/**
* Retrieve groups as 'view all contacts'
*/
public function testGroupListAccessCiviCRM()
{
$this->setPermissionAndRequest('access CiviCRM');
$permissionClause = CRM_Contact_BAO_Group::getPermissionClause(TRUE);
$this->assertEquals('1 = 0', $permissionClause);
list($groups, $total) = CRM_Group_Page_AJAX::getGroupList();
$this->assertEquals(0, count($groups));
$this->assertEquals(0, $total, 'Total returned should be accurate based on permissions');
}
/**
* Set the permissions to the supplied array.
*
* @param array $permissions
*/
protected function setPermissions($permissions)
{
CRM_Core_Config::singleton()->userPermissionClass->permissions = $permissions;
$this->flushFinancialTypeStatics();
CRM_Contact_BAO_Group::getPermissionClause(TRUE);
}
/**
* Retrieve groups as 'view all contacts'
*/
public function testGroupListAccessCiviCRM()
{
$this->setPermissionAndRequest('access CiviCRM');
$permissionClause = CRM_Contact_BAO_Group::getPermissionClause(TRUE);
$this->assertEquals('1 = 0', $permissionClause);
$params = $this->_params;
$groups = CRM_Contact_BAO_Group::getGroupListSelector($params);
$this->assertEquals(0, count($groups['data']));
$this->assertEquals(0, $groups['recordsTotal'], 'Total returned should be accurate based on permissions');
}
/**
* Set up an acl allowing contact to see 2 specified groups
* - $this->_permissionedGroup & $this->_permissionedDisabledGroup
*
* You need to have pre-created these groups & created the user e.g
* $this->createLoggedInUser();
* $this->_permissionedDisabledGroup = $this->groupCreate(array('title' => 'pick-me-disabled', 'is_active' => 0, 'name' => 'pick-me-disabled'));
* $this->_permissionedGroup = $this->groupCreate(array('title' => 'pick-me-active', 'is_active' => 1, 'name' => 'pick-me-active'));
*/
public function setupACL($isProfile = FALSE)
{
global $_REQUEST;
$_REQUEST = $this->_params;
CRM_Core_Config::singleton()->userPermissionClass->permissions = array('access CiviCRM');
$optionGroupID = $this->callAPISuccessGetValue('option_group', array('return' => 'id', 'name' => 'acl_role'));
$optionValue = $this->callAPISuccess('option_value', 'create', array('option_group_id' => $optionGroupID, 'label' => 'pick me', 'value' => 55));
CRM_Core_DAO::executeQuery("\n TRUNCATE civicrm_acl_cache\n ");
CRM_Core_DAO::executeQuery("\n TRUNCATE civicrm_acl_contact_cache\n ");
CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl_entity_role (\n `acl_role_id`, `entity_table`, `entity_id`, `is_active`\n ) VALUES (55, 'civicrm_group', {$this->_permissionedGroup}, 1);\n ");
if ($isProfile) {
CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_acl_role', 55, 'Edit', 'civicrm_uf_group', 0, 1\n );\n ");
} else {
CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_group', {$this->_permissionedGroup} , 'Edit', 'civicrm_saved_search', {$this->_permissionedGroup}, 1\n );\n ");
CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_group', {$this->_permissionedGroup}, 'Edit', 'civicrm_saved_search', {$this->_permissionedDisabledGroup}, 1\n );\n ");
}
$this->_loggedInUser = CRM_Core_Session::singleton()->get('userID');
$this->callAPISuccess('group_contact', 'create', array('group_id' => $this->_permissionedGroup, 'contact_id' => $this->_loggedInUser));
if (!$isProfile) {
//flush cache
CRM_ACL_BAO_Cache::resetCache();
CRM_Contact_BAO_Group::getPermissionClause(TRUE);
CRM_ACL_API::groupPermission('whatever', 9999, NULL, 'civicrm_saved_search', NULL, NULL, TRUE);
}
}
