/** * Renders the data cell content. * This method renders the menu * @param integer $row the row number (zero-based) * @param mixed $data the data associated with the row */ protected function renderDataCellContent($row, $data) { $menuItems = array('label' => $this->title, 'items' => array()); if (count($this->rowMenu['elements']) > 0) { foreach ($this->rowMenu['elements'] as $elementInformation) { $elementclassname = $elementInformation['type'] . 'ActionElement'; $params = array_slice($elementInformation, 1); if (!isset($params['redirectUrl'])) { $params['redirectUrl'] = $this->redirectUrl; } $params['modelClassName'] = $this->modelClassName; $params['gridId'] = $this->grid->getId(); array_walk($params, array($this->listView, 'resolveEvaluateSubString')); $element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params); if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) { continue; } if ($element->isFormRequiredToUse()) { throw new NotSupportedException(); } $menuItems['items'][] = $element->renderMenuItem(); } } if (count($menuItems['items']) > 0) { $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("OptionMenu"); $cClipWidget->widget('ext.zurmoinc.framework.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems))); $cClipWidget->endClip(); echo $cClipWidget->getController()->clips['OptionMenu']; } }
public static function getLinkStringForActivityItem($model, $linkRoute, $moduleClassName) { $modelClassName = get_class($model); $linkString = ActionSecurityUtil::resolveLinkToEditModelForCurrentUser(strval($model), $model, $moduleClassName, $linkRoute) . ' (' . $modelClassName . ')'; $text = ZurmoHtml::tag('div', array(), $linkString); return $text; }
/** * Renders the data cell content. * This method renders the menu * @param integer $row the row number (zero-based) * @param mixed $data the data associated with the row */ protected function renderDataCellContent($row, $data) { $menuItems = array('label' => $this->title, 'items' => array()); if (count($this->rowMenu['elements']) > 0) { foreach ($this->rowMenu['elements'] as $elementInformation) { $elementclassname = $elementInformation['type'] . 'ActionElement'; $class = new ReflectionClass($elementclassname); if ($class->implementsInterface('RowModelShouldRenderInterface') && !$elementclassname::shouldRenderByRowModel($data)) { continue; } $params = $this->resolveParams($elementInformation, $data, $row); array_walk($params, array($this->listView, 'resolveEvaluateSubString')); $element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params); if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) { continue; } if (!$this->listView->canRenderRowMenuColumnByElementAndData($element, $data)) { continue; } if ($element->isFormRequiredToUse()) { throw new NotSupportedException(); } $menuItems['items'][] = $element->renderMenuItem(); } } if (count($menuItems['items']) > 0) { $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("OptionMenu"); $cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems))); $cClipWidget->endClip(); echo $cClipWidget->getController()->clips['OptionMenu']; } }
/** * @param ActionElement $element * @param array $elementInformation * @return bool */ protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $this->model); }
protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } $modelClassName = $this->modelClassName; //Todo: figure out how to not need to new up a new model. return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false)); }
protected function resolveToRenderCheckBox($modelClassName, $modelId, $completedValue) { if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', new $modelClassName(false))) { return ''; } $checkboxId = 'closeTask' . $modelId; // Begin Not Coding Standard $content = 'CloseTaskCheckBoxListViewColumnAdapter::renderCloseCheckBox("' . $checkboxId . '", "' . $modelId . '", "' . $completedValue . '")'; Yii::app()->clientScript->registerScript('closeTaskCheckBoxScript', "\n function closeOpenTaskByCheckBoxClick(checkboxId, modelId)\n {\n if (\$('#' + checkboxId).attr('checked') == 'checked')\n {\n \$('#' + checkboxId).attr('disabled', true);\n \$('#' + checkboxId).parent().addClass('c_on');\n \$('#' + checkboxId).parent().addClass('disabled');\n \$('#' + checkboxId).parentsUntil('tr').parent().children().css('text-decoration', 'line-through');\n \$.ajax({\n url : '" . Yii::app()->createUrl('tasks/default/closeTask') . "?id=' + modelId,\n type : 'GET',\n dataType : 'json',\n success : function(data)\n {\n //find if there is a latest activities portlet\n \$('.LatestActivitiesForPortletView').each(function(){\n \$(this).find('.pager').find('.refresh').find('a').click();\n });\n },\n error : function()\n {\n //todo: error call\n }\n });\n }\n }\n ", CClientScript::POS_END); // End Not Coding Standard return $content; }
public function actionDownload($id, $modelId, $modelClassName) { $model = $modelClassName::getById((int) $modelId); if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) { $messageView = new AccessFailureView(); $view = new AccessFailurePageView($messageView); echo $view->render(); Yii::app()->end(0, false); } $fileModel = FileModel::getById((int) $id); Yii::app()->request->sendFile($fileModel->name, $fileModel->fileContent->content, $fileModel->type, false); }
/** * @param Contact $contact * @return string */ public static function resolveModuleIdWithLinkContentForContactOrLead(Contact $contact) { $linkContent = null; if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $contact)) { $moduleClassName = $contact->getModuleClassName(); $moduleId = ContactWebFormsUtil::getResolvedModuleIdForContactWebFormEntry($contact); $linkRoute = '/' . $moduleId . '/default/details'; $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($contact), $contact, $moduleClassName, $linkRoute); if ($link != null) { $linkContent = $link; } return ZurmoHtml::tag('div', array(), $linkContent); } }
public static function resolveAsUserOrContact(Item $item) { foreach (array('Contact', 'User') as $modelClassName) { try { $modelDerivationPathToItem = RuntimeUtil::getModelDerivationPathToItem($modelClassName); $model = $item->castDown(array($modelDerivationPathToItem)); $moduleClassName = $modelClassName::getModuleClassName(); $linkRoute = '/' . $moduleClassName::getDirectoryName() . '/default/details'; return ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($model), $model, $moduleClassName, $linkRoute); } catch (NotFoundException $e) { } } throw new NotSupportedException(); }
/** * Resolve a link to a related model. Used by @see ListView * for each row of a list for example. If the current user can Permission::READ * the related model, then check if the current user has RIGHT_ACCESS_ to * the model's related module. If current user has access then * return link, otherwise return text. If current user cannot Permission::READ * then return null. * @param $model * @param $moduleClassName * @param $linkContent * @return null|string */ public static function resolveViewLinkToModelForCurrentUser($model, $moduleClassName, $linkContent) { assert('$model instanceof Item'); assert('is_string($moduleClassName)'); assert('is_string($linkContent)'); if ($model->id <= 0) { return null; } if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) { return null; } if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) { return $linkContent; } return null; }
protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } // If element is ListByRelatedModelLink and there are no related items, do not show this element if ($element instanceof ListByRelatedModelLinkActionElement) { if ($this->getDataProvider()->totalItemCount <= 0) { return false; } } $modelClassName = $this->modelClassName; //Todo: figure out how to not need to new up a new model. return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false)); }
/** * Get feed information if projects for user * @param ProjectAuditEvent $projectAuditEvent * @return string */ public static function getFeedInformationForDashboard(ProjectAuditEvent $projectAuditEvent) { assert('$projectAuditEvent instanceof ProjectAuditEvent'); $project = Project::getById(intval($projectAuditEvent->project->id)); $dateTime = DateTimeUtil::getTimeSinceDisplayContent($projectAuditEvent->dateTime); $data = array('{timeSpanLabel}' => $dateTime); if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $project)) { $projectName = static::resolveProjectName($project); $data['{projectname}'] = $projectName; $user = User::getById($projectAuditEvent->user->id); $data['{username}'] = $user->getFullName(); $unserializedData = unserialize($projectAuditEvent->serializedData); if (is_array($unserializedData)) { $data = array_merge($unserializedData, $data); } } else { return Zurmo::t('ProjectsModule', '<strong>Activity on a restricted project </strong> <small>about {timeSpanLabel}</small>', $data); } return static::getMessageContentByEventAndData($projectAuditEvent->eventName, $data); }
/** * @param Account $account * @return string */ public static function resolveAccountWithLinkContent(Account $account) { if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $account)) { $moduleClassName = $account->getModuleClassName(); $linkRoute = '/' . $moduleClassName::getDirectoryName() . '/default/details'; $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($account), $account, $moduleClassName, $linkRoute); if ($link != null) { $linkContent = $link; } return ZurmoHtml::tag('div', array(), $linkContent); } }
/** * @param CampaignItem $campaignItem * @return string */ protected static function renderMetricsContent(CampaignItem $campaignItem) { if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $campaignItem->emailMessage)) { return static::renderRestrictedEmailMessageAccessLink($campaignItem->emailMessage); } $isQueued = $campaignItem->isQueued(); $isSkipped = $campaignItem->isSkipped(); if ($isQueued) { $content = static::getQueuedContent(); } elseif ($isSkipped) { $content = static::getSkippedContent(); } elseif ($campaignItem->hasFailedToSend()) { $content = static::getSendFailedContent(); } elseif ($campaignItem->isSent()) { $content = static::getSentContent(); if ($campaignItem->hasAtLeastOneOpenActivity()) { $content .= static::getOpenedContent(); } if ($campaignItem->hasAtLeastOneClickActivity()) { $content .= static::getClickedContent(); } if ($campaignItem->hasAtLeastOneUnsubscribeActivity()) { $content .= static::getUnsubscribedContent(); } if ($campaignItem->hasAtLeastOneBounceActivity()) { $content .= static::getBouncedContent(); } } else { $content = static::getAwaitingQueueingContent(); } return ZurmoHtml::wrapAndRenderContinuumButtonContent($content); }
private static function renderAfterDescriptionContent(SocialItem $model) { if ($model->note->id > 0 && ActionSecurityUtil::canCurrentUserPerformAction('Details', $model->note)) { $content = null; if ($model->note->activityItems->count() > 0) { $element = new NoteActivityItemsForSocialItemsListElement($model->note, null); $element->nonEditableTemplate = '{content}'; $content .= $element->render(); $content .= '<br/>'; } return $content; } }
/** * Render a toolbar above the form layout. This includes * a link to edit the dashboard as well as a link to add * portlets to the dashboard * @return A string containing the element's content. */ protected function renderActionElementBar($renderedInForm) { $content = parent::renderActionElementBar($renderedInForm); $deleteDashboardLinkActionElement = new DeleteDashboardLinkActionElement($this->controllerId, $this->moduleId, $this->modelId, array('htmlOptions' => array('class' => 'icon-delete', 'confirm' => Zurmo::t('HomeModule', 'Are you sure want to delete this dashboard?')))); if (!ActionSecurityUtil::canCurrentUserPerformAction($deleteDashboardLinkActionElement->getActionType(), $this->model)) { return $content; } if (!$this->isDefaultDashboard) { $content .= $deleteDashboardLinkActionElement->render(); } $content .= $this->renderChangeDashboardLinkActionContent(); return $content; }
protected static function resolveAccountContentByUser(Account $account, User $user) { $userCanAccess = RightsUtil::canUserAccessModule('AccountsModule', $user); $userCanReadItem = ActionSecurityUtil::canUserPerformAction('Details', $account, $user); if ($userCanAccess && $userCanReadItem) { return ZurmoHtml::link(Yii::app()->format->text($account), Yii::app()->createUrl('accounts/default/details/', array('id' => $account->id))); } elseif (!$userCanAccess && $userCanReadItem) { return strval($account); } else { return; } }
protected function userCanExportReport() { return ActionSecurityUtil::canCurrentUserPerformAction('Export', $this->savedReport); }
/** * For now, this determines if there is a subclass of * ModelElement and makes the appropriate adjustments * based on the user's access to this element and its * related attributes. This is for the NonEditable render. * @return null. Modifies $elementInformation by reference. */ public static function resolveElementForNonEditableRender($model, &$elementInformation, $user) { assert('$model instanceof RedBeanModel || $model instanceof CModel'); assert('is_array($elementInformation)'); assert('$user instanceof User && $user->id > 0'); $elementclassname = $elementInformation['type'] . 'Element'; $attributeName = $elementInformation['attributeName']; if (is_subclass_of($elementclassname, 'ModelElement')) { $moduleId = $elementclassname::getModuleId(); $moduleClassName = get_class(Yii::app()->getModule($moduleId)); assert('is_string($moduleClassName)'); $userCanAccess = RightsUtil::canUserAccessModule($moduleClassName, $user); $userCanReadItem = ActionSecurityUtil::canUserPerformAction($elementclassname::getNonEditableActionType(), $model->{$attributeName}, $user); if ($userCanAccess && $userCanReadItem) { return; } elseif (!$userCanAccess && $userCanReadItem) { if ($model->{$attributeName}->id < 0) { $elementInformation['attributeName'] = null; $elementInformation['type'] = 'Null'; // Not Coding Standard } else { $elementInformation['noLink'] = true; } } else { $elementInformation['attributeName'] = null; $elementInformation['type'] = 'Null'; // Not Coding Standard } } elseif (is_subclass_of($elementclassname, 'ExplicitReadWriteModelPermissionsElement')) { if (ActionSecurityUtil::canUserPerformAction('Edit', $model, $user)) { return; } else { $elementInformation['type'] = 'Null'; // Not Coding Standard } } }
/** * @depends testCanCurrentUserPerformAction */ public function testResolveLinkToModelForCurrentUser() { Yii::app()->user->userModel = User::getByUsername('super'); $notSavedAccount = new Account(); $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $notSavedAccount, 'AccountsModule', 'accounts/default/details'); $this->assertNull($link); $accounts = Account::getByName('Supermart'); $betty = User::getByUsername('betty'); $bettyAccount = AccountTestHelper::createAccountByNameForOwner('bopbeebop', $betty); Yii::app()->user->userModel = $betty; $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $bettyAccount, 'AccountsModule', 'accounts/default/details'); $this->assertEquals('bpoboo', $link); $betty->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS, Right::ALLOW); $this->assertTrue($betty->save()); $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $bettyAccount, 'AccountsModule', 'accounts/default/details'); $this->assertContains('accounts/default/details', $link); $this->assertEquals(1, count($accounts)); $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $accounts[0], 'AccountsModule', 'accounts/default/details'); $this->assertEquals(null, $link); }
/** * Resolve a link to a related model for editing. Used by some modal views * for example. If the current user can Permission::WRITE * the related model, then check if the current user has RIGHT_ACCESS_ to * the model's related module. If current user has access then * return link, otherwise return text. If current user cannot Permission::WRITE * then return null. * @param $attributeString * @param $model * @param $moduleClassName * @param $linkRoute * @param null $redirectUrl * @return null|string */ public static function resolveLinkToEditModelForCurrentUser($attributeString, $model, $moduleClassName, $linkRoute, $redirectUrl = null) { assert('is_string($attributeString)'); assert('$model instanceof Item'); assert('is_string($moduleClassName)'); assert('is_string($linkRoute)'); assert('is_string($redirectUrl) || $redirectUrl == null'); if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', $model)) { return null; } if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) { return ZurmoHtml::link($attributeString, Yii::app()->createUrl($linkRoute, array("id" => $model->id, 'redirectUrl' => $redirectUrl))); } return $attributeString; }
/** * (non-PHPdoc) * @see CCheckBoxColumn::renderDataCellContent() */ protected function renderDataCellContent($row, $data) { $dataParams = array_merge(array('campaignItemId' => $data->id)); $expandAndLoadLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandAndLoadLink drilldown-link', 'data-url' => $this->getDrillDownLoadUrl($dataParams)), 'G'); $expandLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandLink drilldown-link', 'style' => "display:none;"), 'G'); $collapseLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownCollapseLink drilldown-link', 'style' => "display:none;"), '÷'); if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $data->emailMessage)) { echo $expandAndLoadLinkContent . $expandLinkContent . $collapseLinkContent; } }