Merge pull request #6688 from marc1706/ticket/14454

[ticket/14454] Handle special case of testing user permissions in ACP modules
2025-06-07 20:08:53 +00:00 · 2024-07-28 20:37:34 +02:00 · 2024-07-28 20:37:34 +02:00 · 28cf33eb2f
commit 28cf33eb2f
parent cf47bed67e 13e6cd5992
2 changed files with 79 additions and 1 deletions
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@ -480,7 +480,7 @@ class p_master
 	*/
 	function set_active($id = false, $mode = false)
 	{
-		global $request;
+		global $auth, $request, $user;

 		$icat = false;
 		$this->active_module = false;
@ -502,6 +502,14 @@ class p_master
 			$id = $this->p_class . '_' . $id;
 		}

+		// Fallback to acp main page for special restore permission mode
+		if ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm'))
+		{
+			$id = '';
+			$mode = '';
+			$icat = false;
+		}
+
 		$category = false;
 		foreach ($this->module_ary as $row_id => $item_ary)
 		{
--- a/tests/functional/switch_permissions_test.php
+++ b/tests/functional/switch_permissions_test.php
@ -0,0 +1,70 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+/**
+ * @group functional
+ */
+class phpbb_functional_switch_permissions_test extends phpbb_functional_test_case
+{
+	private const TEST_USER = 'switch-permissions-test';
+
+	protected function setUp(): void
+	{
+		parent::setUp();
+
+		$this->login();
+		$this->admin_login();
+
+		$this->add_lang(['common', 'ucp']);
+	}
+
+	public function test_switch_permissions()
+	{
+		$user_id = $this->create_user(self::TEST_USER);
+
+		// Open user administration page for new user
+		$crawler = self::request('GET', "adm/index.php?i=users&mode=overview&u={$user_id}&sid={$this->sid}");
+
+		// Use permissions
+		$link = $crawler->selectLink($this->lang('USE_PERMISSIONS'))->link();
+		$crawler = self::$client->click($link);
+
+		// Check that we switched permissions to test user
+		$this->assertStringContainsString(
+			str_replace('<br />', '<br>', $this->lang('PERMISSIONS_TRANSFERRED', self::TEST_USER)),
+			$crawler->html()
+		);
+
+		// Check that ACP pages get forced to acp main with restore permission info
+		$this->add_lang('acp/common');
+		$crawler = self::request('GET', "adm/index.php?i=users&mode=overview&u={$user_id}&sid={$this->sid}");
+		$this->assertStringContainsString(
+			$this->lang('PERMISSIONS_TRANSFERRED'),
+			$crawler->text()
+		);
+
+		// Check that restore permissions link exists
+		$crawler = self::$client->request('GET', '../index.php?sid=' . $this->sid);
+		$this->assertStringContainsString(
+			$this->lang('RESTORE_PERMISSIONS'),
+			$crawler->text()
+		);
+
+		// Check that restore permissions works
+		$crawler = self::$client->request('GET', 'ucp.php?mode=restore_perm&sid=' . $this->sid);
+		$this->assertStringContainsString(
+			$this->lang('PERMISSIONS_RESTORED'),
+			$crawler->text()
+		);
+	}
+}