diff --git a/resources/user_resource.inc b/resources/user_resource.inc index 09959ef..40c9401 100644 --- a/resources/user_resource.inc +++ b/resources/user_resource.inc @@ -600,13 +600,13 @@ function _user_resource_resend_welcome_email($uid) { $user_register = variable_get('user_register', 2); switch ($user_register) { - case 0: + case USER_REGISTER_ADMINISTRATORS_ONLY: $op = 'register_admin_created'; break; - case 1: + case USER_REGISTER_VISITORS: $op = 'register_no_approval_required'; break; - case 2: + case USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL: $op = 'register_pending_approval'; } @@ -688,13 +688,11 @@ function _user_resource_access($op = 'view', $args = array()) { else { return user_access('administer users'); } - case 'delete': - return user_access('administer users'); case 'password_reset': return TRUE; - case 'resend_welcome_email': - return user_access('administer users'); + case 'delete': case 'cancel': + case 'resend_welcome_email': return user_access('administer users'); } } diff --git a/tests/functional/ServicesResourceUserTests.test b/tests/functional/ServicesResourceUserTests.test index 231158b..e00d710 100644 --- a/tests/functional/ServicesResourceUserTests.test +++ b/tests/functional/ServicesResourceUserTests.test @@ -246,6 +246,19 @@ class ServicesResourceUsertests extends ServicesWebtestCase { } /** + * Test cant cancel user 1. + */ + function testCancelAdmin() { + // Cancel user. + $response = $this->servicesPost($this->endpoint->path . '/user/1/cancel'); + $this->assertEqual($response['code'], 403, + 'Services successfully blocked cancel of user 1', 'UserResource: Cancel'); + + $user_load = user_load(1); + $this->assertTrue(!empty($user_load), 'User 1 still exits and has not deleted, as this is not allowed.', 'UserResource: Cancel'); + } + + /** * Test password_reset method. */ function testPasswordReset() {