From 496e660d1ef18d5398864f47788f169460895320 Mon Sep 17 00:00:00 2001
From: Julio <gugli100@gmail.com>
Date: Wed, 3 Nov 2021 14:58:08 +0100
Subject: [PATCH] Minor - add tests

---
 .../Authorization/Voter/CourseVoterTest.php   | 87 +++++++++++++++++++
 .../Authorization/Voter/GroupVoterTest.php    | 10 +++
 2 files changed, 97 insertions(+)
 create mode 100644 tests/CoreBundle/Security/Authorization/Voter/CourseVoterTest.php

diff --git a/tests/CoreBundle/Security/Authorization/Voter/CourseVoterTest.php b/tests/CoreBundle/Security/Authorization/Voter/CourseVoterTest.php
new file mode 100644
index 0000000000..f6be59dd1e
--- /dev/null
+++ b/tests/CoreBundle/Security/Authorization/Voter/CourseVoterTest.php
@@ -0,0 +1,87 @@
+<?php
+
+declare(strict_types=1);
+
+/* For licensing terms, see /license.txt */
+
+namespace Chamilo\Tests\CoreBundle\Security\Authorization\Voter;
+
+use Chamilo\CoreBundle\Entity\Course;
+use Chamilo\CoreBundle\Entity\CourseRelUser;
+use Chamilo\CoreBundle\Security\Authorization\Voter\CourseVoter;
+use Chamilo\Tests\ChamiloTestTrait;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
+
+class CourseVoterTest extends WebTestCase
+{
+    use ChamiloTestTrait;
+
+    // @dataProvider provideVoteTests not working
+    public function testVote(): void
+    {
+        $client = static::createClient();
+        $tests = $this->provideVoteTests();
+        $voter = $this->getContainer()->get(CourseVoter::class);
+        foreach ($tests as $message => $test) {
+            [$expected, $user, $course] = $test;
+            $client->loginUser($user);
+            $token = $this->getContainer()->get('security.untracked_token_storage')->getToken();
+            $this->assertSame($expected, $voter->vote($token, $course, ['VIEW']), $message);
+        }
+    }
+
+    public function provideVoteTests()
+    {
+        $em = $this->getEntityManager();
+        $admin = $this->getAdmin();
+        $student = $this->createUser('student');
+        $studentWithAccess = $this->createUser('student_access');
+
+        $teacher = $this->createUser('teacher', '', '', 'ROLE_TEACHER');
+        $teacherWithAccess = $this->createUser('teacher_with_access', '', '', 'ROLE_TEACHER');
+
+        // Group in public course.
+        $publicCourse = $this->createCourse('public');
+        $publicCourse->addUser($studentWithAccess, 0, null, CourseRelUser::STUDENT);
+        $publicCourse->addUser($teacherWithAccess, 0, null, CourseRelUser::TEACHER);
+        $em->persist($publicCourse);
+        $em->flush();
+
+        $denied = VoterInterface::ACCESS_DENIED;
+        $granted = VoterInterface::ACCESS_GRANTED;
+
+        yield 'admin access to course' => [$granted, $admin, $publicCourse];
+        yield 'student access to course' => [$granted, $student, $publicCourse];
+        yield 'student access to course' => [$granted, $studentWithAccess, $publicCourse];
+        yield 'teacher no access to course' => [$granted, $teacher, $publicCourse];
+        yield 'teacher with access to course' => [$granted, $teacherWithAccess, $publicCourse];
+
+        // REGISTERED course.
+        $registeredCourse = $this->createCourse('registered');
+        $registeredCourse->setVisibility(Course::REGISTERED);
+        $registeredCourse->addUser($studentWithAccess, 0, null, CourseRelUser::STUDENT);
+        $registeredCourse->addUser($teacherWithAccess, 0, null, CourseRelUser::TEACHER);
+        $em->persist($registeredCourse);
+        $em->flush();
+
+        $admin = $this->getAdmin();
+
+        yield 'admin access to reg course' => [$granted, $admin, $registeredCourse];
+        yield 'teacher access to reg course' => [$granted, $teacherWithAccess, $registeredCourse];
+        yield 'student access to reg course ' => [$granted, $studentWithAccess, $registeredCourse];
+        yield 'teacher no access to reg course' => [$denied, $teacher, $registeredCourse];
+        yield 'student no access to reg course' => [$denied, $student, $registeredCourse];
+
+        // Hidden
+        $registeredCourse->setVisibility(Course::HIDDEN);
+        $em->persist($registeredCourse);
+        $em->flush();
+
+        yield 'admin access to reg course' => [$granted, $admin, $registeredCourse];
+        yield 'teacher access to reg course' => [$denied, $teacherWithAccess, $registeredCourse];
+        yield 'student access to reg course ' => [$denied, $studentWithAccess, $registeredCourse];
+        yield 'teacher no access to reg course' => [$denied, $teacher, $registeredCourse];
+        yield 'student no access to reg course' => [$denied, $student, $registeredCourse];
+    }
+}
diff --git a/tests/CoreBundle/Security/Authorization/Voter/GroupVoterTest.php b/tests/CoreBundle/Security/Authorization/Voter/GroupVoterTest.php
index 8b79da1986..f9a17b21ab 100644
--- a/tests/CoreBundle/Security/Authorization/Voter/GroupVoterTest.php
+++ b/tests/CoreBundle/Security/Authorization/Voter/GroupVoterTest.php
@@ -138,5 +138,15 @@ class GroupVoterTest extends WebTestCase
         yield 'student no access to reg course status=true' => [$denied, $student, $group2];
         yield 'student no access to group 2' => [$granted, $studentWithAccess, $group2];
         yield 'student access to reg course group status=true' => [$granted, $studentInGroup2IsMember, $group2];
+
+        $registeredCourse->setVisibility(Course::HIDDEN);
+        $em->persist($registeredCourse);
+        $em->flush();
+
+        yield 'admin access to reg course hidden' => [$granted, $admin, $group2];
+        yield 'teacher access to reg course hidden' => [$denied, $teacherWithAccess, $group2];
+        yield 'teacher no access to reg course hidden' => [$denied, $teacher, $group2];
+        yield 'studentWithAccess no access reg course hidden' => [$denied, $studentWithAccess, $group2];
+        yield 'studentInGroup2IsMember to reg course hidden' => [$denied, $studentInGroup2IsMember, $group2];
     }
 }