PageRenderTime 53ms CodeModel.GetById 12ms RepoModel.GetById 0ms app.codeStats 0ms

/app/protected/modules/reports/tests/unit/ModelRelationsAndAttributesToReportAdapterSecurityTest.php

https://bitbucket.org/zurmo/zurmo/
PHP | 136 lines | 96 code | 3 blank | 37 comment | 1 complexity | 8c84387bf15ad24a7f6297e908f39639 MD5 | raw file
Possible License(s): AGPL-3.0, BSD-3-Clause, GPL-2.0, LGPL-3.0, LGPL-2.1, BSD-2-Clause
  1. <?php
  2. /*********************************************************************************
  3. * Zurmo is a customer relationship management program developed by
  4. * Zurmo, Inc. Copyright (C) 2015 Zurmo Inc.
  5. *
  6. * Zurmo is free software; you can redistribute it and/or modify it under
  7. * the terms of the GNU Affero General Public License version 3 as published by the
  8. * Free Software Foundation with the addition of the following permission added
  9. * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
  10. * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
  11. * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
  12. *
  13. * Zurmo is distributed in the hope that it will be useful, but WITHOUT
  14. * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  15. * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
  16. * details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public License along with
  19. * this program; if not, see http://www.gnu.org/licenses or write to the Free
  20. * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  21. * 02110-1301 USA.
  22. *
  23. * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
  24. * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
  25. *
  26. * The interactive user interfaces in original and modified versions
  27. * of this program must display Appropriate Legal Notices, as required under
  28. * Section 5 of the GNU Affero General Public License version 3.
  29. *
  30. * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
  31. * these Appropriate Legal Notices must retain the display of the Zurmo
  32. * logo and Zurmo copyright notice. If the display of the logo is not reasonably
  33. * feasible for technical reasons, the Appropriate Legal Notices must display the words
  34. * "Copyright Zurmo Inc. 2015. All rights reserved".
  35. ********************************************************************************/
  36. class ModelRelationsAndAttributesToReportAdapterSecurityTest extends ZurmoBaseTest
  37. {
  38. public static function setUpBeforeClass()
  39. {
  40. parent::setUpBeforeClass();
  41. SecurityTestHelper::createSuperAdmin();
  42. $sally = UserTestHelper::createBasicUser('sally');
  43. $sally->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
  44. $sally->setRight('OpportunitiesModule', OpportunitiesModule::RIGHT_ACCESS_OPPORTUNITIES);
  45. $sally->setRight('MeetingsModule', MeetingsModule::RIGHT_ACCESS_MEETINGS);
  46. if (!$sally->save())
  47. {
  48. throw new FailedToSaveModelException();
  49. }
  50. }
  51. public function testGetAllReportableRelationsAsASuperUser()
  52. {
  53. Yii::app()->user->userModel = User::getByUsername('super');
  54. $model = new Account();
  55. $rules = new AccountsReportRules();
  56. $report = new Report();
  57. $report->setType(Report::TYPE_ROWS_AND_COLUMNS);
  58. $report->setModuleClassName('AccountsModule');
  59. $adapter = new ModelRelationsAndAttributesToReportAdapter($model, $rules, $report->getType());
  60. $relations = $adapter->getSelectableRelationsData();
  61. $relations = $adapter->getSelectableRelationsDataResolvedForUserAccess(Yii::app()->user->userModel, $relations);
  62. $this->assertEquals(17, count($relations));
  63. $compareData = array('label' => 'Billing Address');
  64. $this->assertEquals($compareData, $relations['billingAddress']);
  65. $compareData = array('label' => 'Contact Affiliations');
  66. $this->assertEquals($compareData, $relations['contactAffiliations']);
  67. $compareData = array('label' => 'Contacts');
  68. $this->assertEquals($compareData, $relations['contacts']);
  69. $compareData = array('label' => 'Created By User');
  70. $this->assertEquals($compareData, $relations['createdByUser']);
  71. $compareData = array('label' => 'Customer Affiliations');
  72. $this->assertEquals($compareData, $relations['secondaryAccountAffiliations']);
  73. $compareData = array('label' => 'Meetings');
  74. $this->assertEquals($compareData, $relations['meetings']);
  75. $compareData = array('label' => 'Modified By User');
  76. $this->assertEquals($compareData, $relations['modifiedByUser']);
  77. $compareData = array('label' => 'Notes');
  78. $this->assertEquals($compareData, $relations['notes']);
  79. $compareData = array('label' => 'Opportunities');
  80. $this->assertEquals($compareData, $relations['opportunities']);
  81. $compareData = array('label' => 'Products');
  82. $this->assertEquals($compareData, $relations['products']);
  83. $compareData = array('label' => 'Projects');
  84. $this->assertEquals($compareData, $relations['projects']);
  85. $compareData = array('label' => 'Owner');
  86. $this->assertEquals($compareData, $relations['owner']);
  87. $compareData = array('label' => 'Partner Affiliations');
  88. $this->assertEquals($compareData, $relations['primaryAccountAffiliations']);
  89. $compareData = array('label' => 'Primary Email');
  90. $this->assertEquals($compareData, $relations['primaryEmail']);
  91. $compareData = array('label' => 'Shipping Address');
  92. $this->assertEquals($compareData, $relations['shippingAddress']);
  93. $compareData = array('label' => 'Secondary Email');
  94. $this->assertEquals($compareData, $relations['secondaryEmail']);
  95. $compareData = array('label' => 'Tasks');
  96. $this->assertEquals($compareData, $relations['tasks']);
  97. }
  98. /**
  99. * Sally cannot access notes, tasks, or contacts. User is always accessible regardless of right to access
  100. */
  101. public function testGetAllReportableRelationsAsANonElevatedUser()
  102. {
  103. Yii::app()->user->userModel = User::getByUsername('sally');
  104. $model = new Account();
  105. $rules = new AccountsReportRules();
  106. $report = new Report();
  107. $report->setType(Report::TYPE_ROWS_AND_COLUMNS);
  108. $report->setModuleClassName('AccountsModule');
  109. $adapter = new ModelRelationsAndAttributesToReportAdapter($model, $rules, $report->getType());
  110. $relations = $adapter->getSelectableRelationsData();
  111. $relations = $adapter->getSelectableRelationsDataResolvedForUserAccess(Yii::app()->user->userModel, $relations);
  112. $this->assertEquals(9, count($relations));
  113. $compareData = array('label' => 'Billing Address');
  114. $this->assertEquals($compareData, $relations['billingAddress']);
  115. $compareData = array('label' => 'Created By User');
  116. $this->assertEquals($compareData, $relations['createdByUser']);
  117. $compareData = array('label' => 'Meetings');
  118. $this->assertEquals($compareData, $relations['meetings']);
  119. $compareData = array('label' => 'Modified By User');
  120. $this->assertEquals($compareData, $relations['modifiedByUser']);
  121. $compareData = array('label' => 'Opportunities');
  122. $this->assertEquals($compareData, $relations['opportunities']);
  123. $compareData = array('label' => 'Owner');
  124. $this->assertEquals($compareData, $relations['owner']);
  125. $compareData = array('label' => 'Primary Email');
  126. $this->assertEquals($compareData, $relations['primaryEmail']);
  127. $compareData = array('label' => 'Shipping Address');
  128. $this->assertEquals($compareData, $relations['shippingAddress']);
  129. $compareData = array('label' => 'Secondary Email');
  130. $this->assertEquals($compareData, $relations['secondaryEmail']);
  131. }
  132. }
  133. ?>