1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2023 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees; 21 22use Fisharebest\Webtrees\Contracts\UserInterface; 23use Fisharebest\Webtrees\Services\UserService; 24 25use function strip_tags; 26 27 28class Privacy extends TestCase 29{ 30 protected static bool $uses_database = true; 31 32 public function testRecordAccess(): void 33 { 34 $tree = $this->importTree('demo.ged'); 35 36 // Identify some individuals in the tree 37 $queen_elizabeth = Registry::individualFactory()->make('X1030', $tree); 38 self::assertInstanceOf(Individual::class, $queen_elizabeth); 39 self::assertSame('Queen Elizabeth II', strip_tags($queen_elizabeth->fullName())); 40 41 $prince_charles = Registry::individualFactory()->make('X1052', $tree); 42 self::assertInstanceOf(Individual::class, $prince_charles); 43 self::assertSame('Charles, Prince of Wales', strip_tags($prince_charles->fullName())); 44 45 $savannah = Registry::individualFactory()->make('X1044', $tree); 46 self::assertInstanceOf(Individual::class, $savannah); 47 self::assertSame('Savannah Anne Kathleen Phillips', strip_tags($savannah->fullName())); 48 49 $beatrice = Registry::individualFactory()->make('X1047', $tree); 50 self::assertInstanceOf(Individual::class, $beatrice); 51 self::assertSame('Princess Beatrice of York', strip_tags($beatrice->fullName())); 52 53 $user_service = new UserService(); 54 55 $admin = $user_service->create('admin', 'admin', 'admin', '*'); 56 $admin->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, '1'); 57 58 $manager = $user_service->create('manager', 'manager', 'manager', '*'); 59 $tree->setUserPreference($manager, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MANAGER); 60 61 $moderator = $user_service->create('moderator', 'moderator', 'moderator', '*'); 62 $tree->setUserPreference($moderator, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MODERATOR); 63 64 $editor = $user_service->create('editor', 'editor', 'editor', '*'); 65 $tree->setUserPreference($editor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_EDITOR); 66 67 $member = $user_service->create('member', 'member', 'member', '*'); 68 $tree->setUserPreference($member, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MEMBER); 69 70 $visitor = $user_service->create('visitor', 'visitor', 'visitor', '*'); 71 $tree->setUserPreference($visitor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_VISITOR); 72 73 // Enable privacy functions 74 $tree->setPreference('HIDE_LIVE_PEOPLE', '1'); 75 76 Auth::login($admin); 77 self::assertTrue(Auth::isAdmin(), 'admin isAdmin()'); 78 self::assertTrue(Auth::isManager($tree), 'admin isManager()'); 79 self::assertTrue(Auth::isModerator($tree), 'admin isModerator()'); 80 self::assertTrue(Auth::isEditor($tree), 'admin isEditor()'); 81 self::assertTrue(Auth::isMember($tree), 'admin isMember()'); 82 83 Auth::login($manager); 84 self::assertFalse(Auth::isAdmin(), 'manager NOT isAdmin()'); 85 self::assertTrue(Auth::isManager($tree, $manager), 'manager isManager()'); 86 self::assertTrue(Auth::isModerator($tree, $manager), 'manager isModerator()'); 87 self::assertTrue(Auth::isEditor($tree, $manager), 'manager isEditor()'); 88 self::assertTrue(Auth::isMember($tree, $manager), 'manager isMember()'); 89 90 Auth::login($moderator); 91 self::assertFalse(Auth::isAdmin(), 'moderator NOT isAdmin()'); 92 self::assertFalse(Auth::isManager($tree, $moderator), 'moderator NOT isManager()'); 93 self::assertTrue(Auth::isModerator($tree, $moderator), 'moderator isModerator()'); 94 self::assertTrue(Auth::isEditor($tree, $moderator), 'moderator isEditor()'); 95 self::assertTrue(Auth::isMember($tree, $moderator), 'moderator isMember()'); 96 97 Auth::login($editor); 98 self::assertFalse(Auth::isAdmin(), 'editor NOT isAdmin()'); 99 self::assertFalse(Auth::isManager($tree, $editor), 'editor NOT isManager()'); 100 self::assertFalse(Auth::isModerator($tree, $editor), 'editor isModerator()'); 101 self::assertTrue(Auth::isEditor($tree, $editor), 'editor isEditor()'); 102 self::assertTrue(Auth::isMember($tree, $editor), 'editor isMember()'); 103 104 Auth::login($member); 105 self::assertFalse(Auth::isAdmin(), 'member NOT isAdmin()'); 106 self::assertFalse(Auth::isManager($tree, $member), 'member NOT isManager()'); 107 self::assertFalse(Auth::isModerator($tree, $member), 'member isModerator()'); 108 self::assertFalse(Auth::isEditor($tree, $member), 'member isEditor()'); 109 self::assertTrue(Auth::isMember($tree, $member), 'member isMember()'); 110 111 Auth::login($visitor); 112 self::assertFalse(Auth::isAdmin(), 'visitor NOT isAdmin()'); 113 self::assertFalse(Auth::isManager($tree, $visitor), 'visitor NOT isManager()'); 114 self::assertFalse(Auth::isModerator($tree, $visitor), 'visitor isModerator()'); 115 self::assertFalse(Auth::isEditor($tree, $visitor), 'visitor isEditor()'); 116 self::assertFalse(Auth::isMember($tree, $visitor), 'visitor isMember()'); 117 118 Auth::logout(); 119 120 121 122 Auth::login($admin); 123 self::assertTrue($queen_elizabeth->canShow(), 'admin can see living individual with RESN=none'); 124 self::assertTrue($prince_charles->canShow(), 'admin can see living individual'); 125 126 Auth::login($manager); 127 self::assertTrue($queen_elizabeth->canShow(), 'manager can see living individual with RESN=none'); 128 self::assertTrue($prince_charles->canShow(), 'manager can see living individual'); 129 130 Auth::login($moderator); 131 self::assertTrue($queen_elizabeth->canShow(), 'moderator can see living individual with RESN=none'); 132 self::assertTrue($prince_charles->canShow(), 'moderator can see living individual'); 133 134 Auth::login($editor); 135 self::assertTrue($queen_elizabeth->canShow(), 'editor can see living individual with RESN=none'); 136 self::assertTrue($prince_charles->canShow(), 'editor can see living individual'); 137 138 Auth::login($member); 139 self::assertTrue($queen_elizabeth->canShow(), 'member can see living individual with RESN=none'); 140 self::assertTrue($prince_charles->canShow(), 'member can see living individual'); 141 142 Auth::login($visitor); 143 self::assertTrue($queen_elizabeth->canShow(), 'visitor can see living individual with RESN=none'); 144 self::assertFalse($prince_charles->canShow(), 'visitor can not see living individual'); 145 146 Auth::logout(); 147 self::assertTrue($queen_elizabeth->canShow(), 'guest can see living individual with RESN=none'); 148 self::assertFalse($prince_charles->canShow(), 'guest can not see living individual'); 149 150 // Relationship privacy 151 Auth::login($member); 152 self::assertTrue($beatrice->canShow()); 153 $tree->setUserPreference($member, UserInterface::PREF_TREE_ACCOUNT_XREF, $savannah->xref()); 154 $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '3'); 155 self::assertFalse($beatrice->canShow()); 156 $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '4'); 157 self::assertTrue($beatrice->canShow()); 158 } 159} 160