Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.
 All Data Structures Functions Variables Pages
ContactsRegularUserExportWalkthroughTest.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
41  {
42  protected static $asynchronousThreshold;
43 
44  public static function setUpBeforeClass()
45  {
46  parent::setUpBeforeClass();
47  SecurityTestHelper::createSuperAdmin();
48 
49  self::$asynchronousThreshold = ExportModule::$asynchronousThreshold;
50  ExportModule::$asynchronousThreshold = 3;
52  }
53 
54  public static function tearDownAfterClass()
55  {
56  ExportModule::$asynchronousThreshold = self::$asynchronousThreshold;
57  parent::tearDownAfterClass();
58  }
59 
64  {
65  $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
66  $account = AccountTestHelper::createAccountByNameForOwner('superAccount', $super);
67 
68  $contacts = array();
69  for ($i = 0; $i < 2; $i++)
70  {
71  $contacts[] = ContactTestHelper::createContactWithAccountByNameForOwner('superContact' . $i, $super, $account);
72  }
73 
74  // Check if access is denied if user doesn't have access privileges at all to export actions
75  Yii::app()->user->userModel = User::getByUsername('nobody');
76  $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
77 
78  $this->runControllerShouldResultInAccessFailureAndGetContent('contacts/default/list');
79 
80  // Check if user have access to module action, but not to export action
81  // Now test peon with elevated rights to accounts
82  $nobody->setRight('ContactsModule', ContactsModule::RIGHT_ACCESS_CONTACTS);
83  $nobody->setRight('ContactsModule', ContactsModule::RIGHT_CREATE_CONTACTS);
84  $nobody->setRight('ContactsModule', ContactsModule::RIGHT_DELETE_CONTACTS);
85  $nobody->setRight('ExportModule', ExportModule::RIGHT_ACCESS_EXPORT);
86  $this->assertTrue($nobody->save());
87 
88  // Check if access is denied if user doesn't have access privileges at all to export actions
89  $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
90  Yii::app()->user->userModel = User::getByUsername('nobody');
91 
92  $this->runControllerWithNoExceptionsAndGetContent('contacts/default/list');
93 
94  $this->setGetArray(array(
95  'Contact_page' => '1',
96  'export' => '',
97  'ajax' => '',
98  'selectAll' => '',
99  'selectedIds' => '')
100  );
101  $response = $this->runControllerWithRedirectExceptionAndGetUrl('contacts/default/export');
102  $this->assertTrue(strstr($response, 'contacts/default/index') !== false);
103 
104  $this->setGetArray(array(
105  'ContactsSearchForm' => array(
106  'anyMixedAttributesScope' => array(0 => 'All'),
107  'anyMixedAttributes' => '',
108  'fullName' => 'superContact',
109  'officePhone' => ''
110  ),
111  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
112  'Contact_page' => '1',
113  'export' => '',
114  'ajax' => '',
115  'selectAll' => '1',
116  'selectedIds' => '')
117  );
118  $response = $this->runControllerWithRedirectExceptionAndGetUrl('contacts/default/export');
119  $this->assertTrue(strstr($response, 'contacts/default/index') !== false);
120 
121  $this->setGetArray(array(
122  'ContactsSearchForm' => array(
123  'anyMixedAttributesScope' => array(0 => 'All'),
124  'anyMixedAttributes' => '',
125  'fullName' => 'superContact',
126  'officePhone' => ''
127  ),
128  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
129  'Contact_page' => '1',
130  'export' => '',
131  'ajax' => '',
132  'selectAll' => '',
133  'selectedIds' => "{$contacts[0]->id}, {$contacts[1]->id}")
134  );
135  $response = $this->runControllerWithRedirectExceptionAndGetUrl('contacts/default/export');
136  $this->assertTrue(strstr($response, 'contacts/default/index') !== false);
137  $this->assertContains('There is no data to export.',
138  Yii::app()->user->getFlash('notification'));
139 
140  //give nobody access to read and write
141  Yii::app()->user->userModel = $super;
142  foreach ($contacts as $contact)
143  {
144  $contact->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
146  $this->assertTrue($contact->save());
147  }
148  //Now the nobody user should be able to access the edit view and still the details view.
149  Yii::app()->user->userModel = $nobody;
150 
151  $this->setGetArray(array(
152  'ContactsSearchForm' => array(
153  'anyMixedAttributesScope' => array(0 => 'All'),
154  'anyMixedAttributes' => '',
155  'fullName' => 'superContact',
156  'officePhone' => ''
157  ),
158  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
159  'Contact_page' => '1',
160  'export' => '',
161  'ajax' => '',
162  'selectAll' => '1',
163  'selectedIds' => '')
164  );
165  $response = $this->runControllerWithExitExceptionAndGetContent('contacts/default/export');
166  $this->assertEquals('Testing download.', $response);
167 
168  $this->setGetArray(array(
169  'ContactsSearchForm' => array(
170  'anyMixedAttributesScope' => array(0 => 'All'),
171  'anyMixedAttributes' => '',
172  'fullName' => 'superContact',
173  'officePhone' => ''
174  ),
175  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
176  'Contact_page' => '1',
177  'export' => '',
178  'ajax' => '',
179  'selectAll' => '',
180  'selectedIds' => "{$contacts[0]->id}, {$contacts[1]->id}")
181  );
182  $response = $this->runControllerWithExitExceptionAndGetContent('contacts/default/export');
183  $this->assertEquals('Testing download.', $response);
184 
185  // No mathces
186  $this->setGetArray(array(
187  'ContactsSearchForm' => array(
188  'anyMixedAttributesScope' => array(0 => 'All'),
189  'anyMixedAttributes' => '',
190  'fullName' => 'missingName',
191  'officePhone' => ''
192  ),
193  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
194  'Contact_page' => '1',
195  'export' => '',
196  'ajax' => '',
197  'selectAll' => '1',
198  'selectedIds' => '')
199  );
200  $response = $this->runControllerWithRedirectExceptionAndGetUrl('contacts/default/export');
201  $this->assertTrue(strstr($response, 'contacts/default/index') !== false);
202  }
203  }
204 ?>
static securableItemGivenPermissionsForUser(SecurableItem $securableItem, User $user)
static rebuild($overwriteExistingTables=true, $forcePhp=false, $messageStreamer=null)
static getByUsername($username)
Definition: User.php:49
logoutCurrentUserLoginNewUserAndGetByUsername($username)
runControllerWithNoExceptionsAndGetContent($route, $empty=false)
Generated on Thu Jul 9 2020 07:10:31
Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.