/** * If the ExplicitReadWriteModelPermissions says a group is read/write, but the existing securable item * does not have that, then this signals this group will need to be added. Whereas if the securable item has a * read/write group that the ExplicitReadWriteModelPermissions does not have, this signals that this read/write * needs to be removed. * @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions * @param SecurableItem $securableItem */ protected static function resolveForDifferencesBySecurableItem($explicitReadWriteModelPermissions, SecurableItem $securableItem) { foreach ($securableItem->permissions as $permission) { $permission->castDownPermitable(); if ($permission->permitable instanceof Group && $permission->type == Permission::ALLOW) { if (Permission::READ == ($permission->permissions & Permission::READ)) { if (!$explicitReadWriteModelPermissions->isReadOrReadWritePermitable($permission->permitable)) { $explicitReadWriteModelPermissions->addReadWritePermitableToRemove($permission->permitable); } } elseif (Permission::WRITE == ($permission->permissions & Permission::WRITE)) { if (!$explicitReadWriteModelPermissions->isReadOrReadWritePermitable($permission->permitable)) { $explicitReadWriteModelPermissions->addReadWritePermitableToRemove($permission->permitable); } } break; } } }
public function testSettingAndGetting() { Yii::app()->user->userModel = User::getByUsername('super'); $group1 = new Group(); $group1->name = 'Group1'; $this->assertTrue($group1->save()); $group2 = new Group(); $group2->name = 'Group2'; $this->assertTrue($group2->save()); $group3 = new Group(); $group3->name = 'Group3'; $this->assertTrue($group3->save()); $group4 = new Group(); $group4->name = 'Group4'; $this->assertTrue($group4->save()); $group5 = new Group(); $group5->name = 'Group5'; $this->assertTrue($group5->save()); $group6 = new Group(); $group6->name = 'Group6'; $this->assertTrue($group6->save()); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $this->assertEquals(0, $explicitReadWriteModelPermissions->getReadOnlyPermitablesCount()); $this->assertEquals(0, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); //Now add permitables and test retrieving them. $explicitReadWriteModelPermissions->addReadOnlyPermitable($group1); $explicitReadWriteModelPermissions->addReadWritePermitable($group2); $explicitReadWriteModelPermissions->addReadWritePermitable($group3); $explicitReadWriteModelPermissions->addReadOnlyPermitableToRemove($group4); $explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group5); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadOnlyPermitablesCount()); $this->assertEquals(2, $explicitReadWriteModelPermissions->getReadWritePermitablesCount()); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesToRemoveCount()); $this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesToRemoveCount()); $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables(); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $this->assertEquals(1, count($readOnlyPermitables)); $this->assertEquals(2, count($readWritePermitables)); $this->assertEquals($group1, $readOnlyPermitables[$group1->id]); $this->assertEquals($group2, $readWritePermitables[$group2->id]); $this->assertEquals($group3, $readWritePermitables[$group3->id]); $readOnlyPermitablesToRemove = $explicitReadWriteModelPermissions->getReadOnlyPermitablesToRemove(); $readWritePermitablesToRemove = $explicitReadWriteModelPermissions->getReadWritePermitablesToRemove(); $this->assertEquals($group4, $readOnlyPermitablesToRemove[$group4->id]); $this->assertEquals($group5, $readWritePermitablesToRemove[$group5->id]); $this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group1)); $this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group2)); $this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group3)); $this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group4)); $this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group5)); $this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group6)); $this->assertEquals(1, count($explicitReadWriteModelPermissions->getReadWritePermitablesToRemove())); $explicitReadWriteModelPermissions->removeAllReadWritePermitables(); $this->assertEquals(3, count($explicitReadWriteModelPermissions->getReadWritePermitablesToRemove())); }