fix(formanswer): bad validator right check for groups

Signed-off-by: Thierry Bugier <tbugier@teclib.com>
pluginsGLPI · Jul 19, 2021 · 9156183 · 9156183
1 parent 778cbd9
commit 9156183
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 44 deletions.
diff --git a/inc/formanswer.class.php b/inc/formanswer.class.php
@@ -435,18 +435,10 @@ public function canValidate() {
             break;
 
          case PluginFormcreatorForm_Validator::VALIDATION_GROUP:
-            // Check the user is member of at least one validator group for the form answers
-            $condition = [
-               'glpi_groups.id' => new QuerySubQuery([
-                  'SELECT' => ['items_id'],
-                  'FROM'   => PluginFormcreatorForm_Validator::getTable(),
-                  'WHERE'  => [
-                     'itemtype'                    => Group::class,
-                     'plugin_formcreator_forms_id' => $form->getID()
-                  ]
-               ])
-            ];
-            $groupList = Group_User::getUserGroups(Session::getLoginUserID(), $condition);
+            $groupList = Group_User::getUserGroups(
+               Session::getLoginUserID(),
+               ['glpi_groups.id' => $this->fields['groups_id_validator']]
+            );
             return (count($groupList) > 0);
             break;
       }

diff --git a/tests/3-unit/PluginFormcreatorFormAnswer.php b/tests/3-unit/PluginFormcreatorFormAnswer.php
@@ -235,67 +235,74 @@ public function providerCanValidate() {
 
       return [
          [
-            'right'     => \TicketValidation::VALIDATEINCIDENT,
-            'userId'    => $validatorUserId,
-            'form'      => $form1,
-            'expected'  => true,
+            'right'          => \TicketValidation::VALIDATEINCIDENT,
+            'loginUserId'    => $validatorUserId,
+            'validatorId'    => $validatorUserId,
+            'form'           => $form1,
+            'expected'       => true,
          ],
          [
-            'right'     => \TicketValidation::VALIDATEINCIDENT,
-            'userId'    => $validatorUserId,
-            'form'      => $form2,
-            'expected'  => true,
+            'right'          => \TicketValidation::VALIDATEINCIDENT,
+            'loginUserId'    => $validatorUserId,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => true,
          ],
          [
-            'right'     => \TicketValidation::VALIDATEINCIDENT,
-            'userId'    => $validatorUserId + 1,
-            'form'      => $form2,
-            'expected'  => false,
+            'right'          => \TicketValidation::VALIDATEINCIDENT,
+            'loginUserId'    => $validatorUserId + 1,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => false,
          ],
          [
-            'right'     => \TicketValidation::VALIDATEREQUEST,
-            'userId'    => $validatorUserId,
-            'form'      => $form2,
-            'expected'  => true,
+            'right'          => \TicketValidation::VALIDATEREQUEST,
+            'loginUserId'    => $validatorUserId,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => true,
          ],
          [
-            'right'     => \TicketValidation::VALIDATEREQUEST | \TicketValidation::VALIDATEINCIDENT,
-            'userId'    => $validatorUserId,
-            'form'      => $form2,
-            'expected'  => true,
+            'right'          => \TicketValidation::VALIDATEREQUEST | \TicketValidation::VALIDATEINCIDENT,
+            'loginUserId'    => $validatorUserId,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => true,
          ],
          [
-            'right'     => \TicketValidation::VALIDATEREQUEST | \TicketValidation::VALIDATEINCIDENT,
-            'userId'    => $validatorUserId + 1,
-            'form'      => $form2,
-            'expected'  => false,
+            'right'          => \TicketValidation::VALIDATEREQUEST | \TicketValidation::VALIDATEINCIDENT,
+            'loginUserId'    => $validatorUserId + 1,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => false,
          ],         [
-            'right'     => 0,
-            'userId'    => $validatorUserId,
-            'form'      => $form2,
-            'expected'  => false,
+            'right'          => 0,
+            'loginUserId'    => $validatorUserId,
+            'validatorId'    => $group->getID(),
+            'form'           => $form2,
+            'expected'       => false,
          ],
       ];
    }
 
    /**
     * @dataProvider providerCanValidate
     */
-   public function testCanValidate($right, $userId, $form, $expected) {
+   public function testCanValidate($right, $loginUserId, $validatorId, $form, $expected) {
       // Save answers for a form
       $instance = $this->newTestedInstance();
       $input = [
          'plugin_formcreator_forms_id' => $form->getID(),
-         'formcreator_validator' => $userId,
+         'formcreator_validator' => $validatorId,
       ];
       $fields = $form->getFields();
       foreach ($fields as $id => $question) {
          $fields[$id]->parseAnswerValues($input);
       }
       $formAnswerId = $instance->add($input);
 
-      // test canValidate
-      $_SESSION['glpiID'] = $userId;
+      // test canValidate against user
+      $_SESSION['glpiID'] = $loginUserId;
       $_SESSION['glpiactiveprofile']['ticketvalidation'] = $right;
       $instance = $this->newTestedInstance();
       $instance->getFromDB($formAnswerId);