/**
* test grabbing access by name that does not exist
**/
public function testGetInvalidAccessByAccessName()
{
// grab a user id that exceeds the maximum allowable user id
$access = Access::getAccessByAccessName($this->getPDO(), "nobody was ever given this access");
$this->assertCount(0, $access);
}
$accessName = filter_input(INPUT_GET, "accessName", FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
//handle REST calls, while only allowing administrators to access database-modifying methods
if ($method === "GET") {
//set XSRF cookie
setXsrfCookie("/");
//get the Access based on the given field
if (empty($id) === false) {
$access = Access::getAccessByAccessId($pdo, $id);
// this is for restricting by company - remember is access is wide open
// however keep this stuff for other APIs :D
if ($access !== null) {
$reply->data = $access;
}
} else {
if (empty($id) === false) {
$access = Access::getAccessByAccessName($pdo, $accessName);
if ($access !== null) {
$reply->data = $reply;
}
} else {
$accessors = Access::getAllAccess($pdo);
if ($accessors !== null) {
$reply->data = $accessors;
}
}
}
//if the session belongs to an admin, allow post, put and delete methods
if (Access::isAdminLoggedIn() === true) {
if ($method === "PUT" || $method === "POST") {
verifyXsrf();
$requestContent = file_get_contents("php://input");
