/**
  * Copy the object's parents permission object details, in
  * preparation for the object to have different permissions from its
  * parent.
  */
 function copyPermissionObject(&$oDocumentOrFolder)
 {
     global $default;
     $oOrigPO = KTPermissionObject::get($oDocumentOrFolder->getPermissionObjectID());
     $aOrigPAs =& KTPermissionAssignment::getByObjectMulti($oOrigPO);
     $oNewPO = KTPermissionObject::createFromArray(array());
     foreach ($aOrigPAs as $oOrigPA) {
         $oNewPA = KTPermissionAssignment::createFromArray(array('permissionid' => $oOrigPA->getPermissionID(), 'permissionobjectid' => $oNewPO->getID(), 'permissiondescriptorid' => $oOrigPA->getPermissionDescriptorID()));
     }
     $oDocumentOrFolder->setPermissionObjectID($oNewPO->getID());
     $oDocumentOrFolder->update();
     // copy any dynamic conditions
     $aDPO = KTPermissionDynamicCondition::getByPermissionObject($oOrigPO);
     foreach ($aDPO as $oOrigDC) {
         $oNewDC = KTPermissionDynamicCondition::createFromArray(array('permissionobjectid' => $oNewPO->getId(), 'groupid' => $oOrigDC->getGroupId(), 'conditionid' => $oOrigDC->getConditionId()));
         $oNewDC->saveAssignment($oOrigDC->getAssignment());
     }
     if (!is_a($oDocumentOrFolder, 'Folder')) {
         KTPermissionUtil::updatePermissionLookup($oDocumentOrFolder);
         return;
     }
     // For a folder - update permission object for all folders and
     // documents under this current folder if they're using the old
     // permission object id.  If they are, then they're getting the
     // permission object via this folder.  If they are not, then
     // they have their own permission object management, and thus
     // this folder has no effect on their permissions.
     $iFolderID = $oDocumentOrFolder->getID();
     $sFolderIDs = Folder::generateFolderIDs($iFolderID);
     $sFolderIDs .= '%';
     $sQuery = "UPDATE {$default->folders_table} SET\n            permission_object_id = ? WHERE permission_object_id = ? AND\n            parent_folder_ids LIKE ?";
     $aParams = array($oNewPO->getID(), $oOrigPO->getID(), $sFolderIDs);
     DBUtil::runQuery(array($sQuery, $aParams));
     Folder::clearAllCaches();
     $sQuery = "UPDATE {$default->documents_table} SET\n            permission_object_id = ? WHERE permission_object_id = ? AND\n            (parent_folder_ids LIKE ? OR folder_id = ?)";
     $aParams[] = $iFolderID;
     DBUtil::runQuery(array($sQuery, $aParams));
     Document::clearAllCaches();
     // All objects using this PO must be new and must need their
     // lookups updated...
     KTPermissionUtil::updatePermissionLookupForPO($oNewPO);
 }
 function setPermissionObject()
 {
     global $default;
     require_once KT_LIB_DIR . '/permissions/permissionobject.inc.php';
     DBUtil::runQuery("UPDATE folders SET permission_folder_id = 1 WHERE id = 1");
     $aBrokenFolders = DBUtil::getResultArray('SELECT id, parent_id FROM folders WHERE permission_folder_id = 0 OR permission_folder_id IS NULL ORDER BY LENGTH(parent_folder_ids)');
     foreach ($aBrokenFolders as $aFolderInfo) {
         $iFolderId = $aFolderInfo['id'];
         $iParentFolderId = $aFolderInfo['parent_id'];
         $iParentFolderPermissionFolder = DBUtil::getOneResultKey(array("SELECT permission_folder_id FROM folders WHERE id = ?", array($iParentFolderId)), 'permission_folder_id');
         $res = DBUtil::whereUpdate('folders', array('permission_folder_id' => $iParentFolderPermissionFolder), array('id' => $iFolderId));
     }
     // First, set permission object on all folders that were
     // "permission folders".
     $query = "SELECT id FROM {$default->folders_table} WHERE permission_folder_id = id AND permission_object_id IS NULL";
     $aIDs = DBUtil::getResultArrayKey($query, 'id');
     foreach ($aIDs as $iID) {
         $oPO =& KTPermissionObject::createFromArray(array());
         if (PEAR::isError($oPO)) {
             var_dump($oPO);
             exit(0);
         }
         $sTableName = KTUtil::getTableName('folders');
         $query = sprintf("UPDATE %s SET permission_object_id = %d WHERE id = %d", $sTableName, $oPO->getId(), $iID);
         $res = DBUtil::runQuery($query);
         UpgradeFunctions::_setRead($iID, $oPO);
         UpgradeFunctions::_setWrite($iID, $oPO);
         UpgradeFunctions::_setAddFolder($iID, $oPO);
     }
     // Next, set permission object on all folders that weren't
     // "permission folders" by using the permission object on their
     // permission folders.
     $query = "SELECT id FROM {$default->folders_table} WHERE permission_object_id IS NULL";
     $aIDs = DBUtil::getResultArrayKey($query, 'id');
     foreach ($aIDs as $iID) {
         $sTableName = KTUtil::getTableName('folders');
         $query = sprintf("SELECT F2.permission_object_id AS poi FROM %s AS F LEFT JOIN %s AS F2 ON F2.id = F.permission_folder_id WHERE F.id = ?", $sTableName, $sTableName);
         $aParams = array($iID);
         $iPermissionObjectId = DBUtil::getOneResultKey(array($query, $aParams), 'poi');
         $sTableName = KTUtil::getTableName('folders');
         $query = sprintf("UPDATE %s SET permission_object_id = %d WHERE id = %d", $sTableName, $iPermissionObjectId, $iID);
         DBUtil::runQuery($query);
     }
     $sDocumentsTable = KTUtil::getTableName('documents');
     $sFoldersTable = KTUtil::getTableName('folders');
     $query = sprintf("UPDATE %s AS D, %s AS F SET D.permission_object_id = F.permission_object_id WHERE D.folder_id = F.id AND D.permission_object_id IS NULL", $sDocumentsTable, $sFoldersTable);
     DBUtil::runQuery($query);
 }
<?php

require_once "../../config/dmsDefaults.php";
require_once KT_LIB_DIR . "/permissions/permissionobject.inc.php";
error_reporting(E_ALL);
$res = KTPermissionObject::createFromArray(array());
var_dump($res);