/**
* Utilized to create or update model attribute values after a workflow's triggers are fired as true.
* Currently only works with creating new and creating new related models. Not designed to support updating
* existing models.
* @param WorkflowActionProcessingModelAdapter $adapter
* @param $attribute
* @throws FailedToResolveExplicitReadWriteModelPermissionsException
* @throws NotSupportedException
*/
public function resolveValueAndSetToModel(WorkflowActionProcessingModelAdapter $adapter, $attribute)
{
assert('is_string($attribute)');
if ($adapter->getModel()->id < 0) {
throw new NotSupportedException();
}
if ($this->type == self::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL) {
$triggeredModel = $adapter->getTriggeredModel();
if (null == ($explicitReadWriteModelPermissions = $triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow())) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getTriggeredModel());
}
} elseif ($this->type == self::TYPE_DYNAMIC_OWNER) {
//Do nothing, by default this will take.
return;
} elseif ($this->type == self::TYPE_DYNAMIC_EVERYONE_GROUP) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel());
$explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME));
} else {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel());
try {
$group = Group::getById((int) $this->type);
$explicitReadWriteModelPermissions->addReadWritePermitable($group);
} catch (NotFoundException $e) {
//todo: handle exception better
return;
}
}
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($adapter->getModel(), $explicitReadWriteModelPermissions);
if (!$success) {
throw new FailedToResolveExplicitReadWriteModelPermissionsException();
}
}
/**
* @param RedBeanModel $model
* @param User $triggeredByUser
* @return array
*/
public function makeRecipients(RedBeanModel $model, User $triggeredByUser)
{
try {
$group = Group::getById((int) $this->groupId);
} catch (NotFoundException $e) {
return array();
}
if ($group->name == Group::EVERYONE_GROUP_NAME) {
$users = User::getByCriteria(true, null);
} else {
$users = $group->users;
}
$recipients = array();
foreach ($users as $user) {
if ($user->primaryEmail->emailAddress != null) {
$recipient = new EmailMessageRecipient();
$recipient->toAddress = $user->primaryEmail->emailAddress;
$recipient->toName = strval($user);
$recipient->type = $this->audienceType;
$recipient->personsOrAccounts->add($user);
$recipients[] = $recipient;
} else {
$this->createWorkflowTriggerUserPrimaryEmailAddressRequiredNotificationForUser($user);
}
}
return $recipients;
}
/**
* @param RedBeanModel $model
* @param User $triggeredByUser
* @return array
*/
public function makeRecipients(RedBeanModel $model, User $triggeredByUser)
{
try {
$group = Group::getById((int) $this->groupId);
} catch (NotFoundException $e) {
return array();
}
$recipients = array();
foreach ($group->users as $user) {
if ($user->primaryEmail->emailAddress != null) {
$recipient = new EmailMessageRecipient();
$recipient->toAddress = $user->primaryEmail->emailAddress;
$recipient->toName = strval($user);
$recipient->type = $this->audienceType;
$recipient->personOrAccount = $user;
$recipients[] = $recipient;
}
}
return $recipients;
}
function editGroup()
{
global $lang;
$page_lang = scandir('inc/lang/' . $_SESSION['language']);
foreach ($page_lang as $file) {
if ($file != '.' && $file != '..') {
$parts = explode(".", $file);
$page = $parts[0];
if ($page == 'group') {
$page_file = $file;
}
}
}
include_once 'inc/lang/' . $_SESSION['language'] . '/' . $page_file;
if ($_SESSION['access']->users > 1) {
$results = array();
$results['formAction'] = "editGroup";
if (isset($_POST['saveChanges'])) {
// User has posted the group edit form: save the group changes
if (!($group = Group::getById((int) $_GET['editId']))) {
header("Location: index.php?action=listUser&error=groupNotFound");
return;
}
$group = new Group();
$group->storeFormValues($_POST);
$group->update();
header("Location: index.php?action=listUser&success=groupChangesSaved");
} elseif (isset($_POST['cancel'])) {
// User has cancelled their edits: return to the group list
header("Location: index.php?action=listUser");
} else {
// User has not submitted the group edit form: display the group edit form
$results['group'] = Group::getById((int) $_GET['groupId']);
require "inc/layout/editGroup.php";
}
} else {
require "inc/layout/noAccess.php";
}
}
/**
* Given post data, which would be coming most likely from the ExplicitReadWriteModelPermissionsElement,
* transform the post data into a ExplicitReadWriteModelPermissions object. If the post data contains a 'type'
* value that is not supported, an exception is thrown.
* @param array $postData
* @see ExplicitReadWriteModelPermissionsElement
*/
public static function makeByPostData($postData)
{
assert('is_array($postData)');
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
if ($postData['type'] == null) {
return $explicitReadWriteModelPermissions;
} elseif ($postData['type'] == ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP) {
$explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME));
return $explicitReadWriteModelPermissions;
} elseif ($postData['type'] == ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP) {
assert('isset($postData["nonEveryoneGroup"])');
$explicitReadWriteModelPermissions->addReadWritePermitable(Group::getById((int) $postData["nonEveryoneGroup"]));
return $explicitReadWriteModelPermissions;
} else {
throw new NotSupportedException();
}
}
public function actionEditPolicies($id)
{
$group = Group::getById(intval($id));
$title = Zurmo::t('ZurmoModule', 'Policies');
$breadcrumbLinks = array(strval($group) => array('group/' . static::resolveBreadCrumbActionByGroup($group), 'id' => $id), $title);
$data = PoliciesUtil::getAllModulePoliciesDataByPermitable($group);
$policiesForm = PoliciesFormUtil::makeFormFromPoliciesData($data);
$postVariableName = get_class($policiesForm);
if (isset($_POST[$postVariableName])) {
$castedPostData = PoliciesFormUtil::typeCastPostData($_POST[$postVariableName]);
$policiesForm = PoliciesFormUtil::loadFormFromCastedPost($policiesForm, $castedPostData);
if ($policiesForm->validate()) {
if (PoliciesFormUtil::setPoliciesFromCastedPost($castedPostData, $group)) {
$this->clearCaches();
Yii::app()->user->setFlash('notification', Zurmo::t('ZurmoModule', 'Policies Saved Successfully.'));
$this->redirect(array($this->getId() . '/details', 'id' => $group->id));
Yii::app()->end(0, false);
}
}
}
$metadata = PoliciesEditViewUtil::resolveMetadataFromData($policiesForm->data, PoliciesEditAndDetailsView::getMetadata());
$titleBarAndEditView = new GroupActionBarAndSecurityEditView($this->getId(), $this->getModule()->getId(), $policiesForm, $group, $this->getModule()->getPluralCamelCasedName(), $metadata, 'PoliciesEditAndDetailsView', 'GroupPoliciesEditLink');
$view = new GroupsPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $titleBarAndEditView, $breadcrumbLinks, 'GroupBreadCrumbView'));
echo $view->render();
}
} else {
$now = time();
// checking the time now when home page starts
if ($now > $_SESSION['sessionExpire']) {
session_destroy();
$_SESSION['oldURL'] = isset($_GET['action']) ? 'index.php?action=' . $_GET['action'] : '';
if ($_SERVER['REQUEST_URI'] != 'login.php' && $_SERVER['REQUEST_URI'] != $_SESSION['oldURL']) {
$_SESSION['oldURL'] = $_SERVER['REQUEST_URI'];
}
header("Location: login.php?action=sessionExpired");
} else {
$_SESSION['sessionStart'] = time();
$_SESSION['sessionExpire'] = $_SESSION['sessionStart'] + sessionExpire * 60;
}
}
// include class files
require_once 'inc/class/Content.class.php';
require_once 'inc/class/Group.class.php';
require_once 'inc/class/Setting.class.php';
require_once 'inc/class/User.class.php';
// get user group access and set it into session
$_SESSION['access'] = Group::getById(User::getGroupID($_SESSION['authuser']));
// add any rci class logic needed for addons
echo $gns_admin_RCI->get('class', 'add', false);
if (!strpos($_SERVER['REQUEST_URI'], 'index.php') && !strpos($_SERVER['REQUEST_URI'], 'search.php')) {
header("Location: index.php?action=dashboard");
}
// get action
$action = isset($_GET['action']) ? $_GET['action'] : '';
$page_title = '';
echo $gns_admin_RCI->get('top', 'add', false);
<script>
// access sliders
var allowedAccessValues = {
0: true,
1: true,
2: true,
3: true,
4: true
};
</script>
<?php
$results['group'] = Group::getById((int) $_GET['groupId']);
foreach ($results['group'] as $group => $val) {
if ($group != 'id' && $group != 'title' && $group != 'status') {
if ($results['group']->{$group} == 4) {
$slider = '100';
} else {
if ($results['group']->{$group} == 3) {
$slider = '75';
} else {
if ($results['group']->{$group} == 2) {
$slider = '50';
} else {
if ($results['group']->{$group} == 1) {
$slider = '25';
} else {
if ($results['group']->{$group} == 0) {
$slider = '0';
}
}
$(document).ready(function(){
// tabs
$('#listUsersTab a:first').tab('show');
$('#listUsersTab a').click(function (e) {
e.preventDefault();
$(this).tab('show');
});
$('#listGroupsTab a:first').tab('show');
$('#listGroupsTab a').click(function (e) {
e.preventDefault();
$(this).tab('show');
});
});
</script>
<?php
$results['group'] = Group::getById(1);
foreach ($results['group'] as $group => $val) {
if ($group != 'id' && $group != 'title' && $group != 'status' && $group != 'dashboard') {
?>
<script>
$(document).ready(function() {
$("#accessSlider<?php
echo ucfirst($group);
?>
").slider({
range: true,
max: 4,
slide: function(event, ui) {
if (!allowedAccessValues[ui.value]) return false;
},
change: function(event, ui){
protected function beforeSave()
{
if (parent::beforeSave()) {
if (isset($this->originalAttributeValues['group']) && $this->originalAttributeValues['group'][1] > 0) {
//copy to new object, so we can populate the old parent group as the related group.
//otherwise it gets passed by reference. We need the old $this->group information to properly
//utilize the groupBeingRemovedFromGroup method.
$group = unserialize(serialize($this));
$group->group = Group::getById($this->originalAttributeValues['group'][1]);
ReadPermissionsOptimizationUtil::groupBeingRemovedFromGroup($group);
assert('$this->originalAttributeValues["group"][1] != $this->group->id');
}
return true;
} else {
return false;
}
}
print_r($chatGroups);
for ($i = 0; $i < sizeOf($chatGroups); $i++) {
if ($chatGroups[$i]['group2Id'] != $_SESSION['groupId']) {
echo Group::getById($chatGroups[$i]['group2Id'])->name;
?>
<form name="chat_group" action="main.php?action=chat" method="POST" enctype="multipart/form-data">
<input type="text" name ="groupId1" value="<?php
print_r($chatGroups[$i]['group2Id']);
?>
" >
<input type="submit" name="group" value="chat" >
</form>
<?php
} else {
echo Group::getById($chatGroups[$i]['group1Id'])->name;
?>
<form name="chat_group" action="main.php?action=chat" method="POST" enctype="multipart/form-data">
<input type="text" name ="groupId1" value="<?php
print_r($chatGroups[$i]['group1Id']);
?>
" >
<input type="submit" name="group" value="Chat" >
</form>
<?php
}
}
}
echo "Questions:";
$questions = Question::getList();
case 'mine':
$response = Group::getMine();
break;
case 'toplist':
$response = Group::getTopList($_POST['gid'], $_POST['limit']);
break;
case 'contributors':
$params[1] = count($params) >= 2 ? $params[1] : null;
$response = Group::getContributors($params[1]);
break;
case 'overview':
$response = Group::getOverview($_POST['gid']);
break;
default:
if (is_numeric($params[0])) {
$response = Group::getById($params[0]);
}
}
break;
case 'setmod':
$response = Group::setModerator($_POST['gid'], $_POST['uid'], $_POST['mod']);
break;
}
break;
case 'question':
switch ($action) {
case 'add':
$_POST['question'] = array_key_exists('question', $_POST) ? $_POST['question'] : '';
$_POST['correct'] = array_key_exists('correct', $_POST) ? $_POST['correct'] : null;
$_POST['answer-explanation'] = array_key_exists('answer-explanation', $_POST) ? $_POST['answer-explanation'] : '';
$alternatives = array();
public function testRemoveAllPermissions()
{
$accounts = Account::getAll();
$this->assertTrue(count($accounts) >= 2);
$account1 = $accounts[0];
$account2 = $accounts[1];
$user = User::getByUsername('bobby');
$group = Group::getByName('Sales Staff');
$this->assertTrue($group->contains($user));
$everyone = Group::getByName(Group::EVERYONE_GROUP_NAME);
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($user));
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($group));
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($everyone));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($user));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($group));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($everyone));
$account1->addPermissions($user, Permission::READ);
$account1->addPermissions($group, Permission::WRITE);
$account1->addPermissions($everyone, Permission::DELETE);
$this->assertTrue($account1->save());
$account2->addPermissions($user, Permission::WRITE);
$account2->addPermissions($group, Permission::CHANGE_OWNER);
$account2->addPermissions($everyone, Permission::READ);
$this->assertTrue($account2->save());
$this->assertEquals(Permission::READ | Permission::WRITE | Permission::DELETE, $account1->getEffectivePermissions($user));
$this->assertEquals(Permission::WRITE | Permission::DELETE, $account1->getEffectivePermissions($group));
$this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($everyone));
$this->assertEquals(Permission::READ | Permission::WRITE | Permission::CHANGE_OWNER, $account2->getEffectivePermissions($user));
$this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account2->getEffectivePermissions($group));
$this->assertEquals(Permission::READ, $account2->getEffectivePermissions($everyone));
$account1Id = $account1->id;
$account2Id = $account2->id;
$userId = $user->id;
$groupId = $group->id;
Permission::removeForPermitable($group);
unset($account1);
unset($account2);
unset($user);
unset($group);
unset($everyone);
RedBeanModel::forgetAll();
$account1 = Account::getById($account1Id);
$account2 = Account::getById($account2Id);
$user = User::getById($userId);
$group = Group::getById($groupId);
$everyone = Group::getByName(Group::EVERYONE_GROUP_NAME);
$this->assertEquals(Permission::READ | Permission::DELETE, $account1->getEffectivePermissions($user));
$this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($group));
$this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($everyone));
$this->assertEquals(Permission::READ | Permission::WRITE, $account2->getEffectivePermissions($user));
$this->assertEquals(Permission::READ, $account2->getEffectivePermissions($group));
$this->assertEquals(Permission::READ, $account2->getEffectivePermissions($everyone));
unset($account1);
unset($account2);
unset($user);
unset($group);
unset($everyone);
RedBeanModel::forgetAll();
Permission::removeAll();
$account1 = Account::getById($account1Id);
$account2 = Account::getById($account2Id);
$user = User::getById($userId);
$group = Group::getById($groupId);
$everyone = Group::getByName(Group::EVERYONE_GROUP_NAME);
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($user));
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($group));
$this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($everyone));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($user));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($group));
$this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($everyone));
}
function date_req()
{
if (isset($_SESSION['groupId'])) {
echo "date requests for this group:<br>";
// date requests for group which has been selected
$dateRequests = DateRequest::getByUserId($_SESSION['userId'], $_SESSION['groupId']);
$a = sizeof($dateRequests);
for ($i = 0; $i < $a; $i++) {
$group = Group::getById($dateRequests[$i]["sentById"]);
echo "date request from " . $group->name . "<br>";
echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>";
echo "<a href='/backend/main.php?action=acceptDateRequest&id=" . $dateRequests[$i]["id"] . "'>accept</a>    ";
echo "<a href='/backend/main.php?action=declineDateRequest&id=" . $dateRequests[$i]["id"] . "'>decline</a><br>";
}
echo "accepted date requests:<br>";
// date requests accepted for group which has been selected
$dateRequests = DateRequest::getByGroupId($_SESSION['groupId']);
if ($dateRequests['0']['status'] == "successful" or $dateRequests['1']['status'] == "successful" or $dateRequests['2']['status'] == "successful") {
$group = Group::getById($dateRequests['0']["sentToGroupId"]);
echo "your date request was accepted by" . $group->name . "<br>";
echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>";
}
}
}
public function resolveRecordSharingPerformanceTime($count)
{
$groupMembers = array();
// create group
$this->resetGetArray();
$this->setPostArray(array('Group' => array('name' => "Group {$count}")));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create');
$group = Group::getByName("Group {$count}");
$this->assertNotNull($group);
$this->assertEquals("Group {$count}", strval($group));
$group->setRight('ContactsModule', ContactsModule::getAccessRight());
$group->setRight('ContactsModule', ContactsModule::getCreateRight());
$group->setRight('ContactsModule', ContactsModule::getDeleteRight());
$this->assertTrue($group->save());
$groupId = $group->id;
$group->forgetAll();
$group = Group::getById($groupId);
$this->resetGetArray();
for ($i = 0; $i < $count; $i++) {
$username = static::$baseUsername . "_{$i}_of_{$count}";
// Populate group
$this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => $username, 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active')));
$this->runControllerWithRedirectExceptionAndGetContent('/users/default/create');
$user = User::getByUsername($username);
$this->assertNotNull($user);
$groupMembers['usernames'][] = $user->username;
$groupMembers['ids'][] = $user->id;
}
$this->assertCount($count, $groupMembers['ids']);
// set user's group
$this->setGetArray(array('id' => $groupId));
$this->setPostArray(array('GroupUserMembershipForm' => array('userMembershipData' => $groupMembers['ids'])));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/editUserMembership');
$group->forgetAll();
$group = Group::getById($groupId);
$this->assertCount($count, $group->users);
foreach ($groupMembers['ids'] as $userId) {
$user = User::getById($userId);
$this->assertEquals($group->id, $user->groups[0]->id);
$this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getAccessRight(), $user));
$this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getCreateRight(), $user));
$this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getDeleteRight(), $user));
}
$this->clearAllCaches();
// go ahead and create contact with group given readwrite, use group's first member to confirm he has create access
$this->logoutCurrentUserLoginNewUserAndGetByUsername($groupMembers['usernames'][0]);
$this->resetGetArray();
$startingState = ContactsUtil::getStartingState();
$this->setPostArray(array('Contact' => array('firstName' => 'John', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $groupId))));
$startTime = microtime(true);
$url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create');
$timeTakenForSave = microtime(true) - $startTime;
$johnDoeContactId = intval(substr($url, strpos($url, 'id=') + 3));
$johnDoeContact = Contact::getById($johnDoeContactId);
$this->assertNotNull($johnDoeContact);
$this->resetPostArray();
$this->setGetArray(array('id' => $johnDoeContactId));
$content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
$this->assertContains('Who can read and write ' . strval($group), $content);
$this->clearAllCaches();
$this->resetPostArray();
// ensure group members have access
foreach ($groupMembers['usernames'] as $member) {
$user = $this->logoutCurrentUserLoginNewUserAndGetByUsername($member);
$this->assertNotNull($user);
$this->setGetArray(array('id' => $johnDoeContactId));
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit');
}
return $timeTakenForSave;
}
public function testArePermissionsFlushedOnRemovingParentFromChildGroup()
{
// cleanup
Contact::deleteAll();
try {
$group = Group::getByName('Child');
$group->delete();
} catch (NotFoundException $e) {
}
try {
$user = User::getByUsername('jim');
$user->delete();
} catch (NotFoundException $e) {
}
// we could have used helpers to do a lot of the following stuff (such as creating users, groups,
// etc) but we wanted to mimic user's interaction as closely as possible. Hence using walkthroughs
// for everything
// create Parent and Child Groups, Create Jim to be member of Child group
// create parent group
$this->resetGetArray();
$this->setPostArray(array('Group' => array('name' => 'Parent')));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create');
$parentGroup = Group::getByName('Parent');
$this->assertNotNull($parentGroup);
$this->assertEquals('Parent', strval($parentGroup));
$parentGroupId = $parentGroup->id;
// create child group
$this->resetGetArray();
$this->setPostArray(array('Group' => array('name' => 'Child', 'group' => array('id' => $parentGroupId))));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create');
$childGroup = Group::getByName('Child');
$this->assertNotNull($childGroup);
$this->assertEquals('Child', strval($childGroup));
$parentGroup->forgetAll();
$parentGroup = Group::getById($parentGroupId);
// give child rights for contacts module
$childGroup->setRight('ContactsModule', ContactsModule::getAccessRight());
$childGroup->setRight('ContactsModule', ContactsModule::getCreateRight());
$this->assertTrue($childGroup->save());
$childGroupId = $childGroup->id;
$childGroup->forgetAll();
$childGroup = Group::getById($childGroupId);
$this->assertContains($childGroup, $parentGroup->groups);
// create jim's user
$this->resetGetArray();
$this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => 'jim', 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active')));
$this->runControllerWithRedirectExceptionAndGetContent('/users/default/create');
$jim = User::getByUsername('jim');
$this->assertNotNull($jim);
// set jim's group to child group
$this->setGetArray(array('id' => $childGroup->id));
$this->setPostArray(array('GroupUserMembershipForm' => array('userMembershipData' => array($jim->id))));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/editUserMembership');
$jim->forgetAll();
$jim = User::getByUsername('jim');
$this->assertNotNull($jim);
$childGroup->forgetAll();
$childGroup = Group::getById($childGroupId);
$this->assertContains($childGroup, $jim->groups);
// create a contact with permissions to Parent group
// create ContactStates
ContactsModule::loadStartingData();
// ensure contact states have been created
$this->assertEquals(6, count(ContactState::GetAll()));
// go ahead and create contact with parent group given readwrite.
$startingState = ContactsUtil::getStartingState();
$this->resetGetArray();
$this->setPostArray(array('Contact' => array('firstName' => 'John', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $parentGroupId))));
$url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create');
$johnDoeContactId = intval(substr($url, strpos($url, 'id=') + 3));
$johnDoeContact = Contact::getById($johnDoeContactId);
$this->assertNotNull($johnDoeContact);
$this->resetPostArray();
$this->setGetArray(array('id' => $johnDoeContactId));
$content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
$this->assertContains('Who can read and write Parent', $content);
// create a contact using jim which he would see at all times
$this->logoutCurrentUserLoginNewUserAndGetByUsername('jim');
$this->resetGetArray();
$this->setPostArray(array('Contact' => array('firstName' => 'Jim', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id))));
$url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create');
$jimDoeContactId = intval(substr($url, strpos($url, 'id=') + 3));
$jimDoeContact = Contact::getById($jimDoeContactId);
$this->assertNotNull($jimDoeContact);
$this->resetPostArray();
$this->setGetArray(array('id' => $jimDoeContactId));
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
// ensure jim can see that contact everywhere
// jim should have access to see contact on list view
$this->resetGetArray();
// get the page, ensure the name of contact does show up there.
$content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default');
$this->assertContains('John Doe</a></td><td>', $content);
$this->assertContains('Jim Doe</a></td><td>', $content);
// jim should have access to jimDoeContact's detail view
$this->setGetArray(array('id' => $jimDoeContactId));
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
// jim should have access to jimDoeContact's edit view
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit');
// jim should have access to johnDoeContact's detail view
$this->setGetArray(array('id' => $johnDoeContactId));
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
// jim should have access to johnDoeContact's edit view
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit');
// unlink Parent group from child
$this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$this->setGetArray(array('id' => $childGroupId));
$this->setPostArray(array('Group' => array('name' => 'Child', 'group' => array('id' => ''))));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/edit');
$childGroup = Group::getByName('Child');
$this->assertNotNull($childGroup);
$this->assertEquals('Child', strval($childGroup));
$parentGroup->forgetAll();
$parentGroup = Group::getById($parentGroupId);
$this->assertNotContains($childGroup, $parentGroup->groups);
// ensure jim can not see that contact anywhere
// jim should not have access to see contact on list view
$this->logoutCurrentUserLoginNewUserAndGetByUsername('jim');
$this->resetGetArray();
// get the page, ensure the name of contact does not show up there.
$content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default');
$this->assertNotContains('John Doe</a></td><td>', $content);
$this->assertContains('Jim Doe</a></td><td>', $content);
// jim should have access to jimDoeContact's detail view
$this->setGetArray(array('id' => $jimDoeContactId));
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
// jim should have access to jimDoeContact's edit view
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit');
// jim should not have access to johnDoeContact's detail view
$this->setGetArray(array('id' => $johnDoeContactId));
try {
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
$this->fail('Accessing details action should have thrown ExitException');
} catch (ExitException $e) {
// just cleanup buffer
$this->endAndGetOutputBuffer();
}
// jim should not have access to johnDoeContact's edit view
try {
$this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit');
$this->fail('Accessing edit action should have thrown ExitException');
} catch (ExitException $e) {
// just cleanup buffer
$this->endAndGetOutputBuffer();
}
}
/**
* @depends testCreateAndGetUserById
*/
public function testDeleteUserCascadesToDeleteEverythingItShould()
{
$group = new Group();
$group->name = 'Os mais legais do Rio';
$this->assertTrue($group->save());
$user = new User();
$user->username = '******';
$user->title->value = 'Senhor';
$user->firstName = 'José';
$user->lastName = 'Olivereira';
$user->jobTitle = 'Traficante';
$user->primaryAddress->street1 = 'R. das Mulheres, 69';
$user->primaryAddress->street2 = '';
$user->primaryAddress->city = 'Centro';
$user->primaryAddress->state = 'RJ';
$user->primaryAddress->postalCode = '';
$user->primaryAddress->country = 'Brasil';
$user->primaryEmail->emailAddress = '*****@*****.**';
$user->primaryEmail->optOut = 1;
$user->primaryEmail->isInvalid = 0;
$user->manager = User::getByUsername('bill');
$user->setPassword('Senhor');
$user->groups->add($group);
$user->save();
$this->assertTrue($user->save());
$titleId = $user->title->id;
$primaryAddressId = $user->primaryAddress->id;
$primaryEmailId = $user->primaryEmail->id;
$groupId = $group->id;
$user->delete();
unset($user);
unset($group);
Group::getById($groupId);
User::getByUsername('bill');
try {
CustomField::getById($titleId);
$this->fail("Title should have been deleted.");
} catch (NotFoundException $e) {
}
try {
Address::getById($primaryAddressId);
$this->fail("Address should have been deleted.");
} catch (NotFoundException $e) {
}
try {
Email::getById($primaryEmailId);
$this->fail("Email should have been deleted.");
} catch (NotFoundException $e) {
}
}
public function actionUsersInGroupModalList($id)
{
$model = Group::getById((int) $id);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($model);
$searchAttributeData = UsersByModelModalListControllerUtil::makeModalSearchAttributeDataByModel($model, 'groups');
$dataProvider = UsersByModelModalListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
Yii::app()->getClientScript()->setToAjaxMode();
echo UsersByModelModalListControllerUtil::renderList($this, $dataProvider, 'usersInGroupModalList');
}
function acceptGroupRequest()
{
$request = Request::getById($_GET['id']);
$request->status = "accepted";
$request->update();
$request1 = Request::getOther($request->sentById, $request->type, $request->sentToId);
if ($request->status == "accepted" && $request1->status == "accepted") {
$group = Group::getById($request->sentById);
$group->status = "online";
$group->updateStatus();
}
require TEMPLATE_PATH . "/home.php";
}
/**
* For a given model, contact or account or opportunity, pushes DetailsAndRelationsView layout for provided user
* @param $model
* @param $groupsAndUsers
*/
public static function pushLayoutToUsers($model, $groupsAndUsers)
{
$processedUsers = array();
foreach ($groupsAndUsers['groups'] as $groupId) {
$group = Group::getById(intval($groupId));
$usersInGroup = $group->getUsersExceptSystemUsers();
foreach ($usersInGroup as $user) {
if (!in_array($user->id, $processedUsers)) {
$processedUsers[] = $user->id;
self::pushDetailsAndRelationsViewPortlets($user, $model);
}
}
}
foreach ($groupsAndUsers['users'] as $userId) {
$user = User::getById(intval($userId));
if (!in_array($user->id, $processedUsers)) {
$processedUsers[] = $user->id;
self::pushDetailsAndRelationsViewPortlets($user, $model);
}
}
}
echo "<a href='/dating_website/index.php?action=declineChatRequest&id=" . $chatRequests[$i]["id"] . "'>decline</a><br>";
}
echo "date requests for this group:<br>";
$dateRequests = DateRequest::getByUserId($_SESSION['userId'], $_SESSION['groupId']);
$a = sizeof($dateRequests);
for ($i = 0; $i < $a; $i++) {
$group = Group::getById($dateRequests[$i]["sentById"]);
echo "date request from " . $group->name . "<br>";
echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>";
echo "<a href='/dating_website/index.php?action=acceptDateRequest&id=" . $dateRequests[$i]["id"] . "'>accept</a>    ";
echo "<a href='/dating_website/index.php?action=declineDateRequest&id=" . $dateRequests[$i]["id"] . "'>decline</a><br>";
}
echo "accepted date requests:<br>";
$dateRequests = DateRequest::getByGroupId($_SESSION['groupId']);
if ($dateRequests['0']['status'] == "successful" or $dateRequests['1']['status'] == "successful" or $dateRequests['2']['status'] == "successful") {
$group = Group::getById($dateRequests['0']["sentToGroupId"]);
echo "your date request was accepted by" . $group->name . "<br>";
echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>";
}
} else {
echo "select a group to proceed" . "<br>";
}
$groupsPending = Group::getListPendingByAdminId($_SESSION['userId']);
$groupsCreatedOnline = Group::getListOnlineByAdminId($_SESSION['userId']);
$groupsOnline = Group::getListOnline($_SESSION['userId']);
echo "Groups you are admin for <br> ";
for ($i = 0; $i < sizeof($groupsCreatedOnline); $i++) {
echo "Group Name: " . $groupsCreatedOnline[$i]["name"] . "<br>";
echo "group members: <br>";
$per2 = User::getById($groupsCreatedOnline[$i]["per2Id"]);
$per3 = User::getById($groupsCreatedOnline[$i]["per3Id"]);
