public function test_can_user_do()
{
$person = $this->create_user();
$user = new midcom_core_user($person);
$auth = new midcom_services_auth();
$auth->initialize();
$this->assertTrue($auth->can_user_do('midgard:read'));
$this->assertFalse($auth->can_user_do('midgard:create'));
$auth->admin = true;
$this->assertTrue($auth->can_user_do('midgard:create'));
$auth->admin = false;
$auth->request_sudo('midcom.core');
$this->assertTrue($auth->can_user_do('midgard:create'));
$auth->drop_sudo();
$auth->user = $user;
$this->assertFalse($auth->can_user_do('midgard:create'));
$person2 = $this->create_user();
$user2 = new midcom_core_user($person2);
midcom::get('auth')->request_sudo('midcom.core');
$person2->set_privilege('midgard:create', 'SELF', MIDCOM_PRIVILEGE_ALLOW);
midcom::get('auth')->drop_sudo();
$this->assertTrue($auth->can_user_do('midgard:create', $user2));
}
