public function testIsPredefined()
{
$name = 'Predefined role';
$role = new AccountUserRole($name);
$this->assertTrue($role->isPredefined());
$role->setAccount(new Account());
$this->assertFalse($role->isPredefined());
}
/**
* @return array
*/
public function submitDataProvider()
{
$roleLabel = 'account_role_label';
$alteredRoleLabel = 'altered_role_label';
$defaultRole = new AccountUserRole();
$defaultRole->setLabel($roleLabel);
/** @var AccountUserRole $existingRoleBefore */
$existingRoleBefore = $this->getEntity(self::DATA_CLASS, 1);
$existingRoleBefore->setLabel($roleLabel);
$existingRoleBefore->setRole($roleLabel);
$existingRoleAfter = unserialize(serialize($existingRoleBefore));
$existingRoleAfter->setLabel($alteredRoleLabel);
return ['empty' => ['options' => ['privilege_config' => $this->privilegeConfig], 'defaultData' => null, 'viewData' => null, 'submittedData' => ['label' => $roleLabel], 'expectedData' => $defaultRole, 'expectedFieldData' => ['entity' => [], 'action' => []]], 'existing' => ['options' => ['privilege_config' => $this->privilegeConfig], 'defaultData' => $existingRoleBefore, 'viewData' => $existingRoleBefore, 'submittedData' => ['label' => $alteredRoleLabel, 'entity' => ['first'], 'action' => ['second']], 'expectedData' => $existingRoleAfter, 'expectedFieldData' => ['entity' => ['first'], 'action' => ['second']]]];
}
public function testUpdateFromPredefined()
{
//TODO: see BB-1134
$this->markTestSkipped('Must be fixed in scope with BB-1134');
$currentUserRoles = $this->currentUser->getRoles();
$oldRoleId = $this->predefinedRole->getId();
$crawler = $this->client->request('GET', $this->getUrl('orob2b_account_frontend_account_user_role_update', ['id' => $oldRoleId]));
$form = $crawler->selectButton('Save and Close')->form();
$token = $this->getContainer()->get('security.csrf.token_manager')->getToken('orob2b_account_frontend_account_user_role')->getValue();
$this->client->followRedirects(true);
$crawler = $this->client->request($form->getMethod(), $form->getUri(), ['input_action' => '', 'orob2b_account_frontend_account_user_role' => ['_token' => $token, 'label' => self::CUSTOMIZED_ROLE, 'appendUsers' => $this->currentUser->getId()]]);
$result = $this->client->getResponse();
$this->assertHtmlResponseStatusCodeEquals($result, 200);
$content = $crawler->html();
$this->assertContains('Account User Role has been saved', $content);
// Find id of new role
$response = $this->requestFrontendGrid('frontend-account-account-user-roles-grid', ['frontend-account-account-user-roles-grid[_filter][label][value]' => self::CUSTOMIZED_ROLE]);
$result = $this->getJsonResponseContent($response, 200);
$result = reset($result['data']);
$newRoleId = $result['id'];
$this->assertNotEquals($newRoleId, $oldRoleId);
/** @var \OroB2B\Bundle\AccountBundle\Entity\AccountUserRole $role */
$role = $this->getUserRoleRepository()->find($newRoleId);
$this->assertNotNull($role);
$this->assertEquals(self::CUSTOMIZED_ROLE, $role->getLabel());
$this->assertNotEmpty($role->getRole());
/** @var \OroB2B\Bundle\AccountBundle\Entity\AccountUser $user */
$user = $this->getCurrentUser();
// Add new role
$this->assertCount(count($currentUserRoles) + 1, $user->getRoles());
$this->assertEquals($user->getRole($role->getRole()), $role);
}
public function testAccountPermissions()
{
// init tokens
$this->client->request('GET', $this->getUrl('orob2b_account_frontend_account_user_profile'));
$this->assertHtmlResponseStatusCodeEquals($this->client->getResponse(), 200);
$this->assertRoleHasPermission(LoadAccountUserRoles::ADMINISTRATOR, [true, true, true, true, true]);
$this->assertRoleHasPermission(LoadAccountUserRoles::BUYER, [true, false, true, false, true]);
$roleName = 'DENIED';
$role = new AccountUserRole(AccountUserRole::PREFIX_ROLE . $roleName);
$role->setLabel($roleName);
$className = $this->getContainer()->getParameter('orob2b_account.entity.account_user_role.class');
$em = $this->getContainer()->get('doctrine')->getManagerForClass($className);
$em->persist($role);
$em->flush();
$this->assertRoleHasPermission($roleName, [false, false, false, false, false]);
}
/**
* @return bool
* @return int
*/
protected function getFrontendPermissionForDelete()
{
if ($this->object->isPredefined()) {
return self::ACCESS_DENIED;
}
return $this->isGrantedDeleteAccountUserRole($this->object) ? self::ACCESS_GRANTED : self::ACCESS_DENIED;
}
/**
* @param ObjectManager $manager
*/
protected function loadRoles(ObjectManager $manager)
{
/* @var $aclManager AclManager */
$aclManager = $this->container->get('oro_security.acl.manager');
foreach ($this->roles as $key => $roles) {
$role = new AccountUserRole(AccountUserRole::PREFIX_ROLE . $key);
$role->setLabel($key);
foreach ($roles as $acls) {
$className = $this->container->getParameter($acls['class']);
$this->setRolePermissions($aclManager, $role, $className, $acls['acls']);
}
$manager->persist($role);
$this->setReference($key, $role);
}
$manager->flush();
$aclManager->flush();
}
/**
* @param AccountUserRole|AbstractRole $role
* @param EntityManager $manager
*/
protected function removeOriginalRoleFromUsers(AccountUserRole $role, EntityManager $manager)
{
if (!$role->getId() || $role->getId() === $this->newRole->getId()) {
return;
}
array_map(function (AccountUser $accountUser) use($role, $manager) {
if ($accountUser->getAccount()->getId() === $this->loggedAccountUser->getAccount()->getId()) {
$accountUser->removeRole($role);
$manager->persist($accountUser);
}
}, $this->appendUsers);
}
/**
* @param AccountUser|null $accountUser
* @param bool $isGranted
* @param int $accountId
* @param int $loggedUserAccountId
* @param int $expected
* @param bool $failAccountUserRole
* @dataProvider attributeFrontendUpdateViewDataProvider
*/
public function testVoteFrontendView($accountUser, $isGranted, $accountId, $loggedUserAccountId, $expected, $failAccountUserRole = false)
{
/** @var Account $roleAccount */
$roleAccount = $this->createEntity('OroB2B\\Bundle\\AccountBundle\\Entity\\Account', $accountId);
/** @var Account $userAccount */
$userAccount = $this->createEntity('OroB2B\\Bundle\\AccountBundle\\Entity\\Account', $loggedUserAccountId);
if ($failAccountUserRole) {
$accountUserRole = new \stdClass();
} else {
$accountUserRole = new AccountUserRole();
$accountUserRole->setAccount($roleAccount);
}
if ($accountUser) {
$accountUser->setAccount($userAccount);
}
$this->getMocksForVote($accountUserRole);
if (!$failAccountUserRole) {
$this->getMockForUpdateAndView($accountUser, $isGranted, 'VIEW');
}
/** @var \PHPUnit_Framework_MockObject_MockObject|TokenInterface $token */
$token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface');
$this->assertEquals($expected, $this->voter->vote($token, $accountUserRole, [AccountUserRoleVoter::ATTRIBUTE_FRONTEND_ACCOUNT_ROLE_VIEW]));
}
/**
* @param AccountUserRole $role
* @param Account|null $newAccount
* @param AccountUser[] $appendUsers
* @param AccountUser[] $removedUsers
* @param AccountUser[] $assignedUsers
* @param AccountUser[] $expectedUsersWithRole
* @param AccountUser[] $expectedUsersWithoutRole
* @param bool $changeAccountProcessed
* @dataProvider processWithAccountProvider
*/
public function testProcessWithAccount(AccountUserRole $role, $newAccount, array $appendUsers, array $removedUsers, array $assignedUsers, array $expectedUsersWithRole, array $expectedUsersWithoutRole, $changeAccountProcessed = true)
{
// Array of persisted users
/** @var AccountUser[] $persistedUsers */
$persistedUsers = [];
$request = new Request();
$request->setMethod('POST');
$appendForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
$appendForm->expects($this->once())->method('getData')->willReturn($appendUsers);
$removeForm = $this->getMock('Symfony\\Component\\Form\\FormInterface');
$removeForm->expects($this->once())->method('getData')->willReturn($removedUsers);
$form = $this->getMock('Symfony\\Component\\Form\\FormInterface');
$form->expects($this->once())->method('submit')->with($request)->willReturnCallback(function () use($role, $newAccount) {
$role->setAccount($newAccount);
$role->setOrganization($newAccount->getOrganization());
});
$form->expects($this->once())->method('isValid')->willReturn(true);
$form->expects($this->any())->method('get')->willReturnMap([['appendUsers', $appendForm], ['removeUsers', $removeForm]]);
$this->formFactory->expects($this->once())->method('create')->willReturn($form);
$objectManager = $this->getMock('Doctrine\\Common\\Persistence\\ObjectManager');
$objectManager->expects($this->any())->method('persist')->willReturnCallback(function ($entity) use(&$persistedUsers) {
if ($entity instanceof AccountUser) {
$persistedUsers[spl_object_hash($entity)] = $entity;
}
});
$this->managerRegistry->expects($this->any())->method('getManagerForClass')->with(get_class($role))->willReturn($objectManager);
$this->roleRepository->expects($changeAccountProcessed ? $this->once() : $this->never())->method('getAssignedUsers')->with($role)->willReturn($assignedUsers);
/** @var \PHPUnit_Framework_MockObject_MockObject|AccountUserRoleUpdateHandler $handler */
$handler = $this->getMockBuilder('\\OroB2B\\Bundle\\AccountBundle\\Form\\Handler\\AccountUserRoleUpdateHandler')->setMethods(['processPrivileges'])->setConstructorArgs([$this->formFactory, $this->privilegeConfig])->getMock();
$this->setRequirementsForHandler($handler);
$handler->setRequest($request);
$handler->createForm($role);
$handler->process($role);
foreach ($expectedUsersWithRole as $expectedUser) {
$this->assertEquals($persistedUsers[spl_object_hash($expectedUser)]->getRole($role->getRole()), $role);
}
foreach ($expectedUsersWithoutRole as $expectedUser) {
$this->assertEquals($persistedUsers[spl_object_hash($expectedUser)]->getRole($role->getRole()), null);
}
}
/**
* @param AccountUserRole $role
*/
protected function setWebsiteDefaultRoles(AccountUserRole $role)
{
$websites = $this->container->get('doctrine')->getManagerForClass('OroB2BWebsiteBundle:Website')->getRepository('OroB2BWebsiteBundle:Website')->findAll();
foreach ($websites as $website) {
$role->addWebsite($website);
}
}
/**
* @Route("/delete/{id}", requirements={"id"="\d+"})
* @ApiDoc(
* description="Delete account user role",
* resource=true
* )
* @Acl(
* id="orob2b_account_frontend_account_user_role_delete_action",
* type="entity",
* class="OroB2BAccountBundle:AccountUserRole",
* permission="FRONTEND_ACCOUNT_ROLE_DELETE",
* group_name="commerce"
* )
*
* @param AccountUserRole $id
* @return Response
*/
public function deleteAction(AccountUserRole $id)
{
return $this->handleDeleteRequest($id->getId());
}
/**
* @param AccountUserRole $role
* @param int $numberOfUsers
* @param Account $account
* @return \OroB2B\Bundle\AccountBundle\Entity\AccountUser[]
*/
protected function createUsersWithRole(AccountUserRole $role, $numberOfUsers, Account $account = null)
{
/** @var AccountUser[] $users */
$users = [];
for ($i = 0; $i < $numberOfUsers; $i++) {
$user = new AccountUser();
$user->setUsername('user' . $i . $role->getRole());
$user->setRoles([$role]);
$user->setAccount($account);
$users[] = $user;
}
return $users;
}
/**
* @param AccountUserRole $role
* @return array|RedirectResponse
*/
protected function update(AccountUserRole $role)
{
$handler = $this->get('orob2b_account.form.handler.update_account_user_role_frontend');
if ($role->isPredefined()) {
$newRole = $this->createNewRole($role);
} else {
$newRole = $role;
}
$form = $handler->createForm($newRole);
return $this->get('oro_form.model.update_handler')->handleUpdate($role, $form, function () use($newRole) {
return ['route' => 'orob2b_account_frontend_account_user_role_update', 'parameters' => ['id' => $newRole->getId()]];
}, function () use($newRole) {
return ['route' => 'orob2b_account_frontend_account_user_role_view', 'parameters' => ['id' => $newRole->getId()]];
}, $this->get('translator')->trans('orob2b.account.controller.accountuserrole.saved.message'), $handler);
}
/**
* @param ObjectManager $manager
* @param string $roleLabel
*/
protected function loadRoleWithoutAccount(ObjectManager $manager, $roleLabel)
{
$entity = new AccountUserRole();
$entity->setLabel($roleLabel);
$entity->setOrganization($this->getDefaultOrganization($manager));
$this->setReference($entity->getLabel(), $entity);
$manager->persist($entity);
}
