From 315e520d1ddee8da6390d6bd6f6cb5f5e7df389d Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Wed, 13 Jul 2016 22:10:22 +0200
Subject: Improve insufficient permisions error message

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/models/muser.php           | 2 +-
 application/test/tests/test_api_v1.php | 6 +++++-
 application/test/tests/test_api_v2.php | 6 +++++-
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/application/models/muser.php b/application/models/muser.php
index ffcec300a..f2b961d89 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -168,7 +168,7 @@ class Muser extends CI_Model {
 			return;
 		}
 
-		throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low");
+		throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low. Required: $wanted_level; Have: $session_level");
 	}
 
 	function require_access($wanted_level = "full")
diff --git a/application/test/tests/test_api_v1.php b/application/test/tests/test_api_v1.php
index 9fb782563..43310d7eb 100644
--- a/application/test/tests/test_api_v1.php
+++ b/application/test/tests/test_api_v1.php
@@ -89,6 +89,8 @@ class test_api_v1 extends \test\Test {
 	{
 		$testconfig = array(
 			array(
+				"have_level" => "basic",
+				"wanted_level" => "apikey",
 				"apikey" => $this->createUserAndApikey('basic'),
 				"endpoints" => array(
 					"file/delete",
@@ -96,6 +98,8 @@ class test_api_v1 extends \test\Test {
 				),
 			),
 			array(
+				"have_level" => "apikey",
+				"wanted_level" => "full",
 				"apikey" => $this->createUserAndApikey(),
 				"endpoints" => array(
 					"user/apikeys",
@@ -113,7 +117,7 @@ class test_api_v1 extends \test\Test {
 				$this->t->is_deeply(array(
 					'status' => "error",
 					'error_id' => "api/insufficient-permissions",
-					'message' => "Access denied: Access level too low",
+					'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
 				   ), $ret, "expected permission error");
 			}
 		}
diff --git a/application/test/tests/test_api_v2.php b/application/test/tests/test_api_v2.php
index f5200ddcc..912624993 100644
--- a/application/test/tests/test_api_v2.php
+++ b/application/test/tests/test_api_v2.php
@@ -89,6 +89,8 @@ class test_api_v2 extends \test\Test {
 	{
 		$testconfig = array(
 			array(
+				"have_level" => "basic",
+				"wanted_level" => "apikey",
 				"apikey" => $this->createUserAndApikey('basic'),
 				"endpoints" => array(
 					"file/delete",
@@ -96,6 +98,8 @@ class test_api_v2 extends \test\Test {
 				),
 			),
 			array(
+				"have_level" => "apikey",
+				"wanted_level" => "full",
 				"apikey" => $this->createUserAndApikey(),
 				"endpoints" => array(
 					"user/apikeys",
@@ -113,7 +117,7 @@ class test_api_v2 extends \test\Test {
 				$this->t->is_deeply(array(
 					'status' => "error",
 					'error_id' => "api/insufficient-permissions",
-					'message' => "Access denied: Access level too low",
+					'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
 				   ), $ret, "expected permission error");
 			}
 		}
-- 
cgit v1.2.3-24-g4f1b