/**
* Override to handle security/access resolution on specific elements.
*/
protected function resolveElementInformationDuringFormLayoutRender(&$elementInformation)
{
if ($this->renderType == 'Edit') {
FormLayoutSecurityUtil::resolveElementForEditableRender($this->model, $elementInformation, Yii::app()->user->userModel);
} elseif ($this->renderType == 'Details') {
FormLayoutSecurityUtil::resolveElementForNonEditableRender($this->model, $elementInformation, Yii::app()->user->userModel);
} else {
throw new NotSupportedException();
}
}
protected function resolveAndRenderEditableInput($relationModel, $relatedItemForm, $relationModelClassName, $modelElementType)
{
$elementInformation = array('attributeName' => $relationModelClassName, 'type' => $modelElementType);
FormLayoutSecurityUtil::resolveElementForEditableRender($relatedItemForm, $elementInformation, Yii::app()->user->userModel);
if ($elementInformation['attributeName'] != null) {
$elementclassname = $elementInformation['type'] . 'Element';
$element = new $elementclassname($relatedItemForm, $elementInformation['attributeName'], $this->form, array_slice($elementInformation, 2));
assert('$element instanceof ModelElement');
$element->editableTemplate = $this->getRelatedItemEditableTemplate();
return $element->render();
} elseif ($relationModel->id > 0) {
return $this->renderEditableHiddenInput($relatedItemForm, $relationModelClassName, $modelElementType);
}
}
public function testResolveElementForEditableRender()
{
$nullElementInformation = array('attributeName' => null, 'type' => 'Null');
$super = User::getByUsername('super');
$betty = User::getByUsername('betty');
$billy = User::getByUsername('billy');
$accountForBetty = AccountTestHelper::createAccountByNameForOwner("betty's account", $betty);
$accountForSuper = AccountTestHelper::createAccountByNameForOwner("super's account", $super);
$contactForBetty = ContactTestHelper::createContactWithAccountByNameForOwner("betty's contact", $betty, $accountForBetty);
$contactForBilly = ContactTestHelper::createContactByNameForOwner("betty's contact", $billy);
$contactForBettyButAccountForSuper = ContactTestHelper::createContactWithAccountByNameForOwner("betty's contact", $betty, $accountForSuper);
//Testing a non ModelElement.
$elementInformation = array('attributeName' => 'something', 'type' => 'Text');
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty);
$this->assertEquals($elementInformation, $referenceElementInformation);
//Testing a AccountElement when Betty cannot access accounts module.
$elementInformation = array('attributeName' => 'account', 'type' => 'Account');
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty);
$this->assertEquals($nullElementInformation, $referenceElementInformation);
//Testing ok access for Betty.
$betty->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS, Right::ALLOW);
$this->assertTrue($betty->save());
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty);
$this->assertEquals($elementInformation, $referenceElementInformation);
//Testing where Betty can access the accounts, module, but she cannot view the account.
$elementInformation = array('attributeName' => 'account', 'type' => 'Account');
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBettyButAccountForSuper, $referenceElementInformation, $betty);
$this->assertEquals($nullElementInformation, $referenceElementInformation);
//Testing where Betty can access the accounts, module, and now can read the super account.
$accountForSuper->addPermissions($betty, Permission::READ);
$this->assertTrue($accountForSuper->save());
$elementInformation = array('attributeName' => 'account', 'type' => 'Account');
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBettyButAccountForSuper, $referenceElementInformation, $betty);
$this->assertEquals($elementInformation, $referenceElementInformation);
//Testing UserElement.
$elementInformation = array('attributeName' => 'owner', 'type' => 'User');
//Super can see related user picker without any problem.
$referenceElementInformation = $elementInformation;
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, User::getByUsername('super'));
$this->assertEquals($elementInformation, $referenceElementInformation);
//Betty can also see related user picker without problem, even though betty has no access to user tab.
$referenceElementInformation = $elementInformation;
$this->assertEquals(Right::DENY, $betty->getEffectiveRight('UsersModule', UsersModule::RIGHT_ACCESS_USERS));
FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty);
$this->assertEquals($elementInformation, $referenceElementInformation);
}
/**
* Override to handle security/access resolution on specific elements.
*/
protected function resolveElementInformationDuringFormLayoutRender(&$elementInformation)
{
FormLayoutSecurityUtil::resolveElementForEditableRender($this->model, $elementInformation, Yii::app()->user->userModel);
}
