From 1f7bad15606e85eb4d8772958496dfda64bf5ee8 Mon Sep 17 00:00:00 2001
From: Torsten Dittmann <torsten.dittmann@googlemail.com>
Date: Fri, 3 Sep 2021 17:59:02 +0200
Subject: [PATCH] add test

---
 tests/unit/Auth/AuthTest.php | 37 ++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/tests/unit/Auth/AuthTest.php b/tests/unit/Auth/AuthTest.php
index de3013f96b..0b1fb5cf71 100644
--- a/tests/unit/Auth/AuthTest.php
+++ b/tests/unit/Auth/AuthTest.php
@@ -4,6 +4,7 @@ namespace Appwrite\Tests;
 
 use Appwrite\Auth\Auth;
 use Appwrite\Database\Document;
+use Appwrite\Database\Validator\Authorization;
 use PHPUnit\Framework\TestCase;
 
 class AuthTest extends TestCase
@@ -240,4 +241,40 @@ class AuthTest extends TestCase
         $this->assertContains('team:def', $roles);
         $this->assertContains('team:def/guest', $roles);
     }
+
+    public function testPrivilegedUserRoles()
+    {
+        Authorization::setRole('role:'.Auth::USER_ROLE_APP);
+        $user  = new Document([
+            '$id' => '123',
+            'memberships' => [
+                [
+                    'teamId' => 'abc',
+                    'roles' => [
+                        'administrator',
+                        'moderator'
+                    ]
+                ],
+                [
+                    'teamId' => 'def',
+                    'roles' => [
+                        'guest'
+                    ]
+                ]
+            ]
+        ]);
+
+        $roles = Auth::getRoles($user);
+
+        $this->assertCount(5, $roles);
+        $this->assertNotContains('role:member', $roles);
+        $this->assertNotContains('user:123', $roles);
+        $this->assertContains('team:abc', $roles);
+        $this->assertContains('team:abc/administrator', $roles);
+        $this->assertContains('team:abc/moderator', $roles);
+        $this->assertContains('team:def', $roles);
+        $this->assertContains('team:def/guest', $roles);
+
+        Authorization::reset();
+    }
 }