Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.
 All Data Structures Functions Variables Pages
LeadsRegularUserExportWalkthroughTest.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
41  {
42  protected static $asynchronousThreshold;
43 
44  public static function setUpBeforeClass()
45  {
46  parent::setUpBeforeClass();
47  SecurityTestHelper::createSuperAdmin();
48  $super = User::getByUsername('super');
49  Yii::app()->user->userModel = $super;
50 
51  self::$asynchronousThreshold = ExportModule::$asynchronousThreshold;
52  ExportModule::$asynchronousThreshold = 3;
54  }
55 
56  public static function tearDownAfterClass()
57  {
58  ExportModule::$asynchronousThreshold = self::$asynchronousThreshold;
59  parent::tearDownAfterClass();
60  }
61 
66  {
67  $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
68  $account = AccountTestHelper::createAccountByNameForOwner('superAccount', $super);
69 
70  $leads = array();
71  for ($i = 0; $i < 2; $i++)
72  {
73  $leads[] = LeadTestHelper::createLeadWithAccountByNameForOwner('superContact' . $i, $super, $account);
74  }
75 
76  // Check if access is denied if user doesn't have access privileges at all to export actions
77  Yii::app()->user->userModel = User::getByUsername('nobody');
78  $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
79  $this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/list');
80 
81  // Check if user have access to module action, but not to export action
82  // Now test peon with elevated rights to accounts
83  $nobody->setRight('LeadsModule', LeadsModule::RIGHT_ACCESS_LEADS);
84  $nobody->setRight('LeadsModule', LeadsModule::RIGHT_CREATE_LEADS);
85  $nobody->setRight('LeadsModule', LeadsModule::RIGHT_DELETE_LEADS);
86  $nobody->setRight('ExportModule', ExportModule::RIGHT_ACCESS_EXPORT);
87  $this->assertTrue($nobody->save());
88 
89  // Check if access is denied if user doesn't have access privileges at all to export actions
90  $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
91  Yii::app()->user->userModel = User::getByUsername('nobody');
92 
93  $this->runControllerWithNoExceptionsAndGetContent('leads/default/list');
94 
95  $this->setGetArray(array(
96  'Contact_page' => '1',
97  'export' => '',
98  'ajax' => '',
99  'selectAll' => '',
100  'selectedIds' => '')
101  );
102  $response = $this->runControllerWithRedirectExceptionAndGetUrl('leads/default/export');
103  $this->assertTrue(strstr($response, 'leads/default/index') !== false);
104 
105  $this->setGetArray(array(
106  'LeadsSearchForm' => array(
107  'anyMixedAttributesScope' => array(0 => 'All'),
108  'anyMixedAttributes' => '',
109  'fullName' => 'superContact',
110  'officePhone' => ''
111  ),
112  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
113  'Contact_page' => '1',
114  'export' => '',
115  'ajax' => '',
116  'selectAll' => '1',
117  'selectedIds' => '')
118  );
119  $response = $this->runControllerWithRedirectExceptionAndGetUrl('leads/default/export');
120  $this->assertTrue(strstr($response, 'leads/default/index') !== false);
121 
122  $this->setGetArray(array(
123  'LeadsSearchForm' => array(
124  'anyMixedAttributesScope' => array(0 => 'All'),
125  'anyMixedAttributes' => '',
126  'fullName' => 'superContact',
127  'officePhone' => ''
128  ),
129  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
130  'Contact_page' => '1',
131  'export' => '',
132  'ajax' => '',
133  'selectAll' => '',
134  'selectedIds' => "{$leads[0]->id}, {$leads[1]->id}")
135  );
136  $response = $this->runControllerWithRedirectExceptionAndGetUrl('leads/default/export');
137  $this->assertTrue(strstr($response, 'leads/default/index') !== false);
138  $this->assertContains('There is no data to export.',
139  Yii::app()->user->getFlash('notification'));
140 
141  //give nobody access to read and write
142  Yii::app()->user->userModel = $super;
143  foreach ($leads as $lead)
144  {
145  $lead->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
147  $this->assertTrue($lead->save());
148  }
149  //Now the nobody user should be able to access the edit view and still the details view.
150  Yii::app()->user->userModel = $nobody;
151 
152  $this->setGetArray(array(
153  'LeadsSearchForm' => array(
154  'anyMixedAttributesScope' => array(0 => 'All'),
155  'anyMixedAttributes' => '',
156  'fullName' => 'superContact',
157  'officePhone' => ''
158  ),
159  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
160  'Contact_page' => '1',
161  'export' => '',
162  'ajax' => '',
163  'selectAll' => '1',
164  'selectedIds' => '')
165  );
166  $response = $this->runControllerWithExitExceptionAndGetContent('leads/default/export');
167  $this->assertEquals('Testing download.', $response);
168 
169  $this->setGetArray(array(
170  'LeadsSearchForm' => array(
171  'anyMixedAttributesScope' => array(0 => 'All'),
172  'anyMixedAttributes' => '',
173  'fullName' => 'superContact',
174  'officePhone' => ''
175  ),
176  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
177  'Contact_page' => '1',
178  'export' => '',
179  'ajax' => '',
180  'selectAll' => '',
181  'selectedIds' => "{$leads[0]->id}, {$leads[1]->id}")
182  );
183  $response = $this->runControllerWithExitExceptionAndGetContent('leads/default/export');
184  $this->assertEquals('Testing download.', $response);
185 
186  // No mathces
187  $this->setGetArray(array(
188  'LeadsSearchForm' => array(
189  'anyMixedAttributesScope' => array(0 => 'All'),
190  'anyMixedAttributes' => '',
191  'fullName' => 'missingName',
192  'officePhone' => ''
193  ),
194  'multiselect_ContactsSearchForm_anyMixedAttributesScope' => 'All',
195  'Contact_page' => '1',
196  'export' => '',
197  'ajax' => '',
198  'selectAll' => '1',
199  'selectedIds' => '')
200  );
201  $response = $this->runControllerWithRedirectExceptionAndGetUrl('leads/default/export');
202  $this->assertTrue(strstr($response, 'leads/default/index') !== false);
203  }
204  }
205 ?>
static securableItemGivenPermissionsForUser(SecurableItem $securableItem, User $user)
static rebuild($overwriteExistingTables=true, $forcePhp=false, $messageStreamer=null)
static getByUsername($username)
Definition: User.php:49
logoutCurrentUserLoginNewUserAndGetByUsername($username)
runControllerWithNoExceptionsAndGetContent($route, $empty=false)
Generated on Tue Dec 1 2020 07:10:30
Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.