public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
SecurityTestHelper::createSuperAdmin();
$nobody = UserTestHelper::createBasicUser('nobody');
$nobody->setRight('MarketingListsModule', MarketingListsModule::getAccessRight());
$saved = $nobody->save();
static::assertTrue($saved);
Yii::app()->user->userModel = $nobody;
//Setup test data owned by the super user.
$account = AccountTestHelper::createAccountByNameForOwner('nobodyAccount', $nobody);
$marketingList1 = MarketingListTestHelper::createMarketingListByName('MarketingList1', 'MarketingList Description1');
$marketingList2 = MarketingListTestHelper::createMarketingListByName('MarketingList2', 'MarketingList Description2');
for ($i = 0; $i < 17; $i++) {
if ($i % 2) {
$unsubscribed = 0;
} else {
$unsubscribed = 1;
}
$contact1 = ContactTestHelper::createContactWithAccountByNameForOwner('nobodyContact1' . $i, $nobody, $account);
$contact2 = ContactTestHelper::createContactWithAccountByNameForOwner('nobodyContact2' . $i, $nobody, $account);
MarketingListMemberTestHelper::createMarketingListMember($unsubscribed, $marketingList1, $contact1);
MarketingListMemberTestHelper::createMarketingListMember($unsubscribed, $marketingList2, $contact2);
}
AllPermissionsOptimizationUtil::rebuild();
}
protected function getMenuItems()
{
$items = array();
if (RightsUtil::doesUserHaveAllowByRightName('MarketingListsModule', MarketingListsModule::getCreateRight(), Yii::app()->user->userModel)) {
$items[] = array('label' => Zurmo::t('MarketingListsModule', 'Create List'), 'url' => Yii::app()->createUrl('marketingLists/default/create'));
return $items;
}
return null;
}
public function testRegularUserAllDefaultControllerActions()
{
MarketingListTestHelper::createMarketingListByName('MarketingListName02', 'MarketingList Description', 'first', '*****@*****.**');
$campaign = CampaignTestHelper::createCampaign('campaign02', 'campaign subject 02', 'text content for campaign 02', 'html content for campaign 02', 'fromCampaign', '*****@*****.**');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/index');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/list');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/create');
$this->setGetArray(array('id' => $campaign->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/edit');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/details');
$this->resetGetArray();
$this->user->setRight('CampaignsModule', CampaignsModule::getAccessRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default');
$this->assertContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->user->setRight('MarketingListsModule', MarketingListsModule::getAccessRight());
$this->user->setRight('EmailTemplatesModule', EmailTemplatesModule::getAccessRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/index');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/list');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->setGetArray(array('id' => $campaign->id));
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/details');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/details');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->resetGetArray();
$this->user->setRight('CampaignsModule', CampaignsModule::getCreateRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/create');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->setGetArray(array('id' => $campaign->id));
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/details');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->resetGetArray();
$this->user->setRight('CampaignsModule', CampaignsModule::getCreateRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/create');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->setGetArray(array('id' => $campaign->id));
$content = $this->runControllerWithNoExceptionsAndGetContent('campaigns/default/edit');
$this->assertNotContains('<p>To manage campaigns you must have access to email templates and ' . 'marketing lists. Contact the CRM administrator about this issue.</p>', $content);
$this->user->setRight('CampaignsModule', CampaignsModule::getDeleteRight());
$this->assertTrue($this->user->save());
$this->runControllerWithRedirectExceptionAndGetUrl('campaigns/default/delete');
$this->setGetArray(array('id' => static::$campaignOwnedBySuper->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/edit');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/details');
$this->runControllerShouldResultInAccessFailureAndGetContent('campaigns/default/delete');
}
public function testRegularUserActionsWithMarketingListRightButInsufficientPermission()
{
$this->user->setRight('MarketingListsModule', MarketingListsModule::getAccessRight());
$this->assertTrue($this->user->save());
$this->setGetArray(array('marketingListId' => static::$superUserMarketingListId, 'redirectUrl' => 'http://www.zurmo.com/'));
$content = $this->runControllerWithExitExceptionAndGetContent('autoresponders/default/create');
$this->assertContains('You have tried to access a page you do not have access to.', $content);
$this->setGetArray(array('id' => static::$superUserAutoresponderId, 'redirectUrl' => 'http://www.zurmo.com/'));
$content = $this->runControllerWithExitExceptionAndGetContent('autoresponders/default/edit');
$this->assertContains('You have tried to access a page you do not have access to.', $content);
$content = $this->runControllerWithExitExceptionAndGetContent('autoresponders/default/details');
$this->assertContains('You have tried to access a page you do not have access to.', $content);
$content = $this->runControllerWithExitExceptionAndGetContent('autoresponders/default/delete');
$this->assertContains('You have tried to access a page you do not have access to.', $content);
}
public function render()
{
$items = array();
if (RightsUtil::doesUserHaveAllowByRightName('MarketingListsModule', MarketingListsModule::getCreateRight(), Yii::app()->user->userModel)) {
$items[] = array('label' => Zurmo::t('MarketingListsModule', 'Create List'), 'url' => Yii::app()->createUrl('marketingLists/default/create'));
}
if (RightsUtil::doesUserHaveAllowByRightName('EmailTemplatesModule', EmailTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) {
$items[] = array('label' => Zurmo::t('EmailTemplatesModule', 'Create Template'), 'url' => Yii::app()->createUrl('emailTemplates/default/create', array('type' => EmailTemplate::TYPE_CONTACT)));
}
if (RightsUtil::doesUserHaveAllowByRightName('CampaignsModule', CampaignsModule::getCreateRight(), Yii::app()->user->userModel)) {
$items[] = array('label' => Zurmo::t('CampaignsModule', 'Create Campaign'), 'url' => Yii::app()->createUrl('campaigns/default/create'));
}
if (!empty($items)) {
$menuItems = array('label' => $this->getLabel(), 'url' => null, 'items' => $items);
$cClipWidget = new CClipWidget();
$cClipWidget->beginClip("ActionMenu");
$cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('id' => get_class($this)), 'items' => array($menuItems)));
$cClipWidget->endClip();
return $cClipWidget->getController()->clips['ActionMenu'];
}
return null;
}
protected function resolveConfirmAlertInHtmlOptions($htmlOptions)
{
$htmlOptions['confirm'] = Zurmo::t('Core', 'Are you sure you want to delete this {modelLabel}?', array('{modelLabel}' => MarketingListsModule::getModuleLabelByTypeAndLanguage('SingularLowerCase')));
return $htmlOptions;
}
public function testRegularUserAllDefaultControllerActions()
{
$marketingList = MarketingListTestHelper::createMarketingListByName('MarketingListName 01', 'MarketingListDescription 01');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/index');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/list');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/create');
$this->setGetArray(array('id' => $marketingList->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/edit');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/details');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/getInfoToCopyToCampaign');
$this->setGetArray(array('term' => 'inexistant'));
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/autoComplete');
$this->setGetArray(array('modalTransferInformation' => array('sourceIdFieldId' => 'Campaign_marketingList_id', 'sourceNameFieldId' => 'Campaign_marketingList_name', 'modalId' => 'modalContainer-edit-form')));
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/modalList');
$this->resetGetArray();
$this->user->setRight('MarketingListsModule', MarketingListsModule::getAccessRight());
$this->assertTrue($this->user->save());
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default');
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/index');
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/list');
$this->setGetArray(array('term' => 'inexistant'));
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/autoComplete');
$this->setGetArray(array('id' => $marketingList->id));
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/getInfoToCopyToCampaign');
$this->setGetArray(array('modalTransferInformation' => array('sourceIdFieldId' => 'Campaign_marketingList_id', 'sourceNameFieldId' => 'Campaign_marketingList_name', 'modalId' => 'modalContainer-edit-form')));
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/modalList');
$this->setGetArray(array('id' => $marketingList->id));
$content = $this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/details');
$this->assertContains('<p>To manage Marketing Lists you must have access to either contacts' . ' or leads. Contact the CRM administrator about this issue.</p>', $content);
$this->resetGetArray();
$this->user->setRight('MarketingListsModule', MarketingListsModule::getCreateRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/create');
$this->assertContains('<p>To manage Marketing Lists you must have access to either contacts' . ' or leads. Contact the CRM administrator about this issue.</p>', $content);
$this->user->setRight('ContactsModule', ContactsModule::getAccessRight());
$this->user->setRight('LeadsModule', LeadsModule::getAccessRight());
$this->assertTrue($this->user->save());
$this->setGetArray(array('id' => $marketingList->id));
$content = $this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/details');
$this->assertNotContains('<p>To manage Marketing Lists you must have access to either contacts' . ' or leads. Contact the CRM administrator about this issue.</p>', $content);
$this->resetGetArray();
$this->user->setRight('MarketingListsModule', MarketingListsModule::getCreateRight());
$this->assertTrue($this->user->save());
$content = $this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/create');
$this->assertNotContains('<p>To manage Marketing Lists you must have access to either contacts' . ' or leads. Contact the CRM administrator about this issue.</p>', $content);
$this->setGetArray(array('id' => $marketingList->id));
$this->runControllerWithNoExceptionsAndGetContent('marketingLists/default/edit');
$this->user->setRight('MarketingListsModule', MarketingListsModule::getDeleteRight());
$this->assertTrue($this->user->save());
$this->runControllerWithRedirectExceptionAndGetUrl('marketingLists/default/delete');
$this->setGetArray(array('id' => static::$listOwnedBySuper->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/edit');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/details');
$this->runControllerShouldResultInAccessFailureAndGetContent('marketingLists/default/delete');
}
/**
* Expected exception due to subscribeContacts with no access for contacts and leads.
* @expectedException PartialRightsForReportSecurityException
*/
public function testRegularUserActionsWithMarketingListRightButInsufficientPermission()
{
$this->user->setRight('MarketingListsModule', MarketingListsModule::getAccessRight());
$this->assertTrue($this->user->save());
$this->setGetArray(array('id' => static::$superUserMemberId));
$content = $this->runControllerWithExitExceptionAndGetContent('marketingLists/defaultPortlet/toggleUnsubscribed');
$this->assertTrue(strpos($content, 'You have tried to access a page you do not have access to.') !== false);
$content = $this->runControllerWithExitExceptionAndGetContent('marketingLists/defaultPortlet/delete');
$this->assertTrue(strpos($content, 'You have tried to access a page you do not have access to.') !== false);
$this->setGetArray(array('marketingListId' => static::$superUserMarketingListId));
$content = $this->runControllerWithExitExceptionAndGetContent('marketingLists/defaultPortlet/countMembers');
$this->assertTrue(strpos($content, 'You have tried to access a page you do not have access to.') !== false);
$type = 'contact';
$account = AccountTestHelper::createAccountByNameForOwner('account2', $this->user);
$contact7 = ContactTestHelper::createContactWithAccountByNameForOwner('contact7', $this->user, $account);
$this->setGetArray(array('marketingListId' => static::$superUserMarketingListId, 'id' => $contact7->id, 'type' => $type));
$content = $this->runControllerWithExitExceptionAndGetContent('marketingLists/defaultPortlet/subscribeContacts');
$this->assertTrue(strpos($content, 'You have tried to access a page you do not have access to.') !== false);
$type = 'report';
$report = SavedReportTestHelper::makeSimpleContactRowsAndColumnsReport();
$this->setGetArray(array('marketingListId' => static::$superUserMarketingListId, 'id' => $report->id, 'type' => $type));
$content = $this->runControllerWithExitExceptionAndGetContent('marketingLists/defaultPortlet/subscribeContacts');
$this->assertTrue(strpos($content, 'You have tried to access a page you do not have access to.') !== false);
}