From 7e989c0f8c8d39e78afd705ed4204b488f7134cb Mon Sep 17 00:00:00 2001 From: yv01p Date: Sat, 20 Dec 2025 18:43:51 +0000 Subject: [PATCH] test: add permission tests for ContentService refactoring MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds 4 integration tests for permission operations: - Test 9: SetPermission assigns permission and GetPermissions retrieves it - Test 10: Multiple SetPermission calls accumulate permissions - Test 11: SetPermissions assigns complete permission set - Test 12: SetPermission assigns to multiple user groups at once 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .../ContentServiceRefactoringTests.cs | 122 +++++++++++++++++- 1 file changed, 121 insertions(+), 1 deletion(-) diff --git a/tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/ContentServiceRefactoringTests.cs b/tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/ContentServiceRefactoringTests.cs index 2523d60b65..68ab51364c 100644 --- a/tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/ContentServiceRefactoringTests.cs +++ b/tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/ContentServiceRefactoringTests.cs @@ -6,6 +6,7 @@ using Umbraco.Cms.Core; using Umbraco.Cms.Core.Events; using Umbraco.Cms.Core.Models; using Umbraco.Cms.Core.Models.Entities; +using Umbraco.Cms.Core.Models.Membership; using Umbraco.Cms.Core.Notifications; using Umbraco.Cms.Core.Services; using Umbraco.Cms.Tests.Common.Builders; @@ -30,6 +31,7 @@ internal sealed class ContentServiceRefactoringTests : UmbracoIntegrationTestWit { private IContentTypeService ContentTypeService => GetRequiredService(); private IUserService UserService => GetRequiredService(); + private IUserGroupService UserGroupService => GetRequiredService(); protected override void CustomTestSetup(IUmbracoBuilder builder) => builder .AddNotificationHandler() @@ -421,7 +423,125 @@ internal sealed class ContentServiceRefactoringTests : UmbracoIntegrationTestWit #region Permission Tests - // Tests 9-12 will be added in Task 5 + /// + /// Test 9: Verifies SetPermission assigns a permission and GetPermissions retrieves it. + /// + [Test] + public async Task SetPermission_AssignsPermissionToUserGroup() + { + // Arrange + var content = ContentBuilder.CreateSimpleContent(ContentType, "PermissionTest", -1); + ContentService.Save(content); + + // Get admin user group ID (should always exist) + var adminGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias); + Assert.That(adminGroup, Is.Not.Null, "Admin group should exist"); + + // Act - Assign browse permission ('F' is typically the Browse Node permission) + ContentService.SetPermission(content, "F", new[] { adminGroup!.Id }); + + // Assert + var permissions = ContentService.GetPermissions(content); + Assert.That(permissions, Is.Not.Null, "Permissions should be returned"); + + var adminPermissions = permissions.FirstOrDefault(p => p.UserGroupId == adminGroup.Id); + Assert.That(adminPermissions, Is.Not.Null, "Should have permissions for admin group"); + Assert.That(adminPermissions!.AssignedPermissions, Does.Contain("F"), + "Admin group should have Browse permission"); + } + + /// + /// Test 10: Verifies multiple SetPermission calls accumulate permissions for a user group. + /// + /// + /// v1.2: Expected behavior documentation - + /// SetPermission assigns permissions per-permission-type, not per-entity. + /// Calling SetPermission("F", ...) then SetPermission("U", ...) results in both F and U + /// permissions being assigned. Each call only replaces permissions of the same type. + /// + [Test] + public async Task SetPermission_MultiplePermissionsForSameGroup() + { + // Arrange + var content = ContentBuilder.CreateSimpleContent(ContentType, "MultiPermissionTest", -1); + ContentService.Save(content); + + var adminGroup = (await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias))!; + + // Act - Assign multiple permissions + ContentService.SetPermission(content, "F", new[] { adminGroup.Id }); // Browse + ContentService.SetPermission(content, "U", new[] { adminGroup.Id }); // Update + + // Assert + var permissions = ContentService.GetPermissions(content); + var adminPermissions = permissions.FirstOrDefault(p => p.UserGroupId == adminGroup.Id); + + Assert.That(adminPermissions, Is.Not.Null, "Should have permissions for admin group"); + Assert.That(adminPermissions!.AssignedPermissions, Does.Contain("F"), "Should have Browse permission"); + Assert.That(adminPermissions.AssignedPermissions, Does.Contain("U"), "Should have Update permission"); + } + + /// + /// Test 11: Verifies SetPermissions assigns a complete permission set. + /// + [Test] + public async Task SetPermissions_AssignsPermissionSet() + { + // Arrange + var content = ContentBuilder.CreateSimpleContent(ContentType, "PermissionSetTest", -1); + ContentService.Save(content); + + var adminGroup = (await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias))!; + + // Create permission set + var permissionSet = new EntityPermissionSet( + content.Id, + new EntityPermissionCollection(new[] + { + new EntityPermission(adminGroup.Id, content.Id, new HashSet { "F", "U", "P" }) // Browse, Update, Publish + })); + + // Act + ContentService.SetPermissions(permissionSet); + + // Assert + var permissions = ContentService.GetPermissions(content); + var adminPermissions = permissions.FirstOrDefault(p => p.UserGroupId == adminGroup.Id); + + Assert.That(adminPermissions, Is.Not.Null, "Should have permissions for admin group"); + Assert.That(adminPermissions!.AssignedPermissions, Does.Contain("F"), "Should have Browse permission"); + Assert.That(adminPermissions.AssignedPermissions, Does.Contain("U"), "Should have Update permission"); + Assert.That(adminPermissions.AssignedPermissions, Does.Contain("P"), "Should have Publish permission"); + } + + /// + /// Test 12: Verifies SetPermission can assign to multiple user groups simultaneously. + /// + [Test] + public async Task SetPermission_AssignsToMultipleUserGroups() + { + // Arrange + var content = ContentBuilder.CreateSimpleContent(ContentType, "MultiGroupTest", -1); + ContentService.Save(content); + + var adminGroup = (await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias))!; + var editorGroup = (await UserGroupService.GetAsync(Constants.Security.EditorGroupKey))!; + + // Act - Assign permission to multiple groups at once + ContentService.SetPermission(content, "F", new[] { adminGroup.Id, editorGroup.Id }); + + // Assert + var permissions = ContentService.GetPermissions(content); + + var adminPermissions = permissions.FirstOrDefault(p => p.UserGroupId == adminGroup.Id); + var editorPermissions = permissions.FirstOrDefault(p => p.UserGroupId == editorGroup.Id); + + Assert.That(adminPermissions, Is.Not.Null, "Should have permissions for admin group"); + Assert.That(adminPermissions!.AssignedPermissions, Does.Contain("F"), "Admin should have Browse permission"); + + Assert.That(editorPermissions, Is.Not.Null, "Should have permissions for editor group"); + Assert.That(editorPermissions!.AssignedPermissions, Does.Contain("F"), "Editor should have Browse permission"); + } #endregion