diff options
| -rw-r--r-- | models/project.php | 9 | ||||
| -rw-r--r-- | tests/ProjectTest.php | 8 |
2 files changed, 16 insertions, 1 deletions
diff --git a/models/project.php b/models/project.php index a2f66478..45cd1baa 100644 --- a/models/project.php +++ b/models/project.php @@ -82,6 +82,15 @@ class Project extends Base if ($nb_users < 1) return true; + // check if user has admin rights + $nb_users = $this->db + ->table(\Model\User::TABLE) + ->eq('id', $user_id) + ->eq('is_admin', 1) + ->count(); + + if ($nb_users > 0) return true; + // Otherwise, allow only specific users return (bool) $this->db ->table(self::TABLE_USERS) diff --git a/tests/ProjectTest.php b/tests/ProjectTest.php index 6eb39f52..33a35168 100644 --- a/tests/ProjectTest.php +++ b/tests/ProjectTest.php @@ -57,7 +57,13 @@ class ProjectTest extends PHPUnit_Framework_TestCase $this->assertTrue($p->revokeUser(1, 1)); $this->assertEquals(array('2' => 'unittest'), $p->getAllowedUsers(1)); - $this->assertFalse($p->isUserAllowed(1, 1)); + $this->assertTrue($p->isUserAllowed(1, 1)); // has admin priviledges $this->assertTrue($p->isUserAllowed(1, 2)); + + // Check if revoked regular user is not allowed + $this->assertTrue($p->allowUser(1, 1)); + $this->assertTrue($p->revokeUser(1, 2)); + $this->assertEquals(array('1' => 'admin'), $p->getAllowedUsers(1)); + $this->assertFalse($p->isUserAllowed(1, 2)); // regulat user is not allowed } } |