mirror of
https://github.com/moodle/moodle.git
synced 2025-01-17 21:49:15 +01:00
MDL-63533 core_webservice: Unit tests for removal of context users
This issue is part of the MDL-62560 Epic.
This commit is contained in:
Mihail Geshoski
David Monllao
parent
9960e8694d
commit
bb65ee165c
@ -32,6 +32,7 @@ use core_privacy\local\request\approved_contextlist;
|
||||
use core_privacy\local\request\transform;
|
||||
use core_privacy\local\request\writer;
|
||||
use core_webservice\privacy\provider;
|
||||
use core_privacy\local\request\approved_userlist;
|
||||
|
||||
require_once($CFG->dirroot . '/webservice/lib.php');
|
||||
|
||||
@ -229,6 +230,188 @@ class core_webservice_privacy_testcase extends provider_testcase {
|
||||
$this->assertEmpty($data);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that only users with a user context are fetched.
|
||||
*/
|
||||
public function test_get_users_in_context() {
|
||||
|
||||
$component = 'core_webservice';
|
||||
// Create user u1.
|
||||
$u1 = $this->getDataGenerator()->create_user();
|
||||
$u1ctx = context_user::instance($u1->id);
|
||||
// Create user u2.
|
||||
$u2 = $this->getDataGenerator()->create_user();
|
||||
$u2ctx = context_user::instance($u2->id);
|
||||
// Create user u3.
|
||||
$u3 = $this->getDataGenerator()->create_user();
|
||||
$u3ctx = context_user::instance($u3->id);
|
||||
// Create user u4.
|
||||
$u4 = $this->getDataGenerator()->create_user();
|
||||
$u4ctx = context_user::instance($u4->id);
|
||||
// Create user u5.
|
||||
$u5 = $this->getDataGenerator()->create_user();
|
||||
$u5ctx = context_user::instance($u5->id);
|
||||
|
||||
// The lists of users for each user context ($u1ctx, $u2ctx, etc.) should be empty.
|
||||
// Related user data have not been created yet.
|
||||
$userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
|
||||
provider::get_users_in_context($userlist1);
|
||||
$this->assertCount(0, $userlist1);
|
||||
$userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
|
||||
provider::get_users_in_context($userlist2);
|
||||
$this->assertCount(0, $userlist2);
|
||||
$userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
|
||||
provider::get_users_in_context($userlist3);
|
||||
$this->assertCount(0, $userlist3);
|
||||
$userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
|
||||
provider::get_users_in_context($userlist4);
|
||||
$this->assertCount(0, $userlist4);
|
||||
$userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
|
||||
provider::get_users_in_context($userlist5);
|
||||
$this->assertCount(0, $userlist5);
|
||||
|
||||
// Create a webservice.
|
||||
$s = $this->create_service();
|
||||
// Create a ws token for u1.
|
||||
$this->create_token(['userid' => $u1->id]);
|
||||
// Create a ws token for u2, and u3 as the creator of the token.
|
||||
$this->create_token(['userid' => $u2->id, 'creatorid' => $u3->id]);
|
||||
// Create a service user (u4).
|
||||
$this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u4->id]);
|
||||
|
||||
// The list of users for userlist1 should return one user (u1).
|
||||
provider::get_users_in_context($userlist1);
|
||||
$this->assertCount(1, $userlist1);
|
||||
$expected = [$u1->id];
|
||||
$actual = $userlist1->get_userids();
|
||||
$this->assertEquals($expected, $actual);
|
||||
// The list of users for userlist2 should return one user (u2).
|
||||
provider::get_users_in_context($userlist2);
|
||||
$this->assertCount(1, $userlist2);
|
||||
$expected = [$u2->id];
|
||||
$actual = $userlist2->get_userids();
|
||||
$this->assertEquals($expected, $actual);
|
||||
// The list of users for userlist3 should return one user (u3).
|
||||
provider::get_users_in_context($userlist3);
|
||||
$this->assertCount(1, $userlist3);
|
||||
$expected = [$u3->id];
|
||||
$actual = $userlist3->get_userids();
|
||||
$this->assertEquals($expected, $actual);
|
||||
// The list of users for userlist4 should return one user (u4).
|
||||
provider::get_users_in_context($userlist4);
|
||||
$this->assertCount(1, $userlist4);
|
||||
$expected = [$u4->id];
|
||||
$actual = $userlist4->get_userids();
|
||||
$this->assertEquals($expected, $actual);
|
||||
// The list of users for userlist5 should not return any users.
|
||||
provider::get_users_in_context($userlist5);
|
||||
$this->assertCount(0, $userlist5);
|
||||
|
||||
// The list of users should only return users in the user context.
|
||||
$systemcontext = context_system::instance();
|
||||
$userlist6 = new \core_privacy\local\request\userlist($systemcontext, $component);
|
||||
provider::get_users_in_context($userlist6);
|
||||
$this->assertCount(0, $userlist6);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that data for users in approved userlist is deleted.
|
||||
*/
|
||||
public function test_delete_data_for_users() {
|
||||
|
||||
$component = 'core_webservice';
|
||||
// Create user u1.
|
||||
$u1 = $this->getDataGenerator()->create_user();
|
||||
$u1ctx = context_user::instance($u1->id);
|
||||
// Create user u2.
|
||||
$u2 = $this->getDataGenerator()->create_user();
|
||||
$u2ctx = context_user::instance($u2->id);
|
||||
// Create user u3.
|
||||
$u3 = $this->getDataGenerator()->create_user();
|
||||
$u3ctx = context_user::instance($u3->id);
|
||||
// Create user u4.
|
||||
$u4 = $this->getDataGenerator()->create_user();
|
||||
$u4ctx = context_user::instance($u4->id);
|
||||
// Create user u5.
|
||||
$u5 = $this->getDataGenerator()->create_user();
|
||||
$u5ctx = context_user::instance($u5->id);
|
||||
|
||||
// Create a webservice.
|
||||
$s = $this->create_service();
|
||||
// Create a ws token for u1.
|
||||
$this->create_token(['userid' => $u1->id]);
|
||||
// Create a ws token for u2, and u3 as the creator of the token.
|
||||
$this->create_token(['userid' => $u2->id, 'creatorid' => $u3->id]);
|
||||
// Create a service user (u4).
|
||||
$this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u4->id]);
|
||||
// Create a service user (u5).
|
||||
$this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u5->id]);
|
||||
|
||||
// The list of users for u1ctx should return one user (u1).
|
||||
$userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
|
||||
provider::get_users_in_context($userlist1);
|
||||
$this->assertCount(1, $userlist1);
|
||||
// The list of users for u2ctx should return one user (u2).
|
||||
$userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
|
||||
provider::get_users_in_context($userlist2);
|
||||
$this->assertCount(1, $userlist2);
|
||||
// The list of users for u3ctx should return one user (u3).
|
||||
$userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
|
||||
provider::get_users_in_context($userlist3);
|
||||
$this->assertCount(1, $userlist3);
|
||||
// The list of users for u4ctx should return one user (u4).
|
||||
$userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
|
||||
provider::get_users_in_context($userlist4);
|
||||
$this->assertCount(1, $userlist4);
|
||||
|
||||
$approvedlist = new approved_userlist($u1ctx, $component, $userlist1->get_userids());
|
||||
// Delete using delete_data_for_user.
|
||||
provider::delete_data_for_users($approvedlist);
|
||||
// Re-fetch users in u1ctx - the user data should now be empty.
|
||||
$userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
|
||||
provider::get_users_in_context($userlist1);
|
||||
$this->assertCount(0, $userlist1);
|
||||
|
||||
$approvedlist = new approved_userlist($u2ctx, $component, $userlist2->get_userids());
|
||||
// Delete using delete_data_for_user.
|
||||
provider::delete_data_for_users($approvedlist);
|
||||
// Re-fetch users in u2ctx - the user data should now be empty.
|
||||
$userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
|
||||
provider::get_users_in_context($userlist2);
|
||||
$this->assertCount(0, $userlist2);
|
||||
|
||||
$approvedlist = new approved_userlist($u3ctx, $component, $userlist3->get_userids());
|
||||
// Delete using delete_data_for_user.
|
||||
provider::delete_data_for_users($approvedlist);
|
||||
// Re-fetch users in u3ctx - the user data should now be empty.
|
||||
$userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
|
||||
provider::get_users_in_context($userlist3);
|
||||
$this->assertCount(0, $userlist3);
|
||||
|
||||
$approvedlist = new approved_userlist($u4ctx, $component, $userlist3->get_userids());
|
||||
// Delete using delete_data_for_user.
|
||||
provider::delete_data_for_users($approvedlist);
|
||||
// Re-fetch users in u4ctx - the user data should now be empty.
|
||||
$userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
|
||||
provider::get_users_in_context($userlist4);
|
||||
$this->assertCount(0, $userlist4);
|
||||
|
||||
// The list of users for u5ctx should still return one user (u5).
|
||||
$userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
|
||||
provider::get_users_in_context($userlist5);
|
||||
$this->assertCount(1, $userlist5);
|
||||
|
||||
// User data should only be removed in the user context.
|
||||
$systemcontext = context_system::instance();
|
||||
$approvedlist = new approved_userlist($systemcontext, $component, $userlist5->get_userids());
|
||||
// Delete using delete_data_for_user.
|
||||
provider::delete_data_for_users($approvedlist);
|
||||
// Re-fetch users in u5ctx - the user data should still be present.
|
||||
$userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
|
||||
provider::get_users_in_context($userlist5);
|
||||
$this->assertCount(1, $userlist5);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a service.
|
||||
*
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user