public function testCanCurrentUserAccessAllComponentsWithLimitedAccessUser() { Yii::app()->user->userModel = User::getByUserName('bobby'); $componentForms = array(); $filter = new FilterForReportForm('AccountsModule', 'Account', Report::TYPE_ROWS_AND_COLUMNS); $filter->attributeIndexOrDerivedType = 'officePhone'; $filter->operator = OperatorRules::TYPE_EQUALS; $filter->value = '123456789'; $componentForms[] = $filter; $this->assertFalse(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); Yii::app()->user->userModel->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS); Yii::app()->user->userModel->save(); $this->assertTrue(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); //Test that bobby cannot access the related contacts $filter2 = new FilterForReportForm('AccountsModule', 'Account', Report::TYPE_ROWS_AND_COLUMNS); $filter2->attributeIndexOrDerivedType = 'contacts___website'; $filter2->operator = OperatorRules::TYPE_EQUALS; $filter2->value = 'zurmo.com'; $componentForms[] = $filter2; $this->assertFalse(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); //Now add access, and bobby can. Yii::app()->user->userModel->setRight('ContactsModule', ContactsModule::RIGHT_ACCESS_CONTACTS); Yii::app()->user->userModel->save(); $this->assertTrue(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); }
/** * Returns true if the current user can render a report's results properly. This method checks to see if the * user has full access to all the related modules and data that the report uses in construction. This method * is needed because it is possible the author of a report added access for users that do not have complete * rights to the modules that are part of the report. It is also possible this access changed over time and * a report that was once properly rendered is no longer. * @return bool */ public function canCurrentUserProperlyRenderResults() { if (!ReportSecurityUtil::canCurrentUserCanAccessModule($this->moduleClassName)) { return false; } if (!ReportSecurityUtil::canCurrentUserAccessAllComponents($this->displayAttributes)) { return false; } if (!ReportSecurityUtil::canCurrentUserAccessAllComponents($this->filters)) { return false; } if (!ReportSecurityUtil::canCurrentUserAccessAllComponents($this->orderBys)) { return false; } if (!ReportSecurityUtil::canCurrentUserAccessAllComponents($this->groupBys)) { return false; } if (!ReportSecurityUtil::canCurrentUserAccessAllComponents($this->drillDownDisplayAttributes)) { return false; } return true; }