All Data Structures Functions Variables Pages
AccountPermissionsSuperUserWalkthroughTest.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
43  {
44  public static function setUpBeforeClass()
45  {
46  parent::setUpBeforeClass();
47  SecurityTestHelper::createSuperAdmin();
49  $super = User::getByUsername('super');
50  Yii::app()->user->userModel = $super;
51 
52  $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
53  $saved = $everyoneGroup->save();
54  assert('$saved'); // Not Coding Standard
55 
56  $group1 = new Group();
57  $group1->name = 'Group1';
58  $saved = $group1->save();
59  assert('$saved'); // Not Coding Standard
60 
61  //Setup test data owned by the super user.
62  AccountTestHelper::createAccountByNameForOwner('superAccount', $super);
63  }
64 
65  public function testSuperUserDerivedExplicitReadWriteModelPermissionsEditExistingAccount()
66  {
67  //Set the current user as the super user.
68  $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
69 
70  $accounts = Account::getAll();
71  $this->assertEquals(1, count($accounts[0]));
72  $this->assertEquals(0, count($accounts[0]->permissions));
73  $superAccountId = self::getModelIdByModelNameAndName ('Account', 'superAccount');
74  $group1 = Group::getByName('Group1');
75  $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
76 
77  //Save account and add a non-everyone group permission.
78  //Permissions is the only thing changing on the account.
79  $this->setGetArray(array('id' => $superAccountId));
80  $postData = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP,
81  'nonEveryoneGroup' => $group1->id);
82  $this->setPostArray(array('Account' =>
83  array('explicitReadWriteModelPermissions' => $postData)));
84  //Make sure the redirect is to the details view and not the list view.
85  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/edit',
86  Yii::app()->createUrl('accounts/default/details', array('id' => $superAccountId)));
87  //Confirm the permissions are set right based on how the account was saved.
88  $accounts[0]->forget();
89  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
90  makeBySecurableItem(Account::getById($superAccountId));
91  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
92  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
93  $this->assertEquals(1, count($readWritePermitables));
94  $this->assertEquals(0, count($readOnlyPermitables));
95  $this->assertEquals($group1, $readWritePermitables[$group1->getClassId('Permitable')]);
96 
97  //Change the permissions to Everyone group
98  $this->setGetArray(array('id' => $superAccountId));
99  $postData = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP);
100  $this->setPostArray(array('Account' =>
101  array('explicitReadWriteModelPermissions' => $postData)));
102  //Make sure the redirect is to the details view and not the list view.
103  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/edit',
104  Yii::app()->createUrl('accounts/default/details', array('id' => $superAccountId)));
105  //Confirm the permissions are set right based on how the account was saved.
106  $accounts[0]->forget();
107  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
108  makeBySecurableItem(Account::getById($superAccountId));
109  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
110  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
111  $this->assertEquals(1, count($readWritePermitables));
112  $this->assertEquals(0, count($readOnlyPermitables));
113  $this->assertEquals($everyoneGroup, $readWritePermitables[$everyoneGroup->getClassId('Permitable')]);
114 
115  //Remove all explicit permissions.
116  $this->setGetArray(array('id' => $superAccountId));
117  $postData = array('type' => null);
118  $this->setPostArray(array('Account' =>
119  array('explicitReadWriteModelPermissions' => $postData)));
120  //Make sure the redirect is to the details view and not the list view.
121  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/edit',
122  Yii::app()->createUrl('accounts/default/details', array('id' => $superAccountId)));
123  //Confirm the permissions are set right based on how the account was saved.
124  $accounts[0]->forget();
125  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
126  makeBySecurableItem(Account::getById($superAccountId));
127  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
128  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
129  $this->assertEquals(0, count($readWritePermitables));
130  $this->assertEquals(0, count($readOnlyPermitables));
131  }
132 
133  public function testSuperUserDerivedExplicitReadWriteModelPermissionsCreateNewAccounts()
134  {
135  //Set the current user as the super user.
136  $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
137  $group1 = Group::getByName('Group1');
138  $everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
139 
140  //Create a new account with no explicit permissions
141  $this->resetGetArray();
142  $postData = array('type' => null);
143  $this->setPostArray(array('Account' => array(
144  'name' => 'myNewAccount',
145  'officePhone' => '456765421',
146  'explicitReadWriteModelPermissions' => $postData)));
147  //Make sure the redirect is to the details view and not the list view.
148  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/create'); // Not Coding Standard
149  //Confirm the permissions are set right based on how the account was saved.
150  $accounts = Account::getByName('myNewAccount');
151  $this->assertEquals(1, count($accounts));
152  $accountId = $accounts[0]->id;
153  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
155  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
156  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
157  $this->assertEquals(0, count($readWritePermitables));
158  $this->assertEquals(0, count($readOnlyPermitables));
159 
160  //Create a new account with the everyone group explicitly added.
161  $this->resetGetArray();
162  $postData = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP);
163  $this->setPostArray(array('Account' => array(
164  'name' => 'myNewAccount2',
165  'officePhone' => '456765421',
166  'explicitReadWriteModelPermissions' => $postData)));
167  //Make sure the redirect is to the details view and not the list view.
168  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/create'); // Not Coding Standard
169  //Confirm the permissions are set right based on how the account was saved.
170  $accounts = Account::getByName('myNewAccount2');
171  $this->assertEquals(1, count($accounts));
172  $accountId = $accounts[0]->id;
173  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
175  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
176  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
177  $this->assertEquals(1, count($readWritePermitables));
178  $this->assertEquals(0, count($readOnlyPermitables));
179  $this->assertEquals($everyoneGroup, $readWritePermitables[$everyoneGroup->getClassId('Permitable')]);
180 
181  //Create a new account with a non-everyone group explicitly added.
182  $this->resetGetArray();
183  $postData = array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP,
184  'nonEveryoneGroup' => $group1->id);
185  $this->setPostArray(array('Account' => array(
186  'name' => 'myNewAccount3',
187  'officePhone' => '456765421',
188  'explicitReadWriteModelPermissions' => $postData)));
189  //Make sure the redirect is to the details view and not the list view.
190  $this->runControllerWithRedirectExceptionAndGetContent('accounts/default/create'); // Not Coding Standard
191  //Confirm the permissions are set right based on how the account was saved.
192  $accounts = Account::getByName('myNewAccount3');
193  $this->assertEquals(1, count($accounts));
194  $accountId = $accounts[0]->id;
195  $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::
197  $readWritePermitables = $explicitReadWriteModelPermissions->getReadWritePermitables();
198  $readOnlyPermitables = $explicitReadWriteModelPermissions->getReadOnlyPermitables();
199  $this->assertEquals(1, count($readWritePermitables));
200  $this->assertEquals(0, count($readOnlyPermitables));
201  $this->assertEquals($group1, $readWritePermitables[$group1->getClassId('Permitable')]);
202  }
203 
204  public function testWorkflowDoesLinkRelatedModelWhenPermissionsIsSetToOwner()
205  {
206  $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
207  $contactStates = ContactState::getAll();
208  $this->assertEquals(0, Contact::getCount());
209 
210  //Create workflow
211  $workflow = new Workflow();
212  $workflow->setDescription ('aDescription');
213  $workflow->setIsActive (true);
214  $workflow->setOrder (5);
215  $workflow->setModuleClassName('AccountsModule');
216  $workflow->setName ('myFirstWorkflow');
217  $workflow->setTriggerOn (Workflow::TRIGGER_ON_NEW_AND_EXISTING);
218  $workflow->setType (Workflow::TYPE_ON_SAVE);
219  $workflow->setTriggersStructure('1');
220  //Add action
221  $action = new ActionForWorkflowForm('Account', Workflow::TYPE_ON_SAVE);
222  $action->type = ActionForWorkflowForm::TYPE_CREATE;
223  $action->relation = 'contacts';
224  $attributes = array( 'lastName' => array('shouldSetValue' => '1',
225  'type' => WorkflowActionAttributeForm::TYPE_STATIC,
226  'value' => 'smith'),
227  'firstName' => array('shouldSetValue' => '1',
228  'type' => WorkflowActionAttributeForm::TYPE_STATIC,
229  'value' => 'john'),
230  'owner__User' => array('shouldSetValue' => '1',
231  'type' => WorkflowActionAttributeForm::TYPE_STATIC,
232  'value' => Yii::app()->user->userModel->id),
233  'state' => array('shouldSetValue' => '1',
234  'type' => WorkflowActionAttributeForm::TYPE_STATIC,
235  'value' => $contactStates[0]->id),
236  );
237  $action->setAttributes(array(ActionForWorkflowForm::ACTION_ATTRIBUTES => $attributes));
238  $workflow->addAction($action);
239  //Create the saved Workflow
240  $savedWorkflow = new SavedWorkflow();
242  $saved = $savedWorkflow->save();
243  $this->assertTrue($saved);
244 
245  $account = new Account();
246  $account->name = 'myTestAccount';
247  $account->owner = $super;
248  $account->save();
249 
251  $contacts = Contact::getAll();
252  $this->assertCount(1, $contacts);
253  $this->assertEquals('myTestAccount', $contacts[0]->account->name);
254  $this->assertEquals('john smith', strval($account->contacts[0]));
255  $this->assertTrue($account->contacts[0]->id > 0);
256  }
257  }
258 ?>
static makeBySecurableItem(SecurableItem $securableItem)
static getByUsername($username)
Definition: User.php:49
static forgetAll()
runControllerWithRedirectExceptionAndGetContent($route, $compareUrl=null, $compareUrlContains=false)
static loadStartingData()
Definition: Group.php:37
static getByName($name)
Definition: Group.php:57
static resolveWorkflowToSavedWorkflow(Workflow $workflow, SavedWorkflow $savedWorkflow)
static getCount(RedBeanModelJoinTablesQueryAdapter $joinTablesAdapter=null, $where=null, $modelClassName=null, $selectDistinct=false)
static getById($id, $modelClassName=null)
logoutCurrentUserLoginNewUserAndGetByUsername($username)
static getAll($orderBy=null, $sortDescending=false, $modelClassName=null)
Generated on Thu May 28 2020 07:10:28