diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2008-12-31 00:47:15 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2008-12-31 00:47:15 +0000 |
| commit | bfb040a46394e1a91318f39926923e027167362f (patch) | |
| tree | fbcc4a1cc6da28be3ddc99a46ca5912ea66e6c12 /core/tests | |
| parent | ad719b9b6f3391da1ba7e481890317cdc409c616 (diff) | |
Fix a bug where we were accidentally allowing view permissions when
allowing or resetting permission further down in the tree. This bug
was introduced when I refactored the view permission cache into the
items table. Updated test to catch it.
Diffstat (limited to 'core/tests')
| -rw-r--r-- | core/tests/Access_Helper_Test.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/core/tests/Access_Helper_Test.php b/core/tests/Access_Helper_Test.php index aaf919b1..d7f014dc 100644 --- a/core/tests/Access_Helper_Test.php +++ b/core/tests/Access_Helper_Test.php @@ -197,14 +197,18 @@ class Access_Helper_Test extends Unit_Test_Case { public function revoked_view_permissions_cant_be_allowed_lower_down_test() { $root = ORM::factory("item", 1); - $album = album::create($root, rand(), "test album"); + $album1 = album::create($root, rand(), "test album"); + $album2 = album::create($album1, rand(), "test album"); $root->reload(); access::deny(group::everybody(), "view", $root); - access::allow(group::everybody(), "view", $album); + access::allow(group::everybody(), "view", $album2); - $album->reload(); - $this->assert_false(access::group_can(group::everybody(), "view", $album)); + $album1->reload(); + $this->assert_false(access::group_can(group::everybody(), "view", $album1)); + + $album2->reload(); + $this->assert_false(access::group_can(group::everybody(), "view", $album2)); } public function can_edit_item_test() { |