diff options
| author | Guy Brand <gb@isis.u-strasbg.fr> | 2008-02-27 15:25:15 +0100 |
|---|---|---|
| committer | Guy Brand <gb@isis.u-strasbg.fr> | 2008-02-27 15:25:15 +0100 |
| commit | 7651d633d828ae1f70ca70634c5ebfe0686db25a (patch) | |
| tree | d4d1aadeff14bdd43a83af4fc6daa7bae59e5b45 /_test | |
| parent | 52b0dd6759c3a1c726ae81acf5ab430b1ee6f308 (diff) | |
| download | rpg-7651d633d828ae1f70ca70634c5ebfe0686db25a.tar.gz rpg-7651d633d828ae1f70ca70634c5ebfe0686db25a.tar.bz2 | |
Superuser and manager now can be comma separated lists
This patch allows $conf['superuser'] and $conf['manager'] to be lists
of values instead of only a single value. So one can put:
$conf['superuser']
darcs-hash:20080227142515-19e2d-c160914589f71531583e7ddaab1fc6a81996efa1.gz
Diffstat (limited to '_test')
| -rw-r--r-- | _test/cases/inc/auth_aclcheck.test.php | 96 | ||||
| -rw-r--r-- | _test/cases/inc/auth_admincheck.test.php | 53 |
2 files changed, 149 insertions, 0 deletions
diff --git a/_test/cases/inc/auth_aclcheck.test.php b/_test/cases/inc/auth_aclcheck.test.php index 18242fd16..d8a8f285a 100644 --- a/_test/cases/inc/auth_aclcheck.test.php +++ b/_test/cases/inc/auth_aclcheck.test.php @@ -130,6 +130,102 @@ class auth_acl_test extends UnitTestCase { $this->assertEqual(auth_aclcheck('devel:marketing', 'jane' ,array('devel')) , AUTH_UPLOAD); } + + function test_multiadmin_restricted(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john,@admin,doe,@roots'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + ); + + // anonymous user + $this->assertEqual(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user john + $this->assertEqual(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + + // super user doe + $this->assertEqual(auth_aclcheck('page', 'doe',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','doe',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'doe',array('foo')), AUTH_ADMIN); + + // user with matching admin group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','admin')), AUTH_ADMIN); + + // user with matching another admin group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','roots')), AUTH_ADMIN); + } + + function test_multiadmin_restricted_ropage(){ + global $conf; + global $AUTH_ACL; + $conf['superuser'] = 'john,@admin,doe,@roots'; + $conf['useacl'] = 1; + + $AUTH_ACL = array( + '* @ALL 0', + '* @user 8', + 'namespace:page @user 1', + ); + + // anonymous user + $this->assertEqual(auth_aclcheck('page', '',array()), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:page','',array()), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:*', '',array()), AUTH_NONE); + + // user with no matching group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo')), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo')), AUTH_NONE); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo')), AUTH_NONE); + + // user with matching group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','user')), AUTH_UPLOAD); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','user')), AUTH_READ); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','user')), AUTH_UPLOAD); + + // super user john + $this->assertEqual(auth_aclcheck('page', 'john',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','john',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'john',array('foo')), AUTH_ADMIN); + + // super user doe + $this->assertEqual(auth_aclcheck('page', 'doe',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','doe',array('foo')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'doe',array('foo')), AUTH_ADMIN); + + // user with matching admin group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','admin')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','admin')), AUTH_ADMIN); + + // user with matching another admin group + $this->assertEqual(auth_aclcheck('page', 'jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:page','jill',array('foo','roots')), AUTH_ADMIN); + $this->assertEqual(auth_aclcheck('namespace:*', 'jill',array('foo','roots')), AUTH_ADMIN); + } + } //Setup VIM: ex: et ts=4 enc=utf-8 : diff --git a/_test/cases/inc/auth_admincheck.test.php b/_test/cases/inc/auth_admincheck.test.php new file mode 100644 index 000000000..c00271a26 --- /dev/null +++ b/_test/cases/inc/auth_admincheck.test.php @@ -0,0 +1,53 @@ +<?php + +require_once DOKU_INC.'inc/init.php'; +require_once DOKU_INC.'inc/auth.php'; + +class auth_admin_test extends UnitTestCase { + + function teardown() { + global $conf; + global $AUTH_ACL; + unset($conf); + unset($AUTH_ACL); + + } + + function test_ismanager(){ + global $conf; + $conf['superuser'] = 'john,@admin'; + $conf['manager'] = 'john,@managers,doe'; + + // anonymous user + $this->assertEqual(auth_ismanager('jill', '',false), false); + + // admin or manager users + $this->assertEqual(auth_ismanager('john', '',false), true); + $this->assertEqual(auth_ismanager('doe', '',false), true); + + // admin or manager groups + $this->assertEqual(auth_ismanager('jill', array('admin'),false), true); + $this->assertEqual(auth_ismanager('jill', array('managers'),false), true); + } + + function test_isadmin(){ + global $conf; + $conf['superuser'] = 'john,@admin,doe,@roots'; + + // anonymous user + $this->assertEqual(auth_ismanager('jill', '',true), false); + + // admin user + $this->assertEqual(auth_ismanager('john', '',true), true); + $this->assertEqual(auth_ismanager('doe', '',true), true); + + // admin groups + $this->assertEqual(auth_ismanager('jill', array('admin'),true), true); + $this->assertEqual(auth_ismanager('jill', array('roots'),true), true); + $this->assertEqual(auth_ismanager('john', array('admin'),true), true); + $this->assertEqual(auth_ismanager('doe', array('admin'),true), true); + } + +} + +//Setup VIM: ex: et ts=4 enc=utf-8 : |