Change Details

# Preparations * in Admin Console # go to {nav User Management > Users} section # create 2 active users by using `Add` toolbar button # go to {nav User Management > Administrators} section # create user with `pseudo-root` as it's `Username` # remember ID of created user * in IDE: # open `/core/kernel/application.php` for editing # in the `kApplication::permissionCheckingDisabled` method before returning a result add code, that would return `true` (means permission check is disabled), when `$user_id` is equals to ID of `pseudo-root` user # Part 1 (create/update/delete own address) * on the Front-End # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # confirm, that redirect to address list page happened # confirm, that address was created and it's shown on list page # click `Edit` link to edit just created address # locate "addr-X---" part at the end of page URL (the X is any number) # change `Full Name` field value # press the `Update` button # confirm, that redirect to address list page happened # confirm, that new value of `Full Name` field is displayed # click on `Delete` link to edit just created address # confirm address removal by pressing `OK` or similar button in browser confirmation window, that appears # confirm, that redirect to address list page happened # confirm, that no addresses are shown in the list # Part 2 (update/delete other user address) * on the Front-End # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # click `Edit` link to edit just created address # locate "addr-X---" part at the end of page URL (the X is any number) # change `Full Name` field value * in the database # open `Addresses` table # locate record, that has `AddressId` column value equals to `X` number obtained above # change value of `PortalUserId` field to ID of 2nd created user # remember value in `FullName` field * on the Front-End # press the `Update` button # confirm, that you stayed on same address editing page * in the database # open "Addresses" table # locate record, that has "AddressId" column value equals to "X" number obtained above # confirm, that `FullName` field value matches one, that was remembered before # change value of "PortalUserId" field to ID of 1st created user * on the Front-End # click on `My Addresses` link in `My Account` sidebox on the left * in the database # change value of `PortalUserId` field to ID of 2nd created user * on the Front-End # click on `Delete` link to edit just created address # confirm address removal by pressing `OK` or similar button in browser confirmation window, that appears # confirm, that redirect to address list page happened # confirm, that no addresses are shown in the list * in the database # open "Addresses" table # locate record, that has "AddressId" column value equals to "X" number obtained above # confirm, that record wasn't deleted # change value of `PortalUserId` field to ID of 1st created user # Part 3 (the `root` user changing/deleting address) * login to Admin Console as `root` user # go to {nav User Management > Users} section # open 1st created user (the one, used to login on Front-End) for editing # go to `Addresses` tab # open address for editing # change `Full Name` and save changes # confirm, that changed value of `Full Name` field is shown in the grid # delete address # confirm, that address was deleted # Part 4 (the administrator changing/deleting address) * login to Admin Console as administrator (not `root` user) # go to {nav User Management > Users} section # open 1st created user (the one, used to login on Front-End) for editing # go to `Addresses` tab # open address for editing # change `Full Name` and save changes # confirm, that changed value of `Full Name` field is shown in the grid # delete address # confirm, that address was deleted # Part 5 (permission override in user permission checking code) NOTE: Test needs to be performed in Firefox. NOTE: The {nav User Management > Groups} section can be enabled from {nav Configuration > Users > General} section. * login to Admin Console as administrator # go to {nav Website & Content > Labels & Phrases} section # right click on section name in the tree # select `Open Link in New Tab` context menu item (the new tab will open in background) # go to {nav User Management > Groups} section # for `admin` group remove `view` permission (but keep other permissions) from {nav Website & Content > Labels & Phrases} section # confirm, that {nav Website & Content > Labels & Phrases} section is no longer visible in tree # switch to background tab, that was opened before # reload page in the browser # confirm, that `No Permission` screen is shown # close current tab # logout # login to Admin Console as `pseudo-root` user # confirm, that {nav Website & Content > Labels & Phrases} section is visible in tree # go to {nav Website & Content > Labels & Phrases} section # confirm, that section content (grid) is displayed in main frame # Part 6 (event permission override) * login to Admin Console as administrator # go to {nav User Management > Groups} section # for `admin` group remove `add` permission (but keep other permissions) from {nav Custom > Widgets} section # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # confirm, that modal/popup window is opened and the `No Permission` page is displayed in it # logout # login to Admin Console as `pseudo-root` user # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # confirm, that modal/popup window is opened and widget adding page is displayed in it # Part 7 (upload permission override) * in IDE: # open `/modules/custom/units/widgets/widget_eh.php` file for editing # add `'OnProcessSelected' => array('self' => 'edit'),` line to `$permissions` array in `WidgetEventHandler::mapPermissions` method * login to Admin Console as administrator # go to {nav User Management > Groups} section # for `admin` group add `add` permission and remove `edit` permission from {nav Custom > Widgets} section # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # use `Browse` button of `Image` field to select an image for upload # confirm, that alert telling that upload permissions are missing is displayed and no image is uploaded # login to Admin Console as `pseudo-root` user # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # use `Browse` button of `Image` field to select an image for upload # confirm, that image was uploaded and it's thumbnail is displayed # Part 8 (autoload permission override) * on Front-End: # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # if no addresses exist already, then create new address # click `Edit` link next to any of displayed addresses # confirm, that redirect happened on a page, where selected address details are shown * in IDE: # open `/modules/in-commerce/units/addresses/addresses_event_handler.php` file for editing # comment out `'OnItemBuild' => Array ('subitem' => true),` line in `AddressesEventHandler::mapPermissions` method * on Front-End: # reload the page # confirm, that `No Permission` page is shown # logout # login as `pseudo-root` user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # click `Edit` link next to any of displayed addresses # confirm, that redirect happened on a page, where selected address details are shown

TODO# Preparations * in Admin Console # go to {nav User Management > Users} section # create 2 active users by using `Add` toolbar button # go to {nav User Management > Administrators} section # create user with `pseudo-root` as it's `Username` # remember ID of created user * in IDE: # open `/core/kernel/application.php` for editing # in the `kApplication::permissionCheckingDisabled` method before returning a result add code, that would return `true` (means permission check is disabled), when `$user_id` is equals to ID of `pseudo-root` user # Part 1 (create/update/delete own address) * on the Front-End # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # confirm, that redirect to address list page happened # confirm, that address was created and it's shown on list page # click `Edit` link to edit just created address # locate "addr-X---" part at the end of page URL (the X is any number) # change `Full Name` field value # press the `Update` button # confirm, that redirect to address list page happened # confirm, that new value of `Full Name` field is displayed # click on `Delete` link to edit just created address # confirm address removal by pressing `OK` or similar button in browser confirmation window, that appears # confirm, that redirect to address list page happened # confirm, that no addresses are shown in the list # Part 2 (update/delete other user address) * on the Front-End # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # click `Edit` link to edit just created address # locate "addr-X---" part at the end of page URL (the X is any number) # change `Full Name` field value * in the database # open `Addresses` table # locate record, that has `AddressId` column value equals to `X` number obtained above # change value of `PortalUserId` field to ID of 2nd created user # remember value in `FullName` field * on the Front-End # press the `Update` button # confirm, that you stayed on same address editing page * in the database # open "Addresses" table # locate record, that has "AddressId" column value equals to "X" number obtained above # confirm, that `FullName` field value matches one, that was remembered before # change value of "PortalUserId" field to ID of 1st created user * on the Front-End # click on `My Addresses` link in `My Account` sidebox on the left * in the database # change value of `PortalUserId` field to ID of 2nd created user * on the Front-End # click on `Delete` link to edit just created address # confirm address removal by pressing `OK` or similar button in browser confirmation window, that appears # confirm, that redirect to address list page happened # confirm, that no addresses are shown in the list * in the database # open "Addresses" table # locate record, that has "AddressId" column value equals to "X" number obtained above # confirm, that record wasn't deleted # change value of `PortalUserId` field to ID of 1st created user # Part 3 (the `root` user changing/deleting address) * login to Admin Console as `root` user # go to {nav User Management > Users} section # open 1st created user (the one, used to login on Front-End) for editing # go to `Addresses` tab # open address for editing # change `Full Name` and save changes # confirm, that changed value of `Full Name` field is shown in the grid # delete address # confirm, that address was deleted # Part 4 (the administrator changing/deleting address) * login to Admin Console as administrator (not `root` user) # go to {nav User Management > Users} section # open 1st created user (the one, used to login on Front-End) for editing # go to `Addresses` tab # open address for editing # change `Full Name` and save changes # confirm, that changed value of `Full Name` field is shown in the grid # delete address # confirm, that address was deleted # Part 5 (permission override in user permission checking code) NOTE: Test needs to be performed in Firefox. NOTE: The {nav User Management > Groups} section can be enabled from {nav Configuration > Users > General} section. * login to Admin Console as administrator # go to {nav Website & Content > Labels & Phrases} section # right click on section name in the tree # select `Open Link in New Tab` context menu item (the new tab will open in background) # go to {nav User Management > Groups} section # for `admin` group remove `view` permission (but keep other permissions) from {nav Website & Content > Labels & Phrases} section # confirm, that {nav Website & Content > Labels & Phrases} section is no longer visible in tree # switch to background tab, that was opened before # reload page in the browser # confirm, that `No Permission` screen is shown # close current tab # logout # login to Admin Console as `pseudo-root` user # confirm, that {nav Website & Content > Labels & Phrases} section is visible in tree # go to {nav Website & Content > Labels & Phrases} section # confirm, that section content (grid) is displayed in main frame # Part 6 (event permission override) * login to Admin Console as administrator # go to {nav User Management > Groups} section # for `admin` group remove `add` permission (but keep other permissions) from {nav Custom > Widgets} section # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # confirm, that modal/popup window is opened and the `No Permission` page is displayed in it # logout # login to Admin Console as `pseudo-root` user # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # confirm, that modal/popup window is opened and widget adding page is displayed in it # Part 7 (upload permission override) * in IDE: # open `/modules/custom/units/widgets/widget_eh.php` file for editing # add `'OnProcessSelected' => array('self' => 'edit'),` line to `$permissions` array in `WidgetEventHandler::mapPermissions` method * login to Admin Console as administrator # go to {nav User Management > Groups} section # for `admin` group add `add` permission and remove `edit` permission from {nav Custom > Widgets} section # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # use `Browse` button of `Image` field to select an image for upload # confirm, that alert telling that upload permissions are missing is displayed and no image is uploaded # login to Admin Console as `pseudo-root` user # go to {nav Custom > Widgets} section # click on `Add` button on toolbar # use `Browse` button of `Image` field to select an image for upload # confirm, that image was uploaded and it's thumbnail is displayed # Part 8 (autoload permission override) * on Front-End: # login using 1st created user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # if no addresses exist already, then create new address # click `Edit` link next to any of displayed addresses # confirm, that redirect happened on a page, where selected address details are shown * in IDE: # open `/modules/in-commerce/units/addresses/addresses_event_handler.php` file for editing # comment out `'OnItemBuild' => Array ('subitem' => true),` line in `AddressesEventHandler::mapPermissions` method * on Front-End: # reload the page # confirm, that `No Permission` page is shown # logout # login as `pseudo-root` user # click on `My Addresses` link in `My Account` sidebox on the left # click on `New Address` link # create new address # click `Edit` link next to any of displayed addresses # confirm, that redirect happened on a page, where selected address details are shown