public function saveModelFromSanitizedData($sanitizedData, $model, &$savedSuccessfully, &$modelToStringValue) { //note: the logic for ExplicitReadWriteModelPermission might still need to be moved up into the //post method above, not sure how this is coming in from API. $explicitReadWriteModelPermissions = static::resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model); $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); $this->afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; $this->afterSuccessfulSave($model); } } else { } return $model; }
public function testProductSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $contacts = Contact::getAll(); $accounts = Account::getByName('superAccount'); $opportunities = Opportunity::getByName('superOpportunity'); $productTemplates = ProductTemplate::getByName('superProductTemplate'); $account = $accounts[0]; $user = $account->owner; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $currencyHelper = Yii::app()->currencyHelper; $currencyCode = $currencyHelper->getBaseCode(); $currency = Currency::getByCode($currencyCode); $postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Product(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProductPermissionTest', $model->name); }
protected function actionInlineEditValidate($model) { $readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[get_class($model)]); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if ($model instanceof OwnedSecurableItem) { $model->validate(array('owner')); } } $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); echo CJSON::encode($errorData); Yii::app()->end(0, false); }
protected static function processModelForMassEdit(&$model) { // TODO: @Shoaibi/@Jason: Low: Candidate for MassActionController $postModelClassName = Yii::app()->request->getPost(get_class($model)); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postModelClassName); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if (!$model->save(false)) { throw new FailedToSaveModelException(); } else { return true; } }
/** * Override to handle report filters * @param SavedCalendar | ModelForm $model * @param string $postVariableName * @throws NotSupportedException(); */ protected function attemptToValidateAjaxFromPost($model, $postVariableName) { if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') { $postData = PostUtil::getData(); $readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[$postVariableName]); $sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostdata, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostdata, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if ($model instanceof OwnedSecurableItem) { $model->validate(array('owner')); } } $wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType(Report::TYPE_ROWS_AND_COLUMNS); if (!isset($postData[$wizardFormClassName])) { throw new NotSupportedException(); } $report = SavedCalendarToReportAdapter::makeReportBySavedCalendar($model); DataToReportUtil::resolveFiltersStructure($postData[$wizardFormClassName], $report); DataToReportUtil::resolveFilters($postData[$wizardFormClassName], $report); //This would do the filter and filter structure validation $reportToWizardFormAdapter = new ReportToWizardFormAdapter($report); $reportForm = $reportToWizardFormAdapter->makeFormByType(); $postData['validationScenario'] = $wizardFormClassName::FILTERS_VALIDATION_SCENARIO; $filtersErrorData = ReportUtil::validateReportWizardForm($postData, $reportForm); $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); $errorData = array_merge($errorData, $filtersErrorData); echo CJSON::encode($errorData); Yii::app()->end(0, false); } }
public function testRemoveElementFromPostDataForSavingModel() { $data = array('a' => 'aaa', 'b' => 'bbb', 'c' => 'ccc'); $newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'doesntexist'); $this->assertEquals($data, $newData); $newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'b'); $this->assertEquals(array('a' => 'aaa', 'c' => 'ccc'), $newData); }
public function testProjectSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $user = Yii::app()->user->userModel; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Project(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProjectPermissionTest', $model->name); }