diff --git a/database/factories/ProcessVariablesFactory.php b/database/factories/ProcessVariablesFactory.php new file mode 100644 index 000000000..6892de0b9 --- /dev/null +++ b/database/factories/ProcessVariablesFactory.php @@ -0,0 +1,21 @@ +define(ProcessVariables::class, function (Faker $faker) { + return [ + 'VAR_UID' => G::generateUniqueID(), + 'PRJ_UID' => G::generateUniqueID(), + 'VAR_NAME' => $faker->word, + 'VAR_FIELD_TYPE' => G::generateUniqueID(), + 'VAR_FIELD_SIZE' => 10, + 'VAR_LABEL' => 'string', + 'VAR_DBCONNECTION' => 'workflow', + 'VAR_SQL' => '', + 'VAR_NULL' => 0, + 'VAR_DEFAULT' => '', + 'VAR_ACCEPTED_VALUES' => '', + 'INP_DOC_UID' => '' + ]; +}); \ No newline at end of file diff --git a/database/factories/TriggerFactory.php b/database/factories/TriggerFactory.php new file mode 100644 index 000000000..e0b9adfe6 --- /dev/null +++ b/database/factories/TriggerFactory.php @@ -0,0 +1,16 @@ +define(Triggers::class, function (Faker $faker) { + return [ + 'TRI_UID' => G::generateUniqueID(), + 'TRI_TITLE' => $faker->sentence(5), + 'TRI_DESCRIPTION' => $faker->text, + 'PRO_UID' => G::generateUniqueID(), + 'TRI_TYPE' => 'SCRIPT', + 'TRI_WEBBOT' => $faker->text, + 'TRI_PARAM' => '', + ]; +}); \ No newline at end of file diff --git a/tests/unit/gulliver/system/gTest.php b/tests/unit/gulliver/system/gTest.php new file mode 100755 index 000000000..eec38b7e3 --- /dev/null +++ b/tests/unit/gulliver/system/gTest.php @@ -0,0 +1,353 @@ +assertContains($word, $res); + } + } + + /** + * It tests that all the reserved words in MySQL 5.6 and MySQL 5.7 are present + * + * @test + */ + public function it_should_match_all_reserved_words_in_mysql_57() + { + $res = G::reservedWordsSql(); + $words = [ + "ACCESSIBLE", + "ADD", + "ALL", + "ALTER", + "ANALYZE", + "AND", + "AS", + "ASC", + "ASENSITIVE", + "AUTHORIZATION", + "BEFORE", + "BETWEEN", + "BIGINT", + "BINARY", + "BLOB", + "BOTH", + "BREAK", + "BROWSE", + "BULK", + "BY", + "CALL", + "CASCADE", + "CASE", + "CHANGE", + "CHAR", + "CHARACTER", + "CHECK", + "CHECKPOINT", + "CLUSTERED", + "COLLATE", + "COLUMN", + "COMPUTE", + "CONDITION", + "CONSTRAINT", + "CONTAINSTABLE", + "CONTINUE", + "CONVERT", + "CREATE", + "CROSS", + "CURRENT_DATE", + "CURRENT_TIME", + "CURRENT_TIMESTAMP", + "CURRENT_USER", + "CURSOR", + "DATABASE", + "DATABASES", + "DAY_HOUR", + "DAY_MICROSECOND", + "DAY_MINUTE", + "DAY_SECOND", + "DBCC", + "DEC", + "DECIMAL", + "DECLARE", + "DEFAULT", + "DELAYED", + "DELETE", + "DENY", + "DESC", + "DESCRIBE", + "DETERMINISTIC", + "DISTINCT", + "DISTINCTROW", + "DISTRIBUTED", + "DIV", + "DOUBLE", + "DROP", + "DUAL", + "DUMMY", + "DUMP", + "EACH", + "ELSE", + "ELSEIF", + "ENCLOSED", + "ERRLVL", + "ESCAPED", + "EXCEPT", + "EXEC", + "EXISTS", + "EXIT", + "EXPLAIN", + "FALSE", + "FETCH", + "FILLFACTOR", + "FLOAT", + "FLOAT4", + "FLOAT8", + "FOR", + "FORCE", + "FOREIGN", + "FREETEXT", + "FREETEXTTABLE", + "FROM", + "FULLTEXT", + "GENERATED", + "GET", + "GOTO", + "GRANT", + "GROUP", + "HAVING", + "HIGH_PRIORITY", + "HOLDLOCK", + "HOUR_MICROSECOND", + "HOUR_MINUTE", + "HOUR_SECOND", + "IDENTITY", + "IDENTITYCOL", + "IDENTITY_INSERT", + "IF", + "IGNORE", + "IN", + "INDEX", + "INFILE", + "INNER", + "INOUT", + "INSENSITIVE", + "INSERT", + "INT", + "INT1", + "INT2", + "INT3", + "INT4", + "INT8", + "INTEGER", + "INTERSECT", + "INTERVAL", + "INTO", + "IO_AFTER_GTIDS", + "IO_BEFORE_GTIDS", + "IS", + "ITERATE", + "JOIN", + "KEY", + "KEYS", + "KILL", + "LEADING", + "LEAVE", + "LEFT", + "LIKE", + "LIMIT", + "LINEAR", + "LINENO", + "LINES", + "LOAD", + "LOCALTIME", + "LOCALTIMESTAMP", + "LOCK", + "LONG", + "LONGBLOB", + "LONGTEXT", + "LOOP", + "LOW_PRIORITY", + "MASTER_BIND", + "MASTER_SSL_VERIFY_SERVER_CERT", + "MATCH", + "MAXVALUE", + "MEDIUMBLOB", + "MEDIUMINT", + "MEDIUMTEXT", + "MIDDLEINT", + "MINUTE_MICROSECOND", + "MINUTE_SECOND", + "MOD", + "MODIFIES", + "NATURAL", + "NOCHECK", + "NONCLUSTERED", + "NOT", + "NO_WRITE_TO_BINLOG", + "NULL", + "NULLIF", + "NUMERIC", + "OF", + "OFF", + "OFFSETS", + "ON", + "OPENDATASOURCE", + "OPENQUERY", + "OPENROWSET", + "OPENXML", + "OPTIMIZE", + "OPTIMIZER_COSTS", + "OPTION", + "OPTIONALLY", + "OR", + "ORDER", + "OUT", + "OUTER", + "OUTFILE", + "OVER", + "PARTITION", + "PARSE_GCOL_EXPR", + "PERCENT", + "PLAN", + "PRECISION", + "PRIMARY", + "PRINT", + "PROC", + "PROCEDURE", + "PUBLIC", + "PURGE", + "RAISERROR", + "RANGE", + "READ", + "READS", + "READTEXT", + "READ_WRITE", + "REAL", + "RECONFIGURE", + "REFERENCES", + "REGEXP", + "RELEASE", + "RENAME", + "REPEAT", + "REPLACE", + "REQUIRE", + "RESIGNAL", + "RESTRICT", + "RETURN", + "REVOKE", + "RIGHT", + "RLIKE", + "ROWCOUNT", + "ROWGUIDCOL", + "RULE", + "SAVE", + "SCHEMA", + "SCHEMAS", + "SECOND_MICROSECOND", + "SELECT", + "SENSITIVE", + "SEPARATOR", + "SESSION_USER", + "SET", + "SETUSER", + "SHOW", + "SIGNAL", + "SMALLINT", + "SPATIAL", + "SPECIFIC", + "SQL", + "SQLEXCEPTION", + "SQLSTATE", + "SQLWARNING", + "SQL_AFTER_GTIDS", + "SQL_BEFORE_GTIDS", + "SQL_BIG_RESULT", + "SQL_CALC_FOUND_ROWS", + "SQL_SMALL_RESULT", + "SSL", + "STARTING", + "STATISTICS", + "STORED", + "STRAIGHT_JOIN", + "SYSTEM_USER", + "TABLE", + "TERMINATED", + "TEXTSIZE", + "THEN", + "TINYBLOB", + "TINYINT", + "TINYTEXT", + "TO", + "TOP", + "TRAILING", + "TRAN", + "TRIGGER", + "TRUE", + "TSEQUAL", + "UNDO", + "UNION", + "UNIQUE", + "UNLOCK", + "UNSIGNED", + "UPDATE", + "UPDATETEXT", + "USAGE", + "USE", + "USING", + "UTC_DATE", + "UTC_TIME", + "UTC_TIMESTAMP", + "VALUES", + "VARBINARY", + "VARCHAR", + "VARCHARACTER", + "VARYING", + "VIRTUAL", + "WAITFOR", + "WHEN", + "WHERE", + "WHILE", + "WITH", + "WRITE", + "WRITETEXT", + "XOR", + "YEAR_MONTH", + "ZEROFILL", + "_FILENAME" + ]; + foreach ($words as $word) { + //This assert the array contains all the reserved words in MySQL 5.6 and MySQL 5.7 + $this->assertContains($word, $res); + } + } +} \ No newline at end of file diff --git a/tests/unit/workflow/engine/bin/tasks/CliWorkspacesTest.php b/tests/unit/workflow/engine/bin/tasks/CliWorkspacesTest.php index 061f78549..cedb86d6c 100644 --- a/tests/unit/workflow/engine/bin/tasks/CliWorkspacesTest.php +++ b/tests/unit/workflow/engine/bin/tasks/CliWorkspacesTest.php @@ -2,10 +2,17 @@ namespace Tests\unit\workflow\engine\bin\tasks; +use Illuminate\Foundation\Testing\DatabaseTransactions; +use ProcessMaker\Model\Dynaform; +use ProcessMaker\Model\Process; +use ProcessMaker\Model\ProcessVariables; +use ProcessMaker\Model\Triggers; use Tests\TestCase; class CliWorkspacesTest extends TestCase { + use DatabaseTransactions; + /** * Test that the deprecated files are removed successfully * @@ -134,4 +141,134 @@ class CliWorkspacesTest extends TestCase return $permissions; } + + /** + * Test the queries incompatibilities in dynaforms + * @test + */ + public function it_should_test_the_incompatibilities_in_the_dynaforms_queries() + { + config(["system.workspace" => 'workflow']); + + $process = factory(Process::class, 2)->create(); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"2","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6170264265d1b544bebdbd5098250194","name":"2","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"title","id":"title0000000001","label":"title_1","colSpan":12}],[{"type":"text","variable":"textVar002","var_uid":"9778460595d1b545088dd69091601043","dataType":"string","protectedValue":false,"id":"textVar002","name":"textVar002","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","var_name":"textVar002","colSpan":12}],[{"type":"textarea","variable":"textareaVar001","var_uid":"2934510045d1b5453f21373072798412","dataType":"string","protectedValue":false,"id":"textareaVar001","name":"textareaVar001","label":"textarea_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","validate":"","validateMessage":"","mode":"parent","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","rows":"5","var_name":"textareaVar001","colSpan":12}],[{"type":"datetime","variable":"datetimeVar001","var_uid":"9780823375d1b5455e9c3a2064729484","dataType":"datetime","protectedValue":false,"id":"datetimeVar001","name":"datetimeVar001","label":"datetime_1","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","mode":"parent","format":"YYYY-MM-DD","dayViewHeaderFormat":"MMMM YYYY","extraFormats":false,"stepping":1,"minDate":"","maxDate":"","useCurrent":"false","collapse":true,"locale":"","defaultDate":"","disabledDates":false,"enabledDates":false,"icons":{"time":"glyphicon glyphicon-time","date":"glyphicon glyphicon-calendar","up":"glyphicon glyphicon-chevron-up","down":"glyphicon glyphicon-chevron-down","previous":"glyphicon glyphicon-chevron-left","next":"glyphicon glyphicon-chevron-right","today":"glyphicon glyphicon-screenshot","clear":"glyphicon glyphicon-trash"},"useStrict":false,"sideBySide":false,"daysOfWeekDisabled":false,"calendarWeeks":false,"viewMode":"days","toolbarPlacement":"default","showTodayButton":false,"showClear":"false","widgetPositioning":{"horizontal":"auto","vertical":"auto"},"widgetParent":null,"keepOpen":false,"var_name":"datetimeVar001","colSpan":12}],[{"type":"submit","id":"submit0000000001","name":"submit0000000001","label":"submit_1","colSpan":12}]],"variables":[{"var_uid":"9778460595d1b545088dd69091601043","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar002","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"2934510045d1b5453f21373072798412","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textareaVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"9780823375d1b5455e9c3a2064729484","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"datetimeVar001","var_field_type":"datetime","var_field_size":10,"var_label":"datetime","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + $dynaform = factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"1","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6817532755d16225629cb05061521548","name":"1","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"text","variable":"textVar001","var_uid":"4746221155d1622658943d1014840579","dataType":"string","protectedValue":false,"id":"textVar001","name":"textVar001","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"SELECT * FROM USERS WHERE \nUSR_UID=\'$UID\' UNION SELECT * from PROCESS","var_name":"textVar001","colSpan":12}]],"variables":[{"var_uid":"4746221155d1622658943d1014840579","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + check_queries_incompatibilities('workflow'); + + $result = ob_get_contents(); + + // This assert that the message contains the second process name + $this->assertRegExp('/'.$process[1]['PRO_TITLE'].'/',$result); + + // This assert that the message contains the second dynaform with the UNION query + $this->assertRegExp('/'.$dynaform['DYN_TITLE'].'/',$result); + } + + /** + * Test the queries incompatibilities in variables + * @test + */ + public function it_should_test_the_incompatibilities_in_the_variables_queries() + { + config(["system.workspace" => 'workflow']); + + $process = factory(Process::class, 2)->create(); + + $variables = factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[0]['PRO_UID'], + 'VAR_SQL' => 'SELECT * FROM USERS WHERE USR_UID="213" UNION SELECT * from PROCESS' + ] + ); + + factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[1]['PRO_UID'], + 'VAR_SQL' => '' + ] + ); + + check_queries_incompatibilities('workflow'); + + $result = ob_get_contents(); + + // This assert that the message contains the first process name + $this->assertRegExp('/'.$process[0]['PRO_TITLE'].'/',$result); + + // This assert that the message contains the first dynaform with the UNION query + $this->assertRegExp('/'.$variables['VAR_TITLE'].'/',$result); + } + + /** + * Test the queries incompatibilities in triggers + * @test + */ + public function it_should_test_the_incompatibilities_in_the_triggers_queries() + { + config(["system.workspace" => 'workflow']); + + $process = factory(Process::class, 3)->create(); + $trigger = factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'TRI_WEBBOT' => '$text=222; + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $query = "SELECT * FROM USERS UNION + + SELECT * FROM TASKS"; + + $QUERY2 = "select * from USERS union SELECT * from GROUPS"; + + $s1 = "select * from USER"; + $s2 = "select * from TASK"; + + $query3 = $s1. " UNION " . $s2; + + executeQuery($query3);' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'TRI_WEBBOT' => 'die();' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[2]['PRO_UID'], + 'TRI_WEBBOT' => 'executeQuery("select * from USERS");' + ] + ); + + check_queries_incompatibilities('workflow'); + $result = ob_get_contents(); + + // This assert that the message contains the first process name + $this->assertRegExp('/'.$process[0]['PRO_TITLE'].'/',$result); + + // This assert that the message contains the first trigger with the UNION query + $this->assertRegExp('/'.$trigger['TRI_TITLE'].'/',$result); + } } \ No newline at end of file diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Core/SystemTest.php b/tests/unit/workflow/engine/src/ProcessMaker/Core/SystemTest.php new file mode 100644 index 000000000..e27d5b9dc --- /dev/null +++ b/tests/unit/workflow/engine/src/ProcessMaker/Core/SystemTest.php @@ -0,0 +1,38 @@ +initLaravel(); + + // Assert that the configurations were set successfully + $this->assertEquals(DB_HOST, config('database.connections.workflow.host')); + $this->assertEquals(DB_NAME, config('database.connections.workflow.database')); + $this->assertEquals(DB_USER, config('database.connections.workflow.username')); + $this->assertEquals(DB_PASS, config('database.connections.workflow.password')); + } +} \ No newline at end of file diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Model/DynaformTest.php b/tests/unit/workflow/engine/src/ProcessMaker/Model/DynaformTest.php new file mode 100644 index 000000000..154ff9b96 --- /dev/null +++ b/tests/unit/workflow/engine/src/ProcessMaker/Model/DynaformTest.php @@ -0,0 +1,50 @@ +create(); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"2","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6170264265d1b544bebdbd5098250194","name":"2","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"title","id":"title0000000001","label":"title_1","colSpan":12}],[{"type":"text","variable":"textVar002","var_uid":"9778460595d1b545088dd69091601043","dataType":"string","protectedValue":false,"id":"textVar002","name":"textVar002","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","var_name":"textVar002","colSpan":12}],[{"type":"textarea","variable":"textareaVar001","var_uid":"2934510045d1b5453f21373072798412","dataType":"string","protectedValue":false,"id":"textareaVar001","name":"textareaVar001","label":"textarea_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","validate":"","validateMessage":"","mode":"parent","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","rows":"5","var_name":"textareaVar001","colSpan":12}],[{"type":"datetime","variable":"datetimeVar001","var_uid":"9780823375d1b5455e9c3a2064729484","dataType":"datetime","protectedValue":false,"id":"datetimeVar001","name":"datetimeVar001","label":"datetime_1","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","mode":"parent","format":"YYYY-MM-DD","dayViewHeaderFormat":"MMMM YYYY","extraFormats":false,"stepping":1,"minDate":"","maxDate":"","useCurrent":"false","collapse":true,"locale":"","defaultDate":"","disabledDates":false,"enabledDates":false,"icons":{"time":"glyphicon glyphicon-time","date":"glyphicon glyphicon-calendar","up":"glyphicon glyphicon-chevron-up","down":"glyphicon glyphicon-chevron-down","previous":"glyphicon glyphicon-chevron-left","next":"glyphicon glyphicon-chevron-right","today":"glyphicon glyphicon-screenshot","clear":"glyphicon glyphicon-trash"},"useStrict":false,"sideBySide":false,"daysOfWeekDisabled":false,"calendarWeeks":false,"viewMode":"days","toolbarPlacement":"default","showTodayButton":false,"showClear":"false","widgetPositioning":{"horizontal":"auto","vertical":"auto"},"widgetParent":null,"keepOpen":false,"var_name":"datetimeVar001","colSpan":12}],[{"type":"submit","id":"submit0000000001","name":"submit0000000001","label":"submit_1","colSpan":12}]],"variables":[{"var_uid":"9778460595d1b545088dd69091601043","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar002","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"2934510045d1b5453f21373072798412","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textareaVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"9780823375d1b5455e9c3a2064729484","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"datetimeVar001","var_field_type":"datetime","var_field_size":10,"var_label":"datetime","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"1","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6817532755d16225629cb05061521548","name":"1","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"text","variable":"textVar001","var_uid":"4746221155d1622658943d1014840579","dataType":"string","protectedValue":false,"id":"textVar001","name":"textVar001","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"SELECT * FROM USERS WHERE \nUSR_UID=\'$UID\' UNION SELECT * from PROCESS","var_name":"textVar001","colSpan":12}]],"variables":[{"var_uid":"4746221155d1622658943d1014840579","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[2]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"1","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6817532755d16225629cb05061521548","name":"1","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"text","variable":"textVar001","var_uid":"4746221155d1622658943d1014840579","dataType":"string","protectedValue":false,"id":"textVar001","name":"textVar001","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"SELECT * FROM USERS WHERE \nUSR_UID=\'$UID\' UNION SELECT * from PROCESS","var_name":"textVar001","colSpan":12}]],"variables":[{"var_uid":"4746221155d1622658943d1014840579","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + $dynaformQuery = Dynaform::query()->select(); + $dynaformQuery->process($process[0]['PRO_UID']); + $result = $dynaformQuery->get()->values()->toArray(); + + // Assert there is a dynaform for the specific process + $this->assertCount(1, $result); + + // Assert that the result has the correct filtered process + $this->assertEquals($process[0]['PRO_UID'], $result[0]['PRO_UID']); + } +} \ No newline at end of file diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Model/ProcessVariablesTest.php b/tests/unit/workflow/engine/src/ProcessMaker/Model/ProcessVariablesTest.php new file mode 100644 index 000000000..b5da806a9 --- /dev/null +++ b/tests/unit/workflow/engine/src/ProcessMaker/Model/ProcessVariablesTest.php @@ -0,0 +1,51 @@ +create(); + + factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[0]['PRO_UID'], + 'VAR_SQL' => 'SELECT * FROM USERS WHERE USR_UID="213" UNION SELECT * from PROCESS' + ] + ); + + factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[1]['PRO_UID'], + 'VAR_SQL' => '' + ] + ); + + factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[0]['PRO_UID'], + 'VAR_SQL' => '' + ] + ); + + $variablesQuery = ProcessVariables::query()->select(); + $variablesQuery->process($process[0]['PRO_UID']); + $result = $variablesQuery->get()->values()->toArray(); + + // Assert there are two process variables for the specific process + $this->assertCount(2, $result); + + // Assert that the result has the correct filtered process + $this->assertEquals($process[0]['PRO_UID'], $result[0]['PRJ_UID']); + $this->assertEquals($process[0]['PRO_UID'], $result[1]['PRJ_UID']); + } +} \ No newline at end of file diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Model/TriggersTest.php b/tests/unit/workflow/engine/src/ProcessMaker/Model/TriggersTest.php new file mode 100644 index 000000000..36b4239d9 --- /dev/null +++ b/tests/unit/workflow/engine/src/ProcessMaker/Model/TriggersTest.php @@ -0,0 +1,77 @@ +create(); + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'TRI_WEBBOT' => '$text=222; + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $query = "SELECT * FROM USERS UNION + + SELECT * FROM TASKS"; + + $QUERY2 = "select * from USERS union SELECT * from GROUPS"; + + $s1 = "select * from USER"; + $s2 = "select * from TASK"; + + $query3 = $s1. " UNION " . $s2; + + executeQuery($query3);' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'TRI_WEBBOT' => 'die();' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[2]['PRO_UID'], + 'TRI_WEBBOT' => 'executeQuery("select * from USERS");' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[2]['PRO_UID'], + 'TRI_WEBBOT' => 'executeQuery();' + ] + ); + + $triggerQuery = Triggers::query()->select(); + $triggerQuery->process($process[2]['PRO_UID']); + $result = $triggerQuery->get()->values()->toArray(); + + // Assert there are two triggers for the specific process + $this->assertCount(2, $result); + + // Assert that the result has the correct filtered process + $this->assertEquals($process[2]['PRO_UID'], $result[0]['PRO_UID']); + $this->assertEquals($process[2]['PRO_UID'], $result[1]['PRO_UID']); + } +} \ No newline at end of file diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Validation/MySQL57Test.php b/tests/unit/workflow/engine/src/ProcessMaker/Validation/MySQL57Test.php new file mode 100644 index 000000000..cd0a35877 --- /dev/null +++ b/tests/unit/workflow/engine/src/ProcessMaker/Validation/MySQL57Test.php @@ -0,0 +1,219 @@ +create(); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"2","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6170264265d1b544bebdbd5098250194","name":"2","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"title","id":"title0000000001","label":"title_1","colSpan":12}],[{"type":"text","variable":"textVar002","var_uid":"9778460595d1b545088dd69091601043","dataType":"string","protectedValue":false,"id":"textVar002","name":"textVar002","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","var_name":"textVar002","colSpan":12}],[{"type":"textarea","variable":"textareaVar001","var_uid":"2934510045d1b5453f21373072798412","dataType":"string","protectedValue":false,"id":"textareaVar001","name":"textareaVar001","label":"textarea_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","validate":"","validateMessage":"","mode":"parent","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"","rows":"5","var_name":"textareaVar001","colSpan":12}],[{"type":"datetime","variable":"datetimeVar001","var_uid":"9780823375d1b5455e9c3a2064729484","dataType":"datetime","protectedValue":false,"id":"datetimeVar001","name":"datetimeVar001","label":"datetime_1","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","mode":"parent","format":"YYYY-MM-DD","dayViewHeaderFormat":"MMMM YYYY","extraFormats":false,"stepping":1,"minDate":"","maxDate":"","useCurrent":"false","collapse":true,"locale":"","defaultDate":"","disabledDates":false,"enabledDates":false,"icons":{"time":"glyphicon glyphicon-time","date":"glyphicon glyphicon-calendar","up":"glyphicon glyphicon-chevron-up","down":"glyphicon glyphicon-chevron-down","previous":"glyphicon glyphicon-chevron-left","next":"glyphicon glyphicon-chevron-right","today":"glyphicon glyphicon-screenshot","clear":"glyphicon glyphicon-trash"},"useStrict":false,"sideBySide":false,"daysOfWeekDisabled":false,"calendarWeeks":false,"viewMode":"days","toolbarPlacement":"default","showTodayButton":false,"showClear":"false","widgetPositioning":{"horizontal":"auto","vertical":"auto"},"widgetParent":null,"keepOpen":false,"var_name":"datetimeVar001","colSpan":12}],[{"type":"submit","id":"submit0000000001","name":"submit0000000001","label":"submit_1","colSpan":12}]],"variables":[{"var_uid":"9778460595d1b545088dd69091601043","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar002","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"2934510045d1b5453f21373072798412","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textareaVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""},{"var_uid":"9780823375d1b5455e9c3a2064729484","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"datetimeVar001","var_field_type":"datetime","var_field_size":10,"var_label":"datetime","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + factory(Dynaform::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'DYN_CONTENT' => '{"name":"1","description":"","items":[{"type":"form","variable":"","var_uid":"","dataType":"","id":"6817532755d16225629cb05061521548","name":"1","description":"","mode":"edit","script":"","language":"en","externalLibs":"","printable":false,"items":[[{"type":"text","variable":"textVar001","var_uid":"4746221155d1622658943d1014840579","dataType":"string","protectedValue":false,"id":"textVar001","name":"textVar001","label":"text_1","defaultValue":"","placeholder":"","hint":"","required":false,"requiredFieldErrorMessage":"","textTransform":"none","validate":"","validateMessage":"","maxLength":1000,"formula":"","mode":"parent","operation":"","dbConnection":"workflow","dbConnectionLabel":"PM Database","sql":"SELECT * FROM USERS WHERE \nUSR_UID=\'$UID\' UNION SELECT * from PROCESS","var_name":"textVar001","colSpan":12}]],"variables":[{"var_uid":"4746221155d1622658943d1014840579","prj_uid":"5139642915ccb3fca429a36061714972","var_name":"textVar001","var_field_type":"string","var_field_size":10,"var_label":"string","var_dbconnection":"workflow","var_dbconnection_label":"PM Database","var_sql":"","var_null":0,"var_default":"","var_accepted_values":"[]","inp_doc_uid":""}]}]}' + ] + ); + + $processes = [ + [ + "PRO_UID" => $process[0]['PRO_UID'], + "PRO_TITLE" => $process[0]['PRO_TITLE'] + ], + [ + "PRO_UID" => $process[1]['PRO_UID'], + "PRO_TITLE" => $process[1]['PRO_TITLE'] + ] + ]; + + $object = new MySQL57(); + $result = $object->checkIncompatibilityDynaforms($processes); + + // This asserts that there is a result + $this->assertNotEmpty($result); + + // This asserts that there is a process that contains an UNION query inside a dynaform + $this->assertCount(1, $result); + + // This asserts that the process containing the UNION queries inside a dynaform, is the first one + $this->assertEquals($result[0]['PRO_UID'], $process[1]['PRO_UID']); + } + + /** + * Test the MySQL 5.7 incompatibilities in variables + * + * @test + */ + public function it_should_test_incompatibilities_with_variables() + { + $process = factory(Process::class, 2)->create(); + + factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[0]['PRO_UID'], + 'VAR_SQL' => 'SELECT * FROM USERS WHERE USR_UID="213" UNION SELECT * from PROCESS', + ] + ); + + $variables = factory(ProcessVariables::class)->create( + [ + 'PRJ_UID' => $process[1]['PRO_UID'], + 'VAR_SQL' => '', + ] + ); + + + $processes = [ + [ + "PRO_UID" => $process[0]['PRO_UID'], + "PRO_TITLE" => $process[0]['PRO_TITLE'] + ], + [ + "PRO_UID" => $process[1]['PRO_UID'], + "PRO_TITLE" => $process[1]['PRO_TITLE'] + ] + ]; + + $object = new MySQL57(); + $result = $object->checkIncompatibilityVariables($processes); + + // This asserts that there is a result + $this->assertNotEmpty($result); + + // This asserts that there is a process that contains an UNION query in a variable + $this->assertCount(1, $result); + + // This asserts that the process containing the UNION query in a variable, is the first one + $this->assertEquals($result[0]['PRO_UID'], $process[0]['PRO_UID']); + + // This asserts that the result does not contain a variable that does not have a UNION query + $this->assertNotEquals($result[0]['VAR_UID'], $variables['VAR_UID']); + } + + /** + * Test the MySQL 5.7 incompatibilities in triggers + * + * @test + */ + public function it_should_test_incompatibilities_with_triggers() + { + $process = factory(Process::class, 3)->create(); + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[0]['PRO_UID'], + 'TRI_WEBBOT' => '$text=222; + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $var1= executeQuery("SELECT * + FROM USERS WHERE + USR_UID=\'$UID\' UNION SELECT * from PROCESS"); + + $query = "SELECT * FROM USERS UNION + + SELECT * FROM TASKS"; + + $QUERY2 = "select * from USERS union SELECT * from GROUPS"; + + $s1 = "select * from USER"; + $s2 = "select * from TASK"; + + $query3 = $s1. " UNION " . $s2; + + executeQuery($query3);' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[1]['PRO_UID'], + 'TRI_WEBBOT' => 'die();' + ] + ); + + factory(Triggers::class)->create( + [ + 'PRO_UID' => $process[2]['PRO_UID'], + 'TRI_WEBBOT' => 'executeQuery("select * from USERS");' + ] + ); + + $processes = [ + [ + "PRO_UID" => $process[0]['PRO_UID'], + "PRO_TITLE" => $process[0]['PRO_TITLE'] + ], + [ + "PRO_UID" => $process[1]['PRO_UID'], + "PRO_TITLE" => $process[1]['PRO_TITLE'] + ], + [ + "PRO_UID" => $process[2]['PRO_UID'], + "PRO_TITLE" => $process[2]['PRO_TITLE'] + ] + ]; + + $object = new MySQL57(); + $result = $object->checkIncompatibilityTriggers($processes); + + // This asserts that there is a result + $this->assertNotEmpty($result); + + // This asserts that there is a process that contains an UNION query + $this->assertCount(1, $result); + + // This asserts that the process containing the UNION queries is the first one + $this->assertEquals($result[0]['PRO_UID'], $process[0]['PRO_UID']); + } + + /** + * Test the query analyzer method + * + * @test + */ + public function it_should_test_the_query_analyzer() + { + $query = ""; + + $object = new MySQL57(); + $result = $object->analyzeQuery($query); + + // This asserts that there is not a UNION query + $this->assertFalse($result); + + $query = "select * from USERS UNION select '1241412515'"; + $result = $object->analyzeQuery($query); + + // This asserts that there is a UNION query + $this->assertTrue($result); + + $query = "select * from USERS LEFT JOIN TASKS ON 'USERS.USR_UID = TASKS.USR_UID '"; + $result = $object->analyzeQuery($query); + + // This asserts that there is not a UNION query + $this->assertFalse($result); + } +} \ No newline at end of file