xref: /webtrees/tests/feature/Privacy.php (revision 6f59525087dd4ee1d17c7375524d95ace7942861)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees;
21
22use Fisharebest\Webtrees\Contracts\UserInterface;
23use Fisharebest\Webtrees\Services\UserService;
24
25use function strip_tags;
26
27/**
28 * Test the privacy logic
29 */
30class Privacy extends TestCase
31{
32    protected static bool $uses_database = true;
33
34    /**
35     * @return void
36     */
37    public function testRecordAccess(): void
38    {
39        $tree = $this->importTree('demo.ged');
40
41        // Identify some individuals in the tree
42        $queen_elizabeth = Registry::individualFactory()->make('X1030', $tree);
43        self::assertInstanceOf(Individual::class, $queen_elizabeth);
44        self::assertSame('Queen Elizabeth II', strip_tags($queen_elizabeth->fullName()));
45
46        $prince_charles = Registry::individualFactory()->make('X1052', $tree);
47        self::assertInstanceOf(Individual::class, $prince_charles);
48        self::assertSame('Charles, Prince of Wales', strip_tags($prince_charles->fullName()));
49
50        $savannah = Registry::individualFactory()->make('X1044', $tree);
51        self::assertInstanceOf(Individual::class, $savannah);
52        self::assertSame('Savannah Anne Kathleen Phillips', strip_tags($savannah->fullName()));
53
54        $beatrice = Registry::individualFactory()->make('X1047', $tree);
55        self::assertInstanceOf(Individual::class, $beatrice);
56        self::assertSame('Princess Beatrice of York', strip_tags($beatrice->fullName()));
57
58        $user_service = new UserService();
59
60        $admin = $user_service->create('admin', 'admin', 'admin', '*');
61        $admin->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, '1');
62
63        $manager = $user_service->create('manager', 'manager', 'manager', '*');
64        $tree->setUserPreference($manager, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MANAGER);
65
66        $moderator = $user_service->create('moderator', 'moderator', 'moderator', '*');
67        $tree->setUserPreference($moderator, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MODERATOR);
68
69        $editor = $user_service->create('editor', 'editor', 'editor', '*');
70        $tree->setUserPreference($editor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_EDITOR);
71
72        $member = $user_service->create('member', 'member', 'member', '*');
73        $tree->setUserPreference($member, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_MEMBER);
74
75        $visitor = $user_service->create('visitor', 'visitor', 'visitor', '*');
76        $tree->setUserPreference($visitor, UserInterface::PREF_TREE_ROLE, UserInterface::ROLE_VISITOR);
77
78        // Enable privacy functions
79        $tree->setPreference('HIDE_LIVE_PEOPLE', '1');
80
81        Auth::login($admin);
82        self::assertTrue(Auth::isAdmin(), 'admin isAdmin()');
83        self::assertTrue(Auth::isManager($tree), 'admin isManager()');
84        self::assertTrue(Auth::isModerator($tree), 'admin isModerator()');
85        self::assertTrue(Auth::isEditor($tree), 'admin isEditor()');
86        self::assertTrue(Auth::isMember($tree), 'admin isMember()');
87
88        Auth::login($manager);
89        self::assertFalse(Auth::isAdmin(), 'manager NOT isAdmin()');
90        self::assertTrue(Auth::isManager($tree, $manager), 'manager isManager()');
91        self::assertTrue(Auth::isModerator($tree, $manager), 'manager isModerator()');
92        self::assertTrue(Auth::isEditor($tree, $manager), 'manager isEditor()');
93        self::assertTrue(Auth::isMember($tree, $manager), 'manager isMember()');
94
95        Auth::login($moderator);
96        self::assertFalse(Auth::isAdmin(), 'moderator NOT isAdmin()');
97        self::assertFalse(Auth::isManager($tree, $moderator), 'moderator NOT isManager()');
98        self::assertTrue(Auth::isModerator($tree, $moderator), 'moderator isModerator()');
99        self::assertTrue(Auth::isEditor($tree, $moderator), 'moderator isEditor()');
100        self::assertTrue(Auth::isMember($tree, $moderator), 'moderator isMember()');
101
102        Auth::login($editor);
103        self::assertFalse(Auth::isAdmin(), 'editor NOT isAdmin()');
104        self::assertFalse(Auth::isManager($tree, $editor), 'editor NOT isManager()');
105        self::assertFalse(Auth::isModerator($tree, $editor), 'editor isModerator()');
106        self::assertTrue(Auth::isEditor($tree, $editor), 'editor isEditor()');
107        self::assertTrue(Auth::isMember($tree, $editor), 'editor isMember()');
108
109        Auth::login($member);
110        self::assertFalse(Auth::isAdmin(), 'member NOT isAdmin()');
111        self::assertFalse(Auth::isManager($tree, $member), 'member NOT isManager()');
112        self::assertFalse(Auth::isModerator($tree, $member), 'member isModerator()');
113        self::assertFalse(Auth::isEditor($tree, $member), 'member isEditor()');
114        self::assertTrue(Auth::isMember($tree, $member), 'member isMember()');
115
116        Auth::login($visitor);
117        self::assertFalse(Auth::isAdmin(), 'visitor NOT isAdmin()');
118        self::assertFalse(Auth::isManager($tree, $visitor), 'visitor NOT isManager()');
119        self::assertFalse(Auth::isModerator($tree, $visitor), 'visitor isModerator()');
120        self::assertFalse(Auth::isEditor($tree, $visitor), 'visitor isEditor()');
121        self::assertFalse(Auth::isMember($tree, $visitor), 'visitor isMember()');
122
123        Auth::logout();
124
125
126
127        Auth::login($admin);
128        self::assertTrue($queen_elizabeth->canShow(), 'admin can see living individual with RESN=none');
129        self::assertTrue($prince_charles->canShow(), 'admin can see living individual');
130
131        Auth::login($manager);
132        self::assertTrue($queen_elizabeth->canShow(), 'manager can see living individual with RESN=none');
133        self::assertTrue($prince_charles->canShow(), 'manager can see living individual');
134
135        Auth::login($moderator);
136        self::assertTrue($queen_elizabeth->canShow(), 'moderator can see living individual with RESN=none');
137        self::assertTrue($prince_charles->canShow(), 'moderator can see living individual');
138
139        Auth::login($editor);
140        self::assertTrue($queen_elizabeth->canShow(), 'editor can see living individual with RESN=none');
141        self::assertTrue($prince_charles->canShow(), 'editor can see living individual');
142
143        Auth::login($member);
144        self::assertTrue($queen_elizabeth->canShow(), 'member can see living individual with RESN=none');
145        self::assertTrue($prince_charles->canShow(), 'member can see living individual');
146
147        Auth::login($visitor);
148        self::assertTrue($queen_elizabeth->canShow(), 'visitor can see living individual with RESN=none');
149        self::assertFalse($prince_charles->canShow(), 'visitor can not see living individual');
150
151        Auth::logout();
152        self::assertTrue($queen_elizabeth->canShow(), 'guest can see living individual with RESN=none');
153        self::assertFalse($prince_charles->canShow(), 'guest can not see living individual');
154
155        // Relationship privacy
156        Auth::login($member);
157        self::assertTrue($beatrice->canShow());
158        $tree->setUserPreference($member, UserInterface::PREF_TREE_ACCOUNT_XREF, $savannah->xref());
159        $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '3');
160        self::assertFalse($beatrice->canShow());
161        $tree->setUserPreference($member, UserInterface::PREF_TREE_PATH_LENGTH, '4');
162        self::assertTrue($beatrice->canShow());
163    }
164}
165