From 5514ed4fd6f621a0be31c22db3872d107435feea Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Mon, 12 May 2014 23:04:35 +0200
Subject: [PATCH] Fixed exception throw in UserModel

---
 src/Models/Entities/UserEntity.php           |  2 +-
 tests/JobTests/EditUserAccessRankJobTest.php | 63 ++++++++++++++++++++
 2 files changed, 64 insertions(+), 1 deletion(-)
 create mode 100644 tests/JobTests/EditUserAccessRankJobTest.php

diff --git a/src/Models/Entities/UserEntity.php b/src/Models/Entities/UserEntity.php
index c55ad50b..c56da41b 100644
--- a/src/Models/Entities/UserEntity.php
+++ b/src/Models/Entities/UserEntity.php
@@ -109,7 +109,7 @@ final class UserEntity extends AbstractEntity implements IValidatable
 		$this->accessRank->validate();
 
 		if ($this->accessRank->toInteger() == AccessRank::Nobody)
-			throw new Exception('Cannot set special access rank "%s"', $this->accessRank->toString());
+			throw new Exception(sprintf('Cannot set special access rank "%s"', $this->accessRank->toString()));
 	}
 
 	private function validateEmails()
diff --git a/tests/JobTests/EditUserAccessRankJobTest.php b/tests/JobTests/EditUserAccessRankJobTest.php
new file mode 100644
index 00000000..d8cc4ae4
--- /dev/null
+++ b/tests/JobTests/EditUserAccessRankJobTest.php
@@ -0,0 +1,63 @@
+<?php
+class EditUserAccessRankJobTest extends AbstractTest
+{
+	public function testEditing()
+	{
+		$this->grantAccess('changeUserAccessRank');
+		$user = $this->mockUser();
+
+		$this->assert->areEqual(AccessRank::Registered, $user->getAccessRank()->toInteger());
+
+		$user = $this->assert->doesNotThrow(function() use ($user)
+		{
+			return Api::run(
+				new EditUserAccessRankJob(),
+				[
+					JobArgs::ARG_USER_NAME => $user->getName(),
+					JobArgs::ARG_NEW_ACCESS_RANK => AccessRank::PowerUser,
+				]);
+		});
+
+		$this->assert->areEqual(AccessRank::PowerUser, $user->getAccessRank()->toInteger());
+	}
+
+	public function testSettingToNobodyDenial()
+	{
+		$this->grantAccess('changeUserAccessRank');
+		$user = $this->mockUser();
+
+		$this->assert->areEqual(AccessRank::Registered, $user->getAccessRank()->toInteger());
+
+		$this->assert->throws(function() use ($user)
+		{
+			Api::run(
+				new EditUserAccessRankJob(),
+				[
+					JobArgs::ARG_USER_NAME => $user->getName(),
+					JobArgs::ARG_NEW_ACCESS_RANK => AccessRank::Nobody,
+				]);
+		}, 'Cannot set special access rank');
+	}
+
+	public function testHigherThanMyselfDenial()
+	{
+		getConfig()->privileges->changeUserAccessRank = 'power-user';
+		Access::init();
+
+		$user = $this->mockUser();
+		$user->setAccessRank(new AccessRank(AccessRank::PowerUser));
+		UserModel::save($user);
+
+		$this->assert->areEqual(AccessRank::PowerUser, $user->getAccessRank()->toInteger());
+
+		$this->assert->throws(function() use ($user)
+		{
+			Api::run(
+				new EditUserAccessRankJob(),
+				[
+					JobArgs::ARG_USER_NAME => $user->getName(),
+					JobArgs::ARG_NEW_ACCESS_RANK => AccessRank::Admin,
+				]);
+		}, 'Insufficient privileges');
+	}
+}