/**
* Renders the data cell content.
* This method renders the menu
* @param integer $row the row number (zero-based)
* @param mixed $data the data associated with the row
*/
protected function renderDataCellContent($row, $data)
{
$menuItems = array('label' => $this->title, 'items' => array());
if (count($this->rowMenu['elements']) > 0) {
foreach ($this->rowMenu['elements'] as $elementInformation) {
$elementclassname = $elementInformation['type'] . 'ActionElement';
$params = array_slice($elementInformation, 1);
if (!isset($params['redirectUrl'])) {
$params['redirectUrl'] = $this->redirectUrl;
}
$params['modelClassName'] = $this->modelClassName;
$params['gridId'] = $this->grid->getId();
array_walk($params, array($this->listView, 'resolveEvaluateSubString'));
$element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params);
if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) {
continue;
}
if ($element->isFormRequiredToUse()) {
throw new NotSupportedException();
}
$menuItems['items'][] = $element->renderMenuItem();
}
}
if (count($menuItems['items']) > 0) {
$cClipWidget = new CClipWidget();
$cClipWidget->beginClip("OptionMenu");
$cClipWidget->widget('ext.zurmoinc.framework.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems)));
$cClipWidget->endClip();
echo $cClipWidget->getController()->clips['OptionMenu'];
}
}
public static function getLinkStringForActivityItem($model, $linkRoute, $moduleClassName)
{
$modelClassName = get_class($model);
$linkString = ActionSecurityUtil::resolveLinkToEditModelForCurrentUser(strval($model), $model, $moduleClassName, $linkRoute) . ' (' . $modelClassName . ')';
$text = ZurmoHtml::tag('div', array(), $linkString);
return $text;
}
/**
* Renders the data cell content.
* This method renders the menu
* @param integer $row the row number (zero-based)
* @param mixed $data the data associated with the row
*/
protected function renderDataCellContent($row, $data)
{
$menuItems = array('label' => $this->title, 'items' => array());
if (count($this->rowMenu['elements']) > 0) {
foreach ($this->rowMenu['elements'] as $elementInformation) {
$elementclassname = $elementInformation['type'] . 'ActionElement';
$class = new ReflectionClass($elementclassname);
if ($class->implementsInterface('RowModelShouldRenderInterface') && !$elementclassname::shouldRenderByRowModel($data)) {
continue;
}
$params = $this->resolveParams($elementInformation, $data, $row);
array_walk($params, array($this->listView, 'resolveEvaluateSubString'));
$element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params);
if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) {
continue;
}
if (!$this->listView->canRenderRowMenuColumnByElementAndData($element, $data)) {
continue;
}
if ($element->isFormRequiredToUse()) {
throw new NotSupportedException();
}
$menuItems['items'][] = $element->renderMenuItem();
}
}
if (count($menuItems['items']) > 0) {
$cClipWidget = new CClipWidget();
$cClipWidget->beginClip("OptionMenu");
$cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems)));
$cClipWidget->endClip();
echo $cClipWidget->getController()->clips['OptionMenu'];
}
}
/**
* @param ActionElement $element
* @param array $elementInformation
* @return bool
*/
protected function shouldRenderToolBarElement($element, $elementInformation)
{
assert('$element instanceof ActionElement');
assert('is_array($elementInformation)');
if (!parent::shouldRenderToolBarElement($element, $elementInformation)) {
return false;
}
return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $this->model);
}
protected function shouldRenderToolBarElement($element, $elementInformation)
{
assert('$element instanceof ActionElement');
assert('is_array($elementInformation)');
if (!parent::shouldRenderToolBarElement($element, $elementInformation)) {
return false;
}
$modelClassName = $this->modelClassName;
//Todo: figure out how to not need to new up a new model.
return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false));
}
protected function resolveToRenderCheckBox($modelClassName, $modelId, $completedValue)
{
if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', new $modelClassName(false))) {
return '';
}
$checkboxId = 'closeTask' . $modelId;
// Begin Not Coding Standard
$content = 'CloseTaskCheckBoxListViewColumnAdapter::renderCloseCheckBox("' . $checkboxId . '", "' . $modelId . '", "' . $completedValue . '")';
Yii::app()->clientScript->registerScript('closeTaskCheckBoxScript', "\n function closeOpenTaskByCheckBoxClick(checkboxId, modelId)\n {\n if (\$('#' + checkboxId).attr('checked') == 'checked')\n {\n \$('#' + checkboxId).attr('disabled', true);\n \$('#' + checkboxId).parent().addClass('c_on');\n \$('#' + checkboxId).parent().addClass('disabled');\n \$('#' + checkboxId).parentsUntil('tr').parent().children().css('text-decoration', 'line-through');\n \$.ajax({\n url : '" . Yii::app()->createUrl('tasks/default/closeTask') . "?id=' + modelId,\n type : 'GET',\n dataType : 'json',\n success : function(data)\n {\n //find if there is a latest activities portlet\n \$('.LatestActivitiesForPortletView').each(function(){\n \$(this).find('.pager').find('.refresh').find('a').click();\n });\n },\n error : function()\n {\n //todo: error call\n }\n });\n }\n }\n ", CClientScript::POS_END);
// End Not Coding Standard
return $content;
}
public function actionDownload($id, $modelId, $modelClassName)
{
$model = $modelClassName::getById((int) $modelId);
if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) {
$messageView = new AccessFailureView();
$view = new AccessFailurePageView($messageView);
echo $view->render();
Yii::app()->end(0, false);
}
$fileModel = FileModel::getById((int) $id);
Yii::app()->request->sendFile($fileModel->name, $fileModel->fileContent->content, $fileModel->type, false);
}
/**
* @param Contact $contact
* @return string
*/
public static function resolveModuleIdWithLinkContentForContactOrLead(Contact $contact)
{
$linkContent = null;
if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $contact)) {
$moduleClassName = $contact->getModuleClassName();
$moduleId = ContactWebFormsUtil::getResolvedModuleIdForContactWebFormEntry($contact);
$linkRoute = '/' . $moduleId . '/default/details';
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($contact), $contact, $moduleClassName, $linkRoute);
if ($link != null) {
$linkContent = $link;
}
return ZurmoHtml::tag('div', array(), $linkContent);
}
}
public static function resolveAsUserOrContact(Item $item)
{
foreach (array('Contact', 'User') as $modelClassName) {
try {
$modelDerivationPathToItem = RuntimeUtil::getModelDerivationPathToItem($modelClassName);
$model = $item->castDown(array($modelDerivationPathToItem));
$moduleClassName = $modelClassName::getModuleClassName();
$linkRoute = '/' . $moduleClassName::getDirectoryName() . '/default/details';
return ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($model), $model, $moduleClassName, $linkRoute);
} catch (NotFoundException $e) {
}
}
throw new NotSupportedException();
}
/**
* Resolve a link to a related model. Used by @see ListView
* for each row of a list for example. If the current user can Permission::READ
* the related model, then check if the current user has RIGHT_ACCESS_ to
* the model's related module. If current user has access then
* return link, otherwise return text. If current user cannot Permission::READ
* then return null.
* @param $model
* @param $moduleClassName
* @param $linkContent
* @return null|string
*/
public static function resolveViewLinkToModelForCurrentUser($model, $moduleClassName, $linkContent)
{
assert('$model instanceof Item');
assert('is_string($moduleClassName)');
assert('is_string($linkContent)');
if ($model->id <= 0) {
return null;
}
if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) {
return null;
}
if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) {
return $linkContent;
}
return null;
}
protected function shouldRenderToolBarElement($element, $elementInformation)
{
assert('$element instanceof ActionElement');
assert('is_array($elementInformation)');
if (!parent::shouldRenderToolBarElement($element, $elementInformation)) {
return false;
}
// If element is ListByRelatedModelLink and there are no related items, do not show this element
if ($element instanceof ListByRelatedModelLinkActionElement) {
if ($this->getDataProvider()->totalItemCount <= 0) {
return false;
}
}
$modelClassName = $this->modelClassName;
//Todo: figure out how to not need to new up a new model.
return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false));
}
/**
* Get feed information if projects for user
* @param ProjectAuditEvent $projectAuditEvent
* @return string
*/
public static function getFeedInformationForDashboard(ProjectAuditEvent $projectAuditEvent)
{
assert('$projectAuditEvent instanceof ProjectAuditEvent');
$project = Project::getById(intval($projectAuditEvent->project->id));
$dateTime = DateTimeUtil::getTimeSinceDisplayContent($projectAuditEvent->dateTime);
$data = array('{timeSpanLabel}' => $dateTime);
if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $project)) {
$projectName = static::resolveProjectName($project);
$data['{projectname}'] = $projectName;
$user = User::getById($projectAuditEvent->user->id);
$data['{username}'] = $user->getFullName();
$unserializedData = unserialize($projectAuditEvent->serializedData);
if (is_array($unserializedData)) {
$data = array_merge($unserializedData, $data);
}
} else {
return Zurmo::t('ProjectsModule', '<strong>Activity on a restricted project
</strong> <small>about {timeSpanLabel}</small>', $data);
}
return static::getMessageContentByEventAndData($projectAuditEvent->eventName, $data);
}
/**
* @param Account $account
* @return string
*/
public static function resolveAccountWithLinkContent(Account $account)
{
if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $account)) {
$moduleClassName = $account->getModuleClassName();
$linkRoute = '/' . $moduleClassName::getDirectoryName() . '/default/details';
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($account), $account, $moduleClassName, $linkRoute);
if ($link != null) {
$linkContent = $link;
}
return ZurmoHtml::tag('div', array(), $linkContent);
}
}
/**
* @param CampaignItem $campaignItem
* @return string
*/
protected static function renderMetricsContent(CampaignItem $campaignItem)
{
if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $campaignItem->emailMessage)) {
return static::renderRestrictedEmailMessageAccessLink($campaignItem->emailMessage);
}
$isQueued = $campaignItem->isQueued();
$isSkipped = $campaignItem->isSkipped();
if ($isQueued) {
$content = static::getQueuedContent();
} elseif ($isSkipped) {
$content = static::getSkippedContent();
} elseif ($campaignItem->hasFailedToSend()) {
$content = static::getSendFailedContent();
} elseif ($campaignItem->isSent()) {
$content = static::getSentContent();
if ($campaignItem->hasAtLeastOneOpenActivity()) {
$content .= static::getOpenedContent();
}
if ($campaignItem->hasAtLeastOneClickActivity()) {
$content .= static::getClickedContent();
}
if ($campaignItem->hasAtLeastOneUnsubscribeActivity()) {
$content .= static::getUnsubscribedContent();
}
if ($campaignItem->hasAtLeastOneBounceActivity()) {
$content .= static::getBouncedContent();
}
} else {
$content = static::getAwaitingQueueingContent();
}
return ZurmoHtml::wrapAndRenderContinuumButtonContent($content);
}
private static function renderAfterDescriptionContent(SocialItem $model)
{
if ($model->note->id > 0 && ActionSecurityUtil::canCurrentUserPerformAction('Details', $model->note)) {
$content = null;
if ($model->note->activityItems->count() > 0) {
$element = new NoteActivityItemsForSocialItemsListElement($model->note, null);
$element->nonEditableTemplate = '{content}';
$content .= $element->render();
$content .= '<br/>';
}
return $content;
}
}
/**
* Render a toolbar above the form layout. This includes
* a link to edit the dashboard as well as a link to add
* portlets to the dashboard
* @return A string containing the element's content.
*/
protected function renderActionElementBar($renderedInForm)
{
$content = parent::renderActionElementBar($renderedInForm);
$deleteDashboardLinkActionElement = new DeleteDashboardLinkActionElement($this->controllerId, $this->moduleId, $this->modelId, array('htmlOptions' => array('class' => 'icon-delete', 'confirm' => Zurmo::t('HomeModule', 'Are you sure want to delete this dashboard?'))));
if (!ActionSecurityUtil::canCurrentUserPerformAction($deleteDashboardLinkActionElement->getActionType(), $this->model)) {
return $content;
}
if (!$this->isDefaultDashboard) {
$content .= $deleteDashboardLinkActionElement->render();
}
$content .= $this->renderChangeDashboardLinkActionContent();
return $content;
}
protected static function resolveAccountContentByUser(Account $account, User $user)
{
$userCanAccess = RightsUtil::canUserAccessModule('AccountsModule', $user);
$userCanReadItem = ActionSecurityUtil::canUserPerformAction('Details', $account, $user);
if ($userCanAccess && $userCanReadItem) {
return ZurmoHtml::link(Yii::app()->format->text($account), Yii::app()->createUrl('accounts/default/details/', array('id' => $account->id)));
} elseif (!$userCanAccess && $userCanReadItem) {
return strval($account);
} else {
return;
}
}
protected function userCanExportReport()
{
return ActionSecurityUtil::canCurrentUserPerformAction('Export', $this->savedReport);
}
/**
* For now, this determines if there is a subclass of
* ModelElement and makes the appropriate adjustments
* based on the user's access to this element and its
* related attributes. This is for the NonEditable render.
* @return null. Modifies $elementInformation by reference.
*/
public static function resolveElementForNonEditableRender($model, &$elementInformation, $user)
{
assert('$model instanceof RedBeanModel || $model instanceof CModel');
assert('is_array($elementInformation)');
assert('$user instanceof User && $user->id > 0');
$elementclassname = $elementInformation['type'] . 'Element';
$attributeName = $elementInformation['attributeName'];
if (is_subclass_of($elementclassname, 'ModelElement')) {
$moduleId = $elementclassname::getModuleId();
$moduleClassName = get_class(Yii::app()->getModule($moduleId));
assert('is_string($moduleClassName)');
$userCanAccess = RightsUtil::canUserAccessModule($moduleClassName, $user);
$userCanReadItem = ActionSecurityUtil::canUserPerformAction($elementclassname::getNonEditableActionType(), $model->{$attributeName}, $user);
if ($userCanAccess && $userCanReadItem) {
return;
} elseif (!$userCanAccess && $userCanReadItem) {
if ($model->{$attributeName}->id < 0) {
$elementInformation['attributeName'] = null;
$elementInformation['type'] = 'Null';
// Not Coding Standard
} else {
$elementInformation['noLink'] = true;
}
} else {
$elementInformation['attributeName'] = null;
$elementInformation['type'] = 'Null';
// Not Coding Standard
}
} elseif (is_subclass_of($elementclassname, 'ExplicitReadWriteModelPermissionsElement')) {
if (ActionSecurityUtil::canUserPerformAction('Edit', $model, $user)) {
return;
} else {
$elementInformation['type'] = 'Null';
// Not Coding Standard
}
}
}
/**
* @depends testCanCurrentUserPerformAction
*/
public function testResolveLinkToModelForCurrentUser()
{
Yii::app()->user->userModel = User::getByUsername('super');
$notSavedAccount = new Account();
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $notSavedAccount, 'AccountsModule', 'accounts/default/details');
$this->assertNull($link);
$accounts = Account::getByName('Supermart');
$betty = User::getByUsername('betty');
$bettyAccount = AccountTestHelper::createAccountByNameForOwner('bopbeebop', $betty);
Yii::app()->user->userModel = $betty;
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $bettyAccount, 'AccountsModule', 'accounts/default/details');
$this->assertEquals('bpoboo', $link);
$betty->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS, Right::ALLOW);
$this->assertTrue($betty->save());
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $bettyAccount, 'AccountsModule', 'accounts/default/details');
$this->assertContains('accounts/default/details', $link);
$this->assertEquals(1, count($accounts));
$link = ActionSecurityUtil::resolveLinkToModelForCurrentUser('bpoboo', $accounts[0], 'AccountsModule', 'accounts/default/details');
$this->assertEquals(null, $link);
}
/**
* Resolve a link to a related model for editing. Used by some modal views
* for example. If the current user can Permission::WRITE
* the related model, then check if the current user has RIGHT_ACCESS_ to
* the model's related module. If current user has access then
* return link, otherwise return text. If current user cannot Permission::WRITE
* then return null.
* @param $attributeString
* @param $model
* @param $moduleClassName
* @param $linkRoute
* @param null $redirectUrl
* @return null|string
*/
public static function resolveLinkToEditModelForCurrentUser($attributeString, $model, $moduleClassName, $linkRoute, $redirectUrl = null)
{
assert('is_string($attributeString)');
assert('$model instanceof Item');
assert('is_string($moduleClassName)');
assert('is_string($linkRoute)');
assert('is_string($redirectUrl) || $redirectUrl == null');
if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', $model)) {
return null;
}
if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) {
return ZurmoHtml::link($attributeString, Yii::app()->createUrl($linkRoute, array("id" => $model->id, 'redirectUrl' => $redirectUrl)));
}
return $attributeString;
}
/**
* (non-PHPdoc)
* @see CCheckBoxColumn::renderDataCellContent()
*/
protected function renderDataCellContent($row, $data)
{
$dataParams = array_merge(array('campaignItemId' => $data->id));
$expandAndLoadLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandAndLoadLink drilldown-link', 'data-url' => $this->getDrillDownLoadUrl($dataParams)), 'G');
$expandLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandLink drilldown-link', 'style' => "display:none;"), 'G');
$collapseLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownCollapseLink drilldown-link', 'style' => "display:none;"), '÷');
if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $data->emailMessage)) {
echo $expandAndLoadLinkContent . $expandLinkContent . $collapseLinkContent;
}
}
