public function test_can_do_group_privilege() { $topic = $this->create_object('midcom_db_topic'); $person = $this->create_user(); $group = $this->create_object('midcom_db_group'); $this->create_object('midcom_db_member', array('gid' => $group->id, 'uid' => $person->id)); midcom::get('auth')->request_sudo('midcom.core'); $topic->set_privilege('midgard:read', 'group:' . $group->guid, MIDCOM_PRIVILEGE_DENY); $user = new midcom_core_user($person); midcom::get('auth')->drop_sudo(); $auth = new midcom_services_auth(); $auth->initialize(); $this->assertTrue($auth->can_do('midgard:read', $topic)); $auth->user = $user; $this->assertFalse($auth->can_do('midgard:read', $topic)); }
public function test_request_sudo() { $auth = new midcom_services_auth(); $auth->initialize(); $context = midcom_core_context::get(); $context->set_key(MIDCOM_CONTEXT_COMPONENT, 'midcom.admin.folder'); $this->assertTrue($auth->request_sudo()); $this->assertTrue($auth->is_component_sudo()); $auth->drop_sudo(); $this->assertFalse($auth->is_component_sudo()); $this->assertFalse($auth->request_sudo('')); $this->assertFalse($auth->is_component_sudo()); $this->assertTrue($auth->request_sudo('some_string')); $auth->drop_sudo(); $GLOBALS['midcom_config']['auth_allow_sudo'] = false; $this->assertFalse($auth->request_sudo()); $GLOBALS['midcom_config']['auth_allow_sudo'] = true; }