@ -139,7 +144,7 @@ class TestAuthorization extends Test\AbstractTest {
}
}
// and they should only be able to set their own rights to regular user
// and they should only be able to set their own rights to regular user
foreach (self::LEVELS as $level) {
foreach (self::LEVELS as $level) {
if ($actor==$affected && in_array($level, [User\Driver::RIGHTS_NONE, User\Driver::RIGHTS_DOMAIN_MANAGER])) {
if ($actor==$affected && in_array($level, [User\Driver::RIGHTS_NONE, Driver::RIGHTS_DOMAIN_MANAGER])) {
$this->assertTrue(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted properly for $affected settings rights level $level, but the action was denied.");
$this->assertTrue(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted properly for $affected settings rights level $level, but the action was denied.");
} else {
} else {
$this->assertFalse(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted improperly for $affected settings rights level $level, but the action was allowed.");
$this->assertFalse(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted improperly for $affected settings rights level $level, but the action was allowed.");
@ -159,7 +164,7 @@ class TestAuthorization extends Test\AbstractTest {
public function testDomainAdministratorLogic() {
public function testDomainAdministratorLogic() {
foreach (self::USERS as $actor => $actorRights) {
foreach (self::USERS as $actor => $actorRights) {
if ($actorRights != User\Driver::RIGHTS_DOMAIN_ADMIN) {
if ($actorRights != Driver::RIGHTS_DOMAIN_ADMIN) {
@ -218,7 +223,7 @@ class TestAuthorization extends Test\AbstractTest {
}
}
// and they should only be able to set their own rights to regular user
// and they should only be able to set their own rights to regular user
foreach (self::LEVELS as $level) {
foreach (self::LEVELS as $level) {
if ($actor==$affected && in_array($level, [User\Driver::RIGHTS_NONE, User\Driver::RIGHTS_GLOBAL_MANAGER])) {
if ($actor==$affected && in_array($level, [User\Driver::RIGHTS_NONE, Driver::RIGHTS_GLOBAL_MANAGER])) {
$this->assertTrue(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted properly for $affected settings rights level $level, but the action was denied.");
$this->assertTrue(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted properly for $affected settings rights level $level, but the action was denied.");
} else {
} else {
$this->assertFalse(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted improperly for $affected settings rights level $level, but the action was allowed.");
$this->assertFalse(Arsse::$user->authorize($affected, "userRightsSet", $level), "User $actor acted improperly for $affected settings rights level $level, but the action was allowed.");
@ -234,7 +239,7 @@ class TestAuthorization extends Test\AbstractTest {
public function testGlobalAdministratorLogic() {
public function testGlobalAdministratorLogic() {
foreach (self::USERS as $actor => $actorRights) {
foreach (self::USERS as $actor => $actorRights) {
if ($actorRights != User\Driver::RIGHTS_GLOBAL_ADMIN) {
if ($actorRights != Driver::RIGHTS_GLOBAL_ADMIN) {
continue;
continue;
}
}
Arsse::$user->auth($actor, "");
Arsse::$user->auth($actor, "");
@ -302,7 +307,7 @@ class TestAuthorization extends Test\AbstractTest {