public function testDelete()
{
$user = User::create();
$user->login = '******';
$user->is_active = true;
$user->save();
$this->models[] = $user;
$response = new \Bazalt\Rest\Response(403, 'Permission denied');
$this->assertResponse('DELETE /auth/users/' . $user->id, ['contentType' => 'application/json'], $response);
$user = User::getById($user->id);
$this->assertEquals(0, $user->is_deleted);
$this->addPermission('auth.can_delete_user', $user);
// login
\Bazalt\Auth::setUser($user);
$response = new \Bazalt\Rest\Response(400, ['id' => 'Can\'t delete yourself']);
$this->assertResponse('DELETE /auth/users/' . $user->id, ['contentType' => 'application/json'], $response);
$user = User::getById($user->id);
$this->assertEquals(0, $user->is_deleted);
$user2 = User::create();
$user2->login = '******';
$user2->is_active = true;
$user2->save();
$this->models[] = $user2;
$this->addPermission('auth.can_delete_user', $user2);
// login
\Bazalt\Auth::setUser($user2);
$response = new \Bazalt\Rest\Response(200, true);
$this->assertResponse('DELETE /auth/users/' . $user->id, ['contentType' => 'application/json'], $response);
$user = User::getById($user->id);
$this->assertEquals(1, $user->is_deleted);
}
/**
* @method DELETE
* @json
*/
public function logout()
{
$user = \Bazalt\Auth::getUser();
if ($user->isGuest()) {
return new Response(Response::OK, $user->toArray());
}
\Bazalt\Auth::logout();
$user = \Bazalt\Auth::getUser();
return new Response(Response::OK, $user->toArray());
}
protected function tearDown()
{
parent::tearDown();
if ($this->user->id) {
$this->user->delete();
}
$this->user = null;
\Bazalt\Auth::setUser(null);
foreach ($this->models as $model) {
$model->delete();
}
}
/**
* Хендлер на евент моделі onSave. Викликається при збереженні об'єкта в БД
*
* @param \Bazalt\ORM\Record $record Поточний запис
* @param bool &$return Флаг, який зупиняє подальше виконання save()
*
* @return void
*/
public function onSave(\Bazalt\ORM\Record $record, &$return)
{
$options = $this->getOptions();
$user = \Bazalt\Auth::getUser();
if (!array_key_exists(get_class($record), $options) || $user->isGuest()) {
return;
}
$options = $options[get_class($record)];
if (array_key_exists('created_by', $options) && $record->isPKEmpty()) {
$record->{$options['created_by']} = $user->id;
}
if (array_key_exists('updated_by', $options)) {
$record->{$options['updated_by']} = $user->id;
}
}
/**
* @method DELETE
* @json
*/
public function deleteUser($id)
{
$user = \Bazalt\Auth::getUser();
$profile = User::getById($id);
if (!$profile) {
return new Response(400, ['id' => 'User not found']);
}
if (!$user->hasPermission('auth.can_delete_user')) {
return new Response(Response::FORBIDDEN, 'Permission denied');
}
if (!$user->isGuest() && $user->id == $profile->id) {
return new Response(Response::BADREQUEST, ['id' => 'Can\'t delete yourself']);
}
$profile->is_deleted = 1;
$profile->save();
return new Response(Response::OK, true);
}
public function testSwitchRole()
{
\Bazalt\Site\Option::set(\Bazalt\Auth::SPLIT_ROLES_OPTION, false);
// create role
$role = Role::create();
$role->title = 'Test1';
$role->save();
$this->models[] = $role;
// create role
$role2 = Role::create();
$role2->title = 'Test2';
$role2->save();
$this->models[] = $role2;
$this->user->Roles->add($role, ['site_id' => $this->site->id]);
$this->user->Roles->add($role2, ['site_id' => $this->site->id]);
// print_r($this->user->getRoles());
$curRole = \Bazalt\Auth::getCurrentRole();
// print_r($curRole);
$this->assertEquals($role->id, $curRole->id);
$this->assertTrue(\Bazalt\Auth::setCurrentRole($role->id));
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role->id, $curRole->id);
$this->assertTrue(\Bazalt\Auth::setCurrentRole($role2->id));
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role2->id, $curRole->id);
$this->assertFalse(\Bazalt\Auth::setCurrentRole(9999));
//try to set non exists role
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role2->id, $curRole->id);
\Bazalt\Site\Option::set(\Bazalt\Auth::SPLIT_ROLES_OPTION, true);
}
public function testGet()
{
\Bazalt\Auth::logout();
$response = new \Bazalt\Rest\Response(200, ['guest_id' => Session::getSessionId(), 'is_guest' => 1, 'roles' => [], 'acl' => []]);
$this->assertResponse('GET /auth/session', ['contentType' => 'application/json'], $response);
}
public function login($remember = false)
{
if (!$this->isGuest()) {
\Bazalt\Auth::setUser($this, $remember);
}
}