/**
  * @testdox A user who can only create records in one table can still use the change-tracker (i.e. creating changesets is not influenced by standard grants).
  * @test
  */
 public function minimal_grants()
 {
     global $current_user;
     $current_user->remove_cap('promote_users');
     $current_user->add_role('subscriber');
     $grants = new Grants();
     $grants->set(array('test_table' => array(Grants::READ => array('subscriber'), Grants::CREATE => array('subscriber'))));
     // Assert that the permissions are set as we want them.
     $this->assertTrue(Grants::current_user_can(Grants::CREATE, 'test_table'));
     $this->assertFalse(Grants::current_user_can(Grants::CREATE, ChangeTracker::changesets_name()));
     $this->assertFalse(Grants::current_user_can(Grants::CREATE, ChangeTracker::changes_name()));
     // Succcessfully save a record.
     $test_table = $this->db->get_table('test_table');
     $rec = $test_table->save_record(array('title' => 'One', 'changeset_comment' => 'Testing.'));
     $this->assertEquals(1, $rec->id());
 }
Esempio n. 2
0
 /**
  * @testdox Tables can be linked to each other; one is the referenced table, the other the referencing.
  * @test
  */
 public function references()
 {
     // Make sure the user can edit things.
     global $current_user;
     $current_user->add_role('administrator');
     $grants = new Grants();
     $grants->set(array('test_table' => array(Grants::READ => array('administrator'))));
     // That test_table references test_types
     $test_table = $this->db->get_table('test_table');
     $referenced_tables = $test_table->get_referenced_tables(true);
     $referenced_table = array_pop($referenced_tables);
     $this->assertEquals('test_types', $referenced_table->get_name());
     // And the other way around.
     $type_table = $this->db->get_table('test_types');
     $referencing_tables = $type_table->get_referencing_tables();
     $referencing_table = array_pop($referencing_tables);
     $this->assertEquals('test_table', $referencing_table['table']->get_name());
 }