Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[#12048] Abstract Access Controls to BaseActionTest #13254

Draft
wants to merge 24 commits into
base: master
Choose a base branch
from
Draft

[#12048] Abstract Access Controls to BaseActionTest #13254

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
18b6c13
Add GetNotificationsActionTest for migration
InfinityTwo Feb 8, 2025
726365b
Merge branch 'master' of https://github.com/InfinityTwo/Teammates
InfinityTwo Feb 15, 2025
daeeaff
Add CompileLogsActionTest for migration
InfinityTwo Feb 16, 2025
52749bd
Remove typical bundle usage
InfinityTwo Feb 16, 2025
9348069
Remove wrong branch files
InfinityTwo Feb 16, 2025
c459aa3
Merge branch 'master' into db-migration-log-a
InfinityTwo Feb 16, 2025
5cb3f0e
Add QueryLogsActionTest for migration
InfinityTwo Feb 16, 2025
1c77020
Add space to rerun github action
InfinityTwo Feb 16, 2025
85b65f1
Merge branch 'db-migration-log-b' of https://github.com/InfinityTwo/T…
InfinityTwo Feb 17, 2025
d439bae
Merge branch 'master' of https://github.com/InfinityTwo/Teammates
InfinityTwo Mar 3, 2025
9b9a878
Add initial code for abtracting access control
InfinityTwo Mar 3, 2025
739d00f
Merge branch 'master' into db-migration-access-control
InfinityTwo Mar 3, 2025
674f6fb
Remove irrelevant files
InfinityTwo Mar 3, 2025
b821e81
Remove irrelevant files
InfinityTwo Mar 3, 2025
55352ca
Merge branch 'master' into db-migration-access-control
InfinityTwo Mar 24, 2025
47f1d6d
Add more access control methods
InfinityTwo Mar 24, 2025
5fa6cab
Add more access control methods
InfinityTwo Mar 24, 2025
468b776
Merge branch 'TEAMMATES:master' into db-migration-access-control
InfinityTwo Mar 24, 2025
5f7e050
Merge branch 'db-migration-access-control' of https://github.com/Infi…
InfinityTwo Mar 24, 2025
daa55a8
Complete initial abstraction
InfinityTwo Mar 30, 2025
42e9b0d
Merge branch 'TEAMMATES:master' into db-migration-access-control
InfinityTwo Mar 30, 2025
7185e53
Refactor 14 unit test access control
InfinityTwo Mar 30, 2025
83a6791
Fix EnrollStudentsActionTest access control
InfinityTwo Mar 30, 2025
c7b1384
Merge branch 'TEAMMATES:master' into db-migration-access-control
InfinityTwo Mar 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/main/java/teammates/ui/webapi/Action.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ protected boolean isAccountMigrated(String googleId) {
*/
public void checkAccessControl() throws UnauthorizedAccessException {
String userParam = getRequestParamValue(Const.ParamsNames.USER_ID);
if (userInfo != null && userParam != null && !userInfo.isAdmin && !userInfo.id.equals(userParam)) {
if (userInfo != null && userParam != null && !userInfo.isAdmin && !userParam.equals(userInfo.id)) {
throw new UnauthorizedAccessException("User " + userInfo.id
+ " is trying to masquerade as " + userParam + " without admin permission.");
}
Expand Down
33 changes: 33 additions & 0 deletions src/test/java/teammates/sqllogic/api/MockUserProvision.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
import teammates.common.datatransfer.UserInfo;
import teammates.common.datatransfer.UserInfoCookie;
import teammates.logic.api.UserProvision;
import teammates.logic.core.InstructorsLogic;
import teammates.sqllogic.core.UsersLogic;

/**
* Allows mocking of the {@link UserProvision} API used in production.
Expand All @@ -13,6 +15,10 @@
public class MockUserProvision extends UserProvision {
private UserInfo mockUser = new UserInfo("user.id");
private boolean isLoggedIn;
private boolean isMaintainer;
private boolean isAdmin;
private boolean isInstructor;
private boolean isStudent;

private UserInfo loginUser(String userId, boolean isAdmin, boolean isInstructor, boolean isStudent,
boolean isMaintainer) {
Expand Down Expand Up @@ -100,4 +106,31 @@ public UserInfo getCurrentLoggedInUser(UserInfoCookie uic) {
public UserInfo getCurrentUserWithTransaction(UserInfoCookie uic) {
return getCurrentUser(uic);
}

@Override
public UserInfo getMasqueradeUser(String googleId) {
UserInfo userInfo = new UserInfo(googleId);
userInfo.isAdmin = isAdmin;
userInfo.isInstructor = isInstructor;
userInfo.isStudent = isStudent;
userInfo.isMaintainer = isMaintainer;

return userInfo;
}

public void setAdmin(boolean isAdmin) {
this.isAdmin = isAdmin;
}

public void setInstructor(boolean isInstructor) {
this.isInstructor = isInstructor;
}

public void setStudent(boolean isStudent) {
this.isStudent = isStudent;
}

public void setMaintainer(boolean isMaintainer) {
this.isMaintainer = isMaintainer;
}
}
Loading
Loading