mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 06:18:28 +01:00
MDL-69231 tests: Add role capability setting generator
This commit is contained in:
Andrew Nicols
Simey Lameze
parent
8c9282f5d6
commit
1a4303c9bc
@ -21,12 +21,15 @@ Feature: Edit capabilities
|
|||||||
|
|
||||||
Scenario: Default system capabilities modification
|
Scenario: Default system capabilities modification
|
||||||
Given I log in as "admin"
|
Given I log in as "admin"
|
||||||
And I set the following system permissions of "Teacher" role:
|
When I navigate to "Users > Permissions > Define roles" in site administration
|
||||||
|
And I click on "Edit Teacher role" "link"
|
||||||
|
And I fill the capabilities form with the following permissions:
|
||||||
| capability | permission |
|
| capability | permission |
|
||||||
| block/mnet_hosts:myaddinstance | Allow |
|
| block/mnet_hosts:myaddinstance | Allow |
|
||||||
| moodle/site:messageanyuser | Inherit |
|
| moodle/site:messageanyuser | Inherit |
|
||||||
| moodle/grade:managesharedforms | Prevent |
|
| moodle/grade:managesharedforms | Prevent |
|
||||||
| moodle/course:request | Prohibit |
|
| moodle/course:request | Prohibit |
|
||||||
|
And I press "Save changes"
|
||||||
When I follow "Edit Teacher role"
|
When I follow "Edit Teacher role"
|
||||||
Then "block/mnet_hosts:myaddinstance" capability has "Allow" permission
|
Then "block/mnet_hosts:myaddinstance" capability has "Allow" permission
|
||||||
And "moodle/site:messageanyuser" capability has "Not set" permission
|
And "moodle/site:messageanyuser" capability has "Not set" permission
|
||||||
|
|||||||
@ -156,6 +156,12 @@ class behat_core_generator extends behat_generator_base {
|
|||||||
'datagenerator' => 'role',
|
'datagenerator' => 'role',
|
||||||
'required' => ['shortname'],
|
'required' => ['shortname'],
|
||||||
],
|
],
|
||||||
|
'role capabilities' => [
|
||||||
|
'singular' => 'role capability',
|
||||||
|
'datagenerator' => 'role_capability',
|
||||||
|
'required' => ['role'],
|
||||||
|
'switchids' => ['role' => 'roleid'],
|
||||||
|
],
|
||||||
'grade categories' => [
|
'grade categories' => [
|
||||||
'singular' => 'grade category',
|
'singular' => 'grade category',
|
||||||
'datagenerator' => 'grade_category',
|
'datagenerator' => 'grade_category',
|
||||||
@ -724,6 +730,23 @@ class behat_core_generator extends behat_generator_base {
|
|||||||
$this->datagenerator->create_role($data);
|
$this->datagenerator->create_role($data);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Assign capabilities to a role.
|
||||||
|
*
|
||||||
|
* @param array $data
|
||||||
|
*/
|
||||||
|
protected function process_role_capability($data): void {
|
||||||
|
// We require the user to fill the role shortname.
|
||||||
|
if (empty($data['roleid'])) {
|
||||||
|
throw new Exception('\'role capability\' requires the field \'roleid\' to be specified');
|
||||||
|
}
|
||||||
|
|
||||||
|
$roleid = $data['roleid'];
|
||||||
|
unset($data['roleid']);
|
||||||
|
|
||||||
|
$this->datagenerator->create_role_capability($roleid, $data, \context_system::instance());
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds members to cohorts
|
* Adds members to cohorts
|
||||||
*
|
*
|
||||||
|
|||||||
@ -868,6 +868,48 @@ EOD;
|
|||||||
return $newroleid;
|
return $newroleid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set role capabilities for the specified role.
|
||||||
|
*
|
||||||
|
* @param int $roleid The Role to set capabilities for
|
||||||
|
* @param array $rolecapabilities The list of capability =>permission to set for this role
|
||||||
|
* @param context $context The context to apply this capability to
|
||||||
|
*/
|
||||||
|
public function create_role_capability(int $roleid, array $rolecapabilities, context $context = null): void {
|
||||||
|
// Map the capabilities into human-readable names.
|
||||||
|
$allpermissions = [
|
||||||
|
'inherit' => CAP_INHERIT,
|
||||||
|
'allow' => CAP_ALLOW,
|
||||||
|
'prevent' => CAP_PREVENT,
|
||||||
|
'prohibit' => CAP_PROHIBIT,
|
||||||
|
];
|
||||||
|
|
||||||
|
// Fetch all capabilities to check that they exist.
|
||||||
|
$allcapabilities = get_all_capabilities();
|
||||||
|
foreach ($rolecapabilities as $capability => $permission) {
|
||||||
|
if ($permission === '') {
|
||||||
|
// Allow items to be skipped.
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!array_key_exists($capability, $allcapabilities)) {
|
||||||
|
throw new \coding_exception("Unknown capability '{$capability}'");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!array_key_exists($permission, $allpermissions)) {
|
||||||
|
throw new \coding_exception("Unknown capability permissions '{$permission}'");
|
||||||
|
}
|
||||||
|
|
||||||
|
assign_capability(
|
||||||
|
$capability,
|
||||||
|
$allpermissions[$permission],
|
||||||
|
$roleid,
|
||||||
|
$context->id,
|
||||||
|
true
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a tag.
|
* Create a tag.
|
||||||
*
|
*
|
||||||
|
|||||||
@ -121,7 +121,7 @@ class behat_data_generators extends behat_base {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates the specified element.
|
* Creates the specified (singular) element.
|
||||||
*
|
*
|
||||||
* See the class comment for an overview.
|
* See the class comment for an overview.
|
||||||
*
|
*
|
||||||
|
|||||||
@ -47,22 +47,47 @@ class behat_permissions extends behat_base {
|
|||||||
* @param TableNode $table
|
* @param TableNode $table
|
||||||
*/
|
*/
|
||||||
public function i_set_the_following_system_permissions_of_role($rolename, $table) {
|
public function i_set_the_following_system_permissions_of_role($rolename, $table) {
|
||||||
|
// Applied in the System context.
|
||||||
|
$context = \context_system::instance();
|
||||||
|
|
||||||
$parentnodes = get_string('users', 'admin') . ' > ' .
|
// Translate the specified rolename into a role.
|
||||||
get_string('permissions', 'role');
|
$rolenames = role_get_names($context);
|
||||||
|
$matched = array_filter($rolenames, function($role) use ($rolename) {
|
||||||
|
return ($role->localname === $rolename) || ($role->shortname === $rolename) || ($role->description === $rolename);
|
||||||
|
});
|
||||||
|
|
||||||
// Go to home page.
|
if (count($matched) === 0) {
|
||||||
$this->execute("behat_general::i_am_on_homepage");
|
throw new ExpectationException("Unable to find a role with name '{$rolename}'", $this->getSession());
|
||||||
|
} else if (count($matched) > 1) {
|
||||||
|
throw new ExpectationException("Multiple roles matched '{$rolename}'", $this->getSession());
|
||||||
|
}
|
||||||
|
|
||||||
// Navigate to course management page via navigation block.
|
$role = reset($matched);
|
||||||
$this->execute("behat_navigation::i_navigate_to_in_site_administration",
|
|
||||||
array($parentnodes . ' > ' . get_string('defineroles', 'role'))
|
$permissionmap = [
|
||||||
|
get_string('inherit', 'role') => 'inherit',
|
||||||
|
get_string('allow', 'role') => 'allow',
|
||||||
|
get_string('prevent', 'role') => 'prevent',
|
||||||
|
get_string('prohibit', 'role') => 'prohibit',
|
||||||
|
];
|
||||||
|
|
||||||
|
$columns = ['role'];
|
||||||
|
$newtabledata = [$role->shortname];
|
||||||
|
foreach ($table as $data) {
|
||||||
|
$columns[] = $data['capability'];
|
||||||
|
$newtabledata[] = $permissionmap[$data['permission']];
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->execute(
|
||||||
|
'behat_data_generators::the_following_entities_exist',
|
||||||
|
[
|
||||||
|
'role capabilities',
|
||||||
|
new TableNode([
|
||||||
|
0 => $columns,
|
||||||
|
1 => $newtabledata,
|
||||||
|
])
|
||||||
|
]
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->execute("behat_general::click_link", "Edit " . $this->escape($rolename) . " role");
|
|
||||||
$this->execute("behat_permissions::i_fill_the_capabilities_form_with_the_following_permissions", $table);
|
|
||||||
|
|
||||||
$this->execute('behat_forms::press_button', get_string('savechanges'));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user