All Data Structures Functions Variables Pages
RightsFormUtilTest.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
38  {
39  public static function setUpBeforeClass()
40  {
41  parent::setUpBeforeClass();
42  ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures();
43  SecurityTestHelper::createSuperAdmin();
44  SecurityTestHelper::createUsers();
45  SecurityTestHelper::createGroups();
46  SecurityTestHelper::createRoles();
47  }
48 
49  public function setUp()
50  {
51  parent::setUp();
52  Yii::app()->user->userModel = User::getByUsername('super');
53  }
54 
55  public function testModuleRightsUtilGetAllModuleRightsData()
56  {
57  $group = new Group();
58  $group->name = 'viewGroup';
59  $group->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE);
60  $saved = $group->save();
61  $this->assertTrue($saved);
63  $compareData = array(
64  'UsersModule' => array(
65  'RIGHT_MANAGE_USERS' => array(
66  'displayName' => UsersModule::RIGHT_MANAGE_USERS,
67  'explicit' => null,
68  'inherited' => null,
69  'effective' => Right::DENY,
70  ),
71  'RIGHT_LOGIN_VIA_WEB' => array(
72  'displayName' => 'Sign in Via Web',
73  'explicit' => null,
74  'inherited' => null,
75  'effective' => Right::DENY,
76  ),
77  'RIGHT_LOGIN_VIA_MOBILE' => array(
78  'displayName' => 'Sign in Via Mobile',
79  'explicit' => Right::ALLOW,
80  'inherited' => null,
81  'effective' => Right::ALLOW,
82  ),
83  'RIGHT_LOGIN_VIA_WEB_API' => array(
84  'displayName' => 'Sign in Via Web API',
85  'explicit' => null,
86  'inherited' => null,
87  'effective' => Right::DENY,
88  ),
89  'RIGHT_CREATE_USERS' => array(
90  'displayName' => UsersModule::RIGHT_CREATE_USERS,
91  'explicit' => null,
92  'inherited' => null,
93  'effective' => Right::DENY,
94  ),
95  'RIGHT_ACCESS_USERS' => array(
96  'displayName' => UsersModule::RIGHT_ACCESS_USERS,
97  'explicit' => null,
98  'inherited' => null,
99  'effective' => Right::DENY,
100  ),
101  ),
102  );
103  $this->assertEquals($compareData['UsersModule'], $data['UsersModule']);
104  $group->forget();
105  }
106 
110  public function testRightsFormUtil()
111  {
112  $group = Group::getByName('viewGroup');
113  $group1 = Group::getByName(Group::EVERYONE_GROUP_NAME);
114  $group1->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
115  $saved = $group1->save();
116  $this->assertTrue($saved);
118  $this->assertTrue(is_array($data));
120  $compareData = array(
121  'UsersModule' => array(
122  'RIGHT_MANAGE_USERS' => array(
123  'displayName' => UsersModule::RIGHT_MANAGE_USERS,
124  'explicit' => null,
125  'inherited' => null,
126  'effective' => Right::DENY,
127  ),
128  'RIGHT_LOGIN_VIA_WEB' => array(
129  'displayName' => 'Sign in Via Web',
130  'explicit' => null,
131  'inherited' => null,
132  'effective' => Right::DENY,
133  ),
134  'RIGHT_LOGIN_VIA_MOBILE' => array(
135  'displayName' => 'Sign in Via Mobile',
136  'explicit' => Right::ALLOW,
137  'inherited' => null,
138  'effective' => Right::ALLOW,
139  ),
140  'RIGHT_LOGIN_VIA_WEB_API' => array(
141  'displayName' => 'Sign in Via Web API',
142  'explicit' => null,
143  'inherited' => Right::ALLOW,
144  'effective' => Right::ALLOW,
145  ),
146  'RIGHT_CREATE_USERS' => array(
147  'displayName' => UsersModule::RIGHT_CREATE_USERS,
148  'explicit' => null,
149  'inherited' => null,
150  'effective' => Right::DENY,
151  ),
152  'RIGHT_ACCESS_USERS' => array(
153  'displayName' => UsersModule::RIGHT_ACCESS_USERS,
154  'explicit' => null,
155  'inherited' => null,
156  'effective' => Right::DENY,
157  ),
158  ),
159  );
160  $this->assertEquals($compareData['UsersModule'], $form->data['UsersModule']);
161  $group->forget();
162  $group1->forget();
163  }
164 
169  {
170  $group = Group::getByName('viewGroup');
173  $compareData = array(
174  'UsersModule' => array(
175  'RIGHT_MANAGE_USERS' => array(
176  'displayName' => UsersModule::RIGHT_MANAGE_USERS,
177  'explicit' => null,
178  'inherited' => null,
179  'effective' => Right::DENY,
180  ),
181  'RIGHT_LOGIN_VIA_WEB' => array(
182  'displayName' => 'Sign in Via Web',
183  'explicit' => null,
184  'inherited' => null,
185  'effective' => Right::DENY,
186  ),
187  'RIGHT_LOGIN_VIA_MOBILE' => array(
188  'displayName' => 'Sign in Via Mobile',
189  'explicit' => Right::ALLOW,
190  'inherited' => null,
191  'effective' => Right::ALLOW,
192  ),
193  'RIGHT_LOGIN_VIA_WEB_API' => array(
194  'displayName' => 'Sign in Via Web API',
195  'explicit' => null,
196  'inherited' => Right::ALLOW,
197  'effective' => Right::ALLOW,
198  ),
199  'RIGHT_CREATE_USERS' => array(
200  'displayName' => UsersModule::RIGHT_CREATE_USERS,
201  'explicit' => null,
202  'inherited' => null,
203  'effective' => Right::DENY,
204  ),
205  'RIGHT_ACCESS_USERS' => array(
206  'displayName' => UsersModule::RIGHT_ACCESS_USERS,
207  'explicit' => null,
208  'inherited' => null,
209  'effective' => Right::DENY,
210  ),
211  ),
212  );
213  $this->assertEquals($compareData['UsersModule'], $form->data['UsersModule']);
214  $fakePost = array(
215  'UsersModule__RIGHT_LOGIN_VIA_WEB_API' => strval(Right::ALLOW),
216  'UsersModule__RIGHT_LOGIN_VIA_MOBILE' => '',
217  'UsersModule__RIGHT_LOGIN_VIA_WEB' => strval(Right::DENY),
218 
219  );
220  $fakePost = RightsFormUtil::typeCastPostData($fakePost);
221  $saved = RightsFormUtil::setRightsFromCastedPost($fakePost, $group);
222  $this->assertTrue($saved);
223  $group->forget();
224  $group = Group::getByName('viewGroup');
225  $compareData = array(
226  'UsersModule' => array(
227  'RIGHT_MANAGE_USERS' => array(
228  'displayName' => UsersModule::RIGHT_MANAGE_USERS,
229  'explicit' => null,
230  'inherited' => null,
231  'effective' => Right::DENY,
232  ),
233  'RIGHT_LOGIN_VIA_WEB' => array(
234  'displayName' => 'Sign in Via Web',
235  'explicit' => Right::DENY,
236  'inherited' => null,
237  'effective' => Right::DENY,
238  ),
239  'RIGHT_LOGIN_VIA_MOBILE' => array(
240  'displayName' => 'Sign in Via Mobile',
241  'explicit' => null,
242  'inherited' => null,
243  'effective' => Right::DENY,
244  ),
245  'RIGHT_LOGIN_VIA_WEB_API' => array(
246  'displayName' => 'Sign in Via Web API',
247  'explicit' => Right::ALLOW,
248  'inherited' => Right::ALLOW,
249  'effective' => Right::ALLOW,
250  ),
251  'RIGHT_CREATE_USERS' => array(
252  'displayName' => UsersModule::RIGHT_CREATE_USERS,
253  'explicit' => null,
254  'inherited' => null,
255  'effective' => Right::DENY,
256  ),
257  'RIGHT_ACCESS_USERS' => array(
258  'displayName' => UsersModule::RIGHT_ACCESS_USERS,
259  'explicit' => null,
260  'inherited' => null,
261  'effective' => Right::DENY,
262  ),
263  ),
264  );
266  $this->assertEquals($compareData['UsersModule'], $data['UsersModule']);
267  $group->forget();
268  }
269 
270  public function testGetDerivedAttributeNameFromTwoStrings()
271  {
272  $attributeName = FormModelUtil::getDerivedAttributeNameFromTwoStrings('x', 'y');
273  $this->assertEquals('x__y', $attributeName);
274  }
275 
279  public function testGiveUserAccessToModule()
280  {
281  $user = User::getByUsername('billy');
282  $this->assertFalse(RightsUtil::canUserAccessModule('AccountsModule', $user));
283  $group = Group::getByName(Group::EVERYONE_GROUP_NAME);
284  $fakePost = array(
285  'AccountsModule__RIGHT_ACCESS_ACCOUNTS' => strval(Right::ALLOW),
286  );
287  $fakePost = RightsFormUtil::typeCastPostData($fakePost);
288  $saved = RightsFormUtil::setRightsFromCastedPost($fakePost, $group);
289  $this->assertTrue($saved);
290  $this->assertTrue(RightsUtil::canUserAccessModule('AccountsModule', $user));
291  }
292  }
293 ?>
static getByUsername($username)
Definition: User.php:49
static setRightsFromCastedPost(array $validatedAndCastedPostData, $permitable)
static makeFormFromRightsData($rightsData)
static canUserAccessModule($moduleClassName, $user)
Definition: RightsUtil.php:103
Definition: Group.php:37
static getByName($name)
Definition: Group.php:57
static getAllModuleRightsDataByPermitable(Permitable $permitable)
Definition: RightsUtil.php:45
static typeCastPostData($postData)
Generated on Fri Feb 21 2020 07:10:37