PageRenderTime 48ms CodeModel.GetById 19ms RepoModel.GetById 1ms app.codeStats 0ms

/lib/common/authorizeTest.php

https://bitbucket.org/wildanm/orangehrm
PHP | 338 lines | 214 code | 60 blank | 64 comment | 1 complexity | 7100da26d539d8b0aca7289f52c65f17 MD5 | raw file
Possible License(s): CC-BY-SA-3.0, AGPL-3.0, BSD-3-Clause, AGPL-1.0, GPL-2.0, LGPL-2.1, LGPL-3.0 
    

  1. <?php

    2. 

  2. /**

    3. 

  3.  * OrangeHRM is a comprehensive Human Resource Management (HRM) System that captures

    4. 

  4.  * all the essential functionalities required for any enterprise.

    5. 

  5.  * Copyright (C) 2006 OrangeHRM Inc., http://www.orangehrm.com

    6. 

  6.  *

    7. 

  7.  * OrangeHRM is free software; you can redistribute it and/or modify it under the terms of

    8. 

  8.  * the GNU General Public License as published by the Free Software Foundation; either

    9. 

  9.  * version 2 of the License, or (at your option) any later version.

    10. 

  10.  *

    11. 

  11.  * OrangeHRM is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;

    12. 

  12.  * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

    13. 

  13.  * See the GNU General Public License for more details.

    14. 

  14.  *

    15. 

  15.  * You should have received a copy of the GNU General Public License along with this program;

    16. 

  16.  * if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,

    17. 

  17.  * Boston, MA  02110-1301, USA

    18. 

  18.  *

    19. 

  19.  */

    20. 

  20. 

    21. 

  21. 

    22. 

  22. // Call authorizeTest::main() if this source file is executed directly.

    23. 

  23. if (!defined("PHPUnit_MAIN_METHOD")) {

    24. 

  24.     define("PHPUnit_MAIN_METHOD", "authorizeTest::main");

    25. 

  25. }

    26. 

  26. 

    27. 

  27. require_once "PHPUnit/Framework/TestCase.php";

    28. 

  28. require_once "PHPUnit/Framework/TestSuite.php";

    29. 

  29. 

    30. 

  30. require_once "testConf.php";

    31. 

  31. 

    32. 

  32. $_SESSION['WPATH'] = WPATH;

    33. 

  33. 

    34. 

  34. require_once "authorize.php";

    35. 

  35. require_once ROOT_PATH."/lib/confs/Conf.php";

    36. 

  36. 

    37. 

  37. /**

    38. 

  38.  * Test class for authorize.

    39. 

  39.  * Generated by PHPUnit_Util_Skeleton on 2006-11-02 at 10:06:38.

    40. 

  40.  */

    41. 

  41. class authorizeTest extends PHPUnit_Framework_TestCase {

    42. 

  42. 

    43. 

  43. 	public $authorizeObj = null;

    44. 

  44. 	public $connection = null;

    45. 

  45. 	public $testSubject = array('employeeId' => "012", 'isAdmin' => "Yes");

    46. 

  46. 

    47. 

  47. 	/**

    48. 

  48.      * Runs the test methods of this class.

    49. 

  49.      *

    50. 

  50.      * @access public

    51. 

  51.      * @static

    52. 

  52.      */

    53. 

  53.     public static function main() {

    54. 

  54.         require_once "PHPUnit/TextUI/TestRunner.php";

    55. 

  55. 

    56. 

  56.         $suite  = new PHPUnit_Framework_TestSuite("authorizeTest");

    57. 

  57.         $result = PHPUnit_TextUI_TestRunner::run($suite);

    58. 

  58.     }

    59. 

  59. 

    60. 

  60.     /**

    61. 

  61.      * Sets up the fixture, for example, open a network connection.

    62. 

  62.      * This method is called before a test is executed.

    63. 

  63.      *

    64. 

  64.      * @access protected

    65. 

  65.      */

    66. 

  66.     protected function setUp() {

    67. 

  67.     	$this->authorizeObj = new authorize($this->testSubject['employeeId'], $this->testSubject['isAdmin']);

    68. 

  68. 

    69. 

  69.     	$conf = new Conf();

    70. 

  70. 

    71. 

  71.     	$this->connection = mysql_connect($conf->dbhost.":".$conf->dbport, $conf->dbuser, $conf->dbpass);

    72. 

  72. 

    73. 

  73.         mysql_select_db($conf->dbname);

    74. 

  74. 

    75. 

  75.     	$this->_deleteTestData();

    76. 

  76. 

    77. 

  77.         // Insert job titles

    78. 

  78.         $this->_runQuery("INSERT INTO hs_hr_job_title(jobtit_code, jobtit_name, jobtit_desc, jobtit_comm, sal_grd_code) " .

    79. 

  79.                 "VALUES('JOB001', 'Manager', 'Manager job title', 'no comments', null)");

    80. 

  80.         $this->_runQuery("INSERT INTO hs_hr_job_title(jobtit_code, jobtit_name, jobtit_desc, jobtit_comm, sal_grd_code) " .

    81. 

  81.                 "VALUES('JOB002', 'Driver', 'Driver job title', 'no comments', null)");

    82. 

  82.         $this->_runQuery("INSERT INTO hs_hr_job_title(jobtit_code, jobtit_name, jobtit_desc, jobtit_comm, sal_grd_code) " .

    83. 

  83.                 "VALUES('JOB003', 'Director', 'Director job title', 'no comments', null)");

    84. 

  84. 

    85. 

  85.     	$this->_runQuery("INSERT INTO `hs_hr_employee`(emp_number, employee_id, emp_lastname, emp_firstname, emp_nick_name, coun_code) " .

    86. 

  86. 				"VALUES (11, NULL, 'Arnold', 'Subasinghe', 'Arnold', 'AF')");

    87. 

  87. 		$this->_runQuery("INSERT INTO `hs_hr_employee`(emp_number, employee_id, emp_lastname, emp_firstname, emp_middle_name, emp_nick_name) " .

    88. 

  88. 				"VALUES (12, NULL, 'Mohanjith', 'Sudirikku', 'Hannadige', 'MOHA')");

    89. 

  89. 

    90. 

  90.         // employees with job titles

    91. 

  91.         // Driver

    92. 

  92.         $this->_runQuery("INSERT INTO hs_hr_employee(emp_number, employee_id, emp_lastname, emp_firstname, emp_middle_name, job_title_code, emp_work_email) " .

    93. 

  93.                     "VALUES(13, '0013', 'Rajasinghe', 'Saman', 'Marlon', 'JOB002', 'aruna@company.com')");

    94. 

  94.         // Manager

    95. 

  95.         $this->_runQuery("INSERT INTO hs_hr_employee(emp_number, employee_id, emp_lastname, emp_firstname, emp_middle_name, job_title_code, emp_work_email) " .

    96. 

  96.                     "VALUES(14, '0014', 'Jayasinghe', 'Aruna', 'Shantha', 'JOB001', 'arnold@mydomain.com')");

    97. 

  97.         // Insert director

    98. 

  98.         $this->_runQuery("INSERT INTO hs_hr_employee(emp_number, employee_id, emp_lastname, emp_firstname, emp_middle_name, job_title_code, emp_work_email) " .

    99. 

  99.                     "VALUES(15, '0032', 'Samuel', 'John', 'A', 'JOB003', 'mohanjith@mydomain.com')");

    100. 

  100. 

    101. 

  101. 		mysql_query("INSERT INTO `hs_hr_emp_reportto` VALUES ('012', '011', 1);");

    102. 

  102. 

    103. 

  103.         mysql_query("INSERT INTO hs_hr_customer(customer_id, name, description, deleted) " .

    104. 

  104.         			"VALUES(1, 'Test customer', 'description', 0)");

    105. 

  105.         mysql_query("INSERT INTO hs_hr_project(project_id, customer_id, name, description, deleted) " .

    106. 

  106.         			"VALUES(1, 1, 'Test project 1', 'a test proj 1', 0)");

    107. 

  107.         mysql_query("INSERT INTO hs_hr_project(project_id, customer_id, name, description, deleted) " .

    108. 

  108.         			"VALUES(2, 1, 'Test project 2', 'a test proj 2', 0)");

    109. 

  109.     }

    110. 

  110. 

    111. 

  111.     /**

    112. 

  112.      * Tears down the fixture, for example, close a network connection.

    113. 

  113.      * This method is called after a test is executed.

    114. 

  114.      *

    115. 

  115.      * @access protected

    116. 

  116.      */

    117. 

  117.     protected function tearDown() {

    118. 

  118.     	$this->_deleteTestData();

    119. 

  119.     }

    120. 

  120. 

    121. 

  121. 	/**

    122. 

  122. 	 * Deletes test data created during test

    123. 

  123. 	 */

    124. 

  124. 	private function _deleteTestData() {

    125. 

  125. 		mysql_query("TRUNCATE TABLE `hs_hr_project`", $this->connection);

    126. 

  126.         mysql_query("TRUNCATE TABLE `hs_hr_project_admin`", $this->connection);

    127. 

  127. 		mysql_query("TRUNCATE TABLE `hs_hr_customer`", $this->connection);

    128. 

  128. 

    129. 

  129.     	mysql_query("DELETE FROM `hs_hr_employee` WHERE `emp_number` in (11, 12, 13, 14, 15)", $this->connection);

    130. 

  130. 

    131. 

  131.     	mysql_query("DELETE FROM `hs_hr_emp_reportto` WHERE `erep_sup_emp_number` = '012' AND `erep_sub_emp_number` = '011'", $this->connection);

    132. 

  132.         $this->_runQuery("TRUNCATE TABLE `hs_hr_job_title`");

    133. 

  133. 	}

    134. 

  134. 

    135. 

  135. 	/**

    136. 

  136. 	 * Run given sql query

    137. 

  137. 	 */

    138. 

  138. 	private function _runQuery($sql) {

    139. 

  139. 	    $this->assertTrue(mysql_query($sql), mysql_error());

    140. 

  140.     }

    141. 

  141. 

    142. 

  142.     public function testIsAdmin() {

    143. 

  143.     	$authObj = new authorize($this->testSubject['employeeId'], 'No');

    144. 

  144. 

    145. 

  145.     	$res = $authObj->isAdmin();

    146. 

  146. 

    147. 

  147.         $this->assertEquals($res, false, "Non admin an Admin");

    148. 

  148.     }

    149. 

  149. 

    150. 

  150.     public function testIsAdmin2() {

    151. 

  151.         $res = $this->authorizeObj->isAdmin();

    152. 

  152. 

    153. 

  153.         $this->assertEquals($res, true, "Admin not an Admin");

    154. 

  154.     }

    155. 

  155. 

    156. 

  156.     public function testIsSupervisor() {

    157. 

  157.         $authObj = new authorize("041", 'Yes');

    158. 

  158. 

    159. 

  159.     	$res = $authObj->isSupervisor();

    160. 

  160. 

    161. 

  161.         $this->assertEquals($res, false, "non Supervisor an Supervisor");

    162. 

  162.     }

    163. 

  163. 

    164. 

  164.     public function testIsSupervisor2() {

    165. 

  165.     	$this->authorizeObj = new authorize($this->testSubject['employeeId'], $this->testSubject['isAdmin']);

    166. 

  166.         $res = $this->authorizeObj->isSupervisor();

    167. 

  167. 

    168. 

  168.         $this->assertEquals($res, true, "Supervisor not an Supervisor");

    169. 

  169.     }

    170. 

  170. 

    171. 

  171.     /**

    172. 

  172.      * Test case for isManager function

    173. 

  173.      */

    174. 

  174.     public function testIsManager() {

    175. 

  175.         // driver

    176. 

  176.         $authObj = new authorize('013', 'No');

    177. 

  177.         $this->assertFalse($authObj->isManager());

    178. 

  178. 

    179. 

  179.         $authObj = new authorize('013', 'Yes');

    180. 

  180.         $this->assertFalse($authObj->isManager());

    181. 

  181. 

    182. 

  182.         // manager

    183. 

  183.         $authObj = new authorize('014', 'No');

    184. 

  184.         $this->assertTrue($authObj->isManager());

    185. 

  185. 

    186. 

  186.         $authObj = new authorize('014', 'Yes');

    187. 

  187.         $this->assertTrue($authObj->isManager());

    188. 

  188. 

    189. 

  189.         // director

    190. 

  190.         $authObj = new authorize('015', 'No');

    191. 

  191.         $this->assertFalse($authObj->isManager());

    192. 

  192. 

    193. 

  193.         $authObj = new authorize('015', 'Yes');

    194. 

  194.         $this->assertFalse($authObj->isManager());

    195. 

  195.     }

    196. 

  196. 

    197. 

  197.     /**

    198. 

  198.      * Test case for isDirector function

    199. 

  199.      */

    200. 

  200.     public function testIsDirector() {

    201. 

  201.         // driver

    202. 

  202.         $authObj = new authorize('013', 'No');

    203. 

  203.         $this->assertFalse($authObj->isDirector());

    204. 

  204. 

    205. 

  205.         $authObj = new authorize('013', 'Yes');

    206. 

  206.         $this->assertFalse($authObj->isDirector());

    207. 

  207. 

    208. 

  208.         // manager

    209. 

  209.         $authObj = new authorize('014', 'No');

    210. 

  210.         $this->assertFalse($authObj->isDirector());

    211. 

  211. 

    212. 

  212.         $authObj = new authorize('014', 'Yes');

    213. 

  213.         $this->assertFalse($authObj->isDirector());

    214. 

  214. 

    215. 

  215.         // director

    216. 

  216.         $authObj = new authorize('015', 'No');

    217. 

  217.         $this->assertTrue($authObj->isDirector());

    218. 

  218. 

    219. 

  219.         $authObj = new authorize('015', 'Yes');

    220. 

  220.         $this->assertTrue($authObj->isDirector());

    221. 

  221.     }

    222. 

  222. 

    223. 

  223.     public function testIsESS() {

    224. 

  224.         $authObj = new authorize("", 'Yes');

    225. 

  225. 

    226. 

  226.     	$res = $authObj->isESS();

    227. 

  227. 

    228. 

  228.         $this->assertEquals($res, false, "ESS not an ESS");

    229. 

  229.     }

    230. 

  230. 

    231. 

  231.     public function testIsESS2() {

    232. 

  232.         $res = $this->authorizeObj->isESS();

    233. 

  233. 

    234. 

  234.         $this->assertEquals($res, true, "ESS not an ESS");

    235. 

  235.     }

    236. 

  236. 

    237. 

  237.     public function testIsTheSupervisor() {

    238. 

  238.     	$res = $this->authorizeObj->isTheSupervisor("051");

    239. 

  239. 

    240. 

  240.     	$this->assertEquals($res, false, "The supervisor of unknown employee");

    241. 

  241.     }

    242. 

  242. 

    243. 

  243.     public function testIsTheSupervisor2() {

    244. 

  244.     	$res = $this->authorizeObj->isTheSupervisor("011");

    245. 

  245. 

    246. 

  246.     	$this->assertEquals($res, true, "The supervisor of unknown emplyee");

    247. 

  247.     }

    248. 

  248. 

    249. 

  249.     public function testFirstRole() {

    250. 

  250.     	$authObj = new authorize("041", 'No');

    251. 

  251.     	$roleArr = array($authObj->roleAdmin, $authObj->roleSupervisor);

    252. 

  252.         $res = $authObj->firstRole($roleArr);

    253. 

  253. 

    254. 

  254.         $this->assertEquals($res, false, "Didn't return the first");

    255. 

  255.     }

    256. 

  256. 

    257. 

  257.     public function testFirstRole2() {

    258. 

  258.     	$authObj = new authorize($this->testSubject['employeeId'], 'No');

    259. 

  259.     	$roleArr = array($authObj->roleAdmin, $authObj->roleSupervisor);

    260. 

  260.         $res = $authObj->firstRole($roleArr);

    261. 

  261. 

    262. 

  262.         $this->assertEquals($res, $authObj->roleSupervisor, "Didn't return the first");

    263. 

  263.     }

    264. 

  264. 

    265. 

  265.     public function testFirstRole3() {

    266. 

  266.     	$authObj = $this->authorizeObj;

    267. 

  267.     	$roleArr = array($authObj->roleAdmin, $authObj->roleSupervisor);

    268. 

  268.         $res = $authObj->firstRole($roleArr);

    269. 

  269. 

    270. 

  270.         $this->assertEquals($res, $roleArr[0], "Didn't return the first");

    271. 

  271.     }

    272. 

  272. 

    273. 

  273. 	/**

    274. 

  274. 	 * Test case of isProjectAdmin() method

    275. 

  275. 	 */

    276. 

  276.     public function testIsProjectAdmin() {

    277. 

  277.     	$authObj = new authorize("012", 'No');

    278. 

  278.         $this->assertFalse($authObj->isProjectAdmin(), "Not a project admin");

    279. 

  279.         $this->assertTrue(mysql_query("INSERT INTO hs_hr_project_admin(emp_number, project_id) " .

    280. 

  280.         			"VALUES(12, 1)"));

    281. 

  281. 

    282. 

  282. 		$authObj = new authorize("012", 'No');

    283. 

  283. 		$this->assertTrue($authObj->isProjectAdmin(), "Project admin not identified.");

    284. 

  284. 

    285. 

  285.     }

    286. 

  286. 

    287. 

  287. 	/**

    288. 

  288. 	 * Test case of isProjectAdminOf() method

    289. 

  289. 	 */

    290. 

  290.     public function testIsProjectAdminOf() {

    291. 

  291. 

    292. 

  292.     	$authObj = new authorize("012", 'No');

    293. 

  293.     	$this->assertFalse($authObj->isProjectAdminOf(1), "Not a project admin");

    294. 

  294.         mysql_query("INSERT INTO hs_hr_project_admin(emp_number, project_id) " .

    295. 

  295.         			"VALUES(12, 1)");

    296. 

  296. 

    297. 

  297. 		$authObj = new authorize("012", 'No');

    298. 

  298.     	$this->assertTrue($authObj->isProjectAdminOf(1), "Employee is an admin of project 1");

    299. 

  299.     	$this->assertFalse($authObj->isProjectAdminOf(2), "Employee is not an admin of project 2");

    300. 

  300.     }

    301. 

  301.     

    302. 

  302.     public function testIsActionPermitted() {

    303. 

  303.         

    304. 

  304.        // Admin

    305. 

  305.        $this->assertTrue($this->authorizeObj->isActionPermitted('TCP'), 'Admin should be permitted all actions');

    306. 

  306.        $this->assertTrue($this->authorizeObj->isActionPermitted('TAX'), 'Admin should be permitted all actions');

    307. 

  307.        

    308. 

  308.        // Supervisor 

    309. 

  309.        $authObj = new authorize('012', 'No');

    310. 

  310.        $this->assertTrue($authObj->isActionPermitted('TCP'), 'Supervisor should be permitted action TCP');

    311. 

  311.        $this->assertTrue($authObj->isActionPermitted('CST'), 'Supervisor should be permitted action CST');

    312. 

  312.        $this->assertFalse($authObj->isActionPermitted('TAX'), 'Supervisor should not be permitted action TAX');

    313. 

  313.        

    314. 

  314.        // Project Admin

    315. 

  315.        $query = "INSERT INTO hs_hr_project_admin (project_id, emp_number) VALUES(1, 11)";

    316. 

  316.        $this->assertTrue(mysql_query($query), mysql_error());

    317. 

  317.        $authObj = new authorize('011', 'No');

    318. 

  318.        

    319. 

  319.        $this->assertTrue($authObj->isActionPermitted('PAC'), 'Project Admin should be permitted action PAC');

    320. 

  320.        $this->assertFalse($authObj->isActionPermitted('TAX'), 'Project Admin should not be permitted action TAX'); 

    321. 

  321.        

    322. 

  322.        $query = "DELETE FROM hs_hr_project_admin WHERE project_id = 1 AND emp_number = 11";

    323. 

  323.        $this->assertTrue(mysql_query($query), mysql_error());

    324. 

  324.        

    325. 

  325.        // ESS User

    326. 

  326.        $authObj = new authorize('011', 'No');

    327. 

  327.        $this->assertFalse($authObj->isActionPermitted('TCP'), 'ESS User should not be permitted action TCP');

    328. 

  328.        $this->assertFalse($authObj->isActionPermitted('TAX'), 'ESS User should not be permitted action TAX');        

    329. 

  329.         

    330. 

  330.     }

    331. 

  331. 

    332. 

  332. }

    333. 

  333. 

    334. 

  334. // Call authorizeTest::main() if this source file is executed directly.

    335. 

  335. if (PHPUnit_MAIN_METHOD == "authorizeTest::main") {

    336. 

  336.     authorizeTest::main();

    337. 

  337. }

    338. 

  338. ?>

    339. 

  339.