/**
* @depends testCreateDropDownWithMixedCaseAttributeName
*/
public function testPopulateCustomAttributes()
{
$currencies = Currency::getAll();
$account = new Account();
$account->name = 'my test account';
$account->owner = Yii::app()->user->userModel;
$account->testCheckBox2Cstm = 0;
$account->testCurrency2Cstm->value = 728.89;
$account->testCurrency2Cstm->currency = $currencies[0];
$account->testDate2Cstm = '2008-09-03';
$account->testDate3Cstm = '2008-09-02';
$account->testDateTime2Cstm = '2008-09-02 03:03:03';
$account->testDateTime3Cstm = '2008-09-01 03:03:03';
$account->testDecimal2Cstm = 45.67;
$account->testDecimal3Cstm = 31.05;
$account->testAirPlaneCstm->value = 'A380';
//Dive Bomber
$account->testInteger2Cstm = 56;
$account->testInteger3Cstm = 21;
$account->testPhone2Cstm = '345345234';
$account->testPhone3Cstm = '345345221';
$account->testAirPlanePartsCstm->value = 'Seat';
// Wheel
$account->testText2Cstm = 'some test stuff';
$account->testText3Cstm = 'some test stuff 3';
$account->testTextArea2Cstm = 'some test text area stuff';
$account->testTextArea3Cstm = 'some test text area stuff 3';
$account->testUrl2Cstm = 'https://www.zurmo.com';
$account->testUrl3Cstm = 'www.zurmo.org';
$account->playMyFavoriteSongCstm->value = 'song2';
// song 3
$account->testCountryCstm->value = 'bbbb';
$account->testStateCstm->value = 'bbb2';
$account->testCityCstm->value = 'bc2';
$account->testEducationCstm->value = 'cccc';
$account->testStreamCstm->value = 'ccc3';
//Set value to Multiselect list.
$customHobbyValue1 = new CustomFieldValue();
$customHobbyValue1->value = 'Reading';
$account->testHobbies1Cstm->values->add($customHobbyValue1);
$customHobbyValue2 = new CustomFieldValue();
$customHobbyValue2->value = 'Singing';
$account->testHobbies2Cstm->values->add($customHobbyValue2);
//Set value to Tagcloud.
$customLanguageValue1 = new CustomFieldValue();
$customLanguageValue1->value = 'English';
$account->testLanguages1Cstm->values->add($customLanguageValue1);
$customLanguageValue2 = new CustomFieldValue();
$customLanguageValue2->value = 'Spanish';
$account->testLanguages2Cstm->values->add($customLanguageValue2);
unset($customHobbyValue1);
unset($customHobbyValue2);
unset($customLanguageValue1);
unset($customLanguageValue2);
$saved = $account->save();
$this->assertTrue($saved);
$accountId = $account->id;
$account->forget();
unset($account);
$account = Account::getById($accountId);
$this->assertEquals(0, $account->testCheckBox2Cstm);
$this->assertEquals(false, (bool) $account->testCheckBox2Cstm);
$this->assertEquals(728.89, $account->testCurrency2Cstm->value);
$this->assertEquals(1, $account->testCurrency2Cstm->rateToBase);
$this->assertEquals('2008-09-03', $account->testDate2Cstm);
$this->assertEquals('2008-09-02 03:03:03', $account->testDateTime2Cstm);
$this->assertEquals(45.67, $account->testDecimal2Cstm);
$this->assertEquals('A380', $account->testAirPlaneCstm->value);
$this->assertEquals(56, $account->testInteger2Cstm);
$this->assertEquals(345345234, $account->testPhone2Cstm);
$this->assertEquals('Seat', $account->testAirPlanePartsCstm->value);
$this->assertEquals('some test stuff', $account->testText2Cstm);
$this->assertEquals('some test text area stuff', $account->testTextArea2Cstm);
$this->assertEquals('https://www.zurmo.com', $account->testUrl2Cstm);
$this->assertEquals('http://www.zurmo.org', $account->testUrl3Cstm);
$this->assertEquals('song2', $account->playMyFavoriteSongCstm->value);
$this->assertContains('Writing', $account->testHobbies1Cstm->values);
$this->assertContains('Reading', $account->testHobbies1Cstm->values);
$this->assertContains('Singing', $account->testHobbies2Cstm->values);
$this->assertContains('English', $account->testLanguages1Cstm->values);
$this->assertContains('French', $account->testLanguages1Cstm->values);
$this->assertContains('Spanish', $account->testLanguages2Cstm->values);
$this->assertEquals('bbbb', $account->testCountryCstm->value);
$this->assertEquals('bbb2', $account->testStateCstm->value);
$this->assertEquals('bc2', $account->testCityCstm->value);
$this->assertEquals('cccc', $account->testEducationCstm->value);
$this->assertEquals('ccc3', $account->testStreamCstm->value);
$metadata = CalculatedDerivedAttributeMetadata::getByNameAndModelClassName('testCalculatedValue', 'Account');
$testCalculatedValue = CalculatedNumberUtil::calculateByFormulaAndModelAndResolveFormat($metadata->getFormula(), $account);
$this->assertEquals('$774.56', $testCalculatedValue);
unset($testCalculatedValue);
$account->forget();
unset($account);
$account = Account::getById($accountId);
//Switch values around to cover for any default value pollution on the assertions above.
$account->testCheckBox2Cstm = 1;
$account->testCurrency2Cstm->value = 728.92;
$account->testCurrency2Cstm->currency = $currencies[0];
$account->testDate2Cstm = '2008-09-04';
$account->testDateTime2Cstm = '2008-09-03 03:03:03';
$account->testDecimal2Cstm = 45.68;
$account->testAirPlaneCstm->value = 'Dive Bomber';
$account->testInteger2Cstm = 57;
$account->testPhone2Cstm = '3453452344';
$account->testAirPlanePartsCstm->value = 'Wheel';
$account->testText2Cstm = 'some test stuff2';
$account->testTextArea2Cstm = 'some test text area stuff2';
$account->testUrl2Cstm = 'http://www.zurmo.org';
$account->playMyFavoriteSongCstm->value = 'song3';
$account->testCountryCstm->value = 'cccc';
$account->testStateCstm->value = 'ccc3';
$account->testCityCstm->value = 'ca3';
$account->testEducationCstm->value = 'aaaa';
$account->testStreamCstm->value = 'aaa1';
$account->testHobbies1Cstm->values->removeAll();
$account->testHobbies2Cstm->values->removeAll();
$account->testLanguages1Cstm->values->removeAll();
$account->testLanguages2Cstm->values->removeAll();
$this->assertEquals(0, $account->testHobbies1Cstm->values->count());
$this->assertEquals(0, $account->testHobbies2Cstm->values->count());
$this->assertEquals(0, $account->testLanguages1Cstm->values->count());
$this->assertEquals(0, $account->testLanguages2Cstm->values->count());
//Set multiple value to Multiselect list.
$customHobbyValue1 = new CustomFieldValue();
$customHobbyValue1->value = 'Writing';
$account->testHobbies1Cstm->values->add($customHobbyValue1);
$customHobbyValue2 = new CustomFieldValue();
$customHobbyValue2->value = 'Reading';
$account->testHobbies1Cstm->values->add($customHobbyValue2);
$customHobbyValue3 = new CustomFieldValue();
$customHobbyValue3->value = 'Singing';
$account->testHobbies2Cstm->values->add($customHobbyValue3);
$customHobbyValue4 = new CustomFieldValue();
$customHobbyValue4->value = 'Surfing';
$account->testHobbies2Cstm->values->add($customHobbyValue4);
$customHobbyValue5 = new CustomFieldValue();
$customHobbyValue5->value = 'Reading';
$account->testHobbies2Cstm->values->add($customHobbyValue5);
//Set multiple value to Tagcloud.
$customLanguageValue1 = new CustomFieldValue();
$customLanguageValue1->value = 'English';
$account->testLanguages1Cstm->values->add($customLanguageValue1);
$customLanguageValue2 = new CustomFieldValue();
$customLanguageValue2->value = 'Danish';
$account->testLanguages1Cstm->values->add($customLanguageValue2);
$customLanguageValue3 = new CustomFieldValue();
$customLanguageValue3->value = 'Spanish';
$account->testLanguages1Cstm->values->add($customLanguageValue3);
$customLanguageValue4 = new CustomFieldValue();
$customLanguageValue4->value = 'French';
$account->testLanguages2Cstm->values->add($customLanguageValue4);
$customLanguageValue5 = new CustomFieldValue();
$customLanguageValue5->value = 'Spanish';
$account->testLanguages2Cstm->values->add($customLanguageValue5);
$saved = $account->save();
$this->assertTrue($saved);
$accountId = $account->id;
$account->forget();
unset($account);
$account = Account::getById($accountId);
$this->assertEquals(1, $account->testCheckBox2Cstm);
$this->assertEquals(true, (bool) $account->testCheckBox2Cstm);
$this->assertEquals(728.92, $account->testCurrency2Cstm->value);
$this->assertEquals(1, $account->testCurrency2Cstm->rateToBase);
$this->assertEquals('2008-09-04', $account->testDate2Cstm);
$this->assertEquals('2008-09-03 03:03:03', $account->testDateTime2Cstm);
$this->assertEquals(45.68, $account->testDecimal2Cstm);
$this->assertEquals('Dive Bomber', $account->testAirPlaneCstm->value);
$this->assertEquals(57, $account->testInteger2Cstm);
$this->assertEquals(3453452344, $account->testPhone2Cstm);
$this->assertEquals('Wheel', $account->testAirPlanePartsCstm->value);
$this->assertEquals('some test stuff2', $account->testText2Cstm);
$this->assertEquals('some test text area stuff2', $account->testTextArea2Cstm);
$this->assertEquals('http://www.zurmo.org', $account->testUrl2Cstm);
$this->assertEquals('song3', $account->playMyFavoriteSongCstm->value);
$this->assertEquals(2, $account->testHobbies1Cstm->values->count());
$this->assertEquals(3, $account->testHobbies2Cstm->values->count());
$this->assertEquals(3, $account->testLanguages1Cstm->values->count());
$this->assertEquals(2, $account->testLanguages2Cstm->values->count());
$this->assertContains('Writing', $account->testHobbies1Cstm->values);
$this->assertContains('Reading', $account->testHobbies1Cstm->values);
$this->assertContains('Singing', $account->testHobbies2Cstm->values);
$this->assertContains('Surfing', $account->testHobbies2Cstm->values);
$this->assertContains('Reading', $account->testHobbies2Cstm->values);
$this->assertContains('English', $account->testLanguages1Cstm->values);
$this->assertContains('Danish', $account->testLanguages1Cstm->values);
$this->assertContains('Spanish', $account->testLanguages1Cstm->values);
$this->assertContains('French', $account->testLanguages2Cstm->values);
$this->assertContains('Spanish', $account->testLanguages2Cstm->values);
$this->assertEquals('cccc', $account->testCountryCstm->value);
$this->assertEquals('ccc3', $account->testStateCstm->value);
$this->assertEquals('ca3', $account->testCityCstm->value);
$this->assertEquals('aaaa', $account->testEducationCstm->value);
$this->assertEquals('aaa1', $account->testStreamCstm->value);
}
/**
* @depends testCreateAndGetAccountById
*/
public function testValidatesWithoutOwnerWhenSpecifyingAttributesToValidate()
{
$user = User::getByUsername('steven');
$this->assertTrue($user->id > 0);
$account = new Account(false);
$_POST['MassEdit'] = array('employees' => '1');
$_POST['fake'] = array('employees' => 4);
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
$this->assertEquals(array(), $account->getErrors());
$account->forget();
$account = new Account(false);
$_POST['MassEdit'] = array('owner' => '1');
$_POST['fake'] = array('owner' => array('id' => ''));
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
//there should be an owner error since it is specified but blank
$this->assertNotEquals(array(), $account->getErrors());
$account->forget();
$account = new Account(false);
$_POST['MassEdit'] = array('employees' => '1', 'owner' => '2');
$_POST['fake'] = array('employees' => 4, 'owner' => array('id' => $user->id));
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
$this->assertEquals(array(), $account->getErrors());
}
public function testABitOfEverythingAsAnExample()
{
$superAdminDude = new User();
$superAdminDude->title->value = 'Miss';
$superAdminDude->username = '******';
$superAdminDude->firstName = 'Laura';
$superAdminDude->lastName = 'Laurason';
$superAdminDude->setPassword('laura');
$this->assertTrue($superAdminDude->save());
$adminDude = new User();
$adminDude->title->value = 'Mr.';
$adminDude->username = '******';
$adminDude->firstName = 'Jason';
$adminDude->lastName = 'Jasonson';
$adminDude->setPassword('jason');
$this->assertTrue($adminDude->save());
$accountOwner = new User();
$accountOwner->title->value = 'Mr.';
// :P
$accountOwner->username = '******';
$accountOwner->firstName = 'lisa';
$accountOwner->lastName = 'Lisason';
$accountOwner->setPassword('lisay');
$this->assertTrue($accountOwner->save());
$salesDude1 = new User();
$salesDude1->title->value = 'Mr.';
$salesDude1->username = '******';
$salesDude1->firstName = 'Ray';
$salesDude1->lastName = 'Rayson';
$salesDude1->setPassword('ray45');
$this->assertTrue($salesDude1->save());
$salesDude2 = new User();
$salesDude2->title->value = 'Mr.';
$salesDude2->username = '******';
$salesDude2->firstName = 'Stafford';
$salesDude2->lastName = 'Staffordson';
$salesDude2->setPassword('stafford');
$this->assertTrue($salesDude2->save());
$managementDudette = new User();
$managementDudette->title->value = 'Ms.';
$managementDudette->username = '******';
$managementDudette->firstName = 'Donna';
$managementDudette->lastName = 'Donnason';
$managementDudette->setPassword('donna');
$this->assertTrue($managementDudette->save());
$supportDude = new User();
$supportDude->title->value = 'Mr.';
$supportDude->username = '******';
$supportDude->firstName = 'Ross';
$supportDude->lastName = 'Rosson';
$supportDude->setPassword('rossy');
$this->assertTrue($supportDude->save());
$superAdminDudes = new Group();
$superAdminDudes->name = 'Super Admin Dudes';
$superAdminDudes->users->add($superAdminDude);
$this->assertTrue($superAdminDudes->save());
$adminDudes = new Group();
$adminDudes->name = 'Admin Dudes';
$adminDudes->users->add($adminDude);
$adminDudes->groups->add($superAdminDudes);
$this->assertTrue($adminDudes->save());
$superAdminDudes->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES, 0);
$this->assertTrue($superAdminDudes->save());
$adminDudes->setRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS);
$adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB);
$adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE);
$adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
$adminDudes->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS, 90);
$this->assertTrue($adminDudes->save());
$salesDudes = new Group();
$salesDudes->name = 'Sales Dudes';
$salesDudes->users->add($salesDude1);
$salesDudes->users->add($salesDude2);
$this->assertTrue($salesDudes->save());
$managementDudes = new Group();
$managementDudes->name = 'Management Dudes';
$managementDudes->users->add($managementDudette);
$this->assertTrue($managementDudes->save());
$everyone = Group::getByName(Group::EVERYONE_GROUP_NAME);
$everyone->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB);
$everyone->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES, 1);
$everyone->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS, 30);
$this->assertTrue($everyone->save());
Yii::app()->user->userModel = $accountOwner;
$account = new Account();
$account->name = 'Doozy Co.';
$this->assertTrue($account->save());
// The account has no explicit permissions set at this point.
// The account owner has full permissions implicitly.
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
// Nobody else has permissions.
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
// Everyone is given read permissions to the account.
$everyone = Group::getByName(Group::EVERYONE_GROUP_NAME);
$account->addPermissions($everyone, Permission::READ);
$account->save();
// In one step everyone has read permissions, except the owner who still has full.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// Sales Dudes is given write permissions to the account.
$account->addPermissions($salesDudes, Permission::WRITE);
$account->save();
// The Sales Dudes group and everyone in it has write.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// Management Dudes is given change owner permissions to the account.
$account->addPermissions($managementDudes, Permission::CHANGE_OWNER);
$account->save();
// The Managment Dudes group and everyone in it has change owner.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// We want to remove Support Dude's read on the account.
// The first way... having thought about our security and groups well...
// Everyone's read permission is removed, and instead Sales Dudes
// and Managment Dudes are given read permissions. Order is irrelevant.
$account->removePermissions($everyone, Permission::READ);
$account->addPermissions($salesDudes, Permission::READ);
$account->addPermissions($managementDudes, Permission::READ);
$account->save();
// The effect is that Support Dude and Admin Dudes lose read permissions because
// now nobody has that permission via Everyone.
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($everyone));
// Permissions are set back.
$account->addPermissions($everyone, Permission::READ);
$account->removePermissions($salesDudes, Permission::READ);
$account->removePermissions($managementDudes, Permission::READ);
$account->save();
// Support Dude and Admin Dudes get their read back.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// The second way... more ad-hoc...
// We explicitly deny. Deny's have precedence over allows.
$account->addPermissions($supportDude, Permission::READ, Permission::DENY);
$account->save();
// The effect is that Support Dude loses read permissions but
// Everyone else still has read.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// Managment Dudes has all permissions is denied.
// This takes precedence over the read permission the group was given.
$account->addPermissions($managementDudes, Permission::ALL, Permission::DENY);
$account->save();
// The effect is that Management Dudes lose all permissions
// regardless of what they have been granted.
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// We'll give Management Dudes back their permissions.
$account->removePermissions($managementDudes, Permission::ALL, Permission::DENY);
// And give management dudette change permissions.
$account->addPermissions($managementDudette, Permission::CHANGE_PERMISSIONS);
$account->save();
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::READ | Permission::CHANGE_PERMISSIONS | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
$this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone));
// Then we'll just nuke eveyone's permissions. If you use this it is for
// the kind of scenario where an admin wants to re-setup permissions from scratch
// so you'd put a Do You Really Want To Do This???? kind of message.
Permission::deleteAll();
// Removing all permissions is done directly on the database,
// so we need to forget our account and get it back again.
$accountId = $account->id;
$account->forget();
unset($account);
$account = Account::getById($accountId);
// Nobody else has permissions again.
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude1));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude2));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes));
$this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude));
// TODO
// - Permissions on modules.
// - Permissions on types.
// - Permissions on fields.
// All users have the right to login via the web, because the Everyone group was granted that right.
$this->assertEquals(Right::ALLOW, $adminDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $adminDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $salesDude1->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $salesDude2->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $managementDudette->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $salesDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $managementDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $supportDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $everyone->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
$this->assertEquals(Right::ALLOW, $adminDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::ALLOW, $adminDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $salesDude1->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $salesDude2->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $managementDudette->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $salesDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $managementDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $supportDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
$this->assertEquals(Right::DENY, $everyone->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS));
// All users have a password expiry days of 30 because it was set on Everyone, but that was overridden
// for Admin Dudes with a more generous password expiry policy set for them.
$this->assertEquals(90, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(90, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(90, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(90, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $salesDude1->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $salesDude2->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $managementDudette->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $salesDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $managementDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $supportDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
$this->assertEquals(30, $everyone->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS));
// But all users' passwords, except Super Admin Dudes, expire because of the policy set on Everyone,
// which is set more specifically for Super Admin Dudes.
$this->assertEquals(0, $superAdminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(0, $superAdminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $salesDude1->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $salesDude2->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $managementDudette->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $salesDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $managementDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $supportDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
$this->assertEquals(1, $everyone->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES));
// The policy set on Super Admin Dudes that their passwords don't expire is more explicit than the Everyone
// setting and so takes precedence. While ALLOW for permissions and rights is just required from any one
// source (explicit or inherited from a group) and DENY on any source overrides it, the effective policy
// is the most explicit. A policy set specifically on a user overrides a policy set on a group they are
// directly in, which overrides one that that group is in, and so on, which overrides anything set on the
// Everyone group. If nothing is set the policy value is null.
// TODO
// - Roles.
}
public function testMakeBySecurableItem()
{
Yii::app()->user->userModel = User::getByUsername('super');
$group2 = Group::getByName('Group2');
$group3 = Group::getByName('Group3');
$account = new Account();
$account->name = 'aTestAccount';
$account->owner = Yii::app()->user->userModel;
$this->assertTrue($account->save());
$account->addPermissions($group2, Permission::READ_WRITE);
$account->addPermissions($group3, Permission::READ);
$this->assertTrue($account->save());
$accountId = $account->id;
$account->forget();
unset($account);
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId));
$this->assertTrue($explicitReadWriteModelPermissions instanceof ExplicitReadWriteModelPermissions);
$readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
$readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
$this->assertEquals(1, count($readWritePermitables));
$this->assertEquals(1, count($readOnlyPermitables));
$this->assertEquals($group3, $readOnlyPermitables[$group3->id]);
$this->assertEquals($group2, $readWritePermitables[$group2->id]);
}
/**
* @depends testSearchForMultiSelectDropDownAttributePlacedForAccountsModule
*/
public function testMultiSelectDropDownAttributeValuesAfterCreateAndEditPlacedForAccountsModule()
{
//Test that the multiple select attribute can query properly for search.
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
//Create an account to test searching multiple fields on for search.
$account = new Account();
$this->assertEquals(1, $account->testHobbiesCstm->values->count());
$account->testHobbiesCstm->values->removeAll();
$this->assertEquals(0, $account->testHobbiesCstm->values->count());
$account->name = 'MyTestAccount';
$account->owner = Yii::app()->user->userModel;
$customFieldValue1 = new CustomFieldValue();
$customFieldValue1->value = 'Reading';
$account->testHobbiesCstm->values->add($customFieldValue1);
$customFieldValue2 = new CustomFieldValue();
$customFieldValue2->value = 'Writing';
$account->testHobbiesCstm->values->add($customFieldValue2);
$this->assertTrue($account->save());
$accountId = $account->id;
$account->forget();
unset($account);
$account = Account::getById($accountId);
$this->assertEquals(2, $account->testHobbiesCstm->values->count());
$this->assertContains('Reading', $account->testHobbiesCstm->values);
$this->assertContains('Writing', $account->testHobbiesCstm->values);
$account->forget();
unset($account);
$account = Account::getById($accountId);
$customFieldValue3 = new CustomFieldValue();
$customFieldValue3->value = 'Writing';
$account->testHobbiesCstm->values->add($customFieldValue3);
$this->assertEquals(3, $account->testHobbiesCstm->values->count());
$this->assertContains('Reading', $account->testHobbiesCstm->values);
$this->assertContains('Writing', $account->testHobbiesCstm->values);
$this->assertNotContains('Surfing', $account->testHobbiesCstm->values);
$this->assertNotContains('Gardening', $account->testHobbiesCstm->values);
}
/**
* @depends testItemReadOnlyFieldsModifiedUser
*/
public function testItemReadOnlyChangeScenarioSoCanPopulate()
{
Yii::app()->user->userModel = User::getByUsername('super');
$dbDateTime1 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 200);
$dbDateTime2 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 300);
$dbDateTime3 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 400);
$jimmy = UserTestHelper::createBasicUser('Jimmy');
$user = User::getByUsername('billy');
$account = new Account();
$account->setScenario('importModel');
$account->createdByUser = $user;
$account->modifiedByUser = $user;
$account->createdDateTime = $dbDateTime1;
$account->modifiedDateTime = $dbDateTime2;
$account->owner = Yii::app()->user->userModel;
$account->name = 'someName';
$this->assertTrue($account->save());
$accountId = $account->id;
$account->forget();
$account = Account::getById($accountId);
$this->assertEquals($user, $account->createdByUser);
$this->assertEquals($user, $account->modifiedByUser);
$this->assertEquals($dbDateTime1, $account->createdDateTime);
$this->assertEquals($dbDateTime2, $account->modifiedDateTime);
$account->name = 'aNewName';
$this->assertTrue($account->save());
$account->forget();
//Now test that the attempt to change createdByUser and modifiedUser on an existing model will not work.
//even when there are read only override permissions set.
$account = Account::getById($accountId);
$this->assertEquals($user, $account->createdByUser);
$this->assertEquals(Yii::app()->user->userModel, $account->modifiedByUser);
$this->assertNotEquals($dbDateTime2, $account->modifiedDateTime);
$this->assertNotEquals($dbDateTime3, $account->modifiedDateTime);
}
