/** * Adds a value to a valuelist. This only works for valuelists * that are pulled from the database. * @param Dataface_Table The table to add the valuelist to. * @param string $valuelistName The name of the valuelist. * @param string $value The value to add. * @param string $key The key to add. * @param boolean $checkPerms If true, this will first check permissions * before adding the value. * @returns mixed May return a permission denied error if there is insufficient * permissions. */ function addValueToValuelist(&$table, $valuelistName, $value, $key = null, $checkPerms = false) { import('Dataface/ConfigTool.php'); $configTool =& Dataface_ConfigTool::getInstance(); $conf = $configTool->loadConfig('valuelists', $table->tablename); $relname = $valuelistName . '__valuelist'; //$conf = array($relname=>$conf); $table->addRelationship($relname, $conf[$valuelistName]); $rel =& $table->getRelationship($relname); $fields =& $rel->fields(); if (count($fields) > 1) { $valfield = $fields[1]; $keyfield = $fields[0]; } else { $valfield = $fields[0]; $keyfield = $fields[0]; } $record = new Dataface_Record($table->tablename); $rrecord = new Dataface_RelatedRecord($record, $relname); if ($checkPerms and !$rrecord->checkPermission('edit', array('field' => $valfield))) { return Dataface_Error::permissionDenied(); } $rrecord->setValue($valfield, $value); if (isset($key) and isset($keyfield)) { if ($checkPerms and !$rrecord->checkPermission('edit', array('field' => $keyfield))) { return Dataface_Error::permissionDenied(); } $rrecord->setValue($keyfield, $key); } import('Dataface/IO.php'); $io = new Dataface_IO($table->tablename); $res = $io->addRelatedRecord($rrecord); if (PEAR::isError($res)) { return $res; } return array('key' => $rrecord->val($keyfield), 'value' => $rrecord->val($valfield)); }
function testPermissions() { $formulasTable = Dataface_Table::loadTable('formulas'); $formulasDel = $formulasTable->getDelegate(); $formulasDel->testPermissions = true; $formula = new Dataface_Record('formulas', array('formula_name' => 'test formula')); // Test the standard permissions on tables and fields $this->assertTrue($formula->checkPermission('view'), 'View permission should be set by default.'); $this->assertTrue(!$formula->checkPermission('list'), 'List permission should be denied by default.'); $this->assertTrue($formula->checkPermission('new'), 'New permission should be permitted by default.'); $this->assertTrue(!$formula->checkPermission('new', array('field' => 'formula_name')), 'New permission should be denied on the formula_name field.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'formula_name')), 'The view permission should be allowed on the formula_name field.'); $this->assertTrue(!$formula->checkPermission('view', array('field' => 'formula_id')), 'The view permission should be denied on the formula_id field.'); // Test the nobubble parameter on getPermissions $this->assertTrue(!$formula->checkPermission('delete', array('field' => 'formula_name', 'nobubble' => 1)), 'Since we are not bubbling up to record, we should not have permission for the delete permission as it is not enabled at field level explicitly - only at record level.'); $this->assertTrue($formula->checkPermission('delete', array('field' => 'formula_name')), 'Now that we are allowing bubbling, we should return true for delete on teh formula_name field.'); $this->assertTrue($formula->checkPermission('copy', array('field' => 'formula_name', 'nobubble' => 1)), 'Even though there is no bubbling, we should still return true for the copy permission on the formula_name field since it is defined in the __field__permssions() method.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients')), 'view permission of the amount field in the ingredients relationship should be allowed because it is granted in the rel_ingredients__amount__permissions() method of the formulas delegate class.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'view permission for amount field in ingredients relationship should be allowed even with nobubble=1 because it is permistted in the rel_ingredients__amount__permissions().'); $this->assertTrue($formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients')), 'link permission on amount field of the ingredients relationship should be allowed because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.'); $this->assertTrue(!$formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'link permission on the amount field of the ingredients relationship should not be allowed when nobubble=1 because although it is granted in the rel_ingredients__permissions() method of the formulas delegate class - this method shouldnt be consulted if nobubble=1. It should just check the specific field permissions of the relationship and then break.'); $this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients')), 'link permission should be allowed on the ingredients relationship because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.'); $this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients', 'nobubble' => 1)), 'link permission should be allowed in the ingredients relationship even with nobubble=1 because it is granted in the rel_ingredients__permissions() method of the formulas delegate class. nobubble should just prevent it from looking past the relationship permissions.'); // Test related record permissions $formulaIngredientsTable = Dataface_Table::loadTable('formula_ingredients'); $formulaIngredientsDel = $formulaIngredientsTable->getDelegate(); $formulaIngredientsDel->testPermissions = true; $relatedRecord = new Dataface_RelatedRecord($formula, 'ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4)); // Test the standard related permission $this->assertTrue(!$relatedRecord->checkPermission('view', array('field' => 'concentration')), 'There shouldn\'t be permission to view the concentration field as it is denied in the getPermissions() method and is not overridden in any of the function methods.'); $this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'ingredient_id')), 'There should be permission to view the ingredient_id field since it is overridden in the ingredient_id__permissions() method of the formula_ingredients delegate class.'); $this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'amount')), 'There should be permission to view the amount field since the rel_ingredients__amount__permissions() method is defined in the parent table delegate class and grants the permission.. This should table precedence.'); $ingredientRecord = new Dataface_Record('formula_ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4)); $this->assertTrue(!$ingredientRecord->checkPermission('view', array('field' => 'amount')), 'There should be no permission for view of the amount field directly because it hasnt been granted in the formula_ingredients delegate class.'); // Test the display now. $this->assertEquals('NO ACCESS', $relatedRecord->display('concentration'), 'Concentration should be no access via the related record because we havent granted access yet.'); $this->assertEquals('4', $relatedRecord->display('amount'), 'Amount should display the proper value because view has been granted via the relationship.'); $this->assertEquals('NO ACCESS', $ingredientRecord->display('amount'), 'Amount should display "NO ACCESS" when accessing the record directly, but instead received the actual value.'); $formulasDel->testPermissions = false; }