function test_basic_check_array()
{
$pt =& Dataface_PermissionsTool::getInstance();
$this->assertTrue($pt->checkPermission('view', array('view' => 'View')));
$this->assertTrue(Dataface_PermissionsTool::checkPermission('view', array('view' => 'View')));
$this->assertTrue(!$pt->checkPermission('view', array()));
$this->assertTrue(!Dataface_PermissionsTool::checkPermission('view', array()));
$this->assertTrue($pt->checkPermission('edit', array('view' => 'View', 'edit' => 'Edit')));
$perms = array('view' => 'View');
$this->assertTrue($pt->view($perms));
$perms = array('view' => 'View');
$this->assertTrue(Dataface_PermissionsTool::view($perms));
$perms = array('edit' => 'Edit');
$this->assertTrue(!$pt->view($perms));
$perms = array('edit' => 'Edit');
$this->assertTrue(!Dataface_PermissionsTool::view($perms));
$this->assertTrue($pt->edit($perms));
$this->assertTrue(Dataface_PermissionsTool::edit($perms));
$perms = array('delete' => 'Delete');
$this->assertTrue(!$pt->edit($perms));
$this->assertTrue(!Dataface_PermissionsTool::edit($perms));
$this->assertTrue($pt->delete($perms));
$this->assertTrue(Dataface_PermissionsTool::delete($perms));
}
/**
* Handles initialization and control for the delete form.
*/
function _delete_init()
{
import('Dataface/DeleteForm.php');
$record = new Dataface_Record($this->_tablename, @$_REQUEST['--__keys__']);
if (!Dataface_PermissionsTool::delete($record)) {
$this->_vars['error'] = "<div class=\"error\">Error. Permission Denied.<!-- At line " . __LINE__ . " of file " . __FILE__ . " --></div>";
return;
}
$form = new Dataface_DeleteForm($this->_tablename, $this->_db, $this->_query);
$form->_build();
$form->addElement('hidden', '-table');
$form->setDefaults(array('-table' => $this->_tablename));
$this->_vars['form'] =& $form;
if ($form->validate()) {
$res = $form->process(array(&$form, 'delete'), true);
$response = Dataface_Application::getResponse();
if (PEAR::isError($res) && !Dataface_Error::isNotice($res)) {
$msg = $res->getMessage();
$msg .= "\n" . $res->getUserInfo();
} else {
if (Dataface_Error::isNotice($res)) {
$response['--msg'] = @$response['--msg'] . "\n" . $res->getMessage();
} else {
$msg = 'Records successfully deleted.';
}
}
$msg = urlencode(trim($msg . "\n" . $response['--msg']));
header('Location: ' . $_SERVER['HOST_URI'] . DATAFACE_SITE_HREF . '?-table=' . $this->_tablename . '&--msg=' . $msg);
exit;
}
}
/**
* Validates the input to make sure that the delete can take place.
*/
function checkPermissions()
{
$errors = array();
if ($this->isSubmitted()) {
$errCounter = 1;
import('Dataface/PermissionsTool.php');
import('dataface-public-api.php');
$query = $this->_buildDeleteQuery($this->exportValues());
if (PEAR::isError($query)) {
$errors[$errCounter++] = $query->getMessage();
}
$records =& df_get_records_array($this->_tablename, $query);
if (PEAR::isError($records)) {
$errors[$errCounter++] = $query->getMessage();
// we attach this error to the '-submit' field because I don't know how to attach it to the form.
}
if (!is_array($records)) {
$errors[$errCounter++] = df_translate('scripts.Dataface.DeleteForm.display.ERROR_NO_RECORDS_FOUND', "No records matched the query, so no records can be deleted.");
} else {
foreach (array_keys($records) as $index) {
if (!Dataface_PermissionsTool::delete($records[$index])) {
$errors[$errCounter++] = df_translate('scripts.Dataface.DeleteForm.checkPermissions.ERROR_PERMISSION_DENIED', "Permission Denied: You do not have permission to delete this record (" . $records[$index]->getTitle() . ")", array('title' => $records[$index]->getTitle()));
// we attach this error to the '-submit' field because I don't know how to attach it to the form.
}
}
}
}
if (count($errors) > 0) {
return $errors;
}
return true;
}
