/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
* @expectedExceptionMessage Attempt of unauthorized access
*/
public function testGetCurrentUserWithNoDiamanteUser()
{
$apiUser = $this->createApiUser();
$this->authorizationService->expects($this->once())->method('getLoggedUser')->will($this->returnValue($apiUser));
$this->diamanteUserRepository->expects($this->once())->method('findUserByEmail')->with($apiUser->getEmail())->will($this->returnValue(null));
$this->service->getCurrentUser();
}
/**
* @param Ticket $ticket
*/
private function removePrivateComments(Ticket $ticket)
{
$user = $this->authorizationService->getLoggedUser();
if (!$user instanceof ApiUser) {
return;
}
$comments = $ticket->getComments();
foreach ($comments as $comment) {
if ($comment->isPrivate()) {
$comments->removeElement($comment);
}
}
}
public function testUpdateProperties()
{
$this->branchRepository->expects($this->once())->method('get')->will($this->returnValue($this->branch));
$name = 'DUMMY_NAME_UPDT';
$description = 'DUMMY_DESC_UPDT';
$this->branch->expects($this->at(0))->method('updateProperty')->with($this->equalTo('name'), $this->equalTo($name));
$this->branch->expects($this->at(1))->method('updateProperty')->with($this->equalTo('description'), $this->equalTo($description));
$this->branchRepository->expects($this->once())->method('store')->with($this->equalTo($this->branch));
$this->authorizationService->expects($this->once())->method('isActionPermitted')->with($this->equalTo('EDIT'), $this->equalTo('Entity:DiamanteDeskBundle:Branch'))->will($this->returnValue(true));
$command = new UpdatePropertiesCommand();
$command->id = 1;
$command->properties = ['name' => $name, 'description' => $description];
$this->branchServiceImpl->updateProperties($command);
}
/**
* @param Ticket $ticket
*/
private function removePrivateComments(Ticket $ticket)
{
$user = $this->authorizationService->getLoggedUser();
if (!$user instanceof ApiUser) {
return;
}
$comments = $ticket->getComments();
$commentsList = $comments->toArray();
$comments->clear();
foreach ($commentsList as $comment) {
if (!$comment->isPrivate()) {
$comments->add($comment);
}
}
$comments->takeSnapshot();
}
/**
* Update Diamante and Api users related to current session
*
* @ApiDoc(
* description="Update current user",
* uri="/users/current.{_format}",
* method={
* "PATCH",
* "PUT"
* },
* resource=true,
* statusCodes={
* 200="Returned when successful",
* 403="Returned when the user is not authorized to update user",
* 404="Returned when the user is not found"
* }
* )
*
* @param UpdateUserCommand $command
* @return DiamanteUser
*/
public function update(UpdateUserCommand $command)
{
$apiUser = $this->authorizationService->getLoggedUser();
$diamanteUser = $this->loadDiamanteUser($apiUser);
if ($command->firstName) {
$diamanteUser->setFirstName($command->firstName);
}
if ($command->lastName) {
$diamanteUser->setLastName($command->lastName);
}
if ($command->password) {
$apiUser->setPassword($command->password);
}
$this->diamanteUserRepository->store($diamanteUser);
$this->apiUserRepository->store($apiUser);
return $diamanteUser;
}
/**
* Verify permissions through Oro Platform security bundle
*
* @param string $operation
* @param Comment|string $entity
* @throws ForbiddenException
*/
private function isGranted($operation, $entity)
{
// User should have ability to view all comments (except private)
// if he is an owner of a ticket
if ($operation === 'VIEW' && is_object($entity)) {
if ($this->authorizationService->getLoggedUser()) {
$loggedUser = $this->authorizationService->getLoggedUser();
if ($loggedUser instanceof ApiUser) {
$loggedUser = $this->userService->getUserFromApiUser($loggedUser);
}
/** @var User $reporter */
$reporter = $entity->getTicket()->getReporter();
if ($loggedUser && $reporter && $loggedUser->getId() == $reporter->getId()) {
return;
}
}
}
if (!$this->authorizationService->isActionPermitted($operation, $entity)) {
throw new ForbiddenException("Not enough permissions.");
}
}
/**
* Verify permissions through Oro Platform security bundle
*
* @param string $operation
* @param $entity
* @throws \Oro\Bundle\SecurityBundle\Exception\ForbiddenException
*/
private function isGranted($operation, $entity)
{
if (!$this->authorizationService->isActionPermitted($operation, $entity)) {
throw new ForbiddenException("Not enough permissions.");
}
}
public function testUpdatePropertiesByKey()
{
$this->ticketRepository->expects($this->once())->method('get')->will($this->returnValue($this->ticket));
$properties = array('subject' => 'DUMMY_SUBJECT_UPDT_BY_KEY', 'description' => 'DUMMY_DESC_UPDT_BY_KEY', 'status' => 'open', 'priority' => 'high', 'source' => 'phone');
$this->ticket->expects($this->once())->method('updateProperties')->with($this->equalTo($properties));
$this->ticket->expects($this->once())->method('getId')->will($this->returnValue(1));
$this->ticketRepository->expects($this->once())->method('getByTicketKey')->with(new TicketKey('DT', 1))->will($this->returnValue($this->ticket));
$this->ticketRepository->expects($this->once())->method('store')->with($this->equalTo($this->ticket));
$this->authorizationService->expects($this->any())->method('isActionPermitted')->with($this->anything(), $this->equalTo($this->ticket))->will($this->returnValue(true));
$command = new UpdatePropertiesCommand();
$command->key = static::DUMMY_TICKET_KEY;
$command->properties = $properties;
$this->ticketService->updatePropertiesByKey($command);
}
/**
* @test
*/
public function thatAttachmentRemovesFromComment()
{
$attachment = new Attachment(new File('some/path/file.ext'));
$this->commentRepository->expects($this->once())->method('get')->with($this->equalTo(self::DUMMY_COMMENT_ID))->will($this->returnValue($this->comment));
$this->comment->expects($this->once())->method('getAttachment')->with($this->equalTo(1))->will($this->returnValue($attachment));
$this->comment->expects($this->once())->method('removeAttachment')->with($this->equalTo($attachment));
$this->attachmentManager->expects($this->once())->method('deleteAttachment')->with($this->equalTo($attachment));
$this->registry->expects($this->any())->method('getManager')->will($this->returnValue($this->em));
$this->em->expects($this->any())->method('persist');
$this->authorizationService->expects($this->once())->method('isActionPermitted')->with($this->equalTo('EDIT'), $this->equalTo($this->comment))->will($this->returnValue(true));
$removeCommentAttachmentCommand = new RemoveCommentAttachmentCommand();
$removeCommentAttachmentCommand->attachmentId = 1;
$removeCommentAttachmentCommand->commentId = self::DUMMY_COMMENT_ID;
$this->service->removeAttachmentFromComment($removeCommentAttachmentCommand);
}