public function testCaching()
{
$timer = new TimerUtil();
TestingAuxLib::suLogin('testuser');
Yii::app()->authCache->clear();
$this->assertEquals(0, count(Yii::app()->authCache->loadAuthCache(2)));
$contact = $this->contacts('testUser');
$expectedCacheValue = array('ContactsUpdateAccess' => array());
// add cache entry
Yii::app()->authManager->checkAccess('ContactsUpdateAccess', 2, array('X2Model' => $contact));
$expectedCacheValue['ContactsUpdateAccess'][json_encode(array('modelType' => get_class($contact), 'assignedTo' => $contact->assignedTo))] = '1';
$this->assertEquals($expectedCacheValue, Yii::app()->authCache->loadAuthCache(2));
// ensure cache hit
Yii::app()->authManager->checkAccess('ContactsUpdateAccess', 2, array('X2Model' => $contact));
$this->assertEquals($expectedCacheValue, Yii::app()->authCache->loadAuthCache(2));
// no cache entries for non-scalar params
Yii::app()->authManager->checkAccess('ContactsUpdateAccess', 2, array('model' => $contact));
$this->assertEquals($expectedCacheValue, Yii::app()->authCache->loadAuthCache(2));
// add cache entries for scalar params
$timer->start();
Yii::app()->authManager->checkAccess('ContactsUpdateAccess', 2, array('scalar' => ''));
$expectedCacheValue['ContactsUpdateAccess'][json_encode(array('scalar' => ''))] = '1';
$this->assertEquals($expectedCacheValue, Yii::app()->authCache->loadAuthCache(2));
$timeA = $timer->stop()->getTime();
// ensure cache hit
$timer->start();
Yii::app()->authManager->checkAccess('ContactsUpdateAccess', 2, array('scalar' => ''));
$this->assertEquals($expectedCacheValue, Yii::app()->authCache->loadAuthCache(2));
$timeB = $timer->stop()->getTime();
$this->assertLessThan($timeA, $timeB);
}
/**
* Test new list + add to list super mass actions
*/
public function testSuperExecute()
{
X2List::model()->deleteAllByAttributes(array('name' => 'test'));
$_SESSION = array();
$newList = new NewListFromSelection();
$addToList = new MassAddToList();
TestingAuxLib::suLogin('admin');
Yii::app()->user;
// initializes $_SESSION superglobal
Yii::app()->controller = new ContactsController('contacts', new ContactsModule('contacts', null));
$idChecksum = SmartActiveDataProvider::calculateChecksumFromIds(Yii::app()->db->createCommand("\n SELECT id\n FROM x2_contacts\n ORDER BY lastUpdated DESC, id DESC\n ")->queryColumn());
// perform super mass actions in batches, ensuring that after each batch, the id queue
// in the session matches the remaining records to be updated. Call the new list from
// selection mass action on the first batch and the mass add to list on all subsequent
// batches to simulate behavior of grid view
$_POST['modelType'] = 'Contacts';
$_POST['listName'] = 'test';
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['SERVER_NAME'] = 'localhost';
$updated = 0;
$uid = null;
$listId = null;
while (true) {
ob_start();
if (!isset($listId)) {
$newList->superExecute($uid, 24, $idChecksum);
} else {
$_POST['listId'] = $listId;
$addToList->superExecute($uid, 24, $idChecksum);
}
$retVal = CJSON::decode(ob_get_contents());
ob_clean();
$this->assertTrue(!isset($retVal['errorCode']));
$uid = $retVal['uid'];
if (isset($retVal['listId'])) {
$listId = $retVal['listId'];
}
// get ids of contacts not in new list
$remainingIds = Yii::app()->db->createCommand('
SELECT t.id
FROM x2_contacts AS t
WHERE t.id NOT IN (
SELECT contactId
FROM x2_list_items AS t2
JOIN x2_lists AS t3 ON t3.id = t2.listId
WHERE t.id = t2.contactId AND t3.name="test"
)
')->queryColumn();
if (isset($retVal['complete'])) {
$this->assertEquals(0, count($remainingIds));
$this->assertTrue(!isset($_SESSION[MassAction::SESSION_KEY_PREFIX . $uid]));
break;
} else {
$storedIds = $_SESSION[MassAction::SESSION_KEY_PREFIX . $uid];
sort($storedIds);
$this->assertEquals($remainingIds, $storedIds);
}
}
}
public function testDocsPermissions()
{
$auth = TestingAuxLib::loadAuthManagerMock();
TestingAuxLib::loadX2NonWebUser();
// user has docs update access
$user = $this->users('testUser');
$auth->setAccess('AdminIndex', $user->id, array(), false);
TestingAuxLib::suLogin('testuser');
$auth->setAccess('DocsAdmin', $user->id, array(), false);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
// can't be edited since edit permissions list is empty
$doc = $this->docs('0');
$this->assertFalse((bool) $doc->checkEditPermissions());
// "testuser" is in the edit permissions list
$doc = $this->docs('1');
$this->assertTrue((bool) $doc->checkEditPermissions());
$doc = $this->docs('3');
$this->assertTrue((bool) $doc->checkEditPermissions());
// testuser created the the doc
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user has docs private update access
$auth->clearCache();
$auth->setAccess('AdminIndex', $user->id, array(), false);
$auth->setAccess('DocsAdmin', $user->id, array(), false);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
$auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
// can't be edited since edit permissions list is empty
$doc = $this->docs('0');
$this->assertFalse((bool) $doc->checkEditPermissions());
// "testuser" is in the edit permissions list but since testuser only has private update
// access, doc cannot be edited
$doc = $this->docs('1');
$this->assertFalse((bool) $doc->checkEditPermissions());
$doc = $this->docs('3');
$this->assertFalse((bool) $doc->checkEditPermissions());
// testuser created the the doc, so they can edit it
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user has docs admin access
$auth->clearCache();
$auth->setAccess('AdminIndex', $user->id, array(), false);
$auth->setAccess('DocsAdmin', $user->id, array(), true);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
$auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
// user is docs admin
$doc = $this->docs('0');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user is docs admin
$doc = $this->docs('1');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user is docs admin
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
TestingAuxLib::restoreX2WebUser();
TestingAuxLib::restoreX2AuthManager();
}
/**
* Ensure that list of viewable calendars correctly reflects calendar permissions records
*/
public function testGetViewableUserCalendarNames()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('admin');
$viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames());
$this->assertEquals(array_merge(array('Anyone'), Yii::app()->db->createCommand("\n SELECT username\n FROM x2_users\n ")->queryColumn()), ArrayUtil::sort($viewable));
$user = $this->users('testUser');
TestingAuxLib::suLogin('testuser');
$viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames());
$grantedUsers = array_unique(array_merge(array('Anyone', 'testuser'), Yii::app()->db->createCommand("\n /**\n * get names of users who have granted view permission to testuser and names of\n * users who have not set up calendar permissions\n */\n SELECT distinct(username)\n FROM x2_users as t, x2_calendar_permissions\n WHERE other_user_id=:userId OR t.id NOT in (\n SELECT distinct(user_id)\n FROM x2_calendar_permissions\n )\n ")->queryColumn(array(':userId' => $user->id))));
$this->assertEquals(ArrayUtil::sort($grantedUsers), ArrayUtil::sort($viewable));
TestingAuxLib::restoreX2WebUser();
}
/**
* Super mass update firstName and lastName for fixture records
*/
public function testSuperExecute()
{
X2List::model()->deleteAllByAttributes(array('name' => 'test'));
$_SESSION = array();
$newList = new NewListFromSelection();
TestingAuxLib::suLogin('admin');
Yii::app()->user;
// initializes $_SESSION superglobal
Yii::app()->controller = new ContactsController('contacts', new ContactsModule('contacts', null));
// perform super mass actions in batches, ensuring that after each batch, the id queue
// in the session matches the remaining records to be updated
$_POST['modelType'] = 'Contacts';
$_POST['listName'] = 'test';
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['SERVER_NAME'] = 'localhost';
$idChecksum = SmartActiveDataProvider::calculateChecksumFromIds(Yii::app()->db->createCommand("\n SELECT id\n FROM x2_contacts\n ORDER BY lastUpdated DESC, id DESC\n ")->queryColumn());
$updated = 0;
$uid = null;
while (true) {
$this->obStart();
$newList->superExecute($uid, 24, $idChecksum);
$retVal = CJSON::decode(ob_get_contents());
$this->obEndClean();
$this->assertTrue(!isset($retVal['errorCode']));
$uid = $retVal['uid'];
// get ids of contacts not in new list
$remainingIds = Yii::app()->db->createCommand('
SELECT t.id
FROM x2_contacts AS t
WHERE t.id NOT IN (
SELECT contactId
FROM x2_list_items AS t2
JOIN x2_lists AS t3 ON t3.id = t2.listId
WHERE t.id = t2.contactId AND t3.name="test"
)
')->queryColumn();
$storedIds = $_SESSION[MassAction::SESSION_KEY_PREFIX . $uid];
sort($storedIds);
$this->assertEquals($remainingIds, $storedIds);
// new list from selection mass action should only ever get run on the first batch.
// subsequent batches get added to the list (mass action swapping is handled
// client-side)
break;
}
}
/**
* Call render at least once for each field type
*/
public function testRender()
{
Yii::app()->cache->flush();
TestingAuxLib::suLogin('admin');
$contact = Contacts::model()->findByPk(12345);
$fieldTypes = Fields::getFieldTypes();
foreach ($fieldTypes as $type => $info) {
$fieldsOfType = $contact->getFields(false, function ($field) use($type) {
return strtolower($field->type) === strtolower($type);
});
VERBOSE_MODE && println('type=' . $type);
$this->assertTrue(count($fieldsOfType) > 0);
foreach ($fieldsOfType as $field) {
$contact->formatter->renderAttribute($field->fieldName, true, true, true);
}
}
}
public function testGetVisibleRelatedX2Models()
{
TestingAuxLib::loadControllerMock();
TestingAuxLib::suLogin('testUser2');
$contact = $this->contact('testAnyone');
$otherContact = $this->contact('testUser');
$this->assertFalse($contact->relationships->hasRelationship($otherContact));
$contact->relationships->createRelationship($otherContact);
$this->assertTrue($contact->relationships->hasRelationship($otherContact));
$visibleRelatedModels = $contact->relationships->getVisibleRelatedX2Models(true);
$this->assertEquals(1, count($visibleRelatedModels));
$this->assertInstanceOf(get_class($otherContact), $visibleRelatedModels[0]);
$this->assertEquals($otherContact->id, $visibleRelatedModels[0]->id);
$otherContact->visibility = 0;
$otherContact->assignedTo = 'test';
$this->assertSaves($otherContact);
Yii::app()->params->isAdmin = false;
$visibleRelatedModels = $contact->relationships->getVisibleRelatedX2Models();
$this->assertEquals(1, count($visibleRelatedModels));
$this->assertInstanceOf(get_class($otherContact), $visibleRelatedModels[0]);
$this->assertEquals($otherContact->id, $visibleRelatedModels[0]->id);
$this->assertEmpty($contact->relationships->getVisibleRelatedX2Models(true));
}
/**
* TODO: Remove hardcoded references to events in the fixture.
*/
public function testCheckPermissions()
{
TestingAuxLib::loadX2NonWebUser();
$event1 = $this->event(0);
// Admin can do anything
TestingAuxLib::suLogin('admin');
$this->assertTrue($event1->checkPermissions('view', true));
$this->assertTrue($event1->checkPermissions('edit', true));
$this->assertTrue($event1->checkPermissions('delete', true));
// Private and no shared group means testuser can't do anything
TestingAuxLib::suLogin('testuser');
$this->assertFalse($event1->checkPermissions('view', true));
$this->assertFalse($event1->checkPermissions('edit', true));
$this->assertFalse($event1->checkPermissions('delete', true));
// Associated with testuser2, so they can view and delete but not edit
TestingAuxLib::suLogin('testuser2');
$this->assertTrue($event1->checkPermissions('view', true));
$this->assertFalse($event1->checkPermissions('edit', true));
$this->assertTrue($event1->checkPermissions('delete', true));
// Created by testuser3, so they can do anything
TestingAuxLib::suLogin('testuser3');
$this->assertTrue($event1->checkPermissions('view', true));
$this->assertTrue($event1->checkPermissions('edit', true));
$this->assertTrue($event1->checkPermissions('delete', true));
$event2 = $this->event(6);
// Admin can do anything
TestingAuxLib::suLogin('admin');
$this->assertTrue($event2->checkPermissions('view', true));
$this->assertTrue($event2->checkPermissions('edit', true));
$this->assertTrue($event2->checkPermissions('delete', true));
// Public posts are visible but not editable or deletable by regular users
TestingAuxLib::suLogin('testuser');
$this->assertTrue($event2->checkPermissions('view', true));
$this->assertFalse($event2->checkPermissions('edit', true));
$this->assertFalse($event2->checkPermissions('delete', true));
// Public posts are visible but not editable or deletable by regular users
TestingAuxLib::suLogin('testuser2');
$this->assertTrue($event2->checkPermissions('view', true));
$this->assertFalse($event2->checkPermissions('edit', true));
$this->assertFalse($event2->checkPermissions('delete', true));
$event3 = $this->event(7);
// Admin can do anything
TestingAuxLib::suLogin('admin');
$this->assertTrue($event3->checkPermissions('view', true));
$this->assertTrue($event3->checkPermissions('edit', true));
$this->assertTrue($event3->checkPermissions('delete', true));
// Non-social post is visible to user it's assigned to but they can't edit or delete
TestingAuxLib::suLogin('testuser');
$this->assertTrue($event3->checkPermissions('view', true));
$this->assertFalse($event3->checkPermissions('edit', true));
$this->assertFalse($event3->checkPermissions('delete', true));
// Private, so testuser3 can't do anything
TestingAuxLib::suLogin('testuser3');
$this->assertFalse($event3->checkPermissions('view', true));
$this->assertFalse($event3->checkPermissions('edit', true));
$this->assertFalse($event3->checkPermissions('delete', true));
}
/**
* Attempts to ensure that isVisibleTo and getAccessCriteria check the same permissions
*/
public function testPermissionsCheckEquivalence()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('testuser2');
$allEvents = Events::model()->findAll();
$that = $this;
$checkEquivalence = function ($events) use($allEvents, $that) {
$ids = array_map(function ($event) {
return $event->id;
}, $events);
$that->assertTrue(count($events) > 1);
foreach ($events as $event) {
$that->assertTrue($event->isVisibleTo(Yii::app()->params->profile->user));
}
$found = false;
foreach ($allEvents as $event) {
if (!in_array($event->id, $ids)) {
$found = true;
$that->assertFalse($event->isVisibleTo(Yii::app()->params->profile->user));
}
}
$that->assertTrue($found);
};
Yii::app()->settings->historyPrivacy = null;
$accessCriteria = Events::model()->getAccessCriteria();
$events = Events::model()->findAll($accessCriteria);
$checkEquivalence($events);
Yii::app()->settings->historyPrivacy = 'group';
$accessCriteria = Events::model()->getAccessCriteria();
$events = Events::model()->findAll($accessCriteria);
$checkEquivalence($events);
Yii::app()->settings->historyPrivacy = 'user';
$accessCriteria = Events::model()->getAccessCriteria();
$events = Events::model()->findAll($accessCriteria);
$checkEquivalence($events);
}
/**
* Tests a method in WorkflowController which belongs in the Workflow model class
*/
public function testGetStageMemberDataProvider()
{
$workflow = $this->workflows('workflow2');
$workflowStatus = Workflow::getWorkflowStatus($workflow->id);
$this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 1);
$this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4);
// make record invisible
$action = Actions::model()->findByAttributes(array('workflowId' => $workflow->id, 'complete' => 'No', 'stageNumber' => 8));
$record = X2Model::getModelOfTypeWithId($action->associationType, $action->associationId);
$record->visibility = 0;
$record->assignedTo = 'admin';
$this->assertSaves($record);
$counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4);
$this->assertEquals(1, $counts[3]);
TestingAuxLib::suLogin('testuser');
$counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4);
$this->assertEquals(0, $counts[3]);
$record->assignedTo = 'testuser';
$this->assertSaves($record);
$counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4);
$this->assertEquals(1, $counts[3]);
}
public function testChangeCompleteState()
{
TestingAuxLib::suLogin('admin');
VERBOSE_MODE && (print Yii::app()->user->name . "\n");
VERBOSE_MODE && (print (int) Yii::app()->params->isAdmin);
VERBOSE_MODE && (print "\n");
$action = $this->actions('action6');
$completedNum = Actions::changeCompleteState('complete', array($action->id));
$this->assertEquals(1, $completedNum);
$action = Actions::model()->findByPk($action->id);
VERBOSE_MODE && (print $action->complete . "\n");
$this->assertTrue($action->complete === 'Yes');
Actions::changeCompleteState('uncomplete', array($action->id));
$action = Actions::model()->findByPk($action->id);
$this->assertTrue($action->complete === 'No');
}
/**
* Test visibility and access criteria for each access level
*/
public function testReadAccessLevels()
{
$auth = TestingAuxLib::loadAuthManagerMock();
$user = $this->users('user2');
$contactGroupmate = $this->contacts('contactGroupmate');
$contactGroup = $this->contacts('contactGroup');
$contactAnyone = $this->contacts('contactAnyone');
$contactUserPrivate = $this->contacts('contactUserPrivate');
$contactOtherPrivate = $this->contacts('contactOtherPrivate');
$contactInvisible = $this->contacts('contactInvisible');
// private read only access
$auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), false);
$auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), true);
TestingAuxLib::suLogin('testUser2');
$accessLevel = Contacts::model()->getAccessLevel();
$this->assertEquals(X2PermissionsBehavior::QUERY_SELF, $accessLevel);
$contactGroup->asa('permissions')->clearCache();
$this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
$contactGroupmate->asa('permissions')->clearCache();
$this->assertFalse($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
$contactAnyone->asa('permissions')->clearCache();
$this->assertFalse($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
$contactUserPrivate->asa('permissions')->clearCache();
$this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactOtherPrivate->asa('permissions')->clearCache();
$this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactInvisible->asa('permissions')->clearCache();
$this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
$criteria = Contacts::model()->getAccessCriteria();
$contacts = Contacts::model()->findAll($criteria);
$this->assertEquals(2, count($contacts));
$this->assertEquals(2, count(array_intersect(array($contactGroup->id, $contactUserPrivate->id), array_map(function ($contact) {
return $contact->id;
}, $contacts))));
// read only access
$auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), true);
$auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), false);
$accessLevel = Contacts::model()->getAccessLevel();
$this->assertEquals(X2PermissionsBehavior::QUERY_PUBLIC, $accessLevel);
$contactGroup->asa('permissions')->clearCache();
$this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
$contactGroupmate->asa('permissions')->clearCache();
$this->assertTrue($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
$contactAnyone->asa('permissions')->clearCache();
$this->assertTrue($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
$contactUserPrivate->asa('permissions')->clearCache();
$this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactOtherPrivate->asa('permissions')->clearCache();
$this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactInvisible->asa('permissions')->clearCache();
$this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
$criteria = Contacts::model()->getAccessCriteria();
$contacts = Contacts::model()->findAll($criteria);
$this->assertEquals(4, count($contacts));
$this->assertEquals(4, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id), array_map(function ($contact) {
return $contact->id;
}, $contacts))));
// no access
$auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), false);
$auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), false);
$accessLevel = Contacts::model()->getAccessLevel();
$this->assertEquals(X2PermissionsBehavior::QUERY_NONE, $accessLevel);
$contactGroup->asa('permissions')->clearCache();
$this->assertFalse($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
$contactGroupmate->asa('permissions')->clearCache();
$this->assertFalse($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
$contactAnyone->asa('permissions')->clearCache();
$this->assertFalse($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
$contactUserPrivate->asa('permissions')->clearCache();
$this->assertFalse($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactOtherPrivate->asa('permissions')->clearCache();
$this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactInvisible->asa('permissions')->clearCache();
$this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
$criteria = Contacts::model()->getAccessCriteria();
$contacts = Contacts::model()->findAll($criteria);
$this->assertEquals(0, count($contacts));
$this->assertEquals(0, count(array_intersect(array(), array_map(function ($contact) {
return $contact->id;
}, $contacts))));
// all access
$auth->setAccess('ContactsAdmin', $user->id, array(), true);
$auth->setAccess('AdminIndex', $user->id, array(), true);
$auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), true);
$auth->setAccess('ContactsBasicAccess', $user->id, array(), true);
$auth->setAccess('ContactsFullAccess', $user->id, array(), true);
$auth->setAccess('ContactsUpdateAccess', $user->id, array(), true);
$accessLevel = Contacts::model()->getAccessLevel();
$this->assertEquals(X2PermissionsBehavior::QUERY_ALL, $accessLevel);
$contactGroup->asa('permissions')->clearCache();
$this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
$contactGroupmate->asa('permissions')->clearCache();
$this->assertTrue($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
$contactAnyone->asa('permissions')->clearCache();
$this->assertTrue($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
$contactUserPrivate->asa('permissions')->clearCache();
$this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactOtherPrivate->asa('permissions')->clearCache();
$this->assertTrue($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
$contactInvisible->asa('permissions')->clearCache();
$this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
$criteria = Contacts::model()->getAccessCriteria();
$contacts = Contacts::model()->findAll($criteria);
$this->assertEquals(5, count($contacts));
$this->assertEquals(5, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id, $contactOtherPrivate->id), array_map(function ($contact) {
return $contact->id;
}, $contacts))));
$criteria = Contacts::model()->getAccessCriteria('t', 'X2PermissionsBehavior', true);
$contacts = Contacts::model()->findAll($criteria);
$this->assertEquals(6, count($contacts));
$this->assertEquals(6, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id, $contactOtherPrivate->id, $contactInvisible->id), array_map(function ($contact) {
return $contact->id;
}, $contacts))));
TestingAuxLib::restoreX2AuthManager();
}
public function testUpdateWithNotifications()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('admin');
// assigned to testuser
$action = $this->actions('action1');
$reminders = $action->getReminders(true);
foreach ($reminders as $reminder) {
$this->assertTrue($reminder->delete());
}
$this->assertEquals(0, count($action->getReminders(true)));
// ensure that we can create a reminder
$action->reminder = true;
$action->notificationUsers = 'assigned';
$action->notificationTime = 1234;
$this->assertSaves($action);
$this->assertEquals(1, count($action->getReminders(true)));
$reminders = $action->getReminders(true);
$assignees = array_map(function ($reminder) {
return $reminder->user;
}, $reminders);
$this->assertEquals(array('testuser'), $assignees);
// now ensure that we can create another reminder and that the old reminder was deleted
TestingAuxLib::suLogin('testuser');
$action->reminder = true;
$action->notificationUsers = 'assigned';
$action->notificationTime = 1234;
$this->assertSaves($action);
$this->assertEquals(1, count($action->getReminders(true)));
$reminders = $action->getReminders(true);
$assignees = array_map(function ($reminder) {
return $reminder->user;
}, $reminders);
$this->assertEquals(array('testuser'), $assignees);
}
public function testGetAccessCriteria()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('admin');
// admin privileges private profile
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals('TRUE', $accessCriteria->condition);
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll()));
// admin privileges public profile
$accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser')));
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******"')));
// non-admin public profile
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = null;
$accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser')));
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" and visibility')));
// non-admin private profile
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = null;
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" or visibility')));
// non-admin private profile, user history
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = 'user';
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******"')));
// non-admin private profile, group history
// assumes that testuser2 and testuser3 are groupmates
Yii::app()->settings->historyPrivacy = 'group';
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" or user="******"')));
Yii::app()->settings->historyPrivacy = null;
TestingAuxLib::restoreX2WebUser();
}
