function testPermissions() { $formulasTable = Dataface_Table::loadTable('formulas'); $formulasDel = $formulasTable->getDelegate(); $formulasDel->testPermissions = true; $formula = new Dataface_Record('formulas', array('formula_name' => 'test formula')); // Test the standard permissions on tables and fields $this->assertTrue($formula->checkPermission('view'), 'View permission should be set by default.'); $this->assertTrue(!$formula->checkPermission('list'), 'List permission should be denied by default.'); $this->assertTrue($formula->checkPermission('new'), 'New permission should be permitted by default.'); $this->assertTrue(!$formula->checkPermission('new', array('field' => 'formula_name')), 'New permission should be denied on the formula_name field.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'formula_name')), 'The view permission should be allowed on the formula_name field.'); $this->assertTrue(!$formula->checkPermission('view', array('field' => 'formula_id')), 'The view permission should be denied on the formula_id field.'); // Test the nobubble parameter on getPermissions $this->assertTrue(!$formula->checkPermission('delete', array('field' => 'formula_name', 'nobubble' => 1)), 'Since we are not bubbling up to record, we should not have permission for the delete permission as it is not enabled at field level explicitly - only at record level.'); $this->assertTrue($formula->checkPermission('delete', array('field' => 'formula_name')), 'Now that we are allowing bubbling, we should return true for delete on teh formula_name field.'); $this->assertTrue($formula->checkPermission('copy', array('field' => 'formula_name', 'nobubble' => 1)), 'Even though there is no bubbling, we should still return true for the copy permission on the formula_name field since it is defined in the __field__permssions() method.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients')), 'view permission of the amount field in the ingredients relationship should be allowed because it is granted in the rel_ingredients__amount__permissions() method of the formulas delegate class.'); $this->assertTrue($formula->checkPermission('view', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'view permission for amount field in ingredients relationship should be allowed even with nobubble=1 because it is permistted in the rel_ingredients__amount__permissions().'); $this->assertTrue($formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients')), 'link permission on amount field of the ingredients relationship should be allowed because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.'); $this->assertTrue(!$formula->checkPermission('link', array('field' => 'amount', 'relationship' => 'ingredients', 'nobubble' => 1)), 'link permission on the amount field of the ingredients relationship should not be allowed when nobubble=1 because although it is granted in the rel_ingredients__permissions() method of the formulas delegate class - this method shouldnt be consulted if nobubble=1. It should just check the specific field permissions of the relationship and then break.'); $this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients')), 'link permission should be allowed on the ingredients relationship because it is granted in the rel_ingredients__permissions() method of the formulas delegate class.'); $this->assertTrue($formula->checkPermission('link', array('relationship' => 'ingredients', 'nobubble' => 1)), 'link permission should be allowed in the ingredients relationship even with nobubble=1 because it is granted in the rel_ingredients__permissions() method of the formulas delegate class. nobubble should just prevent it from looking past the relationship permissions.'); // Test related record permissions $formulaIngredientsTable = Dataface_Table::loadTable('formula_ingredients'); $formulaIngredientsDel = $formulaIngredientsTable->getDelegate(); $formulaIngredientsDel->testPermissions = true; $relatedRecord = new Dataface_RelatedRecord($formula, 'ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4)); // Test the standard related permission $this->assertTrue(!$relatedRecord->checkPermission('view', array('field' => 'concentration')), 'There shouldn\'t be permission to view the concentration field as it is denied in the getPermissions() method and is not overridden in any of the function methods.'); $this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'ingredient_id')), 'There should be permission to view the ingredient_id field since it is overridden in the ingredient_id__permissions() method of the formula_ingredients delegate class.'); $this->assertTrue($relatedRecord->checkPermission('view', array('field' => 'amount')), 'There should be permission to view the amount field since the rel_ingredients__amount__permissions() method is defined in the parent table delegate class and grants the permission.. This should table precedence.'); $ingredientRecord = new Dataface_Record('formula_ingredients', array('ingredient_id' => 1, 'concentration' => 3, 'amount' => 4)); $this->assertTrue(!$ingredientRecord->checkPermission('view', array('field' => 'amount')), 'There should be no permission for view of the amount field directly because it hasnt been granted in the formula_ingredients delegate class.'); // Test the display now. $this->assertEquals('NO ACCESS', $relatedRecord->display('concentration'), 'Concentration should be no access via the related record because we havent granted access yet.'); $this->assertEquals('4', $relatedRecord->display('amount'), 'Amount should display the proper value because view has been granted via the relationship.'); $this->assertEquals('NO ACCESS', $ingredientRecord->display('amount'), 'Amount should display "NO ACCESS" when accessing the record directly, but instead received the actual value.'); $formulasDel->testPermissions = false; }