summaryrefslogtreecommitdiffstats
path: root/xt/selenium/user_matching.t
blob: 54afe08b28c5e46244e010e830b9563621cb989f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.

use 5.14.0;
use strict;
use warnings;

use FindBin qw($RealBin);
use lib "$RealBin/../lib", "$RealBin/../../local/lib/perl5";

use Test::More "no_plan";

use QA::Util;

my ($sel, $config) = get_selenium();

log_in($sel, $config, 'tweakparams');
set_parameters($sel, { "User Matching"  => {"usemenuforusers-off" => undef,
                                            "maxusermatches"      => {type => 'text', value => '0'},
                                            "confirmuniqueusermatch-on" => undef},
                       "Group Security" => {"usevisibilitygroups-off" => undef}
                     });

file_bug_in_product($sel, "TestProduct");
$sel->select_ok("component", "TestComponent");
my $bug_summary = "Today is Tuesday";
$sel->type_ok("short_desc", $bug_summary);
$sel->type_ok("comment", "Poker Face");
my $bug1_id = create_bug($sel, $bug_summary);

# We enter an incomplete email address. process_bug.cgi must ask
# for confirmation as confirmuniqueusermatch is turned on.

$sel->click_ok("cc_edit_area_showhide");
$sel->type_ok("newcc", $config->{unprivileged_user_login_truncated});
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Confirm Match");
$sel->is_text_present_ok("$config->{unprivileged_user_login_truncated} matched");
$sel->go_back_ok();
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_like(qr/^$bug1_id/);
$sel->click_ok("cc_edit_area_showhide");

# We now enter a complete and valid email address, so it must be accepted.
# confirmuniqueusermatch = 1 must not trigger the confirmation page as we
# type the complete email address.

$sel->type_ok("newcc", $config->{unprivileged_user_login});
edit_bug_and_return($sel, $bug1_id, $bug_summary);

# Now test wildcards ("*"). Due to confirmuniqueusermatch being turned on,
# a confirmation page must be displayed.

$sel->click_ok("cc_edit_area_showhide");
$sel->type_ok("newcc", "$config->{unprivileged_user_login_truncated}*");
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Confirm Match");
$sel->is_text_present_ok("<$config->{unprivileged_user_login}>");
$sel->go_back_ok();
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_like(qr/^$bug1_id/);
$sel->click_ok("cc_edit_area_showhide");

# This will return more than one account.

$sel->type_ok("newcc", "*$config->{common_email}");
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Confirm Match");
$sel->is_text_present_ok("*$config->{common_email} matched:");

# Now restrict 'maxusermatches'.

set_parameters($sel, { "User Matching" => {"maxusermatches" => {type => 'text', value => '1'}} });

go_to_bug($sel, $bug1_id);
$sel->click_ok("cc_edit_area_showhide");

# Several user accounts match this partial email address. Due to
# maxusermatches = 1, no email address is suggested.

$sel->type_ok("newcc", "*$config->{common_email}");
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Match Failed");
$sel->is_text_present_ok("matches multiple users");
$sel->go_back_ok();
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_like(qr/^$bug1_id/);
$sel->click_ok("cc_edit_area_showhide");

# We now type a complete and valid email address, so no confirmation
# page should be displayed.

$sel->type_ok("newcc", $config->{unprivileged_user_login});
edit_bug($sel, $bug1_id, $bug_summary);

# Now turn on group visibility. It involves important security checks.

set_parameters($sel, { "User Matching"  => {"maxusermatches" => {type => 'text', value => '2'}},
                       "Group Security" => {"usevisibilitygroups-on" => undef}
                     });

# By default, groups are not visible to themselves, so we have to enable this.
# The tweakparams user has not enough privs to do it himself.

logout($sel);
log_in($sel, $config, 'admin');
go_to_admin($sel);
$sel->click_ok("link=Groups");
$sel->wait_for_page_to_load(WAIT_TIME);
$sel->title_is("Edit Groups");
$sel->click_ok("link=tweakparams");
$sel->wait_for_page_to_load(WAIT_TIME);
$sel->title_is("Change Group: tweakparams");

my @groups = $sel->get_select_options("visible_from_add");
if (grep {$_ eq 'tweakparams'} @groups) {
    $sel->add_selection_ok("visible_from_add", "label=tweakparams");
    $sel->click_ok('//input[@value="Update Group"]');
    $sel->wait_for_page_to_load_ok(WAIT_TIME);
    $sel->title_is("Change Group: tweakparams");
}
logout($sel);
log_in($sel, $config, 'tweakparams');

go_to_bug($sel, $bug1_id);
$sel->click_ok("cc_edit_area_showhide");

# We are not in the same groups as the unprivileged user, so we cannot see him.

$sel->type_ok("newcc", $config->{unprivileged_user_login_truncated});
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Match Failed");
$sel->is_text_present_ok("$config->{unprivileged_user_login_truncated} did not match anything");
$sel->go_back_ok();
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_like(qr/^$bug1_id/);
$sel->click_ok("cc_edit_area_showhide");

# This will return too many users (there are at least always three:
# you, the admin and the permanent user (who has admin privs too)).

$sel->type_ok("newcc", $config->{common_email});
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Confirm Match");
$sel->is_text_present_ok("$config->{common_email} matched more than the maximum of 2 users");
$sel->go_back_ok();
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_like(qr/^$bug1_id/);
$sel->click_ok("cc_edit_area_showhide");

# We can always see ourselves.

$sel->type_ok("newcc", $config->{tweakparams_user_login_truncated});
$sel->click_ok("commit");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
$sel->title_is("Confirm Match");
$sel->is_text_present_ok("<$config->{tweakparams_user_login}>");

# Now test user menus. It must NOT display users we are not allowed to see.

set_parameters($sel, { "User Matching" => {"usemenuforusers-on" => undef} });

go_to_bug($sel, $bug1_id);
$sel->click_ok("cc_edit_area_showhide");
my @cc = $sel->get_select_options("newcc");
ok(!grep($_ =~ /$config->{unprivileged_user_login}/, @cc), "$config->{unprivileged_user_login} is not visible");
ok(!grep($_ =~ /$config->{canconfirm_user_login}/, @cc), "$config->{canconfirm_user_login} is not visible");
ok(grep($_ =~ /$config->{admin_user_login}/, @cc), "$config->{admin_user_login} is visible");
ok(grep($_ =~ /$config->{tweakparams_user_login}/, @cc), "$config->{tweakparams_user_login} is visible");

# Reset paramters.

set_parameters($sel, { "User Matching"  => {"usemenuforusers-off" => undef,
                                            "maxusermatches"      => {type => 'text', value => '0'},
                                            "confirmuniqueusermatch-off" => undef},
                       "Group Security" => {"usevisibilitygroups-off" => undef}
                     });
logout($sel);