Download & Extend
Role Delegation » Issues

Write test cases

Posted by David Lesieur on June 29, 2009 at 1:17pm
Project:Role Delegation
Version:6.x-1.x-dev
Component:Code
Category:task
Priority:normal
Assigned:Unassigned
Status:active

Issue Summary

Given the number of combinations made possible with this module, it would be very useful to write automated regression test cases.
Here's a good list of things to test, suggested by TheRec:

  • An user with a role which can "assign all roles" -> The user could assign and strip every role for users.
  • An user with a role which can add one or more role -> The user could assign and strip only the definied roles for users.
  • An user with a role which can "administer users" but cannot assign any role -> The user could not assign or strip off roles but users were still modifiable (as intended).
  • An user with a role which can assign/strip its own role -> The user could strip this role off his account and was presented the "Access denied" page after the operation was completed successfully (that is also how it is supposed to be done, so it is ok)
  • Users with the "administer permissions" (for D5 it is "administer access control") could in every case assign/strip roles as it is supposed to be.
  • User-1 could in every case assign roles as it is supposed to be.
Login or register to post comments

Comments

#1

Posted by Andrew Schulman on December 8, 2010 at 3:09pm

A Simple Test framework has been added in D7, that covers some of these points. There are currently three test cases, that use a common setup as follows:

  • Two roles, named "high" and "low". The high role can assign the low role. No other role assignment permissions are granted.
  • Two users, also named "high" and "low". The high user is given the high role, and both users are given "administer users" permission.

Within this setup, there's a "Permissions" test case that just checks that:

  • The high user can assign the low role (to some user, e.g. low).
  • The high user cannot assign the high role (to some user, e.g. low).

Here's how this compares to the above list:

  1. User with a role that can "assign all roles" -> User can assign and remove all roles. Not tested yet.
  2. User with a role that can add one or more role -> User can assign and remove only the allowed roles. Done.
  3. User with a role that can "administer users" but cannot assign any role -> User cannot assign or remove roles, but users are still modifiable (as intended). Done. The test setup grants "administer users" and works through the user editing page. The test case is slightly different because the high user can assign some roles, but we still check that he can't assign roles he doesn't have permission for, so it amounts to the same thing.
  4. User with a role that can add/remove its own role -> User can remove this role from his account, and then gets "Access denied" after the operation completes. Not tested yet.
  5. User with "administer permissions" can assign and remove all roles. Not tested yet.
  6. User 1 can assign and remove all roles. Not tested yet.

The test framework also includes other test cases, that check whether role bulk add/remove operations and role renaming and deletion work as desired, including that users can/can't use the operations to assign roles that they do/don't have permission for.

The test framework hasn't been ported to D6 yet.

nobody click here