Exemplo n.º 1
0
 public function testDocsPermissions()
 {
     $auth = TestingAuxLib::loadAuthManagerMock();
     TestingAuxLib::loadX2NonWebUser();
     // user has docs update access
     $user = $this->users('testUser');
     $auth->setAccess('AdminIndex', $user->id, array(), false);
     TestingAuxLib::suLogin('testuser');
     $auth->setAccess('DocsAdmin', $user->id, array(), false);
     $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
     // can't be edited since edit permissions list is empty
     $doc = $this->docs('0');
     $this->assertFalse((bool) $doc->checkEditPermissions());
     // "testuser" is in the edit permissions list
     $doc = $this->docs('1');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     $doc = $this->docs('3');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     // testuser created the the doc
     $doc = $this->docs('2');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     // user has docs private update access
     $auth->clearCache();
     $auth->setAccess('AdminIndex', $user->id, array(), false);
     $auth->setAccess('DocsAdmin', $user->id, array(), false);
     $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
     $auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), true);
     // can't be edited since edit permissions list is empty
     $doc = $this->docs('0');
     $this->assertFalse((bool) $doc->checkEditPermissions());
     // "testuser" is in the edit permissions list but since testuser only has private update
     // access, doc cannot be edited
     $doc = $this->docs('1');
     $this->assertFalse((bool) $doc->checkEditPermissions());
     $doc = $this->docs('3');
     $this->assertFalse((bool) $doc->checkEditPermissions());
     // testuser created the the doc, so they can edit it
     $doc = $this->docs('2');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     // user has docs admin access
     $auth->clearCache();
     $auth->setAccess('AdminIndex', $user->id, array(), false);
     $auth->setAccess('DocsAdmin', $user->id, array(), true);
     $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
     $auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), false);
     // user is docs admin
     $doc = $this->docs('0');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     // user is docs admin
     $doc = $this->docs('1');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     // user is docs admin
     $doc = $this->docs('2');
     $this->assertTrue((bool) $doc->checkEditPermissions());
     TestingAuxLib::restoreX2WebUser();
     TestingAuxLib::restoreX2AuthManager();
 }
 /**
  * Test visibility and access criteria for each access level 
  */
 public function testReadAccessLevels()
 {
     $auth = TestingAuxLib::loadAuthManagerMock();
     $user = $this->users('user2');
     $contactGroupmate = $this->contacts('contactGroupmate');
     $contactGroup = $this->contacts('contactGroup');
     $contactAnyone = $this->contacts('contactAnyone');
     $contactUserPrivate = $this->contacts('contactUserPrivate');
     $contactOtherPrivate = $this->contacts('contactOtherPrivate');
     $contactInvisible = $this->contacts('contactInvisible');
     // private read only access
     $auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), false);
     $auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), true);
     TestingAuxLib::suLogin('testUser2');
     $accessLevel = Contacts::model()->getAccessLevel();
     $this->assertEquals(X2PermissionsBehavior::QUERY_SELF, $accessLevel);
     $contactGroup->asa('permissions')->clearCache();
     $this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
     $contactGroupmate->asa('permissions')->clearCache();
     $this->assertFalse($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
     $contactAnyone->asa('permissions')->clearCache();
     $this->assertFalse($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
     $contactUserPrivate->asa('permissions')->clearCache();
     $this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactOtherPrivate->asa('permissions')->clearCache();
     $this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactInvisible->asa('permissions')->clearCache();
     $this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
     $criteria = Contacts::model()->getAccessCriteria();
     $contacts = Contacts::model()->findAll($criteria);
     $this->assertEquals(2, count($contacts));
     $this->assertEquals(2, count(array_intersect(array($contactGroup->id, $contactUserPrivate->id), array_map(function ($contact) {
         return $contact->id;
     }, $contacts))));
     // read only access
     $auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), true);
     $auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), false);
     $accessLevel = Contacts::model()->getAccessLevel();
     $this->assertEquals(X2PermissionsBehavior::QUERY_PUBLIC, $accessLevel);
     $contactGroup->asa('permissions')->clearCache();
     $this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
     $contactGroupmate->asa('permissions')->clearCache();
     $this->assertTrue($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
     $contactAnyone->asa('permissions')->clearCache();
     $this->assertTrue($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
     $contactUserPrivate->asa('permissions')->clearCache();
     $this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactOtherPrivate->asa('permissions')->clearCache();
     $this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactInvisible->asa('permissions')->clearCache();
     $this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
     $criteria = Contacts::model()->getAccessCriteria();
     $contacts = Contacts::model()->findAll($criteria);
     $this->assertEquals(4, count($contacts));
     $this->assertEquals(4, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id), array_map(function ($contact) {
         return $contact->id;
     }, $contacts))));
     // no access
     $auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), false);
     $auth->setAccess('ContactsPrivateReadOnlyAccess', $user->id, array(), false);
     $accessLevel = Contacts::model()->getAccessLevel();
     $this->assertEquals(X2PermissionsBehavior::QUERY_NONE, $accessLevel);
     $contactGroup->asa('permissions')->clearCache();
     $this->assertFalse($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
     $contactGroupmate->asa('permissions')->clearCache();
     $this->assertFalse($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
     $contactAnyone->asa('permissions')->clearCache();
     $this->assertFalse($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
     $contactUserPrivate->asa('permissions')->clearCache();
     $this->assertFalse($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactOtherPrivate->asa('permissions')->clearCache();
     $this->assertFalse($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactInvisible->asa('permissions')->clearCache();
     $this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
     $criteria = Contacts::model()->getAccessCriteria();
     $contacts = Contacts::model()->findAll($criteria);
     $this->assertEquals(0, count($contacts));
     $this->assertEquals(0, count(array_intersect(array(), array_map(function ($contact) {
         return $contact->id;
     }, $contacts))));
     // all access
     $auth->setAccess('ContactsAdmin', $user->id, array(), true);
     $auth->setAccess('AdminIndex', $user->id, array(), true);
     $auth->setAccess('ContactsReadOnlyAccess', $user->id, array(), true);
     $auth->setAccess('ContactsBasicAccess', $user->id, array(), true);
     $auth->setAccess('ContactsFullAccess', $user->id, array(), true);
     $auth->setAccess('ContactsUpdateAccess', $user->id, array(), true);
     $accessLevel = Contacts::model()->getAccessLevel();
     $this->assertEquals(X2PermissionsBehavior::QUERY_ALL, $accessLevel);
     $contactGroup->asa('permissions')->clearCache();
     $this->assertTrue($contactGroup->isVisibleTo(Yii::app()->getSuModel()));
     $contactGroupmate->asa('permissions')->clearCache();
     $this->assertTrue($contactGroupmate->isVisibleTo(Yii::app()->getSuModel()));
     $contactAnyone->asa('permissions')->clearCache();
     $this->assertTrue($contactAnyone->isVisibleTo(Yii::app()->getSuModel()));
     $contactUserPrivate->asa('permissions')->clearCache();
     $this->assertTrue($contactUserPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactOtherPrivate->asa('permissions')->clearCache();
     $this->assertTrue($contactOtherPrivate->isVisibleTo(Yii::app()->getSuModel()));
     $contactInvisible->asa('permissions')->clearCache();
     $this->assertFalse($contactInvisible->isVisibleTo(Yii::app()->getSuModel()));
     $criteria = Contacts::model()->getAccessCriteria();
     $contacts = Contacts::model()->findAll($criteria);
     $this->assertEquals(5, count($contacts));
     $this->assertEquals(5, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id, $contactOtherPrivate->id), array_map(function ($contact) {
         return $contact->id;
     }, $contacts))));
     $criteria = Contacts::model()->getAccessCriteria('t', 'X2PermissionsBehavior', true);
     $contacts = Contacts::model()->findAll($criteria);
     $this->assertEquals(6, count($contacts));
     $this->assertEquals(6, count(array_intersect(array($contactGroup->id, $contactGroupmate->id, $contactAnyone->id, $contactUserPrivate->id, $contactOtherPrivate->id, $contactInvisible->id), array_map(function ($contact) {
         return $contact->id;
     }, $contacts))));
     TestingAuxLib::restoreX2AuthManager();
 }