From 98ea64d926a23982b9cfb5b468be87f882268566 Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Tue, 8 Nov 2011 04:51:41 +1100
Subject: [PATCH] added a permissions unit test
 fixed group create to add owner user as a member

---
 gwvplib/gwvpdatabase.php         |   43 ++++++++++++++++++++-
 gwvplib/gwvpgitcontrol.php       |   41 +++++++++++++++++++-
 unittests/permissionunittest.php |   79 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 160 insertions(+), 3 deletions(-)
 create mode 100644 unittests/permissionunittest.php

diff --git a/gwvplib/gwvpdatabase.php b/gwvplib/gwvpdatabase.php
index 82533cb..22db79c 100644
--- a/gwvplib/gwvpdatabase.php
+++ b/gwvplib/gwvpdatabase.php
@@ -393,7 +393,15 @@ function gwvp_createGroup($group_name, $group_desc, $is_admin, $owner_id)
 	
 
 	$conn->query($sql);
-
+	
+	// add the owner to the group
+	$gid = gwvp_getGroupId($group_name);
+	
+	
+	error_log("calling addgroupmember with $owner_id, $gid");
+	gwvp_addGroupMemberById($owner_id, $gid);
+	
+	return true;
 }
 
 function gwvp_deleteGroup($groupname)
@@ -685,6 +693,22 @@ function gwvp_addGroupMember($email, $groupname)
 	return true;
 }
 
+function gwvp_IsGroupMemberById($uid, $gid)
+{
+	$conn = gwvp_ConnectDB();
+	
+	$sql = "select count(*) from group_membership where groupmember_userid='$uid' and groupmember_groupid='$gid'";
+
+	$res = $conn->query($sql);
+	$result = 0;
+	foreach($res as $u_res) {
+		$result = $u_res[0];
+	}
+
+	if($result == 0) return false;
+	if($result == 1) return true;
+}
+
 function gwvp_IsGroupMember($email, $groupname)
 {
 	$conn = gwvp_ConnectDB();
@@ -857,6 +881,23 @@ function gwvp_ModifyGroup($groupid, $groupname = null, $group_is_admin = null, $
 	return true;
 }
 
+function gwvp_GetRepoId($reponame)
+{
+	$conn = gwvp_ConnectDB();
+	
+	$sql = "select repos_id from repos where repos_name='$reponame'";
+	
+	$res = $conn->query($sql);
+	
+	$return = false;
+	foreach($res as $u_res) {
+		$return = $u_res["repos_id"];
+	}
+	
+	return $return;
+	
+}
+
 function gwvp_GetRepo($rid)
 {
 	$conn = gwvp_ConnectDB();
diff --git a/gwvplib/gwvpgitcontrol.php b/gwvplib/gwvpgitcontrol.php
index 6383f9e..d1b0699 100644
--- a/gwvplib/gwvpgitcontrol.php
+++ b/gwvplib/gwvpgitcontrol.php
@@ -379,12 +379,49 @@ function gwvp_resolvRepoPerms($userid, $repoid)
 	$usergroups = gwvp_getGroupsForUser(null, $userid);
 
 	$maxperm = 0;
-	foreach($repoperms as $perm) {
+	if($repoperms != false) foreach($repoperms as $perm) {
 		// need to go thru each perm, then check it agains the user we're trying to figure
 		// the perms on
+		switch($perm["type"]) {
+			case "read":
+				$permval = 2;
+				break;
+			case "visible":
+				$permval = 1;
+				break;
+			case "write":
+				$permval = 3;
+				break;
+			default:
+				$permval = 0;
+		}
 		
-		
+		// we only var if permval is greater then current
+		if($permval > $maxperm) {
+			//error_log("going into check for $maxperm/$permval, ".$perm["ref"]);
+			if($perm["ref"] == "anon") {
+				$maxperm = $permval;
+			} else if($perm["ref"] == "authed") {
+				$maxperm = $permval;
+			} else {
+				// now we do splits
+				$spl = explode(":", $perm["ref"]);
+				$idtype = $spl[0];
+				$idval = $spl[1];
+				if($idtype == "group") {
+					// function gwvp_IsGroupMember($email, $groupname)
+					if(gwvp_IsGroupMemberById($userid, $idval)) $maxperm = $permval;
+				} else if ($idtype == "user") {
+					//error_log("checking $userid, $idval");
+					if($userid == $idval) $maxperm = $permval;
+				}
+			}
+		}
 	}
+	
+	// thats TOTALLY going to work... -_0 we should really write a unit test for this, but thats a bit
+	// hard given the db req's so for now, we'll leave it as is
+	return $maxperm;
 }
 
 ?>
\ No newline at end of file
diff --git a/unittests/permissionunittest.php b/unittests/permissionunittest.php
new file mode 100644
index 0000000..ee180bf
--- /dev/null
+++ b/unittests/permissionunittest.php
@@ -0,0 +1,79 @@
+<?php
+$lib_base = "../gwvplib/";
+
+// initial http file
+$WEB_ROOT_FS = realpath(dirname(__FILE__));
+$BASE_URL = dirname($_SERVER["PHP_SELF"]);
+
+global $WEB_ROOT_FS, $BASE_URL, $repo_base, $data_directory, $db_type, $db_name, $db_username, $db_password;
+
+// add gwvplib as if it were a path in ../gwvplib
+if(file_exists($lib_base)) {
+	$path = realpath($lib_base);
+	set_include_path(get_include_path().PATH_SEPARATOR.$path);
+}
+
+require_once("gwvplib.php");
+global $db_type, $db_url;
+
+$db_type = "sqlite";
+$db_name = "/tmp/unittestdbperms.db";
+
+unlink($db_name);
+gwvp_dbCreateSQLiteStructure("$db_name");
+gwvp_ConnectDB();
+gwvp_setConfigVal("repodir", "/tmp");
+
+//gwvp_createUser($email, $fullname, $password, $username, $desc, $status);
+gwvp_createUser("a1@b.com", "full name1", "asdf", "user1", "asdf", 0);
+gwvp_createUser("a2@b.com", "full name2", "asdf", "user2", "asdf", 0);
+gwvp_createUser("a3@b.com", "full name3", "asdf", "user3", "asdf", 0);
+gwvp_createUser("a4@b.com", "full name4", "asdf", "user4", "asdf", 0);
+gwvp_createUser("a5@b.com", "full name5", "asdf", "user5", "asdf", 0);
+gwvp_createUser("a6@b.com", "full name6", "asdf", "user6", "asdf", 0);
+
+// gwvp_createGroup($group_name, $group_desc, $is_admin, $owner_id), gwvp_getUserId($useremail=null, $username = null)
+gwvp_createGroup("group1", "group1", true, gwvp_getUserId(null, "user1"));
+gwvp_createGroup("group2", "group2", true, gwvp_getUserId(null, "user2"));
+gwvp_createGroup("group3", "group3", false, gwvp_getUserId(null, "user3"));
+gwvp_createGroup("group4", "group4", false, gwvp_getUserId(null, "user4"));
+gwvp_createGroup("group5", "group5", false, gwvp_getUserId(null, "user5"));
+gwvp_createGroup("group6", "group6", false, gwvp_getUserId(null, "user6"));
+
+/*
+ * // 0 - anyone can clone/read, only owner can write
+// 1 - noone can clone/read, repo is visible (i.e. name), only owner can read/write repo
+// 2 - only owner can see anything
+function gwvp_createGitRepo($name, $ownerid, $desc, $bundle=null, $defaultperms=0)
+
+ */
+gwvp_createGitRepo("utrepo1", gwvp_getUserId(null, "user1"), "repo1", null, 2);
+gwvp_createGitRepo("utrepo2", gwvp_getUserId(null, "user2"), "repo1", null, 2);
+gwvp_createGitRepo("utrepo3", gwvp_getUserId(null, "user3"), "repo1", null, 2);
+gwvp_createGitRepo("utrepo4", gwvp_getUserId(null, "user4"), "repo1", null, 2);
+gwvp_createGitRepo("utrepo5", gwvp_getUserId(null, "user5"), "repo1", null, 2);
+gwvp_createGitRepo("utrepo6", gwvp_getUserId(null, "user6"), "repo1", null, 2);
+
+// now the fun part gwvp_addRepoPermission($repoid, $permtype, $permref)
+gwvp_addRepoPermission(gwvp_GetRepoId("utrepo1"), "write", "user:".gwvp_getUserId(null, "user3"));
+gwvp_addRepoPermission(gwvp_GetRepoId("utrepo2"), "read", "user:".gwvp_getUserId(null, "user3"));
+gwvp_addRepoPermission(gwvp_GetRepoId("utrepo4"), "visible", "user:".gwvp_getUserId(null, "user3"));
+
+// lets check user 1 gwvp_resolvRepoPerms($userid, $repoid)
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user3"), gwvp_GetRepoId("utrepo1"));
+echo "User3 pers to repo1 = $pers - should be 3\n";
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user3"), gwvp_GetRepoId("utrepo2"));
+echo "User3 pers to repo2 = $pers - should be 2\n";
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user3"), gwvp_GetRepoId("utrepo3"));
+echo "User3 pers to repo3 = $pers - should be 3 (owner)\n";
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user3"), gwvp_GetRepoId("utrepo4"));
+echo "User3 pers to repo4 = $pers - should be 1\n";
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user3"), gwvp_GetRepoId("utrepo5"));
+echo "User3 pers to repo5 = $pers - should be 0\n";
+
+$pers = gwvp_resolvRepoPerms(gwvp_getUserId(null, "user2"), gwvp_GetRepoId("utrepo5"));
+echo "User2 pers to repo5 = $pers - should be 3 (admin)\n";
+
+
+
+?>
\ No newline at end of file
-- 
1.7.0.4