Example #1
0
 /**
  * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
  * @expectedExceptionMessage Attempt of unauthorized access
  */
 public function testGetCurrentUserWithNoDiamanteUser()
 {
     $apiUser = $this->createApiUser();
     $this->authorizationService->expects($this->once())->method('getLoggedUser')->will($this->returnValue($apiUser));
     $this->diamanteUserRepository->expects($this->once())->method('findUserByEmail')->with($apiUser->getEmail())->will($this->returnValue(null));
     $this->service->getCurrentUser();
 }
Example #2
0
 /**
  * @param Ticket $ticket
  */
 private function removePrivateComments(Ticket $ticket)
 {
     $user = $this->authorizationService->getLoggedUser();
     if (!$user instanceof ApiUser) {
         return;
     }
     $comments = $ticket->getComments();
     foreach ($comments as $comment) {
         if ($comment->isPrivate()) {
             $comments->removeElement($comment);
         }
     }
 }
Example #3
0
 public function testUpdateProperties()
 {
     $this->branchRepository->expects($this->once())->method('get')->will($this->returnValue($this->branch));
     $name = 'DUMMY_NAME_UPDT';
     $description = 'DUMMY_DESC_UPDT';
     $this->branch->expects($this->at(0))->method('updateProperty')->with($this->equalTo('name'), $this->equalTo($name));
     $this->branch->expects($this->at(1))->method('updateProperty')->with($this->equalTo('description'), $this->equalTo($description));
     $this->branchRepository->expects($this->once())->method('store')->with($this->equalTo($this->branch));
     $this->authorizationService->expects($this->once())->method('isActionPermitted')->with($this->equalTo('EDIT'), $this->equalTo('Entity:DiamanteDeskBundle:Branch'))->will($this->returnValue(true));
     $command = new UpdatePropertiesCommand();
     $command->id = 1;
     $command->properties = ['name' => $name, 'description' => $description];
     $this->branchServiceImpl->updateProperties($command);
 }
Example #4
0
 /**
  * @param Ticket $ticket
  */
 private function removePrivateComments(Ticket $ticket)
 {
     $user = $this->authorizationService->getLoggedUser();
     if (!$user instanceof ApiUser) {
         return;
     }
     $comments = $ticket->getComments();
     $commentsList = $comments->toArray();
     $comments->clear();
     foreach ($commentsList as $comment) {
         if (!$comment->isPrivate()) {
             $comments->add($comment);
         }
     }
     $comments->takeSnapshot();
 }
Example #5
0
 /**
  * Update Diamante and Api users related to current session
  *
  * @ApiDoc(
  *  description="Update current user",
  *  uri="/users/current.{_format}",
  *  method={
  *      "PATCH",
  *      "PUT"
  *  },
  *  resource=true,
  *  statusCodes={
  *      200="Returned when successful",
  *      403="Returned when the user is not authorized to update user",
  *      404="Returned when the user is not found"
  *  }
  * )
  *
  * @param UpdateUserCommand $command
  * @return DiamanteUser
  */
 public function update(UpdateUserCommand $command)
 {
     $apiUser = $this->authorizationService->getLoggedUser();
     $diamanteUser = $this->loadDiamanteUser($apiUser);
     if ($command->firstName) {
         $diamanteUser->setFirstName($command->firstName);
     }
     if ($command->lastName) {
         $diamanteUser->setLastName($command->lastName);
     }
     if ($command->password) {
         $apiUser->setPassword($command->password);
     }
     $this->diamanteUserRepository->store($diamanteUser);
     $this->apiUserRepository->store($apiUser);
     return $diamanteUser;
 }
Example #6
0
 /**
  * Verify permissions through Oro Platform security bundle
  *
  * @param string $operation
  * @param Comment|string $entity
  * @throws ForbiddenException
  */
 private function isGranted($operation, $entity)
 {
     // User should have ability to view all comments (except private)
     // if he is an owner of a ticket
     if ($operation === 'VIEW' && is_object($entity)) {
         if ($this->authorizationService->getLoggedUser()) {
             $loggedUser = $this->authorizationService->getLoggedUser();
             if ($loggedUser instanceof ApiUser) {
                 $loggedUser = $this->userService->getUserFromApiUser($loggedUser);
             }
             /** @var User $reporter */
             $reporter = $entity->getTicket()->getReporter();
             if ($loggedUser && $reporter && $loggedUser->getId() == $reporter->getId()) {
                 return;
             }
         }
     }
     if (!$this->authorizationService->isActionPermitted($operation, $entity)) {
         throw new ForbiddenException("Not enough permissions.");
     }
 }
Example #7
0
 /**
  * Verify permissions through Oro Platform security bundle
  *
  * @param string $operation
  * @param $entity
  * @throws \Oro\Bundle\SecurityBundle\Exception\ForbiddenException
  */
 private function isGranted($operation, $entity)
 {
     if (!$this->authorizationService->isActionPermitted($operation, $entity)) {
         throw new ForbiddenException("Not enough permissions.");
     }
 }
Example #8
0
 public function testUpdatePropertiesByKey()
 {
     $this->ticketRepository->expects($this->once())->method('get')->will($this->returnValue($this->ticket));
     $properties = array('subject' => 'DUMMY_SUBJECT_UPDT_BY_KEY', 'description' => 'DUMMY_DESC_UPDT_BY_KEY', 'status' => 'open', 'priority' => 'high', 'source' => 'phone');
     $this->ticket->expects($this->once())->method('updateProperties')->with($this->equalTo($properties));
     $this->ticket->expects($this->once())->method('getId')->will($this->returnValue(1));
     $this->ticketRepository->expects($this->once())->method('getByTicketKey')->with(new TicketKey('DT', 1))->will($this->returnValue($this->ticket));
     $this->ticketRepository->expects($this->once())->method('store')->with($this->equalTo($this->ticket));
     $this->authorizationService->expects($this->any())->method('isActionPermitted')->with($this->anything(), $this->equalTo($this->ticket))->will($this->returnValue(true));
     $command = new UpdatePropertiesCommand();
     $command->key = static::DUMMY_TICKET_KEY;
     $command->properties = $properties;
     $this->ticketService->updatePropertiesByKey($command);
 }
Example #9
0
 /**
  * @test
  */
 public function thatAttachmentRemovesFromComment()
 {
     $attachment = new Attachment(new File('some/path/file.ext'));
     $this->commentRepository->expects($this->once())->method('get')->with($this->equalTo(self::DUMMY_COMMENT_ID))->will($this->returnValue($this->comment));
     $this->comment->expects($this->once())->method('getAttachment')->with($this->equalTo(1))->will($this->returnValue($attachment));
     $this->comment->expects($this->once())->method('removeAttachment')->with($this->equalTo($attachment));
     $this->attachmentManager->expects($this->once())->method('deleteAttachment')->with($this->equalTo($attachment));
     $this->registry->expects($this->any())->method('getManager')->will($this->returnValue($this->em));
     $this->em->expects($this->any())->method('persist');
     $this->authorizationService->expects($this->once())->method('isActionPermitted')->with($this->equalTo('EDIT'), $this->equalTo($this->comment))->will($this->returnValue(true));
     $removeCommentAttachmentCommand = new RemoveCommentAttachmentCommand();
     $removeCommentAttachmentCommand->attachmentId = 1;
     $removeCommentAttachmentCommand->commentId = self::DUMMY_COMMENT_ID;
     $this->service->removeAttachmentFromComment($removeCommentAttachmentCommand);
 }