From d1a42d331d2935d87922eda7c9bff15865685f52 Mon Sep 17 00:00:00 2001
From: Raven <enn.raven@gmail.com>
Date: Fri, 5 Mar 2021 15:52:01 +0900
Subject: [PATCH] Extract test env from group permission branch.

---
 edit_page_test.go        | 19 +++++-------
 setup_test.go            | 36 +++++++++++++++-------
 tests/dummy/admin.go     | 66 ++++++++++++++++++++++++++++++++++++++--
 tests/dummy/models.go    | 12 ++++++++
 tests/dummy/roles.go     | 30 ++++++++++++++++++
 transformer_json_test.go | 10 ++++--
 update_record_test.go    | 55 ++++++++++++++++++++++-----------
 7 files changed, 184 insertions(+), 44 deletions(-)
 create mode 100644 tests/dummy/roles.go

diff --git a/edit_page_test.go b/edit_page_test.go
index 1e1ada96..5a7f4f2c 100644
--- a/edit_page_test.go
+++ b/edit_page_test.go
@@ -7,21 +7,18 @@ import (
 	"testing"
 
 	. "github.com/qor/admin/tests/dummy"
+	qorTestUtils "github.com/qor/qor/test/utils"
 	"github.com/theplant/htmltestingutils"
 )
 
 func TestEditPage(t *testing.T) {
-	h, _, _ := NewTestHandler()
+	qorTestUtils.ResetDBTables(db, &Language{}, &User{})
+	user := createLoggedInUser()
 
-	var err error
-	user := User{Name: "my record", Role: "admin"}
-	err = db.Save(&user).Error
-	if err != nil {
-		t.Fatal(err)
-	}
+	h := adminHandler
 
 	var req *http.Request
-	req, err = http.NewRequest("GET", fmt.Sprintf("/admin/users/%d/edit", user.ID), nil)
+	req, err := http.NewRequest("GET", fmt.Sprintf("/admin/users/%d/edit", user.ID), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -31,7 +28,7 @@ func TestEditPage(t *testing.T) {
 	h.ServeHTTP(rr, req)
 
 	// assert only form so that other sections won't break the tests
-	diff := htmltestingutils.PrettyHtmlDiff(rr.Body, "form", expectedBody)
+	diff := htmltestingutils.PrettyHtmlDiff(rr.Body, "form.qor-form", expectedBody)
 	if len(diff) > 0 {
 		t.Error(diff)
 	}
@@ -65,10 +62,10 @@ var expectedBody = `
 Name
 </label>
 
-<div class="qor-field__show">my record</div>
+<div class="qor-field__show">QOR</div>
 
 <div class="qor-field__edit">
-<input class="mdl-textfield__input" type="text" id="user_1_name" name="QorResource.Name" value="my record" >
+<input class="mdl-textfield__input" type="text" id="user_1_name" name="QorResource.Name" value="QOR" >
 </div>
 </div>
 </div>
diff --git a/setup_test.go b/setup_test.go
index 32009c02..f7482110 100644
--- a/setup_test.go
+++ b/setup_test.go
@@ -3,6 +3,8 @@ package admin_test
 import (
 	"net/http"
 	"net/http/httptest"
+	"os"
+	"testing"
 
 	"github.com/jinzhu/gorm"
 	"github.com/qor/admin"
@@ -10,20 +12,32 @@ import (
 )
 
 var (
-	server *httptest.Server
-	db     *gorm.DB
-	Admin  *admin.Admin
+	server       *httptest.Server
+	db           *gorm.DB
+	Admin        *admin.Admin
+	adminHandler http.Handler
 )
 
 func init() {
-	var mux http.Handler
-	mux, Admin, db = NewTestHandler()
-	server = httptest.NewServer(mux)
+	Admin = NewDummyAdmin()
+	adminHandler = Admin.NewServeMux("/admin")
+	db = Admin.DB
+	server = httptest.NewServer(adminHandler)
 }
 
-func NewTestHandler() (h http.Handler, adm *admin.Admin, d *gorm.DB) {
-	adm = NewDummyAdmin()
-	d = adm.DB
-	h = adm.NewServeMux("/admin")
-	return
+func TestMain(m *testing.M) {
+	// Create universal logged-in user for test.
+	createLoggedInUser()
+	retCode := m.Run()
+
+	os.Exit(retCode)
+}
+
+func createLoggedInUser() *User {
+	user := User{Name: LoggedInUserName, Role: Role_system_administrator}
+	if err := db.Save(&user).Error; err != nil {
+		panic(err)
+	}
+
+	return &user
 }
diff --git a/tests/dummy/admin.go b/tests/dummy/admin.go
index ca39a7c2..46e89cee 100644
--- a/tests/dummy/admin.go
+++ b/tests/dummy/admin.go
@@ -7,6 +7,7 @@ import (
 	"github.com/qor/media"
 	"github.com/qor/qor"
 	"github.com/qor/qor/test/utils"
+	"github.com/qor/roles"
 )
 
 // NewDummyAdmin generate admin for dummy app
@@ -14,11 +15,13 @@ func NewDummyAdmin(keepData ...bool) *admin.Admin {
 	var (
 		db     = utils.TestDB()
 		models = []interface{}{&User{}, &CreditCard{}, &Address{}, &Language{}, &Profile{}, &Phone{}, &Company{}}
-		Admin  = admin.New(&qor.Config{DB: db})
+		Admin  = admin.New(&admin.AdminConfig{Auth: DummyAuth{}, DB: db})
 	)
 
 	media.RegisterCallbacks(db)
 
+	InitRoles()
+
 	for _, value := range models {
 		if len(keepData) == 0 {
 			db.DropTableIfExists(value)
@@ -26,9 +29,42 @@ func NewDummyAdmin(keepData ...bool) *admin.Admin {
 		db.AutoMigrate(value)
 	}
 
-	Admin.AddResource(&Company{})
+	c := Admin.AddResource(&Company{})
+	c.Action(&admin.Action{
+		Name: "Publish",
+		Handler: func(argument *admin.ActionArgument) (err error) {
+			fmt.Println("Publish company")
+			return
+		},
+		Method:   "GET",
+		Resource: c,
+		Modes:    []string{"edit"},
+	})
+	c.Action(&admin.Action{
+		Name:       "Preview",
+		Permission: roles.Deny(roles.CRUD, Role_system_administrator),
+		Handler: func(argument *admin.ActionArgument) (err error) {
+			fmt.Println("Preview company")
+			return
+		},
+		Method:   "GET",
+		Resource: c,
+		Modes:    []string{"edit"},
+	})
+	c.Action(&admin.Action{
+		Name:       "Approve",
+		Permission: roles.Allow(roles.Read, Role_system_administrator),
+		Handler: func(argument *admin.ActionArgument) (err error) {
+			fmt.Println("Approve company")
+			return
+		},
+		Method: "GET",
+		Modes:  []string{"edit"},
+	})
+	Admin.AddResource(&CreditCard{})
+
 	Admin.AddResource(&Language{}, &admin.Config{Name: "语种 & 语言", Priority: -1})
-	user := Admin.AddResource(&User{})
+	user := Admin.AddResource(&User{}, &admin.Config{Permission: roles.Allow(roles.CRUD, Role_system_administrator)})
 	user.Meta(&admin.Meta{
 		Name: "CreditCard",
 		Type: "single_edit",
@@ -48,3 +84,27 @@ func NewDummyAdmin(keepData ...bool) *admin.Admin {
 
 	return Admin
 }
+
+const LoggedInUserName = "QOR"
+
+type DummyAuth struct {
+}
+
+func (DummyAuth) LoginURL(ctx *admin.Context) string {
+	return "/auth/login"
+}
+
+func (DummyAuth) LogoutURL(ctx *admin.Context) string {
+	return "/auth/logout"
+}
+
+func (DummyAuth) GetCurrentUser(ctx *admin.Context) qor.CurrentUser {
+	u := User{}
+
+	if err := ctx.Admin.DB.Where("name = ?", LoggedInUserName).First(&u).Error; err != nil {
+		fmt.Println("Cannot load logged in user", err.Error())
+		return nil
+	}
+
+	return u
+}
diff --git a/tests/dummy/models.go b/tests/dummy/models.go
index 426eb249..78e415eb 100644
--- a/tests/dummy/models.go
+++ b/tests/dummy/models.go
@@ -62,3 +62,15 @@ type Phone struct {
 	ProfileID uint64
 	Num       string
 }
+
+func (u User) DisplayName() string {
+	return u.Name
+}
+
+func (u User) GetID() uint {
+	return u.ID
+}
+
+func (u User) GetUsersByIDs(db *gorm.DB, ids []string) interface{} {
+	return u
+}
diff --git a/tests/dummy/roles.go b/tests/dummy/roles.go
new file mode 100644
index 00000000..fe4eac91
--- /dev/null
+++ b/tests/dummy/roles.go
@@ -0,0 +1,30 @@
+package dummy
+
+import (
+	"net/http"
+
+	"github.com/qor/roles"
+)
+
+const (
+	Role_editor               = "Editor"
+	Role_supervisor           = "Supervisor"
+	Role_system_administrator = "admin"
+	Role_developer            = "Developer"
+)
+
+// InitRoles initialize roles of the system.
+func InitRoles() {
+	roles.Register(Role_editor, func(req *http.Request, currentUser interface{}) bool {
+		return currentUser != nil && currentUser.(User).Role == Role_editor
+	})
+	roles.Register(Role_supervisor, func(req *http.Request, currentUser interface{}) bool {
+		return currentUser != nil && currentUser.(User).Role == Role_supervisor
+	})
+	roles.Register(Role_system_administrator, func(req *http.Request, currentUser interface{}) bool {
+		return currentUser != nil && currentUser.(User).Role == Role_system_administrator
+	})
+	roles.Register(Role_developer, func(req *http.Request, currentUser interface{}) bool {
+		return currentUser != nil && currentUser.(User).Role == Role_developer
+	})
+}
diff --git a/transformer_json_test.go b/transformer_json_test.go
index 21bd6888..272c4e3d 100644
--- a/transformer_json_test.go
+++ b/transformer_json_test.go
@@ -10,10 +10,16 @@ import (
 	"github.com/jinzhu/now"
 	"github.com/qor/admin"
 	. "github.com/qor/admin/tests/dummy"
+	qorTestUtils "github.com/qor/qor/test/utils"
 	"github.com/theplant/testingutils"
 )
 
 func TestJSONTransformerEncode(t *testing.T) {
+	qorTestUtils.ResetDBTables(db, &Language{}, &Profile{}, &CreditCard{}, &User{})
+
+	ctx := Admin.NewContext(nil, nil)
+	ctx.Context.Roles = []string{Role_system_administrator}
+
 	var (
 		buffer          bytes.Buffer
 		registeredAt    = now.MustParse("2017-01-01")
@@ -21,7 +27,7 @@ func TestJSONTransformerEncode(t *testing.T) {
 		encoder         = admin.Encoder{
 			Action:   "show",
 			Resource: Admin.GetResource("User"),
-			Context:  Admin.NewContext(nil, nil),
+			Context:  ctx,
 			Result: &User{
 				Active:       true,
 				Model:        gorm.Model{ID: 1},
@@ -81,7 +87,7 @@ func TestJSONTransformerEncode(t *testing.T) {
 
 	diff := testingutils.PrettyJsonDiff(expect, response)
 	if len(diff) > 0 {
-		t.Errorf("Got %v\n%v", string(buffer.Bytes()), diff)
+		t.Errorf("Got %v\n\n\n\n%v", string(buffer.Bytes()), diff)
 	}
 }
 
diff --git a/update_record_test.go b/update_record_test.go
index af092a40..32d64d13 100644
--- a/update_record_test.go
+++ b/update_record_test.go
@@ -16,15 +16,19 @@ import (
 	. "github.com/qor/admin/tests/dummy"
 	"github.com/qor/qor"
 	"github.com/qor/qor/resource"
+	qorTestUtils "github.com/qor/qor/test/utils"
 )
 
 func TestUpdateRecord(t *testing.T) {
-	user := User{Name: "update_record", Role: "admin"}
+	qorTestUtils.ResetDBTables(db, &Language{}, &User{})
+	createLoggedInUser()
+
+	user := User{Name: "update_record", Role: Role_system_administrator}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name": {user.Name + "_new"},
-		"QorResource.Role": {"admin"},
+		"QorResource.Role": {Role_system_administrator},
 	}
 
 	if req, err := http.PostForm(server.URL+"/admin/users/"+fmt.Sprint(user.ID), form); err == nil {
@@ -41,7 +45,9 @@ func TestUpdateRecord(t *testing.T) {
 }
 
 func TestUpdateRecordWithRollback(t *testing.T) {
-	db.Exec("TRUNCATE TABLE users")
+	qorTestUtils.ResetDBTables(db, &Language{}, &User{})
+	createLoggedInUser()
+
 	db.Model(&User{}).AddUniqueIndex("uix_user_name", "name")
 
 	userR := Admin.GetResource("User")
@@ -55,14 +61,14 @@ func TestUpdateRecordWithRollback(t *testing.T) {
 	})
 
 	anotherUsersName := "Katin"
-	db.Save(&User{Name: anotherUsersName, Role: "admin"})
+	db.Save(&User{Name: anotherUsersName, Role: Role_system_administrator})
 
-	user := User{Name: "update_record", Role: "admin", Languages: []Language{{Name: "CN"}, {Name: "JP"}}}
+	user := User{Name: "update_record", Role: Role_system_administrator, Languages: []Language{{Name: "CN"}, {Name: "JP"}}}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name": {anotherUsersName},
-		"QorResource.Role": {"admin"},
+		"QorResource.Role": {Role_system_administrator},
 	}
 
 	if req, err := http.PostForm(server.URL+"/admin/users/"+fmt.Sprint(user.ID), form); err == nil {
@@ -89,12 +95,15 @@ func TestUpdateRecordWithRollback(t *testing.T) {
 }
 
 func TestUpdateHasOneRecord(t *testing.T) {
-	user := User{Name: "update_record_and_has_one", Role: "admin", CreditCard: CreditCard{Number: "1234567890", Issuer: "JCB"}}
+	qorTestUtils.ResetDBTables(db, &CreditCard{}, &User{})
+	createLoggedInUser()
+
+	user := User{Name: "update_record_and_has_one", Role: Role_system_administrator, CreditCard: CreditCard{Number: "1234567890", Issuer: "JCB"}}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name":              {user.Name + "_new"},
-		"QorResource.Role":              {"admin"},
+		"QorResource.Role":              {Role_system_administrator},
 		"QorResource.CreditCard.ID":     {fmt.Sprint(user.CreditCard.ID)},
 		"QorResource.CreditCard.Number": {"1234567890"},
 		"QorResource.CreditCard.Issuer": {"UnionPay"},
@@ -124,12 +133,15 @@ func TestUpdateHasOneRecord(t *testing.T) {
 }
 
 func TestUpdateHasManyRecord(t *testing.T) {
-	user := User{Name: "update_record_and_has_many", Role: "admin", Addresses: []Address{{Address1: "address 1.1", Address2: "address 1.2"}, {Address1: "address 2.1"}, {Address1: "address 3.1"}}}
+	qorTestUtils.ResetDBTables(db, &Address{}, &User{})
+	createLoggedInUser()
+
+	user := User{Name: "update_record_and_has_many", Role: Role_system_administrator, Addresses: []Address{{Address1: "address 1.1", Address2: "address 1.2"}, {Address1: "address 2.1"}, {Address1: "address 3.1"}}}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name":                  {user.Name},
-		"QorResource.Role":                  {"admin"},
+		"QorResource.Role":                  {Role_system_administrator},
 		"QorResource.Addresses[0].ID":       {fmt.Sprint(user.Addresses[0].ID)},
 		"QorResource.Addresses[0].Address1": {"address 1.1 new"},
 		"QorResource.Addresses[1].ID":       {fmt.Sprint(user.Addresses[1].ID)},
@@ -174,12 +186,15 @@ func TestUpdateHasManyRecord(t *testing.T) {
 }
 
 func TestDestroyEmbeddedHasOneRecord(t *testing.T) {
-	user := User{Name: "destroy_embedded_has_one_record", Role: "admin", CreditCard: CreditCard{Number: "1234567890", Issuer: "JCB"}}
+	qorTestUtils.ResetDBTables(db, &CreditCard{}, &User{})
+	createLoggedInUser()
+
+	user := User{Name: "destroy_embedded_has_one_record", Role: Role_system_administrator, CreditCard: CreditCard{Number: "1234567890", Issuer: "JCB"}}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name":                {user.Name + "_new"},
-		"QorResource.Role":                {"admin"},
+		"QorResource.Role":                {Role_system_administrator},
 		"QorResource.CreditCard.ID":       {fmt.Sprint(user.CreditCard.ID)},
 		"QorResource.CreditCard._destroy": {"1"},
 		"QorResource.CreditCard.Number":   {"1234567890"},
@@ -205,17 +220,20 @@ func TestDestroyEmbeddedHasOneRecord(t *testing.T) {
 }
 
 func TestUpdateManyToManyRecord(t *testing.T) {
+	qorTestUtils.ResetDBTables(db, &Language{}, &User{})
+	createLoggedInUser()
+
 	name := "update_record_many_to_many"
 	var languageCN Language
 	var languageEN Language
 	db.FirstOrCreate(&languageCN, Language{Name: "CN"})
 	db.FirstOrCreate(&languageEN, Language{Name: "EN"})
-	user := User{Name: name, Role: "admin", Languages: []Language{languageCN, languageEN}}
+	user := User{Name: name, Role: Role_system_administrator, Languages: []Language{languageCN, languageEN}}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name":      {name + "_new"},
-		"QorResource.Role":      {"admin"},
+		"QorResource.Role":      {Role_system_administrator},
 		"QorResource.Languages": {fmt.Sprint(languageCN.ID)},
 	}
 
@@ -241,6 +259,9 @@ func TestUpdateManyToManyRecord(t *testing.T) {
 }
 
 func TestUpdateSelectOne(t *testing.T) {
+	qorTestUtils.ResetDBTables(db, &Company{}, &User{})
+	createLoggedInUser()
+
 	name := "update_record_select_one"
 	var company1, company2 Company
 	if err := db.FirstOrCreate(&company1, &Company{Name: "Company 1"}).Error; err != nil {
@@ -249,12 +270,12 @@ func TestUpdateSelectOne(t *testing.T) {
 	if err := db.FirstOrCreate(&company2, &Company{Name: "Company 2"}).Error; err != nil {
 		t.Fatal(err)
 	}
-	user := User{Name: name, Role: "admin", Company: &company1}
+	user := User{Name: name, Role: Role_system_administrator, Company: &company1}
 	db.Save(&user)
 
 	form := url.Values{
 		"QorResource.Name":    {name + "_new"},
-		"QorResource.Role":    {"admin"},
+		"QorResource.Role":    {Role_system_administrator},
 		"QorResource.Company": {fmt.Sprint(company2.ID)},
 	}
 
@@ -289,7 +310,7 @@ func TestUpdateAttachment(t *testing.T) {
 		}
 		form := url.Values{
 			"QorResource.Name": {name},
-			"QorResource.Role": {"admin"},
+			"QorResource.Role": {Role_system_administrator},
 		}
 		for key, val := range form {
 			_ = writer.WriteField(key, val[0])