Ejemplo n.º 1
0
 /**
  * Determine if the user can view this tracker.
  * Note that if there is no group explicitely auhtorized, access is denied (don't check default values)
  *
  * @param int $user if not specified, use the current user id. The params accept also User object
  *
  * @return boolean true if the user can view the tracker.
  */
 public function userCanView($user = 0)
 {
     $user_manager = $this->getUserManager();
     if (!$user instanceof PFUser) {
         if (!$user) {
             $user = $user_manager->getCurrentUser();
         } else {
             $user = $user_manager->getUserById((int) $user);
         }
     }
     $project_manager = ProjectManager::instance();
     $permission_checker = new Tracker_Permission_PermissionChecker($user_manager, $project_manager);
     return $permission_checker->userCanViewTracker($user, $this);
 }
Ejemplo n.º 2
0
 /**
  * userCanView - determine if the user can view this artifact.
  *
  * @param PFUser $user if not specified, use the current user
  *
  * @return boolean user can view the artifact
  */
 public function userCanView(PFUser $user = null)
 {
     $um = $this->getUserManager();
     $project_manager = $this->getProjectManager();
     if (!$user) {
         $user = $um->getCurrentUser();
     }
     if ($user instanceof Tracker_UserWithReadAllPermission) {
         return true;
     }
     if (!isset($this->can_view_cache[$user->getId()])) {
         if ($this->getTracker()->userIsAdmin() || $user->isSuperUser()) {
             $this->setUserCanView($user, true);
         } else {
             $permission_checker = new Tracker_Permission_PermissionChecker($um, $project_manager);
             $this->setUserCanView($user, $permission_checker->userCanView($user, $this));
         }
     }
     return $this->can_view_cache[$user->getId()];
 }
Ejemplo n.º 3
0
 function testUserCanViewTrackerAccessFull()
 {
     $ugroup_ass = 101;
     $ugroup_sub = 102;
     $ugroup_ful = 103;
     // $assignee is in (UgroupAss - ugroup_id=101)
     // $submitter is in (UgroupSub - ugroup_id=102)
     // $u is in (UgroupFul - ugroup_id=103);
     // $other do not belong to any ugroup
     //
     $u = mock('PFUser');
     $u->setReturnValue('getId', 120);
     $u->setReturnValue('isMemberOfUgroup', true, array(103, 222));
     $u->setReturnValue('isMemberOfUgroup', false, array(101, 222));
     $u->setReturnValue('isMemberOfUgroup', false, array(102, 222));
     $u->setReturnValue('isSuperUser', false);
     //
     $assignee = mock('PFUser');
     $assignee->setReturnValue('getId', 121);
     $assignee->setReturnValue('isMemberOfUgroup', true, array(101, 222));
     $assignee->setReturnValue('isMemberOfUgroup', false, array(102, 222));
     $assignee->setReturnValue('isMemberOfUgroup', false, array(103, 222));
     $assignee->setReturnValue('isSuperUser', false);
     //
     $submitter = mock('PFUser');
     $submitter->setReturnValue('getId', 122);
     $submitter->setReturnValue('isMemberOfUgroup', false, array(101, 222));
     $submitter->setReturnValue('isMemberOfUgroup', true, array(102, 222));
     $submitter->setReturnValue('isMemberOfUgroup', false, array(103, 222));
     $submitter->setReturnValue('isSuperUser', false);
     //
     $other = mock('PFUser');
     $other->setReturnValue('getId', 123);
     $other->setReturnValue('isMemberOfUgroup', false);
     $other->setReturnValue('isSuperUser', false);
     $user_manager = mock('UserManager');
     $user_manager->setReturnReference('getUserById', $u, array(120));
     $user_manager->setReturnReference('getUserById', $assignee, array(121));
     $user_manager->setReturnReference('getUserById', $submitter, array(122));
     $user_manager->setReturnReference('getUserById', $other, array(123));
     $project_manager = mock('ProjectManager');
     // $artifact_subass has been submitted by $submitter and assigned to $assignee
     // $u should have the right to see it.
     // $other, $submitter and assigned should not have the right to see it
     $permissions = array("PLUGIN_TRACKER_ACCESS_FULL" => array(0 => $ugroup_ful));
     $this->tracker->setReturnReference('getAuthorizedUgroupsByPermissionType', $permissions);
     $contributor_field = aMockField()->build();
     $this->tracker->setReturnReference('getContributorField', $contributor_field);
     $artifact_subass = mock('Tracker_Artifact');
     $artifact_subass->setReturnReference('getTracker', $this->tracker);
     $artifact_subass->setReturnValue('useArtifactPermissions', false);
     $artifact_subass->setReturnValue('getSubmittedBy', 123);
     $user_changeset_value = new MockTracker_Artifact_ChangesetValue();
     $contributors = array(121);
     $user_changeset_value->setReturnReference('getValue', $contributors);
     $artifact_subass->setReturnReference('getValue', $user_changeset_value, array($contributor_field));
     $permission_checker = new Tracker_Permission_PermissionChecker($user_manager, $project_manager);
     $this->assertFalse($permission_checker->userCanView($submitter, $artifact_subass));
     $this->assertFalse($permission_checker->userCanView($assignee, $artifact_subass));
     $this->assertFalse($permission_checker->userCanView($other, $artifact_subass));
     $this->assertTrue($permission_checker->userCanView($u, $artifact_subass));
 }