From 4f56ecbf9229ff893b58cf34012a9646a06f91c0 Mon Sep 17 00:00:00 2001
From: Adrian Lang <lang@cosmocode.de>
Date: Tue, 21 Dec 2010 13:20:10 +0100
Subject: [PATCH] Fix handling of case in auth_isMember; add and fix test cases

---
 _test/cases/inc/auth_admincheck.test.php | 78 +++++++++++++++++++++++-
 inc/auth.php                             |  4 +-
 2 files changed, 77 insertions(+), 5 deletions(-)

diff --git a/_test/cases/inc/auth_admincheck.test.php b/_test/cases/inc/auth_admincheck.test.php
index 01dd38df7..a71c8801a 100644
--- a/_test/cases/inc/auth_admincheck.test.php
+++ b/_test/cases/inc/auth_admincheck.test.php
@@ -3,17 +3,44 @@
 require_once DOKU_INC.'inc/init.php';
 require_once DOKU_INC.'inc/auth.php';
 
+class auth_admin_test_AuthInSensitive extends auth_basic {
+    function isCaseSensitive(){
+        return false;
+    }
+}
+
 class auth_admin_test extends UnitTestCase {
 
+    private $oldauth;
+
+    function setup() {
+        global $auth;
+        $this->oldauth = $auth;
+        parent::setup();
+    }
+
+    function setSensitive() {
+        global $auth;
+        $auth = new auth_basic;
+    }
+
+    function setInSensitive() {
+        global $auth;
+        $auth = new auth_admin_test_AuthInSensitive;
+    }
+
     function teardown() {
+        global $auth;
         global $conf;
         global $AUTH_ACL;
         unset($conf);
         unset($AUTH_ACL);
-
+        $auth = $this->oldauth;
+        parent::teardown();
     }
 
-    function test_ismanager(){
+    function test_ismanager_insensitive(){
+        $this->setInSensitive();
         global $conf;
         $conf['superuser'] = 'john,@admin,@Mötly Görls, Dörte';
         $conf['manager'] = 'john,@managers,doe, @Mötly Böys, Dänny';
@@ -36,7 +63,8 @@ class auth_admin_test extends UnitTestCase {
         $this->assertEqual(auth_ismanager('jill', array('mötly böys'),false), true);
     }
 
-    function test_isadmin(){
+    function test_isadmin_insensitive(){
+        $this->setInSensitive();
         global $conf;
         $conf['superuser'] = 'john,@admin,doe,@roots';
 
@@ -54,6 +82,50 @@ class auth_admin_test extends UnitTestCase {
         $this->assertEqual(auth_ismanager('doe',  array('admin'),true), true);
     }
 
+    function test_ismanager_sensitive(){
+        $this->setSensitive();
+        global $conf;
+        $conf['superuser'] = 'john,@admin,@Mötly Görls, Dörte';
+        $conf['manager'] = 'john,@managers,doe, @Mötly Böys, Dänny';
+
+        // anonymous user
+        $this->assertEqual(auth_ismanager('jill', null,false), false);
+
+        // admin or manager users
+        $this->assertEqual(auth_ismanager('john', null,false), true);
+        $this->assertEqual(auth_ismanager('doe',  null,false), true);
+
+        $this->assertEqual(auth_ismanager('dörte', null,false), false);
+        $this->assertEqual(auth_ismanager('dänny', null,false), false);
+
+        // admin or manager groups
+        $this->assertEqual(auth_ismanager('jill', array('admin'),false), true);
+        $this->assertEqual(auth_ismanager('jill', array('managers'),false), true);
+
+        $this->assertEqual(auth_ismanager('jill', array('mötly görls'),false), false);
+        $this->assertEqual(auth_ismanager('jill', array('mötly böys'),false), false);
+    }
+
+    function test_isadmin_sensitive(){
+        $this->setSensitive();
+        global $conf;
+        $conf['superuser'] = 'john,@admin,doe,@roots';
+
+        // anonymous user
+        $this->assertEqual(auth_ismanager('jill', null,true), false);
+
+        // admin user
+        $this->assertEqual(auth_ismanager('john', null,true), true);
+        $this->assertEqual(auth_ismanager('Doe',  null,true), false);
+
+        // admin groups
+        $this->assertEqual(auth_ismanager('jill', array('admin'),true), true);
+        $this->assertEqual(auth_ismanager('jill', array('roots'),true), true);
+        $this->assertEqual(auth_ismanager('john', array('admin'),true), true);
+        $this->assertEqual(auth_ismanager('doe',  array('admin'),true), true);
+        $this->assertEqual(auth_ismanager('Doe',  array('admin'),true), true);
+    }
+
 }
 
 //Setup VIM: ex: et ts=4 :
diff --git a/inc/auth.php b/inc/auth.php
index fd2a9c66d..b3c20e6b9 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -415,7 +415,7 @@ function auth_isMember($memberlist,$user,array $groups){
     if (!$auth) return false;
 
     // clean user and groups
-    if($auth->isCaseSensitive()){
+    if(!$auth->isCaseSensitive()){
         $user = utf8_strtolower($user);
         $groups = array_map('utf8_strtolower',$groups);
     }
@@ -430,7 +430,7 @@ function auth_isMember($memberlist,$user,array $groups){
 
     // compare cleaned values
     foreach($members as $member){
-        if($auth->isCaseSensitive()) $member = utf8_strtolower($member);
+        if(!$auth->isCaseSensitive()) $member = utf8_strtolower($member);
         if($member[0] == '@'){
             $member = $auth->cleanGroup(substr($member,1));
             if(in_array($member, $groups)) return true;
-- 
GitLab