public function saveModelFromSanitizedData($sanitizedData, $model, &$savedSuccessfully, &$modelToStringValue)
{
//note: the logic for ExplicitReadWriteModelPermission might still need to be moved up into the
//post method above, not sure how this is coming in from API.
$explicitReadWriteModelPermissions = static::resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model);
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
$this->afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
$this->afterSuccessfulSave($model);
}
} else {
}
return $model;
}
public function testProductSaveWithPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$contacts = Contact::getAll();
$accounts = Account::getByName('superAccount');
$opportunities = Opportunity::getByName('superOpportunity');
$productTemplates = ProductTemplate::getByName('superProductTemplate');
$account = $accounts[0];
$user = $account->owner;
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$currencyHelper = Yii::app()->currencyHelper;
$currencyCode = $currencyHelper->getBaseCode();
$currency = Currency::getByCode($currencyCode);
$postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => ''));
$model = new Product();
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
if ($model instanceof SecurableItem) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model);
} else {
$explicitReadWriteModelPermissions = null;
}
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
}
} else {
}
$this->assertEquals('ProductPermissionTest', $model->name);
}
protected function actionInlineEditValidate($model)
{
$readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[get_class($model)]);
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if ($model instanceof OwnedSecurableItem) {
$model->validate(array('owner'));
}
}
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
protected static function processModelForMassEdit(&$model)
{
// TODO: @Shoaibi/@Jason: Low: Candidate for MassActionController
$postModelClassName = Yii::app()->request->getPost(get_class($model));
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postModelClassName);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if (!$model->save(false)) {
throw new FailedToSaveModelException();
} else {
return true;
}
}
/**
* Override to handle report filters
* @param SavedCalendar | ModelForm $model
* @param string $postVariableName
* @throws NotSupportedException();
*/
protected function attemptToValidateAjaxFromPost($model, $postVariableName)
{
if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') {
$postData = PostUtil::getData();
$readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[$postVariableName]);
$sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostdata, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostdata, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if ($model instanceof OwnedSecurableItem) {
$model->validate(array('owner'));
}
}
$wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType(Report::TYPE_ROWS_AND_COLUMNS);
if (!isset($postData[$wizardFormClassName])) {
throw new NotSupportedException();
}
$report = SavedCalendarToReportAdapter::makeReportBySavedCalendar($model);
DataToReportUtil::resolveFiltersStructure($postData[$wizardFormClassName], $report);
DataToReportUtil::resolveFilters($postData[$wizardFormClassName], $report);
//This would do the filter and filter structure validation
$reportToWizardFormAdapter = new ReportToWizardFormAdapter($report);
$reportForm = $reportToWizardFormAdapter->makeFormByType();
$postData['validationScenario'] = $wizardFormClassName::FILTERS_VALIDATION_SCENARIO;
$filtersErrorData = ReportUtil::validateReportWizardForm($postData, $reportForm);
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
$errorData = array_merge($errorData, $filtersErrorData);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
}
public function testRemoveElementFromPostDataForSavingModel()
{
$data = array('a' => 'aaa', 'b' => 'bbb', 'c' => 'ccc');
$newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'doesntexist');
$this->assertEquals($data, $newData);
$newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'b');
$this->assertEquals(array('a' => 'aaa', 'c' => 'ccc'), $newData);
}
public function testProjectSaveWithPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$user = Yii::app()->user->userModel;
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => ''));
$model = new Project();
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
if ($model instanceof SecurableItem) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model);
} else {
$explicitReadWriteModelPermissions = null;
}
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
}
} else {
}
$this->assertEquals('ProjectPermissionTest', $model->name);
}
