1 files changed, 20 insertions, 2 deletions

diff --git a/modules/user/user.test b/modules/user/user.test
index 92af9fa9a..123beee6c 100644
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -2106,7 +2106,7 @@ class UserUserSearchTestCase extends DrupalWebTestCase {
   public static function getInfo() {
     return array(
       'name' => 'User search',
-      'description' => 'Testing that only user with the right permission can see the email address in the user search.',
+      'description' => 'Tests the user search page and verifies that sensitive information is hidden from unauthorized users.',
       'group' => 'User',
     );
   }
@@ -2126,11 +2126,29 @@ class UserUserSearchTestCase extends DrupalWebTestCase {
     $edit = array('keys' => $keys);
     $this->drupalPost('search/user/', $edit, t('Search'));
     $this->assertText($keys);
+
+    // Create a blocked user.
+    $blocked_user = $this->drupalCreateUser();
+    $edit = array('status' => 0);
+    $blocked_user = user_save($blocked_user, $edit);
+
+    // Verify that users with "administer users" permissions can see blocked
+    // accounts in search results.
+    $edit = array('keys' => $blocked_user->name);
+    $this->drupalPost('search/user/', $edit, t('Search'));
+    $this->assertText($blocked_user->name, 'Blocked users are listed on the user search results for users with the "administer users" permission.');
+
+    // Verify that users without "administer users" permissions do not see
+    // blocked accounts in search results.
+    $this->drupalLogin($user1);
+    $edit = array('keys' => $blocked_user->name);
+    $this->drupalPost('search/user/', $edit, t('Search'));
+    $this->assertNoText($blocked_user->name, 'Blocked users are hidden from the user search results.');
+
     $this->drupalLogout();
   }
 }
 
-
 /**
  * Test role assignment.
  */