updated Tests

6 years ago · a29a6d61d4
25 changed files with 605 additions and 299 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -1,12 +1,20 @@
-; top-most EditorConfig file
-root = true
-
-; Unix-style newlines
-[*]
-end_of_line = lf
-
-[*.php]
-indent_style = tab
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true
+; top-most EditorConfig file
+root = true
+
+; Unix-style newlines
+[*]
+end_of_line = lf
+
+[*.php]
+indent_style = tab
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+
+[*.rst]
+indent_style = space
+charset = utf-8
+indent_size = 4
+trim_trailing_whitespace = true
+insert_final_newline = true
--- a/.gitignore
+++ b/.gitignore
@ -14,6 +14,7 @@
 /tests/README.md
 /vendor/
 /writable/
+/user_guide_src/build/

 /app/index.html
 /app/.htaccess
--- a/app/Config/Aauth.php
+++ b/app/Config/Aauth.php
@ -38,6 +38,10 @@ class Aauth extends BaseConfig
 	|
 	|	If user don't have permission to see the page he will be redirected
 	|	the page specified.
+	|	Available Options:
+	|       - false (control() returns booleans)
+	|       - 'error' (control() throws an error)
+	|       - any uri/url string (control() redirect to set value)
 	|	(default: false)
 	|
 	| 'linkResetPassword'
--- a/app/Database/Migrations/20181031065240_create_perm_to_group.php
+++ b/app/Database/Migrations/20181031065240_create_perm_to_group.php
@ -54,7 +54,7 @@ class Migration_create_perm_to_group extends Migration
 				'default'    => 1,
 			],
 		]);
-		$this->forge->addKey(['perm_id', 'user_id'], true);
+		$this->forge->addKey(['perm_id', 'group_id'], true);
 		$this->forge->createTable($config->dbTablePermToGroup, true);
 	}

--- a/app/Helpers/aauth_helper.php
+++ b/app/Helpers/aauth_helper.php
@ -65,6 +65,20 @@ if (! function_exists('is_allowed'))
 	}
 }

+if (! function_exists('is_denied'))
+{
+	/**
+	 * Is denied
+	 *
+	 * @return boolean
+	 */
+	function is_denied($permPar, $userId)
+	{
+		$aauth = new Aauth();
+		return $aauth->isDenied($permPar, $userId);
+	}
+}
+
 if (! function_exists('get_subgroups'))
 {
 	/**
--- a/app/Language/en/Admin.php
+++ b/app/Language/en/Admin.php
@ -52,6 +52,8 @@ return [
   'usersLabelBanned'             => 'Banned',
   'usersLabelGroups'             => 'Groups',
   'usersLabelPerms'              => 'Perms',
+   'usersLabelAllow'              => 'Allow',
+   'usersLabelDeny'               => 'Deny',
   'usersLabelCreatedAt'          => 'Created at',
   'usersLabelUpdatedAt'          => 'Updated at',
   'usersLabelLastIPAddress'      => 'Last IP-Address',
@ -74,6 +76,8 @@ return [
   'groupsLabelDefinition'        => 'Definition',
   'groupsLabelSubGroups'         => 'Sub-Groups',
   'groupsLabelPerms'             => 'Perms',
+   'groupsLabelAllow'             => 'Allow',
+   'groupsLabelDeny'              => 'Deny',
   'groupsLabelNameCurrent'       => 'Current Name',
   'groupsLabelDefinitionCurrent' => 'Current Definition',
   'groupsLabelCreatedAt'         => 'Created at',
--- a/app/Libraries/Aauth.php
+++ b/app/Libraries/Aauth.php
--- a/app/Libraries/Aauth/CAPTCHA.php
+++ b/app/Libraries/Aauth/CAPTCHA.php
@ -18,8 +18,6 @@

 namespace App\Libraries\Aauth;

-use \App\Models\Aauth\LoginAttemptModel;
-
 /**
 * Aauth CAPTCHA
 *
@ -39,7 +37,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	 *
 	 * @return array
 	 */
-	public function verifyCaptchaResponse($response)
+	public function verifyCaptchaResponse(string $response)
 	{
 		if ($response === null || strlen($response) === 0)
 		{
@ -129,7 +127,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	 */
 	public function isCaptchaRequired()
 	{
-		$loginAttemptModel = new LoginAttemptModel();
+		$loginAttemptModel = $this->getModel('LoginAttempt');

 		return $loginAttemptModel->find() >= $this->config->captchaLoginAttempts;
 	}
@ -144,7 +142,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	 *
 	 * @return string
 	 */
-	private function _submitGet($url, $data)
+	private function _submitGet(string $url, array $data)
 	{
 		$client   = \Config\Services::curlrequest();
 		$response = $client->request('GET', $url, [
@ -164,7 +162,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	 *
 	 * @return string
 	 */
-	private function _submitPost($url, $data)
+	private function _submitPost(string $url, array $data)
 	{
 		$client   = \Config\Services::curlrequest();
 		$response = $client->request('POST', $url, [
--- a/app/Libraries/Aauth/TOTP.php
+++ b/app/Libraries/Aauth/TOTP.php
@ -18,8 +18,6 @@

 namespace App\Libraries\Aauth;

-use \App\Models\Aauth\UserVariableModel;
-
 use OTPHP\TOTP as OTPHP_TOTP;

 /**
@ -46,7 +44,7 @@ class TOTP extends \App\Libraries\Aauth
 			$userId = (int) @$this->session->user['id'];
 		}

-		$userVariableModel = new UserVariableModel();
+		$userVariableModel = $this->getModel('UserVariable');

 		return $userVariableModel->save($userId, 'totp_secret', $secret, true);
 	}
@ -60,7 +58,7 @@ class TOTP extends \App\Libraries\Aauth
 	{
 		$endSecret = false;

-		$userVariableModel = new UserVariableModel();
+		$userVariableModel = $this->getModel('UserVariable');

 		while (! $endSecret)
 		{
@ -81,6 +79,7 @@ class TOTP extends \App\Libraries\Aauth
 	 * Generate TOTP QR Code URI by Secret
 	 *
 	 * @param string $secret Secret Key
+	 * @param string $label  Label
 	 *
 	 * @return string
 	 */
@ -107,7 +106,7 @@ class TOTP extends \App\Libraries\Aauth
 			$userId = (int) @$this->session->user['id'];
 		}

-		$userVariableModel = new UserVariableModel();
+		$userVariableModel = $this->getModel('UserVariable');

 		if ($totpSecret = $userVariableModel->find($userId, 'totp_secret', true))
 		{
--- a/app/Models/Aauth/GroupToGroupModel.php
+++ b/app/Models/Aauth/GroupToGroupModel.php
@ -156,9 +156,7 @@ class GroupToGroupModel
 		$data['group_id']    = $groupId;
 		$data['subgroup_id'] = $subgroupId;

-		$builder->insert($data);
-
-		return true;
+		return (bool) $builder->insert($data)->resultID;
 	}

 	/**
@ -174,9 +172,8 @@ class GroupToGroupModel
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
 		$builder->where('subgroup_id', $subgroupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -190,9 +187,8 @@ class GroupToGroupModel
 	{
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -206,9 +202,8 @@ class GroupToGroupModel
 	{
 		$builder = $this->builder();
 		$builder->where('subgroup_id', $subgroupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
--- a/app/Models/Aauth/GroupToUserModel.php
+++ b/app/Models/Aauth/GroupToUserModel.php
@ -137,6 +137,7 @@ class GroupToUserModel

 		$builder->where('group_id', $groupId);
 		$builder->where('user_id', $userId);
+
 		return ($builder->countAllResults() ? true : false);
 	}

@ -155,9 +156,7 @@ class GroupToUserModel
 		$data['group_id'] = $groupId;
 		$data['user_id']  = $userId;

-		$builder->insert($data);
-
-		return true;
+		return (bool) $builder->insert($data)->resultID;
 	}

 	/**
@ -173,9 +172,8 @@ class GroupToUserModel
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
 		$builder->where('user_id', $userId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -189,9 +187,8 @@ class GroupToUserModel
 	{
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -205,9 +202,8 @@ class GroupToUserModel
 	{
 		$builder = $this->builder();
 		$builder->where('user_id', $userId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
--- a/app/Models/Aauth/GroupVariableModel.php
+++ b/app/Models/Aauth/GroupVariableModel.php
@ -205,9 +205,7 @@ class GroupVariableModel
 		$data['created_at'] = date('Y-m-d H:i:s');
 		$data['updated_at'] = date('Y-m-d H:i:s');

-		$builder->insert($data);
-
-		return true;
+		return $builder->insert($data)->resultID;
 	}

 	/**
@ -248,9 +246,8 @@ class GroupVariableModel
 		$builder->where('group_id', $groupId);
 		$builder->where('data_key', $dataKey);
 		$builder->where('system', ($system ? 1 : 0));
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -264,9 +261,8 @@ class GroupVariableModel
 	{
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	//--------------------------------------------------------------------
--- a/app/Models/Aauth/LoginTokenModel.php
+++ b/app/Models/Aauth/LoginTokenModel.php
@ -92,7 +92,7 @@ class LoginTokenModel
 	}

 	/**
-	 * Get all Login Tokens by User ID
+	 * Find all Login Tokens by User ID
 	 *
 	 * @param integer $userId User id
 	 *
@ -108,7 +108,7 @@ class LoginTokenModel
 	}

 	/**
-	 * Updates Login Token
+	 * Insert Login Token
 	 *
 	 * @param array $data Array with data
 	 *
@ -122,17 +122,15 @@ class LoginTokenModel
 		$data['expires_at'] = date('Y-m-d H:i:s', strtotime($this->config->loginRemember));
 		$data['updated_at'] = date('Y-m-d H:i:s');

-		$builder->insert($data);
-
-		return true;
+		return $builder->insert($data)->resultID;
 	}

 	/**
-	 * Updates Login Token by tokenId
+	 * Update Login Token by tokenId
 	 *
 	 * @param integer $tokenId Login Token id
 	 *
-	 * @return BaseBuilder
+	 * @return boolean
 	 */
 	public function update(int $tokenId)
 	{
@ -157,9 +155,8 @@ class LoginTokenModel
 		$builder = $this->builder();
 		$builder->where('user_id', $userId);
 		$builder->where('expires_at <', date('Y-m-d H:i:s'));
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -173,9 +170,8 @@ class LoginTokenModel
 	{
 		$builder = $this->builder();
 		$builder->where('user_id', $userId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
--- a/app/Models/Aauth/PermModel.php
+++ b/app/Models/Aauth/PermModel.php
@ -103,7 +103,7 @@ class PermModel extends Model
 	 *
 	 * @param string $name Perm name
 	 *
-	 * @return boolean
+	 * @return string|boolean
 	 */
 	public function getByName(string $name)
 	{
--- a/app/Models/Aauth/PermToGroupModel.php
+++ b/app/Models/Aauth/PermToGroupModel.php
@ -194,16 +194,29 @@ class PermToGroupModel
 			$data['group_id'] = $groupId;
 			$data['state']    = $state;

-			$builder->insert($data);
+			return $builder->insert($data)->resultID;
 		}
-		else
-		{
-			$data['state'] = $state;

-			$builder->update($data, ['perm_id' => $permId, 'group_id' => $groupId]);
-		}
+		$data['state'] = $state;
+
+		return $builder->update($data, ['perm_id' => $permId, 'group_id' => $groupId]);
+	}
+
+	/**
+	 * Deletes by Perm Id and Group Id
+	 *
+	 * @param integer $permId  Perm Id
+	 * @param integer $groupId Group Id
+	 *
+	 * @return boolean
+	 */
+	public function delete(int $permId, int $groupId)
+	{
+		$builder = $this->builder();
+		$builder->where('perm_id', $permId);
+		$builder->where('group_id', $groupId);

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -217,9 +230,8 @@ class PermToGroupModel
 	{
 		$builder = $this->builder();
 		$builder->where('perm_id', $permId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -233,9 +245,8 @@ class PermToGroupModel
 	{
 		$builder = $this->builder();
 		$builder->where('group_id', $groupId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
--- a/app/Models/Aauth/PermToUserModel.php
+++ b/app/Models/Aauth/PermToUserModel.php
@ -92,10 +92,10 @@ class PermToUserModel
 	}

 	/**
-	 * Get all Perm Ids by User Id
+	 * Get all Perm Ids by User Id and optional State
 	 *
 	 * @param integer      $userId User Id
-	 * @param integer|null $state  State (0 = denied, 1 = allowed)
+	 * @param integer|null $state  Optional State (0 = denied, 1 = allowed)
 	 *
 	 * @return array|null
 	 */
@ -194,16 +194,29 @@ class PermToUserModel
 			$data['user_id'] = $userId;
 			$data['state']   = $state;

-			$builder->insert($data);
+			return $builder->insert($data)->resultID;
 		}
-		else
-		{
-			$data['state'] = $state;

-			$builder->update($data, ['perm_id' => $permId, 'user_id' => $userId]);
-		}
+		$data['state'] = $state;
+
+		return $builder->update($data, ['perm_id' => $permId, 'user_id' => $userId]);
+	}
+
+	/**
+	 * Deletes by Perm Id and User Id
+	 *
+	 * @param integer $permId Perm Id
+	 * @param integer $userId User Id
+	 *
+	 * @return boolean
+	 */
+	public function delete(int $permId, int $userId)
+	{
+		$builder = $this->builder();
+		$builder->where('perm_id', $permId);
+		$builder->where('user_id', $userId);

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -217,9 +230,8 @@ class PermToUserModel
 	{
 		$builder = $this->builder();
 		$builder->where('perm_id', $permId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -233,9 +245,8 @@ class PermToUserModel
 	{
 		$builder = $this->builder();
 		$builder->where('user_id', $userId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
--- a/app/Models/Aauth/UserModel.php
+++ b/app/Models/Aauth/UserModel.php
@ -207,12 +207,7 @@ class UserModel extends Model
 		$builder->where($this->primaryKey, $userId);
 		$builder->where('banned', 1);

-		if ($builder->get()->getFirstRow())
-		{
-			return true;
-		}
-
-		return false;
+		return ($builder->countAllResults() ? true : false);
 	}

 	/**
@ -232,6 +227,7 @@ class UserModel extends Model
 		}

 		$builder->where($this->primaryKey, $userId);
+
 		return ($builder->countAllResults() ? true : false);
 	}

--- a/app/Models/Aauth/UserSessionModel.php
+++ b/app/Models/Aauth/UserSessionModel.php
@ -110,10 +110,7 @@ class UserSessionModel
 	/**
 	 * Find all active user sessions
 	 *
-	 * @param integer $userId User id
-	 * @param boolean $system Whether system variable
-	 *
-	 * @return object
+	 * @return array
 	 */
 	public function findAll()
 	{
@ -128,17 +125,16 @@ class UserSessionModel
 	/**
 	 * Delete User Session
 	 *
-	 * @param integer $id Session id
+	 * @param string $id Session id
 	 *
 	 * @return boolean
 	 */
-	public function delete($id)
+	public function delete(string $id)
 	{
 		$builder = $this->builder();
 		$builder->where('id', $id);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	//--------------------------------------------------------------------
@ -148,7 +144,7 @@ class UserSessionModel
 	/**
 	 * Sets the return type of the results to be as an associative array.
 	 *
-	 * @return Model
+	 * @return UserSessionModel
 	 */
 	public function asArray()
 	{
@ -165,7 +161,7 @@ class UserSessionModel
 	 *
 	 * @param string $class Class
 	 *
-	 * @return Model
+	 * @return UserSessionModel
 	 */
 	public function asObject(string $class = 'object')
 	{
@ -220,7 +216,7 @@ class UserSessionModel
 	 * @param string $name   Name
 	 * @param array  $params Params
 	 *
-	 * @return Model|null
+	 * @return UserSessionModel|null
 	 */
 	public function __call(string $name, array $params)
 	{
--- a/app/Models/Aauth/UserVariableModel.php
+++ b/app/Models/Aauth/UserVariableModel.php
@ -142,7 +142,7 @@ class UserVariableModel
 	 * @param integer $userId User id
 	 * @param boolean $system Whether system variable
 	 *
-	 * @return object
+	 * @return array
 	 */
 	public function findAll(int $userId, bool $system = null)
 	{
@ -163,7 +163,7 @@ class UserVariableModel
 	 * @param string  $dataValue Value of variable
 	 * @param boolean $system    Whether system variable
 	 *
-	 * @return BaseBuilder
+	 * @return boolean
 	 */
 	public function save(int $userId, string $dataKey, string $dataValue, bool $system = null)
 	{
@ -174,14 +174,10 @@ class UserVariableModel

 		if ($builder->countAllResults())
 		{
-			$response = $this->update($userId, $dataKey, $dataValue, $system);
-		}
-		else
-		{
-			$response = $this->insert($userId, $dataKey, $dataValue, $system);
+			return $this->update($userId, $dataKey, $dataValue, $system);
 		}

-		return $response;
+		return $this->insert($userId, $dataKey, $dataValue, $system);
 	}

 	/**
@ -205,9 +201,7 @@ class UserVariableModel
 		$data['created_at'] = date('Y-m-d H:i:s');
 		$data['updated_at'] = date('Y-m-d H:i:s');

-		$builder->insert($data);
-
-		return true;
+		return $builder->insert($data)->resultID;
 	}

 	/**
@ -248,9 +242,8 @@ class UserVariableModel
 		$builder->where('user_id', $userId);
 		$builder->where('data_key', $dataKey);
 		$builder->where('system', ($system ? 1 : 0));
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	/**
@ -264,9 +257,8 @@ class UserVariableModel
 	{
 		$builder = $this->builder();
 		$builder->where('user_id', $userId);
-		$builder->delete();

-		return true;
+		return $builder->delete()->resultID;
 	}

 	//--------------------------------------------------------------------
--- a/tests/Aauth/Database/PermToGroupModelTest.php
+++ b/tests/Aauth/Database/PermToGroupModelTest.php
@ -90,6 +90,21 @@ class PermToGroupModelTest extends CIDatabaseTestCase
 		$this->assertCount(1, $permToGroups);
 	}

+	public function testDelete()
+	{
+		$this->hasInDatabase($this->config->dbTablePermToGroup, [
+			'perm_id'  => 99,
+			'group_id' => 99,
+		]);
+		$criteria = [
+			'perm_id'  => 99,
+			'group_id' => 99,
+		];
+		$this->seeNumRecords(1, $this->config->dbTablePermToGroup, $criteria);
+		$this->model->delete(99, 99);
+		$this->seeNumRecords(0, $this->config->dbTablePermToGroup, $criteria);
+	}
+
 	public function testDeleteAllByPermId()
 	{
 		$this->hasInDatabase($this->config->dbTablePermToGroup, [
--- a/tests/Aauth/Database/PermToUserModelTest.php
+++ b/tests/Aauth/Database/PermToUserModelTest.php
@ -90,6 +90,21 @@ class PermToUserModelTest extends CIDatabaseTestCase
 		$this->assertCount(1, $permToUsers);
 	}

+	public function testDelete()
+	{
+		$this->hasInDatabase($this->config->dbTablePermToUser, [
+			'perm_id' => 99,
+			'user_id' => 99,
+		]);
+		$criteria = [
+			'perm_id' => 99,
+			'user_id' => 99,
+		];
+		$this->seeNumRecords(1, $this->config->dbTablePermToUser, $criteria);
+		$this->model->delete(99, 99);
+		$this->seeNumRecords(0, $this->config->dbTablePermToUser, $criteria);
+	}
+
 	public function testDeleteAllByPermId()
 	{
 		$this->hasInDatabase($this->config->dbTablePermToUser, [
--- a/tests/Aauth/Libraries/Aauth/AccessTest.php
+++ b/tests/Aauth/Libraries/Aauth/AccessTest.php
@ -98,6 +98,8 @@ class AccessTest extends CIDatabaseTestCase
 			'loggedIn' => true,
 		]);
 		$this->assertTrue($this->library->isMember($config->groupDefault));
+
+		$this->assertFalse($this->library->isMember('not_existing_group'));
 		$session->remove('user');
 	}

@ -168,13 +170,108 @@ class AccessTest extends CIDatabaseTestCase
 			'loggedIn'      => true,
 			'totp_required' => true,
 		]);
-		$this->assertTrue($this->library->isAllowed('testPerm1') instanceof \CodeIgniter\HTTP\RedirectResponse);
+
+		$this->assertTrue($this->library->isAllowed('testPerm1') instanceof \Tests\Support\HTTP\MockResponse);
 		$session->remove('user');

 		$this->assertFalse($this->library->isAllowed('testPerm99', 2));
 		$this->assertFalse($this->library->isAllowed('testPerm1', 99));
 	}

+	/**
+	 * @runInSeparateProcess
+	 * @preserveGlobalState  disabled
+	 */
+	public function testControl()
+	{
+		$config = new AauthConfig();
+		$this->hasInDatabase($config->dbTablePerms, [
+			'id'         => 1,
+			'name'       => 'testPerm1',
+			'definition' => 'Test Perm 1',
+		]);
+
+		$session       = $this->getInstance();
+		$this->library = new Aauth(null, $session);
+
+		$session->set('user', [
+			'id'       => 1,
+			'loggedIn' => true,
+		]);
+		$this->assertTrue($this->library->control('testPerm1'));
+		$session->remove('user');
+
+		$config->linkNoPermission = '/noAccess';
+		$session                  = $this->getInstance();
+		$this->library            = new Aauth($config, $session);
+		$session->set('user', [
+			'id'       => 2,
+			'loggedIn' => true,
+		]);
+		$this->assertTrue($this->library->control('testPerm1') instanceof \Tests\Support\HTTP\MockResponse);
+		$session->remove('user');
+
+		$session             = $this->getInstance();
+		$config->totpEnabled = true;
+		$this->library       = new Aauth($config, $session);
+		$session->set('user', [
+			'id'            => 2,
+			'loggedIn'      => true,
+			'totp_required' => true,
+		]);
+
+		$this->assertTrue($this->library->control('testPerm1') instanceof \Tests\Support\HTTP\MockResponse);
+		$session->remove('user');
+
+		$session       = $this->getInstance();
+		$this->library = new Aauth(null, $session);
+		$this->assertFalse($this->library->control('testPerm1'));
+		$this->assertFalse($this->library->control());
+
+		$config                   = new AauthConfig();
+		$config->linkNoPermission = '/noAccess';
+		$this->library            = new Aauth($config, $session);
+		$this->assertTrue($this->library->control() instanceof \Tests\Support\HTTP\MockResponse);
+	}
+
+	/**
+	 * @runInSeparateProcess
+	 * @preserveGlobalState  disabled
+	 */
+	public function testControlErrorNoPerm($value = '')
+	{
+		$session = $this->getInstance();
+		$config  = new AauthConfig();
+
+		$config->linkNoPermission = 'error';
+
+		$this->library = new Aauth($config, $session);
+		$this->expectException('ErrorException');
+		$this->assertFalse($this->library->control());
+	}
+
+	/**
+	 * @runInSeparateProcess
+	 * @preserveGlobalState  disabled
+	 */
+	public function testControlErrorPermDenied($value = '')
+	{
+		$session = $this->getInstance();
+		$config  = new AauthConfig();
+
+		$this->hasInDatabase($config->dbTablePerms, [
+			'id'         => 1,
+			'name'       => 'testPerm1',
+			'definition' => 'Test Perm 1',
+		]);
+
+		$config->linkNoPermission = 'error';
+
+		$this->library = new Aauth($config, $session);
+		$this->expectException('ErrorException');
+		$this->assertFalse($this->library->control('testPerm1'));
+	}
+
 	/**
 	 * @runInSeparateProcess
 	 * @preserveGlobalState  disabled
--- a/tests/Aauth/Libraries/Aauth/CallTest.php
+++ b/tests/Aauth/Libraries/Aauth/CallTest.php
@ -1,21 +0,0 @@
-<?php namespace Tests\Aauth\Libraries\Aauth;
-
-use App\Libraries\Aauth;
-
-class CallTest extends \CIUnitTestCase
-{
-	public function setUp()
-	{
-		parent::setUp();
-
-		$this->library = new Aauth();
-	}
-
-	//--------------------------------------------------------------------
-
-	public function testFailCall()
-	{
-		$this->expectException('ErrorException'); // Or whichever exception it is
-		$this->library->getNotExistingFunc();
-	}
-}
--- a/tests/Aauth/Libraries/Aauth/LoginTest.php
+++ b/tests/Aauth/Libraries/Aauth/LoginTest.php
@ -37,7 +37,7 @@ class LoginTest extends CIDatabaseTestCase
 		$this->request  = new IncomingRequest(new App(), new URI(), null, new UserAgent());
 		Services::injectMock('request', $this->request);

-		$this->library = new Aauth(null, true);
+		$this->library = new Aauth(null);
 		$_COOKIE       = [];
 		$_SESSION      = [];
 	}
--- a/tests/Aauth/Libraries/Aauth/UtilityTest.php
+++ b/tests/Aauth/Libraries/Aauth/UtilityTest.php
@ -0,0 +1,28 @@
+<?php namespace Tests\Aauth\Libraries\Aauth;
+
+use App\Libraries\Aauth;
+
+class UtilityTest extends \CIUnitTestCase
+{
+	public function setUp()
+	{
+		parent::setUp();
+
+		$this->library = new Aauth(null, true);
+	}
+
+	//--------------------------------------------------------------------
+
+	public function testFailModel()
+	{
+		$this->assertInstanceOf('\App\Models\Aauth\GroupToUserModel', $this->library->getModel('group to user'));
+		$this->assertInstanceOf('\App\Models\Aauth\GroupToUserModel', $this->library->getModel('group_to_user'));
+		$this->assertFalse($this->library->getModel('NotExisting'));
+	}
+
+	public function testFailCall()
+	{
+		$this->expectException('ErrorException');
+		$this->library->getNotExistingFunc();
+	}
+}