/** * Retrieve groups as 'view all contacts' */ public function testGroupListAccessCiviCRM() { $this->setPermissionAndRequest('access CiviCRM'); $permissionClause = CRM_Contact_BAO_Group::getPermissionClause(TRUE); $this->assertEquals('1 = 0', $permissionClause); list($groups, $total) = CRM_Group_Page_AJAX::getGroupList(); $this->assertEquals(0, count($groups)); $this->assertEquals(0, $total, 'Total returned should be accurate based on permissions'); }
/** * Set the permissions to the supplied array. * * @param array $permissions */ protected function setPermissions($permissions) { CRM_Core_Config::singleton()->userPermissionClass->permissions = $permissions; $this->flushFinancialTypeStatics(); CRM_Contact_BAO_Group::getPermissionClause(TRUE); }
/** * Retrieve groups as 'view all contacts' */ public function testGroupListAccessCiviCRM() { $this->setPermissionAndRequest('access CiviCRM'); $permissionClause = CRM_Contact_BAO_Group::getPermissionClause(TRUE); $this->assertEquals('1 = 0', $permissionClause); $params = $this->_params; $groups = CRM_Contact_BAO_Group::getGroupListSelector($params); $this->assertEquals(0, count($groups['data'])); $this->assertEquals(0, $groups['recordsTotal'], 'Total returned should be accurate based on permissions'); }
/** * Set up an acl allowing contact to see 2 specified groups * - $this->_permissionedGroup & $this->_permissionedDisabledGroup * * You need to have pre-created these groups & created the user e.g * $this->createLoggedInUser(); * $this->_permissionedDisabledGroup = $this->groupCreate(array('title' => 'pick-me-disabled', 'is_active' => 0, 'name' => 'pick-me-disabled')); * $this->_permissionedGroup = $this->groupCreate(array('title' => 'pick-me-active', 'is_active' => 1, 'name' => 'pick-me-active')); */ public function setupACL($isProfile = FALSE) { global $_REQUEST; $_REQUEST = $this->_params; CRM_Core_Config::singleton()->userPermissionClass->permissions = array('access CiviCRM'); $optionGroupID = $this->callAPISuccessGetValue('option_group', array('return' => 'id', 'name' => 'acl_role')); $optionValue = $this->callAPISuccess('option_value', 'create', array('option_group_id' => $optionGroupID, 'label' => 'pick me', 'value' => 55)); CRM_Core_DAO::executeQuery("\n TRUNCATE civicrm_acl_cache\n "); CRM_Core_DAO::executeQuery("\n TRUNCATE civicrm_acl_contact_cache\n "); CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl_entity_role (\n `acl_role_id`, `entity_table`, `entity_id`, `is_active`\n ) VALUES (55, 'civicrm_group', {$this->_permissionedGroup}, 1);\n "); if ($isProfile) { CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_acl_role', 55, 'Edit', 'civicrm_uf_group', 0, 1\n );\n "); } else { CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_group', {$this->_permissionedGroup} , 'Edit', 'civicrm_saved_search', {$this->_permissionedGroup}, 1\n );\n "); CRM_Core_DAO::executeQuery("\n INSERT INTO civicrm_acl (\n `name`, `entity_table`, `entity_id`, `operation`, `object_table`, `object_id`, `is_active`\n )\n VALUES (\n 'view picked', 'civicrm_group', {$this->_permissionedGroup}, 'Edit', 'civicrm_saved_search', {$this->_permissionedDisabledGroup}, 1\n );\n "); } $this->_loggedInUser = CRM_Core_Session::singleton()->get('userID'); $this->callAPISuccess('group_contact', 'create', array('group_id' => $this->_permissionedGroup, 'contact_id' => $this->_loggedInUser)); if (!$isProfile) { //flush cache CRM_ACL_BAO_Cache::resetCache(); CRM_Contact_BAO_Group::getPermissionClause(TRUE); CRM_ACL_API::groupPermission('whatever', 9999, NULL, 'civicrm_saved_search', NULL, NULL, TRUE); } }