/** * Utilized to create or update model attribute values after a workflow's triggers are fired as true. * Currently only works with creating new and creating new related models. Not designed to support updating * existing models. * @param WorkflowActionProcessingModelAdapter $adapter * @param $attribute * @throws FailedToResolveExplicitReadWriteModelPermissionsException * @throws NotSupportedException */ public function resolveValueAndSetToModel(WorkflowActionProcessingModelAdapter $adapter, $attribute) { assert('is_string($attribute)'); if ($adapter->getModel()->id < 0) { throw new NotSupportedException(); } if ($this->type == self::TYPE_DYNAMIC_SAME_AS_TRIGGERED_MODEL) { $triggeredModel = $adapter->getTriggeredModel(); if (null == ($explicitReadWriteModelPermissions = $triggeredModel->getExplicitReadWriteModelPermissionsForWorkflow())) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getTriggeredModel()); } } elseif ($this->type == self::TYPE_DYNAMIC_OWNER) { //Do nothing, by default this will take. return; } elseif ($this->type == self::TYPE_DYNAMIC_EVERYONE_GROUP) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel()); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); } else { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($adapter->getModel()); try { $group = Group::getById((int) $this->type); $explicitReadWriteModelPermissions->addReadWritePermitable($group); } catch (NotFoundException $e) { //todo: handle exception better return; } } $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($adapter->getModel(), $explicitReadWriteModelPermissions); if (!$success) { throw new FailedToResolveExplicitReadWriteModelPermissionsException(); } }
/** * @param RedBeanModel $model * @param User $triggeredByUser * @return array */ public function makeRecipients(RedBeanModel $model, User $triggeredByUser) { try { $group = Group::getById((int) $this->groupId); } catch (NotFoundException $e) { return array(); } if ($group->name == Group::EVERYONE_GROUP_NAME) { $users = User::getByCriteria(true, null); } else { $users = $group->users; } $recipients = array(); foreach ($users as $user) { if ($user->primaryEmail->emailAddress != null) { $recipient = new EmailMessageRecipient(); $recipient->toAddress = $user->primaryEmail->emailAddress; $recipient->toName = strval($user); $recipient->type = $this->audienceType; $recipient->personsOrAccounts->add($user); $recipients[] = $recipient; } else { $this->createWorkflowTriggerUserPrimaryEmailAddressRequiredNotificationForUser($user); } } return $recipients; }
/** * @param RedBeanModel $model * @param User $triggeredByUser * @return array */ public function makeRecipients(RedBeanModel $model, User $triggeredByUser) { try { $group = Group::getById((int) $this->groupId); } catch (NotFoundException $e) { return array(); } $recipients = array(); foreach ($group->users as $user) { if ($user->primaryEmail->emailAddress != null) { $recipient = new EmailMessageRecipient(); $recipient->toAddress = $user->primaryEmail->emailAddress; $recipient->toName = strval($user); $recipient->type = $this->audienceType; $recipient->personOrAccount = $user; $recipients[] = $recipient; } } return $recipients; }
function editGroup() { global $lang; $page_lang = scandir('inc/lang/' . $_SESSION['language']); foreach ($page_lang as $file) { if ($file != '.' && $file != '..') { $parts = explode(".", $file); $page = $parts[0]; if ($page == 'group') { $page_file = $file; } } } include_once 'inc/lang/' . $_SESSION['language'] . '/' . $page_file; if ($_SESSION['access']->users > 1) { $results = array(); $results['formAction'] = "editGroup"; if (isset($_POST['saveChanges'])) { // User has posted the group edit form: save the group changes if (!($group = Group::getById((int) $_GET['editId']))) { header("Location: index.php?action=listUser&error=groupNotFound"); return; } $group = new Group(); $group->storeFormValues($_POST); $group->update(); header("Location: index.php?action=listUser&success=groupChangesSaved"); } elseif (isset($_POST['cancel'])) { // User has cancelled their edits: return to the group list header("Location: index.php?action=listUser"); } else { // User has not submitted the group edit form: display the group edit form $results['group'] = Group::getById((int) $_GET['groupId']); require "inc/layout/editGroup.php"; } } else { require "inc/layout/noAccess.php"; } }
/** * Given post data, which would be coming most likely from the ExplicitReadWriteModelPermissionsElement, * transform the post data into a ExplicitReadWriteModelPermissions object. If the post data contains a 'type' * value that is not supported, an exception is thrown. * @param array $postData * @see ExplicitReadWriteModelPermissionsElement */ public static function makeByPostData($postData) { assert('is_array($postData)'); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); if ($postData['type'] == null) { return $explicitReadWriteModelPermissions; } elseif ($postData['type'] == ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP) { $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getByName(Group::EVERYONE_GROUP_NAME)); return $explicitReadWriteModelPermissions; } elseif ($postData['type'] == ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP) { assert('isset($postData["nonEveryoneGroup"])'); $explicitReadWriteModelPermissions->addReadWritePermitable(Group::getById((int) $postData["nonEveryoneGroup"])); return $explicitReadWriteModelPermissions; } else { throw new NotSupportedException(); } }
public function actionEditPolicies($id) { $group = Group::getById(intval($id)); $title = Zurmo::t('ZurmoModule', 'Policies'); $breadcrumbLinks = array(strval($group) => array('group/' . static::resolveBreadCrumbActionByGroup($group), 'id' => $id), $title); $data = PoliciesUtil::getAllModulePoliciesDataByPermitable($group); $policiesForm = PoliciesFormUtil::makeFormFromPoliciesData($data); $postVariableName = get_class($policiesForm); if (isset($_POST[$postVariableName])) { $castedPostData = PoliciesFormUtil::typeCastPostData($_POST[$postVariableName]); $policiesForm = PoliciesFormUtil::loadFormFromCastedPost($policiesForm, $castedPostData); if ($policiesForm->validate()) { if (PoliciesFormUtil::setPoliciesFromCastedPost($castedPostData, $group)) { $this->clearCaches(); Yii::app()->user->setFlash('notification', Zurmo::t('ZurmoModule', 'Policies Saved Successfully.')); $this->redirect(array($this->getId() . '/details', 'id' => $group->id)); Yii::app()->end(0, false); } } } $metadata = PoliciesEditViewUtil::resolveMetadataFromData($policiesForm->data, PoliciesEditAndDetailsView::getMetadata()); $titleBarAndEditView = new GroupActionBarAndSecurityEditView($this->getId(), $this->getModule()->getId(), $policiesForm, $group, $this->getModule()->getPluralCamelCasedName(), $metadata, 'PoliciesEditAndDetailsView', 'GroupPoliciesEditLink'); $view = new GroupsPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $titleBarAndEditView, $breadcrumbLinks, 'GroupBreadCrumbView')); echo $view->render(); }
} else { $now = time(); // checking the time now when home page starts if ($now > $_SESSION['sessionExpire']) { session_destroy(); $_SESSION['oldURL'] = isset($_GET['action']) ? 'index.php?action=' . $_GET['action'] : ''; if ($_SERVER['REQUEST_URI'] != 'login.php' && $_SERVER['REQUEST_URI'] != $_SESSION['oldURL']) { $_SESSION['oldURL'] = $_SERVER['REQUEST_URI']; } header("Location: login.php?action=sessionExpired"); } else { $_SESSION['sessionStart'] = time(); $_SESSION['sessionExpire'] = $_SESSION['sessionStart'] + sessionExpire * 60; } } // include class files require_once 'inc/class/Content.class.php'; require_once 'inc/class/Group.class.php'; require_once 'inc/class/Setting.class.php'; require_once 'inc/class/User.class.php'; // get user group access and set it into session $_SESSION['access'] = Group::getById(User::getGroupID($_SESSION['authuser'])); // add any rci class logic needed for addons echo $gns_admin_RCI->get('class', 'add', false); if (!strpos($_SERVER['REQUEST_URI'], 'index.php') && !strpos($_SERVER['REQUEST_URI'], 'search.php')) { header("Location: index.php?action=dashboard"); } // get action $action = isset($_GET['action']) ? $_GET['action'] : ''; $page_title = ''; echo $gns_admin_RCI->get('top', 'add', false);
<script> // access sliders var allowedAccessValues = { 0: true, 1: true, 2: true, 3: true, 4: true }; </script> <?php $results['group'] = Group::getById((int) $_GET['groupId']); foreach ($results['group'] as $group => $val) { if ($group != 'id' && $group != 'title' && $group != 'status') { if ($results['group']->{$group} == 4) { $slider = '100'; } else { if ($results['group']->{$group} == 3) { $slider = '75'; } else { if ($results['group']->{$group} == 2) { $slider = '50'; } else { if ($results['group']->{$group} == 1) { $slider = '25'; } else { if ($results['group']->{$group} == 0) { $slider = '0'; } }
$(document).ready(function(){ // tabs $('#listUsersTab a:first').tab('show'); $('#listUsersTab a').click(function (e) { e.preventDefault(); $(this).tab('show'); }); $('#listGroupsTab a:first').tab('show'); $('#listGroupsTab a').click(function (e) { e.preventDefault(); $(this).tab('show'); }); }); </script> <?php $results['group'] = Group::getById(1); foreach ($results['group'] as $group => $val) { if ($group != 'id' && $group != 'title' && $group != 'status' && $group != 'dashboard') { ?> <script> $(document).ready(function() { $("#accessSlider<?php echo ucfirst($group); ?> ").slider({ range: true, max: 4, slide: function(event, ui) { if (!allowedAccessValues[ui.value]) return false; }, change: function(event, ui){
protected function beforeSave() { if (parent::beforeSave()) { if (isset($this->originalAttributeValues['group']) && $this->originalAttributeValues['group'][1] > 0) { //copy to new object, so we can populate the old parent group as the related group. //otherwise it gets passed by reference. We need the old $this->group information to properly //utilize the groupBeingRemovedFromGroup method. $group = unserialize(serialize($this)); $group->group = Group::getById($this->originalAttributeValues['group'][1]); ReadPermissionsOptimizationUtil::groupBeingRemovedFromGroup($group); assert('$this->originalAttributeValues["group"][1] != $this->group->id'); } return true; } else { return false; } }
print_r($chatGroups); for ($i = 0; $i < sizeOf($chatGroups); $i++) { if ($chatGroups[$i]['group2Id'] != $_SESSION['groupId']) { echo Group::getById($chatGroups[$i]['group2Id'])->name; ?> <form name="chat_group" action="main.php?action=chat" method="POST" enctype="multipart/form-data"> <input type="text" name ="groupId1" value="<?php print_r($chatGroups[$i]['group2Id']); ?> " > <input type="submit" name="group" value="chat" > </form> <?php } else { echo Group::getById($chatGroups[$i]['group1Id'])->name; ?> <form name="chat_group" action="main.php?action=chat" method="POST" enctype="multipart/form-data"> <input type="text" name ="groupId1" value="<?php print_r($chatGroups[$i]['group1Id']); ?> " > <input type="submit" name="group" value="Chat" > </form> <?php } } } echo "Questions:"; $questions = Question::getList();
case 'mine': $response = Group::getMine(); break; case 'toplist': $response = Group::getTopList($_POST['gid'], $_POST['limit']); break; case 'contributors': $params[1] = count($params) >= 2 ? $params[1] : null; $response = Group::getContributors($params[1]); break; case 'overview': $response = Group::getOverview($_POST['gid']); break; default: if (is_numeric($params[0])) { $response = Group::getById($params[0]); } } break; case 'setmod': $response = Group::setModerator($_POST['gid'], $_POST['uid'], $_POST['mod']); break; } break; case 'question': switch ($action) { case 'add': $_POST['question'] = array_key_exists('question', $_POST) ? $_POST['question'] : ''; $_POST['correct'] = array_key_exists('correct', $_POST) ? $_POST['correct'] : null; $_POST['answer-explanation'] = array_key_exists('answer-explanation', $_POST) ? $_POST['answer-explanation'] : ''; $alternatives = array();
public function testRemoveAllPermissions() { $accounts = Account::getAll(); $this->assertTrue(count($accounts) >= 2); $account1 = $accounts[0]; $account2 = $accounts[1]; $user = User::getByUsername('bobby'); $group = Group::getByName('Sales Staff'); $this->assertTrue($group->contains($user)); $everyone = Group::getByName(Group::EVERYONE_GROUP_NAME); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($user)); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($group)); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($everyone)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($user)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($group)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($everyone)); $account1->addPermissions($user, Permission::READ); $account1->addPermissions($group, Permission::WRITE); $account1->addPermissions($everyone, Permission::DELETE); $this->assertTrue($account1->save()); $account2->addPermissions($user, Permission::WRITE); $account2->addPermissions($group, Permission::CHANGE_OWNER); $account2->addPermissions($everyone, Permission::READ); $this->assertTrue($account2->save()); $this->assertEquals(Permission::READ | Permission::WRITE | Permission::DELETE, $account1->getEffectivePermissions($user)); $this->assertEquals(Permission::WRITE | Permission::DELETE, $account1->getEffectivePermissions($group)); $this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($everyone)); $this->assertEquals(Permission::READ | Permission::WRITE | Permission::CHANGE_OWNER, $account2->getEffectivePermissions($user)); $this->assertEquals(Permission::READ | Permission::CHANGE_OWNER, $account2->getEffectivePermissions($group)); $this->assertEquals(Permission::READ, $account2->getEffectivePermissions($everyone)); $account1Id = $account1->id; $account2Id = $account2->id; $userId = $user->id; $groupId = $group->id; Permission::removeForPermitable($group); unset($account1); unset($account2); unset($user); unset($group); unset($everyone); RedBeanModel::forgetAll(); $account1 = Account::getById($account1Id); $account2 = Account::getById($account2Id); $user = User::getById($userId); $group = Group::getById($groupId); $everyone = Group::getByName(Group::EVERYONE_GROUP_NAME); $this->assertEquals(Permission::READ | Permission::DELETE, $account1->getEffectivePermissions($user)); $this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($group)); $this->assertEquals(Permission::DELETE, $account1->getEffectivePermissions($everyone)); $this->assertEquals(Permission::READ | Permission::WRITE, $account2->getEffectivePermissions($user)); $this->assertEquals(Permission::READ, $account2->getEffectivePermissions($group)); $this->assertEquals(Permission::READ, $account2->getEffectivePermissions($everyone)); unset($account1); unset($account2); unset($user); unset($group); unset($everyone); RedBeanModel::forgetAll(); Permission::removeAll(); $account1 = Account::getById($account1Id); $account2 = Account::getById($account2Id); $user = User::getById($userId); $group = Group::getById($groupId); $everyone = Group::getByName(Group::EVERYONE_GROUP_NAME); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($user)); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($group)); $this->assertEquals(Permission::NONE, $account1->getEffectivePermissions($everyone)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($user)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($group)); $this->assertEquals(Permission::NONE, $account2->getEffectivePermissions($everyone)); }
function date_req() { if (isset($_SESSION['groupId'])) { echo "date requests for this group:<br>"; // date requests for group which has been selected $dateRequests = DateRequest::getByUserId($_SESSION['userId'], $_SESSION['groupId']); $a = sizeof($dateRequests); for ($i = 0; $i < $a; $i++) { $group = Group::getById($dateRequests[$i]["sentById"]); echo "date request from " . $group->name . "<br>"; echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>"; echo "<a href='/backend/main.php?action=acceptDateRequest&id=" . $dateRequests[$i]["id"] . "'>accept</a>    "; echo "<a href='/backend/main.php?action=declineDateRequest&id=" . $dateRequests[$i]["id"] . "'>decline</a><br>"; } echo "accepted date requests:<br>"; // date requests accepted for group which has been selected $dateRequests = DateRequest::getByGroupId($_SESSION['groupId']); if ($dateRequests['0']['status'] == "successful" or $dateRequests['1']['status'] == "successful" or $dateRequests['2']['status'] == "successful") { $group = Group::getById($dateRequests['0']["sentToGroupId"]); echo "your date request was accepted by" . $group->name . "<br>"; echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>"; } } }
public function resolveRecordSharingPerformanceTime($count) { $groupMembers = array(); // create group $this->resetGetArray(); $this->setPostArray(array('Group' => array('name' => "Group {$count}"))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create'); $group = Group::getByName("Group {$count}"); $this->assertNotNull($group); $this->assertEquals("Group {$count}", strval($group)); $group->setRight('ContactsModule', ContactsModule::getAccessRight()); $group->setRight('ContactsModule', ContactsModule::getCreateRight()); $group->setRight('ContactsModule', ContactsModule::getDeleteRight()); $this->assertTrue($group->save()); $groupId = $group->id; $group->forgetAll(); $group = Group::getById($groupId); $this->resetGetArray(); for ($i = 0; $i < $count; $i++) { $username = static::$baseUsername . "_{$i}_of_{$count}"; // Populate group $this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => $username, 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active'))); $this->runControllerWithRedirectExceptionAndGetContent('/users/default/create'); $user = User::getByUsername($username); $this->assertNotNull($user); $groupMembers['usernames'][] = $user->username; $groupMembers['ids'][] = $user->id; } $this->assertCount($count, $groupMembers['ids']); // set user's group $this->setGetArray(array('id' => $groupId)); $this->setPostArray(array('GroupUserMembershipForm' => array('userMembershipData' => $groupMembers['ids']))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/editUserMembership'); $group->forgetAll(); $group = Group::getById($groupId); $this->assertCount($count, $group->users); foreach ($groupMembers['ids'] as $userId) { $user = User::getById($userId); $this->assertEquals($group->id, $user->groups[0]->id); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getAccessRight(), $user)); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getCreateRight(), $user)); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getDeleteRight(), $user)); } $this->clearAllCaches(); // go ahead and create contact with group given readwrite, use group's first member to confirm he has create access $this->logoutCurrentUserLoginNewUserAndGetByUsername($groupMembers['usernames'][0]); $this->resetGetArray(); $startingState = ContactsUtil::getStartingState(); $this->setPostArray(array('Contact' => array('firstName' => 'John', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $groupId)))); $startTime = microtime(true); $url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create'); $timeTakenForSave = microtime(true) - $startTime; $johnDoeContactId = intval(substr($url, strpos($url, 'id=') + 3)); $johnDoeContact = Contact::getById($johnDoeContactId); $this->assertNotNull($johnDoeContact); $this->resetPostArray(); $this->setGetArray(array('id' => $johnDoeContactId)); $content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->assertContains('Who can read and write ' . strval($group), $content); $this->clearAllCaches(); $this->resetPostArray(); // ensure group members have access foreach ($groupMembers['usernames'] as $member) { $user = $this->logoutCurrentUserLoginNewUserAndGetByUsername($member); $this->assertNotNull($user); $this->setGetArray(array('id' => $johnDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); } return $timeTakenForSave; }
public function testArePermissionsFlushedOnRemovingParentFromChildGroup() { // cleanup Contact::deleteAll(); try { $group = Group::getByName('Child'); $group->delete(); } catch (NotFoundException $e) { } try { $user = User::getByUsername('jim'); $user->delete(); } catch (NotFoundException $e) { } // we could have used helpers to do a lot of the following stuff (such as creating users, groups, // etc) but we wanted to mimic user's interaction as closely as possible. Hence using walkthroughs // for everything // create Parent and Child Groups, Create Jim to be member of Child group // create parent group $this->resetGetArray(); $this->setPostArray(array('Group' => array('name' => 'Parent'))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create'); $parentGroup = Group::getByName('Parent'); $this->assertNotNull($parentGroup); $this->assertEquals('Parent', strval($parentGroup)); $parentGroupId = $parentGroup->id; // create child group $this->resetGetArray(); $this->setPostArray(array('Group' => array('name' => 'Child', 'group' => array('id' => $parentGroupId)))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create'); $childGroup = Group::getByName('Child'); $this->assertNotNull($childGroup); $this->assertEquals('Child', strval($childGroup)); $parentGroup->forgetAll(); $parentGroup = Group::getById($parentGroupId); // give child rights for contacts module $childGroup->setRight('ContactsModule', ContactsModule::getAccessRight()); $childGroup->setRight('ContactsModule', ContactsModule::getCreateRight()); $this->assertTrue($childGroup->save()); $childGroupId = $childGroup->id; $childGroup->forgetAll(); $childGroup = Group::getById($childGroupId); $this->assertContains($childGroup, $parentGroup->groups); // create jim's user $this->resetGetArray(); $this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => 'jim', 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active'))); $this->runControllerWithRedirectExceptionAndGetContent('/users/default/create'); $jim = User::getByUsername('jim'); $this->assertNotNull($jim); // set jim's group to child group $this->setGetArray(array('id' => $childGroup->id)); $this->setPostArray(array('GroupUserMembershipForm' => array('userMembershipData' => array($jim->id)))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/editUserMembership'); $jim->forgetAll(); $jim = User::getByUsername('jim'); $this->assertNotNull($jim); $childGroup->forgetAll(); $childGroup = Group::getById($childGroupId); $this->assertContains($childGroup, $jim->groups); // create a contact with permissions to Parent group // create ContactStates ContactsModule::loadStartingData(); // ensure contact states have been created $this->assertEquals(6, count(ContactState::GetAll())); // go ahead and create contact with parent group given readwrite. $startingState = ContactsUtil::getStartingState(); $this->resetGetArray(); $this->setPostArray(array('Contact' => array('firstName' => 'John', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $parentGroupId)))); $url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create'); $johnDoeContactId = intval(substr($url, strpos($url, 'id=') + 3)); $johnDoeContact = Contact::getById($johnDoeContactId); $this->assertNotNull($johnDoeContact); $this->resetPostArray(); $this->setGetArray(array('id' => $johnDoeContactId)); $content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->assertContains('Who can read and write Parent', $content); // create a contact using jim which he would see at all times $this->logoutCurrentUserLoginNewUserAndGetByUsername('jim'); $this->resetGetArray(); $this->setPostArray(array('Contact' => array('firstName' => 'Jim', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id)))); $url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create'); $jimDoeContactId = intval(substr($url, strpos($url, 'id=') + 3)); $jimDoeContact = Contact::getById($jimDoeContactId); $this->assertNotNull($jimDoeContact); $this->resetPostArray(); $this->setGetArray(array('id' => $jimDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); // ensure jim can see that contact everywhere // jim should have access to see contact on list view $this->resetGetArray(); // get the page, ensure the name of contact does show up there. $content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default'); $this->assertContains('John Doe</a></td><td>', $content); $this->assertContains('Jim Doe</a></td><td>', $content); // jim should have access to jimDoeContact's detail view $this->setGetArray(array('id' => $jimDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); // jim should have access to jimDoeContact's edit view $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); // jim should have access to johnDoeContact's detail view $this->setGetArray(array('id' => $johnDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); // jim should have access to johnDoeContact's edit view $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); // unlink Parent group from child $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); $this->setGetArray(array('id' => $childGroupId)); $this->setPostArray(array('Group' => array('name' => 'Child', 'group' => array('id' => '')))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/edit'); $childGroup = Group::getByName('Child'); $this->assertNotNull($childGroup); $this->assertEquals('Child', strval($childGroup)); $parentGroup->forgetAll(); $parentGroup = Group::getById($parentGroupId); $this->assertNotContains($childGroup, $parentGroup->groups); // ensure jim can not see that contact anywhere // jim should not have access to see contact on list view $this->logoutCurrentUserLoginNewUserAndGetByUsername('jim'); $this->resetGetArray(); // get the page, ensure the name of contact does not show up there. $content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default'); $this->assertNotContains('John Doe</a></td><td>', $content); $this->assertContains('Jim Doe</a></td><td>', $content); // jim should have access to jimDoeContact's detail view $this->setGetArray(array('id' => $jimDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); // jim should have access to jimDoeContact's edit view $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); // jim should not have access to johnDoeContact's detail view $this->setGetArray(array('id' => $johnDoeContactId)); try { $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->fail('Accessing details action should have thrown ExitException'); } catch (ExitException $e) { // just cleanup buffer $this->endAndGetOutputBuffer(); } // jim should not have access to johnDoeContact's edit view try { $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); $this->fail('Accessing edit action should have thrown ExitException'); } catch (ExitException $e) { // just cleanup buffer $this->endAndGetOutputBuffer(); } }
/** * @depends testCreateAndGetUserById */ public function testDeleteUserCascadesToDeleteEverythingItShould() { $group = new Group(); $group->name = 'Os mais legais do Rio'; $this->assertTrue($group->save()); $user = new User(); $user->username = '******'; $user->title->value = 'Senhor'; $user->firstName = 'José'; $user->lastName = 'Olivereira'; $user->jobTitle = 'Traficante'; $user->primaryAddress->street1 = 'R. das Mulheres, 69'; $user->primaryAddress->street2 = ''; $user->primaryAddress->city = 'Centro'; $user->primaryAddress->state = 'RJ'; $user->primaryAddress->postalCode = ''; $user->primaryAddress->country = 'Brasil'; $user->primaryEmail->emailAddress = '*****@*****.**'; $user->primaryEmail->optOut = 1; $user->primaryEmail->isInvalid = 0; $user->manager = User::getByUsername('bill'); $user->setPassword('Senhor'); $user->groups->add($group); $user->save(); $this->assertTrue($user->save()); $titleId = $user->title->id; $primaryAddressId = $user->primaryAddress->id; $primaryEmailId = $user->primaryEmail->id; $groupId = $group->id; $user->delete(); unset($user); unset($group); Group::getById($groupId); User::getByUsername('bill'); try { CustomField::getById($titleId); $this->fail("Title should have been deleted."); } catch (NotFoundException $e) { } try { Address::getById($primaryAddressId); $this->fail("Address should have been deleted."); } catch (NotFoundException $e) { } try { Email::getById($primaryEmailId); $this->fail("Email should have been deleted."); } catch (NotFoundException $e) { } }
public function actionUsersInGroupModalList($id) { $model = Group::getById((int) $id); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($model); $searchAttributeData = UsersByModelModalListControllerUtil::makeModalSearchAttributeDataByModel($model, 'groups'); $dataProvider = UsersByModelModalListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData); Yii::app()->getClientScript()->setToAjaxMode(); echo UsersByModelModalListControllerUtil::renderList($this, $dataProvider, 'usersInGroupModalList'); }
function acceptGroupRequest() { $request = Request::getById($_GET['id']); $request->status = "accepted"; $request->update(); $request1 = Request::getOther($request->sentById, $request->type, $request->sentToId); if ($request->status == "accepted" && $request1->status == "accepted") { $group = Group::getById($request->sentById); $group->status = "online"; $group->updateStatus(); } require TEMPLATE_PATH . "/home.php"; }
/** * For a given model, contact or account or opportunity, pushes DetailsAndRelationsView layout for provided user * @param $model * @param $groupsAndUsers */ public static function pushLayoutToUsers($model, $groupsAndUsers) { $processedUsers = array(); foreach ($groupsAndUsers['groups'] as $groupId) { $group = Group::getById(intval($groupId)); $usersInGroup = $group->getUsersExceptSystemUsers(); foreach ($usersInGroup as $user) { if (!in_array($user->id, $processedUsers)) { $processedUsers[] = $user->id; self::pushDetailsAndRelationsViewPortlets($user, $model); } } } foreach ($groupsAndUsers['users'] as $userId) { $user = User::getById(intval($userId)); if (!in_array($user->id, $processedUsers)) { $processedUsers[] = $user->id; self::pushDetailsAndRelationsViewPortlets($user, $model); } } }
echo "<a href='/dating_website/index.php?action=declineChatRequest&id=" . $chatRequests[$i]["id"] . "'>decline</a><br>"; } echo "date requests for this group:<br>"; $dateRequests = DateRequest::getByUserId($_SESSION['userId'], $_SESSION['groupId']); $a = sizeof($dateRequests); for ($i = 0; $i < $a; $i++) { $group = Group::getById($dateRequests[$i]["sentById"]); echo "date request from " . $group->name . "<br>"; echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>"; echo "<a href='/dating_website/index.php?action=acceptDateRequest&id=" . $dateRequests[$i]["id"] . "'>accept</a>    "; echo "<a href='/dating_website/index.php?action=declineDateRequest&id=" . $dateRequests[$i]["id"] . "'>decline</a><br>"; } echo "accepted date requests:<br>"; $dateRequests = DateRequest::getByGroupId($_SESSION['groupId']); if ($dateRequests['0']['status'] == "successful" or $dateRequests['1']['status'] == "successful" or $dateRequests['2']['status'] == "successful") { $group = Group::getById($dateRequests['0']["sentToGroupId"]); echo "your date request was accepted by" . $group->name . "<br>"; echo "users: <br>" . User::getById($group->adminId)->name . " , " . User::getById($group->per2Id)->name . "and" . User::getById($group->per3Id)->name . "<br>"; } } else { echo "select a group to proceed" . "<br>"; } $groupsPending = Group::getListPendingByAdminId($_SESSION['userId']); $groupsCreatedOnline = Group::getListOnlineByAdminId($_SESSION['userId']); $groupsOnline = Group::getListOnline($_SESSION['userId']); echo "Groups you are admin for <br> "; for ($i = 0; $i < sizeof($groupsCreatedOnline); $i++) { echo "Group Name: " . $groupsCreatedOnline[$i]["name"] . "<br>"; echo "group members: <br>"; $per2 = User::getById($groupsCreatedOnline[$i]["per2Id"]); $per3 = User::getById($groupsCreatedOnline[$i]["per3Id"]);