xref: /dokuwiki/_test/tests/inc/auth_aclcheck_caseinsensitive.test.php (revision 4f4c6fd5079db8beb50ea9b9aa08351a49a57d21) 
1<?php
2
3class auth_acl_caseinsensitive_auth extends auth_basic {
4    function isCaseSensitive() {
5        return false;
6    }
7}
8
9class auth_acl_caseinsensitive_test extends DokuWikiTest {
10    protected $oldAuth;
11    protected $oldAuthAcl;
12
13    function setUp() {
14        parent::setUp();
15        global $auth;
16        global $AUTH_ACL;
17
18        $this->oldAuth    = $auth;
19        $this->oldAuthAcl = $AUTH_ACL;
20
21        $auth = new auth_acl_caseinsensitive_auth();
22    }
23
24    function tearDown() {
25        global $conf;
26        global $AUTH_ACL;
27        global $auth;
28
29        $auth     = $this->oldAuth;
30        $AUTH_ACL = $this->oldAuthAcl;
31    }
32
33    function test_multiadmin_restricted_ropage() {
34        global $conf;
35        global $AUTH_ACL;
36
37        $conf['superuser'] = 'John,doe,@Admin1,@admin2';
38        $conf['useacl']    = 1;
39
40        $AUTH_ACL = array(
41            '*              @ALL       0',
42            '*              @Group1    8',
43            '*              @group2    8',
44            'namespace:page @Group1    1',
45            'namespace:page @group2    1',
46        );
47
48        // anonymous user
49        $this->assertEquals(auth_aclcheck('page',           '', array()), AUTH_NONE);
50        $this->assertEquals(auth_aclcheck('namespace:page', '', array()), AUTH_NONE);
51        $this->assertEquals(auth_aclcheck('namespace:*',    '', array()), AUTH_NONE);
52
53        // user with no matching group
54        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo')), AUTH_NONE);
55        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo')), AUTH_NONE);
56        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo')), AUTH_NONE);
57
58        // user with matching group 1
59        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'group1')), AUTH_UPLOAD);
60        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'group1')), AUTH_READ);
61        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'group1')), AUTH_UPLOAD);
62
63        // user with matching group 2
64        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Group2')), AUTH_UPLOAD);
65        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Group2')), AUTH_READ);
66        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Group2')), AUTH_UPLOAD);
67
68        // super user John
69        $this->assertEquals(auth_aclcheck('page',           'john', array('foo')), AUTH_ADMIN);
70        $this->assertEquals(auth_aclcheck('namespace:page', 'john', array('foo')), AUTH_ADMIN);
71        $this->assertEquals(auth_aclcheck('namespace:*',    'john', array('foo')), AUTH_ADMIN);
72
73        // super user doe
74        $this->assertEquals(auth_aclcheck('page',           'Doe', array('foo')), AUTH_ADMIN);
75        $this->assertEquals(auth_aclcheck('namespace:page', 'Doe', array('foo')), AUTH_ADMIN);
76        $this->assertEquals(auth_aclcheck('namespace:*',    'Doe', array('foo')), AUTH_ADMIN);
77
78        // user with matching admin group 1
79        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'admin1')), AUTH_ADMIN);
80        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'admin1')), AUTH_ADMIN);
81        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'admin1')), AUTH_ADMIN);
82
83        // user with matching admin group 2
84        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Admin2')), AUTH_ADMIN);
85        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Admin2')), AUTH_ADMIN);
86        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Admin2')), AUTH_ADMIN);
87    }
88
89    /*
90     * Test aclcheck on @ALL group
91     *
92     * The default permission for @ALL group is AUTH_NONE. So we use an
93     * ACL entry which grants @ALL group an AUTH_READ permission to see
94     * whether ACL matching is properly done or not.
95     */
96    function test_restricted_allread() {
97        global $conf;
98        global $AUTH_ACL;
99
100        $conf['superuser'] = 'john';
101        $conf['useacl']    = 1;
102
103        $AUTH_ACL = array(
104            '*           @ALL           1',
105            '*           @group1        8',
106        );
107
108        // anonymous user
109        $this->assertEquals(auth_aclcheck('page',           '', array()), AUTH_READ);
110        $this->assertEquals(auth_aclcheck('namespace:page', '', array()), AUTH_READ);
111        $this->assertEquals(auth_aclcheck('namespace:*',    '', array()), AUTH_READ);
112
113        // user with no matching group
114        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo')), AUTH_READ);
115        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo')), AUTH_READ);
116        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo')), AUTH_READ);
117
118        // user with matching group
119        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Group1')), AUTH_UPLOAD);
120        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Group1')), AUTH_UPLOAD);
121        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Group1')), AUTH_UPLOAD);
122
123        // super user
124        $this->assertEquals(auth_aclcheck('page',           'John', array('foo')), AUTH_ADMIN);
125        $this->assertEquals(auth_aclcheck('namespace:page', 'John', array('foo')), AUTH_ADMIN);
126        $this->assertEquals(auth_aclcheck('namespace:*',    'John', array('foo')), AUTH_ADMIN);
127    }
128}
129