I->createUser(true);
/** Main user, Project admin */
$second_user = $I->createUser(true);
/** Test user, Project admin */
$I->loginUser($first_user);
$I->createProjectAndSetHeader();
$table = $I->createTable();
$I->sendGET('api/v1/admin/tables/' . $table->_id);
$I->seeResponseCodeIs(200);
$I->logout();
$I->loginUser($second_user);
$I->sendGET('api/v1/admin/tables/' . $table->_id);
$I->seeResponseCodeIs(403);
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id]);
$I->seeResponseCodeIs(403);
$I->loginUser($first_user);
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id]);
$I->seeResponseCodeIs(422);
$I->seeResponseContains('The role field is required');
$I->seeResponseContains('The scope field is required');
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view', 'uncreated_scope']]);
$I->seeResponseCodeIs(422);
$I->seeResponseContains('The selected scope is invalid.');
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view', 'tables_update']]);
$I->seeResponseCodeIs(201);
$I->loginUser($second_user);
$I->sendGET('api/v1/admin/tables/' . $table->_id);
$I->seeResponseCodeIs(200);
$I->loginUser($first_user);
$I->sendDELETE('api/v1/projects/users', ['user_id' => $second_user->_id]);
$I->seeResponseCodeIs(200);
$I->loginUser($second_user);
$I->sendGET('api/v1/admin/tables/' . $table->_id);
$I->seeResponseCodeIs(403);
}
public function checkDecisionAccess(ApiTester $I)
{
$user = $I->createAndLoginUser();
$I->createProjectAndSetHeader();
$table = $I->createTable($I->getShortTableDataMatchingTypeAll());
$decisions = ['points' => 15, 'request' => ['string' => 'Invalid', 'numeric' => 1, 'bool' => false]];
$data = $I->makeDecision($table->_id, $decisions['request'], 'scoring');
$I->sendGET('api/v1/admin/decisions');
$I->assertContains($data->_id, $I->grabResponse());
$second_user = $I->createUser(true);
$I->loginUser($second_user);
$I->createProject(true);
$I->sendGET('api/v1/admin/decisions');
$I->assertNotContains($data->_id, $I->grabResponse());
$I->loginUser($user);
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view', 'tables_update', 'decisions_view']]);
$I->loginUser($second_user);
$I->sendGET('api/v1/admin/decisions');
$I->assertContains($data->_id, $I->grabResponse());
}
public function getCurrentUserScope(ApiTester $I)
{
$user = $I->createAndLoginUser();
$I->createProjectAndSetHeader();
$I->loginClient($I->getCurrentClient());
$second_user = $I->createUser(true);
$I->loginUser($user);
$I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_view', 'tables_update']]);
$I->loginUser($second_user);
$I->sendGET('api/v1/projects/users');
$I->assertProjectUser();
}
public function removeTokens(ApiTester $I)
{
$user = $I->createUser();
$I->getMongo();
$tokens = ['reset_password' => ["token" => '$2y$10$iiPJClTgDWOgP0SR1ZgwLeMO4qNZkGFXHRjRpkyl.xC2K6OLPxExK', "expired" => time() + 30], 'verify_email' => ["token" => '$3y$10$iiPJClTgDWOgP0SR1ZgwLeMO4qNZkGFXHRjRpkyl.xC1K6OLPxExK', "expired" => time() - 1]];
$filter = ['_id' => new MongoDB\BSON\ObjectID($user->_id)];
$bulk = new MongoDB\Driver\BulkWrite();
$bulk->update($filter, ['$set' => ['tokens' => $tokens, 'refreshTokens.0.expires' => time() - 1]]);
$I->getMongo()->executeBulkWrite('gandalf_test.users', $bulk);
exec('php artisan tokens:delete');
$query = new MongoDB\Driver\Query($filter);
$rows = $I->getMongo()->executeQuery('gandalf_test.users', $query);
$user = $rows->toArray()[0];
$I->assertFalse(property_exists($user->tokens, 'verify_email'), 'Expired verify_email token don\'t deleted');
$I->assertEquals(0, count($user->refreshTokens), 'Expired refresh token do not deleted');
}
