private function auth()
{
// perform mock authentication
$auth_adapter = new QFrame_Auth_Adapter('sample1', 'password');
$auth = Zend_Auth::getInstance();
$auth->authenticate($auth_adapter);
// authorize the sample1 user with the admin role and give the admin role
// all possible global rights
$adminRole = RoleModel::find(4);
$adminRole->grant('view');
$adminRole->grant('edit');
$adminRole->grant('approve');
$adminRole->grant('administer');
$adminRole->save();
$user = new DbUserModel(array('dbUserID' => 1));
$user->addRole($adminRole);
}
public function testAnyAccess()
{
$user = new DbUserModel(array('dbUserID' => 1));
$page = new PageModel(array('pageID' => 1, 'depth' => 'page'));
$this->assertFalse($user->hasAnyAccess($page));
$role = RoleModel::find('first');
$role->grant('view', $page);
$role->save();
$user->addRole($role);
$this->assertTrue($user->hasAnyAccess($page));
}
public function testDelete()
{
$role = RoleModel::find(1);
$role->delete();
try {
$role = RoleModel::find(1);
} catch (Exception $e) {
return;
}
$this->fail('Fetching a deleted object should throw an exception.');
}
/**
* Determine whether or not this user has access to a permissible object (or has a global)
* permission
*
* @param string permission to check
* @param QFrame_Permissible (optional) permissible object to check
* @return boolean
*/
public function hasAccess($permission, QFrame_Permissible $permissible = null)
{
// if this user is an auto admin, return true
if ($this->admin) {
return true;
}
if ($this->roles === null) {
$this->loadRoles();
}
foreach ($this->roles as $role) {
$role = RoleModel::find($role['roleID']);
if ($role->hasAccess($permission)) {
return true;
} elseif ($permissible !== null && $role->hasAccess($permission, $permissible)) {
return true;
}
}
return false;
}
/**
* Remove role action. Removes the requested role from the current user.
*/
public function removeRoleAction()
{
$user = new DbUserModel(array('dbUserID' => $this->_getParam('id')));
$role = RoleModel::find($this->_getParam('role'));
$user->removeRole($role);
$this->_redirector->gotoRoute(array('action' => 'roles', 'id' => $user->dbUserID));
}
/**
* Processes an update to permissions
*/
private function updatePermissions()
{
$globals = $this->_getParam('global');
$pages = $this->_getParam('page');
$role = RoleModel::find($this->_getParam('id'));
foreach ($globals as $permission => $value) {
if ($value) {
$role->grant($permission);
} else {
$role->deny($permission);
}
}
foreach ($pages as $id => $permissions) {
$page = $this->_instance->getPage($id);
foreach ($permissions as $permission => $value) {
if ($value) {
$role->grant($permission, $page);
} else {
$role->deny($permission, $page);
}
}
}
$role->save();
$this->flash('notice', 'Permissions updated successfully');
$this->_redirector->gotoRouteAndExit(array('action' => 'index', 'id' => null));
}
