public function testSettingAndGetting()
{
Yii::app()->user->userModel = User::getByUsername('super');
$group1 = new Group();
$group1->name = 'Group1';
$this->assertTrue($group1->save());
$group2 = new Group();
$group2->name = 'Group2';
$this->assertTrue($group2->save());
$group3 = new Group();
$group3->name = 'Group3';
$this->assertTrue($group3->save());
$group4 = new Group();
$group4->name = 'Group4';
$this->assertTrue($group4->save());
$group5 = new Group();
$group5->name = 'Group5';
$this->assertTrue($group5->save());
$group6 = new Group();
$group6->name = 'Group6';
$this->assertTrue($group6->save());
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$this->assertEquals(0, $explicitReadWriteModelPermissions->getReadOnlyPermitablesCount());
$this->assertEquals(0, $explicitReadWriteModelPermissions->getReadWritePermitablesCount());
//Now add permitables and test retrieving them.
$explicitReadWriteModelPermissions->addReadOnlyPermitable($group1);
$explicitReadWriteModelPermissions->addReadWritePermitable($group2);
$explicitReadWriteModelPermissions->addReadWritePermitable($group3);
$explicitReadWriteModelPermissions->addReadOnlyPermitableToRemove($group4);
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group5);
$this->assertEquals(1, $explicitReadWriteModelPermissions->getReadOnlyPermitablesCount());
$this->assertEquals(2, $explicitReadWriteModelPermissions->getReadWritePermitablesCount());
$this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesToRemoveCount());
$this->assertEquals(1, $explicitReadWriteModelPermissions->getReadWritePermitablesToRemoveCount());
$readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
$readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
$this->assertEquals(1, count($readOnlyPermitables));
$this->assertEquals(2, count($readWritePermitables));
$this->assertEquals($group1, $readOnlyPermitables[$group1->id]);
$this->assertEquals($group2, $readWritePermitables[$group2->id]);
$this->assertEquals($group3, $readWritePermitables[$group3->id]);
$readOnlyPermitablesToRemove = $explicitReadWriteModelPermissions->getReadOnlyPermitablesToRemove();
$readWritePermitablesToRemove = $explicitReadWriteModelPermissions->getReadWritePermitablesToRemove();
$this->assertEquals($group4, $readOnlyPermitablesToRemove[$group4->id]);
$this->assertEquals($group5, $readWritePermitablesToRemove[$group5->id]);
$this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group1));
$this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group2));
$this->assertTrue($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group3));
$this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group4));
$this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group5));
$this->assertFalse($explicitReadWriteModelPermissions->isReadOrReadWritePermitable($group6));
$this->assertEquals(1, count($explicitReadWriteModelPermissions->getReadWritePermitablesToRemove()));
$explicitReadWriteModelPermissions->removeAllReadWritePermitables();
$this->assertEquals(3, count($explicitReadWriteModelPermissions->getReadWritePermitablesToRemove()));
}
/**
* @depends testMakeBySecurableItem
*/
public function testResolveExplicitReadWriteModelPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$accounts = Account::getByName('aTestAccount');
$this->assertEquals(1, count($accounts));
$account = $accounts[0];
$accountId = $account->id;
$group4 = Group::getByName('Group4');
$group3 = Group::getByName('Group3');
$group2 = Group::getByName('Group2');
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group3);
$explicitReadWriteModelPermissions->addReadWritePermitable($group4);
ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions);
$account->forget();
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId));
$readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
$readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
$this->assertEquals(2, count($readWritePermitables));
$this->assertEquals(0, count($readOnlyPermitables));
$this->assertEquals($group2, $readWritePermitables[$group2->id]);
$this->assertEquals($group4, $readWritePermitables[$group4->id]);
}
/**
* If the ExplicitReadWriteModelPermissions says a group is read/write, but the existing securable item
* does not have that, then this signals this group will need to be added. Whereas if the securable item has a
* read/write group that the ExplicitReadWriteModelPermissions does not have, this signals that this read/write
* needs to be removed.
* @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions
* @param SecurableItem $securableItem
*/
protected static function resolveForDifferencesBySecurableItem($explicitReadWriteModelPermissions, SecurableItem $securableItem)
{
foreach ($securableItem->permissions as $permission) {
$permission->castDownPermitable();
if ($permission->permitable instanceof Group && $permission->type == Permission::ALLOW) {
if (Permission::READ == ($permission->permissions & Permission::READ)) {
if (!$explicitReadWriteModelPermissions->isReadOrReadWritePermitable($permission->permitable)) {
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($permission->permitable);
}
} elseif (Permission::WRITE == ($permission->permissions & Permission::WRITE)) {
if (!$explicitReadWriteModelPermissions->isReadOrReadWritePermitable($permission->permitable)) {
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($permission->permitable);
}
}
break;
}
}
}
/**
* @depends testMakeBySecurableItem
*/
public function testResolveExplicitReadWriteModelPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$accounts = Account::getByName('aTestAccount');
$this->assertEquals(1, count($accounts));
$account = $accounts[0];
$accountId = $account->id;
$group4 = Group::getByName('Group4');
$group3 = Group::getByName('Group3');
$group2 = Group::getByName('Group2');
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($group3);
$explicitReadWriteModelPermissions->addReadWritePermitable($group4);
ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions);
$account->forget();
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem(Account::getById($accountId));
$readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
$readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
$this->assertEquals(2, count($readWritePermitables));
$this->assertEquals(0, count($readOnlyPermitables));
$this->assertEquals($group2, $readWritePermitables[$group2->getClassId('Permitable')]);
$this->assertEquals($group4, $readWritePermitables[$group4->getClassId('Permitable')]);
//Test adding group4 again. The _read count should be the same
$account = Account::getById($accountId);
$sanitizedData = array();
$sanitizedData['explicitReadWriteModelPermissions'] = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $group4->id);
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedData, $account);
ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions);
$this->assertEquals(array(array('G' . $group4->id, 1)), AccountReadPermissionsOptimizationBaseTest::getAccountMungeRows($account));
}
/**
* Remove desired RW permitables from model, reset the _permitablesToDetachAfterSave array once done.
* @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions
*/
protected function resolvePermitablesToDetach(ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions)
{
foreach ($this->_permitablesToDetachAfterSave as $permitable) {
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($permitable);
}
// this is what prevents infinite loops of saves
$this->_permitablesToDetachAfterSave = array();
}
/**
* Resolve explicit permissions of the requested by user for the task
* @param Task $task
* @param Permitable $origRequestedByUser
* @param Permitable $requestedByUser
* @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions
*/
public static function resolveExplicitPermissionsForRequestedByUser(Task $task, Permitable $origRequestedByUser, Permitable $requestedByUser, ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions)
{
$explicitReadWriteModelPermissions->addReadWritePermitableToRemove($origRequestedByUser);
$explicitReadWriteModelPermissions->addReadWritePermitable($requestedByUser);
ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($task, $explicitReadWriteModelPermissions);
}
