From 645b08267a3fdd516a24db01e09a3cca74bb87a4 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 25 Apr 2015 17:05:02 +0200 Subject: test: Call more endpoints without enough permissions Signed-off-by: Florian Pritz --- application/tests/test_api_v1.php | 43 +++++++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 15 deletions(-) (limited to 'application/tests/test_api_v1.php') diff --git a/application/tests/test_api_v1.php b/application/tests/test_api_v1.php index 50264b6da..524eaae1b 100644 --- a/application/tests/test_api_v1.php +++ b/application/tests/test_api_v1.php @@ -86,22 +86,35 @@ class test_api_v1 extends Test { public function test_callEndpointsWithoutEnoughPermissions() { - $apikey = $this->createUserAndApikey(); - $endpoints = array( - "user/apikeys", - "user/create_apikey", - "user/delete_apikey", + $testconfig = array( + array( + "apikey" => $this->createUserAndApikey('basic'), + "endpoints" => array( + "file/delete", + "file/history", + ), + ), + array( + "apikey" => $this->createUserAndApikey(), + "endpoints" => array( + "user/apikeys", + "user/create_apikey", + "user/delete_apikey", + ), + ), ); - foreach ($endpoints as $endpoint) { - $ret = $this->CallEndpoint("POST", $endpoint, array( - "apikey" => $apikey, - )); - $this->expectError("call $endpoint without enough permissions", $ret); - $this->t->is_deeply(array( - 'status' => "error", - 'error_id' => "api/insufficient-permissions", - 'message' => "Access denied: Access level too low", - ), $ret, "expected error"); + foreach ($testconfig as $test) { + foreach ($test['endpoints'] as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + "apikey" => $test['apikey'], + )); + $this->expectError("call $endpoint without enough permissions", $ret); + $this->t->is_deeply(array( + 'status' => "error", + 'error_id' => "api/insufficient-permissions", + 'message' => "Access denied: Access level too low", + ), $ret, "expected permission error"); + } } } -- cgit v1.2.3-24-g4f1b