szurubooru/tests/JobTests/EditPostJobTest.php

<?php
class EditPostJobTest extends AbstractTest
{
	public function testSaving()
	{
		$this->grantAccess('editPost');
		$this->grantAccess('editPostSafety');
		$this->grantAccess('editPostTags');
		$this->grantAccess('editPostSource');
		$this->grantAccess('editPostContent');

		$post = $this->mockPost(Auth::getCurrentUser());

		$args =
		[
			EditPostJob::POST_ID => $post->getId(),
			EditPostSafetyJob::SAFETY => PostSafety::Safe,
			EditPostSourceJob::SOURCE => '',
			EditPostContentJob::POST_CONTENT => new ApiFileInput($this->getPath('image.jpg'), 'test.jpg'),
		];

		$this->assert->doesNotThrow(function() use ($args)
		{
			Api::run(new EditPostJob(), $args);
		});
	}

	public function testPrivilegeFail()
	{
		$this->grantAccess('editPost');
		$this->grantAccess('editPostSafety');
		$this->grantAccess('editPostTags');
		$this->grantAccess('editPostContent');

		$post = $this->mockPost(Auth::getCurrentUser());

		$args =
		[
			EditPostJob::POST_ID => $post->getId(),
			EditPostSafetyJob::SAFETY => PostSafety::Safe,
			EditPostSourceJob::SOURCE => '',
			EditPostContentJob::POST_CONTENT => new ApiFileInput($this->getPath('image.jpg'), 'test.jpg'),
		];

		$this->assert->throws(function() use ($args)
		{
			Api::run(new EditPostJob(), $args);
		}, 'Insufficient privilege');
	}
}
Better privilege checking for batch operations 2014-05-06 19:39:41 +02:00			`<?php`
			`class EditPostJobTest extends AbstractTest`
			`{`
			`public function testSaving()`
			`{`
			`$this->grantAccess('editPost');`
			`$this->grantAccess('editPostSafety');`
			`$this->grantAccess('editPostTags');`
			`$this->grantAccess('editPostSource');`
			`$this->grantAccess('editPostContent');`

			`$post = $this->mockPost(Auth::getCurrentUser());`

			`$args =`
			`[`
			`EditPostJob::POST_ID => $post->getId(),`
			`EditPostSafetyJob::SAFETY => PostSafety::Safe,`
			`EditPostSourceJob::SOURCE => '',`
			`EditPostContentJob::POST_CONTENT => new ApiFileInput($this->getPath('image.jpg'), 'test.jpg'),`
			`];`

			`$this->assert->doesNotThrow(function() use ($args)`
			`{`
			`Api::run(new EditPostJob(), $args);`
			`});`
			`}`

			`public function testPrivilegeFail()`
			`{`
			`$this->grantAccess('editPost');`
			`$this->grantAccess('editPostSafety');`
			`$this->grantAccess('editPostTags');`
			`$this->grantAccess('editPostContent');`

			`$post = $this->mockPost(Auth::getCurrentUser());`

			`$args =`
			`[`
			`EditPostJob::POST_ID => $post->getId(),`
			`EditPostSafetyJob::SAFETY => PostSafety::Safe,`
			`EditPostSourceJob::SOURCE => '',`
			`EditPostContentJob::POST_CONTENT => new ApiFileInput($this->getPath('image.jpg'), 'test.jpg'),`
			`];`

			`$this->assert->throws(function() use ($args)`
			`{`
			`Api::run(new EditPostJob(), $args);`
			`}, 'Insufficient privilege');`
			`}`
			`}`