xref: /dokuwiki/_test/tests/Remote/ApiCoreAclCheckTest.php (revision 6e1ddc64940f0098c726a0f486a45e4ca1221956) 
1285c73a1SAndreas Gohr<?php
2285c73a1SAndreas Gohr
3285c73a1SAndreas Gohrnamespace dokuwiki\test\Remote;
4285c73a1SAndreas Gohr
5285c73a1SAndreas Gohruse dokuwiki\Remote\Api;
6285c73a1SAndreas Gohr
7285c73a1SAndreas Gohr/**
8285c73a1SAndreas Gohr * Class remoteapicore_test
9285c73a1SAndreas Gohr */
10285c73a1SAndreas Gohrclass ApiCoreAclCheckTest extends \DokuWikiTest {
11285c73a1SAndreas Gohr
12285c73a1SAndreas Gohr    protected $userinfo;
13285c73a1SAndreas Gohr    protected $oldAuthAcl;
14285c73a1SAndreas Gohr    /** @var  Api */
15285c73a1SAndreas Gohr    protected $remote;
16285c73a1SAndreas Gohr
17285c73a1SAndreas Gohr    protected $pluginsEnabled = array('auth_plugin_authplain');
18285c73a1SAndreas Gohr
19285c73a1SAndreas Gohr    protected function reloadUsers() {
20285c73a1SAndreas Gohr        global $auth;
21285c73a1SAndreas Gohr
22285c73a1SAndreas Gohr        /* auth caches data loaded from file, but recreated object forces reload */
23285c73a1SAndreas Gohr        $auth = new \auth_plugin_authplain();
24285c73a1SAndreas Gohr    }
25285c73a1SAndreas Gohr
26285c73a1SAndreas Gohr    public function setUp() : void {
27285c73a1SAndreas Gohr        global $config_cascade;
28285c73a1SAndreas Gohr        global $conf;
29285c73a1SAndreas Gohr        global $USERINFO;
30285c73a1SAndreas Gohr        global $AUTH_ACL;
31285c73a1SAndreas Gohr
32285c73a1SAndreas Gohr        parent::setUp();
33285c73a1SAndreas Gohr
34285c73a1SAndreas Gohr        $name = $config_cascade['plainauth.users']['default'];
35285c73a1SAndreas Gohr        copy($name, $name . ".orig");
36285c73a1SAndreas Gohr        $this->reloadUsers();
37285c73a1SAndreas Gohr
38285c73a1SAndreas Gohr        $this->oldAuthAcl = $AUTH_ACL;
39285c73a1SAndreas Gohr        $this->userinfo = $USERINFO;
40285c73a1SAndreas Gohr
41285c73a1SAndreas Gohr        $conf['remote'] = 1;
42285c73a1SAndreas Gohr        $conf['remoteuser'] = '@user';
43285c73a1SAndreas Gohr        $conf['useacl'] = 0;
44285c73a1SAndreas Gohr
45285c73a1SAndreas Gohr        $this->remote = new Api();
46285c73a1SAndreas Gohr
47285c73a1SAndreas Gohr    }
48285c73a1SAndreas Gohr
49285c73a1SAndreas Gohr    public function tearDown() : void {
50285c73a1SAndreas Gohr        global $USERINFO;
51285c73a1SAndreas Gohr        global $AUTH_ACL;
52285c73a1SAndreas Gohr        global $config_cascade;
53285c73a1SAndreas Gohr
54285c73a1SAndreas Gohr        parent::tearDown();
55285c73a1SAndreas Gohr
56285c73a1SAndreas Gohr        $USERINFO = $this->userinfo;
57285c73a1SAndreas Gohr        $AUTH_ACL = $this->oldAuthAcl;
58285c73a1SAndreas Gohr
59285c73a1SAndreas Gohr        $name = $config_cascade['plainauth.users']['default'];
60285c73a1SAndreas Gohr        copy($name . ".orig", $name);
61285c73a1SAndreas Gohr    }
62285c73a1SAndreas Gohr
63285c73a1SAndreas Gohr    public function testCheckacl() {
64285c73a1SAndreas Gohr        global $conf;
65285c73a1SAndreas Gohr        global $AUTH_ACL, $USERINFO;
66285c73a1SAndreas Gohr        /** @var auth_plugin_authplain $auth */
67285c73a1SAndreas Gohr        global $auth;
68285c73a1SAndreas Gohr
69285c73a1SAndreas Gohr        $conf['useacl'] = 1;
70285c73a1SAndreas Gohr        $_SERVER['REMOTE_USER'] = 'john';
71285c73a1SAndreas Gohr        $USERINFO['grps'] = ['user'];
72285c73a1SAndreas Gohr        $AUTH_ACL = [
73285c73a1SAndreas Gohr            '*                  @ALL           0', //none
74285c73a1SAndreas Gohr            '*                  @user          2', //edit
75285c73a1SAndreas Gohr            '*                  @more          4', //create
76285c73a1SAndreas Gohr            'nice_page          user2          8'  //upload
77285c73a1SAndreas Gohr        ];
78285c73a1SAndreas Gohr
79285c73a1SAndreas Gohr        $params = ['nice_page'];
80*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('core.aclCheck', $params));
81285c73a1SAndreas Gohr
82285c73a1SAndreas Gohr        $auth->createUser("user1", "54321", "a User", "you@example.com");
83285c73a1SAndreas Gohr        $auth->createUser("user2", "543210", "You", "he@example.com");
84285c73a1SAndreas Gohr        $auth->createUser("mwuser", "12345", "Wiki User", "me@example.com", ['more']); //not in default group
85285c73a1SAndreas Gohr
86285c73a1SAndreas Gohr        $params = [
87285c73a1SAndreas Gohr            'nice_page',
88285c73a1SAndreas Gohr            'user1'
89285c73a1SAndreas Gohr        ];
90*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('core.aclCheck', $params));
91285c73a1SAndreas Gohr
92285c73a1SAndreas Gohr        $params = [
93285c73a1SAndreas Gohr            'nice_page',
94285c73a1SAndreas Gohr            'mwuser',
95*6e1ddc64SAndreas Gohr            // member of group 'more' (automatically retrieved)
96285c73a1SAndreas Gohr        ];
97*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_CREATE, $this->remote->call('core.aclCheck', $params));
98*6e1ddc64SAndreas Gohr
99*6e1ddc64SAndreas Gohr        $params = [
100*6e1ddc64SAndreas Gohr            'nice_page',
101*6e1ddc64SAndreas Gohr            'mwuser',
102*6e1ddc64SAndreas Gohr            [] // member of group 'more' (automatically retrieved)
103*6e1ddc64SAndreas Gohr        ];
104*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_CREATE, $this->remote->call('core.aclCheck', $params));
105285c73a1SAndreas Gohr
106285c73a1SAndreas Gohr        $params = [
107285c73a1SAndreas Gohr            'nice_page',
108285c73a1SAndreas Gohr            'notexistinguser',
109285c73a1SAndreas Gohr            ['more']
110285c73a1SAndreas Gohr        ];
111*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_CREATE, $this->remote->call('core.aclCheck', $params));
112285c73a1SAndreas Gohr
113285c73a1SAndreas Gohr        $params = [
114285c73a1SAndreas Gohr            'nice_page',
115285c73a1SAndreas Gohr            'user2',
116*6e1ddc64SAndreas Gohr            // (automatically retrieved)
117285c73a1SAndreas Gohr        ];
118*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_UPLOAD, $this->remote->call('core.aclCheck', $params));
119285c73a1SAndreas Gohr
120285c73a1SAndreas Gohr        $params = [
121*6e1ddc64SAndreas Gohr            'nice_page',
122*6e1ddc64SAndreas Gohr            'user2',
123*6e1ddc64SAndreas Gohr            [] // (automatically retrieved)
124285c73a1SAndreas Gohr        ];
125*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_UPLOAD, $this->remote->call('core.aclCheck', $params));
126285c73a1SAndreas Gohr
127285c73a1SAndreas Gohr        $params = [
128285c73a1SAndreas Gohr            'unknown_page',
129285c73a1SAndreas Gohr            'user2',
130*6e1ddc64SAndreas Gohr            // (automatically retrieved)
131285c73a1SAndreas Gohr        ];
132*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('core.aclCheck', $params));
133*6e1ddc64SAndreas Gohr
134*6e1ddc64SAndreas Gohr        $params = [
135*6e1ddc64SAndreas Gohr            'unknown_page',
136*6e1ddc64SAndreas Gohr            'user2',
137*6e1ddc64SAndreas Gohr            [] // (automatically retrieved)
138*6e1ddc64SAndreas Gohr        ];
139*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_EDIT, $this->remote->call('core.aclCheck', $params));
140285c73a1SAndreas Gohr
141285c73a1SAndreas Gohr        $params = array(
142285c73a1SAndreas Gohr            'nice_page',
143*6e1ddc64SAndreas Gohr            'testuser', // superuser set via conf
144*6e1ddc64SAndreas Gohr            // (automatically retrieved)
145285c73a1SAndreas Gohr        );
146*6e1ddc64SAndreas Gohr        $this->assertEquals(AUTH_ADMIN, $this->remote->call('core.aclCheck', $params));
147285c73a1SAndreas Gohr    }
148285c73a1SAndreas Gohr
149285c73a1SAndreas Gohr}
150