public function testSetWriteDenyPermission() { $readWriteBit = Permission::READ | Permission::WRITE | Permission::CHANGE_OWNER | Permission::CHANGE_PERMISSIONS; $this->assertEquals(27, $readWriteBit); $items = NamedSecurableItem::getAll(); $this->assertEquals(0, count($items)); $securableItem1 = new NamedSecurableItem(); $securableItem1->name = 'TestItem'; $saved = $securableItem1->save(); $this->assertTrue($saved); $group = new Group(); $group->name = 'myTestGroup'; $saved = $group->save(); $this->assertTrue($saved); $this->assertEquals(array(Permission::NONE, Permission::NONE), $securableItem1->getExplicitActualPermissions($group)); $securableItem1->addPermissions($group, Permission::WRITE, Permission::DENY); $securableItem1->save(); $this->assertEquals(array(Permission::NONE, Permission::WRITE), $securableItem1->getExplicitActualPermissions($group)); $securableItem1->addPermissions($group, Permission::READ); $securableItem1->save(); $this->assertEquals(array(Permission::READ, Permission::WRITE), $securableItem1->getExplicitActualPermissions($group)); $securableItem2 = new NamedSecurableItem(); $securableItem2->name = 'TestItem2'; $saved = $securableItem2->save(); $this->assertTrue($saved); $items = NamedSecurableItem::getAll(); $this->assertEquals(2, count($items)); $securableItem1->forget(); $securableItem2->forget(); $newItem = NamedSecurableItem::getByName('HomeModule'); $permission = 'WRITE'; $newItem->addPermissions($group, constant('Permission::' . $permission), Permission::ALLOW); $this->assertTrue($newItem->save()); $newItem->forget(); $group->forget(); $group = Group::getByName('myTestGroup'); $newItem = NamedSecurableItem::getByName('HomeModule'); $explicitPermissions = $newItem->getExplicitActualPermissions($group); $this->assertEquals(array(Permission::WRITE, Permission::NONE), $explicitPermissions); $effectivePermissions = $newItem->getEffectivePermissions($group); $this->assertEquals(Permission::WRITE, $effectivePermissions); $resolvedPermission = PermissionsUtil::resolveExplicitOrInheritedPermission($explicitPermissions, Permission::WRITE); $this->assertEquals(PERMISSION::ALLOW, $resolvedPermission); $data = PermissionsUtil::getAllModulePermissionsDataByPermitable($group); $compareData = array('HomeModule' => array(Permission::CHANGE_OWNER => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::CHANGE_PERMISSIONS => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::DELETE => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::READ => array('explicit' => null, 'inherited' => null, 'actual' => null), Permission::WRITE => array('explicit' => Permission::ALLOW, 'inherited' => null, 'actual' => Permission::ALLOW))); $this->assertEquals($compareData['HomeModule'], $data['HomeModule']); $group->forget(); }
/** * @param Permitable $permitable * @return array of all module permissions data * Example of a return just for the accounts module. * Normally all the applicable modules permissions * would be returned in the array. * @code <?php $compareData = array( 'AccountsModule' => array( 'CREATE' => array( 'explicit' => null, 'inherited' => null, ), 'CHANGE_OWNER' => array( 'explicit' => null, 'inherited' => null, ), 'CHANGE_PERMISSIONS' => array( 'explicit' => null, 'inherited' => null, ), 'DELETE' => array( 'explicit' => null, 'inherited' => null, ), 'READ' => array( 'explicit' => null, 'inherited' => null, ), 'WRITE' => array( 'explicit' => null, 'inherited' => null, ), ), ); ?> * @endcode */ public static function getAllModulePermissionsDataByPermitable(Permitable $permitable) { $data = array(); try { $data = PermissionsCache::getAllModulePermissionsDataByPermitable($permitable); } catch (NotFoundException $e) { $modules = Module::getModuleObjects(); $permissions = PermissionsUtil::getPermissions(); foreach ($modules as $module) { if ($module instanceof SecurableModule) { $moduleClassName = get_class($module); $moduleName = $module->getName(); $item = NamedSecurableItem::getByName($moduleClassName); if (!empty($permissions)) { foreach ($permissions as $permission) { $explicit = PermissionsUtil::resolveExplicitOrInheritedPermission($item->getExplicitActualPermissions($permitable), $permission); $inherited = PermissionsUtil::resolveExplicitOrInheritedPermission($item->getInheritedActualPermissions($permitable), $permission); $actual = PermissionsUtil::resolveActualPermission($item->getActualPermissions($permitable), $permission); $data[$moduleClassName][$permission] = array('explicit' => PermissionsUtil::resolvePermissionForData($explicit), 'inherited' => PermissionsUtil::resolvePermissionForData($inherited), 'actual' => PermissionsUtil::resolvePermissionForData($actual)); } } } } PermissionsCache::cacheAllModulePermissionsDataByPermitables($permitable, $data); } return $data; }