From cc222cb6a6f30d89ba3124c79a1560ac2dd0c126 Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Sat, 25 May 2013 00:06:05 -0400
Subject: [PATCH] CRM-12499 - CRM_Core_Permission_Joomla - Add translation

----------------------------------------
* CRM-12499: Allow users with 'access user profiles' to access $userRecordUrl
  http://issues.civicrm.org/jira/browse/CRM-12499
---
 CRM/Core/Permission/Joomla.php                | 35 ++++++++++++++++-
 .../CRM/Core/Permission/JoomlaTest.php        | 38 +++++++++++++++++++
 2 files changed, 71 insertions(+), 2 deletions(-)
 create mode 100644 tests/phpunit/CRM/Core/Permission/JoomlaTest.php

diff --git a/CRM/Core/Permission/Joomla.php b/CRM/Core/Permission/Joomla.php
index 6a128f5a95..627b241dc0 100644
--- a/CRM/Core/Permission/Joomla.php
+++ b/CRM/Core/Permission/Joomla.php
@@ -48,19 +48,50 @@ class CRM_Core_Permission_Joomla extends CRM_Core_Permission_Base {
   function check($str) {
     $config = CRM_Core_Config::singleton();
 
+    $translated = $this->translateJoomlaPermission($str);
+    if ($translated === CRM_Core_Permission::ALWAYS_DENY_PERMISSION) {
+      return FALSE;
+    }
+    if ($translated === CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) {
+      return TRUE;
+    }
+
     // ensure that we are running in a joomla context
     // we've not yet figured out how to bootstrap joomla, so we should
     // not execute hooks if joomla is not loaded
     if (defined('_JEXEC')) {
-      $permissionStr = 'civicrm.' . CRM_Utils_String::munge(strtolower($str));
-      $permission = JFactory::getUser()->authorise($permissionStr, 'com_civicrm');
+      $permission = JFactory::getUser()->authorise($translated[0], $translated[1]);
       return $permission;
     }
     else {
+      // This function is supposed to return a boolean. What does '(1)' mean?
       return '(1)';
     }
   }
 
+  /**
+   * @param string $name e.g. "administer CiviCRM", "cms:access user record", "Drupal:administer content", "Joomla:example.action:com_some_asset"
+   * @return ALWAYS_DENY_PERMISSION|ALWAYS_ALLOW_PERMISSION|array(0 => $joomlaAction, 1 => $joomlaAsset)
+   */
+  function translateJoomlaPermission($perm) {
+    if ($perm === CRM_Core_Permission::ALWAYS_DENY_PERMISSION || $perm === CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) {
+      return $perm;
+    }
+
+    list ($civiPrefix, $name) = CRM_Utils_String::parsePrefix(':', $perm, NULL);
+    switch($civiPrefix) {
+      case 'Joomla':
+        return explode(':', $name);
+      case 'cms':
+        // FIXME: This needn't be DENY, but we don't currently have any translations.
+        return CRM_Core_Permission::ALWAYS_DENY_PERMISSION;
+      case NULL:
+        return array('civicrm.' . CRM_Utils_String::munge(strtolower($name)), 'com_civicrm');
+      default:
+        return CRM_Core_Permission::ALWAYS_DENY_PERMISSION;
+    }
+  }
+
   /**
    * Given a roles array, check for access requirements
    *
diff --git a/tests/phpunit/CRM/Core/Permission/JoomlaTest.php b/tests/phpunit/CRM/Core/Permission/JoomlaTest.php
new file mode 100644
index 0000000000..adc2bd2ea3
--- /dev/null
+++ b/tests/phpunit/CRM/Core/Permission/JoomlaTest.php
@@ -0,0 +1,38 @@
+<?php
+
+require_once 'CiviTest/CiviUnitTestCase.php';
+
+class CRM_Core_Permission_JoomlaTest extends CiviUnitTestCase {
+
+  /**
+   * @return array (0 => input to translatePermission, 1 => expected output from translatePermission)
+   */
+  public function translateData() {
+    $cases = array();
+
+    $cases[] = array("administer CiviCRM", array("civicrm.administer_civicrm", "com_civicrm"));
+    // TODO $cases[] = array("cms:universal name", "local name");
+    // TODO $cases[] = array("cms:universal name2", "local name2");
+    $cases[] = array("cms:unknown universal name", CRM_Core_Permission::ALWAYS_DENY_PERMISSION);
+    $cases[] = array(
+      "Joomla:civicrmplusplus.extragood:com_civicrmplusplus",
+      array("civicrmplusplus.extragood", "com_civicrmplusplus")
+    );
+    $cases[] = array("otherruntime:foo", CRM_Core_Permission::ALWAYS_DENY_PERMISSION);
+    $cases[] = array(CRM_Core_Permission::ALWAYS_DENY_PERMISSION, CRM_Core_Permission::ALWAYS_DENY_PERMISSION);
+    $cases[] = array(CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION, CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION);
+
+    return $cases;
+  }
+
+  /**
+   * @dataProvider translateData
+   * @param string $input the name of a permission which should be translated
+   * @param string $expected the name of an actual permission (based on translation matrix for "runtime")
+   */
+  public function testTranslate($input, $expected) {
+    $perm = new CRM_Core_Permission_Joomla();
+    $actual = $perm->translateJoomlaPermission($input);
+    $this->assertEquals($expected, $actual);
+  }
+}
-- 
2.25.1