/**
* Takes post data and prepares it for setting the membership on the group.
* Adds and removes users to group based on a form's userMembershipData
* @return boolean. True if membership was set successfully.
*/
public static function setMembershipFromForm($form, $group)
{
assert('$group instanceof Group');
assert('$form instanceof GroupUserMembershipForm');
$removedUsers = array();
$addedUsers = array();
foreach ($group->users as $index => $user) {
if (empty($form->userMembershipData[$user->id])) {
$group->users->removeByIndex($index);
$removedUsers[] = $user;
}
}
$users = GroupUserMembershipFormUtil::makeUsersFromUserMembershipData($form->userMembershipData);
foreach ($users as $user) {
if (!$group->users->contains($user)) {
$group->users->add($user);
$addedUsers[] = $user;
}
}
$group->save();
foreach ($removedUsers as $user) {
ReadPermissionsOptimizationUtil::userRemovedFromGroup($group, $user);
}
foreach ($addedUsers as $user) {
ReadPermissionsOptimizationUtil::userAddedToGroup($group, $user);
}
return true;
}
public function actionEditUserMembership($id)
{
$group = Group::getById(intval($id));
$title = Zurmo::t('ZurmoModule', 'User Membership');
$breadCrumbLinks = array(strval($group) => array('group/' . static::resolveBreadCrumbActionByGroup($group), 'id' => $id), $title);
$membershipForm = GroupUserMembershipFormUtil::makeFormFromGroup($group);
$postVariableName = get_class($membershipForm);
if (isset($_POST[$postVariableName])) {
$castedPostData = GroupUserMembershipFormUtil::typeCastPostData($_POST[$postVariableName]);
GroupUserMembershipFormUtil::setFormFromCastedPost($membershipForm, $castedPostData);
if (null != ($message = GroupUserMembershipFormUtil::validateMembershipChange($membershipForm, $group))) {
Yii::app()->user->setFlash('notification', $message);
} elseif (!$group->canModifyMemberships()) {
throw new SecurityException();
} elseif (GroupUserMembershipFormUtil::setMembershipFromForm($membershipForm, $group)) {
$this->clearCaches();
Yii::app()->user->setFlash('notification', Zurmo::t('ZurmoModule', 'User Membership Saved Successfully.'));
$action = $this->resolveActionToGoToAfterSave($group);
$this->redirect(array($this->getId() . '/' . $action, 'id' => $group->id));
Yii::app()->end(0, false);
}
}
$titleBarAndEditView = new GroupActionBarAndUserMembershipEditView($this->getId(), $this->getModule()->getId(), $membershipForm, $group, $this->getModule()->getPluralCamelCasedName());
$view = new GroupsPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $titleBarAndEditView, $breadCrumbLinks, 'GroupBreadCrumbView'));
echo $view->render();
}
public function testValidateMembershipChange()
{
$bill = User::getByUsername('billy');
$jim = User::getByUsername('jimmy');
$fakePostData = array('userMembershipData' => array(0 => $bill->id), 'userNonMembershipData' => array(0 => $jim->id));
$form = new GroupUserMembershipForm();
$this->assertEmpty($form->userMembershipData);
$this->assertEmpty($form->userNonMembershipData);
$bill->setIsSystemUser();
$bill->firstName = 'Billy';
$bill->lastName = 'Billium';
$bill->save();
$group = Group::getByName(Group::SUPER_ADMINISTRATORS_GROUP_NAME);
$content = GroupUserMembershipFormUtil::validateMembershipChange($form, $group);
$this->assertTrue(strpos($content, 'There must be at') === 0);
$group->users->add($bill);
$this->assertTrue($group->save());
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$content = GroupUserMembershipFormUtil::validateMembershipChange($form, $group);
$this->assertTrue(strpos($content, 'You cannot remove') === false);
//Now add jimmy as a super user.
$group->users->add($jim);
$this->assertTrue($group->save());
$fakePostData = array('userMembershipData' => array(0 => $bill->id, 1 => $jim->id));
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
//Now try to remove bill, it should pass ok validation because it won't really let you when it sets to form
unset($form->userMembershipData[$bill->id]);
$content = GroupUserMembershipFormUtil::validateMembershipChange($form, $group);
$this->assertTrue(strpos($content, 'You cannot remove') === false);
}
/**
* @depends testUserAddedToGroup_Slide21
*/
public function testUserAddedToGroup_Slide22()
{
$u2 = User::getByUsername('u2.');
$u99 = User::getByUsername('u99.');
Yii::app()->user->userModel = $u99;
$g1 = Group::getByName('G1.');
$g2 = Group::getByName('G2.');
$g3 = Group::getByName('G3.');
$g3->groups->add($g2);
$this->assertTrue($g3->save());
$g2->groups->add($g1);
$this->assertTrue($g2->save());
Yii::app()->user->userModel = $u99;
$a3 = new Account();
$a3->name = 'A3.';
$a3->addPermissions($g1, Permission::READ);
$this->assertTrue($a3->save());
//Called in OwnedSecurableItem::afterSave();
//ReadPermissionsOptimizationUtil::ownedSecurableItemCreated($a3);
$a2 = new Account();
$a2->name = 'A2.';
$a2->addPermissions($g2, Permission::READ);
$this->assertTrue($a2->save());
//Called in OwnedSecurableItem::afterSave();
//ReadPermissionsOptimizationUtil::ownedSecurableItemCreated($a2);
$a1 = new Account();
$a1->name = 'A1.';
$a1->addPermissions($g3, Permission::READ);
$this->assertTrue($a1->save());
//Called in OwnedSecurableItem::afterSave();
//ReadPermissionsOptimizationUtil::ownedSecurableItemCreated($a1);
ReadPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($a3, $g1);
ReadPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($a2, $g2);
ReadPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($a1, $g3);
//Utilize method that is used by user interface to handle removing users from a group.
$form = new GroupUserMembershipForm();
$fakePostData = array('userMembershipData' => array(0 => $u2->id), 'userNonMembershipData' => array());
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $g1);
//This is completed above in GroupUserMembershipFormUtil::setMembershipFromForm
//$g1->users->add($u2);
//$this->assertTrue($g1->save());
//ReadPermissionsOptimizationUtil::userAddedToGroup($g1, $u2);
$this->assertEquals(array(array('A1', 'G1', 1), array('A1', 'G2', 1), array('A1', 'G3', 1), array('A1', 'R5', 1), array('A1', 'R6', 1), array('A2', 'G1', 1), array('A2', 'G2', 1), array('A2', 'R5', 1), array('A2', 'R6', 1), array('A3', 'G1', 1), array('A3', 'R5', 1), array('A3', 'R6', 1)), self::getAccountMungeRows());
$this->assertTrue(self::accountMungeDoesntChangeWhenRebuilt());
//Utilize method that is used by user interface to handle removing users from a group.
$form = new GroupUserMembershipForm();
$fakePostData = array('userMembershipData' => array(), 'userNonMembershipData' => array());
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $g1);
//This is completed above in GroupUserMembershipFormUtil::setMembershipFromForm
//$g1->users->remove($u2);
//$this->assertTrue($g1->save());
//ReadPermissionsOptimizationUtil::userRemovedFromGroup($g1, $u2);
$this->assertEquals(array(array('A1', 'G1', 1), array('A1', 'G2', 1), array('A1', 'G3', 1), array('A2', 'G1', 1), array('A2', 'G2', 1), array('A3', 'G1', 1)), self::getAccountMungeRows());
$this->assertTrue(self::accountMungeDoesntChangeWhenRebuilt());
$a1->delete();
$a2->delete();
$a3->delete();
$g1->group = null;
$this->assertTrue($g1->save());
$g2->group = null;
$this->assertTrue($g2->save());
$g3->group = null;
$this->assertTrue($g3->save());
}
/**
* Remove user from group, and in this case user and account should still exist in table but with TYPE_DELETE
* Also in this scenario test when user is added again to the group, after it is removed from group
* @depends testGroupChangeOrDeleteScenario1
*/
public function testGroupChangeOrDeleteScenario2()
{
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
$job = new ReadPermissionSubscriptionUpdateForAccountJob();
$jobBasedOnBuildTable = new ReadPermissionSubscriptionUpdateForAccountFromBuildTableJob();
Yii::app()->jobQueue->deleteAll();
$this->deleteAllModelsAndRecordsFromReadPermissionTable('Account');
$johnny = self::$johnny;
$account = AccountTestHelper::createAccountByNameForOwner('Second Account', $super);
Yii::app()->jobQueue->deleteAll();
sleep(1);
$group = new Group();
$group->name = 'Group2';
$this->assertTrue($group->save());
$group->users->add($johnny);
$this->assertTrue($group->save());
$account->addPermissions($group, Permission::READ);
$this->assertTrue($account->save());
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
AllPermissionsOptimizationCache::forgetAll();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccountFromBuildTable', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($jobBasedOnBuildTable->run());
// Check if everything is added correctly
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']);
// Remove user from group
//$group->users->remove($johnny);
//$this->assertTrue($group->save());
$form = new GroupUserMembershipForm();
$fakePostData = array('userMembershipData' => array(), 'userNonMembershipData' => array());
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group);
$this->assertTrue($saved);
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($job->run());
// Because user is added to group, and group have read access to account, this account should be in
// read permission table for user
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_DELETE, $rows[1]['subscriptiontype']);
// Now add user to group again and test
//$group->users->add($johnny);
//$this->assertTrue($group->save());
// We need to add user to group using GroupUserMembershipForm, so ReadPermissionsSubscriptionUtil::userAddedToGroup(); will be triggered
$form = new GroupUserMembershipForm();
$fakePostData = array('userMembershipData' => array(0 => $johnny->id), 'userNonMembershipData' => array());
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group);
$this->assertTrue($saved);
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($job->run());
// Because user is added to group, and group have read access to account, this account should be in
// read permission table for user
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']);
}
/**
* @depends testMakeFormFromGroup
*/
public function testSetFormFromPostAndSetMembership()
{
$bill = User::getByUsername('billy');
$jim = User::getByUsername('jimmy');
$fakePostData = array('userMembershipData' => array(0 => $bill->id), 'userNonMembershipData' => array(0 => $jim->id));
$form = new GroupUserMembershipForm();
$this->assertEmpty($form->userMembershipData);
$this->assertEmpty($form->userNonMembershipData);
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$compare1 = array($bill->id => strval($bill));
$this->assertEquals($compare1, $form->userMembershipData);
$this->assertEquals(null, $form->userNonMembershipData);
$group = Group::getByName('JJJ');
$this->assertEquals('JJJ', $group->name);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group);
$this->assertTrue($saved);
$group->forget();
$group = Group::getByName('JJJ');
$this->assertEquals(1, $group->users->count());
$this->assertEquals(0, $group->groups->count());
$fakePostData = array('userMembershipData' => array(0 => $bill->id, 1 => $jim->id), 'userNonMembershipData' => array());
$form = new GroupUserMembershipForm();
$this->assertEmpty($form->userMembershipData);
$this->assertEmpty($form->userNonMembershipData);
$form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData);
$compare1 = array($bill->id => strval($bill), $jim->id => strval($jim));
$this->assertEquals($compare1, $form->userMembershipData);
$group = Group::getByName('JJJ');
$this->assertEquals('JJJ', $group->name);
$saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group);
$this->assertTrue($saved);
$group->forget();
$group = Group::getByName('JJJ');
$this->assertEquals(2, $group->users->count());
$this->assertEquals(0, $group->groups->count());
}
