plainblack · daviddelikat · Feb 22, 2012 · Feb 23, 2012 · Feb 23, 2012 · Feb 23, 2012
diff --git a/docs/changelog/8.x.x.txt b/docs/changelog/8.x.x.txt
@@ -1,4 +1,5 @@
 8.0.0
+ - #12010 - fixed related link duplication where links have group view restrictions
  - #10012 - larger meta data values for multi-value fields
  - #12310 - fixed rendering and submit button on user edit/add form
  - Replaced the existing caching mechanism with memcached, which results in a 400% improvement to cache speed. See migration.txt for API changes and gotcha.txt for prereq changes.

diff --git a/lib/WebGUI/Asset/Event.pm b/lib/WebGUI/Asset/Event.pm
@@ -469,7 +469,7 @@ override duplicate => sub {
 	my $newAsset = super();
 	my $newStorage = $self->getStorageLocation->copy;
 	$newAsset->update({storageId=>$newStorage->getId});
-    my $links = $self->getRelatedLinks();
+    my $links = $self->getRelatedLinks('nolimit');
     my $id    = $self->session->id;
     foreach my $link (@{ $links }) {
         $link->{new_event}   = 1;
@@ -1125,12 +1125,16 @@ Gets an arrayref of hashrefs of related links.
 
 sub getRelatedLinks {
     my $self    = shift;
+    my $limitflag = shift || 'yes';
 
     my $sth
         = $self->session->db->prepare(
             "SELECT * FROM Event_relatedlink WHERE assetId=? ORDER BY sequenceNumber",
         );
     $sth->execute([ $self->getId ]);
+    if( $limitflag eq 'nolimit' ) {
+        return [ map { $sth->hashRef } ( 1..$sth->rows ) ];
+    }
 
     my @links;
     while ( my $link = $sth->hashRef ) {

diff --git a/lib/WebGUI/Auth/Facebook.pm b/lib/WebGUI/Auth/Facebook.pm
@@ -46,9 +46,9 @@ sub createFacebookUser {
     my ( $self, $fbuser ) = @_;
     my $user    = WebGUI::User->create( $self->session );
     $user->username( $fbuser->{name} );
-    $user->get('email', $fbuser->{email});
-    $user->get('firstName', $fbuser->{first_name});
-    $user->get('lastName', $fbuser->{last_name});
+    $user->update('email', $fbuser->{email});
+    $user->update('firstName', $fbuser->{first_name});
+    $user->update('lastName', $fbuser->{last_name});
     $self->update(
         "facebookUserId" => $fbuser->{id},
     );

diff --git a/lib/WebGUI/Middleware/WGAccess.pm b/lib/WebGUI/Middleware/WGAccess.pm
@@ -59,6 +59,10 @@ sub call {
         else {
             $privs = JSON->new->utf8->decode($contents);
         }
+        # in some cases there is nothing but state; default each list to an empty array
+        $privs->{user} ||= [ ];
+        $privs->{groups} ||= [ ];
+        $privs->{assets} ||= [ ];
 
         return @$r = (403, [ 'Content-Type' => 'text/plain' ], [ 'Forbidden' ])
             if $privs->{state} eq 'trash';

diff --git a/lib/WebGUI/Operation/Settings.pm b/lib/WebGUI/Operation/Settings.pm
@@ -664,7 +664,7 @@ sub www_editSettings {
 
     # Get fieldsets for avaiable auth methods
 	foreach my $authName (@{$session->config->get("authMethods")}) {
-		my $authInstance = WebGUI::Operation::Auth::getInstance($session,$_,1);
+		my $authInstance = WebGUI::Operation::Auth::getInstance($session,$authName,1);
                 $tabform->getTab( "auth" )->addFieldset( $authInstance->editUserSettingsForm, name => $authName, label => $authName );
 	}
 

diff --git a/t/Asset/EMSSubmissionForm.t b/t/Asset/EMSSubmissionForm.t
@@ -348,7 +348,7 @@ $sub1 = $sub1->cloneFromDb;
 diag $sub1->submissionStatus;
 diag $sub1->ticketId;
 diag $sub1->getRevisionCount;
-is( $sub1->get('submissionStatus'),'created','approval successfull');
+is( $sub1->get('submissionStatus'),'approved','approval successfull');
 
 my $ticket = eval { WebGUI::Asset->newById($session, $sub1->get('ticketId')); };
 my $e = Exception::Class->caught();

diff --git a/t/Asset/Event.t b/t/Asset/Event.t
@@ -15,7 +15,7 @@ use WebGUI::Test;
 use Test::More; # increment this value for each test you create
 use Test::Deep;
 
-plan tests => 30;
+plan tests => 31;
 
 use WebGUI::Session;
 use WebGUI::Storage;
@@ -174,10 +174,11 @@ $event6->setRelatedLinks([
     sequenceNumber => 2,
     linkurl => 'http://www.somewhere.com',
     linktext => 'Another great link',
-    groupIdView => '7',
+    groupIdView => '2',
     eventlinkId => '28',
 },
 ]);
+$session->user({userId => 3});   # admin can see all the links
 cmp_deeply(
     $event6->getRelatedLinks(),
     [{
@@ -192,12 +193,25 @@ cmp_deeply(
         sequenceNumber => 2,
         linkURL        => 'http://www.somewhere.com',
         linktext       => 'Another great link',
-        groupIdView    => '7',
+        groupIdView    => '2',
         eventlinkId    => '28',
         assetId        => $event6->getId,
     }],
     'related links stored in the database correctly'
 );
+$session->user({userId => 1});   # visitor can only see one link
+cmp_deeply(
+    $event6->getRelatedLinks(),
+    [{
+        sequenceNumber => 1,
+        linkURL        => 'http://www.nowhere.com',
+        linktext       => 'Great link',
+        groupIdView    => '7',
+        eventlinkId    => '27',
+        assetId        => $event6->getId,
+    }],
+    'related links:user access restriction works'
+);
 
 #######################################
 #
@@ -208,6 +222,7 @@ cmp_deeply(
 my $event6b = $event6->duplicate();
 ok($session->id->valid($event6b->get('storageId')), 'duplicated event got a valid storageId');
 isnt($event6b->get('storageId'), $event6->get('storageId'), 'duplicating an asset creates a new storage location');
+$session->user({userId => 3});   # admin can see all the links
 cmp_deeply(
     $event6b->getRelatedLinks(),
     [{
@@ -222,12 +237,13 @@ cmp_deeply(
         sequenceNumber => 2,
         linkURL        => 'http://www.somewhere.com',
         linktext       => 'Another great link',
-        groupIdView    => '7',
+        groupIdView    => '2',
         eventlinkId    => ignore(),
         assetId        => $event6b->getId,
     }],
     'duplicated event has relatedLinks'
 );
+$session->user({userId => 1});   # run remaining tests as visitor
 
 #######################################
 #

diff --git a/t/Asset/Wobject/Survey.t b/t/Asset/Wobject/Survey.t
@@ -17,7 +17,7 @@ my $session = WebGUI::Test->session;
 
 #----------------------------------------------------------------------------
 # Tests
-plan tests => 53;
+plan tests => 57;
 
 #----------------------------------------------------------------------------
 # put your tests here

diff --git a/t/Group/ldap_groups.t b/t/Group/ldap_groups.t
@@ -14,11 +14,9 @@ use lib "$FindBin::Bin/../lib";
 
 use WebGUI::Test;
 use WebGUI::Session;
-use WebGUI::Utility;
 
 use WebGUI::User;
 use WebGUI::Group;
-use WebGUI::Cache;
 
 use Test::More skip_all => 'Disabled until the test LDAP server is rejuvenated';
 use Test::Deep;