xref: /webtrees/tests/feature/Privacy.php (revision ac17e2b58be34cf3c4b174b599b4777acc90012b)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2019 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees;
21
22use Fisharebest\Webtrees\Services\UserService;
23
24use function strip_tags;
25
26/**
27 * Test the privacy logic
28 */
29class Privacy extends TestCase
30{
31    protected static $uses_database = true;
32
33    /**
34     * @return void
35     */
36    public function testRecordAccess(): void
37    {
38        $tree = $this->importTree('demo.ged');
39
40        // Identify some individuals in the tree
41        $queen_elizabeth = Individual::getInstance('X1030', $tree);
42        $this->assertInstanceOf(Individual::class, $queen_elizabeth);
43        $this->assertSame('Queen Elizabeth II', strip_tags($queen_elizabeth->fullName()));
44
45        $prince_charles = Individual::getInstance('X1052', $tree);
46        $this->assertInstanceOf(Individual::class, $prince_charles);
47        $this->assertSame('Charles, Prince of Wales', strip_tags($prince_charles->fullName()));
48
49        $savannah = Individual::getInstance('X1044', $tree);
50        $this->assertInstanceOf(Individual::class, $savannah);
51        $this->assertSame('Savannah Anne Kathleen Phillips', strip_tags($savannah->fullName()));
52
53        $beatrice = Individual::getInstance('X1047', $tree);
54        $this->assertInstanceOf(Individual::class, $beatrice);
55        $this->assertSame('Princess Beatrice of York', strip_tags($beatrice->fullName()));
56
57        $user_service = new UserService();
58
59        $admin = $user_service->create('admin', 'admin', 'admin', '*');
60        $admin->setPreference(User::PREF_IS_ADMINISTRATOR, '1');
61
62        $manager = $user_service->create('manager', 'manager', 'manager', '*');
63        $tree->setUserPreference($manager, User::PREF_TREE_ROLE, User::ROLE_MANAGER);
64
65        $moderator = $user_service->create('moderator', 'moderator', 'moderator', '*');
66        $tree->setUserPreference($moderator, User::PREF_TREE_ROLE, User::ROLE_MODERATOR);
67
68        $editor = $user_service->create('editor', 'editor', 'editor', '*');
69        $tree->setUserPreference($editor, User::PREF_TREE_ROLE, User::ROLE_EDITOR);
70
71        $member = $user_service->create('member', 'member', 'member', '*');
72        $tree->setUserPreference($member, User::PREF_TREE_ROLE, User::ROLE_MEMBER);
73
74        $visitor = $user_service->create('visitor', 'visitor', 'visitor', '*');
75        $tree->setUserPreference($visitor, User::PREF_TREE_ROLE, User::ROLE_VISITOR);
76
77        // Enable privacy functions
78        $tree->setPreference('HIDE_LIVE_PEOPLE', '1');
79
80        Auth::login($admin);
81        $this->assertTrue(Auth::isAdmin(), 'admin isAdmin()');
82        $this->assertTrue(Auth::isManager($tree), 'admin isManager()');
83        $this->assertTrue(Auth::isModerator($tree), 'admin isModerator()');
84        $this->assertTrue(Auth::isEditor($tree), 'admin isEditor()');
85        $this->assertTrue(Auth::isMember($tree), 'admin isMember()');
86
87        Auth::login($manager);
88        $this->assertFalse(Auth::isAdmin(), 'manager NOT isAdmin()');
89        $this->assertTrue(Auth::isManager($tree, $manager), 'manager isManager()');
90        $this->assertTrue(Auth::isModerator($tree, $manager), 'manager isModerator()');
91        $this->assertTrue(Auth::isEditor($tree, $manager), 'manager isEditor()');
92        $this->assertTrue(Auth::isMember($tree, $manager), 'manager isMember()');
93
94        Auth::login($moderator);
95        $this->assertFalse(Auth::isAdmin(), 'moderator NOT isAdmin()');
96        $this->assertFalse(Auth::isManager($tree, $moderator), 'moderator NOT isManager()');
97        $this->assertTrue(Auth::isModerator($tree, $moderator), 'moderator isModerator()');
98        $this->assertTrue(Auth::isEditor($tree, $moderator), 'moderator isEditor()');
99        $this->assertTrue(Auth::isMember($tree, $moderator), 'moderator isMember()');
100
101        Auth::login($editor);
102        $this->assertFalse(Auth::isAdmin(), 'editor NOT isAdmin()');
103        $this->assertFalse(Auth::isManager($tree, $editor), 'editor NOT isManager()');
104        $this->assertFalse(Auth::isModerator($tree, $editor), 'editor isModerator()');
105        $this->assertTrue(Auth::isEditor($tree, $editor), 'editor isEditor()');
106        $this->assertTrue(Auth::isMember($tree, $editor), 'editor isMember()');
107
108        Auth::login($member);
109        $this->assertFalse(Auth::isAdmin(), 'member NOT isAdmin()');
110        $this->assertFalse(Auth::isManager($tree, $member), 'member NOT isManager()');
111        $this->assertFalse(Auth::isModerator($tree, $member), 'member isModerator()');
112        $this->assertFalse(Auth::isEditor($tree, $member), 'member isEditor()');
113        $this->assertTrue(Auth::isMember($tree, $member), 'member isMember()');
114
115        Auth::login($visitor);
116        $this->assertFalse(Auth::isAdmin(), 'visitor NOT isAdmin()');
117        $this->assertFalse(Auth::isManager($tree, $visitor), 'visitor NOT isManager()');
118        $this->assertFalse(Auth::isModerator($tree, $visitor), 'visitor isModerator()');
119        $this->assertFalse(Auth::isEditor($tree, $visitor), 'visitor isEditor()');
120        $this->assertFalse(Auth::isMember($tree, $visitor), 'visitor isMember()');
121
122        Auth::logout();
123
124
125
126        Auth::login($admin);
127        $this->assertTrue($queen_elizabeth->canShow(), 'admin can see living individual with RESN=none');
128        $this->assertTrue($prince_charles->canShow(), 'admin can see living individual');
129
130        Auth::login($manager);
131        $this->assertTrue($queen_elizabeth->canShow(), 'manager can see living individual with RESN=none');
132        $this->assertTrue($prince_charles->canShow(), 'manager can see living individual');
133
134        Auth::login($moderator);
135        $this->assertTrue($queen_elizabeth->canShow(), 'moderator can see living individual with RESN=none');
136        $this->assertTrue($prince_charles->canShow(), 'moderator can see living individual');
137
138        Auth::login($editor);
139        $this->assertTrue($queen_elizabeth->canShow(), 'editor can see living individual with RESN=none');
140        $this->assertTrue($prince_charles->canShow(), 'editor can see living individual');
141
142        Auth::login($member);
143        $this->assertTrue($queen_elizabeth->canShow(), 'member can see living individual with RESN=none');
144        $this->assertTrue($prince_charles->canShow(), 'member can see living individual');
145
146        Auth::login($visitor);
147        $this->assertTrue($queen_elizabeth->canShow(), 'visitor can see living individual with RESN=none');
148        $this->assertFalse($prince_charles->canShow(), 'visitor can not see living individual');
149
150        Auth::logout();
151        $this->assertTrue($queen_elizabeth->canShow(), 'guest can see living individual with RESN=none');
152        $this->assertFalse($prince_charles->canShow(), 'guest can not see living individual');
153
154        // Relationship privacy
155        Auth::login($member);
156        $this->assertTrue($beatrice->canShow());
157        $tree->setUserPreference($member, User::PREF_TREE_ACCOUNT_XREF, $savannah->xref());
158        $tree->setUserPreference($member, User::PREF_TREE_PATH_LENGTH, '3');
159        $this->assertFalse($beatrice->canShow());
160        $tree->setUserPreference($member, User::PREF_TREE_PATH_LENGTH, '4');
161        $this->assertTrue($beatrice->canShow());
162    }
163}
164