/** * Renders the data cell content. * This method renders the menu * @param integer $row the row number (zero-based) * @param mixed $data the data associated with the row */ protected function renderDataCellContent($row, $data) { $menuItems = array('label' => $this->title, 'items' => array()); if (count($this->rowMenu['elements']) > 0) { foreach ($this->rowMenu['elements'] as $elementInformation) { $elementclassname = $elementInformation['type'] . 'ActionElement'; $params = array_slice($elementInformation, 1); if (!isset($params['redirectUrl'])) { $params['redirectUrl'] = $this->redirectUrl; } $params['modelClassName'] = $this->modelClassName; $params['gridId'] = $this->grid->getId(); array_walk($params, array($this->listView, 'resolveEvaluateSubString')); $element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params); if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) { continue; } if ($element->isFormRequiredToUse()) { throw new NotSupportedException(); } $menuItems['items'][] = $element->renderMenuItem(); } } if (count($menuItems['items']) > 0) { $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("OptionMenu"); $cClipWidget->widget('ext.zurmoinc.framework.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems))); $cClipWidget->endClip(); echo $cClipWidget->getController()->clips['OptionMenu']; } }
public function testCanCurrentUserPerformAction() { Yii::app()->user->userModel = User::getByUsername('super'); $accounts = Account::getByName('Supermart'); $betty = User::getByUsername('betty'); Yii::app()->user->userModel = $betty; $this->assertEquals(1, count($accounts)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction(null, $accounts[0])); $this->assertEquals(Permission::NONE, $accounts[0]->getEffectivePermissions($betty)); $this->assertFalse(ActionSecurityUtil::canCurrentUserPerformAction('Details', $accounts[0])); $this->assertFalse(ActionSecurityUtil::canCurrentUserPerformAction('Edit', $accounts[0])); $this->assertFalse(ActionSecurityUtil::canCurrentUserPerformAction('Delete', $accounts[0])); Yii::app()->user->userModel = User::getByUsername('super'); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Details', $accounts[0])); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Edit', $accounts[0])); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Delete', $accounts[0])); $aUser = User::getByUsername('billy'); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Details', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Edit', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Delete', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('UsersModalList', $aUser)); Yii::app()->user->userModel = User::getByUsername('betty'); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Details', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Edit', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('Delete', $aUser)); $this->assertTrue(ActionSecurityUtil::canCurrentUserPerformAction('UsersModalList', $aUser)); }
/** * Renders the data cell content. * This method renders the menu * @param integer $row the row number (zero-based) * @param mixed $data the data associated with the row */ protected function renderDataCellContent($row, $data) { $menuItems = array('label' => $this->title, 'items' => array()); if (count($this->rowMenu['elements']) > 0) { foreach ($this->rowMenu['elements'] as $elementInformation) { $elementclassname = $elementInformation['type'] . 'ActionElement'; $class = new ReflectionClass($elementclassname); if ($class->implementsInterface('RowModelShouldRenderInterface') && !$elementclassname::shouldRenderByRowModel($data)) { continue; } $params = $this->resolveParams($elementInformation, $data, $row); array_walk($params, array($this->listView, 'resolveEvaluateSubString')); $element = new $elementclassname($this->listView->getControllerId(), $this->listView->getModuleId(), $data->id, $params); if (!ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $data) || isset($params['userHasRelatedModelAccess']) && $params['userHasRelatedModelAccess'] == false) { continue; } if (!$this->listView->canRenderRowMenuColumnByElementAndData($element, $data)) { continue; } if ($element->isFormRequiredToUse()) { throw new NotSupportedException(); } $menuItems['items'][] = $element->renderMenuItem(); } } if (count($menuItems['items']) > 0) { $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("OptionMenu"); $cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('class' => 'options-menu edit-row-menu'), 'items' => array($menuItems))); $cClipWidget->endClip(); echo $cClipWidget->getController()->clips['OptionMenu']; } }
/** * @param ActionElement $element * @param array $elementInformation * @return bool */ protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), $this->model); }
protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } $modelClassName = $this->modelClassName; //Todo: figure out how to not need to new up a new model. return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false)); }
public function actionDownload($id, $modelId, $modelClassName) { $model = $modelClassName::getById((int) $modelId); if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) { $messageView = new AccessFailureView(); $view = new AccessFailurePageView($messageView); echo $view->render(); Yii::app()->end(0, false); } $fileModel = FileModel::getById((int) $id); Yii::app()->request->sendFile($fileModel->name, $fileModel->fileContent->content, $fileModel->type, false); }
protected function resolveToRenderCheckBox($modelClassName, $modelId, $completedValue) { if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', new $modelClassName(false))) { return ''; } $checkboxId = 'closeTask' . $modelId; // Begin Not Coding Standard $content = 'CloseTaskCheckBoxListViewColumnAdapter::renderCloseCheckBox("' . $checkboxId . '", "' . $modelId . '", "' . $completedValue . '")'; Yii::app()->clientScript->registerScript('closeTaskCheckBoxScript', "\n function closeOpenTaskByCheckBoxClick(checkboxId, modelId)\n {\n if (\$('#' + checkboxId).attr('checked') == 'checked')\n {\n \$('#' + checkboxId).attr('disabled', true);\n \$('#' + checkboxId).parent().addClass('c_on');\n \$('#' + checkboxId).parent().addClass('disabled');\n \$('#' + checkboxId).parentsUntil('tr').parent().children().css('text-decoration', 'line-through');\n \$.ajax({\n url : '" . Yii::app()->createUrl('tasks/default/closeTask') . "?id=' + modelId,\n type : 'GET',\n dataType : 'json',\n success : function(data)\n {\n //find if there is a latest activities portlet\n \$('.LatestActivitiesForPortletView').each(function(){\n \$(this).find('.pager').find('.refresh').find('a').click();\n });\n },\n error : function()\n {\n //todo: error call\n }\n });\n }\n }\n ", CClientScript::POS_END); // End Not Coding Standard return $content; }
/** * @param Contact $contact * @return string */ public static function resolveModuleIdWithLinkContentForContactOrLead(Contact $contact) { $linkContent = null; if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $contact)) { $moduleClassName = $contact->getModuleClassName(); $moduleId = ContactWebFormsUtil::getResolvedModuleIdForContactWebFormEntry($contact); $linkRoute = '/' . $moduleId . '/default/details'; $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($contact), $contact, $moduleClassName, $linkRoute); if ($link != null) { $linkContent = $link; } return ZurmoHtml::tag('div', array(), $linkContent); } }
/** * Resolve a link to a related model. Used by @see ListView * for each row of a list for example. If the current user can Permission::READ * the related model, then check if the current user has RIGHT_ACCESS_ to * the model's related module. If current user has access then * return link, otherwise return text. If current user cannot Permission::READ * then return null. * @param $model * @param $moduleClassName * @param $linkContent * @return null|string */ public static function resolveViewLinkToModelForCurrentUser($model, $moduleClassName, $linkContent) { assert('$model instanceof Item'); assert('is_string($moduleClassName)'); assert('is_string($linkContent)'); if ($model->id <= 0) { return null; } if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $model)) { return null; } if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) { return $linkContent; } return null; }
protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } // If element is ListByRelatedModelLink and there are no related items, do not show this element if ($element instanceof ListByRelatedModelLinkActionElement) { if ($this->getDataProvider()->totalItemCount <= 0) { return false; } } $modelClassName = $this->modelClassName; //Todo: figure out how to not need to new up a new model. return ActionSecurityUtil::canCurrentUserPerformAction($element->getActionType(), new $modelClassName(false)); }
/** * Get feed information if projects for user * @param ProjectAuditEvent $projectAuditEvent * @return string */ public static function getFeedInformationForDashboard(ProjectAuditEvent $projectAuditEvent) { assert('$projectAuditEvent instanceof ProjectAuditEvent'); $project = Project::getById(intval($projectAuditEvent->project->id)); $dateTime = DateTimeUtil::getTimeSinceDisplayContent($projectAuditEvent->dateTime); $data = array('{timeSpanLabel}' => $dateTime); if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $project)) { $projectName = static::resolveProjectName($project); $data['{projectname}'] = $projectName; $user = User::getById($projectAuditEvent->user->id); $data['{username}'] = $user->getFullName(); $unserializedData = unserialize($projectAuditEvent->serializedData); if (is_array($unserializedData)) { $data = array_merge($unserializedData, $data); } } else { return Zurmo::t('ProjectsModule', '<strong>Activity on a restricted project </strong> <small>about {timeSpanLabel}</small>', $data); } return static::getMessageContentByEventAndData($projectAuditEvent->eventName, $data); }
/** * @param Account $account * @return string */ public static function resolveAccountWithLinkContent(Account $account) { if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $account)) { $moduleClassName = $account->getModuleClassName(); $linkRoute = '/' . $moduleClassName::getDirectoryName() . '/default/details'; $link = ActionSecurityUtil::resolveLinkToModelForCurrentUser(strval($account), $account, $moduleClassName, $linkRoute); if ($link != null) { $linkContent = $link; } return ZurmoHtml::tag('div', array(), $linkContent); } }
/** * @param CampaignItem $campaignItem * @return string */ protected static function renderMetricsContent(CampaignItem $campaignItem) { if (!ActionSecurityUtil::canCurrentUserPerformAction('Details', $campaignItem->emailMessage)) { return static::renderRestrictedEmailMessageAccessLink($campaignItem->emailMessage); } $isQueued = $campaignItem->isQueued(); $isSkipped = $campaignItem->isSkipped(); if ($isQueued) { $content = static::getQueuedContent(); } elseif ($isSkipped) { $content = static::getSkippedContent(); } elseif ($campaignItem->hasFailedToSend()) { $content = static::getSendFailedContent(); } elseif ($campaignItem->isSent()) { $content = static::getSentContent(); if ($campaignItem->hasAtLeastOneOpenActivity()) { $content .= static::getOpenedContent(); } if ($campaignItem->hasAtLeastOneClickActivity()) { $content .= static::getClickedContent(); } if ($campaignItem->hasAtLeastOneUnsubscribeActivity()) { $content .= static::getUnsubscribedContent(); } if ($campaignItem->hasAtLeastOneBounceActivity()) { $content .= static::getBouncedContent(); } } else { $content = static::getAwaitingQueueingContent(); } return ZurmoHtml::wrapAndRenderContinuumButtonContent($content); }
/** * Render a toolbar above the form layout. This includes * a link to edit the dashboard as well as a link to add * portlets to the dashboard * @return A string containing the element's content. */ protected function renderActionElementBar($renderedInForm) { $content = parent::renderActionElementBar($renderedInForm); $deleteDashboardLinkActionElement = new DeleteDashboardLinkActionElement($this->controllerId, $this->moduleId, $this->modelId, array('htmlOptions' => array('class' => 'icon-delete', 'confirm' => Zurmo::t('HomeModule', 'Are you sure want to delete this dashboard?')))); if (!ActionSecurityUtil::canCurrentUserPerformAction($deleteDashboardLinkActionElement->getActionType(), $this->model)) { return $content; } if (!$this->isDefaultDashboard) { $content .= $deleteDashboardLinkActionElement->render(); } $content .= $this->renderChangeDashboardLinkActionContent(); return $content; }
protected function userCanExportReport() { return ActionSecurityUtil::canCurrentUserPerformAction('Export', $this->savedReport); }
/** * Resolve a link to a related model for editing. Used by some modal views * for example. If the current user can Permission::WRITE * the related model, then check if the current user has RIGHT_ACCESS_ to * the model's related module. If current user has access then * return link, otherwise return text. If current user cannot Permission::WRITE * then return null. * @param $attributeString * @param $model * @param $moduleClassName * @param $linkRoute * @param null $redirectUrl * @return null|string */ public static function resolveLinkToEditModelForCurrentUser($attributeString, $model, $moduleClassName, $linkRoute, $redirectUrl = null) { assert('is_string($attributeString)'); assert('$model instanceof Item'); assert('is_string($moduleClassName)'); assert('is_string($linkRoute)'); assert('is_string($redirectUrl) || $redirectUrl == null'); if (!ActionSecurityUtil::canCurrentUserPerformAction('Edit', $model)) { return null; } if (RightsUtil::canUserAccessModule($moduleClassName, Yii::app()->user->userModel)) { return ZurmoHtml::link($attributeString, Yii::app()->createUrl($linkRoute, array("id" => $model->id, 'redirectUrl' => $redirectUrl))); } return $attributeString; }
/** * (non-PHPdoc) * @see CCheckBoxColumn::renderDataCellContent() */ protected function renderDataCellContent($row, $data) { $dataParams = array_merge(array('campaignItemId' => $data->id)); $expandAndLoadLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandAndLoadLink drilldown-link', 'data-url' => $this->getDrillDownLoadUrl($dataParams)), 'G'); $expandLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownExpandLink drilldown-link', 'style' => "display:none;"), 'G'); $collapseLinkContent = ZurmoHtml::tag('span', array('class' => 'drillDownCollapseLink drilldown-link', 'style' => "display:none;"), '÷'); if (ActionSecurityUtil::canCurrentUserPerformAction('Details', $data->emailMessage)) { echo $expandAndLoadLinkContent . $expandLinkContent . $collapseLinkContent; } }
private static function renderAfterDescriptionContent(SocialItem $model) { if ($model->note->id > 0 && ActionSecurityUtil::canCurrentUserPerformAction('Details', $model->note)) { $content = null; if ($model->note->activityItems->count() > 0) { $element = new NoteActivityItemsForSocialItemsListElement($model->note, null); $element->nonEditableTemplate = '{content}'; $content .= $element->render(); $content .= '<br/>'; } return $content; } }