xref: /dokuwiki/_test/tests/inc/auth_aclcheck_caseinsensitive.test.php (revision eb3ce0d55290dd4a60193e680aa50b46571350bd) 
1<?php
2
3class auth_acl_caseinsensitive_auth extends auth_basic {
4    function isCaseSensitive() {
5        return false;
6    }
7}
8
9class auth_acl_caseinsensitive_test extends DokuWikiTest {
10    protected $oldConf;
11    protected $oldAuth;
12    protected $oldAuthAcl;
13
14    function setup() {
15        global $conf;
16        global $auth;
17        global $AUTH_ACL;
18
19        $this->oldConf    = $conf;
20        $this->oldAuth    = $auth;
21        $this->oldAuthAcl = $AUTH_ACL;
22
23        $auth = new auth_acl_caseinsensitive_auth();
24    }
25
26    function teardown() {
27        global $conf;
28        global $AUTH_ACL;
29        global $auth;
30
31        $conf     = $this->oldConf;
32        $auth     = $this->oldAuth;
33        $AUTH_ACL = $this->oldAuthAcl;
34    }
35
36    function test_multiadmin_restricted_ropage() {
37        global $conf;
38        global $AUTH_ACL;
39
40        $conf['superuser'] = 'John,doe,@Admin1,@admin2';
41        $conf['useacl']    = 1;
42
43        $AUTH_ACL = array(
44            '*              @ALL       0',
45            '*              @Group1    8',
46            '*              @group2    8',
47            'namespace:page @Group1    1',
48            'namespace:page @group2    1',
49        );
50
51        // anonymous user
52        $this->assertEquals(auth_aclcheck('page',           '', array()), AUTH_NONE);
53        $this->assertEquals(auth_aclcheck('namespace:page', '', array()), AUTH_NONE);
54        $this->assertEquals(auth_aclcheck('namespace:*',    '', array()), AUTH_NONE);
55
56        // user with no matching group
57        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo')), AUTH_NONE);
58        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo')), AUTH_NONE);
59        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo')), AUTH_NONE);
60
61        // user with matching group 1
62        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'group1')), AUTH_UPLOAD);
63        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'group1')), AUTH_READ);
64        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'group1')), AUTH_UPLOAD);
65
66        // user with matching group 2
67        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Group2')), AUTH_UPLOAD);
68        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Group2')), AUTH_READ);
69        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Group2')), AUTH_UPLOAD);
70
71        // super user John
72        $this->assertEquals(auth_aclcheck('page',           'john', array('foo')), AUTH_ADMIN);
73        $this->assertEquals(auth_aclcheck('namespace:page', 'john', array('foo')), AUTH_ADMIN);
74        $this->assertEquals(auth_aclcheck('namespace:*',    'john', array('foo')), AUTH_ADMIN);
75
76        // super user doe
77        $this->assertEquals(auth_aclcheck('page',           'Doe', array('foo')), AUTH_ADMIN);
78        $this->assertEquals(auth_aclcheck('namespace:page', 'Doe', array('foo')), AUTH_ADMIN);
79        $this->assertEquals(auth_aclcheck('namespace:*',    'Doe', array('foo')), AUTH_ADMIN);
80
81        // user with matching admin group 1
82        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'admin1')), AUTH_ADMIN);
83        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'admin1')), AUTH_ADMIN);
84        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'admin1')), AUTH_ADMIN);
85
86        // user with matching admin group 2
87        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Admin2')), AUTH_ADMIN);
88        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Admin2')), AUTH_ADMIN);
89        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Admin2')), AUTH_ADMIN);
90    }
91
92    /*
93     * Test aclcheck on @ALL group
94     *
95     * The default permission for @ALL group is AUTH_NONE. So we use an
96     * ACL entry which grants @ALL group an AUTH_READ permission to see
97     * whether ACL matching is properly done or not.
98     */
99    function test_restricted_allread() {
100        global $conf;
101        global $AUTH_ACL;
102
103        $conf['superuser'] = 'john';
104        $conf['useacl']    = 1;
105
106        $AUTH_ACL = array(
107            '*           @ALL           1',
108            '*           @group1        8',
109        );
110
111        // anonymous user
112        $this->assertEquals(auth_aclcheck('page',           '', array()), AUTH_READ);
113        $this->assertEquals(auth_aclcheck('namespace:page', '', array()), AUTH_READ);
114        $this->assertEquals(auth_aclcheck('namespace:*',    '', array()), AUTH_READ);
115
116        // user with no matching group
117        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo')), AUTH_READ);
118        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo')), AUTH_READ);
119        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo')), AUTH_READ);
120
121        // user with matching group
122        $this->assertEquals(auth_aclcheck('page',           'jill', array('foo', 'Group1')), AUTH_UPLOAD);
123        $this->assertEquals(auth_aclcheck('namespace:page', 'jill', array('foo', 'Group1')), AUTH_UPLOAD);
124        $this->assertEquals(auth_aclcheck('namespace:*',    'jill', array('foo', 'Group1')), AUTH_UPLOAD);
125
126        // super user
127        $this->assertEquals(auth_aclcheck('page',           'John', array('foo')), AUTH_ADMIN);
128        $this->assertEquals(auth_aclcheck('namespace:page', 'John', array('foo')), AUTH_ADMIN);
129        $this->assertEquals(auth_aclcheck('namespace:*',    'John', array('foo')), AUTH_ADMIN);
130    }
131}
132