本文整理汇总了PHP中Role::getById方法的典型用法代码示例。如果您正苦于以下问题:PHP Role::getById方法的具体用法?PHP Role::getById怎么用?PHP Role::getById使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Role
的用法示例。
在下文中一共展示了Role::getById方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: testAddingUserToRole
public function testAddingUserToRole()
{
Yii::app()->user->userModel = User::getByUsername('super');
$role = new Role();
$role->name = 'myRole';
$role->validate();
$saved = $role->save();
$this->assertTrue($saved);
$benny = User::getByUsername('benny');
//Add the role to benny
$benny->role = $role;
$saved = $benny->save();
$this->assertTrue($saved);
$roleId = $role->id;
unset($role);
$role = Role::getById($roleId);
$this->assertEquals(1, $role->users->count());
$this->assertTrue($role->users[0]->isSame($benny));
//Now try adding billy to the role but from the other side, from the role side.
$billy = User::getByUsername('billy');
$role->users->add($billy);
$saved = $role->save();
$this->assertTrue($saved);
$billy->forget();
//need to forget billy otherwise it won't pick up the change. i tried unset(), test fails
$billy = User::getByUsername('billy');
$this->assertTrue($billy->role->id > 0);
$this->assertTrue($billy->role->isSame($role));
}
示例2: __construct
/**
* Constructor
*
* @param array $data The data to set to the user
*/
public function __construct($data = array())
{
parent::__construct($data);
if (!empty($this->roleId)) {
$this->role = Role::getById($this->roleId);
}
}
示例3: remove
/**
* Remove a role
*/
public function remove()
{
$role = Role::getById($this->roleId);
if ($role && $role->isRemovable()) {
User::getDbInstance()->update(User::getTable(), new DBExample(array('roleId' => $role->id)), array('roleId' => Option::get('roles.default-role')));
$role->delete();
}
}
示例4: testMakeDataProviderBySearchAttributeData
public function testMakeDataProviderBySearchAttributeData()
{
$role = Role::getById(self::$roleId);
$searchAttributeData = UsersByModelModalListControllerUtil::makeModalSearchAttributeDataByModel($role, 'role');
$dataProvider = UsersByModelModalListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
$this->assertTrue($dataProvider instanceof RedBeanModelDataProvider);
$data = $dataProvider->getData();
$this->assertEquals(1, count($data));
$this->assertEquals($role->id, $data[0]->role->id);
}
示例5: index
/**
* Display the main page of the permission settings
*/
public function index()
{
$permissionGroups = Permission::getAllGroupByPlugin();
$example = isset($this->roleId) ? array('roleId' => $this->roleId) : array();
$data = RolePermission::getListByExample(new DBExample($example));
$values = array();
foreach ($data as $value) {
$values[$value->permissionId][$value->roleId] = $value->value;
}
$roles = isset($this->roleId) ? array(Role::getById($this->roleId)) : Role::getAll(null, array(), array(), true);
$param = array('id' => 'permissions-form', 'fieldsets' => array('form' => array(), '_submits' => array(new SubmitInput(array('name' => 'valid', 'value' => Lang::get('main.valid-button'))))));
foreach ($roles as $role) {
foreach ($permissionGroups as $group => $permissions) {
if (Plugin::get($group)) {
foreach ($permissions as $permission) {
if ($role->id == Role::ADMIN_ROLE_ID) {
$default = 1;
} elseif (isset($values[$permission->id][$role->id])) {
$default = $values[$permission->id][$role->id];
} else {
$default = 0;
}
$param['fieldsets']['form'][] = new CheckboxInput(array('name' => "permission-{$permission->id}-{$role->id}", 'disabled' => $role->id == Role::ADMIN_ROLE_ID || $role->id == Role::GUEST_ROLE_ID && !$permission->availableForGuests, 'default' => $default, 'class' => $permission->id == Permission::ALL_PRIVILEGES_ID ? 'select-all' : '', 'nl' => false));
}
}
}
}
$form = new Form($param);
if (!$form->submitted()) {
$page = View::make(Plugin::current()->getView("permissions.tpl"), array('permissions' => $permissionGroups, 'fields' => $form->inputs, 'roles' => $roles));
return NoSidebarTab::make(array('icon' => 'unlock-alt', 'title' => Lang::get('permissions.page-title'), 'page' => $form->wrap($page)));
} else {
try {
foreach ($form->inputs as $name => $field) {
if (preg_match('/^permission\\-(\\d+)\\-(\\d+)$/', $name, $match)) {
$permissionId = $match[1];
$roleId = $match[2];
$value = App::request()->getBody($name) ? 1 : 0;
if ($roleId != Role::ADMIN_ROLE_ID && !($roleId == Role::GUEST_ROLE_ID && !$permission->availableForGuests)) {
$permission = new RolePermission();
$permission->set(array('roleId' => $roleId, 'permissionId' => $permissionId, 'value' => $value));
$permission->save();
}
}
}
App::logger()->info('Permissions were succesfully updated');
return $form->response(Form::STATUS_SUCCESS, Lang::get("roles.permissions-update-success"));
} catch (Exception $e) {
App::logger()->error('An error occured while updating permissions');
return $form->response(Form::STATUS_ERROR, DEBUG_MODE ? $e->getMessage() : Lang::get("roles.permissions-update-error"));
}
}
}
示例6: makeRecipients
/**
* @param RedBeanModel $model
* @param User $triggeredByUser
* @return array
*/
public function makeRecipients(RedBeanModel $model, User $triggeredByUser)
{
try {
$role = Role::getById((int) $this->roleId);
} catch (NotFoundException $e) {
return array();
}
$recipients = array();
foreach ($role->users as $user) {
if ($user->primaryEmail->emailAddress != null) {
$recipient = new EmailMessageRecipient();
$recipient->toAddress = $user->primaryEmail->emailAddress;
$recipient->toName = strval($user);
$recipient->type = $this->audienceType;
$recipient->personOrAccount = $user;
$recipients[] = $recipient;
}
}
return $recipients;
}
示例7: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give nobody access to both details and edit view
Yii::app()->user->userModel = $super;
$meeting->addPermissions($nobody, Permission::READ_WRITE_DELETE);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting, $nobody);
//Now nobodys, access to delete of meetings should not fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('meetings/default/delete');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create account owned by super
$account2 = AccountTestHelper::createAccountByNameForOwner('AccountsParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$account2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($account2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($account2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//Test userInParentRole, access to details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create a meeting owned by super
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$meeting2 = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('meetingCreatedBySuperForRole', $super, $account2);
//Test userInChildRole, access to meetings details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting2->id));
$this->resetPostArray();
示例8: testArePermissionsFlushedOnRemovingParentFromChildRole
public function testArePermissionsFlushedOnRemovingParentFromChildRole()
{
Contact::deleteAll();
try {
$role = Role::getByName('Parent');
$role->delete();
} catch (NotFoundException $e) {
}
try {
$user = User::getByUsername('jim');
$user->delete();
} catch (NotFoundException $e) {
}
try {
$user = User::getByUsername('jane');
$user->delete();
} catch (NotFoundException $e) {
}
// we could have used helpers to do a lot of the following stuff (such as creating users, roles,
// etc) but we wanted to mimic user's interaction as closely as possible. Hence using walkthroughs
// for everything
// create Parent and Child Roles, Create Jim to be member of Child role
// create parent role
$this->resetGetArray();
$this->setPostArray(array('Role' => array('name' => 'Parent')));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/role/create');
$parentRole = Role::getByName('Parent');
$this->assertNotNull($parentRole);
$this->assertEquals('Parent', strval($parentRole));
$parentRoleId = $parentRole->id;
// create child role
$this->resetGetArray();
$this->setPostArray(array('Role' => array('name' => 'Child', 'role' => array('id' => $parentRoleId))));
$this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/role/create');
$childRole = Role::getByName('Child');
$this->assertNotNull($childRole);
$this->assertEquals('Child', strval($childRole));
$parentRole->forgetAll();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forgetAll();
$childRole = Role::getById($childRoleId);
$this->assertEquals($childRole->id, $parentRole->roles[0]->id);
// create jim's user
$this->resetGetArray();
$this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => 'jim', 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active', 'role' => array('id' => $childRoleId))));
$this->runControllerWithRedirectExceptionAndGetContent('/users/default/create');
$jim = User::getByUsername('jim');
$this->assertNotNull($jim);
$childRole->forgetAll();
$childRole = Role::getById($childRoleId);
$this->assertEquals($childRole->id, $jim->role->id);
// give jim rights to contact's module
$jim->setRight('ContactsModule', ContactsModule::getAccessRight());
$jim->setRight('ContactsModule', ContactsModule::getCreateRight());
$this->assertTrue($jim->save());
$jim->forgetAll();
$jim = User::getByUsername('jim');
// create jane's user
$this->resetGetArray();
$this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => 'jane', 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active', 'role' => array('id' => $parentRoleId))));
$this->runControllerWithRedirectExceptionAndGetContent('/users/default/create');
$jane = User::getByUsername('jane');
$this->assertNotNull($jane);
$parentRole->forgetAll();
$parentRole = Role::getById($parentRoleId);
$this->assertEquals($parentRole->id, $jane->role->id);
// give jane rights to contact's module, we need to do this because once the link between parent and child
// role is broken jane won't be able to access the listview of contacts
$jane->setRight('ContactsModule', ContactsModule::getAccessRight());
$this->assertTrue($jane->save());
$jane->forgetAll();
$jane = User::getByUsername('jane');
// create a contact from jim's account
// create ContactStates
ContactsModule::loadStartingData();
// ensure contact states have been created
$this->assertEquals(6, count(ContactState::GetAll()));
$this->logoutCurrentUserLoginNewUserAndGetByUsername('jim');
// go ahead and create contact with parent role given readwrite.
$startingState = ContactsUtil::getStartingState();
$this->resetGetArray();
$this->setPostArray(array('Contact' => array('firstName' => 'Jim', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id))));
$url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create');
$jimDoeContactId = intval(substr($url, strpos($url, 'id=') + 3));
$jimDoeContact = Contact::getById($jimDoeContactId);
$this->assertNotNull($jimDoeContact);
$this->resetPostArray();
$this->setGetArray(array('id' => $jimDoeContactId));
$content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details');
$this->assertContains('Who can read and write Owner', $content);
// create a contact using jane which she would see at all times
$this->logoutCurrentUserLoginNewUserAndGetByUsername('jane');
$this->resetGetArray();
$this->setPostArray(array('Contact' => array('firstName' => 'Jane', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id))));
$url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create');
$janeDoeContactId = intval(substr($url, strpos($url, 'id=') + 3));
$janeDoeContact = Contact::getById($jimDoeContactId);
$this->assertNotNull($janeDoeContact);
$this->resetPostArray();
//.........这里部分代码省略.........
开发者ID:RamaKavanan,项目名称:InitialVersion,代码行数:101,代码来源:ZurmoNestedRolePermissionsFlushWalkThroughTest.php
示例9: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create project owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$project = ProjectTestHelper::createProjectByNameForOwner('projectForElevationToModelTest', $super);
//Test nobody, access to edit and details should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->runControllerWithNoExceptionsAndGetContent('projects/default/dashboardDetails');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/delete');
//give nobody access to read
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ);
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($project, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
//Test nobody, access to edit should fail.
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/delete');
$projectId = $project->id;
$project->forget();
$project = Project::getById($projectId);
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
//TODO :Its wierd that giving opportunity errors
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($project, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($project, $nobody);
//Now the nobody user should be able to access the edit view and still the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/edit');
$projectId = $project->id;
$project->forget();
$project = Project::getById($projectId);
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS, Permission::DENY);
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($project, $nobody);
//Test nobody, access to detail should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create project owned by super
$project2 = ProjectTestHelper::createProjectByNameForOwner('testingParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $project2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$project2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($project2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($project2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
//.........这里部分代码省略.........
示例10: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create contact web form owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$contactWebForm = ContactWebFormTestHelper::createContactWebFormByName('contactWebFormForElevationToModelTest', $super);
//Test nobody, access to edit and details should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
//give nobody access to read
Yii::app()->user->userModel = $super;
$contactWebForm->addPermissions($nobody, Permission::READ);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
//Test nobody, access to edit should fail.
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
$contactWebFormId = $contactWebForm->id;
$contactWebForm->forget();
$contactWebForm = ContactWebForm::getById($contactWebFormId);
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$contactWebForm->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($contactWebForm, $nobody);
//Now the nobody user should be able to access the edit view and still the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit');
$contactWebFormId = $contactWebForm->id;
$contactWebForm->forget();
$contactWebForm = ContactWebForm::getById($contactWebFormId);
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$contactWebForm->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody);
//Test nobody, access to detail should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create web form owned by super
$contactWebForm2 = ContactWebFormTestHelper::createContactWebFormByName('testingParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$contactWebForm2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($contactWebForm2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
//Test userInParentRole, access to details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
//.........这里部分代码省略.........
示例11: beforeSave
protected function beforeSave()
{
if (parent::beforeSave()) {
if (isset($this->originalAttributeValues['role']) && $this->originalAttributeValues['role'][1] > 0) {
//copy to new object, so we can populate the old parent role as the related role.
//otherwise it gets passed by reference. We need the old $this->role information to properly
//utilize the roleParentBeingRemoved method.
$role = unserialize(serialize($this));
$role->role = Role::getById($this->originalAttributeValues['role'][1]);
AllPermissionsOptimizationUtil::roleParentBeingRemoved($role);
ReadPermissionsSubscriptionUtil::roleParentBeingRemoved();
assert('$this->originalAttributeValues["role"][1] != $this->role->id');
}
return true;
} else {
return false;
}
}
示例12: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create lead owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$lead = LeadTestHelper::createLeadByNameForOwner('leadForElevationToModelTest', $super);
//Test nobody, access to edit, details and delete should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($lead, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
//Test nobody, access to edit and delete should fail.
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($lead, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($lead, $nobody);
//Now the nobody user should be able to access the edit view and still the details view
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/edit');
//Test nobody, access to delete should fail.
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$lead->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($lead, $nobody);
//Test nobody, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read, write and delete
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ_WRITE_DELETE);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($lead, $nobody);
//now nobody should be able to delete a lead
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('leads/default/delete', Yii::app()->createUrl('leads/default/index'));
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create lead owned by super
$lead2 = LeadTestHelper::createLeadByNameForOwner('leadsParentRolePermission', $super);
//Test userInChildRole, access to details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $lead2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead2->id));
//.........这里部分代码省略.........
示例13: actionUsersInRoleModalList
public function actionUsersInRoleModalList($id)
{
$model = Role::getById((int) $id);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($model);
$searchAttributeData = UsersByRoleModalListControllerUtil::makeModalSearchAttributeDataByRoleModel($model);
$dataProvider = UsersByRoleModalListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
Yii::app()->getClientScript()->setToAjaxMode();
echo UsersByRoleModalListControllerUtil::renderList($this, $dataProvider);
}
示例14: makeAll
/**
* @param DemoDataHelper $demoDataHelper
*/
public function makeAll(&$demoDataHelper)
{
assert('$demoDataHelper instanceof DemoDataHelper');
assert('$demoDataHelper->isSetRange("Group")');
assert('$demoDataHelper->isSetRange("Role")');
$super = User::getByUsername('super');
$email = new Email();
$email->emailAddress = static::resolveDemoEmailAddress('Super.test');
$super->primaryEmail = $email;
$saved = $super->save();
assert('$saved');
UserConfigurationFormAdapter::setValue($super, true, 'turnOffEmailNotifications');
$userAvatarForm = new UserAvatarForm($super);
$userAvatarForm->avatarType = User::AVATAR_TYPE_PRIMARY_EMAIL;
$saved = $userAvatarForm->save();
assert('$saved');
$user = new User();
$this->populateModel($user);
$user->username = 'admin';
$user->title->value = 'Sir';
$user->firstName = 'Jason';
$user->lastName = 'Blue';
$user->lastLoginDateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time());
$email = new Email();
$email->emailAddress = static::resolveDemoEmailAddress('Jason.Blue');
$user->primaryEmail = $email;
$user->setPassword($user->username);
$saved = $user->save();
assert('$saved');
UserConfigurationFormAdapter::setValue($user, true, 'turnOffEmailNotifications');
$userAvatarForm = new UserAvatarForm($user);
$userAvatarForm->avatarType = User::AVATAR_TYPE_PRIMARY_EMAIL;
$saved = $userAvatarForm->save();
assert('$saved');
$userStartId = $user->id;
$roleIdRange = $demoDataHelper->getRangeByModelName('Role');
$role = Role::getById($roleIdRange['startId']);
assert('$role instanceof Role');
$role->users->add($user);
$saved = $role->save();
assert('$saved');
foreach (array('jim' => 'Mr.', 'john' => 'Mr.', 'sally' => 'Dr.', 'mary' => 'Mrs.', 'katie' => 'Ms.', 'jill' => 'Ms.', 'sam' => 'Mr.') as $username => $title) {
$user = new User();
$this->populateModel($user);
$user->username = $username;
$user->setPassword($user->username);
$user->title->value = $title;
$user->firstName = ucfirst($username);
$user->lastName = 'Smith';
$email = new Email();
$email->emailAddress = static::resolveDemoEmailAddress($user->firstName);
$user->primaryEmail = $email;
$user->lastLoginDateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time());
$saved = $user->save();
assert('$saved');
UserConfigurationFormAdapter::setValue($user, true, 'turnOffEmailNotifications');
$userAvatarForm = new UserAvatarForm($user);
$userAvatarForm->avatarType = User::AVATAR_TYPE_PRIMARY_EMAIL;
$saved = $userAvatarForm->save();
assert('$saved');
$roleIdRange = $demoDataHelper->getRangeByModelName('Role');
$role = Role::getById($roleIdRange['startId'] + 1);
assert('$role instanceof Role');
$role->users->add($user);
$saved = $role->save();
assert('$saved');
}
$demoDataHelper->setRangeByModelName('User', $userStartId, $user->id);
}
示例15: beforeSave
/**
* If a user is removed from a role, raise two events signaling a potential change in
* Rights/Policies for this user.
* @see Item::beforeSave()
*/
protected function beforeSave()
{
if (parent::beforeSave()) {
if (isset($this->originalAttributeValues['role']) && $this->originalAttributeValues['role'][1] > 0) {
AllPermissionsOptimizationUtil::userBeingRemovedFromRole($this, Role::getById($this->originalAttributeValues['role'][1]));
$this->onChangeRights();
$this->onChangePolicies();
}
return true;
} else {
return false;
}
}