/** * Check if the current user have access to the given project * * @access protected * @param integer $project_id Project id */ protected function checkProjectPermissions($project_id) { if ($this->acl->isRegularUser()) { if ($project_id > 0 && !$this->project->isUserAllowed($project_id, $this->acl->getUserId())) { $this->response->redirect('?controller=project&action=forbidden'); } } }
public function testRevokeUser() { $p = new Project($this->registry); $user = new User($this->registry); $user->create(array('username' => 'unittest', 'password' => 'unittest')); // We create a project $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); // We revoke our admin user (not existing row) $this->assertFalse($p->revokeUser(1, 1)); // We should have nobody in the users list $this->assertEmpty($p->getAllowedUsers(1)); // Our admin user and our regular user should be allowed $this->assertTrue($p->isUserAllowed(1, 1)); $this->assertTrue($p->isUserAllowed(1, 2)); // We allow only the regular user $this->assertTrue($p->allowUser(1, 2)); // All users should be allowed (admin and regular) $this->assertTrue($p->isUserAllowed(1, 1)); $this->assertTrue($p->isUserAllowed(1, 2)); // However, we should have only our regular user in the list $this->assertEquals(array('2' => 'unittest'), $p->getAllowedUsers(1)); // We allow our admin, we should have both in the list $this->assertTrue($p->allowUser(1, 1)); $this->assertEquals(array('1' => 'admin', '2' => 'unittest'), $p->getAllowedUsers(1)); $this->assertTrue($p->isUserAllowed(1, 1)); $this->assertTrue($p->isUserAllowed(1, 2)); // We revoke the regular user $this->assertTrue($p->revokeUser(1, 2)); // Only admin should be allowed $this->assertTrue($p->isUserAllowed(1, 1)); $this->assertFalse($p->isUserAllowed(1, 2)); // We should have only admin in the list $this->assertEquals(array('1' => 'admin'), $p->getAllowedUsers(1)); // We revoke the admin user $this->assertTrue($p->revokeUser(1, 1)); $this->assertEmpty($p->getAllowedUsers(1)); // Everybody should be allowed again $this->assertTrue($p->isUserAllowed(1, 1)); $this->assertTrue($p->isUserAllowed(1, 2)); }