public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
SecurityTestHelper::createSuperAdmin();
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
Currency::makeBaseCurrency();
//Create a account for testing.
$account = AccountTestHelper::createAccountByNameForOwner('superAccount', $super);
//Create a opportunity for testing.
OpportunityTestHelper::createOpportunityWithAccountByNameForOwner('superOpp', $super, $account);
//Create a three contacts for testing.
ContactTestHelper::createContactWithAccountByNameForOwner('superContact1', $super, $account);
ContactTestHelper::createContactWithAccountByNameForOwner('superContact2', $super, $account);
ContactTestHelper::createContactWithAccountByNameForOwner('superContact3', $super, $account);
//Create a meeting for testing.
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('superMeeting', $super, $account);
}
public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
SecurityTestHelper::createSuperAdmin();
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
$account = AccountTestHelper::createAccountByNameForOwner('anAccount', $super);
MeetingTestHelper::createCategories();
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('aMeeting', $super, $account);
$savedCalendar = new SavedCalendar();
$savedCalendar->name = 'aSavedCalendar';
$savedCalendar->timeZone = 'America/Chicago';
$savedCalendar->location = 'Newyork';
$savedCalendar->moduleClassName = 'MeetingsModule';
$savedCalendar->startAttributeName = 'startDateTime';
$savedCalendar->endAttributeName = 'endDateTime';
$savedCalendar->color = '#c05d91';
$savedCalendar->owner = $super;
$savedCalendar->save();
}
/**
* @depends testUnprivilegedUserViewUpdateDeleteMeetings
*/
public function testSearchMeetings()
{
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
$anotherUser = User::getByUsername('steven');
$authenticationData = $this->login();
$headers = array('Accept: application/json', 'ZURMO_SESSION_ID: ' . $authenticationData['sessionId'], 'ZURMO_TOKEN: ' . $authenticationData['token'], 'ZURMO_API_REQUEST_TYPE: REST');
$firstAccount = AccountTestHelper::createAccountByNameTypeAndIndustryForOwner('First Account', 'Customer', 'Automotive', $super);
$secondAccount = AccountTestHelper::createAccountByNameTypeAndIndustryForOwner('Second Account', 'Customer', 'Automotive', $super);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('First Meeting', $super, $firstAccount);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('Second Meeting', $super, $firstAccount);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('Third Meeting', $super, $secondAccount);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('Forth Meeting', $anotherUser, $secondAccount);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('Fifth Meeting', $super, $firstAccount);
$searchParams = array('pagination' => array('page' => 1, 'pageSize' => 3), 'search' => array('name' => ''), 'sort' => 'name');
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(3, count($response['data']['items']));
$this->assertEquals(5, $response['data']['totalCount']);
$this->assertEquals(1, $response['data']['currentPage']);
$this->assertEquals('Fifth Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('First Meeting', $response['data']['items'][1]['name']);
$this->assertEquals('Forth Meeting', $response['data']['items'][2]['name']);
// Second page
$searchParams['pagination']['page'] = 2;
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(2, count($response['data']['items']));
$this->assertEquals(5, $response['data']['totalCount']);
$this->assertEquals(2, $response['data']['currentPage']);
$this->assertEquals('Second Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('Third Meeting', $response['data']['items'][1]['name']);
// Search by name
$searchParams['pagination']['page'] = 1;
$searchParams['search']['name'] = 'First Meeting';
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(1, count($response['data']['items']));
$this->assertEquals(1, $response['data']['totalCount']);
$this->assertEquals(1, $response['data']['currentPage']);
$this->assertEquals('First Meeting', $response['data']['items'][0]['name']);
// No results
$searchParams['pagination']['page'] = 1;
$searchParams['search']['name'] = 'First Meeting 2';
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(0, $response['data']['totalCount']);
$this->assertFalse(isset($response['data']['items']));
// Search by name desc.
$searchParams = array('pagination' => array('page' => 1, 'pageSize' => 3), 'search' => array('name' => ''), 'sort' => 'name.desc');
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(3, count($response['data']['items']));
$this->assertEquals(5, $response['data']['totalCount']);
$this->assertEquals(1, $response['data']['currentPage']);
$this->assertEquals('Third Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('Second Meeting', $response['data']['items'][1]['name']);
$this->assertEquals('Forth Meeting', $response['data']['items'][2]['name']);
// Second page
$searchParams['pagination']['page'] = 2;
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(2, count($response['data']['items']));
$this->assertEquals(5, $response['data']['totalCount']);
$this->assertEquals(2, $response['data']['currentPage']);
$this->assertEquals('First Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('Fifth Meeting', $response['data']['items'][1]['name']);
// Search by custom fields, order by name desc
$searchParams = array('pagination' => array('page' => 1, 'pageSize' => 3), 'search' => array('owner' => array('id' => $super->id)), 'sort' => 'name.desc');
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(4, $response['data']['totalCount']);
$this->assertEquals(3, count($response['data']['items']));
$this->assertEquals(1, $response['data']['currentPage']);
$this->assertEquals('Third Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('Second Meeting', $response['data']['items'][1]['name']);
$this->assertEquals('First Meeting', $response['data']['items'][2]['name']);
// Search by account, order by name desc
$searchParams = array('pagination' => array('page' => 1, 'pageSize' => 3), 'search' => array('activityItems' => array('id' => $firstAccount->getClassId('Item'))), 'sort' => 'name.desc');
$searchParamsQuery = http_build_query($searchParams);
$response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/meetings/meeting/api/list/filter/' . $searchParamsQuery, 'GET', $headers);
$response = json_decode($response, true);
$this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
$this->assertEquals(3, $response['data']['totalCount']);
$this->assertEquals(3, count($response['data']['items']));
$this->assertEquals(1, $response['data']['currentPage']);
$this->assertEquals('Second Meeting', $response['data']['items'][0]['name']);
$this->assertEquals('First Meeting', $response['data']['items'][1]['name']);
$this->assertEquals('Fifth Meeting', $response['data']['items'][2]['name']);
}
public function testRenderSummaryContentWithMeeting()
{
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
$billy = User::getByUsername('billy');
$account = AccountTestHelper::createAccountByNameForOwner('meetingAccount', $super);
$meeting = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('aMeeting', $super, $account);
$content = ActivitiesUtil::renderSummaryContent($meeting, 'someUrl', LatestActivitiesConfigurationForm::OWNED_BY_FILTER_ALL, 'HomeModule');
$content = ActivitiesUtil::renderSummaryContent($meeting, 'someUrl', LatestActivitiesConfigurationForm::OWNED_BY_FILTER_USER, 'HomeModule');
$content = ActivitiesUtil::renderSummaryContent($meeting, 'someUrl', LatestActivitiesConfigurationForm::OWNED_BY_FILTER_ALL, 'UserModule');
$content = ActivitiesUtil::renderSummaryContent($meeting, 'someUrl', LatestActivitiesConfigurationForm::OWNED_BY_FILTER_USER, 'UserModule');
}
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create superAccount owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$superAccount = AccountTestHelper::createAccountByNameForOwner('AccountsForElevationToModelTest', $super);
//Test nobody, access to details of superAccount should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->setGetArray(array('id' => $superAccount->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give nobody access to read
Yii::app()->user->userModel = $super;
$superAccount->addPermissions($nobody, Permission::READ);
$this->assertTrue($superAccount->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($superAccount, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $superAccount->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create meeting for an superAccount using the super user
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$meeting = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('meetingCreatedByNobody', $super, $superAccount);
//Test nobody, access to edit, details and delete of meeting should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give nobody access to details view only
Yii::app()->user->userModel = $super;
$meeting->addPermissions($nobody, Permission::READ);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($meeting, $nobody);
//Now access to meetings view by Nobody should not fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Now access to meetings edit and delete by Nobody should fail
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give nobody access to both details and edit view
Yii::app()->user->userModel = $super;
$meeting->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($meeting, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting, $nobody);
//Now access to meetings view and edit by Nobody should not fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Now access to meetings delete by Nobody should fail
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//revoke the permission from the nobody user to access the meeting
Yii::app()->user->userModel = $super;
$meeting->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($meeting, $nobody);
//Now nobodys, access to edit, details and delete of meetings should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give nobody access to both details and edit view
Yii::app()->user->userModel = $super;
$meeting->addPermissions($nobody, Permission::READ_WRITE_DELETE);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting, $nobody);
//Now nobodys, access to delete of meetings should not fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('meetings/default/delete');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create account owned by super
$account2 = AccountTestHelper::createAccountByNameForOwner('AccountsParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$account2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($account2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($account2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//Test userInParentRole, access to details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create a meeting owned by super
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$meeting2 = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('meetingCreatedBySuperForRole', $super, $account2);
//Test userInChildRole, access to meetings details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentRole, access to meetings details, edit and delete should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give userInChildRole access to READ permision for meetings
Yii::app()->user->userModel = $super;
$meeting2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($meeting2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($meeting2, $userInChildRole);
//Test userInChildRole, access to meetings details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInChildRole, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentRole, access to meetings details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInParentRole, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give userInChildRole access to read and write for the meetings
Yii::app()->user->userModel = $super;
$meeting2->addPermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting2->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($meeting2, $userInChildRole);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting2, $userInChildRole);
//Test userInChildRole, access to meetings edit should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInChildRole, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentRole, access to meetings edit should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInParentRole, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//revoke userInChildRole access to read and write meetings
Yii::app()->user->userModel = $super;
$meeting2->removePermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting2->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($meeting2, $userInChildRole);
//Test userInChildRole, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentRole, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give userInChildRole access to read and write for the meetings
Yii::app()->user->userModel = $super;
$meeting2->addPermissions($userInChildRole, Permission::READ_WRITE_DELETE);
$this->assertTrue($meeting2->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting2, $userInChildRole);
//Test userInParentRole, access to delete should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('meetings/default/delete');
//clear up the role relationships between users so not to effect next assertions
$parentRole->users->remove($userInParentRole);
$parentRole->roles->remove($childRole);
$this->assertTrue($parentRole->save());
$childRole->users->remove($userInChildRole);
$this->assertTrue($childRole->save());
//create some groups and assign users to groups
Yii::app()->user->userModel = $super;
$parentGroup = new Group();
$parentGroup->name = 'AAA';
$this->assertTrue($parentGroup->save());
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to accounts and creation of accounts.
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
$this->assertTrue($userInChildGroup->save());
//create account owned by super
$account3 = AccountTestHelper::createAccountByNameForOwner('testingAccountsParentGroupPermission', $super);
//Test userInParentGroup, access to details should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//Test userInChildGroup, access to details should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$account3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($account3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($account3, $parentGroup);
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//Test userInChildGroup, access to details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create a meeting owned by super
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$meeting3 = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('mettingCreatedBySuperForGroup', $super, $account3);
//Add access for the confused user to accounts and creation of accounts.
$userInChildGroup->setRight('MeetingsModule', MeetingsModule::RIGHT_ACCESS_MEETINGS);
$userInChildGroup->setRight('MeetingsModule', MeetingsModule::RIGHT_CREATE_MEETINGS);
$userInChildGroup->setRight('MeetingsModule', MeetingsModule::RIGHT_DELETE_MEETINGS);
$this->assertTrue($userInChildGroup->save());
//Test userInParentGroup, access to meetings details and edit should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInChildGroup, access to meetings details and edit should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$meeting3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($meeting3, $parentGroup);
//Test userInParentGroup, access to meetings details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInParentGroup, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInChildGroup, access to meetings details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInChildGroup, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$meeting3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($meeting3, $parentGroup);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($meeting3, $parentGroup);
//Test userInParentGroup, access to edit meetings should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInParentGroup, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInChildGroup, access to edit meetings should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInChildGroup, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//revoke parentGroup access to meetings read and write
Yii::app()->user->userModel = $super;
$meeting3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($meeting3, $parentGroup);
//Test userInChildGroup, access to meetings detail, edit and delete should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentGroup, access to meetings detail, edit and delete should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$meeting3->addPermissions($parentGroup, Permission::READ_WRITE_DELETE);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($meeting3, $parentGroup);
//Test userInChildGroup, access to meetings delete should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('meetings/default/delete');
//clear up the role relationships between users so not to effect next assertions
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$userInParentGroup->forget();
$userInChildGroup->forget();
$childGroup->forget();
$parentGroup->forget();
$userInParentGroup = User::getByUsername('nobody');
$userInChildGroup = User::getByUsername('confused');
$childGroup = Group::getByName('BBB');
$parentGroup = Group::getByName('AAA');
$parentGroup->users->remove($userInParentGroup);
$parentGroup->groups->remove($childGroup);
$this->assertTrue($parentGroup->save());
$childGroup->users->remove($userInChildGroup);
$this->assertTrue($childGroup->save());
}
public function testProcessForActivityItems()
{
$account = AccountTestHelper::createAccountByNameForOwner('testAccount', Yii::app()->user->userModel);
$task = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('testTask', Yii::app()->user->userModel, $account);
$meeting = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('testMeetig', Yii::app()->user->userModel, $account);
$contact = ContactTestHelper::createContactByNameForOwner('testContact', Yii::app()->user->userModel);
$opportunity = OpportunityTestHelper::createOpportunityByNameForOwner('testOpportunity', Yii::app()->user->userModel);
$task->activityItems->add($contact);
$task->activityItems->add($opportunity);
$meeting->activityItems->add($contact);
$meeting->activityItems->add($opportunity);
$this->assertTrue($task->save());
$this->assertTrue($meeting->save());
$emailTemplate = new EmailTemplate();
$emailTemplate->builtType = EmailTemplate::BUILT_TYPE_PASTED_HTML;
$emailTemplate->modelClassName = 'Task';
$emailTemplate->type = 1;
$emailTemplate->name = 'some template';
$emailTemplate->subject = 'some subject [[NAME]]';
$emailTemplate->htmlContent = 'Account: [[ACCOUNT__NAME]] Contact: [[CONTACT__FIRST^NAME]] Opportunity: [[OPPORTUNITY__NAME]]';
$emailTemplate->textContent = 'Account: [[ACCOUNT__NAME]] Contact: [[CONTACT__FIRST^NAME]] Opportunity: [[OPPORTUNITY__NAME]]';
$this->assertTrue($emailTemplate->save());
$message = new EmailMessageForWorkflowForm('Task', Workflow::TYPE_ON_SAVE);
$recipients = array(array('type' => WorkflowEmailMessageRecipientForm::TYPE_DYNAMIC_TRIGGERED_MODEL_USER, 'audienceType' => EmailMessageRecipient::TYPE_TO, 'dynamicUserType' => DynamicTriggeredModelUserWorkflowEmailMessageRecipientForm::DYNAMIC_USER_TYPE_CREATED_BY_USER));
$message->emailTemplateId = $emailTemplate->id;
$message->sendFromType = EmailMessageForWorkflowForm::SEND_FROM_TYPE_CUSTOM;
$message->sendFromAddress = '*****@*****.**';
$message->sendFromName = 'Jason';
$message->setAttributes(array(EmailMessageForWorkflowForm::EMAIL_MESSAGE_RECIPIENTS => $recipients));
$helper = new WorkflowEmailMessageProcessingHelper($message, $task, Yii::app()->user->userModel);
$this->assertEquals(0, Yii::app()->emailHelper->getQueuedCount());
$this->assertEquals(0, Yii::app()->emailHelper->getSentCount());
$helper->process();
$this->assertEquals(1, Yii::app()->emailHelper->getQueuedCount());
$this->assertEquals(0, Yii::app()->emailHelper->getSentCount());
$emailMessages = EmailMessage::getAllByFolderType(EmailFolder::TYPE_OUTBOX);
$this->assertEquals('some subject testTask', $emailMessages[0]->subject);
$this->assertEquals('Account: testAccount Contact: testContact Opportunity: testOpportunity', $emailMessages[0]->content->textContent);
$this->assertEquals('Account: testAccount Contact: testContact Opportunity: testOpportunity', $emailMessages[0]->content->htmlContent);
$this->assertEquals('Jason', $emailMessages[0]->sender->fromName);
$this->assertEquals('*****@*****.**', $emailMessages[0]->sender->fromAddress);
$this->assertEquals(1, $emailMessages[0]->recipients->count());
$this->assertEquals('*****@*****.**', $emailMessages[0]->recipients[0]->toAddress);
$taskId = $task->id;
$task->forgetAll();
$task = Task::getById($taskId);
$message = new EmailMessageForWorkflowForm('Task', Workflow::TYPE_ON_SAVE);
$recipients = array(array('type' => WorkflowEmailMessageRecipientForm::TYPE_DYNAMIC_TRIGGERED_MODEL_USER, 'audienceType' => EmailMessageRecipient::TYPE_TO, 'dynamicUserType' => DynamicTriggeredModelUserWorkflowEmailMessageRecipientForm::DYNAMIC_USER_TYPE_CREATED_BY_USER));
$message->emailTemplateId = $emailTemplate->id;
$message->sendFromType = EmailMessageForWorkflowForm::SEND_FROM_TYPE_CUSTOM;
$message->sendFromAddress = '*****@*****.**';
$message->sendFromName = 'Jason';
$message->setAttributes(array(EmailMessageForWorkflowForm::EMAIL_MESSAGE_RECIPIENTS => $recipients));
$helper = new WorkflowEmailMessageProcessingHelper($message, $task, Yii::app()->user->userModel);
$this->assertEquals(1, Yii::app()->emailHelper->getQueuedCount());
$this->assertEquals(0, Yii::app()->emailHelper->getSentCount());
$helper->process();
$this->assertEquals(2, Yii::app()->emailHelper->getQueuedCount());
$this->assertEquals(0, Yii::app()->emailHelper->getSentCount());
$emailMessages = EmailMessage::getAllByFolderType(EmailFolder::TYPE_OUTBOX);
$this->assertEquals('some subject testTask', $emailMessages[1]->subject);
$this->assertEquals('Account: testAccount Contact: testContact Opportunity: testOpportunity', $emailMessages[1]->content->textContent);
$this->assertEquals('Account: testAccount Contact: testContact Opportunity: testOpportunity', $emailMessages[1]->content->htmlContent);
$this->assertEquals('Jason', $emailMessages[1]->sender->fromName);
$this->assertEquals('*****@*****.**', $emailMessages[1]->sender->fromAddress);
$this->assertEquals(1, $emailMessages[1]->recipients->count());
$this->assertEquals('*****@*****.**', $emailMessages[1]->recipients[0]->toAddress);
$emailMessages[0]->delete();
$emailMessages[1]->delete();
}
protected function addMeeting()
{
$this->checkActivityItemRelationCount('Meeting', 'First Meeting', 0);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('First Meeting', Yii::app()->user->userModel, $this->selectedModels[1]);
}
public function testSuperUserSearchForDuplicateModelsAction()
{
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$this->setGetArray(array('attribute' => 'name', 'value' => 'fakeValue'));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/searchForDuplicateModels', true);
$account = AccountTestHelper::createAccountByNameForOwner('testAccount', $super);
MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('test meeting', $super, $account);
//Test search by name
$this->setGetArray(array('attribute' => 'name', 'value' => 'testAccount'));
$content = $this->runControllerWithNoExceptionsAndGetContent('accounts/default/searchForDuplicateModels');
$object = json_decode($content);
$this->assertEquals('There is 1 possible match. <span class="underline">Click here</span> to view.', $object->message);
$this->assertContains('CreateModelsToMergeListAndChartView', $object->content);
//Test search by officePhone
$account->officePhone = '123456789';
$this->assertTrue($account->save());
$this->setGetArray(array('attribute' => 'officePhone', 'value' => '123456789'));
$content = $this->runControllerWithNoExceptionsAndGetContent('accounts/default/searchForDuplicateModels');
$object = json_decode($content);
$this->assertEquals('There is 1 possible match. <span class="underline">Click here</span> to view.', $object->message);
$this->assertContains('CreateModelsToMergeListAndChartView', $object->content);
//The dupe account has one meeting
$this->assertTag(array('tag' => 'span', 'attributes' => array('class' => 'total-meetings'), 'descendant' => array('tag' => 'strong', 'content' => '1')), $object->content);
//Test search by email
$account->primaryEmail->emailAddress = 'a@a.a';
$this->assertTrue($account->save());
$this->setGetArray(array('attribute' => 'primaryEmail', 'value' => 'a@a.a'));
$content = $this->runControllerWithNoExceptionsAndGetContent('accounts/default/searchForDuplicateModels');
$object = json_decode($content);
$this->assertEquals('There is 1 possible match. <span class="underline">Click here</span> to view.', $object->message);
$this->assertContains('CreateModelsToMergeListAndChartView', $object->content);
}
