Beispiel #1
0
 public function testRolesParametersAdditivity()
 {
     $r1 = new \AJXP_Role("role1");
     $r2 = new \AJXP_Role("role2");
     $r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
     $this->assertEquals("param_value1", $r1->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue1"));
     $r2->setParameterValue("type.id", "param_name", "param_value2", "repository_id");
     $r3 = $r2->override($r1);
     $this->assertEquals("param_value2", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue"));
     $r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
     $r2->setParameterValue("type.id", "param_name", AJXP_VALUE_CLEAR, "repository_id");
     $r3 = $r2->override($r1);
     $this->assertEquals("anyvalue2", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue2"));
     $r1->setParameterValue("type.id", "param_name", "param_value1", "repository_id");
     $r2->setParameterValue("type.id", "param_name", "", "repository_id");
     $r3 = $r2->override($r1);
     $this->assertEquals("param_value1", $r3->filterParameterValue("type.id", "param_name", "repository_id", "anyvalue2"));
 }
Beispiel #2
0
 /**
  * @param AJXP_Role $role
  * @return AJXP_Role
  */
 public function override(AJXP_Role $role)
 {
     $newRole = new AJXP_Role($role->getId());
     $roleAcl = $role->listAcls();
     $newAcls = $this->array_merge_recursive2($roleAcl, $this->listAcls());
     foreach ($newAcls as $repoId => $rightString) {
         //if($rightString == AJXP_VALUE_CLEAR) continue;
         if (empty($rightString) && !empty($roleAcl[$repoId])) {
             $rightString = $roleAcl[$repoId];
         }
         $newRole->setAcl($repoId, $rightString);
     }
     $roleParameters = $role->listParameters(true);
     $newParams = $this->array_merge_recursive2($roleParameters, $this->listParameters(true));
     foreach ($newParams as $repoId => $data) {
         foreach ($data as $pluginId => $param) {
             foreach ($param as $parameterName => $parameterValue) {
                 if ($parameterValue === true || $parameterValue === false) {
                     $newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
                     continue;
                 }
                 if ($parameterValue == AJXP_VALUE_CLEAR) {
                     continue;
                 }
                 if ($parameterValue === "" && !empty($roleParameters[$repoId][$pluginId][$parameterName])) {
                     $parameterValue = $newParams[$repoId][$pluginId][$parameterName];
                 }
                 $newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
             }
         }
     }
     $newActions = $this->array_merge_recursive2($role->listActionsStates(), $this->listActionsStates());
     foreach ($newActions as $repoId => $data) {
         foreach ($data as $pluginId => $action) {
             foreach ($action as $actionName => $actionState) {
                 $newRole->setActionState($pluginId, $actionName, $repoId, $actionState);
             }
         }
     }
     $roleMasks = $role->listMasks();
     $allKeys = array_merge(array_keys($this->masks), array_keys($roleMasks));
     foreach ($allKeys as $repoId) {
         if (isset($roleMasks[$repoId]) && isset($this->masks[$repoId])) {
             $newRole->setMask($repoId, $roleMasks[$repoId]->override($this->masks[$repoId]));
         } else {
             if (isset($roleMasks[$repoId])) {
                 $newRole->setMask($repoId, $roleMasks[$repoId]);
             } else {
                 $newRole->setMask($repoId, $this->masks[$repoId]);
             }
         }
     }
     return $newRole;
 }
Beispiel #3
0
 /**
  * @param AJXP_Role $parentRole
  * @return AJXP_Role
  */
 public static function limitedRoleFromParent($parentUser)
 {
     $parentRole = self::getRole("AJXP_USR_/" . $parentUser);
     if ($parentRole === false) {
         return null;
     }
     // Inherit actions
     $inheritActions = array();
     $cacheInherit = AJXP_PluginsService::getInstance()->loadFromPluginQueriesCache("//server_settings/param[@inherit='true']");
     if ($cacheInherit !== null && is_array($cacheInherit)) {
         $inheritActions = $cacheInherit;
     } else {
         $paramNodes = AJXP_PluginsService::searchAllManifests("//server_settings/param[@inherit='true']", "node", false, false, true);
         if (is_array($paramNodes) && count($paramNodes)) {
             foreach ($paramNodes as $node) {
                 $paramName = $node->getAttribute("name");
                 $pluginId = $node->parentNode->parentNode->getAttribute("id");
                 if (isset($inheritActions[$pluginId])) {
                     $inheritActions[$pluginId] = array();
                 }
                 $inheritActions[$pluginId][] = $paramName;
             }
         }
         AJXP_PluginsService::getInstance()->storeToPluginQueriesCache("//server_settings/param[@inherit='true']", $inheritActions);
     }
     // Clear ACL, Keep disabled actions, keep 'inherit' parameters.
     $childRole = new AJXP_Role("AJXP_PARENT_USR_/");
     $childRole->bunchUpdate(array("ACL" => array(), "ACTIONS" => $parentRole->listAllActionsStates(), "APPLIES" => array(), "PARAMETERS" => array()));
     $params = $parentRole->listParameters();
     foreach ($params as $scope => $plugData) {
         foreach ($plugData as $pId => $paramData) {
             if (!isset($inheritActions[$pId])) {
                 continue;
             }
             foreach ($paramData as $pName => $pValue) {
                 $childRole->setParameterValue($pId, $pName, $pValue, $scope);
             }
         }
     }
     return $childRole;
 }
 /**
  * @param AJXP_Role $role
  * @return AJXP_Role
  */
 public function override(AJXP_Role $role)
 {
     $newRole = new AJXP_Role($role->getId());
     $newAcls = $this->array_merge_recursive2($role->listAcls(), $this->listAcls());
     foreach ($newAcls as $repoId => $rightString) {
         if ($rightString == AJXP_VALUE_CLEAR) {
             continue;
         }
         $newRole->setAcl($repoId, $rightString);
     }
     $newParams = $this->array_merge_recursive2($role->listParameters(true), $this->listParameters(true));
     foreach ($newParams as $repoId => $data) {
         foreach ($data as $pluginId => $param) {
             foreach ($param as $parameterName => $parameterValue) {
                 if ($parameterValue === true || $parameterValue === false) {
                     $newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
                     continue;
                 }
                 if ($parameterValue == AJXP_VALUE_CLEAR) {
                     continue;
                 }
                 $newRole->setParameterValue($pluginId, $parameterName, $parameterValue, $repoId);
             }
         }
     }
     $newActions = $this->array_merge_recursive2($role->listActionsStates(), $this->listActionsStates());
     foreach ($newActions as $repoId => $data) {
         foreach ($data as $pluginId => $action) {
             foreach ($action as $actionName => $actionState) {
                 $newRole->setActionState($pluginId, $actionName, $repoId, $actionState);
             }
         }
     }
     return $newRole;
 }