/** * Removes all logins from the list of logins where the current user has no permission to see them. * * @param string[] $logins An array of logins / usernames. Eg array('username1', 'username2') * @return array */ public function filterLogins($logins) { if ($this->access->hasSuperUserAccess()) { return $logins; } if (!$this->access->isUserHasSomeAdminAccess()) { // keep only own user if it is in the list foreach ($logins as $login) { if ($this->isOwnLogin($login)) { return array($login); } } return array(); } foreach ($logins as $index => $login) { if (!$this->isNonSuperUserAllowedToSeeThisLogin($login)) { unset($logins[$index]); } } return array_values($logins); }
public function test_isUserHasSomeAdminAccess_WithOnlyViewAccess() { $access = new Access(); $this->assertFalse($access->isUserHasSomeAdminAccess()); }