/** * Handles when a user posts to another user's profile social feed. Sets the toUser in that case. * (non-PHPdoc) * @see ZurmoControllerUtil::saveModelFromPost() * @param $postData * @param $model * @param $savedSucessfully * @param $modelToStringValue * @param bool $returnOnValidate * @return OwnedSecurableItem */ public function saveModelFromPost($postData, $model, &$savedSucessfully, &$modelToStringValue, $returnOnValidate = false) { $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($this->relatedUser != null && !Yii::app()->user->userModel->isSame($this->relatedUser)) { $model->toUser = $this->relatedUser; } return $this->saveModelFromSanitizedData($sanitizedPostData, $model, $savedSucessfully, $modelToStringValue, $returnOnValidate); }
/** * Supports setting metadata on both models. The MyListForm model and the SearchModel * @see ModalConfigEditView::setMetadataFromPost() */ public function setMetadataFromPost($postArray) { parent::setMetadataFromPost($postArray); $sanitizedPostArray = PostUtil::sanitizePostByDesignerTypeForSavingModel($this->searchModel, ArrayUtil::getArrayValue($_POST, $this->getSearchModelPostArrayName())); $searchAttributes = SearchUtil::getSearchAttributesFromSearchArrayForSavingExistingSearchCriteria($sanitizedPostArray); $searchAttributesAdaptedToSetInModel = SearchUtil::adaptSearchAttributesToSetInRedBeanModel($searchAttributes, $this->searchModel); $this->searchAttributes = $searchAttributesAdaptedToSetInModel; }
public function actionForm($id) { $cs = Yii::app()->getClientScript(); $cs->setIsolationMode(); $contactWebForm = static::getModelAndCatchNotFoundAndDisplayError('ContactWebForm', intval($id)); $metadata = static::getMetadataByWebForm($contactWebForm); if ($contactWebForm->language !== null) { Yii::app()->language = $contactWebForm->language; } if (is_string($contactWebForm->submitButtonLabel) && !empty($contactWebForm->submitButtonLabel)) { $metadata['global']['toolbar']['elements'][0]['label'] = $contactWebForm->submitButtonLabel; } $customDisplayLabels = ContactWebFormsUtil::getCustomDisplayLabels($contactWebForm); $customRequiredFields = ContactWebFormsUtil::getCustomRequiredFields($contactWebForm); $contactWebFormModelForm = new ContactWebFormsModelForm(new Contact()); $contactWebFormModelForm->state = $contactWebForm->defaultState; $contactWebFormModelForm->owner = $contactWebForm->defaultOwner; $contactWebFormModelForm->googleWebTrackingId = Yii::app()->getRequest()->getPost(ContactExternalEditAndDetailsView::GOOGLE_WEB_TRACKING_ID_FIELD); $contactWebFormModelForm->setCustomDisplayLabels($customDisplayLabels); $contactWebFormModelForm->setCustomRequiredFields($customRequiredFields); $contactWebFormModelForm->resolveRequiredValidatorsForModel($customRequiredFields); $postVariableName = get_class($contactWebFormModelForm); if (isset($_POST[$postVariableName])) { ContactWebFormsUtil::resolveHiddenAttributesForContactModel($postVariableName, $contactWebForm); $_POST[$postVariableName] = PostUtil::sanitizePostByDesignerTypeForSavingModel($contactWebFormModelForm->getModel(), $_POST[$postVariableName]); $contactWebFormModelForm->setAttributes($_POST[$postVariableName]); $this->attemptToValidate($contactWebForm, $contactWebFormModelForm); $this->attemptToSaveModelFromPost($contactWebFormModelForm, null, false); if (isset($contactWebFormModelForm->getModel()->id) && intval($contactWebFormModelForm->getModel()->id) > 0) { $this->resolveContactWebFormEntry($contactWebForm, $contactWebFormModelForm); $controllerUtil = static::getZurmoControllerUtil(); $controllerUtil::setContactModelPermissionsByContactWebForm($contactWebFormModelForm->getModel(), $contactWebForm); $responseData = array(); $responseData['redirectUrl'] = $contactWebForm->redirectUrl; $this->renderResponse(CJSON::encode($responseData)); } } else { $containedView = new ContactExternalEditAndDetailsView('Edit', $this->getId(), $this->getModule()->getId(), $this->attemptToSaveModelFromPost($contactWebFormModelForm, null, false), $metadata); $view = new ContactWebFormsExternalPageView(ZurmoExternalViewUtil::makeExternalViewForCurrentUser($containedView)); $cs->registerScript('catchGoogleWebTrackingId', "\n \$(document).ready(function()\n {\n \$('html').addClass('zurmo-embedded-form-active');\n if (typeof ga !== 'undefined')\n {\n ga(function(tracker)\n {\n var googleWebTrackingId = tracker.get('clientId');\n \$('#" . ContactExternalEditAndDetailsView::GOOGLE_WEB_TRACKING_ID_FIELD . "').val(googleWebTrackingId);\n });\n }\n });"); $excludeStyles = $contactWebForm->excludeStyles; $rawXHtml = $view->render(); $rawXHtml = ZurmoExternalViewUtil::resolveAndCombineScripts($rawXHtml); $combinedHtml = array(); $combinedHtml['head'] = ZurmoExternalViewUtil::resolveHeadTag($rawXHtml, $excludeStyles); $combinedHtml['body'] = ZurmoExternalViewUtil::resolveHtmlAndScriptInBody($rawXHtml); if (isset($contactWebForm->enableCaptcha) && $contactWebForm->enableCaptcha == true) { $combinedHtml['enableCaptcha'] = true; } else { $combinedHtml['enableCaptcha'] = false; } $response = 'renderFormCallback(' . CJSON::encode($combinedHtml) . ');'; $this->renderResponse($response); } }
protected function actionInlineEditValidate($model) { $postData = PostUtil::getData(); $postFormData = ArrayUtil::getArrayValue($postData, get_class($model)); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postFormData); $model->setAttributes($sanitizedPostData); $model->validate(); $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); echo CJSON::encode($errorData); Yii::app()->end(0, false); }
protected function actionInlineEditValidate($model) { $readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[get_class($model)]); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if ($model instanceof OwnedSecurableItem) { $model->validate(array('owner')); } } $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); echo CJSON::encode($errorData); Yii::app()->end(0, false); }
/** * Override to handle userStatus validation * @param User | ModelForm $model * @param string $postVariableName */ protected function attemptToValidateAjaxFromPost($model, $postVariableName) { if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') { $sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $_POST[$postVariableName]); $model->setAttributes($sanitizedPostdata); $model->validate(); $userStatus = UserStatusUtil::makeByPostData($_POST[$postVariableName]); if ($model instanceof User) { if ($userStatus == null) { $userStatus = UserStatusUtil::makeByUser($model); } Yii::app()->licenseManager->resolveValidationOnCreateOrEditUser($model, $userStatus); } elseif ($model instanceof ModelForm) { if ($userStatus == null) { $userStatus = UserStatusUtil::makeByUser($model->getModel()); } Yii::app()->licenseManager->resolveValidationOnCreateOrEditUser($model->getModel(), $userStatus); } $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); echo CJSON::encode($errorData); Yii::app()->end(0, false); } }
/** * @depends testCreateAndGetMeetingById */ public function testUpdateMeetingFromForm() { Yii::app()->user->userModel = User::getByUsername('super'); $user = User::getByUsername('billy'); $meetings = Meeting::getByName('MyMeeting'); $meeting = $meetings[0]; $this->assertEquals($meeting->name, 'MyMeeting'); $timeStamp = time(); $newStamp = DateTimeUtil::convertTimestampToDbFormatDateTime($timeStamp); $postData = array('owner' => array('id' => $user->id), 'name' => 'New Name', 'startDateTime' => DateTimeUtil::convertTimestampToDisplayFormat($timeStamp, DateTimeUtil::DATETIME_FORMAT_DATE_WIDTH, DateTimeUtil::DATETIME_FORMAT_TIME_WIDTH, true)); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($meeting, $postData); $meeting->setAttributes($sanitizedPostData); $saved = $meeting->save(); $this->assertTrue($saved); $id = $meeting->id; unset($meeting); $meeting = Meeting::getById($id); $this->assertEquals('New Name', $meeting->name); $this->assertEquals($sanitizedPostData['startDateTime'], $meeting->startDateTime); //create new meeting from scratch where the startDateTime and endDateTime attributes are not populated. //It should let you save. $meeting = new Meeting(); $postData = array('owner' => array('id' => $user->id), 'name' => 'Lamazing', 'startDateTime' => DateTimeUtil::convertTimestampToDisplayFormat($timeStamp, DateTimeUtil::DATETIME_FORMAT_DATE_WIDTH, DateTimeUtil::DATETIME_FORMAT_TIME_WIDTH, true)); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($meeting, $postData); $meeting->setAttributes($sanitizedPostData); $saved = $meeting->save(); $this->assertTrue($saved); $id = $meeting->id; unset($meeting); $meeting = Meeting::getById($id); $this->assertEquals('Lamazing', $meeting->name); $this->assertEquals($sanitizedPostData['startDateTime'], $meeting->startDateTime); $this->assertEquals(null, $meeting->endDateTime); }
/** * @depends testCreateAndGetTaskById */ public function testUpdateTaskFromForm() { Yii::app()->user->userModel = User::getByUsername('super'); $user = User::getByUsername('billy'); $tasks = Task::getByName('MyTask'); $task = $tasks[0]; $this->assertEquals($task->name, 'MyTask'); $postData = array('owner' => array('id' => $user->id), 'name' => 'New Name', 'dueDateTime' => ''); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($task, $postData); $task->setAttributes($sanitizedPostData); $this->assertTrue($task->save()); $id = $task->id; unset($task); $task = Task::getById($id); $this->assertEquals('New Name', $task->name); $this->assertEquals(null, $task->dueDateTime); //create new task from scratch where the DateTime attributes are not populated. It should let you save. $task = new Task(); $postData = array('owner' => array('id' => $user->id), 'name' => 'Lamazing', 'dueDateTime' => ''); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($task, $postData); $task->setAttributes($sanitizedPostData); $this->assertTrue($task->save()); $id = $task->id; unset($task); $task = Task::getById($id); $this->assertEquals('Lamazing', $task->name); $this->assertEquals(null, $task->dueDateTime); }
protected static function processModelForMassEdit(&$model) { // TODO: @Shoaibi/@Jason: Low: Candidate for MassActionController $postModelClassName = Yii::app()->request->getPost(get_class($model)); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postModelClassName); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if (!$model->save(false)) { throw new FailedToSaveModelException(); } else { return true; } }
/** * Only supports saving 4 layoutTypes (max 2 column) * */ public function actionEditDashboard($id) { $id = intval($id); $dashboard = Dashboard::getById(intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($dashboard); if (isset($_POST['Dashboard'])) { $oldLayoutType = $dashboard->layoutType; $_POST['Dashboard'] = PostUtil::sanitizePostByDesignerTypeForSavingModel($dashboard, $_POST['Dashboard']); $dashboard->setAttributes($_POST['Dashboard']); assert('in_array($dashboard->layoutType, array_keys(Dashboard::getLayoutTypesData()))'); if ($dashboard->save()) { if ($oldLayoutType != $dashboard->layoutType && $dashboard->layoutType == '100') { $uniqueLayoutId = 'HomeDashboard' . $dashboard->layoutId; $portletCollection = Portlet::getByLayoutIdAndUserSortedByColumnIdAndPosition($uniqueLayoutId, Yii::app()->user->userModel->id, array()); Portlet::shiftPositionsBasedOnColumnReduction($portletCollection, 1); } GeneralCache::forgetAll(); //Ensure menu refreshes $this->redirect(array('default/dashboardDetails', 'id' => $dashboard->id)); } } $editView = new DashboardEditView($this->getId(), $this->getModule()->getId(), $dashboard, strval($dashboard)); $view = new AccountsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $editView)); echo $view->render(); }
public function saveModelFromPost($postData, $model, &$savedSuccessfully, &$modelToStringValue) { $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); return $this->saveModelFromSanitizedData($sanitizedPostData, $model, $savedSuccessfully, $modelToStringValue); }
/** * @depends testSanitizeSearchFormAttributes */ public function testSanitizeSearchFormAttributesThatAreOnARelatedModel() { $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; $language = Yii::app()->getLanguage(); $this->assertEquals($language, 'en'); //test sanitizing a SearchForm date attribute and a SearchForm dateTime attribute $searchForm = new MixedRelationsModelSearchFormTestModel(new MixedRelationsModel()); $postData = array('dateDateTimeADate__Date' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_AFTER, 'firstDate' => '3/25/11'), 'dateDateTimeADate__Date' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_BETWEEN, 'firstDate' => '5/25/11', 'secondDate' => '6/25/11'), 'dateDateTimeADateTime__DateTime' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_AFTER, 'firstDate' => '3/26/11')); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($searchForm, $postData); $compareData = array('dateDateTimeADate__Date' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_AFTER, 'firstDate' => '2011-03-25'), 'dateDateTimeADate__Date' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_BETWEEN, 'firstDate' => '2011-05-25', 'secondDate' => '2011-06-25'), 'dateDateTimeADateTime__DateTime' => array('type' => MixedDateTypesSearchFormAttributeMappingRules::TYPE_AFTER, 'firstDate' => '2011-03-26')); $this->assertEquals($compareData, $sanitizedPostData); }
public function testProjectSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $user = Yii::app()->user->userModel; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Project(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProjectPermissionTest', $model->name); }
/** * Sanitizes get data for date and date time attributes by converting them to the proper * format and timezone for saving. Wrapper for the method with the logic in PostUtil which completes this * task. * @return - array sanitized get data */ public static function sanitizePostByDesignerTypeForSavingModel($model, $postData) { return PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); }
/** * Override to handle report filters * @param SavedCalendar | ModelForm $model * @param string $postVariableName * @throws NotSupportedException(); */ protected function attemptToValidateAjaxFromPost($model, $postVariableName) { if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') { $postData = PostUtil::getData(); $readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[$postVariableName]); $sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData); $sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostdata, 'owner'); $sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostdata, 'owner'); $model->setAttributes($sanitizedPostDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerPostData != null) { $model->setAttributes($sanitizedOwnerPostData); } if ($model instanceof OwnedSecurableItem) { $model->validate(array('owner')); } } $wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType(Report::TYPE_ROWS_AND_COLUMNS); if (!isset($postData[$wizardFormClassName])) { throw new NotSupportedException(); } $report = SavedCalendarToReportAdapter::makeReportBySavedCalendar($model); DataToReportUtil::resolveFiltersStructure($postData[$wizardFormClassName], $report); DataToReportUtil::resolveFilters($postData[$wizardFormClassName], $report); //This would do the filter and filter structure validation $reportToWizardFormAdapter = new ReportToWizardFormAdapter($report); $reportForm = $reportToWizardFormAdapter->makeFormByType(); $postData['validationScenario'] = $wizardFormClassName::FILTERS_VALIDATION_SCENARIO; $filtersErrorData = ReportUtil::validateReportWizardForm($postData, $reportForm); $errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model); $errorData = array_merge($errorData, $filtersErrorData); echo CJSON::encode($errorData); Yii::app()->end(0, false); } }
public function testProductSaveWithPermissions() { Yii::app()->user->userModel = User::getByUsername('super'); $contacts = Contact::getAll(); $accounts = Account::getByName('superAccount'); $opportunities = Opportunity::getByName('superOpportunity'); $productTemplates = ProductTemplate::getByName('superProductTemplate'); $account = $accounts[0]; $user = $account->owner; $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME); $explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions(); $currencyHelper = Yii::app()->currencyHelper; $currencyCode = $currencyHelper->getBaseCode(); $currency = Currency::getByCode($currencyCode); $postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => '')); $model = new Product(); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData); if ($model instanceof SecurableItem) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model); } else { $explicitReadWriteModelPermissions = null; } $readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData); $sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner'); $sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner'); $model->setAttributes($sanitizedDataWithoutOwner); if ($model->validate()) { $modelToStringValue = strval($model); if ($sanitizedOwnerData != null) { $model->setAttributes($sanitizedOwnerData); } if ($model instanceof OwnedSecurableItem) { $passedOwnerValidation = $model->validate(array('owner')); } else { $passedOwnerValidation = true; } if ($passedOwnerValidation && $model->save(false)) { if ($explicitReadWriteModelPermissions != null) { $success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions); //todo: handle if success is false, means adding/removing permissions save failed. } $savedSuccessfully = true; } } else { } $this->assertEquals('ProductPermissionTest', $model->name); }
/** * @depends testCreateAndGetNoteById */ public function testUpdateNoteFromForm() { Yii::app()->user->userModel = User::getByUsername('super'); $user = User::getByUsername('billy'); $notes = Note::getByName('myNote'); $note = $notes[0]; $this->assertEquals($note->description, 'myNote'); $postData = array('owner' => array('id' => $user->id), 'description' => 'New Name', 'occurredOnDateTime' => ''); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($note, $postData); $note->setAttributes($sanitizedPostData); $this->assertTrue($note->save()); $id = $note->id; unset($note); $note = Note::getById($id); $this->assertEquals('New Name', $note->description); $this->assertEquals(null, $note->occurredOnDateTime); //create new note from scratch where the DateTime attributes are not populated. It should let you save. $note = new Note(); $postData = array('owner' => array('id' => $user->id), 'description' => 'Lamazing', 'occurredOnDateTime' => ''); $sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($note, $postData); $note->setAttributes($sanitizedPostData); $this->assertTrue($note->save()); $id = $note->id; unset($note); $note = Note::getById($id); $this->assertEquals('Lamazing', $note->description); $this->assertEquals(null, $note->occurredOnDateTime); //will default to NOW }