public function testgetItemsForPostonly()
{
// init session for postonly
$res = $this->doHttpRequest('GET', 'initSession/', ['auth' => ['post-only', 'postonly']]);
$body = $res->getBody();
$data = json_decode($body, true);
// create a ticket for another user (glpi - super-admin)
$ticket = new Ticket();
$tickets_id = $ticket->add(array('name' => 'test post-only', 'content' => 'test post-only', '_users_id_requester' => 2));
// try to access this ticket with post-only
try {
$res = $this->doHttpRequest('GET', "ticket/{$tickets_id}", ['headers' => ['Session-Token' => $data['session_token']]]);
$this->assertGreaterThanOrEqual(400, $res->getStatusCode());
} catch (ClientException $e) {
$response = $e->getResponse();
$this->assertEquals(401, $this->last_error->getStatusCode());
}
// try to access ticket list (we should get empty return)
$res = $this->doHttpRequest('GET', 'ticket/', ['headers' => ['Session-Token' => $data['session_token']]]);
$this->assertNotEquals(null, $res, $this->last_error);
$this->assertEquals(200, $res->getStatusCode());
$body = $res->getBody();
$data = json_decode($body, true);
$this->assertEquals(0, count($data));
// delete ticket
$ticket->delete(array('id' => $tickets_id), true);
}
