diff options
Diffstat (limited to 't/app/controller/admin')
| -rw-r--r-- | t/app/controller/admin/bodies.t | 164 | ||||
| -rw-r--r-- | t/app/controller/admin/report_edit.t | 59 | ||||
| -rw-r--r-- | t/app/controller/admin/update_edit.t | 4 | ||||
| -rw-r--r-- | t/app/controller/admin/users.t | 61 |
4 files changed, 259 insertions, 29 deletions
diff --git a/t/app/controller/admin/bodies.t b/t/app/controller/admin/bodies.t index c73a90da1..811ac4362 100644 --- a/t/app/controller/admin/bodies.t +++ b/t/app/controller/admin/bodies.t @@ -1,3 +1,13 @@ +package FixMyStreet::Cobrand::AnonAllowedByCategory; +use parent 'FixMyStreet::Cobrand::UKCouncils'; +sub council_url { 'anonbycategory' } +sub council_name { 'Aberdeen City Council' } +sub council_area { 'Aberdeen' } +sub council_area_id { 2650 } +sub anonymous_account { { email => 'anoncategory@example.org', name => 'Anonymous Category' } } + +package main; + use FixMyStreet::TestMech; my $mech = FixMyStreet::TestMech->new; @@ -5,6 +15,10 @@ my $mech = FixMyStreet::TestMech->new; my $superuser = $mech->create_user_ok('superuser@example.com', name => 'Super User', is_superuser => 1); $mech->log_in_ok( $superuser->email ); my $body = $mech->create_body_ok(2650, 'Aberdeen City Council'); +my $body2 = $mech->create_body_ok(2237, 'Oxfordshire County Council'); + +my $user = $mech->create_user_ok('user@example.com', name => 'OCC User', from_body => $body2); +$user->user_body_permissions->create({ body => $body2, permission_type => 'category_edit' }); # This override is wrapped around ALL the /admin/body tests FixMyStreet::override_config { @@ -101,11 +115,14 @@ subtest 'check contact renaming' => sub { $mech->get('/admin/body/' . $body->id . '/test%20category'); is $mech->res->code, 404; $mech->get_ok('/admin/body/' . $body->id . '/testing%20category'); + $mech->content_contains('<td><strong>test2@example.com</strong></td>'); $report->discard_changes; is $report->category, 'testing category'; $mech->submit_form_ok( { with_fields => { category => 'test category' } } ); }; + + subtest 'check contact updating' => sub { $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); $mech->content_like(qr{test2\@example.com</strong>[^<]*</td>[^<]*<td>unconfirmed}s); @@ -210,6 +227,7 @@ subtest 'check open311 configuring' => sub { subtest 'check open311 devolved editing' => sub { $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_contains("name=\"category\"\n size=\"30\" value=\"test category\"\n readonly>", 'Cannot edit Open311 category name'); $mech->submit_form_ok( { with_fields => { send_method => 'Email', email => 'testing@example.org', @@ -217,11 +235,13 @@ subtest 'check open311 devolved editing' => sub { } } ); $mech->content_contains('Values updated'); $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_contains("name=\"category\"\n size=\"30\" value=\"test category\"\n required>", 'Can edit as now devolved'); $mech->submit_form_ok( { with_fields => { send_method => '', - email => 'open311-code', + email => 'open311 code', note => 'Removing email send method', } } ); + $mech->content_contains('open311 code'); $mech->content_contains('Values updated'); }; @@ -261,8 +281,64 @@ subtest 'open311 protection editing' => sub { is $contact->get_extra_metadata('open311_protect'), 1, 'Open311 protect flag set'; }; +subtest 'test assigned_users_only setting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + assigned_users_only => 1, + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('assigned_users_only'), 1; +}; + +subtest 'updates disabling' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + updates_disallowed => 1, + note => 'Disabling updates', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('updates_disallowed'), 1, 'Updates disallowed flag set'; +}; + +subtest 'reopen disabling' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + reopening_disallowed => 1, + note => 'Disabling reopening', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('reopening_disallowed'), 1, 'Reopening disallowed flag set'; +}; + +subtest 'allow anonymous reporting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->content_lacks('Allow anonymous reports'); +}; }; # END of override wrap +FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + MAPIT_TYPES => [ 'UTA' ], + BASE_URL => 'http://www.example.org', + ALLOWED_COBRANDS => [ "fixmystreet", "anonallowedbycategory" ], +}, sub { + +subtest 'allow anonymous reporting' => sub { + $mech->get_ok('/admin/body/' . $body->id . '/test%20category'); + $mech->submit_form_ok( { with_fields => { + anonymous_allowed => 1, + note => 'Anonymous Allowed', + } } ); + $mech->content_contains('Values updated'); + my $contact = $body->contacts->find({ category => 'test category' }); + is $contact->get_extra_metadata('anonymous_allowed'), 1, 'Anonymous reports allowed flag set'; +}; + +}; + FixMyStreet::override_config { MAPIT_URL => 'http://mapit.uk/', @@ -345,4 +421,90 @@ subtest 'check log of the above' => sub { $mech->content_contains('Edited body <a href="/admin/body/' . $body->id . '">Aberdeen City Council</a>'); }; +subtest 'check update disallowed message' => sub { + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'open' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only open reports can have updates left on them.'); + }; + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'staff' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only staff will be able to leave updates.'); + }; + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + ALLOWED_COBRANDS => 'bathnes', + COBRAND_FEATURES => { updates_allowed => { bathnes => 'reporter' } } + }, sub { + $mech->get_ok('/admin/body/' . $body->id .'/test%20category'); + $mech->content_contains('even if this is unticked, only the problem reporter will be able to leave updates'); + }; +}; + +subtest 'check hardcoded contact renaming' => sub { + FixMyStreet::override_config { + MAPIT_URL => 'http://mapit.uk/', + 'ALLOWED_COBRANDS' => [ 'oxfordshire' ], + }, sub { + my $contact = FixMyStreet::DB->resultset('Contact')->create( + { + body_id => $body2->id, + category => 'protected category', + state => 'confirmed', + editor => $0, + whenedited => \'current_timestamp', + note => 'protected contact', + email => 'protected@example.org', + } + ); + $contact->set_extra_metadata( 'hardcoded', 1 ); + $contact->update; + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->content_contains( 'name="hardcoded"' ); + $mech->content_like( qr'value="protected category"[^>]*readonly's ); + $mech->submit_form_ok( { with_fields => { category => 'non protected category', note => 'rename category' } } ); + $mech->content_contains( 'protected category' ); + $mech->content_lacks( 'non protected category' ); + $mech->get('/admin/body/' . $body2->id . '/non%20protected%20category'); + is $mech->res->code, 404; + + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->submit_form_ok( { with_fields => { hardcoded => 0, note => 'remove hardcoding' } } ); + $mech->get_ok('/admin/body/' . $body2->id .'/protected%20category'); + $mech->content_unlike( qr'value="protected category"[^>]*readonly's ); + $mech->submit_form_ok( { with_fields => { category => 'non protected category', note => 'rename category' } } ); + $mech->content_contains( 'non protected category' ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->get('/admin/body/' . $body2->id . '/protected%20category'); + is $mech->res->code, 404; + + $contact->discard_changes; + $contact->set_extra_metadata( 'hardcoded', 1 ); + $contact->update; + + $mech->log_out_ok( $superuser->email ); + $mech->log_in_ok( $user->email ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->content_lacks( 'name="hardcoded"' ); + $user->update( { is_superuser => 1 } ); + $mech->get_ok('/admin/body/' . $body2->id . '/non%20protected%20category'); + $mech->content_contains('name="hardcoded"' ); + $user->update( { is_superuser => 0 } ); + $mech->submit_form_ok( { with_fields => { hardcoded => 0, note => 'remove hardcoding' } } ); + $mech->content_lacks( 'name="hardcoded"' ); + + $contact->discard_changes; + is $contact->get_extra_metadata('hardcoded'), 1, "non superuser can't remove hardcoding"; + + $mech->log_out_ok( $user->email ); + }; +}; + done_testing(); diff --git a/t/app/controller/admin/report_edit.t b/t/app/controller/admin/report_edit.t index 438bcc241..e041154db 100644 --- a/t/app/controller/admin/report_edit.t +++ b/t/app/controller/admin/report_edit.t @@ -9,6 +9,7 @@ my $user2 = $mech->create_user_ok('test2@example.com', name => 'Test User 2'); my $superuser = $mech->create_user_ok('superuser@example.com', name => 'Super User', is_superuser => 1); my $oxfordshire = $mech->create_body_ok(2237, 'Oxfordshire County Council'); +my $user3 = $mech->create_user_ok('body_user@example.com', name => 'Body User', from_body => $oxfordshire); my $oxfordshirecontact = $mech->create_contact_ok( body_id => $oxfordshire->id, category => 'Potholes', email => 'potholes@example.com' ); $mech->create_contact_ok( body_id => $oxfordshire->id, category => 'Traffic lights', email => 'lights@example.com' ); @@ -328,7 +329,6 @@ foreach my $test ( closed_updates => undef, }, expect_comment => 1, - user_body => $oxfordshire, changes => { state => 'investigating' }, log_entries => [ qw/edit state_change edit edit resend edit state_change edit state_change edit state_change edit state_change edit state_change edit edit edit edit edit/ @@ -350,7 +350,6 @@ foreach my $test ( }, expect_comment => 1, expected_text => '*Category changed from ‘Other’ to ‘Potholes’*', - user_body => $oxfordshire, changes => { state => 'in progress', category => 'Potholes' }, log_entries => [ qw/edit state_change category_change edit state_change edit edit resend edit state_change edit state_change edit state_change edit state_change edit state_change edit edit edit edit edit/ @@ -363,11 +362,6 @@ foreach my $test ( $report->comments->delete; $log_entries->reset; - if ( $test->{user_body} ) { - $superuser->from_body( $test->{user_body}->id ); - $superuser->update; - } - $mech->get_ok("/admin/report_edit/$report_id"); @{$test->{fields}}{'external_id', 'external_body', 'external_team', 'category'} = (13, "", "", "Other"); @@ -439,21 +433,12 @@ foreach my $test ( } else { is $comment->text, '', 'comment has no text'; } - if ( $test->{user_body} ) { - ok $comment->get_extra_metadata('is_body_user'), 'body user metadata set'; - ok !$comment->get_extra_metadata('is_superuser'), 'superuser metadata not set'; - is $comment->name, $test->{user_body}->name, 'comment name is body name'; - } else { - ok !$comment->get_extra_metadata('is_body_user'), 'body user metadata not set'; - ok $comment->get_extra_metadata('is_superuser'), 'superuser metadata set'; - is $comment->name, _('an administrator'), 'comment name is admin'; - } + ok !$comment->get_extra_metadata('is_body_user'), 'body user metadata not set'; + ok $comment->get_extra_metadata('is_superuser'), 'superuser metadata set'; + is $comment->name, _('an administrator'), 'comment name is admin'; } else { is $report->comments->count, 0, 'report has no comments'; } - - $superuser->from_body(undef); - $superuser->update; }; } @@ -685,16 +670,28 @@ subtest "Test display of fields extra data" => sub { $mech->get_ok("/admin/report_edit/$report_id"); $mech->content_contains('Extra data: No'); - $report->push_extra_fields( { - name => 'report_url', - value => 'http://example.com', - }); + $report->push_extra_fields( + { + name => 'report_url', + value => 'http://example.com', + }, + { + name => 'sent_to', + value => [ 'onerecipient@example.org' ], + }, + { + name => 'sent_too', + value => [ 'onemorerecipient@example.org', 'another@example.org' ], + }, + ); $report->update; $report->discard_changes; $mech->get_ok("/admin/report_edit/$report_id"); $mech->content_contains('report_url</strong>: http://example.com'); + $mech->content_contains('sent_to</strong>: onerecipient@example.org'); + $mech->content_contains('sent_too</strong>: onemorerecipient@example.org, another@example.org'); $report->set_extra_fields( { description => 'Report URL', @@ -707,4 +704,20 @@ subtest "Test display of fields extra data" => sub { $mech->content_contains('Report URL (report_url)</strong>: http://example.com'); }; +subtest "Test display of contributed_as data" => sub { + $report->update( { extra => undef } ); + $mech->get_ok("/admin/report_edit/$report_id"); + $mech->content_contains('Extra data: No'); + + $report->set_extra_metadata( contributed_as => 'another_user' ); + $report->set_extra_metadata( contributed_by => $user3->id ); + $report->update; + + $report->discard_changes; + + $mech->get_ok("/admin/report_edit/$report_id"); + $mech->content_like(qr!Created By</strong>: <a[^>]*>Body User \(@{[ $user3->email ]}!); + $mech->content_contains('Created Body</strong>: Oxfordshire County Council'); +}; + done_testing(); diff --git a/t/app/controller/admin/update_edit.t b/t/app/controller/admin/update_edit.t index 57c8973d4..8650e7771 100644 --- a/t/app/controller/admin/update_edit.t +++ b/t/app/controller/admin/update_edit.t @@ -81,7 +81,7 @@ for my $test ( fields => { text => 'this is an update', state => 'confirmed', - name => '', + name => 'Test User', anonymous => 1, username => $update->user->email, }, @@ -96,7 +96,7 @@ for my $test ( fields => { text => 'this is a changed update', state => 'confirmed', - name => '', + name => 'Test User', anonymous => 1, username => $update->user->email, }, diff --git a/t/app/controller/admin/users.t b/t/app/controller/admin/users.t index 4f0298103..6f3971149 100644 --- a/t/app/controller/admin/users.t +++ b/t/app/controller/admin/users.t @@ -6,6 +6,8 @@ my $user = $mech->create_user_ok('test@example.com', name => 'Test User'); my $original_user_id = $user->id; # For log later my $user2 = $mech->create_user_ok('test2@example.com', name => 'Test User 2'); my $user3 = $mech->create_user_ok('test3@example.com', name => 'Test User 3'); +my $user4 = $mech->create_user_ok('test4@example.com', name => 'Test User 4'); +my $user5 = $mech->create_user_ok('test5@example.com', name => 'Test User 5'); my $superuser = $mech->create_user_ok('superuser@example.com', name => 'Super User', is_superuser => 1); @@ -13,6 +15,21 @@ my $oxfordshire = $mech->create_body_ok(2237, 'Oxfordshire County Council'); my $haringey = $mech->create_body_ok(2509, 'Haringey Borough Council'); my $southend = $mech->create_body_ok(2607, 'Southend-on-Sea Borough Council'); +$user4->from_body( $oxfordshire->id ); +$user4->update; +$user4->user_body_permissions->create( { + body => $oxfordshire, + permission_type => 'user_edit', +} ); +$user5->from_body( $oxfordshire->id ); +$user5->update; +my $occ_role = $user5->roles->create({ + body => $oxfordshire, + name => 'Role A', + permissions => ['moderate', 'user_edit'], +}); +$user5->add_to_roles($occ_role); + $mech->log_in_ok( $superuser->email ); subtest 'search abuse' => sub { @@ -84,8 +101,6 @@ subtest 'user search' => sub { permissions => ['moderate', 'user_edit'], }); $user->add_to_roles($role); - $mech->get_ok('/admin/users?search=' . $haringey->id ); - $mech->content_contains('test@example.com'); $mech->get_ok('/admin/users?role=' . $role->id); $mech->content_contains('selected>Role A'); $mech->content_contains('test@example.com'); @@ -99,6 +114,38 @@ subtest 'user assign role' => sub { is $user->roles->count, 1; }; +subtest 'remove users from staff' => sub { + is $user4->from_body->id, $oxfordshire->id, 'user4 has a body'; + is $user4->email_verified, 1, 'user4 email is verified'; + is $user4->user_body_permissions->count, 1, 'user4 has permissions'; + is $user5->from_body->id, $oxfordshire->id, 'user5 has a body'; + is $user5->email_verified, 1, 'user5 email is verified'; + is $user5->user_roles->count, 1, 'user5 has a role'; + + $mech->get_ok('/admin/users'); + $mech->content_contains($user4->email); + $mech->content_contains($user5->email); + + $mech->submit_form_ok({ with_fields => { uid => $user4->id, 'remove-staff' => 'remove-staff'} }); + $mech->content_lacks($user4->email); + $mech->content_contains($user5->email); + $user4->discard_changes; + $user5->discard_changes; + is $user4->from_body, undef, 'user4 removed from body'; + is $user4->email_verified, 0, 'user4 email unverified'; + is $user4->user_body_permissions->count, 0, 'no user4 permissions'; + is $user5->from_body->id, $oxfordshire->id, 'user5 has a body'; + is $user5->email_verified, 1, 'user5 email is verified'; + is $user5->user_roles->count, 1, 'user5 has a role'; + + $mech->submit_form_ok({ with_fields => { uid => $user5->id, 'remove-staff' => 'remove-staff'} }); + $mech->content_lacks($user5->email); + $user5->discard_changes; + is $user5->from_body, undef, 'user5 has no body'; + is $user5->email_verified, 0, 'user5 email unverified'; + is $user5->user_roles->count, 0, 'no user5 roles'; +}; + subtest 'search does not show user from another council' => sub { FixMyStreet::override_config { ALLOWED_COBRANDS => [ 'oxfordshire' ], @@ -299,6 +346,7 @@ FixMyStreet::override_config { flagged => undef, is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, roles => $role->id, }, @@ -320,6 +368,7 @@ FixMyStreet::override_config { flagged => undef, is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, roles => $role->id, }, @@ -341,6 +390,7 @@ FixMyStreet::override_config { flagged => undef, is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, roles => $role->id, }, @@ -365,6 +415,7 @@ FixMyStreet::override_config { flagged => undef, is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, }, changes => { @@ -385,6 +436,7 @@ FixMyStreet::override_config { flagged => 'on', is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, }, changes => { @@ -394,7 +446,7 @@ FixMyStreet::override_config { log_entries => [qw/edit edit edit edit/], }, { - desc => 'edit user add is_superuser', + desc => 'edit user add is_superuser and assigned_categories_only', fields => { name => 'Changed User', email => 'changed@example.com', @@ -405,10 +457,12 @@ FixMyStreet::override_config { flagged => undef, is_superuser => undef, area_ids => undef, + assigned_categories_only => undef, %default_perms, }, changes => { is_superuser => 'on', + assigned_categories_only => 'on', }, removed => [ keys %default_perms, @@ -428,6 +482,7 @@ FixMyStreet::override_config { flagged => undef, is_superuser => 'on', area_ids => undef, + assigned_categories_only => 'on', }, changes => { is_superuser => undef, |