Zurmo: /home/apizurmo/zurmo/app/protected/modules/tasks/tests/unit/walkthrough/TasksRegularUserWalkthroughTest.php Source File

00001 <?php
00002     /*********************************************************************************
00003      * Zurmo is a customer relationship management program developed by
00004      * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
00005      *
00006      * Zurmo is free software; you can redistribute it and/or modify it under
00007      * the terms of the GNU Affero General Public License version 3 as published by the
00008      * Free Software Foundation with the addition of the following permission added
00009      * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
00010      * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
00011      * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
00012      *
00013      * Zurmo is distributed in the hope that it will be useful, but WITHOUT
00014      * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
00015      * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
00016      * details.
00017      *
00018      * You should have received a copy of the GNU Affero General Public License along with
00019      * this program; if not, see http://www.gnu.org/licenses or write to the Free
00020      * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
00021      * 02110-1301 USA.
00022      *
00023      * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
00024      * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
00025      *
00026      * The interactive user interfaces in original and modified versions
00027      * of this program must display Appropriate Legal Notices, as required under
00028      * Section 5 of the GNU Affero General Public License version 3.
00029      *
00030      * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
00031      * these Appropriate Legal Notices must retain the display of the Zurmo
00032      * logo and Zurmo copyright notice. If the display of the logo is not reasonably
00033      * feasible for technical reasons, the Appropriate Legal Notices must display the words
00034      * "Copyright Zurmo Inc. 2017. All rights reserved".
00035      ********************************************************************************/
00036 
00040     class TasksRegularUserWalkthroughTest extends ZurmoRegularUserWalkthroughBaseTest
00041     {
00042         public static function setUpBeforeClass()
00043         {
00044             parent::setUpBeforeClass();
00045             $super = Yii::app()->user->userModel;
00046 
00047             //Setup test data owned by the super user.
00048             $account = AccountTestHelper::createAccountByNameForOwner('superAccount', $super);
00049             AccountTestHelper::createAccountByNameForOwner('superAccount2', $super);
00050             ContactTestHelper::createContactWithAccountByNameForOwner('superContact', $super, $account);
00051         }
00052 
00053         public function testRegularUserAllControllerActions()
00054         {
00055             //Now test all portlet controller actions
00056 
00057             //Now test peon with elevated rights to tabs /other available rights
00058             //such as convert lead
00059 
00060             //Now test peon with elevated permissions to models.
00061         }
00062 
00063         public function testRegularUserAllControllerActionsNoElevation()
00064         {
00065             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00066             $superAccountId = self::getModelIdByModelNameAndName ('Account', 'superAccount');
00067             Yii::app()->user->userModel = User::getByUsername('nobody');
00068 
00069             //Now test all portlet controller actions
00070             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/createFromRelation');
00071             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00072             $this->setGetArray(array('id' => $superAccountId));
00073             $this->resetPostArray();
00074             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00075 
00076             //actionDelete should fail.
00077             $this->setGetArray(array('id' => $superAccountId));
00078             $this->resetPostArray();
00079             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/delete');
00080         }
00081 
00085         public function testRegularUserControllerActionsWithElevationToAccessAndCreate()
00086         {
00087             $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
00088 
00089             //Now test peon with elevated rights to accounts
00090             $nobody->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
00091             $nobody->setRight('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS);
00092             $this->assertTrue($nobody->save());
00093 
00094             //create the account as nobody user as the owner
00095             $account = AccountTestHelper::createAccountByNameForOwner('accountOwnedByNobody', $nobody);
00096 
00097             //Now test peon with elevated rights to tasks
00098             $nobody->setRight('TasksModule', TasksModule::RIGHT_ACCESS_TASKS);
00099             $nobody->setRight('TasksModule', TasksModule::RIGHT_CREATE_TASKS);
00100             $nobody->setRight('TasksModule', TasksModule::RIGHT_DELETE_TASKS);
00101             $this->assertTrue($nobody->save());
00102 
00103             //Test nobody with elevated rights.
00104             Yii::app()->user->userModel = User::getByUsername('nobody');
00105             $task = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('taskCreatedByNobody', $nobody, $account);
00106 
00107             //Test whether the nobody user is able to view the task details that he created
00108             $this->setGetArray(array('id' => $task->id));
00109             $this->resetPostArray();
00110             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00111 
00112             //add related task for account using createFromRelation action
00113             $activityItemPostData = array('Account' => array('id' => $account->id));
00114             $this->setGetArray(array('relationAttributeName' => 'Account', 'relationModelId' => $account->id,
00115                                      'relationModuleId'      => 'accounts', 'redirectUrl' => 'someRedirect'));
00116             $this->setPostArray(array('ActivityItemForm' => $activityItemPostData, 'Task' => array('name' => 'myTask')));
00117             $this->runControllerWithRedirectExceptionAndGetContent('tasks/default/createFromRelation');
00118 
00119             //Test nobody can delete an existing task he craeted and it redirects to index.
00120             $this->setGetArray(array('id' => $task->id));
00121             $this->resetPostArray();
00122             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/delete', true);
00123         }
00124 
00128         public function testRegularUserControllerActionsWithElevationToModels()
00129         {
00130             //Create superAccount owned by user super.
00131             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00132             $superAccount = AccountTestHelper::createAccountByNameForOwner('AccountsForElevationToModelTest', $super);
00133 
00134             //Test nobody, access to edit and details of superAccount should fail.
00135             $nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
00136             $this->setGetArray(array('id' => $superAccount->id));
00137             $this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
00138 
00139             //give nobody access to read
00140             Yii::app()->user->userModel = $super;
00141             $superAccount->addPermissions($nobody, Permission::READ);
00142             $this->assertTrue($superAccount->save());
00143             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($superAccount, $nobody);
00144 
00145             //Now the nobody user can access the details view.
00146             Yii::app()->user->userModel = $nobody;
00147             $this->setGetArray(array('id' => $superAccount->id));
00148             $this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
00149 
00150             //create task for an superAccount using the super user
00151             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00152             $task = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('taskCreatedByNobody', $super, $superAccount);
00153 
00154             //Test nobody, access to edit and details of task should fail.
00155             Yii::app()->user->userModel = $nobody;
00156             $this->setGetArray(array('id' => $task->id));
00157             $this->resetPostArray();
00158             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00159             $this->setGetArray(array('id' => $task->id));
00160             $this->resetPostArray();
00161 
00162             //give nobody access to details view only
00163             Yii::app()->user->userModel = $super;
00164             $task->addPermissions($nobody, Permission::READ);
00165             $this->assertTrue($task->save());
00166             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($task, $nobody);
00167 
00168             //Now access to tasks view by Nobody should not fail.
00169             Yii::app()->user->userModel = $nobody;
00170             $this->setGetArray(array('id' => $task->id));
00171             $this->resetPostArray();
00172             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00173 
00174             //Now access to tasks edit by Nobody should fail
00175             $this->setGetArray(array('id' => $task->id));
00176             $this->resetPostArray();
00177             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00178 
00179             //give nobody access to both details and edit view
00180             Yii::app()->user->userModel = $super;
00181             $task->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00182             $this->assertTrue($task->save());
00183             AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($task, $nobody);
00184             AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($task, $nobody);
00185 
00186             //Now access to tasks view and edit by Nobody should not fail.
00187             $this->setGetArray(array('id' => $task->id));
00188             $this->resetPostArray();
00189             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00190             $this->setGetArray(array('id' => $task->id));
00191             $this->resetPostArray();
00192             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalEdit');
00193 
00194             //revoke the permission from the nobody user to access the task
00195             Yii::app()->user->userModel = $super;
00196             $task->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00197             $this->assertTrue($task->save());
00198             AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($task, $nobody);
00199 
00200             //Now nobodys, access to edit and details of tasks should fail.
00201             Yii::app()->user->userModel = $nobody;
00202             $this->setGetArray(array('id' => $task->id));
00203             $this->resetPostArray();
00204             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00205             $this->setGetArray(array('id' => $task->id));
00206             $this->resetPostArray();
00207             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00208 
00209             //create some roles
00210             Yii::app()->user->userModel = $super;
00211             $parentRole = new Role();
00212             $parentRole->name = 'AAA';
00213             $this->assertTrue($parentRole->save());
00214 
00215             $childRole = new Role();
00216             $childRole->name = 'BBB';
00217             $this->assertTrue($childRole->save());
00218 
00219             $userInParentRole = User::getByUsername('confused');
00220             $userInChildRole = User::getByUsername('nobody');
00221 
00222             $childRole->users->add($userInChildRole);
00223             $this->assertTrue($childRole->save());
00224             $parentRole->users->add($userInParentRole);
00225             $parentRole->roles->add($childRole);
00226             $this->assertTrue($parentRole->save());
00227             $userInChildRole->forget();
00228             $userInChildRole = User::getByUsername('nobody');
00229             $userInParentRole->forget();
00230             $userInParentRole = User::getByUsername('confused');
00231             $parentRoleId = $parentRole->id;
00232             $parentRole->forget();
00233             $parentRole = Role::getById($parentRoleId);
00234             $childRoleId = $childRole->id;
00235             $childRole->forget();
00236             $childRole = Role::getById($childRoleId);
00237 
00238             //create account owned by super
00239             $account2 = AccountTestHelper::createAccountByNameForOwner('AccountsParentRolePermission', $super);
00240 
00241             //Test userInParentRole, access to details and edit should fail.
00242             Yii::app()->user->userModel = $userInParentRole;
00243             $this->setGetArray(array('id' => $account2->id));
00244             $this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
00245 
00246             //give userInChildRole access to READ
00247             Yii::app()->user->userModel = $super;
00248             $account2->addPermissions($userInChildRole, Permission::READ);
00249             $this->assertTrue($account2->save());
00250             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($account2, $userInChildRole);
00251 
00252             //Test userInChildRole, access to details should not fail.
00253             Yii::app()->user->userModel = $userInChildRole;
00254             $this->setGetArray(array('id' => $account2->id));
00255             $this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
00256 
00257             //Test userInParentRole, access to details should not fail.
00258             Yii::app()->user->userModel = $userInParentRole;
00259             $this->setGetArray(array('id' => $account2->id));
00260             $this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
00261 
00262             //create a task owned by super
00263             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00264             $task2 = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('taskCreatedBySuperForRole', $super, $account2);
00265 
00266             //Test userInParentRole, access to tasks details and edit should fail.
00267             Yii::app()->user->userModel = $userInParentRole;
00268             $this->setGetArray(array('id' => $task2->id));
00269             $this->resetPostArray();
00270             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00271             $this->setGetArray(array('id' => $task2->id));
00272             $this->resetPostArray();
00273             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00274 
00275             //give userInChildRole access to READ permision for tasks
00276             Yii::app()->user->userModel = $super;
00277             $task2->addPermissions($userInChildRole, Permission::READ);
00278             $this->assertTrue($task2->save());
00279             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($task2, $userInChildRole);
00280 
00281             //Test userInChildRole, access to tasks details should not fail.
00282             Yii::app()->user->userModel = $userInChildRole;
00283             $this->setGetArray(array('id' => $task2->id));
00284             $this->resetPostArray();
00285             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00286 
00287             //Test userInParentRole, access to tasks details should not fail.
00288             Yii::app()->user->userModel = $userInParentRole;
00289             $this->setGetArray(array('id' => $task2->id));
00290             $this->resetPostArray();
00291             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00292 
00293             //give userInChildRole access to read and write for the tasks
00294             Yii::app()->user->userModel = $super;
00295             $task2->addPermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00296             $this->assertTrue($task2->save());
00297             AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($task2, $userInChildRole);
00298             AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($task2, $userInChildRole);
00299 
00300             //Test userInChildRole, access to tasks edit should not fail.
00301             Yii::app()->user->userModel = $userInChildRole;
00302             $this->setGetArray(array('id' => $task2->id));
00303             $this->resetPostArray();
00304             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalEdit');
00305 
00306             //Test userInParentRole, access to tasks edit should not fail.
00307             Yii::app()->user->userModel = $userInParentRole;
00308             $this->setGetArray(array('id' => $task2->id));
00309             $this->resetPostArray();
00310             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalEdit');
00311 
00312             //revoke userInChildRole access to read and write tasks
00313             Yii::app()->user->userModel = $super;
00314             $task2->removePermissions($userInChildRole, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00315             $this->assertTrue($task2->save());
00316             AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($task2, $userInChildRole);
00317 
00318             //Test userInChildRole, access to detail and edit should fail.
00319             Yii::app()->user->userModel = $userInChildRole;
00320             $this->setGetArray(array('id' => $task2->id));
00321             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00322             $this->setGetArray(array('id' => $task2->id));
00323             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00324 
00325             //Test userInParentRole, access to detail and edit should fail.
00326             Yii::app()->user->userModel = $userInParentRole;
00327             $this->setGetArray(array('id' => $task2->id));
00328             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00329             $this->setGetArray(array('id' => $task2->id));
00330             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00331 
00332             //clear up the role relationships between users so not to effect next assertions
00333             $parentRole->users->remove($userInParentRole);
00334             $parentRole->roles->remove($childRole);
00335             $this->assertTrue($parentRole->save());
00336             $childRole->users->remove($userInChildRole);
00337             $this->assertTrue($childRole->save());
00338 
00339             //create some groups and assign users to groups
00340             Yii::app()->user->userModel = $super;
00341             $parentGroup = new Group();
00342             $parentGroup->name = 'AAA';
00343             $this->assertTrue($parentGroup->save());
00344 
00345             $childGroup = new Group();
00346             $childGroup->name = 'BBB';
00347             $this->assertTrue($childGroup->save());
00348 
00349             $userInChildGroup = User::getByUsername('confused');
00350             $userInParentGroup = User::getByUsername('nobody');
00351 
00352             $childGroup->users->add($userInChildGroup);
00353             $this->assertTrue($childGroup->save());
00354             $parentGroup->users->add($userInParentGroup);
00355             $parentGroup->groups->add($childGroup);
00356             $this->assertTrue($parentGroup->save());
00357             $parentGroup->forget();
00358             $childGroup->forget();
00359             $parentGroup = Group::getByName('AAA');
00360             $childGroup = Group::getByName('BBB');
00361 
00362             //Add access for the confused user to accounts and creation of accounts.
00363             $userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
00364             $userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS);
00365             $this->assertTrue($userInChildGroup->save());
00366 
00367             //create account owned by super
00368             $account3 = AccountTestHelper::createAccountByNameForOwner('testingAccountsParentGroupPermission', $super);
00369 
00370             //Test userInParentGroup, access to details should fail.
00371             Yii::app()->user->userModel = $userInParentGroup;
00372             $this->setGetArray(array('id' => $account3->id));
00373             $this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
00374 
00375             //Test userInChildGroup, access to details should fail.
00376             Yii::app()->user->userModel = $userInChildGroup;
00377             $this->setGetArray(array('id' => $account3->id));
00378             $this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
00379 
00380             //give parentGroup access to READ
00381             Yii::app()->user->userModel = $super;
00382             $account3->addPermissions($parentGroup, Permission::READ);
00383             $this->assertTrue($account3->save());
00384             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($account3, $parentGroup);
00385 
00386             //Test userInParentGroup, access to details should not fail.
00387             Yii::app()->user->userModel = $userInParentGroup;
00388             $this->setGetArray(array('id' => $account3->id));
00389             $this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
00390 
00391             //Test userInChildGroup, access to details should not fail.
00392             Yii::app()->user->userModel = $userInChildGroup;
00393             $this->setGetArray(array('id' => $account3->id));
00394             $this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
00395 
00396             //create a task owned by super
00397             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00398             $task3 = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('taskCreatedBySuperForGroup', $super, $account3);
00399 
00400             //Add access for the confused user to accounts and creation of accounts.
00401             $userInChildGroup->setRight('TasksModule', TasksModule::RIGHT_ACCESS_TASKS);
00402             $userInChildGroup->setRight('TasksModule', TasksModule::RIGHT_CREATE_TASKS);
00403             $this->assertTrue($userInChildGroup->save());
00404 
00405             //Test userInParentGroup, access to tasks details and edit should fail.
00406             Yii::app()->user->userModel = $userInParentGroup;
00407             $this->setGetArray(array('id' => $task3->id));
00408             $this->resetPostArray();
00409             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00410             $this->setGetArray(array('id' => $task3->id));
00411             $this->resetPostArray();
00412             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00413 
00414             //Test userInChildGroup, access to tasks details and edit should fail.
00415             Yii::app()->user->userModel = $userInChildGroup;
00416             $this->setGetArray(array('id' => $task3->id));
00417             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00418             $this->setGetArray(array('id' => $task3->id));
00419             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00420 
00421             //give parentGroup access to READ
00422             Yii::app()->user->userModel = $super;
00423             $task3->addPermissions($parentGroup, Permission::READ);
00424             $this->assertTrue($task3->save());
00425             AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForGroup($task3, $parentGroup);
00426 
00427             //Test userInParentGroup, access to tasks details should not fail.
00428             Yii::app()->user->userModel = $userInParentGroup;
00429             $this->setGetArray(array('id' => $task3->id));
00430             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00431 
00432             //Test userInChildGroup, access to tasks details should not fail.
00433             Yii::app()->user->userModel = $userInChildGroup;
00434             $this->setGetArray(array('id' => $task3->id));
00435             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalDetails');
00436 
00437             //give parentGroup access to read and write
00438             Yii::app()->user->userModel = $super;
00439             $task3->addPermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00440             $this->assertTrue($task3->save());
00441             AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForGroup($task3, $parentGroup);
00442             AllPermissionsOptimizationUtil::securableItemGivenPermissionsForGroup($task3, $parentGroup);
00443 
00444             //Test userInParentGroup, access to edit tasks should not fail.
00445             Yii::app()->user->userModel = $userInParentGroup;
00446             $this->setGetArray(array('id' => $task3->id));
00447             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalEdit');
00448 
00449             //Test userInChildGroup, access to edit tasks should not fail.
00450             Yii::app()->user->userModel = $userInChildGroup;
00451             $this->logoutCurrentUserLoginNewUserAndGetByUsername($userInChildGroup->username);
00452             $this->setGetArray(array('id' => $task3->id));
00453             $this->runControllerWithNoExceptionsAndGetContent('tasks/default/modalEdit');
00454 
00455             //revoke parentGroup access to tasks read and write
00456             Yii::app()->user->userModel = $super;
00457             $task3->removePermissions($parentGroup, Permission::READ_WRITE_CHANGE_PERMISSIONS);
00458             $this->assertTrue($task3->save());
00459             AllPermissionsOptimizationUtil::securableItemLostPermissionsForGroup($task3, $parentGroup);
00460 
00461             //Test userInChildGroup, access to tasks detail should fail.
00462             Yii::app()->user->userModel = $userInChildGroup;
00463             $this->setGetArray(array('id' => $task3->id));
00464             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00465             $this->setGetArray(array('id' => $task3->id));
00466             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00467 
00468             //Test userInParentGroup, access to tasks detail should fail.
00469             Yii::app()->user->userModel = $userInParentGroup;
00470             $this->setGetArray(array('id' => $task3->id));
00471             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalDetails');
00472             $this->setGetArray(array('id' => $task3->id));
00473             $this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/modalEdit');
00474 
00475             //clear up the role relationships between users so not to effect next assertions
00476             $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
00477             $userInParentGroup->forget();
00478             $userInChildGroup->forget();
00479             $childGroup->forget();
00480             $parentGroup->forget();
00481             $userInParentGroup          = User::getByUsername('nobody');
00482             $userInChildGroup           = User::getByUsername('confused');
00483             $childGroup                 = Group::getByName('BBB');
00484             $parentGroup                = Group::getByName('AAA');
00485 
00486             $parentGroup->users->remove($userInParentGroup);
00487             $parentGroup->groups->remove($childGroup);
00488             $this->assertTrue($parentGroup->save());
00489             $childGroup->users->remove($userInChildGroup);
00490             $this->assertTrue($childGroup->save());
00491         }
00492     }
00493 ?>