xref: /dokuwiki/_test/tests/Remote/ApiCoreAclCheckTest.php (revision 285c73a17369665ceb4a048858d947f6a025af8f) 
1*285c73a1SAndreas Gohr<?php
2*285c73a1SAndreas Gohr
3*285c73a1SAndreas Gohrnamespace dokuwiki\test\Remote;
4*285c73a1SAndreas Gohr
5*285c73a1SAndreas Gohruse dokuwiki\Remote\Api;
6*285c73a1SAndreas Gohr
7*285c73a1SAndreas Gohr/**
8*285c73a1SAndreas Gohr * Class remoteapicore_test
9*285c73a1SAndreas Gohr */
10*285c73a1SAndreas Gohrclass ApiCoreAclCheckTest extends \DokuWikiTest {
11*285c73a1SAndreas Gohr
12*285c73a1SAndreas Gohr    protected $userinfo;
13*285c73a1SAndreas Gohr    protected $oldAuthAcl;
14*285c73a1SAndreas Gohr    /** @var  Api */
15*285c73a1SAndreas Gohr    protected $remote;
16*285c73a1SAndreas Gohr
17*285c73a1SAndreas Gohr    protected $pluginsEnabled = array('auth_plugin_authplain');
18*285c73a1SAndreas Gohr
19*285c73a1SAndreas Gohr    protected function reloadUsers() {
20*285c73a1SAndreas Gohr        global $auth;
21*285c73a1SAndreas Gohr
22*285c73a1SAndreas Gohr        /* auth caches data loaded from file, but recreated object forces reload */
23*285c73a1SAndreas Gohr        $auth = new \auth_plugin_authplain();
24*285c73a1SAndreas Gohr    }
25*285c73a1SAndreas Gohr
26*285c73a1SAndreas Gohr    public function setUp() : void {
27*285c73a1SAndreas Gohr        global $config_cascade;
28*285c73a1SAndreas Gohr        global $conf;
29*285c73a1SAndreas Gohr        global $USERINFO;
30*285c73a1SAndreas Gohr        global $AUTH_ACL;
31*285c73a1SAndreas Gohr
32*285c73a1SAndreas Gohr        parent::setUp();
33*285c73a1SAndreas Gohr
34*285c73a1SAndreas Gohr        $name = $config_cascade['plainauth.users']['default'];
35*285c73a1SAndreas Gohr        copy($name, $name . ".orig");
36*285c73a1SAndreas Gohr        $this->reloadUsers();
37*285c73a1SAndreas Gohr
38*285c73a1SAndreas Gohr        $this->oldAuthAcl = $AUTH_ACL;
39*285c73a1SAndreas Gohr        $this->userinfo = $USERINFO;
40*285c73a1SAndreas Gohr
41*285c73a1SAndreas Gohr        $conf['remote'] = 1;
42*285c73a1SAndreas Gohr        $conf['remoteuser'] = '@user';
43*285c73a1SAndreas Gohr        $conf['useacl'] = 0;
44*285c73a1SAndreas Gohr
45*285c73a1SAndreas Gohr        $this->remote = new Api();
46*285c73a1SAndreas Gohr
47*285c73a1SAndreas Gohr    }
48*285c73a1SAndreas Gohr
49*285c73a1SAndreas Gohr    public function tearDown() : void {
50*285c73a1SAndreas Gohr        global $USERINFO;
51*285c73a1SAndreas Gohr        global $AUTH_ACL;
52*285c73a1SAndreas Gohr        global $config_cascade;
53*285c73a1SAndreas Gohr
54*285c73a1SAndreas Gohr        parent::tearDown();
55*285c73a1SAndreas Gohr
56*285c73a1SAndreas Gohr        $USERINFO = $this->userinfo;
57*285c73a1SAndreas Gohr        $AUTH_ACL = $this->oldAuthAcl;
58*285c73a1SAndreas Gohr
59*285c73a1SAndreas Gohr        $name = $config_cascade['plainauth.users']['default'];
60*285c73a1SAndreas Gohr        copy($name . ".orig", $name);
61*285c73a1SAndreas Gohr    }
62*285c73a1SAndreas Gohr
63*285c73a1SAndreas Gohr    public function testCheckacl() {
64*285c73a1SAndreas Gohr        global $conf;
65*285c73a1SAndreas Gohr        global $AUTH_ACL, $USERINFO;
66*285c73a1SAndreas Gohr        /** @var auth_plugin_authplain $auth */
67*285c73a1SAndreas Gohr        global $auth;
68*285c73a1SAndreas Gohr
69*285c73a1SAndreas Gohr        $conf['useacl'] = 1;
70*285c73a1SAndreas Gohr        $_SERVER['REMOTE_USER'] = 'john';
71*285c73a1SAndreas Gohr        $USERINFO['grps'] = ['user'];
72*285c73a1SAndreas Gohr        $AUTH_ACL = [
73*285c73a1SAndreas Gohr            '*                  @ALL           0', //none
74*285c73a1SAndreas Gohr            '*                  @user          2', //edit
75*285c73a1SAndreas Gohr            '*                  @more          4', //create
76*285c73a1SAndreas Gohr            'nice_page          user2          8'  //upload
77*285c73a1SAndreas Gohr        ];
78*285c73a1SAndreas Gohr
79*285c73a1SAndreas Gohr        $params = ['nice_page'];
80*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('wiki.aclCheck', $params));
81*285c73a1SAndreas Gohr
82*285c73a1SAndreas Gohr        $auth->createUser("user1", "54321", "a User", "you@example.com");
83*285c73a1SAndreas Gohr        $auth->createUser("user2", "543210", "You", "he@example.com");
84*285c73a1SAndreas Gohr        $auth->createUser("mwuser", "12345", "Wiki User", "me@example.com", ['more']); //not in default group
85*285c73a1SAndreas Gohr
86*285c73a1SAndreas Gohr        $params = [
87*285c73a1SAndreas Gohr            'nice_page',
88*285c73a1SAndreas Gohr            'user1'
89*285c73a1SAndreas Gohr        ];
90*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('wiki.aclCheck', $params));
91*285c73a1SAndreas Gohr
92*285c73a1SAndreas Gohr        $params = [
93*285c73a1SAndreas Gohr            'nice_page',
94*285c73a1SAndreas Gohr            'mwuser' // member of group 'more'
95*285c73a1SAndreas Gohr        ];
96*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_CREATE, $this->remote->call('wiki.aclCheck', $params));
97*285c73a1SAndreas Gohr
98*285c73a1SAndreas Gohr        $params = [
99*285c73a1SAndreas Gohr            'nice_page',
100*285c73a1SAndreas Gohr            'mwuser',
101*285c73a1SAndreas Gohr            [] //groups not retrieved
102*285c73a1SAndreas Gohr        ];
103*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_NONE, $this->remote->call('wiki.aclCheck', $params));
104*285c73a1SAndreas Gohr
105*285c73a1SAndreas Gohr        $params = [
106*285c73a1SAndreas Gohr            'nice_page',
107*285c73a1SAndreas Gohr            'notexistinguser',
108*285c73a1SAndreas Gohr            ['more']
109*285c73a1SAndreas Gohr        ];
110*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_CREATE, $this->remote->call('wiki.aclCheck', $params));
111*285c73a1SAndreas Gohr
112*285c73a1SAndreas Gohr        $params = [
113*285c73a1SAndreas Gohr            'nice_page',
114*285c73a1SAndreas Gohr            'user2'
115*285c73a1SAndreas Gohr        ];
116*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_UPLOAD, $this->remote->call('wiki.aclCheck', $params));
117*285c73a1SAndreas Gohr
118*285c73a1SAndreas Gohr        $params = [
119*285c73a1SAndreas Gohr            'nice_page',
120*285c73a1SAndreas Gohr            'user2',
121*285c73a1SAndreas Gohr            [] //groups not retrieved
122*285c73a1SAndreas Gohr        ];
123*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_UPLOAD, $this->remote->call('wiki.aclCheck', $params));
124*285c73a1SAndreas Gohr
125*285c73a1SAndreas Gohr        $params = [
126*285c73a1SAndreas Gohr            'unknown_page',
127*285c73a1SAndreas Gohr            'user2'
128*285c73a1SAndreas Gohr        ];
129*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('wiki.aclCheck', $params));
130*285c73a1SAndreas Gohr
131*285c73a1SAndreas Gohr        $params = [
132*285c73a1SAndreas Gohr            'unknown_page',
133*285c73a1SAndreas Gohr            'user2',
134*285c73a1SAndreas Gohr            [] //groups not retrieved
135*285c73a1SAndreas Gohr        ];
136*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_NONE, $this->remote->call('wiki.aclCheck', $params));
137*285c73a1SAndreas Gohr
138*285c73a1SAndreas Gohr        $params = array(
139*285c73a1SAndreas Gohr            'nice_page',
140*285c73a1SAndreas Gohr            'testuser' // superuser set via conf
141*285c73a1SAndreas Gohr        );
142*285c73a1SAndreas Gohr        $this->assertEquals(AUTH_ADMIN, $this->remote->call('wiki.aclCheck', $params));
143*285c73a1SAndreas Gohr    }
144*285c73a1SAndreas Gohr
145*285c73a1SAndreas Gohr}
146