public function testCreateAndGetContactWebFormById() { $allAttributes = ContactWebFormsUtil::getAllAttributes(); $placedAttributes = array('firstName', 'lastName', 'companyName', 'jobTitle'); $contactFormAttributes = ContactWebFormsUtil::getAllPlacedAttributes($allAttributes, $placedAttributes); $attributes = array_keys($contactFormAttributes); $this->assertTrue(ContactsModule::loadStartingData()); $contactStates = ContactState::getByName('New'); $contactWebForm = new ContactWebForm(); $contactWebForm->name = 'Test Form'; $contactWebForm->redirectUrl = 'http://google.com'; $contactWebForm->submitButtonLabel = 'Save'; $contactWebForm->defaultState = $contactStates[0]; $contactWebForm->serializedData = serialize($attributes); $contactWebForm->defaultOwner = Yii::app()->user->userModel; $this->assertTrue($contactWebForm->save()); $id = $contactWebForm->id; unset($contactWebForm); $contactWebForm = ContactWebForm::getById($id); $this->assertEquals('Test Form', $contactWebForm->name); $this->assertEquals('http://google.com', $contactWebForm->redirectUrl); $this->assertEquals('Save', $contactWebForm->submitButtonLabel); $this->assertEquals('New', $contactWebForm->defaultState->name); $this->assertEquals($attributes, unserialize($contactWebForm->serializedData)); }
public function testCreateAndGetContactWebFormById() { ContactWebFormTestHelper::deleteAllContactWebForms(); $placedAttributes = array('firstName', 'lastName', 'companyName', 'jobTitle'); $this->assertTrue(ContactsModule::loadStartingData()); $contactStates = ContactState::getByName('New'); $contactWebForm = new ContactWebForm(); $contactWebForm->name = 'Test Form'; $contactWebForm->redirectUrl = 'http://zurmo.com'; $contactWebForm->submitButtonLabel = 'Save'; $contactWebForm->defaultState = $contactStates[0]; $contactWebForm->serializedData = serialize($placedAttributes); $contactWebForm->defaultOwner = Yii::app()->user->userModel; $this->assertTrue($contactWebForm->save()); $id = $contactWebForm->id; unset($contactWebForm); $contactWebForm = ContactWebForm::getById($id); $this->assertEquals('Test Form', $contactWebForm->name); $this->assertEquals('http://zurmo.com', $contactWebForm->redirectUrl); $this->assertEquals('Save', $contactWebForm->submitButtonLabel); $this->assertEquals('New', $contactWebForm->defaultState->name); $this->assertEquals($placedAttributes, unserialize($contactWebForm->serializedData)); $this->assertNull($contactWebForm->defaultPermissionSetting); $this->assertNull($contactWebForm->defaultPermissionGroupSetting); $contactWebForm->name = 'New Test Form'; $contactWebForm->redirectUrl = 'http://zurmo.org'; $contactWebForm->submitButtonLabel = 'Save and Redirect'; $contactWebForm->defaultPermissionSetting = UserConfigurationForm::DEFAULT_PERMISSIONS_SETTING_EVERYONE; $this->assertTrue($contactWebForm->save()); $id = $contactWebForm->id; unset($contactWebForm); $contactWebForm = ContactWebForm::getById($id); $this->assertEquals('New Test Form', $contactWebForm->name); $this->assertEquals('http://zurmo.org', $contactWebForm->redirectUrl); $this->assertEquals('Save and Redirect', $contactWebForm->submitButtonLabel); $this->assertEquals($contactWebForm->defaultPermissionSetting, UserConfigurationForm::DEFAULT_PERMISSIONS_SETTING_EVERYONE); $this->assertNull($contactWebForm->defaultPermissionGroupSetting); }
/** * @param DemoDataHelper $demoDataHelper */ public function makeAll(&$demoDataHelper) { assert('$demoDataHelper instanceof DemoDataHelper'); assert('$demoDataHelper->isSetRange("User")'); $contactStates = ContactState::getAll(); $statesBeginningWithStartingState = ContactsDemoDataMaker::getStatesBeforeOrStartingWithStartingState($contactStates); $contactWebForms = array(); for ($this->index = 0; $this->index < 5; $this->index++) { $contactWebForm = new ContactWebForm(); $contactWebForm->owner = $demoDataHelper->getRandomByModelName('User'); $contactWebForm->defaultOwner = $contactWebForm->owner; $contactWebForm->defaultState = RandomDataUtil::getRandomValueFromArray($statesBeginningWithStartingState); $this->populateModel($contactWebForm); $contactWebForm->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER); $saved = $contactWebForm->save(); assert('$saved'); $contactWebForm = ContactWebForm::getById($contactWebForm->id); AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($contactWebForm, Group::getByName(Group::EVERYONE_GROUP_NAME)); $contactWebForm->save(); $contactWebForms[] = $contactWebForm->id; } $demoDataHelper->setRangeByModelName('ContactWebForm', $contactWebForms[0], $contactWebForms[count($contactWebForms) - 1]); }
public function actionDelete($id) { $contactWebForm = ContactWebForm::getById(intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserDeleteModel($contactWebForm); $contactWebForm->delete(); $this->redirect(array($this->getId() . '/index')); }
/** * @depends testRegularUserControllerActionsWithElevationToAccessAndCreate */ public function testRegularUserControllerActionsWithElevationToModels() { //Create contact web form owned by user super. $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); $contactWebForm = ContactWebFormTestHelper::createContactWebFormByName('contactWebFormForElevationToModelTest', $super); //Test nobody, access to edit and details should fail. $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody'); $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); //give nobody access to read Yii::app()->user->userModel = $super; $contactWebForm->addPermissions($nobody, Permission::READ); $this->assertTrue($contactWebForm->save()); AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm, $nobody); //Now the nobody user can access the details view. Yii::app()->user->userModel = $nobody; $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); //Test nobody, access to edit should fail. $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); $contactWebFormId = $contactWebForm->id; $contactWebForm->forget(); $contactWebForm = ContactWebForm::getById($contactWebFormId); //give nobody access to read and write Yii::app()->user->userModel = $super; $contactWebForm->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm->save()); AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody); AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($contactWebForm, $nobody); //Now the nobody user should be able to access the edit view and still the details view. Yii::app()->user->userModel = $nobody; $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); $contactWebFormId = $contactWebForm->id; $contactWebForm->forget(); $contactWebForm = ContactWebForm::getById($contactWebFormId); //revoke nobody access to read Yii::app()->user->userModel = $super; $contactWebForm->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm->save()); AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody); //Test nobody, access to detail should fail. Yii::app()->user->userModel = $nobody; $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //create some roles Yii::app()->user->userModel = $super; $parentRole = new Role(); $parentRole->name = 'AAA'; $this->assertTrue($parentRole->save()); $childRole = new Role(); $childRole->name = 'BBB'; $this->assertTrue($childRole->save()); $userInParentRole = User::getByUsername('confused'); $userInChildRole = User::getByUsername('nobody'); $childRole->users->add($userInChildRole); $this->assertTrue($childRole->save()); $parentRole->users->add($userInParentRole); $parentRole->roles->add($childRole); $this->assertTrue($parentRole->save()); $userInChildRole->forget(); $userInChildRole = User::getByUsername('nobody'); $userInParentRole->forget(); $userInParentRole = User::getByUsername('confused'); $parentRoleId = $parentRole->id; $parentRole->forget(); $parentRole = Role::getById($parentRoleId); $childRoleId = $childRole->id; $childRole->forget(); $childRole = Role::getById($childRoleId); //create web form owned by super $contactWebForm2 = ContactWebFormTestHelper::createContactWebFormByName('testingParentRolePermission', $super); //Test userInParentRole, access to details and edit should fail. Yii::app()->user->userModel = $userInParentRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //give userInChildRole access to READ Yii::app()->user->userModel = $super; $contactWebForm2->addPermissions($userInChildRole, Permission::READ); $this->assertTrue($contactWebForm2->save()); AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm2, $userInChildRole); //Test userInChildRole, access to details should not fail. Yii::app()->user->userModel = $userInChildRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); //Test userInParentRole, access to details should not fail. Yii::app()->user->userModel = $userInParentRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); $contactWebFormId = $contactWebForm2->id; $contactWebForm2->forget(); $contactWebForm2 = ContactWebForm::getById($contactWebFormId); //give userInChildRole access to read and write Yii::app()->user->userModel = $super; $contactWebForm2->addPermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm2->save()); AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm2, $userInChildRole); AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($contactWebForm2, $userInChildRole); //Test userInChildRole, access to edit should not fail. Yii::app()->user->userModel = $userInChildRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); //Test userInParentRole, access to edit should not fail. $this->logoutCurrentUserLoginNewUserAndGetByUsername($userInParentRole->username); $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); $contactWebFormId = $contactWebForm2->id; $contactWebForm2->forget(); $contactWebForm2 = ContactWebForm::getById($contactWebFormId); //revoke userInChildRole access to read and write Yii::app()->user->userModel = $super; $contactWebForm2->removePermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm2->save()); AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($contactWebForm2, $userInChildRole); //Test userInChildRole, access to detail should fail. Yii::app()->user->userModel = $userInChildRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //Test userInParentRole, access to detail should fail. Yii::app()->user->userModel = $userInParentRole; $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm2->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //clear up the role relationships between users so not to effect next assertions $parentRole->users->remove($userInParentRole); $parentRole->roles->remove($childRole); $this->assertTrue($parentRole->save()); $childRole->users->remove($userInChildRole); $this->assertTrue($childRole->save()); //create some groups and assign users to groups Yii::app()->user->userModel = $super; $parentGroup = new Group(); $parentGroup->name = 'AAA'; $this->assertTrue($parentGroup->save()); $childGroup = new Group(); $childGroup->name = 'BBB'; $this->assertTrue($childGroup->save()); $userInChildGroup = User::getByUsername('confused'); $userInParentGroup = User::getByUsername('nobody'); $childGroup->users->add($userInChildGroup); $this->assertTrue($childGroup->save()); $parentGroup->users->add($userInParentGroup); $parentGroup->groups->add($childGroup); $this->assertTrue($parentGroup->save()); $parentGroup->forget(); $childGroup->forget(); $parentGroup = Group::getByName('AAA'); $childGroup = Group::getByName('BBB'); //Add access for the confused user to ContactWebForms and creation of ContactWebForms. $userInChildGroup->setRight('ContactWebFormsModule', ContactWebFormsModule::RIGHT_ACCESS_CONTACT_WEB_FORMS); $userInChildGroup->setRight('ContactWebFormsModule', ContactWebFormsModule::RIGHT_CREATE_CONTACT_WEB_FORMS); $this->assertTrue($userInChildGroup->save()); //create web form owned by super $contactWebForm3 = ContactWebFormTestHelper::createContactWebFormByName('testingParentGroupPermission', $super); //Test userInParentGroup, access to details and edit should fail. Yii::app()->user->userModel = $userInParentGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //Test userInChildGroup, access to details and edit should fail. Yii::app()->user->userModel = $userInChildGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //give parentGroup access to READ Yii::app()->user->userModel = $super; $contactWebForm3->addPermissions($parentGroup, Permission::READ); $this->assertTrue($contactWebForm3->save()); AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($contactWebForm3, $parentGroup); //Test userInParentGroup, access to details should not fail. Yii::app()->user->userModel = $userInParentGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); //Test userInChildGroup, access to details should not fail. Yii::app()->user->userModel = $userInChildGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); $contactWebFormId = $contactWebForm3->id; $contactWebForm3->forget(); $contactWebForm3 = ContactWebForm::getById($contactWebFormId); //give parentGroup access to read and write Yii::app()->user->userModel = $super; $contactWebForm3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm3->save()); AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($contactWebForm3, $parentGroup); AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($contactWebForm3, $parentGroup); //Test userInParentGroup, access to edit should not fail. Yii::app()->user->userModel = $userInParentGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); //Test userInChildGroup, access to edit should not fail. Yii::app()->user->userModel = $userInChildGroup; $this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username); $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); $contactWebFormId = $contactWebForm3->id; $contactWebForm3->forget(); $contactWebForm3 = ContactWebForm::getById($contactWebFormId); //revoke parentGroup access to read and write Yii::app()->user->userModel = $super; $contactWebForm3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS); $this->assertTrue($contactWebForm3->save()); AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($contactWebForm3, $parentGroup); //Test userInChildGroup, access to detail should fail. Yii::app()->user->userModel = $userInChildGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //Test userInParentGroup, access to detail should fail. Yii::app()->user->userModel = $userInParentGroup; $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details'); $this->setGetArray(array('id' => $contactWebForm3->id)); $this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit'); //clear up the role relationships between users so not to effect next assertions $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); $userInParentGroup->forget(); $userInChildGroup->forget(); $childGroup->forget(); $parentGroup->forget(); $userInParentGroup = User::getByUsername('nobody'); $userInChildGroup = User::getByUsername('confused'); $childGroup = Group::getByName('BBB'); $parentGroup = Group::getByName('AAA'); //clear up the role relationships between users so not to effect next assertions $parentGroup->users->remove($userInParentGroup); $parentGroup->groups->remove($childGroup); $this->assertTrue($parentGroup->save()); $childGroup->users->remove($userInChildGroup); $this->assertTrue($childGroup->save()); }
public function testSuperUserAllDefaultControllerActions() { $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); //Test all default controller actions that do not require any POST/GET variables to be passed. //This does not include portlet controller actions. $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default'); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/index'); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/create'); $content = $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/list'); $this->assertContains('anyMixedAttributes', $content); //Test the search or paging of the listview. Yii::app()->clientScript->reset(); //to make sure old js doesn't make it to the UI $this->setGetArray(array('ajax' => 'list-view')); $content = $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/list'); $this->assertNotContains('anyMixedAttributes', $content); $this->resetGetArray(); //Default Controller actions requiring some sort of parameter via POST or GET //Load Model Edit Views $contactWebForms = ContactWebForm::getAll(); $this->assertEquals(12, count($contactWebForms)); $contactWebFormId = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 1'); $contactWebFormId2 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 2'); $contactWebFormId3 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 3'); $contactWebFormId4 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 4'); $contactWebFormId5 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 5'); $contactWebFormId6 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 6'); $contactWebFormId7 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 7'); $contactWebFormId8 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 8'); $contactWebFormId9 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 9'); $contactWebFormId10 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 10'); $contactWebFormId10 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 11'); $contactWebFormId10 = self::getModelIdByModelNameAndName('ContactWebForm', 'Web Form 12'); $this->setGetArray(array('id' => $contactWebFormId)); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); //Save web form. $contactWebForm = ContactWebForm::getById($contactWebFormId); $attributes = ContactWebFormTestHelper::getContactWebFormAttributes(); $this->setPostArray(array('ContactWebForm' => array('submitButtonLabel' => 'Test Save'), 'ContactWebFormAttributeForm' => $attributes)); $this->runControllerWithRedirectExceptionAndGetContent('contactWebForms/default/edit'); $contactWebForm = ContactWebForm::getById($contactWebFormId); $this->assertEquals('Test Save', $contactWebForm->submitButtonLabel); //Test having a failed validation on the contact during save. $this->setGetArray(array('id' => $contactWebFormId)); $this->setPostArray(array('ContactWebForm' => array('name' => ''), 'ContactWebFormAttributeForm' => $attributes)); $content = $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit'); $this->assertContains('Name cannot be blank', $content); //Load Model Detail Views $this->setGetArray(array('id' => $contactWebFormId)); $this->resetPostArray(); $this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details'); }