diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2021-09-11 18:47:43 +0200 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2021-09-11 18:47:43 +0200 |
| commit | cd751a26678a7e863a3df6f70b0b6b4f3e5be60a (patch) | |
| tree | 6240ce39788749bc5c3f023c239d13b4282536ff /tests/ConcertsTableTest.php | |
| parent | f2c8c10eb5ef7c9bb9707c4787b65f31c8b56292 (diff) | |
| download | gigologadmin-cd751a26678a7e863a3df6f70b0b6b4f3e5be60a.tar.gz gigologadmin-cd751a26678a7e863a3df6f70b0b6b4f3e5be60a.tar.bz2 gigologadmin-cd751a26678a7e863a3df6f70b0b6b4f3e5be60a.zip | |
Update ConcertsTable tests.
Test that less privileged users don't see all the controls, and that no
controls are rendered on the public facing pages.
Diffstat (limited to 'tests/ConcertsTableTest.php')
| -rw-r--r-- | tests/ConcertsTableTest.php | 68 |
1 files changed, 65 insertions, 3 deletions
diff --git a/tests/ConcertsTableTest.php b/tests/ConcertsTableTest.php index ad0e65f..556698a 100644 --- a/tests/ConcertsTableTest.php +++ b/tests/ConcertsTableTest.php @@ -79,11 +79,8 @@ class ConcertsTableTest extends WP_UnitTestCase global $current_user; $current_user = $this->factory()->user->create_and_get(['role' => 'administrator']); - $this->assertTrue( current_user_can( 'administrator' ) ); - $oldscreen = $current_screen; $current_screen = WP_Screen::get( 'admin_init' ); - $this->assertTrue(is_admin()); $c = new GiglogAdmin_ConcertsTable(); $html = $c->render(); @@ -110,4 +107,69 @@ class ConcertsTableTest extends WP_UnitTestCase $this->assertEquals(64, $assignit_count); // four for each gig $this->assertEquals(16, $adminactions_count); // once for each gig } + + function testDontShowAdminOnlyControlsToNonAdminsOnAdminPage() { + global $current_screen; + global $current_user; + + $current_user = $this->factory()->user->create_and_get(['role' => 'editor']); + $oldscreen = $current_screen; + $current_screen = WP_Screen::get( 'admin_init' ); + + $c = new GiglogAdmin_ConcertsTable(); + $html = $c->render(); + + $current_screen = $oldscreen; + + $doc = DOMDocument::loadHTML($html); + $forms = $doc->getElementsByTagName('form'); + + $assignit_count = 0; + $adminactions_count = 0; + + foreach ($forms as $form) { + $cls = $form->attributes->getNamedItem('class')->nodeValue; + if ($cls == 'assign_concert' || $cls == 'unassign_concert') { + $assignit_count++; + } + + if ($cls == 'adminactions') { + $adminactions_count++; + } + } + + $this->assertEquals(64, $assignit_count); // four for each gig + $this->assertEquals(0, $adminactions_count); // once for each gig + } + + function testDontShowAnyControlsIfNotOnAdminPage() { + global $current_user; + + // "log in" as administrator to make sure no admin side stuff is + // rendered on the public site, even if we're a high privilege user. + $current_user = $this->factory()->user->create_and_get(['role' => 'administrator']); + + $c = new GiglogAdmin_ConcertsTable(); + $html = $c->render(); + + $doc = DOMDocument::loadHTML($html); + $forms = $doc->getElementsByTagName('form'); + + $assignit_count = 0; + $adminactions_count = 0; + + foreach ($forms as $form) { + $cls = $form->attributes->getNamedItem('class')->nodeValue; + if ($cls == 'assign_concert' || $cls == 'unassign_concert') { + $assignit_count++; + } + + if ($cls == 'adminactions') { + $adminactions_count++; + } + } + + $this->assertEquals(0, $assignit_count); // four for each gig + $this->assertEquals(0, $adminactions_count); // once for each gig + } } |