From 427f3051011e3dc963abc6b3fb832aedd54d4c6b Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Tue, 10 Jun 2014 21:12:14 +0200
Subject: [PATCH] Split post page view and post download privileges

---
 data/config.ini                               |  5 +++
 src/Api/Jobs/PostJobs/GetPostContentJob.php   |  2 +-
 src/Enums/Privilege.php                       |  1 +
 tests/Tests/ApiTests/ApiPrivilegeTest.php     | 45 +++++++++++--------
 .../Tests/JobTests/GetPostContentJobTest.php  |  6 +--
 5 files changed, 37 insertions(+), 22 deletions(-)

diff --git a/data/config.ini b/data/config.ini
index 4047eb09..7d711a56 100644
--- a/data/config.ini
+++ b/data/config.ini
@@ -99,6 +99,11 @@ viewPost.safe=anonymous
 viewPost.sketchy=registered
 viewPost.unsafe=registered
 viewPost.hidden=moderator
+downloadPost=anonymous
+downloadPost.safe=anonymous
+downloadPost.sketchy=anonymous
+downloadPost.unsafe=anonymous
+downloadPost.hidden=moderator
 retrievePost=anonymous
 favoritePost=registered
 
diff --git a/src/Api/Jobs/PostJobs/GetPostContentJob.php b/src/Api/Jobs/PostJobs/GetPostContentJob.php
index 670e1e1d..e75bfaca 100644
--- a/src/Api/Jobs/PostJobs/GetPostContentJob.php
+++ b/src/Api/Jobs/PostJobs/GetPostContentJob.php
@@ -36,7 +36,7 @@ class GetPostContentJob extends AbstractJob
 
 	public function getRequiredMainPrivilege()
 	{
-		return Privilege::ViewPost;
+		return Privilege::DownloadPost;
 	}
 
 	public function getRequiredSubPrivileges()
diff --git a/src/Enums/Privilege.php b/src/Enums/Privilege.php
index 4ed2c405..7a7efd99 100644
--- a/src/Enums/Privilege.php
+++ b/src/Enums/Privilege.php
@@ -3,6 +3,7 @@ class Privilege extends AbstractEnum implements IEnum
 {
 	const ListPosts = 'listPosts';
 	const ViewPost = 'viewPost';
+	const DownloadPost = 'downloadPost';
 	const RetrievePost = 'retrievePost';
 	const FavoritePost = 'favoritePost';
 	const HidePost = 'hidePost';
diff --git a/tests/Tests/ApiTests/ApiPrivilegeTest.php b/tests/Tests/ApiTests/ApiPrivilegeTest.php
index 2c4202c4..5475244c 100644
--- a/tests/Tests/ApiTests/ApiPrivilegeTest.php
+++ b/tests/Tests/ApiTests/ApiPrivilegeTest.php
@@ -92,29 +92,38 @@ class ApiPrivilegeTest extends AbstractFullApiTest
 
 	public function testDynamicPostRetrievalPrivileges()
 	{
-		$jobs =
-		[
-			new GetPostJob(),
-			new GetPostContentJob(),
-		];
+		$job = new GetPostJob();
+		$this->testedJobs []= $job;
 
 		$post = $this->postMocker->mockSingle();
+		$post->setHidden(true);
+		PostModel::save($post);
 
-		foreach ($jobs as $job)
-		{
-			$this->testedJobs []= $job;
+		$job->setArgument(JobArgs::ARG_POST_ID, $post->getId());
+		$job->setArgument(JobArgs::ARG_POST_NAME, $post->getName());
+		$job->prepare();
+		$this->assert->areEqual(Privilege::ViewPost, $job->getRequiredMainPrivilege());
+		$sub = $job->getRequiredSubPrivileges();
+		natcasesort($sub);
+		$this->assert->areEquivalent(['hidden', 'safe'], $sub);
+	}
 
-			$post->setHidden(true);
-			PostModel::save($post);
+	public function testDynamicPostContentRetrievalPrivileges()
+	{
+		$job = new GetPostContentJob();
+		$this->testedJobs []= $job;
 
-			$job->setArgument(JobArgs::ARG_POST_ID, $post->getId());
-			$job->setArgument(JobArgs::ARG_POST_NAME, $post->getName());
-			$job->prepare();
-			$this->assert->areEqual(Privilege::ViewPost, $job->getRequiredMainPrivilege());
-			$sub = $job->getRequiredSubPrivileges();
-			natcasesort($sub);
-			$this->assert->areEquivalent(['hidden', 'safe'], $sub);
-		}
+		$post = $this->postMocker->mockSingle();
+		$post->setHidden(true);
+		PostModel::save($post);
+
+		$job->setArgument(JobArgs::ARG_POST_ID, $post->getId());
+		$job->setArgument(JobArgs::ARG_POST_NAME, $post->getName());
+		$job->prepare();
+		$this->assert->areEqual(Privilege::DownloadPost, $job->getRequiredMainPrivilege());
+		$sub = $job->getRequiredSubPrivileges();
+		natcasesort($sub);
+		$this->assert->areEquivalent(['hidden', 'safe'], $sub);
 	}
 
 	public function testDynamicPostThumbnailPrivileges()
diff --git a/tests/Tests/JobTests/GetPostContentJobTest.php b/tests/Tests/JobTests/GetPostContentJobTest.php
index f36f8553..eefdb6e6 100644
--- a/tests/Tests/JobTests/GetPostContentJobTest.php
+++ b/tests/Tests/JobTests/GetPostContentJobTest.php
@@ -3,7 +3,7 @@ class GetPostContentJobTest extends AbstractTest
 {
 	public function testPostRetrieval()
 	{
-		$this->grantAccess('viewPost');
+		$this->grantAccess('downloadPost');
 		$post = $this->postMocker->mockSingle();
 
 		$output = $this->assert->doesNotThrow(function() use ($post)
@@ -24,7 +24,7 @@ class GetPostContentJobTest extends AbstractTest
 
 	public function testIdFail()
 	{
-		$this->grantAccess('viewPost');
+		$this->grantAccess('downloadPost');
 
 		$this->assert->throws(function()
 		{
@@ -38,7 +38,7 @@ class GetPostContentJobTest extends AbstractTest
 
 	public function testInvalidName()
 	{
-		$this->grantAccess('viewPost');
+		$this->grantAccess('downloadPost');
 
 		$this->assert->throws(function()
 		{