Esempio n. 1
0
 protected function renderNonEditableElementsForRelationsByRelationsData($relationModelClassNames)
 {
     $content = null;
     $formClassName = static::getRelatedItemFormClassName();
     foreach ($relationModelClassNames as $relationModelClassName) {
         $relatedItemForm = null;
         //ASSUMES ONLY A SINGLE ATTACHED RELATEDITEM PER RELATION TYPE.
         foreach ($this->getRelatedItemsFromModel() as $item) {
             try {
                 $modelDerivationPathToItem = RuntimeUtil::getModelDerivationPathToItem($relationModelClassName);
                 $castedDownModel = $item->castDown(array($modelDerivationPathToItem));
                 $relatedItemForm = new $formClassName($castedDownModel);
                 break;
             } catch (NotFoundException $e) {
                 //do nothing
             }
         }
         if ($relatedItemForm != null) {
             $canAccess = true;
             $modelElementType = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity($relationModelClassName, Yii::app()->user->userModel, $canAccess);
             if ($canAccess) {
                 $elementInformation = array('attributeName' => $relationModelClassName, 'type' => $modelElementType);
                 FormLayoutSecurityUtil::resolveElementForNonEditableRender($relatedItemForm, $elementInformation, Yii::app()->user->userModel);
                 if ($elementInformation['attributeName'] != null) {
                     $elementclassname = $elementInformation['type'] . 'Element';
                     $element = new $elementclassname($relatedItemForm, $elementInformation['attributeName'], $this->form, array_slice($elementInformation, 2));
                     assert('$element instanceof ModelElement');
                     $element->nonEditableTemplate = $this->getRelatedItemNonEditableTemplate();
                     $content .= $element->render();
                 }
             }
         }
     }
     return $content;
 }
 public function testresolveModelElementTypeByActionSecurity()
 {
     $super = User::getByUsername('super');
     Yii::app()->user->userModel = $super;
     $bobby = User::getByUsername('bobby');
     $this->assertEquals(Right::DENY, $bobby->getEffectiveRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS));
     $this->assertEquals(Right::DENY, $bobby->getEffectiveRight('ContactsModule', ContactsModule::RIGHT_ACCESS_CONTACTS));
     $this->assertEquals(Right::DENY, $bobby->getEffectiveRight('LeadsModule', LeadsModule::RIGHT_ACCESS_LEADS));
     //test Account model where user does not have access
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Account', $bobby, $canAccess);
     $this->assertFalse($canAccess);
     $this->assertEquals('Account', $elementName);
     $bobby->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
     $this->assertTrue($bobby->save());
     //test Account model where user has access
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Account', $bobby, $canAccess);
     $this->assertTrue($canAccess);
     $this->assertEquals('Account', $elementName);
     //test Contact model where has no access to either the leads or contacts module.
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Contact', $bobby, $canAccess);
     $this->assertFalse($canAccess);
     $this->assertEquals('Contact', $elementName);
     //test Contact model where user has access to only the leads module
     $bobby->setRight('LeadsModule', LeadsModule::RIGHT_ACCESS_LEADS);
     $this->assertTrue($bobby->save());
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Contact', $bobby, $canAccess);
     $this->assertTrue($canAccess);
     $this->assertEquals('Lead', $elementName);
     //test Contact model where user has access to only the contacts module
     $bobby->removeRight('LeadsModule', LeadsModule::RIGHT_ACCESS_LEADS);
     $bobby->setRight('ContactsModule', ContactsModule::RIGHT_ACCESS_CONTACTS);
     $this->assertTrue($bobby->save());
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Contact', $bobby, $canAccess);
     $this->assertTrue($canAccess);
     $this->assertEquals('Contact', $elementName);
     //test Contact model where user has access to both the contacts and leads module.
     $bobby->setRight('LeadsModule', LeadsModule::RIGHT_ACCESS_LEADS);
     $this->assertTrue($bobby->save());
     $canAccess = true;
     $elementName = RelatedItemRelationToModelElementUtil::resolveModelElementTypeByActionSecurity('Contact', $bobby, $canAccess);
     $this->assertTrue($canAccess);
     $this->assertEquals('AllStatesContact', $elementName);
 }