protected static function resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model) { if ($model instanceof SecurableItem) { return ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedData, $model); } else { return null; } }
public function testProductSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $contacts = Contact::getAll(); $accounts = Account::getByName('superAccount'); $opportunities = Opportunity::getByName('superOpportunity'); $productTemplates = ProductTemplate::getByName('superProductTemplate'); $account = $accounts[0]; $user = $account->owner; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $currencyHelper = Yii::app()->currencyHelper; $currencyCode = $currencyHelper->getBaseCode(); $currency = Currency::getByCode($currencyCode); $postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Product(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProductPermissionTest', $model->name); }
public function actionSave($builtType) { $postData = PostUtil::getData(); $emailTemplate = null; $this->resolveEmailTemplateByPostData($postData, $emailTemplate, $builtType); $emailTemplateToWizardFormAdapter = new EmailTemplateToWizardFormAdapter($emailTemplate); $model = $emailTemplateToWizardFormAdapter->makeFormByBuiltType(); if (isset($postData['ajax']) && $postData['ajax'] === 'edit-form') { $this->actionValidate($postData, $model); } $unmuteScoring = false; if ($emailTemplate->isBuilderTemplate() && ($emailTemplate->isDraft || !isset($emailTemplate->isDraft))) { Yii::app()->gameHelper->muteScoringModelsOnSave(); $unmuteScoring = true; } $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($postData[get_class($model)], $emailTemplate); if ($emailTemplate->save()) { if ($unmuteScoring) { Yii::app()->gameHelper->unmuteScoringModelsOnSave(); } if ($explicitReadWriteModelPermissions != null) { ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailTemplate, $explicitReadWriteModelPermissions); } $modelClassName = $emailTemplate->modelClassName; $moduleClassName = $modelClassName::getModuleClassName(); echo CJSON::encode(array('id' => $emailTemplate->id, 'redirectToList' => false, 'moduleClassName' => $moduleClassName)); Yii::app()->end(0, false); } else { throw new FailedToSaveModelException(); } }
/** * @depends testResolveExplicitReadWriteModelPermissions */ public function testResolveByPostDataAndModelThenMake() { Yii::app()->user->userModel = User::getByUsername('super'); $accounts = Account::getByName('aTestAccount'); $this->assertEquals(1, count($accounts)); $account = $accounts[0]; $group3 = Group::getByName('Group3'); //Remove group 2 and 4, and add group 3. $postData = array('explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $group3->id)); $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($postData, $account); $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables(); $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables(); $this->assertEquals(1, count($readWritePermitables)); $this->assertEquals(0, count($readOnlyPermitables)); $this->assertEquals($group3, $readWritePermitables[$group3->id]); }
public function actionSave($type, $id = null, $isBeingCopied = false) { $postData = PostUtil::getData(); $savedReport = null; $report = null; $this->resolveSavedReportAndReportByPostData($postData, $savedReport, $report, $type, $id, (bool) $isBeingCopied); $reportToWizardFormAdapter = new ReportToWizardFormAdapter($report); $model = $reportToWizardFormAdapter->makeFormByType(); if (isset($postData['ajax']) && $postData['ajax'] === 'edit-form') { $errorData = ReportUtil::validateReportWizardForm($postData, $model); echo CJSON::encode($errorData); Yii::app()->end(0, false); } $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($postData[get_class($model)], $savedReport); SavedReportToReportAdapter::resolveReportToSavedReport($report, $savedReport); if ($savedReport->id > 0) { ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedReport->moduleClassName); } ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($savedReport); if ($savedReport->save()) { StickyReportUtil::clearDataByKey($savedReport->id); if ($explicitReadWriteModelPermissions != null) { ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($savedReport, $explicitReadWriteModelPermissions); } //i can do a safety check on perms, then do flash here, on the jscript we can go to list instead and this should come up... //make sure you add to list of things to test. $redirectToList = $this->resolveAfterSaveHasPermissionsProblem($savedReport, $postData[get_class($model)]['name']); echo CJSON::encode(array('id' => $savedReport->id, 'redirectToList' => $redirectToList)); Yii::app()->end(0, false); } else { throw new FailedToSaveModelException(); } }
public function testProjectSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $user = Yii::app()->user->userModel; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Project(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProjectPermissionTest', $model->name); }