MDL-52895 webservice: Fix capability checks
[moodle.git] / mod / imscp / tests / externallib_test.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * External mod_imscp functions unit tests
19  *
20  * @package    mod_imscp
21  * @category   external
22  * @copyright  2015 Juan Leyva <juan@moodle.com>
23  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24  * @since      Moodle 3.0
25  */
27 defined('MOODLE_INTERNAL') || die();
29 global $CFG;
31 require_once($CFG->dirroot . '/webservice/tests/helpers.php');
33 /**
34  * External mod_imscp functions unit tests
35  *
36  * @package    mod_imscp
37  * @category   external
38  * @copyright  2015 Juan Leyva <juan@moodle.com>
39  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
40  * @since      Moodle 3.0
41  */
42 class mod_imscp_external_testcase extends externallib_advanced_testcase {
44     /**
45      * Test view_imscp
46      */
47     public function test_view_imscp() {
48         global $DB;
50         $this->resetAfterTest(true);
52         $this->setAdminUser();
53         // Setup test data.
54         $course = $this->getDataGenerator()->create_course();
55         $imscp = $this->getDataGenerator()->create_module('imscp', array('course' => $course->id));
56         $context = context_module::instance($imscp->cmid);
57         $cm = get_coursemodule_from_instance('imscp', $imscp->id);
59         // Test invalid instance id.
60         try {
61             mod_imscp_external::view_imscp(0);
62             $this->fail('Exception expected due to invalid mod_imscp instance id.');
63         } catch (moodle_exception $e) {
64             $this->assertEquals('invalidrecord', $e->errorcode);
65         }
67         // Test not-enrolled user.
68         $user = self::getDataGenerator()->create_user();
69         $this->setUser($user);
70         try {
71             mod_imscp_external::view_imscp($imscp->id);
72             $this->fail('Exception expected due to not enrolled user.');
73         } catch (moodle_exception $e) {
74             $this->assertEquals('requireloginerror', $e->errorcode);
75         }
77         // Test user with full capabilities.
78         $studentrole = $DB->get_record('role', array('shortname' => 'student'));
79         $this->getDataGenerator()->enrol_user($user->id, $course->id, $studentrole->id);
81         // Trigger and capture the event.
82         $sink = $this->redirectEvents();
84         $result = mod_imscp_external::view_imscp($imscp->id);
85         $result = external_api::clean_returnvalue(mod_imscp_external::view_imscp_returns(), $result);
87         $events = $sink->get_events();
88         $this->assertCount(1, $events);
89         $event = array_shift($events);
91         // Checking that the event contains the expected values.
92         $this->assertInstanceOf('\mod_imscp\event\course_module_viewed', $event);
93         $this->assertEquals($context, $event->get_context());
94         $moodleurl = new \moodle_url('/mod/imscp/view.php', array('id' => $cm->id));
95         $this->assertEquals($moodleurl, $event->get_url());
96         $this->assertEventContextNotUsed($event);
97         $this->assertNotEmpty($event->get_name());
99         // Test user with no capabilities.
100         // We need a explicit prohibit since this capability is only defined in authenticated user and guest roles.
101         assign_capability('mod/imscp:view', CAP_PROHIBIT, $studentrole->id, $context->id);
102         // Empty all the caches that may be affected by this change.
103         accesslib_clear_all_caches_for_unit_testing();
104         course_modinfo::clear_instance_cache();
106         try {
107             mod_imscp_external::view_imscp($imscp->id);
108             $this->fail('Exception expected due to missing capability.');
109         } catch (moodle_exception $e) {
110             $this->assertEquals('requireloginerror', $e->errorcode);
111         }
113     }
115     /**
116      * Test get_imscps_by_courses
117      */
118     public function test_get_imscps_by_courses() {
119         global $DB, $USER;
120         $this->resetAfterTest(true);
121         // As admin.
122         $this->setAdminUser();
123         $course1 = self::getDataGenerator()->create_course();
124         $imscpoptions1 = array(
125           'course' => $course1->id,
126           'name' => 'First IMSCP'
127         );
128         $imscp1 = self::getDataGenerator()->create_module('imscp', $imscpoptions1);
129         $course2 = self::getDataGenerator()->create_course();
131         $imscpoptions2 = array(
132           'course' => $course2->id,
133           'name' => 'Second IMSCP'
134         );
135         $imscp2 = self::getDataGenerator()->create_module('imscp', $imscpoptions2);
136         $student1 = $this->getDataGenerator()->create_user();
138         $studentrole = $DB->get_record('role', array('shortname' => 'student'));
140         // Enroll Student1 in Course1.
141         self::getDataGenerator()->enrol_user($student1->id,  $course1->id, $studentrole->id);
143         $this->setUser($student1);
144         $imscps = mod_imscp_external::get_imscps_by_courses(array());
145         $imscps = external_api::clean_returnvalue(mod_imscp_external::get_imscps_by_courses_returns(), $imscps);
146         $this->assertCount(1, $imscps['imscps']);
147         $this->assertEquals('First IMSCP', $imscps['imscps'][0]['name']);
148         // As Student you cannot see some IMSCP properties like 'section'.
149         $this->assertFalse(isset($imscps['imscps'][0]['section']));
151         // Student1 is not enrolled in this Course.
152         // The webservice will give a warning!
153         $imscps = mod_imscp_external::get_imscps_by_courses(array($course2->id));
154         $imscps = external_api::clean_returnvalue(mod_imscp_external::get_imscps_by_courses_returns(), $imscps);
155         $this->assertCount(0, $imscps['imscps']);
156         $this->assertEquals(1, $imscps['warnings'][0]['warningcode']);
158         // Now as admin.
159         $this->setAdminUser();
160         // As Admin we can see this IMSCP.
161         $imscps = mod_imscp_external::get_imscps_by_courses(array($course2->id));
162         $imscps = external_api::clean_returnvalue(mod_imscp_external::get_imscps_by_courses_returns(), $imscps);
163         $this->assertCount(1, $imscps['imscps']);
164         $this->assertEquals('Second IMSCP', $imscps['imscps'][0]['name']);
165         // As an Admin you can see some IMSCP properties like 'section'.
166         $this->assertEquals(0, $imscps['imscps'][0]['section']);
168         // Now, prohibit capabilities.
169         $this->setUser($student1);
170         $contextcourse1 = context_course::instance($course1->id);
171         // Prohibit capability = mod:imscp:view on Course1 for students.
172         assign_capability('mod/imscp:view', CAP_PROHIBIT, $studentrole->id, $contextcourse1->id);
173         // Empty all the caches that may be affected by this change.
174         accesslib_clear_all_caches_for_unit_testing();
175         course_modinfo::clear_instance_cache();
177         $imscps = mod_imscp_external::get_imscps_by_courses(array($course1->id));
178         $imscps = external_api::clean_returnvalue(mod_imscp_external::get_imscps_by_courses_returns(), $imscps);
179         $this->assertCount(0, $imscps['imscps']);
180     }