Start on tests for authorization

lib/User.php

@@ -9,6 +9,7 @@ class User {
     protected $u;
     protected $authz = true;
     protected $authzSupported = 0;
+    protected $actor = [];
     
     static public function listDrivers(): array {
         $sep = \DIRECTORY_SEPARATOR;
@@ -108,6 +109,7 @@ class User {
             if($this->data->conf->userAuthPreferHTTP) return $this->authHTTP();
             return $this->authForm();
         } else {
+            $this->id = $user;
             switch($this->u->driverFunctions("auth")) {
                 case User\Driver::FUNC_EXTERNAL:
                     $out = $this->u->auth($user, $password);

tests/User/TestAuthorization.php

@@ -0,0 +1,47 @@
+<?php
+declare(strict_types=1);
+namespace JKingWeb\NewsSync;
+
+
+class TestAuthorization extends \PHPUnit\Framework\TestCase {
+    use Test\Tools;
+    
+	const USER1 = "john.doe@example.com";
+	const USER2 = "jane.doe@example.org";
+
+	protected $data;
+
+    function setUp() {
+		$drv = Test\User\DriverInternalMock::class;
+		$conf = new Conf();
+		$conf->userDriver = $drv;
+		$conf->userAuthPreferHTTP = true;
+		$this->data = new Test\RuntimeData($conf);
+		$this->data->user = new User($this->data);
+		$this->data->user->authorizationEnabled(false);
+		$users = [
+			'user@example.com' => User\Driver::RIGHTS_NONE,
+			'user@example.org' => User\Driver::RIGHTS_NONE,
+			'dman@example.com' => User\Driver::RIGHTS_DOMAIN_MANAGER,
+			'dman@example.org' => User\Driver::RIGHTS_DOMAIN_MANAGER,
+			'dadm@example.com' => User\Driver::RIGHTS_DOMAIN_ADMIN,
+			'dadm@example.org' => User\Driver::RIGHTS_DOMAIN_ADMIN,
+			'gman@example.com' => User\Driver::RIGHTS_GLOBAL_MANAGER,
+			'gman@example.org' => User\Driver::RIGHTS_GLOBAL_MANAGER,
+			'gadm@example.com' => User\Driver::RIGHTS_GLOBAL_ADMIN,
+			'gadm@example.org' => User\Driver::RIGHTS_GLOBAL_ADMIN,
+		];
+		foreach($users as $user => $level) {
+			$this->data->user->add($user, "");
+			$this->data->user->rightsSet($user, $level);
+		}
+		$this->data->user->authorizationEnabled(true);
+	}
+
+	function testRegularUserActingOnSelf() {
+		$u = "user@example.com";
+		$this->data->user->auth($u, "");
+		$this->data->user->remove($u);
+		$this->assertFalse($this->data->user->exists($u));
+	}
+}

tests/lib/User/DriverInternalMock.php

@@ -43,6 +43,7 @@ class DriverInternalMock extends Database implements Driver {
 
     function auth(string $user, string $password): bool {
         if(!$this->userExists($user)) return false;
+        if($password==="" && $this->db[$user]['password']==="") return true;
         if(password_verify($password, $this->db[$user]['password'])) return true;
         return false;
     }

tests/lib/User/DriverSkeleton.php

@@ -18,7 +18,7 @@ abstract class DriverSkeleton {
 
     function userAdd(string $user, string $password = null): string {
         $u = [
-            'password' => $password ? password_hash($password, \PASSWORD_DEFAULT) : null,
+            'password' => $password ? password_hash($password, \PASSWORD_DEFAULT) : "",
             'rights'   => Driver::RIGHTS_NONE,
         ];
         $this->db[$user] = $u;

tests/phpunit.xml

@@ -24,6 +24,7 @@
 <testsuite name="User management">
     <file>User/TestUser.php</file>
     <file>User/TestUserExternal.php</file>
+    <file>User/TestAuthorization.php</file>
 </testsuite>
 
 </phpunit>