/** * Override to handle security/access resolution on specific elements. */ protected function resolveElementInformationDuringFormLayoutRender(&$elementInformation) { if ($this->renderType == 'Edit') { FormLayoutSecurityUtil::resolveElementForEditableRender($this->model, $elementInformation, Yii::app()->user->userModel); } elseif ($this->renderType == 'Details') { FormLayoutSecurityUtil::resolveElementForNonEditableRender($this->model, $elementInformation, Yii::app()->user->userModel); } else { throw new NotSupportedException(); } }
protected function resolveAndRenderEditableInput($relationModel, $relatedItemForm, $relationModelClassName, $modelElementType) { $elementInformation = array('attributeName' => $relationModelClassName, 'type' => $modelElementType); FormLayoutSecurityUtil::resolveElementForEditableRender($relatedItemForm, $elementInformation, Yii::app()->user->userModel); if ($elementInformation['attributeName'] != null) { $elementclassname = $elementInformation['type'] . 'Element'; $element = new $elementclassname($relatedItemForm, $elementInformation['attributeName'], $this->form, array_slice($elementInformation, 2)); assert('$element instanceof ModelElement'); $element->editableTemplate = $this->getRelatedItemEditableTemplate(); return $element->render(); } elseif ($relationModel->id > 0) { return $this->renderEditableHiddenInput($relatedItemForm, $relationModelClassName, $modelElementType); } }
public function testResolveElementForEditableRender() { $nullElementInformation = array('attributeName' => null, 'type' => 'Null'); $super = User::getByUsername('super'); $betty = User::getByUsername('betty'); $billy = User::getByUsername('billy'); $accountForBetty = AccountTestHelper::createAccountByNameForOwner("betty's account", $betty); $accountForSuper = AccountTestHelper::createAccountByNameForOwner("super's account", $super); $contactForBetty = ContactTestHelper::createContactWithAccountByNameForOwner("betty's contact", $betty, $accountForBetty); $contactForBilly = ContactTestHelper::createContactByNameForOwner("betty's contact", $billy); $contactForBettyButAccountForSuper = ContactTestHelper::createContactWithAccountByNameForOwner("betty's contact", $betty, $accountForSuper); //Testing a non ModelElement. $elementInformation = array('attributeName' => 'something', 'type' => 'Text'); $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty); $this->assertEquals($elementInformation, $referenceElementInformation); //Testing a AccountElement when Betty cannot access accounts module. $elementInformation = array('attributeName' => 'account', 'type' => 'Account'); $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty); $this->assertEquals($nullElementInformation, $referenceElementInformation); //Testing ok access for Betty. $betty->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS, Right::ALLOW); $this->assertTrue($betty->save()); $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty); $this->assertEquals($elementInformation, $referenceElementInformation); //Testing where Betty can access the accounts, module, but she cannot view the account. $elementInformation = array('attributeName' => 'account', 'type' => 'Account'); $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBettyButAccountForSuper, $referenceElementInformation, $betty); $this->assertEquals($nullElementInformation, $referenceElementInformation); //Testing where Betty can access the accounts, module, and now can read the super account. $accountForSuper->addPermissions($betty, Permission::READ); $this->assertTrue($accountForSuper->save()); $elementInformation = array('attributeName' => 'account', 'type' => 'Account'); $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBettyButAccountForSuper, $referenceElementInformation, $betty); $this->assertEquals($elementInformation, $referenceElementInformation); //Testing UserElement. $elementInformation = array('attributeName' => 'owner', 'type' => 'User'); //Super can see related user picker without any problem. $referenceElementInformation = $elementInformation; FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, User::getByUsername('super')); $this->assertEquals($elementInformation, $referenceElementInformation); //Betty can also see related user picker without problem, even though betty has no access to user tab. $referenceElementInformation = $elementInformation; $this->assertEquals(Right::DENY, $betty->getEffectiveRight('UsersModule', UsersModule::RIGHT_ACCESS_USERS)); FormLayoutSecurityUtil::resolveElementForEditableRender($contactForBetty, $referenceElementInformation, $betty); $this->assertEquals($elementInformation, $referenceElementInformation); }
/** * Override to handle security/access resolution on specific elements. */ protected function resolveElementInformationDuringFormLayoutRender(&$elementInformation) { FormLayoutSecurityUtil::resolveElementForEditableRender($this->model, $elementInformation, Yii::app()->user->userModel); }