/**
* Called before each test method.
*/
public function setUp()
{
$this->group = new ElggGroup();
$this->group->membership = ACCESS_PUBLIC;
$this->group->access_id = ACCESS_PUBLIC;
$this->group->save();
$this->user = new ElggUser();
$this->user->username = '******' . rand();
$this->user->save();
}
public function setUp()
{
elgg_register_notification_method('test');
$this->user1 = new ElggUser();
$this->user1->username = '******';
$this->user1->save();
$this->user2 = new ElggUser();
$this->user2->username = '******';
$this->user2->save();
$this->group = new ElggGroup();
$this->group->save();
}
/**
* Called before each test object.
*/
public function __construct()
{
parent::__construct();
$this->user = new \ElggUser();
$this->user->username = '******' . rand();
$this->user->email = '*****@*****.**' . rand();
$this->user->name = 'fake user ' . rand();
$this->user->access_id = ACCESS_PUBLIC;
$this->user->setPassword(rand());
$this->user->owner_guid = 0;
$this->user->container_guid = 0;
$this->user->save();
}
/**
* Called before each test object.
*/
public function __construct()
{
parent::__construct();
$this->user = new ElggUser();
$this->user->username = '******' . rand();
$this->user->email = '*****@*****.**' . rand();
$this->user->name = 'fake user ' . rand();
$this->user->access_id = ACCESS_PUBLIC;
$this->user->salt = _elgg_generate_password_salt();
$this->user->password = generate_user_password($this->user, rand());
$this->user->owner_guid = 0;
$this->user->container_guid = 0;
$this->user->save();
}
/**
* Enable personal and friend notifications for new users
*
* We do this using 'create, user' event instead of 'register, user' plugin
* hook so that it affects also users created by an admin.
*
* @param string $event 'create'
* @param string $type 'user'
* @param ElggUser $user
* @return boolean
*/
function notification_tools_enable_for_new_user($event, $type, $user)
{
$personal = elgg_get_plugin_setting('default_personal_methods', 'notification_tools');
// Set methods for personal notifications
if ($personal) {
$personal_methods = explode(',', $personal);
foreach ($personal_methods as $method) {
$prefix = "notification:method:{$method}";
$user->{$prefix} = true;
}
}
$collection = elgg_get_plugin_setting('default_collection_methods', 'notification_tools');
// Set methods for notifications about friends' activity
if ($collection) {
$collection_methods = explode(',', $collection);
// Here we just mark the default methods. The core notification plugin
// will take care of creating the actual 'notify<method>' relationships
// between user and each friends.
foreach ($collection_methods as $method) {
$setting_name = "collections_notifications_preferences_{$method}";
// The -1 seems like a weird value but that's what the core
// is using for whatever reason.
$user->{$setting_name} = '-1';
}
}
$user->save();
return true;
}
protected function createTestUser($username = '******')
{
$user = new ElggUser();
$user->username = $username;
$guid = $user->save();
// load user to have access to creation time
return get_entity($guid);
}
protected function createTestUser($username = '******')
{
// in case a test failure left the user
$user = get_user_by_username($username);
if ($user) {
return $user;
}
$user = new \ElggUser();
$user->username = $username;
$guid = $user->save();
// load user to have access to creation time
return get_entity($guid);
}
public function testCanEdit()
{
$user = new \ElggUser();
$user->save();
$id = $this->entity->annotate('test', 'foo', ACCESS_LOGGED_IN, elgg_get_logged_in_user_guid());
$a = elgg_get_annotation_from_id($id);
$this->assertTrue($a->canEdit());
$this->assertFalse($a->canEdit($user->guid));
$id = $this->entity->annotate('test', 'foo2', ACCESS_LOGGED_IN, $user->guid);
$a = elgg_get_annotation_from_id($id);
$this->assertTrue($a->canEdit());
$this->assertTrue($a->canEdit($user->guid));
$user->delete();
}
/**
* Called before each test object.
*/
public function __construct()
{
elgg_set_ignore_access(true);
$this->entities = array();
$this->subtypes = array('object' => array(), 'user' => array(), 'group' => array());
// sites are a bit wonky. Don't use them just now.
$this->types = array('object', 'user', 'group');
// create some fun objects to play with.
// 5 with random subtypes
for ($i = 0; $i < 5; $i++) {
$subtype = 'test_object_subtype_' . rand();
$e = new ElggObject();
$e->subtype = $subtype;
$e->save();
$this->entities[] = $e;
$this->subtypes['object'][] = $subtype;
}
// and users
for ($i = 0; $i < 5; $i++) {
$subtype = "test_user_subtype_" . rand();
$e = new ElggUser();
$e->username = "******" . rand();
$e->subtype = $subtype;
$e->save();
$this->entities[] = $e;
$this->subtypes['user'][] = $subtype;
}
// and groups
for ($i = 0; $i < 5; $i++) {
$subtype = "test_group_subtype_" . rand();
$e = new ElggGroup();
$e->subtype = $subtype;
$e->save();
$this->entities[] = $e;
$this->subtypes['group'][] = $subtype;
}
parent::__construct();
}
public function testElggRiverDisableEnable()
{
$user = new \ElggUser();
$user->save();
$entity = new \ElggObject();
$entity->save();
$params = array('view' => 'river/relationship/friend/create', 'action_type' => 'create', 'subject_guid' => $user->guid, 'object_guid' => $entity->guid);
$id = elgg_create_river_item($params);
$river = elgg_get_river(array('ids' => array($id)));
$this->assertIdentical($river[0]->enabled, 'yes');
$user->disable();
// should no longer be able to get the river
$river = elgg_get_river(array('ids' => array($id)));
$this->assertIdentical($river, array());
// renabling the user should re-enable the river
access_show_hidden_entities(true);
$user->enable();
access_show_hidden_entities(false);
$river = elgg_get_river(array('ids' => array($id)));
$this->assertIdentical($river[0]->enabled, 'yes');
$user->delete();
$entity->delete();
}
function test_can_write_to_container()
{
$user = new \ElggUser();
$user->username = '******' . rand();
$user->name = 'test_user_name_' . rand();
$user->email = '*****@*****.**';
$user->container_guid = 0;
$user->owner_guid = 0;
$user->save();
$object = new \ElggObject();
$object->save();
$group = new \ElggGroup();
$group->save();
// disable access overrides because we're admin.
$ia = elgg_set_ignore_access(false);
$this->assertFalse(can_write_to_container($user->guid, $object->guid));
global $elgg_test_user;
$elgg_test_user = $user;
// register hook to allow access
function can_write_to_container_test_hook($hook, $type, $value, $params)
{
global $elgg_test_user;
if ($params['user']->getGUID() == $elgg_test_user->getGUID()) {
return true;
}
}
elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
$this->assertTrue(can_write_to_container($user->guid, $object->guid));
elgg_unregister_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
$this->assertFalse(can_write_to_container($user->guid, $group->guid));
$group->join($user);
$this->assertTrue(can_write_to_container($user->guid, $group->guid));
elgg_set_ignore_access($ia);
$user->delete();
$object->delete();
$group->delete();
}
/**
* Logs in a specified ElggUser. For standard registration, use in conjunction
* with authenticate.
*
* @see authenticate
* @param ElggUser $user A valid Elgg user object
* @param boolean $persistent Should this be a persistent login?
* @return true|false Whether login was successful
*/
function login(ElggUser $user, $persistent = false)
{
global $CONFIG;
if ($user->isBanned()) {
return false;
}
// User is banned, return false.
if (check_rate_limit_exceeded($user->guid)) {
return false;
}
// Check rate limit
$_SESSION['user'] = $user;
$_SESSION['guid'] = $user->getGUID();
$_SESSION['id'] = $_SESSION['guid'];
$_SESSION['username'] = $user->username;
$_SESSION['name'] = $user->name;
$code = md5($user->name . $user->username . time() . rand());
$user->code = md5($code);
$_SESSION['code'] = $code;
if ($persistent) {
setcookie("elggperm", $code, time() + 86400 * 30, "/");
}
if (!$user->save() || !trigger_elgg_event('login', 'user', $user)) {
unset($_SESSION['username']);
unset($_SESSION['name']);
unset($_SESSION['code']);
unset($_SESSION['guid']);
unset($_SESSION['id']);
unset($_SESSION['user']);
setcookie("elggperm", "", time() - 86400 * 30, "/");
return false;
}
// Users privilege has been elevated, so change the session id (help prevent session hijacking)
session_regenerate_id();
// Update statistics
set_last_login($_SESSION['guid']);
reset_login_failure_count($user->guid);
// Reset any previous failed login attempts
// Set admin shortcut flag if this is an admin
if (isadminloggedin()) {
global $is_admin;
$is_admin = true;
}
return true;
}
public function testUpdateAbilityDependsOnCanEdit()
{
$this->entity->access_id = ACCESS_PRIVATE;
$this->assertTrue($this->entity->save());
// even owner can't bypass permissions
elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse'], 999);
$this->assertFalse($this->entity->save());
elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse']);
$user = new ElggUser();
$user->save();
$old_user = $this->replaceSession($user);
$this->assertFalse($this->entity->save());
elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']);
// even though this user can't look up the entity via the DB, permission allows update.
$this->assertFalse(has_access_to_entity($this->entity, $user));
$this->assertTrue($this->entity->save());
elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']);
// can save with access ignore
$ia = elgg_set_ignore_access();
$this->assertTrue($this->entity->save());
elgg_set_ignore_access($ia);
$this->replaceSession($old_user);
$user->delete();
}
public function test_elgg_metadata_multiple_values()
{
$u1 = new ElggUser();
$u1->username = rand();
$u1->save();
$u2 = new ElggUser();
$u2->username = rand();
$u2->save();
$obj = new ElggObject();
$obj->owner_guid = $u1->guid;
$obj->container_guid = $u1->guid;
$obj->access_id = ACCESS_PUBLIC;
$obj->save();
$md_values = array('one', 'two', 'three');
// need to fake different logins.
// good times without mocking.
$original_user = elgg_get_logged_in_user_entity();
$_SESSION['user'] = $u1;
elgg_set_ignore_access(false);
// add metadata as one user
$obj->test = $md_values;
// check only these md exists
$db_prefix = elgg_get_config('dbprefix');
$q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = {$obj->guid}";
$data = get_data($q);
$this->assertEqual(count($md_values), count($data));
foreach ($data as $md_row) {
$md = elgg_get_metadata_from_id($md_row->id);
$this->assertTrue(in_array($md->value, $md_values));
$this->assertEqual('test', $md->name);
}
// add md w/ same name as a different user
$_SESSION['user'] = $u2;
$md_values2 = array('four', 'five', 'six', 'seven');
$obj->test = $md_values2;
$q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = {$obj->guid}";
$data = get_data($q);
$this->assertEqual(count($md_values2), count($data));
foreach ($data as $md_row) {
$md = elgg_get_metadata_from_id($md_row->id);
$this->assertTrue(in_array($md->value, $md_values2));
$this->assertEqual('test', $md->name);
}
$_SESSION['user'] = $original_user;
$obj->delete();
$u1->delete();
$u2->delete();
}
/**
* Tests get_entity_statistics() with an owner
* @covers get_entity_statistics()
*/
function test_owned_get_entity_statistics()
{
$user = new \ElggUser();
$user->save();
$subtype = 'issue7845' . rand(0, 100);
$object = new \ElggObject();
$object->subtype = $subtype;
$object->owner_guid = $user->guid;
$object->save();
$stats = get_entity_statistics($user->guid);
$this->assertEqual($stats['object'][$subtype], 1);
$user->delete();
}
/**
* Logs in a specified ElggUser. For standard registration, use in conjunction
* with elgg_authenticate.
*
* @see elgg_authenticate
*
* @param ElggUser $user A valid Elgg user object
* @param boolean $persistent Should this be a persistent login?
*
* @return true or throws exception
* @throws LoginException
*/
function login(ElggUser $user, $persistent = false)
{
// User is banned, return false.
if ($user->isBanned()) {
throw new LoginException(elgg_echo('LoginException:BannedUser'));
}
$_SESSION['user'] = $user;
$_SESSION['guid'] = $user->getGUID();
$_SESSION['id'] = $_SESSION['guid'];
$_SESSION['username'] = $user->username;
$_SESSION['name'] = $user->name;
// if remember me checked, set cookie with token and store token on user
if ($persistent) {
$code = md5($user->name . $user->username . time() . rand());
$_SESSION['code'] = $code;
$user->code = md5($code);
setcookie("elggperm", $code, time() + 86400 * 30, "/");
}
if (!$user->save() || !elgg_trigger_event('login', 'user', $user)) {
unset($_SESSION['username']);
unset($_SESSION['name']);
unset($_SESSION['code']);
unset($_SESSION['guid']);
unset($_SESSION['id']);
unset($_SESSION['user']);
setcookie("elggperm", "", time() - 86400 * 30, "/");
throw new LoginException(elgg_echo('LoginException:Unknown'));
}
// Users privilege has been elevated, so change the session id (prevents session fixation)
session_regenerate_id();
// Update statistics
set_last_login($_SESSION['guid']);
reset_login_failure_count($user->guid);
// Reset any previous failed login attempts
// if memcache is enabled, invalidate the user in memcache @see https://github.com/Elgg/Elgg/issues/3143
if (is_memcache_available()) {
// this needs to happen with a shutdown function because of the timing with set_last_login()
register_shutdown_function("_elgg_invalidate_memcache_for_entity", $_SESSION['guid']);
}
return true;
}
/**
* Logs in a specified ElggUser. For standard registration, use in conjunction
* with elgg_authenticate.
*
* @see elgg_authenticate
*
* @param ElggUser $user A valid Elgg user object
* @param boolean $persistent Should this be a persistent login?
*
* @return true or throws exception
* @throws LoginException
*/
function login(ElggUser $user, $persistent = false)
{
global $CONFIG;
// User is banned, return false.
if ($user->isBanned()) {
throw new LoginException(elgg_echo('LoginException:BannedUser'));
}
$_SESSION['user'] = $user;
$_SESSION['guid'] = $user->getGUID();
$_SESSION['id'] = $_SESSION['guid'];
$_SESSION['username'] = $user->username;
$_SESSION['name'] = $user->name;
// if remember me checked, set cookie with token and store token on user
if ($persistent) {
$code = md5($user->name . $user->username . time() . rand());
$_SESSION['code'] = $code;
$user->code = md5($code);
setcookie("elggperm", $code, time() + 86400 * 30, "/");
}
if (!$user->save() || !elgg_trigger_event('login', 'user', $user)) {
unset($_SESSION['username']);
unset($_SESSION['name']);
unset($_SESSION['code']);
unset($_SESSION['guid']);
unset($_SESSION['id']);
unset($_SESSION['user']);
setcookie("elggperm", "", time() - 86400 * 30, "/");
throw new LoginException(elgg_echo('LoginException:Unknown'));
}
// Users privilege has been elevated, so change the session id (prevents session fixation)
session_regenerate_id();
// Update statistics
set_last_login($_SESSION['guid']);
reset_login_failure_count($user->guid);
// Reset any previous failed login attempts
return true;
}
/**
* Enable notifier by default for new users according to plugin settings.
*
* We do this using 'create, user' event instead of 'register, user' plugin
* hook so that it affects also users created by an admin.
*
* @param string $event 'create'
* @param string $type 'user'
* @param ElggUser $user The user that was created
* @return boolean
*/
function notifier_enable_for_new_user($event, $type, $user)
{
$personal = (bool) elgg_get_plugin_setting('enable_personal', 'notifier');
$collections = (bool) elgg_get_plugin_setting('enable_collections', 'notifier');
if ($personal) {
$prefix = "notification:method:notifier";
$user->{$prefix} = true;
}
if ($collections) {
/**
* This function is triggered before invite code is checked so it's
* enough just to add the setting. Notifications plugin will take care
* of adding the 'notifynotifier' relationship in case user was invited.
*/
$user->collections_notifications_preferences_notifier = '-1';
}
$user->save();
return true;
}
public function testCreateWithContainerGuidEqualsZero()
{
$user = new \ElggUser();
$user->save();
$object = new \ElggObject();
$object->owner_guid = $user->guid;
$object->container_guid = 0;
// If container_guid attribute is not updated with owner_guid attribute
// ElggEntity::getContainerEntity() would return false
// thus terminating save()
$this->assertTrue($object->save());
$this->assertEqual($user->guid, $object->getContainerGUID());
$user->delete();
}
public function testAccessCaching()
{
// create a new user to check against
$user = new ElggUser();
$user->username = '******';
$user->save();
foreach (array('get_access_list', 'get_access_array') as $func) {
$cache = _elgg_get_access_cache();
$cache->clear();
// admin users run tests, so disable access
elgg_set_ignore_access(true);
$access = $func($user->getGUID());
elgg_set_ignore_access(false);
$access2 = $func($user->getGUID());
$this->assertNotEqual($access, $access2, "Access test for {$func}");
}
$user->delete();
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email The user's email address
* @param bool $allow_multiple_emails Allow the same email address to be
* registered multiple times?
*
* @return int|false The new user's GUID; false on failure
* @throws \RegistrationException
*/
function register($username, $password, $name, $email, $allow_multiple_emails = false)
{
// no need to trim password.
$username = trim($username);
$name = trim(strip_tags($name));
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// Make sure a user with conflicting details hasn't registered and been disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (!validate_email_address($email)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
}
if (!validate_password($password)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
}
if (!validate_username($username)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
}
if ($user = get_user_by_username($username)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
}
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Create user
$user = new \ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->setPassword($password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = _elgg_services()->translator->getCurrentLanguage();
if ($user->save() === false) {
return false;
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
/**
* Insert user into elgg user table using info from ldap
* Tries to insert, otherwise returns error
*
* @return user or error (false?)
*/
function cas_insertUser($username, $ldap_attributes, $config)
{
// name is 'cn' in ldap
$name = $ldap_attributes['cn'];
// remove periods from ldap username
// ex. anthony.hopkins -> anthonyhopkins
$uname = !empty($ldap_attributes['textUid']) ? $ldap_attributes['textUid'] : str_replace(".", "", $username);
$email = $ldap_attributes['mail'];
$user = new ElggUser();
$user->username = $uname;
$user->email = $email;
$user->name = $name;
$user->access_id = 2;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
// cas users don't need password stored locally
// so create an invalid password
// a real password can be saved at a later time if they become a local user
$user->password = md5(time());
//generate_user_password($user, $password);
// returns guid or false
$guid = $user->save();
if (!$guid) {
return false;
}
$obj = get_entity($guid);
if (isset($config->casadminuser) && $config->casadminuser == $uname) {
if ($obj instanceof \ElggUser) {
//set context for permissions check
elgg_push_context('au_cas_auth_make_admin');
if (make_user_admin($guid)) {
system_message(elgg_echo('admin:user:makeadmin:yes'));
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
// set context back
elgg_pop_context();
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
}
return $user;
}
/**
* Make sure entity is loaded from cache during save operations
* See #10612
*/
public function testNewUserLoadedFromCacheDuringSaveOperations()
{
$user = new \ElggUser();
// Add temporary metadata, annotation and private settings
// to extend the scope of tests and catch issues with save operations
$user->test_metadata = 'bar';
$user->annotate('test_annotation', 'baz');
$user->setPrivateSetting('test_setting', 'foo');
$metadata_called = false;
$metadata_event_handler = function ($event, $type, $metadata) use(&$metadata_called) {
/* @var $metadata \ElggMetadata */
$entity = get_entity($metadata->entity_guid);
$this->assertEqual($metadata->entity_guid, $entity->guid);
$metadata_called = true;
};
$annotation_called = false;
$annotation_event_handler = function ($event, $type, $annotation) use(&$annotation_called) {
/* @var $metadata \ElggAnnotation */
$entity = get_entity($annotation->entity_guid);
$this->assertEqual($annotation->entity_guid, $entity->guid);
$annotation_called = true;
};
elgg_register_event_handler('create', 'metadata', $metadata_event_handler);
elgg_register_event_handler('create', 'annotation', $annotation_event_handler);
$user->save();
elgg_unregister_event_handler('create', 'metadata', $metadata_event_handler);
elgg_unregister_event_handler('create', 'annotation', $annotation_event_handler);
$user->delete();
$this->assertTrue($metadata_called);
$this->assertTrue($annotation_called);
}
elgg_set_context($context);
// we have no local users, create a new one
$user = new \ElggUser();
$user->username = preg_replace("/[^a-zA-Z0-9]/", "", $account->username);
$user->email = $account->email;
$user->name = $account->fullName;
$user->access_id = ACCESS_PUBLIC;
$user->salt = _elgg_generate_password_salt();
// set invalid PW that will never work for local login. This can be changed by the user later
// but won't leave a secondary local login by accident
$user->password = _elgg_generate_password_salt();
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = get_current_language();
$user->save();
$user->__stormpath_user = $account->href;
elgg_set_user_validation_status($user->guid, TRUE, 'stormpath');
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
// done with our extra permissions
elgg_pop_context();
login($user, true);
if ($user[0]->language) {
$message = elgg_echo('loginok', array(), $user[0]->language);
} else {
$message = elgg_echo('loginok');
}
system_message($message);
forward($login_forward);
/**
* Create a new user from Twitter information
*
* @param object $twitter Twitter OAuth response
* @return ElggUser
*/
function twitter_api_create_user($twitter)
{
// check new registration allowed
if (!twitter_api_allow_new_users_with_twitter()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
// Elgg-ify Twitter credentials
$username = $twitter->screen_name;
while (get_user_by_username($username)) {
// @todo I guess we just hope this is good enough
$username = $twitter->screen_name . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $twitter->name;
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->setPassword($password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
}
return $user;
}
public function testAddMemberToACLRemoveMember()
{
// create a new user to check against
$user = new \ElggUser();
$user->username = '******';
$user->save();
$acl_id = create_access_collection('test acl');
$result = add_user_to_access_collection($user->guid, $acl_id);
$this->assertTrue($result);
if ($result) {
$this->assertTrue($user->delete());
// since there are no more members this should return false
$acl_members = get_members_of_access_collection($acl_id, true);
$this->assertFalse($acl_members);
}
delete_access_collection($acl_id);
}