/** * @depends testCreateDropDownWithMixedCaseAttributeName */ public function testPopulateCustomAttributes() { $currencies = Currency::getAll(); $account = new Account(); $account->name = 'my test account'; $account->owner = Yii::app()->user->userModel; $account->testCheckBox2Cstm = 0; $account->testCurrency2Cstm->value = 728.89; $account->testCurrency2Cstm->currency = $currencies[0]; $account->testDate2Cstm = '2008-09-03'; $account->testDate3Cstm = '2008-09-02'; $account->testDateTime2Cstm = '2008-09-02 03:03:03'; $account->testDateTime3Cstm = '2008-09-01 03:03:03'; $account->testDecimal2Cstm = 45.67; $account->testDecimal3Cstm = 31.05; $account->testAirPlaneCstm->value = 'A380'; //Dive Bomber $account->testInteger2Cstm = 56; $account->testInteger3Cstm = 21; $account->testPhone2Cstm = '345345234'; $account->testPhone3Cstm = '345345221'; $account->testAirPlanePartsCstm->value = 'Seat'; // Wheel $account->testText2Cstm = 'some test stuff'; $account->testText3Cstm = 'some test stuff 3'; $account->testTextArea2Cstm = 'some test text area stuff'; $account->testTextArea3Cstm = 'some test text area stuff 3'; $account->testUrl2Cstm = 'https://www.zurmo.com'; $account->testUrl3Cstm = 'www.zurmo.org'; $account->playMyFavoriteSongCstm->value = 'song2'; // song 3 $account->testCountryCstm->value = 'bbbb'; $account->testStateCstm->value = 'bbb2'; $account->testCityCstm->value = 'bc2'; $account->testEducationCstm->value = 'cccc'; $account->testStreamCstm->value = 'ccc3'; //Set value to Multiselect list. $customHobbyValue1 = new CustomFieldValue(); $customHobbyValue1->value = 'Reading'; $account->testHobbies1Cstm->values->add($customHobbyValue1); $customHobbyValue2 = new CustomFieldValue(); $customHobbyValue2->value = 'Singing'; $account->testHobbies2Cstm->values->add($customHobbyValue2); //Set value to Tagcloud. $customLanguageValue1 = new CustomFieldValue(); $customLanguageValue1->value = 'English'; $account->testLanguages1Cstm->values->add($customLanguageValue1); $customLanguageValue2 = new CustomFieldValue(); $customLanguageValue2->value = 'Spanish'; $account->testLanguages2Cstm->values->add($customLanguageValue2); unset($customHobbyValue1); unset($customHobbyValue2); unset($customLanguageValue1); unset($customLanguageValue2); $saved = $account->save(); $this->assertTrue($saved); $accountId = $account->id; $account->forget(); unset($account); $account = Account::getById($accountId); $this->assertEquals(0, $account->testCheckBox2Cstm); $this->assertEquals(false, (bool) $account->testCheckBox2Cstm); $this->assertEquals(728.89, $account->testCurrency2Cstm->value); $this->assertEquals(1, $account->testCurrency2Cstm->rateToBase); $this->assertEquals('2008-09-03', $account->testDate2Cstm); $this->assertEquals('2008-09-02 03:03:03', $account->testDateTime2Cstm); $this->assertEquals(45.67, $account->testDecimal2Cstm); $this->assertEquals('A380', $account->testAirPlaneCstm->value); $this->assertEquals(56, $account->testInteger2Cstm); $this->assertEquals(345345234, $account->testPhone2Cstm); $this->assertEquals('Seat', $account->testAirPlanePartsCstm->value); $this->assertEquals('some test stuff', $account->testText2Cstm); $this->assertEquals('some test text area stuff', $account->testTextArea2Cstm); $this->assertEquals('https://www.zurmo.com', $account->testUrl2Cstm); $this->assertEquals('http://www.zurmo.org', $account->testUrl3Cstm); $this->assertEquals('song2', $account->playMyFavoriteSongCstm->value); $this->assertContains('Writing', $account->testHobbies1Cstm->values); $this->assertContains('Reading', $account->testHobbies1Cstm->values); $this->assertContains('Singing', $account->testHobbies2Cstm->values); $this->assertContains('English', $account->testLanguages1Cstm->values); $this->assertContains('French', $account->testLanguages1Cstm->values); $this->assertContains('Spanish', $account->testLanguages2Cstm->values); $this->assertEquals('bbbb', $account->testCountryCstm->value); $this->assertEquals('bbb2', $account->testStateCstm->value); $this->assertEquals('bc2', $account->testCityCstm->value); $this->assertEquals('cccc', $account->testEducationCstm->value); $this->assertEquals('ccc3', $account->testStreamCstm->value); $metadata = CalculatedDerivedAttributeMetadata::getByNameAndModelClassName('testCalculatedValue', 'Account'); $testCalculatedValue = CalculatedNumberUtil::calculateByFormulaAndModelAndResolveFormat($metadata->getFormula(), $account); $this->assertEquals('$774.56', $testCalculatedValue); unset($testCalculatedValue); $account->forget(); unset($account); $account = Account::getById($accountId); //Switch values around to cover for any default value pollution on the assertions above. $account->testCheckBox2Cstm = 1; $account->testCurrency2Cstm->value = 728.92; $account->testCurrency2Cstm->currency = $currencies[0]; $account->testDate2Cstm = '2008-09-04'; $account->testDateTime2Cstm = '2008-09-03 03:03:03'; $account->testDecimal2Cstm = 45.68; $account->testAirPlaneCstm->value = 'Dive Bomber'; $account->testInteger2Cstm = 57; $account->testPhone2Cstm = '3453452344'; $account->testAirPlanePartsCstm->value = 'Wheel'; $account->testText2Cstm = 'some test stuff2'; $account->testTextArea2Cstm = 'some test text area stuff2'; $account->testUrl2Cstm = 'http://www.zurmo.org'; $account->playMyFavoriteSongCstm->value = 'song3'; $account->testCountryCstm->value = 'cccc'; $account->testStateCstm->value = 'ccc3'; $account->testCityCstm->value = 'ca3'; $account->testEducationCstm->value = 'aaaa'; $account->testStreamCstm->value = 'aaa1'; $account->testHobbies1Cstm->values->removeAll(); $account->testHobbies2Cstm->values->removeAll(); $account->testLanguages1Cstm->values->removeAll(); $account->testLanguages2Cstm->values->removeAll(); $this->assertEquals(0, $account->testHobbies1Cstm->values->count()); $this->assertEquals(0, $account->testHobbies2Cstm->values->count()); $this->assertEquals(0, $account->testLanguages1Cstm->values->count()); $this->assertEquals(0, $account->testLanguages2Cstm->values->count()); //Set multiple value to Multiselect list. $customHobbyValue1 = new CustomFieldValue(); $customHobbyValue1->value = 'Writing'; $account->testHobbies1Cstm->values->add($customHobbyValue1); $customHobbyValue2 = new CustomFieldValue(); $customHobbyValue2->value = 'Reading'; $account->testHobbies1Cstm->values->add($customHobbyValue2); $customHobbyValue3 = new CustomFieldValue(); $customHobbyValue3->value = 'Singing'; $account->testHobbies2Cstm->values->add($customHobbyValue3); $customHobbyValue4 = new CustomFieldValue(); $customHobbyValue4->value = 'Surfing'; $account->testHobbies2Cstm->values->add($customHobbyValue4); $customHobbyValue5 = new CustomFieldValue(); $customHobbyValue5->value = 'Reading'; $account->testHobbies2Cstm->values->add($customHobbyValue5); //Set multiple value to Tagcloud. $customLanguageValue1 = new CustomFieldValue(); $customLanguageValue1->value = 'English'; $account->testLanguages1Cstm->values->add($customLanguageValue1); $customLanguageValue2 = new CustomFieldValue(); $customLanguageValue2->value = 'Danish'; $account->testLanguages1Cstm->values->add($customLanguageValue2); $customLanguageValue3 = new CustomFieldValue(); $customLanguageValue3->value = 'Spanish'; $account->testLanguages1Cstm->values->add($customLanguageValue3); $customLanguageValue4 = new CustomFieldValue(); $customLanguageValue4->value = 'French'; $account->testLanguages2Cstm->values->add($customLanguageValue4); $customLanguageValue5 = new CustomFieldValue(); $customLanguageValue5->value = 'Spanish'; $account->testLanguages2Cstm->values->add($customLanguageValue5); $saved = $account->save(); $this->assertTrue($saved); $accountId = $account->id; $account->forget(); unset($account); $account = Account::getById($accountId); $this->assertEquals(1, $account->testCheckBox2Cstm); $this->assertEquals(true, (bool) $account->testCheckBox2Cstm); $this->assertEquals(728.92, $account->testCurrency2Cstm->value); $this->assertEquals(1, $account->testCurrency2Cstm->rateToBase); $this->assertEquals('2008-09-04', $account->testDate2Cstm); $this->assertEquals('2008-09-03 03:03:03', $account->testDateTime2Cstm); $this->assertEquals(45.68, $account->testDecimal2Cstm); $this->assertEquals('Dive Bomber', $account->testAirPlaneCstm->value); $this->assertEquals(57, $account->testInteger2Cstm); $this->assertEquals(3453452344, $account->testPhone2Cstm); $this->assertEquals('Wheel', $account->testAirPlanePartsCstm->value); $this->assertEquals('some test stuff2', $account->testText2Cstm); $this->assertEquals('some test text area stuff2', $account->testTextArea2Cstm); $this->assertEquals('http://www.zurmo.org', $account->testUrl2Cstm); $this->assertEquals('song3', $account->playMyFavoriteSongCstm->value); $this->assertEquals(2, $account->testHobbies1Cstm->values->count()); $this->assertEquals(3, $account->testHobbies2Cstm->values->count()); $this->assertEquals(3, $account->testLanguages1Cstm->values->count()); $this->assertEquals(2, $account->testLanguages2Cstm->values->count()); $this->assertContains('Writing', $account->testHobbies1Cstm->values); $this->assertContains('Reading', $account->testHobbies1Cstm->values); $this->assertContains('Singing', $account->testHobbies2Cstm->values); $this->assertContains('Surfing', $account->testHobbies2Cstm->values); $this->assertContains('Reading', $account->testHobbies2Cstm->values); $this->assertContains('English', $account->testLanguages1Cstm->values); $this->assertContains('Danish', $account->testLanguages1Cstm->values); $this->assertContains('Spanish', $account->testLanguages1Cstm->values); $this->assertContains('French', $account->testLanguages2Cstm->values); $this->assertContains('Spanish', $account->testLanguages2Cstm->values); $this->assertEquals('cccc', $account->testCountryCstm->value); $this->assertEquals('ccc3', $account->testStateCstm->value); $this->assertEquals('ca3', $account->testCityCstm->value); $this->assertEquals('aaaa', $account->testEducationCstm->value); $this->assertEquals('aaa1', $account->testStreamCstm->value); }
/** * @depends testCreateAndGetAccountById */ public function testValidatesWithoutOwnerWhenSpecifyingAttributesToValidate() { $user = User::getByUsername('steven'); $this->assertTrue($user->id > 0); $account = new Account(false); $_POST['MassEdit'] = array('employees' => '1'); $_POST['fake'] = array('employees' => 4); PostUtil::sanitizePostForSavingMassEdit('fake'); $account->setAttributes($_POST['fake']); $account->validate(array_keys($_POST['MassEdit'])); $this->assertEquals(array(), $account->getErrors()); $account->forget(); $account = new Account(false); $_POST['MassEdit'] = array('owner' => '1'); $_POST['fake'] = array('owner' => array('id' => '')); PostUtil::sanitizePostForSavingMassEdit('fake'); $account->setAttributes($_POST['fake']); $account->validate(array_keys($_POST['MassEdit'])); //there should be an owner error since it is specified but blank $this->assertNotEquals(array(), $account->getErrors()); $account->forget(); $account = new Account(false); $_POST['MassEdit'] = array('employees' => '1', 'owner' => '2'); $_POST['fake'] = array('employees' => 4, 'owner' => array('id' => $user->id)); PostUtil::sanitizePostForSavingMassEdit('fake'); $account->setAttributes($_POST['fake']); $account->validate(array_keys($_POST['MassEdit'])); $this->assertEquals(array(), $account->getErrors()); }
public function testABitOfEverythingAsAnExample() { $superAdminDude = new User(); $superAdminDude->title->value = 'Miss'; $superAdminDude->username = '******'; $superAdminDude->firstName = 'Laura'; $superAdminDude->lastName = 'Laurason'; $superAdminDude->setPassword('laura'); $this->assertTrue($superAdminDude->save()); $adminDude = new User(); $adminDude->title->value = 'Mr.'; $adminDude->username = '******'; $adminDude->firstName = 'Jason'; $adminDude->lastName = 'Jasonson'; $adminDude->setPassword('jason'); $this->assertTrue($adminDude->save()); $accountOwner = new User(); $accountOwner->title->value = 'Mr.'; // :P $accountOwner->username = '******'; $accountOwner->firstName = 'lisa'; $accountOwner->lastName = 'Lisason'; $accountOwner->setPassword('lisay'); $this->assertTrue($accountOwner->save()); $salesDude1 = new User(); $salesDude1->title->value = 'Mr.'; $salesDude1->username = '******'; $salesDude1->firstName = 'Ray'; $salesDude1->lastName = 'Rayson'; $salesDude1->setPassword('ray45'); $this->assertTrue($salesDude1->save()); $salesDude2 = new User(); $salesDude2->title->value = 'Mr.'; $salesDude2->username = '******'; $salesDude2->firstName = 'Stafford'; $salesDude2->lastName = 'Staffordson'; $salesDude2->setPassword('stafford'); $this->assertTrue($salesDude2->save()); $managementDudette = new User(); $managementDudette->title->value = 'Ms.'; $managementDudette->username = '******'; $managementDudette->firstName = 'Donna'; $managementDudette->lastName = 'Donnason'; $managementDudette->setPassword('donna'); $this->assertTrue($managementDudette->save()); $supportDude = new User(); $supportDude->title->value = 'Mr.'; $supportDude->username = '******'; $supportDude->firstName = 'Ross'; $supportDude->lastName = 'Rosson'; $supportDude->setPassword('rossy'); $this->assertTrue($supportDude->save()); $superAdminDudes = new Group(); $superAdminDudes->name = 'Super Admin Dudes'; $superAdminDudes->users->add($superAdminDude); $this->assertTrue($superAdminDudes->save()); $adminDudes = new Group(); $adminDudes->name = 'Admin Dudes'; $adminDudes->users->add($adminDude); $adminDudes->groups->add($superAdminDudes); $this->assertTrue($adminDudes->save()); $superAdminDudes->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES, 0); $this->assertTrue($superAdminDudes->save()); $adminDudes->setRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS); $adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB); $adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE); $adminDudes->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $adminDudes->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS, 90); $this->assertTrue($adminDudes->save()); $salesDudes = new Group(); $salesDudes->name = 'Sales Dudes'; $salesDudes->users->add($salesDude1); $salesDudes->users->add($salesDude2); $this->assertTrue($salesDudes->save()); $managementDudes = new Group(); $managementDudes->name = 'Management Dudes'; $managementDudes->users->add($managementDudette); $this->assertTrue($managementDudes->save()); $everyone = Group::getByName(Group::EVERYONE_GROUP_NAME); $everyone->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB); $everyone->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES, 1); $everyone->setPolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS, 30); $this->assertTrue($everyone->save()); Yii::app()->user->userModel = $accountOwner; $account = new Account(); $account->name = 'Doozy Co.'; $this->assertTrue($account->save()); // The account has no explicit permissions set at this point. // The account owner has full permissions implicitly. $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); // Nobody else has permissions. $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); // Everyone is given read permissions to the account. $everyone = Group::getByName(Group::EVERYONE_GROUP_NAME); $account->addPermissions($everyone, Permission::READ); $account->save(); // In one step everyone has read permissions, except the owner who still has full. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // Sales Dudes is given write permissions to the account. $account->addPermissions($salesDudes, Permission::WRITE); $account->save(); // The Sales Dudes group and everyone in it has write. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // Management Dudes is given change owner permissions to the account. $account->addPermissions($managementDudes, Permission::CHANGE_OWNER); $account->save(); // The Managment Dudes group and everyone in it has change owner. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // We want to remove Support Dude's read on the account. // The first way... having thought about our security and groups well... // Everyone's read permission is removed, and instead Sales Dudes // and Managment Dudes are given read permissions. Order is irrelevant. $account->removePermissions($everyone, Permission::READ); $account->addPermissions($salesDudes, Permission::READ); $account->addPermissions($managementDudes, Permission::READ); $account->save(); // The effect is that Support Dude and Admin Dudes lose read permissions because // now nobody has that permission via Everyone. $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($everyone)); // Permissions are set back. $account->addPermissions($everyone, Permission::READ); $account->removePermissions($salesDudes, Permission::READ); $account->removePermissions($managementDudes, Permission::READ); $account->save(); // Support Dude and Admin Dudes get their read back. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // The second way... more ad-hoc... // We explicitly deny. Deny's have precedence over allows. $account->addPermissions($supportDude, Permission::READ, Permission::DENY); $account->save(); // The effect is that Support Dude loses read permissions but // Everyone else still has read. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // Managment Dudes has all permissions is denied. // This takes precedence over the read permission the group was given. $account->addPermissions($managementDudes, Permission::ALL, Permission::DENY); $account->save(); // The effect is that Management Dudes lose all permissions // regardless of what they have been granted. $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // We'll give Management Dudes back their permissions. $account->removePermissions($managementDudes, Permission::ALL, Permission::DENY); // And give management dudette change permissions. $account->addPermissions($managementDudette, Permission::CHANGE_PERMISSIONS); $account->save(); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::ALL, $account->getEffectivePermissions($accountOwner)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::READ | Permission::CHANGE_PERMISSIONS | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::READ_WRITE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); $this->assertEquals(Permission::READ, $account->getEffectivePermissions($everyone)); // Then we'll just nuke eveyone's permissions. If you use this it is for // the kind of scenario where an admin wants to re-setup permissions from scratch // so you'd put a Do You Really Want To Do This???? kind of message. Permission::deleteAll(); // Removing all permissions is done directly on the database, // so we need to forget our account and get it back again. $accountId = $account->id; $account->forget(); unset($account); $account = Account::getById($accountId); // Nobody else has permissions again. $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDude)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($adminDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude1)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDude2)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudette)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($salesDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($managementDudes)); $this->assertEquals(Permission::NONE, $account->getEffectivePermissions($supportDude)); // TODO // - Permissions on modules. // - Permissions on types. // - Permissions on fields. // All users have the right to login via the web, because the Everyone group was granted that right. $this->assertEquals(Right::ALLOW, $adminDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $adminDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $salesDude1->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $salesDude2->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $managementDudette->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $salesDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $managementDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $supportDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $everyone->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB)); $this->assertEquals(Right::ALLOW, $adminDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::ALLOW, $adminDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $salesDude1->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $salesDude2->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $managementDudette->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $salesDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $managementDudes->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $supportDude->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); $this->assertEquals(Right::DENY, $everyone->getEffectiveRight('UsersModule', UsersModule::RIGHT_CHANGE_USER_PASSWORDS)); // All users have a password expiry days of 30 because it was set on Everyone, but that was overridden // for Admin Dudes with a more generous password expiry policy set for them. $this->assertEquals(90, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(90, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(90, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(90, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $salesDude1->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $salesDude2->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $managementDudette->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $salesDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $managementDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $supportDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); $this->assertEquals(30, $everyone->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRY_DAYS)); // But all users' passwords, except Super Admin Dudes, expire because of the policy set on Everyone, // which is set more specifically for Super Admin Dudes. $this->assertEquals(0, $superAdminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(0, $superAdminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $adminDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $adminDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $salesDude1->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $salesDude2->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $managementDudette->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $salesDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $managementDudes->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $supportDude->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); $this->assertEquals(1, $everyone->getEffectivePolicy('UsersModule', UsersModule::POLICY_PASSWORD_EXPIRES)); // The policy set on Super Admin Dudes that their passwords don't expire is more explicit than the Everyone // setting and so takes precedence. While ALLOW for permissions and rights is just required from any one // source (explicit or inherited from a group) and DENY on any source overrides it, the effective policy // is the most explicit. A policy set specifically on a user overrides a policy set on a group they are // directly in, which overrides one that that group is in, and so on, which overrides anything set on the // Everyone group. If nothing is set the policy value is null. // TODO // - Roles. }
public function testMakeBySecurableItem() { Yii::app()->user->userModel = User::getByUsername('super'); $group2 = Group::getByName('Group2'); $group3 = Group::getByName('Group3'); $account = new Account(); $account->name = 'aTestAccount'; $account->owner = Yii::app()->user->userModel; $this->assertTrue($account->save()); $account->addPermissions($group2, Permission::READ_WRITE); $account->addPermissions($group3, Permission::READ); $this->assertTrue($account->save()); $accountId = $account->id; $account->forget(); unset($account); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId)); $this->assertTrue($explicitReadWriteModelPermissions instanceof ExplicitReadWriteModelPermissions); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables(); $this->assertEquals(1, count($readWritePermitables)); $this->assertEquals(1, count($readOnlyPermitables)); $this->assertEquals($group3, $readOnlyPermitables[$group3->id]); $this->assertEquals($group2, $readWritePermitables[$group2->id]); }
/** * @depends testSearchForMultiSelectDropDownAttributePlacedForAccountsModule */ public function testMultiSelectDropDownAttributeValuesAfterCreateAndEditPlacedForAccountsModule() { //Test that the multiple select attribute can query properly for search. $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; //Create an account to test searching multiple fields on for search. $account = new Account(); $this->assertEquals(1, $account->testHobbiesCstm->values->count()); $account->testHobbiesCstm->values->removeAll(); $this->assertEquals(0, $account->testHobbiesCstm->values->count()); $account->name = 'MyTestAccount'; $account->owner = Yii::app()->user->userModel; $customFieldValue1 = new CustomFieldValue(); $customFieldValue1->value = 'Reading'; $account->testHobbiesCstm->values->add($customFieldValue1); $customFieldValue2 = new CustomFieldValue(); $customFieldValue2->value = 'Writing'; $account->testHobbiesCstm->values->add($customFieldValue2); $this->assertTrue($account->save()); $accountId = $account->id; $account->forget(); unset($account); $account = Account::getById($accountId); $this->assertEquals(2, $account->testHobbiesCstm->values->count()); $this->assertContains('Reading', $account->testHobbiesCstm->values); $this->assertContains('Writing', $account->testHobbiesCstm->values); $account->forget(); unset($account); $account = Account::getById($accountId); $customFieldValue3 = new CustomFieldValue(); $customFieldValue3->value = 'Writing'; $account->testHobbiesCstm->values->add($customFieldValue3); $this->assertEquals(3, $account->testHobbiesCstm->values->count()); $this->assertContains('Reading', $account->testHobbiesCstm->values); $this->assertContains('Writing', $account->testHobbiesCstm->values); $this->assertNotContains('Surfing', $account->testHobbiesCstm->values); $this->assertNotContains('Gardening', $account->testHobbiesCstm->values); }
/** * @depends testItemReadOnlyFieldsModifiedUser */ public function testItemReadOnlyChangeScenarioSoCanPopulate() { Yii::app()->user->userModel = User::getByUsername('super'); $dbDateTime1 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 200); $dbDateTime2 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 300); $dbDateTime3 = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - 400); $jimmy = UserTestHelper::createBasicUser('Jimmy'); $user = User::getByUsername('billy'); $account = new Account(); $account->setScenario('importModel'); $account->createdByUser = $user; $account->modifiedByUser = $user; $account->createdDateTime = $dbDateTime1; $account->modifiedDateTime = $dbDateTime2; $account->owner = Yii::app()->user->userModel; $account->name = 'someName'; $this->assertTrue($account->save()); $accountId = $account->id; $account->forget(); $account = Account::getById($accountId); $this->assertEquals($user, $account->createdByUser); $this->assertEquals($user, $account->modifiedByUser); $this->assertEquals($dbDateTime1, $account->createdDateTime); $this->assertEquals($dbDateTime2, $account->modifiedDateTime); $account->name = 'aNewName'; $this->assertTrue($account->save()); $account->forget(); //Now test that the attempt to change createdByUser and modifiedUser on an existing model will not work. //even when there are read only override permissions set. $account = Account::getById($accountId); $this->assertEquals($user, $account->createdByUser); $this->assertEquals(Yii::app()->user->userModel, $account->modifiedByUser); $this->assertNotEquals($dbDateTime2, $account->modifiedDateTime); $this->assertNotEquals($dbDateTime3, $account->modifiedDateTime); }