本文整理汇总了PHP中AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup方法的典型用法代码示例。如果您正苦于以下问题:PHP AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup方法的具体用法?PHP AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup怎么用?PHP AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类AllPermissionsOptimizationUtil的用法示例。
在下文中一共展示了AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: setUpBeforeClass
public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
SecurityTestHelper::createSuperAdmin();
AllPermissionsOptimizationUtil::rebuild();
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$everyoneGroup->save();
$super = User::getByUsername('super');
//Steven have access to missions module
$steven = UserTestHelper::createBasicUser('steven');
$steven->setRight('MissionsModule', MissionsModule::RIGHT_ACCESS_MISSIONS);
$steven->save();
//Jack dont have acess to missions module
$jack = UserTestHelper::createBasicUser('jack');
$mission = new Mission();
$mission->owner = $super;
$mission->takenByUser = $steven;
$mission->description = 'My test description';
$mission->reward = 'My test reward';
$mission->status = Mission::STATUS_AVAILABLE;
$mission->addPermissions($everyoneGroup, Permission::READ_WRITE);
assert($mission->save());
// Not Coding Standard
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($mission, $everyoneGroup);
}示例2: makeAll
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("User")');
$gameRewards = array();
$gameRewardRandomData = ZurmoRandomDataUtil::getRandomDataByModuleAndModelClassNames('GameRewardsModule', 'GameReward');
for ($i = 0; $i < 10; $i++) {
$gameReward = new GameReward();
$gameReward->name = $gameRewardRandomData['names'][$i];
$gameReward->owner = $demoDataHelper->getRandomByModelName('User');
$gameReward->cost = mt_rand(1, 10);
$gameReward->quantity = mt_rand(1, 20);
for ($j = 0; $j < 5; $j++) {
$gameRewardTransaction = new GameRewardTransaction();
$gameRewardTransaction->person = $demoDataHelper->getRandomByModelName('User');
$gameRewardTransaction->quantity = mt_rand(1, 3);
$gameReward->transactions->add($gameRewardTransaction);
}
$gameReward->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $gameReward->save();
if (!$saved) {
throw new FailedToSaveModelException();
}
$gameReward = GameReward::getById($gameReward->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($gameReward, Group::getByName(Group::EVERYONE_GROUP_NAME));
$gameReward->save();
$gameRewards[] = $gameReward->id;
}
$demoDataHelper->setRangeByModelName('GameReward', $gameRewards[0], $gameRewards[count($gameRewards) - 1]);
}示例3: makeAll
/**
* @param DemoDataHelper $demoDataHelper
*/
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("User")');
$missions = array();
foreach (self::getMissionData() as $randomMissionData) {
$postData = array();
$mission = new Mission();
$mission->setScenario('importModel');
$mission->status = Mission::STATUS_AVAILABLE;
$mission->owner = $demoDataHelper->getRandomByModelName('User');
$mission->createdByUser = $mission->owner;
$mission->description = $randomMissionData['description'];
$mission->reward = $randomMissionData['reward'];
//Add some comments
foreach ($randomMissionData['comments'] as $commentDescription) {
$comment = new Comment();
$comment->setScenario('importModel');
$comment->createdByUser = $demoDataHelper->getRandomByModelName('User');
$comment->description = $commentDescription;
$mission->comments->add($comment);
}
$mission->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $mission->save();
assert('$saved');
$mission = Mission::getById($mission->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($mission, Group::getByName(Group::EVERYONE_GROUP_NAME));
$mission->save();
$missions[] = $mission->id;
}
$demoDataHelper->setRangeByModelName('Mission', $missions[0], $missions[count($missions) - 1]);
}示例4: testCreateAndGetMissionById
public function testCreateAndGetMissionById()
{
$super = User::getByUsername('super');
$fileModel = ZurmoTestHelper::createFileModel();
$steven = UserTestHelper::createBasicUser('steven');
$steven->setRight('MissionsModule', MissionsModule::RIGHT_ACCESS_MISSIONS);
$steven->save();
$dueStamp = DateTimeUtil::convertTimestampToDbFormatDateTime(time() + 10000);
$mission = new Mission();
$mission->owner = $super;
$mission->takenByUser = $steven;
$mission->dueDateTime = $dueStamp;
$mission->description = 'My test description';
$mission->reward = 'My test reward';
$mission->status = Mission::STATUS_AVAILABLE;
$mission->files->add($fileModel);
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$mission->addPermissions($everyoneGroup, Permission::READ_WRITE);
$this->assertTrue($mission->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($mission, $everyoneGroup);
$id = $mission->id;
$mission->forget();
unset($mission);
$mission = Mission::getById($id);
$this->assertEquals('My test description', $mission->description);
$this->assertEquals('My test reward', $mission->reward);
$this->assertEquals(Mission::STATUS_AVAILABLE, $mission->status);
$this->assertEquals($super, $mission->owner);
$this->assertEquals($steven, $mission->takenByUser);
$this->assertEquals(1, $mission->files->count());
$this->assertEquals($fileModel, $mission->files->offsetGet(0));
$this->assertEquals($dueStamp, $mission->dueDateTime);
$this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $super));
$this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $steven));
}示例5: makeAll
/**
* @param DemoDataHelper $demoDataHelper
*/
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("User")');
$marketingLists = array();
for ($this->index = 0; $this->index < 5; $this->index++) {
$marketingList = new MarketingList();
$marketingList->owner = $demoDataHelper->getRandomByModelName('User');
$this->populateModel($marketingList);
$marketingList->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $marketingList->save();
assert('$saved');
$marketingList = MarketingList::getById($marketingList->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($marketingList, Group::getByName(Group::EVERYONE_GROUP_NAME));
$marketingList->save();
$marketingLists[] = $marketingList->id;
}
$demoDataHelper->setRangeByModelName('MarketingList', $marketingLists[0], $marketingLists[count($marketingLists) - 1]);
}示例6: makeAll
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("MarketingList")');
$campaigns = array();
for ($this->index = 0; $this->index < 10; $this->index++) {
$campaign = new Campaign();
$this->populateModel($campaign);
$campaign->marketingList = $demoDataHelper->getRandomByModelName('MarketingList');
$campaign->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $campaign->save();
if (!$saved) {
throw new FailedToSaveModelException();
}
$campaign = Campaign::getById($campaign->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($campaign, Group::getByName(Group::EVERYONE_GROUP_NAME));
$campaign->save();
$campaigns[] = $campaign->id;
}
$demoDataHelper->setRangeByModelName('Campaign', $campaigns[0], $campaigns[count($campaigns) - 1]);
}示例7: makeAll
/**
* @param DemoDataHelper $demoDataHelper
*/
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("User")');
$emailTemplates = array();
$types = array_keys(EmailTemplate::getTypeDropDownArray());
for ($this->index = 0; $this->index < 7; $this->index++) {
$emailTemplate = new EmailTemplate();
$emailTemplate->type = $types[$this->index % 2];
$emailTemplate->owner = $demoDataHelper->getRandomByModelName('User');
$this->populateModel($emailTemplate);
$emailTemplate->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $emailTemplate->save();
assert('$saved');
$emailTemplate = EmailTemplate::getById($emailTemplate->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($emailTemplate, Group::getByName(Group::EVERYONE_GROUP_NAME));
$emailTemplate->save();
$emailTemplates[] = $emailTemplate->id;
}
$demoDataHelper->setRangeByModelName('EmailTemplate', $emailTemplates[0], $emailTemplates[count($emailTemplates) - 1]);
}示例8: makeAll
/**
* @param DemoDataHelper $demoDataHelper
*/
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("User")');
$contactStates = ContactState::getAll();
$statesBeginningWithStartingState = ContactsDemoDataMaker::getStatesBeforeOrStartingWithStartingState($contactStates);
$contactWebForms = array();
for ($this->index = 0; $this->index < 5; $this->index++) {
$contactWebForm = new ContactWebForm();
$contactWebForm->owner = $demoDataHelper->getRandomByModelName('User');
$contactWebForm->defaultOwner = $contactWebForm->owner;
$contactWebForm->defaultState = RandomDataUtil::getRandomValueFromArray($statesBeginningWithStartingState);
$this->populateModel($contactWebForm);
$contactWebForm->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $contactWebForm->save();
assert('$saved');
$contactWebForm = ContactWebForm::getById($contactWebForm->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($contactWebForm, Group::getByName(Group::EVERYONE_GROUP_NAME));
$contactWebForm->save();
$contactWebForms[] = $contactWebForm->id;
}
$demoDataHelper->setRangeByModelName('ContactWebForm', $contactWebForms[0], $contactWebForms[count($contactWebForms) - 1]);
}示例9: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$meeting3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($meeting3, $parentGroup);
//Test userInParentGroup, access to meetings details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInParentGroup, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInChildGroup, access to meetings details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/details');
//Test userInChildGroup, access to meetings edit and delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$meeting3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($meeting3, $parentGroup);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($meeting3, $parentGroup);
//Test userInParentGroup, access to edit meetings should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInParentGroup, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInChildGroup, access to edit meetings should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerWithNoExceptionsAndGetContent('meetings/default/edit');
//Test userInChildGroup, access to meetings delete should fail.
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//revoke parentGroup access to meetings read and write
Yii::app()->user->userModel = $super;
$meeting3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($meeting3->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($meeting3, $parentGroup);
//Test userInChildGroup, access to meetings detail, edit and delete should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting3->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//Test userInParentGroup, access to meetings detail, edit and delete should fail.示例10: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to Products and creation of Products.
$userInChildGroup->setRight('ProjectsModule', ProjectsModule::RIGHT_ACCESS_PROJECTS);
$userInChildGroup->setRight('ProjectsModule', ProjectsModule::RIGHT_CREATE_PROJECTS);
$this->assertTrue($userInChildGroup->save());
//create project owned by super
$project3 = ProjectTestHelper::createProjectByNameForOwner('testingParentGroupPermission', $super);
//Test userInParentGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//Test userInChildGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$project3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($project3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($project3, $parentGroup);
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
//Test userInChildGroup, access to details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
$projectId = $project3->id;
$project3->forget();
$project3 = Project::getById($projectId);
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$project3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($project3->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($project3, $parentGroup);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($project3, $parentGroup);
//Test userInParentGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/edit');
//Test userInChildGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $project3->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/edit');
$projectId = $project3->id;
$project3->forget();
$project3 = Project::getById($projectId);
//revoke parentGroup access to read and write
Yii::app()->user->userModel = $super;
$project3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS, Permission::DENY);
$this->assertTrue($project3->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($project3, $parentGroup);
//Test userInChildGroup, access to detail should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//Test userInParentGroup, access to detail should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//clear up the role relationships between users so not to effect next assertions
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$userInParentGroup->forget();
$userInChildGroup->forget();
$childGroup->forget();
$parentGroup->forget();
$userInParentGroup = User::getByUsername('nobody');
$userInChildGroup = User::getByUsername('confused');
$childGroup = Group::getByName('BBB');
$parentGroup = Group::getByName('AAA');
//clear up the role relationships between users so not to effect next assertions
$parentGroup->users->remove($userInParentGroup);
$parentGroup->groups->remove($childGroup);
$this->assertTrue($parentGroup->save());
$childGroup->users->remove($userInChildGroup);
$this->assertTrue($childGroup->save());
}示例11: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to ContactWebForms and creation of ContactWebForms.
$userInChildGroup->setRight('ContactWebFormsModule', ContactWebFormsModule::RIGHT_ACCESS_CONTACT_WEB_FORMS);
$userInChildGroup->setRight('ContactWebFormsModule', ContactWebFormsModule::RIGHT_CREATE_CONTACT_WEB_FORMS);
$this->assertTrue($userInChildGroup->save());
//create web form owned by super
$contactWebForm3 = ContactWebFormTestHelper::createContactWebFormByName('testingParentGroupPermission', $super);
//Test userInParentGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//Test userInChildGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$contactWebForm3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($contactWebForm3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($contactWebForm3, $parentGroup);
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
//Test userInChildGroup, access to details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
$contactWebFormId = $contactWebForm3->id;
$contactWebForm3->forget();
$contactWebForm3 = ContactWebForm::getById($contactWebFormId);
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$contactWebForm3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm3->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($contactWebForm3, $parentGroup);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($contactWebForm3, $parentGroup);
//Test userInParentGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit');
//Test userInChildGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit');
$contactWebFormId = $contactWebForm3->id;
$contactWebForm3->forget();
$contactWebForm3 = ContactWebForm::getById($contactWebFormId);
//revoke parentGroup access to read and write
Yii::app()->user->userModel = $super;
$contactWebForm3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm3->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($contactWebForm3, $parentGroup);
//Test userInChildGroup, access to detail should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//Test userInParentGroup, access to detail should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//clear up the role relationships between users so not to effect next assertions
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$userInParentGroup->forget();
$userInChildGroup->forget();
$childGroup->forget();
$parentGroup->forget();
$userInParentGroup = User::getByUsername('nobody');
$userInChildGroup = User::getByUsername('confused');
$childGroup = Group::getByName('BBB');
$parentGroup = Group::getByName('AAA');
//clear up the role relationships between users so not to effect next assertions
$parentGroup->users->remove($userInParentGroup);
$parentGroup->groups->remove($childGroup);
$this->assertTrue($parentGroup->save());
$childGroup->users->remove($userInChildGroup);
$this->assertTrue($childGroup->save());
}示例12: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//Test userInChildGroup, access to details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$lead3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($lead3->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($lead3, $parentGroup);
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
//Test userInParentGroup, access to delete should fail.
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//Test userInChildGroup, access to edit and details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
//Test userInChildGroup, access to edit and delete should fail.
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give parentGroup access to read and write
Yii::app()->user->userModel = $super;
$lead3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead3->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($lead3, $parentGroup);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($lead3, $parentGroup);
//Test userInParentGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/edit');
//Test userInParentGroup, access to delete should fail.
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//Test userInChildGroup, access to edit should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/edit');
//Test userInChildGroup, access to delete should fail.
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//revoke parentGroup access to read and write
Yii::app()->user->userModel = $super;
$lead3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead3->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($lead3, $parentGroup);
//Test userInChildGroup, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//Test userInParentGroup, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give parentGroup access to read, write and delete
Yii::app()->user->userModel = $super;
$lead3->addPermissions($parentGroup, Permission::READ_WRITE_DELETE);
$this->assertTrue($lead3->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($lead3, $parentGroup);
//Test userInChildGroup, access to delete should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
$this->setGetArray(array('id' => $lead3->id));
$this->runControllerWithRedirectExceptionAndGetContent('leads/default/delete', Yii::app()->createUrl('leads/default/index'));
//clear up the role relationships between users so not to effect next assertions
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$userInParentGroup->forget();
$userInChildGroup->forget();
$childGroup->forget();
$parentGroup->forget();
$userInParentGroup = User::getByUsername('nobody');
$userInChildGroup = User::getByUsername('confused');
$childGroup = Group::getByName('BBB');
$parentGroup = Group::getByName('AAA');
$parentGroup->users->remove($userInParentGroup);
$parentGroup->groups->remove($childGroup);
$this->assertTrue($parentGroup->save());
$childGroup->users->remove($userInChildGroup);
$this->assertTrue($childGroup->save());
}示例13: resolveExplicitReadWriteModelPermissions
/**
* Given a SecurableItem, add and remove permissions
* based on what the provided ExplicitReadWriteModelPermissions indicates should be done.
* Sets @see SecurableItem->setTreatCurrentUserAsOwnerForPermissions as true in order to ensure the current user
* can effectively add permissions even if the current user is no longer the owner.
* @param SecurableItem $securableItem
* @param ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions
* @param bool $validate
* @return bool|void
* @throws NotSupportedException
*/
public static function resolveExplicitReadWriteModelPermissions(SecurableItem $securableItem, ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions, $validate = false)
{
assert('$securableItem->id > 0');
$optimizeReadPermissions = $securableItem::hasReadPermissionsOptimization();
$securableItem->setTreatCurrentUserAsOwnerForPermissions(true);
$saveSecurableItem = false;
if ($explicitReadWriteModelPermissions->getReadOnlyPermitablesCount() > 0) {
$saveSecurableItem = true;
foreach ($explicitReadWriteModelPermissions->getReadOnlyPermitables() as $permitable) {
if ($securableItem->addPermissions($permitable, Permission::READ) && $optimizeReadPermissions) {
if ($permitable instanceof Group) {
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemGivenPermissionsForGroup($securableItem);
} elseif ($permitable instanceof User) {
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemGivenPermissionsForUser($securableItem);
} else {
throw new NotSupportedException();
}
}
}
}
if ($explicitReadWriteModelPermissions->getReadWritePermitablesCount() > 0) {
$saveSecurableItem = true;
foreach ($explicitReadWriteModelPermissions->getReadWritePermitables() as $permitable) {
if ($securableItem->addPermissions($permitable, Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER) && $optimizeReadPermissions) {
if ($permitable instanceof Group) {
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemGivenPermissionsForGroup($securableItem);
} elseif ($permitable instanceof User) {
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemGivenPermissionsForUser($securableItem);
} else {
throw new NotSupportedException();
}
}
}
}
if ($explicitReadWriteModelPermissions->getReadOnlyPermitablesToRemoveCount() > 0) {
$saveSecurableItem = true;
foreach ($explicitReadWriteModelPermissions->getReadOnlyPermitablesToRemove() as $permitable) {
$securableItem->removePermissions($permitable, Permission::READ, Permission::ALLOW);
if ($optimizeReadPermissions) {
if ($permitable instanceof Group) {
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemLostPermissionsForGroup($securableItem);
} elseif ($permitable instanceof User) {
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemLostPermissionsForUser($securableItem);
} else {
throw new NotSupportedException();
}
}
}
}
if ($explicitReadWriteModelPermissions->getReadWritePermitablesToRemoveCount() > 0) {
$saveSecurableItem = true;
foreach ($explicitReadWriteModelPermissions->getReadWritePermitablesToRemove() as $permitable) {
$securableItem->removePermissions($permitable, Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER, Permission::ALLOW);
if ($optimizeReadPermissions) {
if ($permitable instanceof Group) {
AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemLostPermissionsForGroup($securableItem);
} elseif ($permitable instanceof User) {
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($securableItem, $permitable);
ReadPermissionsSubscriptionUtil::securableItemLostPermissionsForUser($securableItem);
} else {
throw new NotSupportedException();
}
}
}
}
if ($saveSecurableItem) {
$setBackToProcess = false;
if ($securableItem->shouldProcessWorkflowOnSave()) {
$securableItem->setDoNotProcessWorkflowOnSave();
$setBackToProcess = true;
}
$saved = $securableItem->save($validate);
if ($setBackToProcess) {
$securableItem->setProcessWorkflowOnSave();
}
$securableItem->setTreatCurrentUserAsOwnerForPermissions(false);
return $saved;
}
$securableItem->setTreatCurrentUserAsOwnerForPermissions(false);
return true;
}示例14: makeEmailMessage
protected function makeEmailMessage(Contact $contact, $subject = null)
{
$interval = mt_rand(4, 35) * 86400;
if (!isset($subject)) {
$subject = 'A test archived sent email';
}
//#1 Create Archived - Sent
$emailMessage = new EmailMessage();
$emailMessage->setScenario('importModel');
$emailMessage->owner = $contact->owner;
$emailMessage->subject = $subject;
$emailContent = new EmailMessageContent();
$emailContent->textContent = 'My First Message';
$emailContent->htmlContent = 'Some fake HTML content';
$emailMessage->content = $emailContent;
//Sending is current user (super)
$sender = new EmailMessageSender();
$sender->fromAddress = 'super@zurmotest.com';
$sender->fromName = 'Super User';
$sender->personsOrAccounts->add(Yii::app()->user->userModel);
$emailMessage->sender = $sender;
//Recipient is BobMessage
$recipient = new EmailMessageRecipient();
$recipient->toAddress = 'bob.message@zurmotest.com';
$recipient->toName = strval($contact);
$recipient->personsOrAccounts->add($contact);
$recipient->type = EmailMessageRecipient::TYPE_TO;
$emailMessage->recipients->add($recipient);
$emailMessage->folder = EmailFolder::getByBoxAndType($this->emailBox, EmailFolder::TYPE_SENT);
$emailMessage->createdDateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - $interval);
$emailMessage->sentDateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time() - $interval + mt_rand(0, 3) * 86400);
$emailMessage->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$saved = $emailMessage->save();
if (!$saved) {
throw new FailedToSaveModelException();
}
$emailMessage = EmailMessage::getById($emailMessage->id);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($emailMessage, Group::getByName(Group::EVERYONE_GROUP_NAME));
$emailMessage->save();
return $emailMessage;
}示例15: addDemoTasks
/**
* Add demo tasks for the project
* @param type $project
*/
protected static function addDemoTasks($project, $taskInputCount = 1, &$demoDataHelper)
{
$randomTasks = self::getRandomTasks();
for ($i = 0; $i < count($randomTasks); $i++) {
$task = new Task();
$task->name = $randomTasks[$i]['name'];
$task->owner = $demoDataHelper->getRandomByModelName('User');
$task->requestedByUser = $demoDataHelper->getRandomByModelName('User');
$task->completedDateTime = '0000-00-00 00:00:00';
$task->project = $project;
$task->status = Task::STATUS_NEW;
$task->save();
//Notification subscriber
$notificationSubscriber = new NotificationSubscriber();
$notificationSubscriber->person = $demoDataHelper->getRandomByModelName('User');
$notificationSubscriber->hasReadLatest = false;
//Task check list items
$task->notificationSubscribers->add($notificationSubscriber);
$taskCheckListItems = $randomTasks[$i]['checkListItems'];
foreach ($taskCheckListItems as $itemKey => $name) {
$taskCheckListItem = new TaskCheckListItem();
$taskCheckListItem->name = $name;
if ($itemKey * $i * rand(5, 100) % 3 == 0) {
$taskCheckListItem->completed = true;
}
$task->checkListItems->add($taskCheckListItem);
ProjectsUtil::logTaskCheckItemEvent($task, $taskCheckListItem);
}
//Comments
$commentItems = $randomTasks[$i]['comments'];
foreach ($commentItems as $description) {
$comment = new Comment();
$comment->description = $description;
$comment->setScenario('importModel');
$comment->createdByUser = $demoDataHelper->getRandomByModelName('User');
$task->comments->add($comment);
ProjectsUtil::logAddCommentEvent($task, strval($comment));
}
//Add Super user
$comment = new Comment();
$comment->description = 'Versatile idea regarding the task';
$task->comments->add($comment);
$task->addPermissions(Group::getByName(Group::EVERYONE_GROUP_NAME), Permission::READ_WRITE_CHANGE_PERMISSIONS_CHANGE_OWNER);
$task->save();
$currentStatus = $task->status;
ProjectsUtil::logAddTaskEvent($task);
$task = Task::getById($task->id);
$task->status = RandomDataUtil::getRandomValueFromArray(self::getTaskStatusOptions());
$task->save();
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($task, Group::getByName(Group::EVERYONE_GROUP_NAME));
$task->save();
ProjectsUtil::logTaskStatusChangeEvent($task, Task::getStatusDisplayName($currentStatus), Task::getStatusDisplayName(intval($task->status)));
}
}