summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2016-07-13 22:10:22 +0200
committerFlorian Pritz <bluewind@xinu.at>2016-07-13 22:20:48 +0200
commit315e520d1ddee8da6390d6bd6f6cb5f5e7df389d (patch)
treed0ecc9655272f6e03b8025fb1efd773e3acfd5eb /application
parenta9dd92393081df6d46115cae19e1b9771f90352f (diff)
Improve insufficient permisions error message
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/models/muser.php2
-rw-r--r--application/test/tests/test_api_v1.php6
-rw-r--r--application/test/tests/test_api_v2.php6
3 files changed, 11 insertions, 3 deletions
diff --git a/application/models/muser.php b/application/models/muser.php
index ffcec300a..f2b961d89 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -168,7 +168,7 @@ class Muser extends CI_Model {
return;
}
- throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low");
+ throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low. Required: $wanted_level; Have: $session_level");
}
function require_access($wanted_level = "full")
diff --git a/application/test/tests/test_api_v1.php b/application/test/tests/test_api_v1.php
index 9fb782563..43310d7eb 100644
--- a/application/test/tests/test_api_v1.php
+++ b/application/test/tests/test_api_v1.php
@@ -89,6 +89,8 @@ class test_api_v1 extends \test\Test {
{
$testconfig = array(
array(
+ "have_level" => "basic",
+ "wanted_level" => "apikey",
"apikey" => $this->createUserAndApikey('basic'),
"endpoints" => array(
"file/delete",
@@ -96,6 +98,8 @@ class test_api_v1 extends \test\Test {
),
),
array(
+ "have_level" => "apikey",
+ "wanted_level" => "full",
"apikey" => $this->createUserAndApikey(),
"endpoints" => array(
"user/apikeys",
@@ -113,7 +117,7 @@ class test_api_v1 extends \test\Test {
$this->t->is_deeply(array(
'status' => "error",
'error_id' => "api/insufficient-permissions",
- 'message' => "Access denied: Access level too low",
+ 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
), $ret, "expected permission error");
}
}
diff --git a/application/test/tests/test_api_v2.php b/application/test/tests/test_api_v2.php
index f5200ddcc..912624993 100644
--- a/application/test/tests/test_api_v2.php
+++ b/application/test/tests/test_api_v2.php
@@ -89,6 +89,8 @@ class test_api_v2 extends \test\Test {
{
$testconfig = array(
array(
+ "have_level" => "basic",
+ "wanted_level" => "apikey",
"apikey" => $this->createUserAndApikey('basic'),
"endpoints" => array(
"file/delete",
@@ -96,6 +98,8 @@ class test_api_v2 extends \test\Test {
),
),
array(
+ "have_level" => "apikey",
+ "wanted_level" => "full",
"apikey" => $this->createUserAndApikey(),
"endpoints" => array(
"user/apikeys",
@@ -113,7 +117,7 @@ class test_api_v2 extends \test\Test {
$this->t->is_deeply(array(
'status' => "error",
'error_id' => "api/insufficient-permissions",
- 'message' => "Access denied: Access level too low",
+ 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
), $ret, "expected permission error");
}
}