/**
* Adds a value to a valuelist. This only works for valuelists
* that are pulled from the database.
* @param Dataface_Table The table to add the valuelist to.
* @param string $valuelistName The name of the valuelist.
* @param string $value The value to add.
* @param string $key The key to add.
* @param boolean $checkPerms If true, this will first check permissions
* before adding the value.
* @returns mixed May return a permission denied error if there is insufficient
* permissions.
*/
function addValueToValuelist(&$table, $valuelistName, $value, $key = null, $checkPerms = false)
{
import('Dataface/ConfigTool.php');
$configTool =& Dataface_ConfigTool::getInstance();
$conf = $configTool->loadConfig('valuelists', $table->tablename);
$relname = $valuelistName . '__valuelist';
//$conf = array($relname=>$conf);
$table->addRelationship($relname, $conf[$valuelistName]);
$rel =& $table->getRelationship($relname);
$fields =& $rel->fields();
if (count($fields) > 1) {
$valfield = $fields[1];
$keyfield = $fields[0];
} else {
$valfield = $fields[0];
$keyfield = $fields[0];
}
$record = new Dataface_Record($table->tablename);
$rrecord = new Dataface_RelatedRecord($record, $relname);
if ($checkPerms and !$rrecord->checkPermission('edit', array('field' => $valfield))) {
return Dataface_Error::permissionDenied();
}
$rrecord->setValue($valfield, $value);
if (isset($key) and isset($keyfield)) {
if ($checkPerms and !$rrecord->checkPermission('edit', array('field' => $keyfield))) {
return Dataface_Error::permissionDenied();
}
$rrecord->setValue($keyfield, $key);
}
import('Dataface/IO.php');
$io = new Dataface_IO($table->tablename);
$res = $io->addRelatedRecord($rrecord);
if (PEAR::isError($res)) {
return $res;
}
return array('key' => $rrecord->val($keyfield), 'value' => $rrecord->val($valfield));
}
function testPermissions()
{
$formulasTable = Dataface_Table::loadTable('formulas');
$formulasDel = $formulasTable->getDelegate();
$formulasDel->testPermissions = true;
$formula = new Dataface_Record('formulas', array('formula_name' => 'test formula'));
// Test the standard permissions on tables and fields
$this->assertTrue($formula->checkPermission('view'), 'View permission should be set by default.');
$this->assertTrue(!$formula->checkPermission('list'), 'List permission should be denied by default.');
$this->assertTrue($formula->checkPermission('new'), 'New permission should be permitted by default.');
$this->assertTrue(!$formula->checkPermission('new', array('field' => 'formula_name')), 'New permission should be denied on the formula_name field.');
$this->assertTrue($formula->checkPermission('view', array('field' => 'formula_name')), 'The view permission should be allowed on the formula_name field.');
$this->assertTrue(!$formula->checkPermission('view', array('field' => 'formula_id')), 'The view permission should be denied on the formula_id field.');
// Test the nobubble parameter on getPermissions
$this->assertTrue(!$formula->checkPermission('delete', array('field' => 'formula_name', 'nobubble' => 1)), 'Since we are not bubbling up to record, we should not have permission for the delete permission as it is not enabled at field level explicitly - only at record level.');
$this->assertTrue($formula->checkPermission('delete', array('field' => 'formula_name')), 'Now that we are allowing bubbling, we should return true for delete on teh formula_name field.');
$this->assertTrue($formula->checkPermission('copy', array('field' => 'formula_name', 'nobubble' => 1)), 'Even though there is no bubbling, we should still return true for the copy permission on the formula_name field since it is defined in the __field__permssions() method.');
$this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients')), 'view permission of the amount field in the ingredients relationship should be allowed because it is granted in the rel_ingredients__amount__permissions() method of the formulas delegate class.');
$this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'view permission for amount field in ingredients relationship should be allowed even with nobubble=1 because it is permistted in the rel_ingredients__amount__permissions().');
$this->assertTrue($formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients')), 'link permission on amount field of the ingredients relationship should be allowed because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.');
$this->assertTrue(!$formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'link permission on the amount field of the ingredients relationship should not be allowed when nobubble=1 because although it is granted in the rel_ingredients__permissions() method of the formulas delegate class - this method shouldnt be consulted if nobubble=1. It should just check the specific field permissions of the relationship and then break.');
$this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients')), 'link permission should be allowed on the ingredients relationship because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.');
$this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients', 'nobubble' => 1)), 'link permission should be allowed in the ingredients relationship even with nobubble=1 because it is granted in the rel_ingredients__permissions() method of the formulas delegate class. nobubble should just prevent it from looking past the relationship permissions.');
// Test related record permissions
$formulaIngredientsTable = Dataface_Table::loadTable('formula_ingredients');
$formulaIngredientsDel = $formulaIngredientsTable->getDelegate();
$formulaIngredientsDel->testPermissions = true;
$relatedRecord = new Dataface_RelatedRecord($formula, 'ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4));
// Test the standard related permission
$this->assertTrue(!$relatedRecord->checkPermission('view', array('field' => 'concentration')), 'There shouldn\'t be permission to view the concentration field as it is denied in the getPermissions() method and is not overridden in any of the function methods.');
$this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'ingredient_id')), 'There should be permission to view the ingredient_id field since it is overridden in the ingredient_id__permissions() method of the formula_ingredients delegate class.');
$this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'amount')), 'There should be permission to view the amount field since the rel_ingredients__amount__permissions() method is defined in the parent table delegate class and grants the permission.. This should table precedence.');
$ingredientRecord = new Dataface_Record('formula_ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4));
$this->assertTrue(!$ingredientRecord->checkPermission('view', array('field' => 'amount')), 'There should be no permission for view of the amount field directly because it hasnt been granted in the formula_ingredients delegate class.');
// Test the display now.
$this->assertEquals('NO ACCESS', $relatedRecord->display('concentration'), 'Concentration should be no access via the related record because we havent granted access yet.');
$this->assertEquals('4', $relatedRecord->display('amount'), 'Amount should display the proper value because view has been granted via the relationship.');
$this->assertEquals('NO ACCESS', $ingredientRecord->display('amount'), 'Amount should display "NO ACCESS" when accessing the record directly, but instead received the actual value.');
$formulasDel->testPermissions = false;
}
