public function testHandlesWhenUserIsNotAdmin() { $this->session->IsAdmin = false; $this->server->expects($this->at(0))->method('GetHeader')->with($this->equalTo(WebServiceHeaders::SESSION_TOKEN))->will($this->returnValue($this->sessionToken)); $this->server->expects($this->at(1))->method('GetHeader')->with($this->equalTo(WebServiceHeaders::USER_ID))->will($this->returnValue($this->userId)); $this->userSessionRepository->expects($this->once())->method('LoadBySessionToken')->with($this->equalTo($this->sessionToken))->will($this->returnValue($this->session)); $wasHandled = $this->security->HandleSecureRequest($this->server, true); $this->assertFalse($wasHandled); $this->assertFalse($this->session->_SessionExtended); }