mirror of
https://github.com/chylex/Lightning-Tracker.git
synced 2025-01-06 13:42:45 +01:00
Add a dedicated 'Admin' system role and replace the admin flag on users
This commit is contained in:
parent
058460dbc6
commit
94ddd889d4
3
res/~database/SystemRoleValues.sql
Normal file
3
res/~database/SystemRoleValues.sql
Normal file
@ -0,0 +1,3 @@
|
||||
INSERT INTO `system_roles` (id, type, title, ordering)
|
||||
VALUES (1, 'admin', 'Admin', 0)
|
||||
ON DUPLICATE KEY UPDATE id = id
|
@ -4,7 +4,6 @@ CREATE TABLE IF NOT EXISTS `users` (
|
||||
`email` VARCHAR(191) NOT NULL, # Size limit needed due to low key size limits in older versions of MySQL.
|
||||
`password` VARCHAR(255) NOT NULL,
|
||||
`role_id` SMALLINT DEFAULT NULL,
|
||||
`admin` BOOL NOT NULL DEFAULT FALSE,
|
||||
`date_registered` DATETIME NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `name` (`name`),
|
||||
|
@ -10,17 +10,17 @@ final class UserInfo{
|
||||
private string $name;
|
||||
private string $email;
|
||||
private ?int $role_id;
|
||||
private ?string $role_type;
|
||||
private ?string $role_title;
|
||||
private bool $admin;
|
||||
private string $date_registered;
|
||||
|
||||
public function __construct(UserId $id, string $name, string $email, ?int $role_id, ?string $role_title, bool $admin, string $date_registered){
|
||||
public function __construct(UserId $id, string $name, string $email, ?int $role_id, ?string $role_type, ?string $role_title, string $date_registered){
|
||||
$this->id = $id;
|
||||
$this->name = $name;
|
||||
$this->email = $email;
|
||||
$this->role_id = $role_id;
|
||||
$this->role_type = $role_type;
|
||||
$this->role_title = $role_title;
|
||||
$this->admin = $admin;
|
||||
$this->date_registered = $date_registered;
|
||||
}
|
||||
|
||||
@ -48,12 +48,12 @@ final class UserInfo{
|
||||
return $this->role_id;
|
||||
}
|
||||
|
||||
public function getRoleTitleSafe(): ?string{
|
||||
return $this->role_title === null ? null : protect($this->role_title);
|
||||
public function getRoleType(): ?string{
|
||||
return $this->role_type;
|
||||
}
|
||||
|
||||
public function isAdmin(): bool{
|
||||
return $this->admin;
|
||||
public function getRoleTitleSafe(): ?string{
|
||||
return $this->role_title === null ? null : protect($this->role_title);
|
||||
}
|
||||
|
||||
public function getRegistrationDate(): string{
|
||||
|
@ -88,16 +88,16 @@ SQL;
|
||||
$sql = <<<SQL
|
||||
SELECT 1
|
||||
FROM system_roles sr
|
||||
WHERE id = ?
|
||||
AND type = 'normal'
|
||||
AND ((SELECT u.admin FROM users u WHERE u.id = ?) OR
|
||||
(ordering > IFNULL((SELECT ordering
|
||||
FROM system_roles sr2
|
||||
JOIN users u ON sr2.id = u.role_id
|
||||
WHERE u.id = ?), ~0)))
|
||||
CROSS JOIN (SELECT ur.type, ur.ordering
|
||||
FROM system_roles ur
|
||||
JOIN users u ON ur.id = u.role_id
|
||||
WHERE u.id = ?) ur
|
||||
WHERE sr.id = ?
|
||||
AND sr.type = 'normal'
|
||||
AND (sr.ordering > ur.ordering OR ur.type = 'admin')
|
||||
SQL;
|
||||
|
||||
$stmt = $this->execute($sql, 'ISS', [$role_id, $user_id, $user_id]);
|
||||
$stmt = $this->execute($sql, 'SI', [$user_id, $role_id]);
|
||||
return $this->fetchOneInt($stmt) !== null;
|
||||
}
|
||||
|
||||
@ -115,18 +115,18 @@ SQL;
|
||||
*/
|
||||
public function listRolesAssignableBy(UserId $user_id): array{
|
||||
$sql = <<<SQL
|
||||
SELECT id, type, title, ordering
|
||||
SELECT sr.id, sr.type, sr.title, sr.ordering
|
||||
FROM system_roles sr
|
||||
WHERE type = 'normal'
|
||||
AND ((SELECT u.admin FROM users u WHERE u.id = ?) OR
|
||||
(ordering > IFNULL((SELECT ordering
|
||||
FROM system_roles sr2
|
||||
JOIN users u ON sr2.id = u.role_id
|
||||
WHERE u.id = ?), ~0)))
|
||||
ORDER BY ordering ASC
|
||||
CROSS JOIN (SELECT ur.type, ur.ordering
|
||||
FROM system_roles ur
|
||||
JOIN users u ON ur.id = u.role_id
|
||||
WHERE u.id = ?) ur
|
||||
WHERE sr.type = 'normal'
|
||||
AND (sr.ordering > ur.ordering OR ur.type = 'admin')
|
||||
ORDER BY sr.ordering ASC
|
||||
SQL;
|
||||
|
||||
$stmt = $this->execute($sql, 'SS', [$user_id, $user_id]);
|
||||
$stmt = $this->execute($sql, 'S', [$user_id]);
|
||||
return $this->fetchMap($stmt, fn($v): RoleInfo => new RoleInfo($v['id'], $v['type'], $v['title'], (int)$v['ordering']));
|
||||
}
|
||||
|
||||
|
@ -12,9 +12,10 @@ final class UserLoginTable extends AbstractTable{
|
||||
|
||||
public function checkLogin(string $token): ?UserProfile{
|
||||
$stmt = $this->db->prepare(<<<SQL
|
||||
SELECT u.id, u.name, u.email, u.role_id, u.admin
|
||||
SELECT u.id, u.name, u.email, u.role_id, IF(sr.type = 'admin', TRUE, FALSE) AS admin
|
||||
FROM users u
|
||||
JOIN user_logins ul ON u.id = ul.id
|
||||
LEFT JOIN system_roles sr ON u.role_id = sr.id
|
||||
WHERE token = ? AND NOW() < ul.expires
|
||||
SQL
|
||||
);
|
||||
|
@ -95,7 +95,7 @@ SQL;
|
||||
$filter ??= UserFilter::empty();
|
||||
|
||||
$sql = <<<SQL
|
||||
SELECT u.id, u.name, u.email, sr.id AS role_id, sr.title AS role_title, IF(u.admin, 0, IFNULL(sr.ordering, ~0)) AS role_order, u.admin, u.date_registered
|
||||
SELECT u.id, u.name, u.email, sr.id AS role_id, sr.type AS role_type, sr.title AS role_title, IFNULL(sr.ordering, ~0) AS role_order, u.date_registered
|
||||
FROM users u
|
||||
LEFT JOIN system_roles sr ON u.role_id = sr.id
|
||||
SQL;
|
||||
@ -106,8 +106,8 @@ SQL;
|
||||
$v['name'],
|
||||
$v['email'],
|
||||
$v['role_id'],
|
||||
$v['role_type'],
|
||||
$v['role_title'],
|
||||
(bool)$v['admin'],
|
||||
$v['date_registered']));
|
||||
}
|
||||
|
||||
@ -120,7 +120,7 @@ SQL;
|
||||
|
||||
public function getUserInfo(UserId $id): ?UserInfo{
|
||||
$sql = <<<SQL
|
||||
SELECT u.id, u.name, u.email, sr.id AS role_id, sr.title AS role_title, u.admin, u.date_registered
|
||||
SELECT u.id, u.name, u.email, sr.id AS role_id, sr.type AS role_type, sr.title AS role_title, u.date_registered
|
||||
FROM users u
|
||||
LEFT JOIN system_roles sr ON u.role_id = sr.id
|
||||
WHERE u.id = ?
|
||||
@ -129,7 +129,13 @@ SQL;
|
||||
$stmt = $this->execute($sql, 'S', [$id]);
|
||||
|
||||
$res = $this->fetchOneRaw($stmt);
|
||||
return $res === false ? null : new UserInfo(UserId::fromRaw($res['id']), $res['name'], $res['email'], $res['role_id'], $res['role_title'], (bool)$res['admin'], $res['date_registered']);
|
||||
return $res === false ? null : new UserInfo(UserId::fromRaw($res['id']),
|
||||
$res['name'],
|
||||
$res['email'],
|
||||
$res['role_id'],
|
||||
$res['role_type'],
|
||||
$res['role_title'],
|
||||
$res['date_registered']);
|
||||
}
|
||||
|
||||
public function getLoginInfo(string $name): ?UserLoginInfo{
|
||||
@ -170,7 +176,7 @@ SQL;
|
||||
}
|
||||
|
||||
public function deleteById(UserId $id): void{
|
||||
$this->execute('DELETE FROM users WHERE id = ? AND admin = FALSE',
|
||||
$this->execute('DELETE FROM users u WHERE u.id = ? AND NOT EXISTS(SELECT 1 FROM system_roles sr WHERE sr.id = u.role_id AND sr.type != \'normal\')',
|
||||
'S', [$id]);
|
||||
}
|
||||
}
|
||||
|
@ -25,7 +25,6 @@ class UserEditModel extends BasicRootPageModel{
|
||||
public static function canEditUser(UserId $editor_id, UserInfo $target): bool{
|
||||
return (
|
||||
!$target->getId()->equals($editor_id) &&
|
||||
!$target->isAdmin() &&
|
||||
($target->getRoleId() === null || (new SystemRoleTable(DB::get()))->isRoleAssignableBy($target->getRoleId(), $editor_id))
|
||||
);
|
||||
}
|
||||
|
@ -5,6 +5,7 @@ namespace Pages\Models\Root;
|
||||
|
||||
use Database\DB;
|
||||
use Database\Filters\Types\UserFilter;
|
||||
use Database\Objects\RoleInfo;
|
||||
use Database\Tables\SystemRoleTable;
|
||||
use Database\Tables\UserTable;
|
||||
use Database\Validation\UserFields;
|
||||
@ -92,14 +93,22 @@ class UsersModel extends BasicRootPageModel{
|
||||
$row[] = $user->getEmailSafe();
|
||||
}
|
||||
|
||||
/** @noinspection ProperNullCoalescingOperatorUsageInspection */
|
||||
$row[] = $user->isAdmin() ? Text::missing('Admin') : ($user->getRoleTitleSafe() ?? Text::missing('Default'));
|
||||
switch($user->getRoleType()){
|
||||
case RoleInfo::SYSTEM_ADMIN:
|
||||
$row[] = Text::missing('Admin');
|
||||
break;
|
||||
|
||||
default:
|
||||
/** @noinspection ProperNullCoalescingOperatorUsageInspection */
|
||||
$row[] = $user->getRoleTitleSafe() ?? Text::missing('Default');
|
||||
break;
|
||||
}
|
||||
|
||||
$row[] = new DateTimeComponent($user->getRegistrationDate());
|
||||
|
||||
$can_edit = (
|
||||
$this->perms->check(SystemPermissions::MANAGE_USERS) &&
|
||||
!$user_id->equals($logon_user_id) &&
|
||||
!$user->isAdmin() &&
|
||||
($user->getRoleId() === null || array_key_exists($user->getRoleId(), $this->editable_roles))
|
||||
);
|
||||
|
||||
|
@ -3,7 +3,9 @@ declare(strict_types = 1);
|
||||
|
||||
namespace Update\Migrations;
|
||||
|
||||
use PDO;
|
||||
use Update\AbstractMigrationProcess;
|
||||
use Update\AbstractMigrationTask;
|
||||
|
||||
final class Migration9 extends AbstractMigrationProcess{
|
||||
/** @noinspection SqlResolve */
|
||||
@ -18,6 +20,18 @@ final class Migration9 extends AbstractMigrationProcess{
|
||||
|
||||
self::sql('ALTER TABLE system_roles ADD UNIQUE KEY (`type`, `ordering`)'),
|
||||
self::sql('ALTER TABLE project_roles ADD UNIQUE KEY (`project_id`, `type`, `ordering`)'),
|
||||
|
||||
new class extends AbstractMigrationTask{
|
||||
/** @noinspection SqlResolve */
|
||||
public function execute(PDO $db): void{
|
||||
$db->beginTransaction();
|
||||
$db->exec('INSERT INTO `system_roles` (type, title, ordering) VALUES (\'admin\', \'Admin\', 0)');
|
||||
$db->exec('UPDATE users SET role_id = LAST_INSERT_ID() WHERE admin = TRUE');
|
||||
$db->commit();
|
||||
}
|
||||
},
|
||||
|
||||
self::sql('ALTER TABLE users DROP COLUMN admin'),
|
||||
];
|
||||
}
|
||||
}
|
||||
|
@ -209,6 +209,7 @@ if (!empty($_POST) && $submit_action !== $action_value_conflict_cancel){
|
||||
|
||||
$values = [
|
||||
'IssueWeight',
|
||||
'SystemRole',
|
||||
];
|
||||
|
||||
try{
|
||||
@ -236,11 +237,12 @@ if (!empty($_POST) && $submit_action !== $action_value_conflict_cancel){
|
||||
|
||||
if (empty($errors) && $conflict_action !== $conflict_resolution_reuse){
|
||||
try{
|
||||
$stmt = $db->prepare('INSERT INTO users (id, name, email, password, admin, date_registered) VALUES (?, ?, ?, ?, TRUE, NOW())');
|
||||
$stmt = $db->prepare('INSERT INTO users (id, name, email, password, role_id, date_registered) VALUES (?, ?, ?, ?, ?, NOW())');
|
||||
$stmt->bindValue(1, UserId::generateNew());
|
||||
$stmt->bindValue(2, $value_admin_name);
|
||||
$stmt->bindValue(3, $value_admin_email);
|
||||
$stmt->bindValue(4, UserPassword::hash($value_admin_password));
|
||||
$stmt->bindValue(5, 1);
|
||||
$stmt->execute();
|
||||
}catch(Exception $e){
|
||||
$errors[] = 'Error setting up administrator account: '.$e->getMessage();
|
||||
|
@ -48,9 +48,6 @@ class T000_Setup_Cest{
|
||||
self::t($I, $t, fn() => $t->createProjectsAsUser1($I));
|
||||
self::t($I, $t, fn() => $t->createProjectsAsUser2($I));
|
||||
|
||||
$t = new T013_SystemSettingsRolesSpecial_Cest();
|
||||
self::t($I, $t, fn() => $t->createAdminRoles($I));
|
||||
|
||||
$t = new T014_UserList_Cest();
|
||||
self::t($I, $t, fn() => $t->registerNewUser($I));
|
||||
}
|
||||
|
@ -41,9 +41,9 @@ class T001_Install_Cest{
|
||||
|
||||
$I->see('Register', 'a[href="http://localhost/register"]');
|
||||
$I->seeInDatabase('users', [
|
||||
'name' => 'Admin',
|
||||
'email' => $result_email,
|
||||
'admin' => true,
|
||||
'name' => 'Admin',
|
||||
'email' => $result_email,
|
||||
'role_id' => 1,
|
||||
]);
|
||||
}
|
||||
|
||||
@ -56,9 +56,9 @@ class T001_Install_Cest{
|
||||
$I->see('Register', 'a[href="http://localhost/register"]');
|
||||
$I->dontSeeCookie('logon');
|
||||
$I->seeInDatabase('users', [
|
||||
'name' => 'Admin',
|
||||
'email' => $email,
|
||||
'admin' => true,
|
||||
'name' => 'Admin',
|
||||
'email' => $email,
|
||||
'role_id' => 1,
|
||||
]);
|
||||
}
|
||||
|
||||
|
@ -103,29 +103,29 @@ class T006_RegisterAccounts_Cest{
|
||||
public function setupRoles(): void{
|
||||
$db = Acceptance::getDB();
|
||||
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (1, \'User\', 4)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (2, \'ManageUsers2\', 3)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (3, \'ManageUsers1\', 2)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (4, \'Moderator\', 1)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (2, \'User\', 4)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (3, \'ManageUsers2\', 3)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (4, \'ManageUsers1\', 2)');
|
||||
$db->exec('INSERT INTO system_roles (id, title, ordering) VALUES (5, \'Moderator\', 1)');
|
||||
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (1, \'projects.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (1, \'projects.create\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (2, \'users.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (2, \'users.manage\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (2, \'projects.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (2, \'projects.create\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (3, \'users.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (3, \'users.manage\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'projects.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'projects.list.all\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'projects.create\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'projects.manage\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'users.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'users.see.emails\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (4, \'users.manage\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'projects.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'projects.list.all\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'projects.create\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'projects.manage\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'users.list\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'users.see.emails\')');
|
||||
$db->exec('INSERT INTO system_role_permissions (role_id, permission) VALUES (5, \'users.manage\')');
|
||||
|
||||
$db->exec('UPDATE users SET role_id = 1 WHERE name = \'User1\' OR name = \'User2\'');
|
||||
$db->exec('UPDATE users SET role_id = 2 WHERE name = \'Manager2\'');
|
||||
$db->exec('UPDATE users SET role_id = 3 WHERE name = \'Manager1\'');
|
||||
$db->exec('UPDATE users SET role_id = 4 WHERE name = \'Moderator\'');
|
||||
$db->exec('UPDATE users SET role_id = 2 WHERE name = \'User1\' OR name = \'User2\'');
|
||||
$db->exec('UPDATE users SET role_id = 3 WHERE name = \'Manager2\'');
|
||||
$db->exec('UPDATE users SET role_id = 4 WHERE name = \'Manager1\'');
|
||||
$db->exec('UPDATE users SET role_id = 5 WHERE name = \'Moderator\'');
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -16,7 +16,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
}
|
||||
|
||||
public function seeInitialRoles(AcceptanceTester $I): void{
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User']);
|
||||
@ -50,7 +51,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
$this->createRole($I, 'Test1');
|
||||
$this->createRole($I, 'Test2');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -64,7 +66,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
public function moveTopRoleAround(AcceptanceTester $I): void{
|
||||
$I->click('#Move-1 button[value="Down"]');
|
||||
|
||||
$I->seeTableRowOrder(['ManageUsers1',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'ManageUsers1',
|
||||
'Moderator',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -73,7 +76,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
|
||||
$I->click('#Move-2 button[value="Down"]');
|
||||
|
||||
$I->seeTableRowOrder(['ManageUsers1',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'Moderator',
|
||||
'User',
|
||||
@ -83,7 +87,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
$I->click('#Move-3 button[value="Up"]');
|
||||
$I->click('#Move-2 button[value="Up"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -97,7 +102,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
public function moveBottomRoleAround(AcceptanceTester $I): void{
|
||||
$I->click('#Move-6 button[value="Up"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -106,7 +112,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
|
||||
$I->click('#Move-5 button[value="Up"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'Test2',
|
||||
@ -116,7 +123,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
$I->click('#Move-4 button[value="Down"]');
|
||||
$I->click('#Move-5 button[value="Down"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -131,7 +139,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
$I->click('#Move-1 button[value="Up"]');
|
||||
$I->click('#Move-6 button[value="Down"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -147,7 +156,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
public function deleteRole(AcceptanceTester $I): void{
|
||||
$I->click('#Delete-5 button[type="submit"]');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
@ -160,7 +170,8 @@ class T011_SystemSettingsRoles_Cest{
|
||||
public function readdRole(AcceptanceTester $I): void{
|
||||
$this->createRole($I, 'Test1');
|
||||
|
||||
$I->seeTableRowOrder(['Moderator',
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User',
|
||||
|
@ -16,35 +16,6 @@ class T013_SystemSettingsRolesSpecial_Cest{
|
||||
$I->terminate();
|
||||
}
|
||||
|
||||
public function createAdminRoles(AcceptanceTester $I): void{
|
||||
$db = Acceptance::getDB();
|
||||
$db->exec('INSERT INTO system_roles (type, title, ordering) VALUES (\'admin\', \'Admin\', 0)');
|
||||
|
||||
$I->amOnPage('/settings/roles');
|
||||
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends createAdminRoles
|
||||
*/
|
||||
public function cannotMoveRolesAboveAdminRoles(AcceptanceTester $I): void{
|
||||
$I->click('#Move-1 button[value="Up"]');
|
||||
|
||||
$I->seeTableRowOrder(['Admin',
|
||||
'Moderator',
|
||||
'ManageUsers1',
|
||||
'ManageUsers2',
|
||||
'User']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @depends createAdminRoles
|
||||
*/
|
||||
public function cannotDeleteAdminRole(AcceptanceTester $I): void{
|
||||
$db = Acceptance::getDB();
|
||||
$id = $db->query('SELECT id FROM system_roles WHERE type = \'admin\' LIMIT 1')->fetchColumn();
|
||||
|
@ -37,7 +37,6 @@ class T014_UserList_Cest{
|
||||
'name' => 'Test',
|
||||
'email' => 'test@example.com',
|
||||
'role_id' => null,
|
||||
'admin' => false,
|
||||
]);
|
||||
|
||||
$I->amNotLoggedIn();
|
||||
|
@ -17,7 +17,6 @@ class T015_UserManageability_Cest{
|
||||
'Test' => 7,
|
||||
'Admin2' => 8,
|
||||
'Moderator2' => 9,
|
||||
'Special1' => 10,
|
||||
];
|
||||
|
||||
private function startManagingAs(AcceptanceTester $I, string $user): void{
|
||||
@ -40,14 +39,13 @@ class T015_UserManageability_Cest{
|
||||
public function prepareTemporaryUsers(): void{
|
||||
$db = Acceptance::getDB();
|
||||
|
||||
$admin = $db->query('SELECT id FROM system_roles WHERE title = \'Admin\'')->fetchColumn();
|
||||
$moderator = $db->query('SELECT id FROM system_roles WHERE title = \'Moderator\'')->fetchColumn();
|
||||
$special = $db->query('SELECT id FROM system_roles WHERE title = \'Admin\'')->fetchColumn();
|
||||
|
||||
$db->exec(<<<SQL
|
||||
INSERT INTO users (id, name, email, password, role_id, admin, date_registered)
|
||||
VALUES ('aaaaaaaaa', 'Admin2', 'a', '', NULL, TRUE, DATE_ADD(NOW(), INTERVAL 1 SECOND)),
|
||||
('bbbbbbbbb', 'Moderator2', 'b', '', $moderator, FALSE, DATE_ADD(NOW(), INTERVAL 2 SECOND)),
|
||||
('ccccccccc', 'Special1', 'c', '', $special, FALSE, DATE_ADD(NOW(), INTERVAL 3 SECOND))
|
||||
INSERT INTO users (id, name, email, password, role_id, date_registered)
|
||||
VALUES ('aaaaaaaaa', 'Admin2', 'a', '', $admin, DATE_ADD(NOW(), INTERVAL 1 SECOND)),
|
||||
('bbbbbbbbb', 'Moderator2', 'b', '', $moderator, DATE_ADD(NOW(), INTERVAL 2 SECOND))
|
||||
SQL
|
||||
);
|
||||
}
|
||||
@ -111,7 +109,7 @@ SQL
|
||||
*/
|
||||
public function removeTemporaryUsers(): void{
|
||||
$db = Acceptance::getDB();
|
||||
$db->exec('DELETE FROM users WHERE email IN (\'a\', \'b\', \'c\')');
|
||||
$db->exec('DELETE FROM users WHERE email IN (\'a\', \'b\')');
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user