diff options
| author | Anika Henke <anika@selfthinker.org> | 2012-06-29 17:51:09 +0100 |
|---|---|---|
| committer | Anika Henke <anika@selfthinker.org> | 2012-06-29 17:51:09 +0100 |
| commit | 0c06a181819249c6a4a2a6c60e13f739df1f2253 (patch) | |
| tree | 859377c572d0acbfc520b02304ef515bf3aebbe0 /_test/tests/inc/auth_aclcheck.test.php | |
| parent | ef7e36e4fd2a168977754f0aac1d855fb651f104 (diff) | |
| parent | 5d0aaf958325f500ce69cfb79e69eb0d8f83fdeb (diff) | |
| download | rpg-0c06a181819249c6a4a2a6c60e13f739df1f2253.tar.gz rpg-0c06a181819249c6a4a2a6c60e13f739df1f2253.tar.bz2 | |
Merge branch 'master' of github.com:splitbrain/dokuwiki into frontend_improvements
Conflicts:
lib/tpl/dokuwiki/css/basic.css
Diffstat (limited to '_test/tests/inc/auth_aclcheck.test.php')
| -rw-r--r-- | _test/tests/inc/auth_aclcheck.test.php | 240 |
1 files changed, 240 insertions, 0 deletions
diff --git a/_test/tests/inc/auth_aclcheck.test.php b/_test/tests/inc/auth_aclcheck.test.php new file mode 100644 index 000000000..ea48ec6a5 --- /dev/null +++ b/_test/tests/inc/auth_aclcheck.test.php @@ -0,0 +1,240 @@ +<?php + +class auth_acl_test extends DokuWikiTest { + + var $oldConf; + var $oldAuthAcl; + + function setup() { + global $conf; + global $AUTH_ACL; + global $auth; + $this->oldConf = $conf; + $this->oldAuthAcl = $AUTH_ACL; + $auth = new auth_basic(); + } + + function teardown() { + global $conf; + global $AUTH_ACL; + $conf = $this->oldConf; + $AUTH_ACL = $this->oldAuthAcl; + + } + + function test_restricted(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + ); + + // anonymous user + $this->assertEquals(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user + $this->assertEquals(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + } + + function test_restricted_ropage(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + 'namespace:page @user 1', + ); + + // anonymous user + $this->assertEquals(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_READ); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user + $this->assertEquals(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + } + + function test_aclexample(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 4', + '* bigboss 16', + 'start @ALL 1', + 'marketing:* @marketing 8', + 'devel:* @ALL 0', + 'devel:* @devel 8', + 'devel:* bigboss 16', + 'devel:funstuff bigboss 0', + 'devel:* @marketing 1', + 'devel:marketing @marketing 2', + ); + + + $this->assertEquals(auth_aclcheck('page', '' ,array()) , AUTH_CREATE); + $this->assertEquals(auth_aclcheck('page', 'bigboss' ,array('foo')) , AUTH_DELETE); + $this->assertEquals(auth_aclcheck('page', 'jill' ,array('marketing')) , AUTH_CREATE); + $this->assertEquals(auth_aclcheck('page', 'jane' ,array('devel')) , AUTH_CREATE); + + $this->assertEquals(auth_aclcheck('start', '' ,array()) , AUTH_READ); + $this->assertEquals(auth_aclcheck('start', 'bigboss' ,array('foo')) , AUTH_READ); + $this->assertEquals(auth_aclcheck('start', 'jill' ,array('marketing')) , AUTH_READ); + $this->assertEquals(auth_aclcheck('start', 'jane' ,array('devel')) , AUTH_READ); + + $this->assertEquals(auth_aclcheck('marketing:page', '' ,array()) , AUTH_CREATE); + $this->assertEquals(auth_aclcheck('marketing:page', 'bigboss' ,array('foo')) , AUTH_DELETE); + $this->assertEquals(auth_aclcheck('marketing:page', 'jill' ,array('marketing')) , AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('marketing:page', 'jane' ,array('devel')) , AUTH_CREATE); + + + $this->assertEquals(auth_aclcheck('devel:page', '' ,array()) , AUTH_NONE); + $this->assertEquals(auth_aclcheck('devel:page', 'bigboss' ,array('foo')) , AUTH_DELETE); + $this->assertEquals(auth_aclcheck('devel:page', 'jill' ,array('marketing')) , AUTH_READ); + $this->assertEquals(auth_aclcheck('devel:page', 'jane' ,array('devel')) , AUTH_UPLOAD); + + $this->assertEquals(auth_aclcheck('devel:funstuff', '' ,array()) , AUTH_NONE); + $this->assertEquals(auth_aclcheck('devel:funstuff', 'bigboss' ,array('foo')) , AUTH_NONE); + $this->assertEquals(auth_aclcheck('devel:funstuff', 'jill' ,array('marketing')) , AUTH_READ); + $this->assertEquals(auth_aclcheck('devel:funstuff', 'jane' ,array('devel')) , AUTH_UPLOAD); + + $this->assertEquals(auth_aclcheck('devel:marketing', '' ,array()) , AUTH_NONE); + $this->assertEquals(auth_aclcheck('devel:marketing', 'bigboss' ,array('foo')) , AUTH_DELETE); + $this->assertEquals(auth_aclcheck('devel:marketing', 'jill' ,array('marketing')) , AUTH_EDIT); + $this->assertEquals(auth_aclcheck('devel:marketing', 'jane' ,array('devel')) , AUTH_UPLOAD); + + } + + function test_multiadmin_restricted(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john,@admin,doe,@roots'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + ); + + // anonymous user + $this->assertEquals(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user john + $this->assertEquals(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + + // super user doe + $this->assertEquals(auth_aclcheck('page', 'doe',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','doe',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'doe',array('foo')), AUTH_ADMIN); + + // user with matching admin group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','admin')), AUTH_ADMIN); + + // user with matching another admin group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','roots')), AUTH_ADMIN); + } + + function test_multiadmin_restricted_ropage(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john,@admin,doe,@roots'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + 'namespace:page @user 1', + ); + + // anonymous user + $this->assertEquals(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_READ); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user john + $this->assertEquals(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + + // super user doe + $this->assertEquals(auth_aclcheck('page', 'doe',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','doe',array('foo')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'doe',array('foo')), AUTH_ADMIN); + + // user with matching admin group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','admin')), AUTH_ADMIN); + + // user with matching another admin group + $this->assertEquals(auth_aclcheck('page', 'jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:page','jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEquals(auth_aclcheck('namespace:*', 'jill',array('foo','roots')), AUTH_ADMIN); + } + +} + +//Setup VIM: ex: et ts=4 : |