From 1b9c28024fce9b0249707f28516a22960528a926 Mon Sep 17 00:00:00 2001 From: eileenmcnaugton Date: Tue, 25 Aug 2015 21:12:49 +1200 Subject: [PATCH] CRM-17023 add test for ACL hook to quicksearch --- tests/phpunit/api/v3/ContactTest.php | 45 ++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/tests/phpunit/api/v3/ContactTest.php b/tests/phpunit/api/v3/ContactTest.php index df5ef1a941..fe584c495f 100644 --- a/tests/phpunit/api/v3/ContactTest.php +++ b/tests/phpunit/api/v3/ContactTest.php @@ -2269,6 +2269,51 @@ class api_v3_ContactTest extends CiviUnitTestCase { $this->assertEquals('A Bobby, Bobby', $result['values'][1]['sort_name']); } + /** + * Test that getquick applies ACLs. + */ + public function testGetQuickFirstNameACLs() { + $this->getQuickSearchSampleData(); + $userID = $this->createLoggedInUser(); + CRM_Core_Config::singleton()->userPermissionClass->permissions = array(); + $result = $this->callAPISuccess('contact', 'getquick', array( + 'name' => 'Bob', + 'field_name' => 'first_name', + 'table_name' => 'cc', + )); + $this->assertEquals(0, $result['count']); + + $this->hookClass->setHook('civicrm_aclWhereClause', array($this, 'aclWhereNoBobH')); + CRM_Contact_BAO_Contact_Permission::cache($userID, CRM_Core_Permission::VIEW, TRUE); + $result = $this->callAPISuccess('contact', 'getquick', array( + 'name' => 'Bob', + 'field_name' => 'first_name', + 'table_name' => 'cc', + )); + $this->assertEquals('K Bobby, Bob', $result['values'][1]['sort_name']); + // Without the ACL 9 would be bob@h.com. + $this->assertEquals('I Bobby, Bobby', $result['values'][9]['sort_name']); + $this->callAPISuccess('Setting', 'create', array('includeOrderByClause' => FALSE)); + $result = $this->callAPISuccess('contact', 'getquick', array('name' => 'bob')); + $this->assertEquals('Bob, Bob', $result['values'][0]['sort_name']); + $this->assertEquals('A Bobby, Bobby', $result['values'][1]['sort_name']); + } + + /** + * Full results returned. + * @implements CRM_Utils_Hook::aclWhereClause + * + * @param string $type + * @param array $tables + * @param array $whereTables + * @param int $contactID + * @param string $where + */ + public function aclWhereNoBobH($type, &$tables, &$whereTables, &$contactID, &$where) { + $where = " email <> 'bob@h.com' OR email IS NULL"; + $whereTables['civicrm_email'] = "LEFT JOIN civicrm_email e ON contact_a.id = e.contact_id"; + } + /** * Test that getquick returns contacts with an exact last name match first. */ -- 2.25.1