UserToTicketChecker now checks for category managers
This commit is contained in:
Mike Koch
parent
37149ec831
commit
97a96b5947
@ -4,8 +4,15 @@ namespace BusinessLogic\Security;
|
|||||||
|
|
||||||
|
|
||||||
use BusinessLogic\Tickets\Ticket;
|
use BusinessLogic\Tickets\Ticket;
|
||||||
|
use DataAccess\Security\UserGateway;
|
||||||
|
|
||||||
class UserToTicketChecker {
|
class UserToTicketChecker {
|
||||||
|
/* @var $userGateway UserGateway */
|
||||||
|
private $userGateway;
|
||||||
|
|
||||||
|
function __construct($userGateway) {
|
||||||
|
$this->userGateway = $userGateway;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $user UserContext
|
* @param $user UserContext
|
||||||
@ -19,8 +26,13 @@ class UserToTicketChecker {
|
|||||||
(in_array($ticket->categoryId, $user->categories) &&
|
(in_array($ticket->categoryId, $user->categories) &&
|
||||||
in_array(UserPrivilege::CAN_VIEW_TICKETS, $user->permissions));
|
in_array(UserPrivilege::CAN_VIEW_TICKETS, $user->permissions));
|
||||||
|
|
||||||
return $isEditing
|
if ($isEditing) {
|
||||||
? $hasAccess && in_array(UserPrivilege::CAN_EDIT_TICKETS, $user->permissions)
|
$categoryManagerId = $this->userGateway->getManagerForCategory($ticket->categoryId, $heskSettings);
|
||||||
: $hasAccess;
|
|
||||||
|
$hasAccess = $hasAccess &&
|
||||||
|
(in_array(UserPrivilege::CAN_EDIT_TICKETS, $user->permissions) || $categoryManagerId == $user->id);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $hasAccess;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -23,6 +23,7 @@ class UserGateway extends CommonDao {
|
|||||||
) AND `active` = '1'");
|
) AND `active` = '1'");
|
||||||
|
|
||||||
if (hesk_dbNumRows($rs) === 0) {
|
if (hesk_dbNumRows($rs) === 0) {
|
||||||
|
$this->close();
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -39,10 +40,15 @@ class UserGateway extends CommonDao {
|
|||||||
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` WHERE `id` = " . intval($id));
|
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` WHERE `id` = " . intval($id));
|
||||||
|
|
||||||
if (hesk_dbNumRows($rs) === 0) {
|
if (hesk_dbNumRows($rs) === 0) {
|
||||||
|
$this->close();
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return UserContext::fromDataRow(hesk_dbFetchAssoc($rs));
|
$user = UserContext::fromDataRow(hesk_dbFetchAssoc($rs));
|
||||||
|
|
||||||
|
$this->close();
|
||||||
|
|
||||||
|
return $user;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -89,6 +95,29 @@ class UserGateway extends CommonDao {
|
|||||||
$users[] = UserContext::fromDataRow($row);
|
$users[] = UserContext::fromDataRow($row);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->close();
|
||||||
|
|
||||||
return $users;
|
return $users;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function getManagerForCategory($categoryId, $heskSettings) {
|
||||||
|
$this->init();
|
||||||
|
|
||||||
|
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "users`
|
||||||
|
WHERE `id` = (
|
||||||
|
SELECT `manager`
|
||||||
|
FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories`
|
||||||
|
WHERE `id` = " . intval($categoryId) . ")");
|
||||||
|
|
||||||
|
if (hesk_dbNumRows($rs) === 0) {
|
||||||
|
$this->close();
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = UserContext::fromDataRow(hesk_dbFetchAssoc($rs));
|
||||||
|
|
||||||
|
$this->close();
|
||||||
|
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@ -5,6 +5,7 @@ namespace BusinessLogic\Security;
|
|||||||
|
|
||||||
|
|
||||||
use BusinessLogic\Tickets\Ticket;
|
use BusinessLogic\Tickets\Ticket;
|
||||||
|
use DataAccess\Security\UserGateway;
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
|
|
||||||
class UserToTicketCheckerTest extends TestCase {
|
class UserToTicketCheckerTest extends TestCase {
|
||||||
@ -12,17 +13,22 @@ class UserToTicketCheckerTest extends TestCase {
|
|||||||
/* @var $userToTicketChecker UserToTicketChecker */
|
/* @var $userToTicketChecker UserToTicketChecker */
|
||||||
private $userToTicketChecker;
|
private $userToTicketChecker;
|
||||||
|
|
||||||
|
/* @var $userGateway \PHPUnit_Framework_MockObject_MockObject */
|
||||||
|
private $userGateway;
|
||||||
|
|
||||||
/* @var $heskSettings array */
|
/* @var $heskSettings array */
|
||||||
private $heskSettings;
|
private $heskSettings;
|
||||||
|
|
||||||
protected function setUp() {
|
protected function setUp() {
|
||||||
$this->userToTicketChecker = new UserToTicketChecker();
|
$this->userGateway = $this->createMock(UserGateway::class);
|
||||||
|
$this->userToTicketChecker = new UserToTicketChecker($this->userGateway);
|
||||||
}
|
}
|
||||||
|
|
||||||
function testItReturnsTrueWhenTheUserIsAnAdmin() {
|
function testItReturnsTrueWhenTheUserIsAnAdmin() {
|
||||||
//-- Arrange
|
//-- Arrange
|
||||||
$user = new UserContext();
|
$user = new UserContext();
|
||||||
$user->admin = true;
|
$user->admin = true;
|
||||||
|
$user->id = 99;
|
||||||
|
|
||||||
$ticket = new Ticket();
|
$ticket = new Ticket();
|
||||||
|
|
||||||
@ -39,6 +45,7 @@ class UserToTicketCheckerTest extends TestCase {
|
|||||||
$user->admin = false;
|
$user->admin = false;
|
||||||
$user->categories = array(1);
|
$user->categories = array(1);
|
||||||
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS);
|
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS);
|
||||||
|
$user->id = 99;
|
||||||
|
|
||||||
$ticket = new Ticket();
|
$ticket = new Ticket();
|
||||||
$ticket->categoryId = 1;
|
$ticket->categoryId = 1;
|
||||||
@ -56,6 +63,7 @@ class UserToTicketCheckerTest extends TestCase {
|
|||||||
$user->admin = false;
|
$user->admin = false;
|
||||||
$user->categories = array(1);
|
$user->categories = array(1);
|
||||||
$user->permissions = array();
|
$user->permissions = array();
|
||||||
|
$user->id = 99;
|
||||||
|
|
||||||
$ticket = new Ticket();
|
$ticket = new Ticket();
|
||||||
$ticket->categoryId = 1;
|
$ticket->categoryId = 1;
|
||||||
@ -73,6 +81,7 @@ class UserToTicketCheckerTest extends TestCase {
|
|||||||
$user->admin = false;
|
$user->admin = false;
|
||||||
$user->categories = array(1);
|
$user->categories = array(1);
|
||||||
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS, 'something else');
|
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS, 'something else');
|
||||||
|
$user->id = 99;
|
||||||
|
|
||||||
$ticket = new Ticket();
|
$ticket = new Ticket();
|
||||||
$ticket->categoryId = 1;
|
$ticket->categoryId = 1;
|
||||||
@ -84,5 +93,22 @@ class UserToTicketCheckerTest extends TestCase {
|
|||||||
self::assertThat($result, self::isFalse());
|
self::assertThat($result, self::isFalse());
|
||||||
}
|
}
|
||||||
|
|
||||||
//-- TODO Category Manager
|
function testItReturnsTrueWhenTheUserDoesNotHaveEditPermissionsButIsTheCategoryManager() {
|
||||||
|
//-- Arrange
|
||||||
|
$user = new UserContext();
|
||||||
|
$user->admin = false;
|
||||||
|
$user->categories = array(1);
|
||||||
|
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS, 'something else');
|
||||||
|
$user->id = 1;
|
||||||
|
$this->userGateway->method('getManagerForCategory')->willReturn(1);
|
||||||
|
|
||||||
|
$ticket = new Ticket();
|
||||||
|
$ticket->categoryId = 1;
|
||||||
|
|
||||||
|
//-- Act
|
||||||
|
$result = $this->userToTicketChecker->isTicketWritableToUser($user, $ticket, true, $this->heskSettings);
|
||||||
|
|
||||||
|
//-- Assert
|
||||||
|
self::assertThat($result, self::isTrue());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user