/**
* Ensure that list of viewable calendars correctly reflects calendar permissions records
*/
public function testGetViewableUserCalendarNames()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('admin');
$viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames());
$this->assertEquals(array_merge(array('Anyone'), Yii::app()->db->createCommand("\n SELECT username\n FROM x2_users\n ")->queryColumn()), ArrayUtil::sort($viewable));
$user = $this->users('testUser');
TestingAuxLib::suLogin('testuser');
$viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames());
$grantedUsers = array_unique(array_merge(array('Anyone', 'testuser'), Yii::app()->db->createCommand("\n /**\n * get names of users who have granted view permission to testuser and names of\n * users who have not set up calendar permissions\n */\n SELECT distinct(username)\n FROM x2_users as t, x2_calendar_permissions\n WHERE other_user_id=:userId OR t.id NOT in (\n SELECT distinct(user_id)\n FROM x2_calendar_permissions\n )\n ")->queryColumn(array(':userId' => $user->id))));
$this->assertEquals(ArrayUtil::sort($grantedUsers), ArrayUtil::sort($viewable));
TestingAuxLib::restoreX2WebUser();
}
public function tearDown()
{
// try to replace mocks with original components in case mocks were set during test case
TestingAuxLib::restoreX2WebUser();
TestingAuxLib::restoreX2AuthManager();
TestingAuxLib::restoreController();
self::$skipAllTests = false;
self::$loadFixtures = X2_LOAD_FIXTURES;
self::$loadFixturesForClassOnly = X2_LOAD_FIXTURES_FOR_CLASS_ONLY;
if (isset($this->_oldSession)) {
$_SESSION = $this->_oldSession;
}
return parent::tearDown();
}
public function testDocsPermissions()
{
$auth = TestingAuxLib::loadAuthManagerMock();
TestingAuxLib::loadX2NonWebUser();
// user has docs update access
$user = $this->users('testUser');
$auth->setAccess('AdminIndex', $user->id, array(), false);
TestingAuxLib::suLogin('testuser');
$auth->setAccess('DocsAdmin', $user->id, array(), false);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
// can't be edited since edit permissions list is empty
$doc = $this->docs('0');
$this->assertFalse((bool) $doc->checkEditPermissions());
// "testuser" is in the edit permissions list
$doc = $this->docs('1');
$this->assertTrue((bool) $doc->checkEditPermissions());
$doc = $this->docs('3');
$this->assertTrue((bool) $doc->checkEditPermissions());
// testuser created the the doc
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user has docs private update access
$auth->clearCache();
$auth->setAccess('AdminIndex', $user->id, array(), false);
$auth->setAccess('DocsAdmin', $user->id, array(), false);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
$auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
// can't be edited since edit permissions list is empty
$doc = $this->docs('0');
$this->assertFalse((bool) $doc->checkEditPermissions());
// "testuser" is in the edit permissions list but since testuser only has private update
// access, doc cannot be edited
$doc = $this->docs('1');
$this->assertFalse((bool) $doc->checkEditPermissions());
$doc = $this->docs('3');
$this->assertFalse((bool) $doc->checkEditPermissions());
// testuser created the the doc, so they can edit it
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user has docs admin access
$auth->clearCache();
$auth->setAccess('AdminIndex', $user->id, array(), false);
$auth->setAccess('DocsAdmin', $user->id, array(), true);
$auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
$auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
// user is docs admin
$doc = $this->docs('0');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user is docs admin
$doc = $this->docs('1');
$this->assertTrue((bool) $doc->checkEditPermissions());
// user is docs admin
$doc = $this->docs('2');
$this->assertTrue((bool) $doc->checkEditPermissions());
TestingAuxLib::restoreX2WebUser();
TestingAuxLib::restoreX2AuthManager();
}
public function tearDown()
{
// try to replace mocks with original components in case mocks were set during test case
TestingAuxLib::restoreX2WebUser();
TestingAuxLib::restoreX2AuthManager();
return parent::tearDown();
}
public function tearDown()
{
// try to replace mocks with original components in case mocks were set during test case
TestingAuxLib::restoreX2WebUser();
TestingAuxLib::restoreX2AuthManager();
TestingAuxLib::restoreController();
self::$skipAllTests = false;
self::$loadFixtures = X2_LOAD_FIXTURES;
self::$loadFixturesForClassOnly = X2_LOAD_FIXTURES_FOR_CLASS_ONLY;
if (isset($this->_oldSession)) {
$_SESSION = $this->_oldSession;
}
if (X2_TEST_DEBUG_LEVEL > 0) {
$timer = TestingAuxLib::getCaseTimer();
TestingAuxLib::log("time elapsed for test case: {$timer->stop()->getTime()}");
}
return parent::tearDown();
}
public function testGetAccessCriteria()
{
TestingAuxLib::loadX2NonWebUser();
TestingAuxLib::suLogin('admin');
// admin privileges private profile
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals('TRUE', $accessCriteria->condition);
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll()));
// admin privileges public profile
$accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser')));
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******"')));
// non-admin public profile
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = null;
$accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser')));
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" and visibility')));
// non-admin private profile
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = null;
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" or visibility')));
// non-admin private profile, user history
TestingAuxLib::suLogin('testuser2');
Yii::app()->settings->historyPrivacy = 'user';
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******"')));
// non-admin private profile, group history
// assumes that testuser2 and testuser3 are groupmates
Yii::app()->settings->historyPrivacy = 'group';
$accessCriteria = Events::model()->getAccessCriteria();
$this->assertEquals(array_map(function ($event) {
return $event->id;
}, Events::model()->findAll($accessCriteria)), array_map(function ($event) {
return $event->id;
}, Events::model()->findAll('user="******" or user="******"')));
Yii::app()->settings->historyPrivacy = null;
TestingAuxLib::restoreX2WebUser();
}
