/** * Ensure that list of viewable calendars correctly reflects calendar permissions records */ public function testGetViewableUserCalendarNames() { TestingAuxLib::loadX2NonWebUser(); TestingAuxLib::suLogin('admin'); $viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames()); $this->assertEquals(array_merge(array('Anyone'), Yii::app()->db->createCommand("\n SELECT username\n FROM x2_users\n ")->queryColumn()), ArrayUtil::sort($viewable)); $user = $this->users('testUser'); TestingAuxLib::suLogin('testuser'); $viewable = array_keys(X2CalendarPermissions::getViewableUserCalendarNames()); $grantedUsers = array_unique(array_merge(array('Anyone', 'testuser'), Yii::app()->db->createCommand("\n /**\n * get names of users who have granted view permission to testuser and names of\n * users who have not set up calendar permissions\n */\n SELECT distinct(username)\n FROM x2_users as t, x2_calendar_permissions\n WHERE other_user_id=:userId OR t.id NOT in (\n SELECT distinct(user_id)\n FROM x2_calendar_permissions\n )\n ")->queryColumn(array(':userId' => $user->id)))); $this->assertEquals(ArrayUtil::sort($grantedUsers), ArrayUtil::sort($viewable)); TestingAuxLib::restoreX2WebUser(); }
public function tearDown() { // try to replace mocks with original components in case mocks were set during test case TestingAuxLib::restoreX2WebUser(); TestingAuxLib::restoreX2AuthManager(); TestingAuxLib::restoreController(); self::$skipAllTests = false; self::$loadFixtures = X2_LOAD_FIXTURES; self::$loadFixturesForClassOnly = X2_LOAD_FIXTURES_FOR_CLASS_ONLY; if (isset($this->_oldSession)) { $_SESSION = $this->_oldSession; } return parent::tearDown(); }
public function testDocsPermissions() { $auth = TestingAuxLib::loadAuthManagerMock(); TestingAuxLib::loadX2NonWebUser(); // user has docs update access $user = $this->users('testUser'); $auth->setAccess('AdminIndex', $user->id, array(), false); TestingAuxLib::suLogin('testuser'); $auth->setAccess('DocsAdmin', $user->id, array(), false); $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), true); // can't be edited since edit permissions list is empty $doc = $this->docs('0'); $this->assertFalse((bool) $doc->checkEditPermissions()); // "testuser" is in the edit permissions list $doc = $this->docs('1'); $this->assertTrue((bool) $doc->checkEditPermissions()); $doc = $this->docs('3'); $this->assertTrue((bool) $doc->checkEditPermissions()); // testuser created the the doc $doc = $this->docs('2'); $this->assertTrue((bool) $doc->checkEditPermissions()); // user has docs private update access $auth->clearCache(); $auth->setAccess('AdminIndex', $user->id, array(), false); $auth->setAccess('DocsAdmin', $user->id, array(), false); $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false); $auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), true); // can't be edited since edit permissions list is empty $doc = $this->docs('0'); $this->assertFalse((bool) $doc->checkEditPermissions()); // "testuser" is in the edit permissions list but since testuser only has private update // access, doc cannot be edited $doc = $this->docs('1'); $this->assertFalse((bool) $doc->checkEditPermissions()); $doc = $this->docs('3'); $this->assertFalse((bool) $doc->checkEditPermissions()); // testuser created the the doc, so they can edit it $doc = $this->docs('2'); $this->assertTrue((bool) $doc->checkEditPermissions()); // user has docs admin access $auth->clearCache(); $auth->setAccess('AdminIndex', $user->id, array(), false); $auth->setAccess('DocsAdmin', $user->id, array(), true); $auth->setAccess('DocsUpdateAccess', $user->id, array('X2Model' => new Docs()), false); $auth->setAccess('DocsPrivateUpdateAccess', $user->id, array('X2Model' => new Docs()), false); // user is docs admin $doc = $this->docs('0'); $this->assertTrue((bool) $doc->checkEditPermissions()); // user is docs admin $doc = $this->docs('1'); $this->assertTrue((bool) $doc->checkEditPermissions()); // user is docs admin $doc = $this->docs('2'); $this->assertTrue((bool) $doc->checkEditPermissions()); TestingAuxLib::restoreX2WebUser(); TestingAuxLib::restoreX2AuthManager(); }
public function tearDown() { // try to replace mocks with original components in case mocks were set during test case TestingAuxLib::restoreX2WebUser(); TestingAuxLib::restoreX2AuthManager(); return parent::tearDown(); }
public function tearDown() { // try to replace mocks with original components in case mocks were set during test case TestingAuxLib::restoreX2WebUser(); TestingAuxLib::restoreX2AuthManager(); TestingAuxLib::restoreController(); self::$skipAllTests = false; self::$loadFixtures = X2_LOAD_FIXTURES; self::$loadFixturesForClassOnly = X2_LOAD_FIXTURES_FOR_CLASS_ONLY; if (isset($this->_oldSession)) { $_SESSION = $this->_oldSession; } if (X2_TEST_DEBUG_LEVEL > 0) { $timer = TestingAuxLib::getCaseTimer(); TestingAuxLib::log("time elapsed for test case: {$timer->stop()->getTime()}"); } return parent::tearDown(); }
public function testGetAccessCriteria() { TestingAuxLib::loadX2NonWebUser(); TestingAuxLib::suLogin('admin'); // admin privileges private profile $accessCriteria = Events::model()->getAccessCriteria(); $this->assertEquals('TRUE', $accessCriteria->condition); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll())); // admin privileges public profile $accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser'))); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll('user="******"'))); // non-admin public profile TestingAuxLib::suLogin('testuser2'); Yii::app()->settings->historyPrivacy = null; $accessCriteria = Events::model()->getAccessCriteria(Profile::model()->findByAttributes(array('username' => 'testuser'))); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll('user="******" and visibility'))); // non-admin private profile TestingAuxLib::suLogin('testuser2'); Yii::app()->settings->historyPrivacy = null; $accessCriteria = Events::model()->getAccessCriteria(); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll('user="******" or visibility'))); // non-admin private profile, user history TestingAuxLib::suLogin('testuser2'); Yii::app()->settings->historyPrivacy = 'user'; $accessCriteria = Events::model()->getAccessCriteria(); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll('user="******"'))); // non-admin private profile, group history // assumes that testuser2 and testuser3 are groupmates Yii::app()->settings->historyPrivacy = 'group'; $accessCriteria = Events::model()->getAccessCriteria(); $this->assertEquals(array_map(function ($event) { return $event->id; }, Events::model()->findAll($accessCriteria)), array_map(function ($event) { return $event->id; }, Events::model()->findAll('user="******" or user="******"'))); Yii::app()->settings->historyPrivacy = null; TestingAuxLib::restoreX2WebUser(); }