public function testSetWriteDenyPermission()
{
$readWriteBit = Permission::READ | Permission::WRITE | Permission::CHANGE_OWNER | Permission::CHANGE_PERMISSIONS;
$this->assertEquals(27, $readWriteBit);
$items = NamedSecurableItem::getAll();
$this->assertEquals(0, count($items));
$securableItem1 = new NamedSecurableItem();
$securableItem1->name = 'TestItem';
$saved = $securableItem1->save();
$this->assertTrue($saved);
$group = new Group();
$group->name = 'myTestGroup';
$saved = $group->save();
$this->assertTrue($saved);
$this->assertEquals(array(Permission::NONE, Permission::NONE), $securableItem1->getExplicitActualPermissions($group));
$securableItem1->addPermissions($group, Permission::WRITE, Permission::DENY);
$securableItem1->save();
$this->assertEquals(array(Permission::NONE, Permission::WRITE), $securableItem1->getExplicitActualPermissions($group));
$securableItem1->addPermissions($group, Permission::READ);
$securableItem1->save();
$this->assertEquals(array(Permission::READ, Permission::WRITE), $securableItem1->getExplicitActualPermissions($group));
$securableItem2 = new NamedSecurableItem();
$securableItem2->name = 'TestItem2';
$saved = $securableItem2->save();
$this->assertTrue($saved);
$items = NamedSecurableItem::getAll();
$this->assertEquals(2, count($items));
$securableItem1->forget();
$securableItem2->forget();
$newItem = NamedSecurableItem::getByName('HomeModule');
$permission = 'WRITE';
$newItem->addPermissions($group, constant('Permission::' . $permission), Permission::ALLOW);
$this->assertTrue($newItem->save());
$newItem->forget();
$group->forget();
$group = Group::getByName('myTestGroup');
$newItem = NamedSecurableItem::getByName('HomeModule');
$explicitPermissions = $newItem->getExplicitActualPermissions($group);
$this->assertEquals(array(Permission::WRITE, Permission::NONE), $explicitPermissions);
$effectivePermissions = $newItem->getEffectivePermissions($group);
$this->assertEquals(Permission::WRITE, $effectivePermissions);
$resolvedPermission = PermissionsUtil::resolveExplicitOrInheritedPermission($explicitPermissions, Permission::WRITE);
$this->assertEquals(PERMISSION::ALLOW, $resolvedPermission);
$data = PermissionsUtil::getAllModulePermissionsDataByPermitable($group);
$compareData = array('HomeModule' => array(Permission::CHANGE_OWNER => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::CHANGE_PERMISSIONS => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::DELETE => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::READ => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::WRITE => array('explicit' => Permission::ALLOW, 'inherited' => null, 'actual' => Permission::ALLOW)));
$this->assertEquals($compareData['HomeModule'], $data['HomeModule']);
$group->forget();
}
/**
* @param Permitable $permitable
* @return array of all module permissions data
* Example of a return just for the accounts module.
* Normally all the applicable modules permissions
* would be returned in the array.
* @code
<?php
$compareData = array(
'AccountsModule' => array(
'CREATE' => array(
'explicit' => null,
'inherited' => null,
),
'CHANGE_OWNER' => array(
'explicit' => null,
'inherited' => null,
),
'CHANGE_PERMISSIONS' => array(
'explicit' => null,
'inherited' => null,
),
'DELETE' => array(
'explicit' => null,
'inherited' => null,
),
'READ' => array(
'explicit' => null,
'inherited' => null,
),
'WRITE' => array(
'explicit' => null,
'inherited' => null,
),
),
);
?>
* @endcode
*/
public static function getAllModulePermissionsDataByPermitable(Permitable $permitable)
{
$data = array();
try {
$data = PermissionsCache::getAllModulePermissionsDataByPermitable($permitable);
} catch (NotFoundException $e) {
$modules = Module::getModuleObjects();
$permissions = PermissionsUtil::getPermissions();
foreach ($modules as $module) {
if ($module instanceof SecurableModule) {
$moduleClassName = get_class($module);
$moduleName = $module->getName();
$item = NamedSecurableItem::getByName($moduleClassName);
if (!empty($permissions)) {
foreach ($permissions as $permission) {
$explicit = PermissionsUtil::resolveExplicitOrInheritedPermission($item->getExplicitActualPermissions($permitable), $permission);
$inherited = PermissionsUtil::resolveExplicitOrInheritedPermission($item->getInheritedActualPermissions($permitable), $permission);
$actual = PermissionsUtil::resolveActualPermission($item->getActualPermissions($permitable), $permission);
$data[$moduleClassName][$permission] = array('explicit' => PermissionsUtil::resolvePermissionForData($explicit), 'inherited' => PermissionsUtil::resolvePermissionForData($inherited), 'actual' => PermissionsUtil::resolvePermissionForData($actual));
}
}
}
}
PermissionsCache::cacheAllModulePermissionsDataByPermitables($permitable, $data);
}
return $data;
}
