N°8534 - Prevent Admin, SuperUser from loose of rights (#774)

* N°8534 - Prevent Admin & SuperUser from suicide Prevent creation/modification of Administrator, SuperUser, REST User, combined with a Profile denying access to the backoffice
2026-03-02 07:34:13 +01:00 · 2025-11-17 14:17:18 +01:00
parent b8345de553
commit 53de040934
21 changed files with 201 additions and 88 deletions
--- a/tests/php-unit-tests/src/BaseTestCase/ItopDataTestCase.php
+++ b/tests/php-unit-tests/src/BaseTestCase/ItopDataTestCase.php
@@ -650,6 +650,31 @@ abstract class ItopDataTestCase extends ItopTestCase
 		return $oUser;
 	}

+	/**
+	 * @param \DBObject $oUser
+	 * @param int $iProfileId
+	 *
+	 * @return \DBObject
+	 * @throws Exception
+	 */
+	protected function RemoveProfileFromUser($oUser, $iProfileId)
+	{
+		/** @var \ormLinkSet $oSet */
+		$oSet = $oUser->Get('profile_list');
+		foreach ($oSet as $oUserProfile)
+		{
+			if ($oUserProfile->Get('profileid') == $iProfileId)
+			{
+				$oSet->RemoveItem($oUserProfile->GetKey());
+				break;
+			}
+		}
+		$oUser = $this->updateObject(User::class, $oUser->GetKey(), array(
+			'profile_list' => $oSet,
+		));
+		return $oUser;
+	}
+
 	/**
 	 * Create a Hypervisor in database
 	 *