public function testRolesParametersAdditivity()
{
$r1 = new \AJXP_Role("role1");
$r2 = new \AJXP_Role("role2");
$r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
$this->assertEquals("param_value1", $r1->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue1"));
$r2->setParameterValue("type.id", "param_name", "param_value2", "repository_id");
$r3 = $r2->override($r1);
$this->assertEquals("param_value2", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue"));
$r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
$r2->setParameterValue("type.id", "param_name", AJXP_VALUE_CLEAR, "repository_id");
$r3 = $r2->override($r1);
$this->assertEquals("anyvalue2", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue2"));
$r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
$r2->setParameterValue("type.id", "param_name", "", "repository_id");
$r3 = $r2->override($r1);
$this->assertEquals("param_value1", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue2"));
}
/**
* @param AJXP_Role $role
* @return AJXP_Role
*/
public function override(AJXP_Role $role)
{
$newRole = new AJXP_Role($role->getId());
$roleAcl = $role->listAcls();
$newAcls = $this->array_merge_recursive2($roleAcl, $this->listAcls());
foreach ($newAcls as $repoId => $rightString) {
//if($rightString == AJXP_VALUE_CLEAR) continue;
if (empty($rightString) && !empty($roleAcl[$repoId])) {
$rightString = $roleAcl[$repoId];
}
$newRole->setAcl($repoId, $rightString);
}
$roleParameters = $role->listParameters(true);
$newParams = $this->array_merge_recursive2($roleParameters, $this->listParameters(true));
foreach ($newParams as $repoId => $data) {
foreach ($data as $pluginId => $param) {
foreach ($param as $parameterName => $parameterValue) {
if ($parameterValue === true || $parameterValue === false) {
$newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
continue;
}
if ($parameterValue == AJXP_VALUE_CLEAR) {
continue;
}
if ($parameterValue === "" && !empty($roleParameters[$repoId][$pluginId][$parameterName])) {
$parameterValue = $newParams[$repoId][$pluginId][$parameterName];
}
$newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
}
}
}
$newActions = $this->array_merge_recursive2($role->listActionsStates(), $this->listActionsStates());
foreach ($newActions as $repoId => $data) {
foreach ($data as $pluginId => $action) {
foreach ($action as $actionName => $actionState) {
$newRole->setActionState($pluginId, $actionName, $repoId, $actionState);
}
}
}
$roleMasks = $role->listMasks();
$allKeys = array_merge(array_keys($this->masks), array_keys($roleMasks));
foreach ($allKeys as $repoId) {
if (isset($roleMasks[$repoId]) && isset($this->masks[$repoId])) {
$newRole->setMask($repoId, $roleMasks[$repoId]->override($this->masks[$repoId]));
} else {
if (isset($roleMasks[$repoId])) {
$newRole->setMask($repoId, $roleMasks[$repoId]);
} else {
$newRole->setMask($repoId, $this->masks[$repoId]);
}
}
}
return $newRole;
}
/**
* @param AJXP_Role $parentRole
* @return AJXP_Role
*/
public static function limitedRoleFromParent($parentUser)
{
$parentRole = self::getRole("AJXP_USR_/" . $parentUser);
if ($parentRole === false) {
return null;
}
// Inherit actions
$inheritActions = array();
$cacheInherit = AJXP_PluginsService::getInstance()->loadFromPluginQueriesCache("//server_settings/param[@inherit='true']");
if ($cacheInherit !== null && is_array($cacheInherit)) {
$inheritActions = $cacheInherit;
} else {
$paramNodes = AJXP_PluginsService::searchAllManifests("//server_settings/param[@inherit='true']", "node", false, false, true);
if (is_array($paramNodes) && count($paramNodes)) {
foreach ($paramNodes as $node) {
$paramName = $node->getAttribute("name");
$pluginId = $node->parentNode->parentNode->getAttribute("id");
if (isset($inheritActions[$pluginId])) {
$inheritActions[$pluginId] = array();
}
$inheritActions[$pluginId][] = $paramName;
}
}
AJXP_PluginsService::getInstance()->storeToPluginQueriesCache("//server_settings/param[@inherit='true']", $inheritActions);
}
// Clear ACL, Keep disabled actions, keep 'inherit' parameters.
$childRole = new AJXP_Role("AJXP_PARENT_USR_/");
$childRole->bunchUpdate(array("ACL" => array(), "ACTIONS" => $parentRole->listAllActionsStates(), "APPLIES" => array(), "PARAMETERS" => array()));
$params = $parentRole->listParameters();
foreach ($params as $scope => $plugData) {
foreach ($plugData as $pId => $paramData) {
if (!isset($inheritActions[$pId])) {
continue;
}
foreach ($paramData as $pName => $pValue) {
$childRole->setParameterValue($pId, $pName, $pValue, $scope);
}
}
}
return $childRole;
}
/**
* @param AJXP_Role $role
* @return AJXP_Role
*/
public function override(AJXP_Role $role)
{
$newRole = new AJXP_Role($role->getId());
$newAcls = $this->array_merge_recursive2($role->listAcls(), $this->listAcls());
foreach ($newAcls as $repoId => $rightString) {
if ($rightString == AJXP_VALUE_CLEAR) {
continue;
}
$newRole->setAcl($repoId, $rightString);
}
$newParams = $this->array_merge_recursive2($role->listParameters(true), $this->listParameters(true));
foreach ($newParams as $repoId => $data) {
foreach ($data as $pluginId => $param) {
foreach ($param as $parameterName => $parameterValue) {
if ($parameterValue === true || $parameterValue === false) {
$newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
continue;
}
if ($parameterValue == AJXP_VALUE_CLEAR) {
continue;
}
$newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
}
}
}
$newActions = $this->array_merge_recursive2($role->listActionsStates(), $this->listActionsStates());
foreach ($newActions as $repoId => $data) {
foreach ($data as $pluginId => $action) {
foreach ($action as $actionName => $actionState) {
$newRole->setActionState($pluginId, $actionName, $repoId, $actionState);
}
}
}
return $newRole;
}