public function saveModelFromSanitizedData($sanitizedData, $model, &$savedSuccessfully, &$modelToStringValue) { //note: the logic for ExplicitReadWriteModelPermission might still need to be moved up into the //post method above, not sure how this is coming in from API. $explicitReadWriteModelPermissions = static::resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model); $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); $this->afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; $this->afterSuccessfulSave($model); } } else { } return $model; }
public static function setContactModelPermissionsByContactWebForm(SecurableItem $model, ContactWebForm $contactWebForm) { if ($model instanceof SecurableItem && count($model->permissions) === 0) { $defaultPermission = ContactWebFormAdapter::resolveAndGetDefaultPermissionSetting($contactWebForm); $nonEveryoneGroup = $contactWebForm->defaultPermissionGroupSetting; $type = DerivedExplicitReadWriteModelPermissionsElement::resolveUserPermissionConfigurationToPermissionType($defaultPermission); $postData = array('explicitReadWriteModelPermissions' => compact('type', 'nonEveryoneGroup')); $explicitReadWritePermissions = self::resolveAndMakeExplicitReadWriteModelPermissions($postData, $model); $updated = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWritePermissions); if (!$updated) { throw new NotSupportedException(); } } }
/** * Override to process the note as a social item when needed. * (non-PHPdoc) * @see ZurmoBaseController::actionAfterSuccessfulModelSave() */ protected function actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams = null) { assert('$model instanceof Note'); if (ArrayUtil::getArrayValue(PostUtil::getData(), 'postToProfile')) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $socialItem = new SocialItem(); $socialItem->note = $model; $saved = $socialItem->save(); if (!$saved) { throw new FailedToSaveModelException(); } ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($socialItem, $explicitReadWriteModelPermissions); } parent::actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams); }
/** * @param DemoDataHelper $demoDataHelper */ public function makeAll(&$demoDataHelper) { assert('$demoDataHelper instanceof DemoDataHelper'); assert('$demoDataHelper->isSetRange("User")'); assert('$demoDataHelper->isSetRange("Account")'); $conversations = array(); foreach (self::getConversationData() as $randomConversationData) { $postData = array(); $conversation = new Conversation(); $conversation->setScenario('importModel'); $conversation->owner = $demoDataHelper->getRandomByModelName('User'); $conversation->createdByUser = $conversation->owner; $conversation->conversationItems->add($demoDataHelper->getRandomByModelName('Account')); $conversation->subject = $randomConversationData['subject']; $conversation->description = $randomConversationData['description']; //Add some comments foreach ($randomConversationData['comments'] as $commentDescription) { $comment = new Comment(); $comment->setScenario('importModel'); $comment->createdByUser = $demoDataHelper->getRandomByModelName('User'); $comment->description = $commentDescription; $conversation->comments->add($comment); self::addItemIdToPostData($postData, $comment->createdByUser->getClassId('Item')); } //Add Super user $comment = new Comment(); $comment->description = 'Great idea guys. Keep it coming.'; $conversation->comments->add($comment); self::addItemIdToPostData($postData, Yii::app()->user->userModel->getClassId('Item')); $saved = $conversation->save(); assert('$saved'); //any user who has made a comment should be added as a participant and resolve permissions $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $saved = $conversation->save(); assert('$saved'); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $saved = $conversation->save(); assert('$success'); $conversations[] = $conversation->id; } $demoDataHelper->setRangeByModelName('Conversation', $conversations[0], $conversations[count($conversations) - 1]); }
public static function makeMeetingsCategoryAndMonthStartTimeByOwner() { $report = new Report(); $report->setModuleClassName('MeetingsModule'); $report->setName('Meettings Category And Month Start Time By Owner'); $report->setType(Report::TYPE_MATRIX); $report->setOwner(Yii::app()->user->userModel); $report->setFiltersStructure(''); $report->setCurrencyConversionType(Report::CURRENCY_CONVERSION_TYPE_BASE); $groupBy = new GroupByForReportForm('MeetingsModule', 'Meeting', $report->getType()); $groupBy->attributeIndexOrDerivedType = 'startDateTime__Month'; $groupBy->axis = 'x'; $report->addGroupBy($groupBy); $groupBy = new GroupByForReportForm('MeetingsModule', 'Meeting', $report->getType()); $groupBy->attributeIndexOrDerivedType = 'category'; $groupBy->axis = 'x'; $report->addGroupBy($groupBy); $groupBy = new GroupByForReportForm('MeetingsModule', 'Meeting', $report->getType()); $groupBy->attributeIndexOrDerivedType = 'owner__User'; $groupBy->axis = 'y'; $report->addGroupBy($groupBy); $displayAttribute = new DisplayAttributeForReportForm('MeetingsModule', 'Meeting', $report->getType()); $displayAttribute->attributeIndexOrDerivedType = 'Count'; $report->addDisplayAttribute($displayAttribute); $savedReport = new SavedReport(); SavedReportToReportAdapter::resolveReportToSavedReport($report, $savedReport); //set explicit $saved = $savedReport->save(); assert('$saved'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($savedReport); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($savedReport, $explicitReadWriteModelPermissions); assert('$success'); $saved = $savedReport->save(); assert('$saved'); }
/** * Given a row of data, resolve each value of the row for import and either create or update an existing model. * @param object $importRules * @param array $rowData * @param array $mappingData * @param object $importRowDataResultsUtil */ public static function importByImportRulesRowData(ImportRules $importRules, $rowBean, $mappingData, ImportRowDataResultsUtil $importRowDataResultsUtil, ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions) { assert('$rowBean instanceof RedBean_OODBBean'); assert('is_array($mappingData)'); $makeNewModel = true; $modelClassName = $importRules->getModelClassName(); $externalSystemId = null; $importSanitizeResultsUtil = new ImportSanitizeResultsUtil(); $afterSaveActionsData = array(); //Process the 'id' column first if available. if (false !== ($idColumnName = static::getIdColumnNameByMappingData($mappingData))) { $columnMappingData = $mappingData[$idColumnName]; $attributeImportRules = AttributeImportRulesFactory::makeByImportRulesTypeAndAttributeIndexOrDerivedType($importRules::getType(), $columnMappingData['attributeIndexOrDerivedType']); $valueReadyToSanitize = static::resolveValueToSanitizeByValueAndColumnType($rowBean->{$idColumnName}, $columnMappingData['type']); $attributeValueData = $attributeImportRules->resolveValueForImport($valueReadyToSanitize, $columnMappingData, $importSanitizeResultsUtil); assert('count($attributeValueData) == 0 || count($attributeValueData) == 1'); if (isset($attributeValueData['id']) && $attributeValueData['id'] != null) { $model = $modelClassName::getById($attributeValueData['id']); $makeNewModel = false; } elseif (isset($attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME]) && $attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME] != null) { $externalSystemId = $attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME]; } } if ($makeNewModel) { $model = new $modelClassName(); $model->setScenario('importModel'); } //Process the rest of the mapped colummns. ignoring owner. foreach ($mappingData as $columnName => $columnMappingData) { if ($columnMappingData['attributeIndexOrDerivedType'] != null && $columnMappingData['attributeIndexOrDerivedType'] != 'owner' && $idColumnName != $columnName) { static::sanitizeValueAndPopulateModel($rowBean, $importRules, $model, $columnName, $modelClassName, $columnMappingData, $importSanitizeResultsUtil, $afterSaveActionsData); } } //Process the owner column if present foreach ($mappingData as $columnName => $columnMappingData) { if ($columnMappingData['attributeIndexOrDerivedType'] != null && $columnMappingData['attributeIndexOrDerivedType'] == 'owner' && $idColumnName != $columnName) { static::sanitizeValueAndPopulateModel($rowBean, $importRules, $model, $columnName, $modelClassName, $columnMappingData, $importSanitizeResultsUtil, $afterSaveActionsData); } } $validated = $model->validate(); if ($validated && $importSanitizeResultsUtil->shouldSaveModel()) { $saved = $model->save(); if ($saved) { static::processAfterSaveActions($afterSaveActionsData, $model); if ($externalSystemId != null) { ExternalSystemIdUtil::updateByModel($model, $externalSystemId); } $importRowDataResultsUtil->addMessage(Zurmo::t('ImportModule', 'Record saved correctly.')); if ($makeNewModel) { if ($model instanceof SecurableItem) { try { $resolved = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); $importRowDataResultsUtil->setStatusToCreated(); if (!$resolved) { $importRowDataResultsUtil->addMessage('The record saved, but there was a problem ' . 'setting the security permissions. It will at least be viewable by the owner.'); $importRowDataResultsUtil->setStatusToError(); } } catch (AccessDeniedSecurityException $e) { $importRowDataResultsUtil->addMessage('The record saved, but you do not have permissions ' . 'to set the security the way you did. The record will only be viewable by the owner.'); $importRowDataResultsUtil->setStatusToError(); } } else { $importRowDataResultsUtil->setStatusToCreated(); } } else { $importRowDataResultsUtil->setStatusToUpdated(); } } else { $importRowDataResultsUtil->addMessage('The record failed to save. Reason unknown.'); $importRowDataResultsUtil->setStatusToError(); } } else { if (!$importSanitizeResultsUtil->shouldSaveModel()) { $importRowDataResultsUtil->addMessages($importSanitizeResultsUtil->getMessages()); } $messages = RedBeanModelErrorsToMessagesUtil::makeMessagesByModel($model); if (count($messages) > 0) { $importRowDataResultsUtil->addMessages($messages); } $importRowDataResultsUtil->setStatusToError(); } }
protected static function resolveExplicitPermissionsForEmailMessage(EmailMessage &$emailMessage, MarketingList $marketingList) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($marketingList); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailMessage, $explicitReadWriteModelPermissions); }
public function testMissionReadUnreadStatus() { $steven = User::getByUsername('steven'); $sally = User::getByUsername('sally'); $mary = User::getByUsername('mary'); $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); $mission = new Mission(); $mission->owner = $steven; $mission->description = 'My test mission description'; $mission->status = Mission::STATUS_AVAILABLE; $this->assertTrue($mission->save()); $missionId = $mission->id; $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($mission, $explicitReadWriteModelPermissions); $mission = Mission::getById($missionId); //Confirm users have mission marked as unread but not owner $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $super)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $sally)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $mary)); //Super reads the mission $this->setGetArray(array('id' => $missionId)); $this->runControllerWithNoExceptionsAndGetContent('missions/default/details'); $mission = Mission::getById($missionId); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $super)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $sally)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $mary)); //Mary marks mission as read and post a comment $this->logoutCurrentUserLoginNewUserAndGetByUsername('mary'); MissionsUtil::markUserHasReadLatest($mission, $mary); $this->setGetArray(array('relatedModelId' => $missionId, 'relatedModelClassName' => 'Mission', 'relatedModelRelationName' => 'comments', 'redirectUrl' => 'someRedirect')); $this->setPostArray(array('Comment' => array('description' => 'Mary\'s new comment'))); $this->runControllerWithRedirectExceptionAndGetContent('comments/default/inlineCreateSave'); $mission = Mission::getById($missionId); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $super)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $sally)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $mary)); //Sally reads and takes the mission $this->logoutCurrentUserLoginNewUserAndGetByUsername('sally'); $this->setGetArray(array('id' => $missionId)); $this->resetPostArray(); $this->runControllerWithNoExceptionsAndGetContent('missions/default/details'); $mission = Mission::getById($missionId); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $super)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $sally)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $mary)); $this->setGetArray(array('status' => Mission::STATUS_TAKEN, 'id' => $missionId)); $this->runControllerWithNoExceptionsAndGetContent('missions/default/ajaxChangeStatus'); //Every user other than owner and takenby are marked as read latest $mission = Mission::getById($missionId); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $super)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $sally)); $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $mary)); }
protected static function resolveEmailMessage(EmailTemplate $emailTemplate, Contact $contact = null, $htmlContent, $emailAddress = null) { // TODO: @Shoaibi: Critical: Refactor this and AutoresponderAndCampaignItemsUtil $emailMessage = new EmailMessage(); $emailMessage->subject = $emailTemplate->subject; $emailContent = new EmailMessageContent(); $emailContent->textContent = $emailTemplate->textContent; // we do not need to do : EmailTemplateSerializedDataToHtmlUtil::resolveHtmlByEmailTemplateModel($emailTemplate); // check __set of EmailTemplate. $emailContent->htmlContent = $htmlContent; $emailMessage->content = $emailContent; $emailMessage->sender = static::resolveSender(); static::resolveRecipient($emailMessage, $contact, $emailAddress); $box = EmailBox::resolveAndGetByName(EmailBox::USER_DEFAULT_NAME); $emailMessage->folder = EmailFolder::getByBoxAndType($box, EmailFolder::TYPE_DRAFT); Yii::app()->emailHelper->sendImmediately($emailMessage); $emailMessage->owner = $emailTemplate->owner; $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($emailTemplate); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailMessage, $explicitReadWriteModelPermissions); if (!$emailMessage->save()) { throw new FailedToSaveModelException("Unable to save EmailMessage"); } }
public function testResolveConversationHasManyParticipantsFromPost() { $super = Yii::app()->user->userModel; $mary = UserTestHelper::createBasicUser('mary'); $steven = User::getByUsername('steven'); $conversation = new Conversation(); $conversation->owner = Yii::app()->user->userModel; $conversation->subject = 'My test subject2'; $conversation->description = 'My test description2'; $this->assertTrue($conversation->save()); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(0, count($readWritePermitables)); //test no existing participants. Do not add owner of conversation $postData = array(); $postData['itemIds'] = $super->getClassId('Item'); ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(0, count($readWritePermitables)); $this->assertEquals(0, $conversation->conversationParticipants->count()); //test adding 2 more participants $postData = array(); $postData['itemIds'] = $super->getClassId('Item') . ',' . $steven->getClassId('Item') . ',' . $mary->getClassId('Item'); // Not Coding Standard ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(2, count($readWritePermitables)); $this->assertEquals(2, $conversation->conversationParticipants->count()); $this->assertTrue($conversation->save()); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $this->assertTrue($success); //Just making sure the readWrite count is still 2 $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(2, count($readWritePermitables)); //test removing a participant (remove steven) $postData = array(); $postData['itemIds'] = $super->getClassId('Item') . ',' . $mary->getClassId('Item'); // Not Coding Standard ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $this->assertTrue($conversation->save()); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $this->assertTrue($success); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(1, count($readWritePermitables)); $this->assertEquals(1, $conversation->conversationParticipants->count()); $this->assertEquals($mary, $conversation->conversationParticipants[0]->person); //test removing all participants. $postData = array(); $postData['itemIds'] = ''; ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $this->assertTrue($conversation->save()); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $this->assertTrue($success); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(0, count($readWritePermitables)); $this->assertEquals(0, $conversation->conversationParticipants->count()); }
public static function makeOpportunitiesByStage() { $report = new Report(); $report->setModuleClassName('OpportunitiesModule'); $report->setName('Opportunities by Stage'); $report->setType(Report::TYPE_SUMMATION); $report->setOwner(Yii::app()->user->userModel); $report->setFiltersStructure(''); $report->setCurrencyConversionType(Report::CURRENCY_CONVERSION_TYPE_BASE); $groupBy = new GroupByForReportForm('OpportunitiesModule', 'Opportunity', $report->getType()); $groupBy->attributeIndexOrDerivedType = 'stage'; $groupBy->axis = 'x'; $report->addGroupBy($groupBy); $displayAttribute = new DisplayAttributeForReportForm('OpportunitiesModule', 'Opportunity', $report->getType()); $displayAttribute->attributeIndexOrDerivedType = 'stage'; $report->addDisplayAttribute($displayAttribute); $displayAttribute = new DisplayAttributeForReportForm('OpportunitiesModule', 'Opportunity', $report->getType()); $displayAttribute->attributeIndexOrDerivedType = 'Count'; $report->addDisplayAttribute($displayAttribute); $displayAttribute = new DisplayAttributeForReportForm('OpportunitiesModule', 'Opportunity', $report->getType()); $displayAttribute->attributeIndexOrDerivedType = 'amount__Summation'; $report->addDisplayAttribute($displayAttribute); $chart = new ChartForReportForm(); $chart->type = 'Column2D'; $chart->firstSeries = 'stage'; $chart->firstRange = 'amount__Summation'; $report->setChart($chart); $savedReport = new SavedReport(); SavedReportToReportAdapter::resolveReportToSavedReport($report, $savedReport); //set explicit $saved = $savedReport->save(); assert('$saved'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($savedReport); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($savedReport, $explicitReadWriteModelPermissions); assert('$success'); $saved = $savedReport->save(); assert('$saved'); }
protected static function resolveEmailMessage($textContent, $htmlContent, Item $itemOwnerModel, Contact $contact, MarketingList $marketingList, $itemId, $itemClass) { $emailMessage = new EmailMessage(); $emailMessage->subject = $itemOwnerModel->subject; $emailContent = new EmailMessageContent(); $emailContent->textContent = $textContent; $emailContent->htmlContent = $htmlContent; $emailMessage->content = $emailContent; $emailMessage->sender = static::resolveSender($marketingList, $itemOwnerModel); static::resolveRecipient($emailMessage, $contact); static::resolveAttachments($emailMessage, $itemOwnerModel); static::resolveHeaders($emailMessage, $itemId, $itemClass, $contact->getClassId('Person')); if ($emailMessage->recipients->count() == 0) { throw new MissingRecipientsForEmailMessageException(); } $boxName = static::resolveEmailBoxName(get_class($itemOwnerModel)); $box = EmailBox::resolveAndGetByName($boxName); $emailMessage->folder = EmailFolder::getByBoxAndType($box, EmailFolder::TYPE_DRAFT); Yii::app()->emailHelper->send($emailMessage); $emailMessage->owner = $marketingList->owner; $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($marketingList); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailMessage, $explicitReadWriteModelPermissions); if (!$emailMessage->save()) { throw new FailedToSaveModelException("Unable to save EmailMessage"); } return $emailMessage; }
/** * Given a value that is either a zurmo id or an external system id, resolve that the * value is valid. The value presented can also be a 'name' value. If the name is not found as a model * in the system, then a new related model will be created using this name. * NOTE - If the related model has other required attributes that have no default values, * then there will be a problem saving this new model. This is too be resolved at some point. * If the value is not valid then an InvalidValueToSanitizeException is thrown. * @param mixed $value * @return sanitized value * @throws InvalidValueToSanitizeException * @throws NotFoundException * @throws NotSupportedException */ public function sanitizeValue($value) { assert('is_string($this->attributeName) && $this->attributeName != "id"'); if ($value == null) { return $value; } $modelClassName = $this->modelClassName; $relationModelClassName = $modelClassName::getRelationModelClassName($this->attributeName); if ($this->mappingRuleData["type"] == RelatedModelValueTypeMappingRuleForm::ZURMO_MODEL_ID) { try { if ((int) $value <= 0) { throw new NotFoundException(); } return $relationModelClassName::getById((int) $value); } catch (NotFoundException $e) { throw new InvalidValueToSanitizeException(Zurmo::t('ImportModule', 'ID specified did not match any existing records.')); } } elseif ($this->mappingRuleData["type"] == RelatedModelValueTypeMappingRuleForm::EXTERNAL_SYSTEM_ID) { try { return static::getModelByExternalSystemIdAndModelClassName($value, $relationModelClassName); } catch (NotFoundException $e) { throw new InvalidValueToSanitizeException(Zurmo::t('ImportModule', 'Other ID specified did not match any existing records.')); } } else { if (!method_exists($relationModelClassName, 'getByName')) { throw new NotSupportedException(); } try { $modelsFound = $relationModelClassName::getByName($value); if (!is_array($modelsFound)) { $modelsFound = array($modelsFound); } } catch (NotFoundException $e) { $modelsFound = array(); } if (count($modelsFound) == 0) { $newRelatedModel = new $relationModelClassName(); $newRelatedModel->name = $value; $saved = $newRelatedModel->save(); //Todo: need to handle this more gracefully. The use case where a related model is needed to be made //but there are some required attributes that do not have defaults. As a result, since those extra //defaults cannot be specified at this time, an error must be thrown. if (!$saved) { throw new InvalidValueToSanitizeException(Zurmo::t('ImportModule', 'A new related model could not be created because there are unspecified required attributes on that related model.')); } else { $this->importSanitizeResultsUtil->addRelatedModelMessage(Zurmo::t('ImportModule', '{modelLabel} saved correctly: {linkToModel}', array('{modelLabel}' => $newRelatedModel->getModelLabelByTypeAndLanguage('Singular'), '{linkToModel}' => ImportUtil::resolveLinkMessageToModel($newRelatedModel)))); if ($newRelatedModel instanceof SecurableItem && $this->explicitReadWriteModelPermissions instanceof ExplicitReadWriteModelPermissions) { $resolved = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($newRelatedModel, $this->explicitReadWriteModelPermissions); if (!$resolved) { $this->importSanitizeResultsUtil->addRelatedModelMessage('The record saved, but there was a problem ' . 'setting the security permissions. It will at least be viewable by the owner.'); } } } return $newRelatedModel; } else { return $modelsFound[0]; } } exit; }
/** * @depends testMakeBySecurableItem */ public function testResolveExplicitReadWriteModelPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $accounts = Account::getByName('aTestAccount'); $this->assertEquals(1, count($accounts)); $account = $accounts[0]; $accountId = $account->id; $group4 = Group::getByName('Group4'); $group3 = Group::getByName('Group3'); $group2 = Group::getByName('Group2'); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group3); $explicitReadWriteModelPermissions->addReadWritePermitable($group4); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); $account->forget(); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId)); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables(); $this->assertEquals(2, count($readWritePermitables)); $this->assertEquals(0, count($readOnlyPermitables)); $this->assertEquals($group2, $readWritePermitables[$group2->getClassId('Permitable')]); $this->assertEquals($group4, $readWritePermitables[$group4->getClassId('Permitable')]); //Test adding group4 again. The _read count should be the same $account = Account::getById($accountId); $sanitizedData = array(); $sanitizedData['explicitReadWriteModelPermissions'] = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $group4->id); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedData, $account); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); $this->assertEquals(array(array('G' . $group4->id, 1)), AccountReadPermissionsOptimizationBaseTest::getAccountMungeRows($account)); }
/** * Updates permitables for current model. * @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions * @return bool * @throws NotSupportedException */ protected function updatePermitables(ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions) { $this->isSaving = false; $this->resolvePermitablesToAttach($explicitReadWriteModelPermissions); $this->resolvePermitablesToDetach($explicitReadWriteModelPermissions); $permissionsUpdated = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($this, $explicitReadWriteModelPermissions); if (!$permissionsUpdated || !$this->save(false)) { throw new NotSupportedException('Unable to update permissions of model'); } }
public function testProjectSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $user = Yii::app()->user->userModel; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Project(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProjectPermissionTest', $model->name); }
public function testMarkUserHasReadLatest() { $super = User::getByUsername('super'); $steven = UserTestHelper::createBasicUser('steven'); $conversation = new Conversation(); $conversation->owner = $super; $conversation->subject = 'My test subject'; $conversation->description = 'My test description'; $this->assertTrue($conversation->save()); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $postData = array(); $postData['itemIds'] = $steven->getClassId('Item'); ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $this->assertTrue($conversation->save()); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $this->assertTrue($success); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(1, $conversation->ownerHasReadLatest); $this->assertEquals(0, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //After running for super, nothing will change. ConversationsUtil::markUserHasReadLatest($conversation, $super); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(1, $conversation->ownerHasReadLatest); $this->assertEquals(0, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //After running for steven, it will show read for him. ConversationsUtil::markUserHasReadLatest($conversation, $steven); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(1, $conversation->ownerHasReadLatest); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); $conversation->ownerHasReadLatest = false; $this->assertTrue($conversation->save()); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(0, $conversation->ownerHasReadLatest); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //Now try for Steven, nothing changes ConversationsUtil::markUserHasReadLatest($conversation, $steven); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(0, $conversation->ownerHasReadLatest); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //Now try for super, should change ConversationsUtil::markUserHasReadLatest($conversation, $super); $id = $conversation->id; $conversation->forget(); unset($conversation); $conversation = Conversation::getById($id); $this->assertEquals(1, $conversation->ownerHasReadLatest); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); }
public function actionConvertFinal($id) { assert('!empty($id)'); $accountPostData = LeadsUtil::getFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); if (empty($accountPostData)) { $urlParams = array('/leads/' . $this->getId() . '/convert', 'id' => $id); $this->redirect($urlParams); } $contact = Contact::getById(intval($id)); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } $convertToAccountSetting = LeadsModule::getConvertToAccountSetting(); $convertToOpportunitySetting = LeadsModule::getConvertToOpportunitySetting(); $opportunity = new Opportunity(); ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($contact); $userCanAccessContacts = RightsUtil::canUserAccessModule('ContactsModule', Yii::app()->user->userModel); $userCanAccessAccounts = RightsUtil::canUserAccessModule('AccountsModule', Yii::app()->user->userModel); $userCanAccessOpportunities = RightsUtil::canUserAccessModule('OpportunitiesModule', Yii::app()->user->userModel); $userCanCreateOpportunity = RightsUtil::doesUserHaveAllowByRightName('OpportunitiesModule', OpportunitiesModule::RIGHT_CREATE_OPPORTUNITIES, Yii::app()->user->userModel); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLead($userCanAccessContacts, $userCanAccessAccounts, $convertToAccountSetting); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLeadFinalStep($userCanAccessContacts, $userCanAccessOpportunities, $convertToOpportunitySetting); if (isset($_POST['Opportunity'])) { $controllerUtil = static::getZurmoControllerUtil(); $savedSuccessfully = false; $modelToStringValue = null; $postData = $_POST['Opportunity']; $opportunity = $controllerUtil->saveModelFromPost($postData, $opportunity, $savedSuccessfully, $modelToStringValue, false); if ($savedSuccessfully) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($contact); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($opportunity, $explicitReadWriteModelPermissions); $account = LeadsUtil::createAccountForLeadConversionFromAccountPostData($accountPostData, $contact, $controllerUtil); $opportunity->account = $account; if (!$opportunity->save()) { throw new NotSupportedException(); } LeadsUtil::removeFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); $this->actionSaveConvertedContact($contact, $account, $opportunity); } } elseif (isset($_POST['OpportunitySkip']) || $convertToOpportunitySetting == LeadsModule::CONVERT_NO_OPPORTUNITY || $convertToOpportunitySetting == LeadsModule::CONVERT_OPPORTUNITY_NOT_REQUIRED && !$userCanAccessOpportunities) { $controllerUtil = static::getZurmoControllerUtil(); $account = LeadsUtil::createAccountForLeadConversionFromAccountPostData($accountPostData, $contact, $controllerUtil); LeadsUtil::removeFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); $this->actionSaveConvertedContact($contact, $account, null); } $progressBarAndStepsView = new LeadConversionStepsAndProgressBarForWizardView(1); $convertView = new LeadConvertOpportunityView($this->getId(), $this->getModule()->getId(), $contact->id, strval($contact), $opportunity, $convertToOpportunitySetting, $userCanCreateOpportunity); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeTwoStandardViewsForCurrentUser($this, $progressBarAndStepsView, $convertView)); echo $view->render(); }
public function actionSave($type, $id = null, $isBeingCopied = false) { $postData = PostUtil::getData(); $savedReport = null; $report = null; $this->resolveSavedReportAndReportByPostData($postData, $savedReport, $report, $type, $id, (bool) $isBeingCopied); $reportToWizardFormAdapter = new ReportToWizardFormAdapter($report); $model = $reportToWizardFormAdapter->makeFormByType(); if (isset($postData['ajax']) && $postData['ajax'] === 'edit-form') { $errorData = ReportUtil::validateReportWizardForm($postData, $model); echo CJSON::encode($errorData); Yii::app()->end(0, false); } $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($postData[get_class($model)], $savedReport); SavedReportToReportAdapter::resolveReportToSavedReport($report, $savedReport); if ($savedReport->id > 0) { ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedReport->moduleClassName); } ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($savedReport); if ($savedReport->save()) { StickyReportUtil::clearDataByKey($savedReport->id); if ($explicitReadWriteModelPermissions != null) { ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($savedReport, $explicitReadWriteModelPermissions); } //i can do a safety check on perms, then do flash here, on the jscript we can go to list instead and this should come up... //make sure you add to list of things to test. $redirectToList = $this->resolveAfterSaveHasPermissionsProblem($savedReport, $postData[get_class($model)]['name']); echo CJSON::encode(array('id' => $savedReport->id, 'redirectToList' => $redirectToList)); Yii::app()->end(0, false); } else { throw new FailedToSaveModelException(); } }
/** * Given a row of data, resolve each value of the row for import and either create or update an existing model. * @param object $importRules * @param array $rowData * @param array $mappingData * @param object $importRowDataResultsUtil */ public static function importByImportRulesRowData(ImportRules $importRules, $rowBean, $mappingData, ImportRowDataResultsUtil $importRowDataResultsUtil, ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions) { assert('$rowBean instanceof RedBean_OODBBean'); assert('is_array($mappingData)'); $makeNewModel = true; $modelClassName = $importRules->getModelClassName(); $externalSystemId = null; $importSanitizeResultsUtil = new ImportSanitizeResultsUtil(); $afterSaveActionsData = array(); $attributeValueData = array(); $skippedColumns = array(); $model = new $modelClassName(); $model->setScenario('importModel'); //Process the 'id' column first if available. if (false !== ($idColumnName = static::getMappedColumnNameByMappingData('id', $mappingData))) { $columnMappingData = $mappingData[$idColumnName]; $attributeValueData = static::getAttributeValueData($importRules, $idColumnName, $columnMappingData, $rowBean, $importSanitizeResultsUtil); assert('count($attributeValueData) == 0 || count($attributeValueData) == 1'); if (isset($attributeValueData['id']) && $attributeValueData['id'] != null) { $model = $modelClassName::getById($attributeValueData['id']); } elseif (isset($attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME]) && $attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME] != null) { $externalSystemId = $attributeValueData[ExternalSystemIdUtil::EXTERNAL_SYSTEM_ID_COLUMN_NAME]; } $skippedColumns[] = $idColumnName; } //Dedupe fields processing if (static::processDedupeAttributesToCheckForSkipIfRequired($importRules, $model, $mappingData, $rowBean, $importRowDataResultsUtil, $importSanitizeResultsUtil, $skippedColumns) !== true) { if (null != ($matchedModel = $importSanitizeResultsUtil->getMatchedModel())) { $model = $matchedModel; $makeNewModel = false; } //Process the dedupe fields foreach ($importRules->getDedupeAttributes() as $dedupeField) { $sourceColumnName = static::getMappedColumnNameByMappingData($dedupeField, $mappingData); if (false !== $sourceColumnName) { $columnMappingData = $mappingData[$sourceColumnName]; static::processImportInformationForAttributeDataAndPopulateModel($importRules, $sourceColumnName, $columnMappingData, $rowBean, $importSanitizeResultsUtil, $model, $afterSaveActionsData); } } } else { //as the row should be skipped return; } //Process the rest of the mapped colummns. ignoring owner. foreach ($mappingData as $columnName => $columnMappingData) { if ($columnMappingData['attributeIndexOrDerivedType'] != null && $columnMappingData['attributeIndexOrDerivedType'] != 'owner' && in_array($columnName, $skippedColumns) === false) { static::processImportInformationForAttributeDataAndPopulateModel($importRules, $columnName, $columnMappingData, $rowBean, $importSanitizeResultsUtil, $model, $afterSaveActionsData); } } //Process the owner column if present foreach ($mappingData as $columnName => $columnMappingData) { if ($columnMappingData['attributeIndexOrDerivedType'] != null && $columnMappingData['attributeIndexOrDerivedType'] == 'owner' && in_array($columnName, $skippedColumns) === false) { static::processImportInformationForAttributeDataAndPopulateModel($importRules, $columnName, $columnMappingData, $rowBean, $importSanitizeResultsUtil, $model, $afterSaveActionsData); } } $validated = $model->validate(); if ($validated && $importSanitizeResultsUtil->shouldSaveModel()) { $saved = $model->save(); if ($saved) { static::processAfterSaveActions($afterSaveActionsData, $model); if ($externalSystemId != null) { ExternalSystemIdUtil::updateByModel($model, $externalSystemId); } $importRowDataResultsUtil->addMessage(Zurmo::t('ImportModule', '{modelLabel} saved correctly: {linkToModel}', array('{modelLabel}' => $model->getModelLabelByTypeAndLanguage('Singular'), '{linkToModel}' => static::resolveLinkMessageToModel($model)))); $importRowDataResultsUtil->addMessages($importSanitizeResultsUtil->getRelatedModelMessages()); if ($makeNewModel) { if ($model instanceof SecurableItem) { $model->setScenario('doNotSetModifiedDateTimeOrUser'); try { $resolved = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); $importRowDataResultsUtil->setStatusToCreated(); if (!$resolved) { $importRowDataResultsUtil->addMessage('The record saved, but there was a problem ' . 'setting the security permissions. It will at least be viewable by the owner.'); $importRowDataResultsUtil->setStatusToError(); } } catch (AccessDeniedSecurityException $e) { $importRowDataResultsUtil->addMessage('The record saved, but you do not have permissions ' . 'to set the security the way you did. The record will only be viewable by the owner.'); $importRowDataResultsUtil->setStatusToError(); } $model->setScenario('importModel'); } else { $importRowDataResultsUtil->setStatusToCreated(); } } else { $importRowDataResultsUtil->setStatusToUpdated(); } } else { $importRowDataResultsUtil->addMessage('The record failed to save. Reason unknown.'); $importRowDataResultsUtil->setStatusToError(); } } else { if (!$importSanitizeResultsUtil->shouldSaveModel()) { $importRowDataResultsUtil->addMessages($importSanitizeResultsUtil->getMessages()); } $messages = RedBeanModelErrorsToMessagesUtil::makeMessagesByModel($model); if (count($messages) > 0) { $importRowDataResultsUtil->addMessages($messages); } $importRowDataResultsUtil->setStatusToError(); } }
/** * Utilized to create or update model attribute values after a workflow's triggers are fired as true. * Currently only works with creating new and creating new related models. Not designed to support updating * existing models. * @param WorkflowActionProcessingModelAdapter $adapter * @param $attribute * @throws FailedToResolveExplicitReadWriteModelPermissionsException * @throws NotSupportedException */ public function resolveValueAndSetToModel(WorkflowActionProcessingModelAdapter $adapter, $attribute) { assert('is_string($attribute)'); if ($adapter->getModel()->id < 0) { throw new NotSupportedException(); } if ($this->type == self::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL) { $triggeredModel = $adapter->getTriggeredModel(); if (null == ($explicitReadWriteModelPermissions = $triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow())) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getTriggeredModel()); } } elseif ($this->type == self::TYPE_DYNAMIC_OWNER) { //Do nothing, by default this will take. return; } elseif ($this->type == self::TYPE_DYNAMIC_EVERYONE_GROUP) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel()); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); } else { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel()); try { $group = Group::getById((int) $this->type); $explicitReadWriteModelPermissions->addReadWritePermitable($group); } catch (NotFoundException $e) { //todo: handle exception better return; } } $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($adapter->getModel(), $explicitReadWriteModelPermissions); if (!$success) { throw new FailedToResolveExplicitReadWriteModelPermissionsException(); } }
protected function resolveAndSendEmailMessageByPostSourceDataAndUserOrContact(array $emailData, Item $userOrContact) { $invalidTags = array(); $emailMessage = new EmailMessage(); $emailMessage->subject = $emailData['subject']; $emailMessage->folder = $emailData['folder']; $emailMessage->owner = $emailData['owner']; $emailMessage->sender = $emailData['sender']; MergeTagsContentResolverUtil::resolveContentsForGlobalFooterAndMergeTagsAndTracking($emailData['content']['textContent'], $emailData['content']['htmlContent'], $userOrContact, intval($emailData['type']), static::ERROR_ON_FIRST_MISSING_MERGE_TAG, $emailData['language'], $invalidTags, $emailData['marketingListId'], static::PREVIEW_MODE, static::ADD_GLOBAL_FOOTER_DEFAULT, (bool) $emailData['enableTracking'], 0, 'CampaignItem', 0); // sending these three just in the case where enableTracking is true $emailContent = new EmailMessageContent(); $emailContent->textContent = $emailData['content']['textContent']; if ($emailData['supportsRichText']) { $emailContent->htmlContent = $emailData['content']['htmlContent']; } $emailMessage->content = $emailContent; $emailMessage->recipients->add($emailData['recipient']); $this->resolveAttachmentsForEmailMessage($emailMessage, $emailData['attachments']); Yii::app()->emailHelper->sendImmediately($emailMessage); if ($emailMessage->save()) { if ($emailData['permissions']) { ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailMessage, $emailData['permissions']); } } else { throw new FailedToSaveModelException("Unable to save EmailMessage"); } }
public static function createAccountForLeadConversionFromAccountPostData($accountPostData, $contact, $controllerUtil) { if (isset($accountPostData['AccountSkip']) && $accountPostData['AccountSkip'] == true) { return null; } elseif (isset($accountPostData['SelectAccount']) && $accountPostData['SelectAccount'] == true) { $account = Account::getById(intval($accountPostData['accountId'])); return $account; } elseif (isset($accountPostData['CreateAccount']) && $accountPostData['CreateAccount'] == true) { unset($accountPostData['CreateAccount']); $account = new Account(); $account = LeadsUtil::attributesToAccountWithNoPostData($contact, $account, $accountPostData); $account = Yii::app()->custom->resolveLeadToAccountCustomAttributesWithNoPostData($contact, $account, $accountPostData); $savedSuccessfully = false; $modelToStringValue = null; $account = $controllerUtil->saveModelFromPost($accountPostData, $account, $savedSuccessfully, $modelToStringValue, false); if (!$account->getErrors()) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($contact); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); if (!$account->save()) { throw new NotSupportedException(); } return $account; } } }
public function actionUpdateParticipants($id) { $postData = PostUtil::getData(); if (isset($postData['ConversationParticipantsForm'])) { $conversation = Conversation::getById((int) $id); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $currentUserWasParticipant = ConversationParticipantsUtil::isUserAParticipant($conversation, Yii::app()->user->userModel); $peopleAdded = ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData['ConversationParticipantsForm'], $explicitReadWriteModelPermissions); ConversationParticipantsUtil::resolveEmailInvitesByPeople($conversation, $peopleAdded); $saved = $conversation->save(); if ($saved) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $currentUserIsParticipant = ConversationParticipantsUtil::isCurrentUserAParticipant($conversation); if ($currentUserWasParticipant && !$currentUserIsParticipant) { echo 'redirectToList'; } } else { throw new FailedToSaveModelException(); } } }
/** * @depends testMakeBySecurableItem */ public function testResolveExplicitReadWriteModelPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $accounts = Account::getByName('aTestAccount'); $this->assertEquals(1, count($accounts)); $account = $accounts[0]; $accountId = $account->id; $group4 = Group::getByName('Group4'); $group3 = Group::getByName('Group3'); $group2 = Group::getByName('Group2'); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group3); $explicitReadWriteModelPermissions->addReadWritePermitable($group4); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); $account->forget(); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId)); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables(); $this->assertEquals(2, count($readWritePermitables)); $this->assertEquals(0, count($readOnlyPermitables)); $this->assertEquals($group2, $readWritePermitables[$group2->id]); $this->assertEquals($group4, $readWritePermitables[$group4->id]); }
/** * Before fixing this issue: https://www.pivotaltracker.com/story/show/58051244 * this test fails. After fixing it, it passes. */ public function testPermissionsResolveValueAndSetToModelUpdateWhenExplicitPermissionsNotSetImmediately() { //Setup a triggered model that has Sarah creating and owning it. $super = Yii::app()->user->userModel; Yii::app()->user->userModel = User::getByUsername('sarah'); $triggeredModel = new WorkflowModelTestItem(); $triggeredModel->lastName = 'test'; $triggeredModel->string = 'test'; $saved = $triggeredModel->save(); $this->assertTrue($saved); Yii::app()->user->userModel = $super; //Now the super is who modified it $triggeredModel->string = 'test2'; $saved = $triggeredModel->save(); $this->assertTrue($saved); //Test same as triggered where triggered is not owner $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($triggeredModel); $explicitReadWriteModelPermissions->addReadWritePermitable(self::$groupTest); $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $triggeredModel->setExplicitReadWriteModelPermissionsForWorkflow($explicitReadWriteModelPermissions); $this->assertTrue($triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow() instanceof ExplicitReadWriteModelPermissions); $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); //Now after setting, officially set the permissions on the model and save. $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($triggeredModel, $explicitReadWriteModelPermissions); $this->assertTrue($success); //Now check that the permissions match up $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertTrue(isset($readWritePermitables[self::$groupTest->getClassId('Permitable')])); //Test clearing out the ExplicitReadWriteModelPermissionsForWorkflow $this->assertTrue($triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow() instanceof ExplicitReadWriteModelPermissions); $triggeredModel->clearExplicitReadWriteModelPermissionsForWorkflow(); $this->assertTrue($triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow() == null); }
/** * @depends testResolveConversationParticipantsForExplicitModelPermissions */ public function testGetUnreadConversationCount() { $super = User::getByUsername('super'); $mary = User::getByUsername('mary'); $count = Conversation::getUnreadCountByUser($super); $account2 = AccountTestHelper::createAccountByNameForOwner('anAccount2', $super); $conversation = new Conversation(); $conversation->owner = $super; $conversation->subject = 'My test subject2'; $conversation->description = 'My test description2'; $conversation->conversationItems->add($account2); $this->assertTrue($conversation->save()); //when super adds a comment, it should remain same count $comment = new Comment(); $comment->description = 'This is my first comment'; $conversation->comments->add($comment); $this->assertTrue($conversation->save()); $count = Conversation::getUnreadCountByUser($super); $this->assertEquals(1, $count); //Add mary as a participant $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation); $postData = array(); $postData['itemIds'] = $super->getClassId('Item') . ',' . $mary->getClassId('Item'); // Not Coding Standard ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData, $explicitReadWriteModelPermissions); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions); $this->assertTrue($success); $conversation->save(); //when mary adds a comment, super's count should go up (assumming count was previously 0) Yii::app()->user->userModel = $mary; $comment = new Comment(); $comment->description = 'This is mary\'s first comment'; $conversation->comments->add($comment); $this->assertTrue($conversation->save()); Yii::app()->user->userModel = $super; $count = Conversation::getUnreadCountByUser($super); $this->assertEquals(2, $count); }
public function testPermissionsResolveValueAndSetToModelUpdateAsDynamicCreatedByUser() { //Setup a triggered model that has Sarah creating and owning it. $super = Yii::app()->user->userModel; Yii::app()->user->userModel = User::getByUsername('sarah'); $triggeredModel = new WorkflowModelTestItem(); $triggeredModel->lastName = 'test'; $triggeredModel->string = 'test'; $saved = $triggeredModel->save(); $this->assertTrue($saved); Yii::app()->user->userModel = $super; //Now the super is who modified it $triggeredModel->string = 'test2'; $saved = $triggeredModel->save(); $this->assertTrue($saved); //Test same as triggered where triggered is owner $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(0, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); //Test same as triggered where triggered is not owner $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($triggeredModel); $explicitReadWriteModelPermissions->addReadWritePermitable(self::$groupTest); $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($triggeredModel, $explicitReadWriteModelPermissions); $this->assertTrue($success); $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertTrue(isset($readWritePermitables[self::$groupTest->id])); //Test same as owner $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm::TYPE_DYNAMIC_OWNER; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(0, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); //Test everyone group $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm::TYPE_DYNAMIC_EVERYONE_GROUP; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $this->assertTrue(isset($readWritePermitables[$everyoneGroup->id])); //Test a specific group $form = new ExplicitReadWriteModelPermissionsWorkflowActionAttributeForm('WorkflowsTestModule', 'WorkflowModelTestItem'); $form->type = self::$groupTest->id; $model = new WorkflowModelTestItem(); $model->lastName = 'test'; $model->string = 'test'; $saved = $model->save(); $this->assertTrue($saved); $adapter = new WorkflowActionProcessingModelAdapter($model, Yii::app()->user->userModel, $triggeredModel); $form->resolveValueAndSetToModel($adapter, 'permissions'); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($model); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertTrue(isset($readWritePermitables[self::$groupTest->id])); }
public function testProductSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $contacts = Contact::getAll(); $accounts = Account::getByName('superAccount'); $opportunities = Opportunity::getByName('superOpportunity'); $productTemplates = ProductTemplate::getByName('superProductTemplate'); $account = $accounts[0]; $user = $account->owner; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $currencyHelper = Yii::app()->currencyHelper; $currencyCode = $currencyHelper->getBaseCode(); $currency = Currency::getByCode($currencyCode); $postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Product(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProductPermissionTest', $model->name); }
public function actionConvert($id) { assert('!empty($id)'); $contact = Contact::getById(intval($id)); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } $convertToAccountSetting = LeadsModule::getConvertToAccountSetting(); $selectAccountForm = new AccountSelectForm(); $account = new Account(); ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($contact); $userCanAccessContacts = RightsUtil::canUserAccessModule('ContactsModule', Yii::app()->user->userModel); $userCanAccessAccounts = RightsUtil::canUserAccessModule('AccountsModule', Yii::app()->user->userModel); $userCanCreateAccount = RightsUtil::doesUserHaveAllowByRightName('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS, Yii::app()->user->userModel); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLead($userCanAccessContacts, $userCanAccessAccounts, $convertToAccountSetting); if (isset($_POST['AccountSelectForm'])) { $selectAccountForm->setAttributes($_POST['AccountSelectForm']); if ($selectAccountForm->validate()) { $account = Account::getById(intval($selectAccountForm->accountId)); $this->actionSaveConvertedContact($contact, $account); } } elseif (isset($_POST['Account'])) { $account = LeadsUtil::attributesToAccountWithNoPostData($contact, $account, $_POST['Account']); $account->setAttributes($_POST['Account']); if ($account->save()) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($contact); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); if (!$account->save()) { throw new NotSupportedException(); } $this->actionSaveConvertedContact($contact, $account); } } elseif (isset($_POST['AccountSkip']) || $convertToAccountSetting == LeadsModule::CONVERT_NO_ACCOUNT || $convertToAccountSetting == LeadsModule::CONVERT_ACCOUNT_NOT_REQUIRED && !$userCanAccessAccounts) { $this->actionSaveConvertedContact($contact); } else { $account = LeadsUtil::attributesToAccount($contact, $account); } $convertView = new LeadConvertView($this->getId(), $this->getModule()->getId(), $contact->id, strval($contact), $selectAccountForm, $account, $convertToAccountSetting, $userCanCreateAccount); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $convertView)); echo $view->render(); }