public function testUserCanAccessMethod_projectPageDto_NotAMember_false()
{
$userId = self::$environ->createUser('user', 'user', '*****@*****.**', SystemRoles::USER);
$project = self::$environ->createProject('projectForTest', 'projTestCode');
$project->appName = 'sfchecks';
$project->write();
$projectId = $project->id->asString();
$project = ProjectModel::getById($projectId);
$rh = new RightsHelper($userId, $project, self::$environ->website);
$result = $rh->userCanAccessMethod('project_pageDto', array());
$this->assertFalse($result);
}
public function checkPermissions($methodName, $params)
{
if (!self::isAnonymousMethod($methodName)) {
if (!$this->userId) {
throw new UserNotAuthenticatedException("Your session has timed out. Please login again.");
}
try {
$projectModel = ProjectModel::getById($this->projectId);
} catch (\Exception $e) {
$projectModel = null;
}
$rightsHelper = new RightsHelper($this->userId, $projectModel, $this->website);
if (!$rightsHelper->userCanAccessMethod($methodName, $params)) {
throw new UserUnauthorizedException("Insufficient privileges accessing API method '{$methodName}'");
}
}
}
