1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2023 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees; 21 22use Fisharebest\Webtrees\Contracts\UserInterface; 23use Fisharebest\Webtrees\Services\UserService; 24 25use function strip_tags; 26 27class Privacy extends TestCase 28{ 29 protected static bool $uses_database = true; 30 31 public function testRecordAccess(): void 32 { 33 $tree = $this->importTree('demo.ged'); 34 35 // Identify some individuals in the tree 36 $queen_elizabeth = Registry::individualFactory()->make('X1030', $tree); 37 self::assertInstanceOf(Individual::class, $queen_elizabeth); 38 self::assertSame('Queen Elizabeth II', strip_tags($queen_elizabeth->fullName())); 39 40 $prince_charles = Registry::individualFactory()->make('X1052', $tree); 41 self::assertInstanceOf(Individual::class, $prince_charles); 42 self::assertSame('Charles, Prince of Wales', strip_tags($prince_charles->fullName())); 43 44 $savannah = Registry::individualFactory()->make('X1044', $tree); 45 self::assertInstanceOf(Individual::class, $savannah); 46 self::assertSame('Savannah Anne Kathleen Phillips', strip_tags($savannah->fullName())); 47 48 $beatrice = Registry::individualFactory()->make('X1047', $tree); 49 self::assertInstanceOf(Individual::class, $beatrice); 50 self::assertSame('Princess Beatrice of York', strip_tags($beatrice->fullName())); 51 52 $user_service = new UserService(); 53 54 $admin = $user_service->create('admin', 'admin', 'admin', '*'); 55 $admin->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, '1'); 56 57 $manager = $user_service->create('manager', 'manager', 'manager', '*'); 58 $tree->setUserPreference($manager, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MANAGER); 59 60 $moderator = $user_service->create('moderator', 'moderator', 'moderator', '*'); 61 $tree->setUserPreference($moderator, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MODERATOR); 62 63 $editor = $user_service->create('editor', 'editor', 'editor', '*'); 64 $tree->setUserPreference($editor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_EDITOR); 65 66 $member = $user_service->create('member', 'member', 'member', '*'); 67 $tree->setUserPreference($member, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MEMBER); 68 69 $visitor = $user_service->create('visitor', 'visitor', 'visitor', '*'); 70 $tree->setUserPreference($visitor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_VISITOR); 71 72 // Enable privacy functions 73 $tree->setPreference('HIDE_LIVE_PEOPLE', '1'); 74 75 Auth::login($admin); 76 self::assertTrue(Auth::isAdmin(), 'admin isAdmin()'); 77 self::assertTrue(Auth::isManager($tree), 'admin isManager()'); 78 self::assertTrue(Auth::isModerator($tree), 'admin isModerator()'); 79 self::assertTrue(Auth::isEditor($tree), 'admin isEditor()'); 80 self::assertTrue(Auth::isMember($tree), 'admin isMember()'); 81 82 Auth::login($manager); 83 self::assertFalse(Auth::isAdmin(), 'manager NOT isAdmin()'); 84 self::assertTrue(Auth::isManager($tree, $manager), 'manager isManager()'); 85 self::assertTrue(Auth::isModerator($tree, $manager), 'manager isModerator()'); 86 self::assertTrue(Auth::isEditor($tree, $manager), 'manager isEditor()'); 87 self::assertTrue(Auth::isMember($tree, $manager), 'manager isMember()'); 88 89 Auth::login($moderator); 90 self::assertFalse(Auth::isAdmin(), 'moderator NOT isAdmin()'); 91 self::assertFalse(Auth::isManager($tree, $moderator), 'moderator NOT isManager()'); 92 self::assertTrue(Auth::isModerator($tree, $moderator), 'moderator isModerator()'); 93 self::assertTrue(Auth::isEditor($tree, $moderator), 'moderator isEditor()'); 94 self::assertTrue(Auth::isMember($tree, $moderator), 'moderator isMember()'); 95 96 Auth::login($editor); 97 self::assertFalse(Auth::isAdmin(), 'editor NOT isAdmin()'); 98 self::assertFalse(Auth::isManager($tree, $editor), 'editor NOT isManager()'); 99 self::assertFalse(Auth::isModerator($tree, $editor), 'editor isModerator()'); 100 self::assertTrue(Auth::isEditor($tree, $editor), 'editor isEditor()'); 101 self::assertTrue(Auth::isMember($tree, $editor), 'editor isMember()'); 102 103 Auth::login($member); 104 self::assertFalse(Auth::isAdmin(), 'member NOT isAdmin()'); 105 self::assertFalse(Auth::isManager($tree, $member), 'member NOT isManager()'); 106 self::assertFalse(Auth::isModerator($tree, $member), 'member isModerator()'); 107 self::assertFalse(Auth::isEditor($tree, $member), 'member isEditor()'); 108 self::assertTrue(Auth::isMember($tree, $member), 'member isMember()'); 109 110 Auth::login($visitor); 111 self::assertFalse(Auth::isAdmin(), 'visitor NOT isAdmin()'); 112 self::assertFalse(Auth::isManager($tree, $visitor), 'visitor NOT isManager()'); 113 self::assertFalse(Auth::isModerator($tree, $visitor), 'visitor isModerator()'); 114 self::assertFalse(Auth::isEditor($tree, $visitor), 'visitor isEditor()'); 115 self::assertFalse(Auth::isMember($tree, $visitor), 'visitor isMember()'); 116 117 Auth::logout(); 118 119 Auth::login($admin); 120 self::assertTrue($queen_elizabeth->canShow(), 'admin can see living individual with RESN=none'); 121 self::assertTrue($prince_charles->canShow(), 'admin can see living individual'); 122 123 Auth::login($manager); 124 self::assertTrue($queen_elizabeth->canShow(), 'manager can see living individual with RESN=none'); 125 self::assertTrue($prince_charles->canShow(), 'manager can see living individual'); 126 127 Auth::login($moderator); 128 self::assertTrue($queen_elizabeth->canShow(), 'moderator can see living individual with RESN=none'); 129 self::assertTrue($prince_charles->canShow(), 'moderator can see living individual'); 130 131 Auth::login($editor); 132 self::assertTrue($queen_elizabeth->canShow(), 'editor can see living individual with RESN=none'); 133 self::assertTrue($prince_charles->canShow(), 'editor can see living individual'); 134 135 Auth::login($member); 136 self::assertTrue($queen_elizabeth->canShow(), 'member can see living individual with RESN=none'); 137 self::assertTrue($prince_charles->canShow(), 'member can see living individual'); 138 139 Auth::login($visitor); 140 self::assertTrue($queen_elizabeth->canShow(), 'visitor can see living individual with RESN=none'); 141 self::assertFalse($prince_charles->canShow(), 'visitor can not see living individual'); 142 143 Auth::logout(); 144 self::assertTrue($queen_elizabeth->canShow(), 'guest can see living individual with RESN=none'); 145 self::assertFalse($prince_charles->canShow(), 'guest can not see living individual'); 146 147 // Relationship privacy 148 Auth::login($member); 149 self::assertTrue($beatrice->canShow()); 150 $tree->setUserPreference($member, UserInterface::PREF_TREE_ACCOUNT_XREF, $savannah->xref()); 151 $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '3'); 152 self::assertFalse($beatrice->canShow()); 153 $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '4'); 154 self::assertTrue($beatrice->canShow()); 155 } 156} 157