function doOperation(&$dbHandler, $argsObj, $operation)
{
$rights = implode("','", array_keys($argsObj->grant));
$op = new stdClass();
$op->role = new tlRole();
$op->role->rights = tlRight::getAll($dbHandler, "WHERE description IN ('{$rights}')");
$op->role->name = $argsObj->rolename;
$op->role->description = $argsObj->notes;
$op->role->dbID = $argsObj->roleid;
$op->userFeedback = null;
$op->template = 'rolesEdit.tpl';
$result = $op->role->writeToDB($dbHandler);
if ($result >= tl::OK) {
$auditCfg = null;
switch ($operation) {
case 'doCreate':
$auditCfg['msg'] = "audit_role_created";
$auditCfg['activity'] = "CREATE";
break;
case 'doUpdate':
$auditCfg['msg'] = "audit_role_saved";
$auditCfg['activity'] = "SAVE";
break;
}
logAuditEvent(TLS($auditCfg['msg'], $argsObj->rolename), $auditCfg['activity'], $op->role->dbID, "roles");
$op->template = null;
} else {
$op->userFeedback = getRoleErrorMessage($result);
}
return $op;
}
function complete_gui(&$dbHandler, &$guiObj, &$argsObj, &$roleObj, &$webEditorObj)
{
$actionCfg['operation'] = array('create' => 'doCreate', 'edit' => 'doUpdate', 'doCreate' => 'doCreate', 'doUpdate' => 'doUpdate');
$actionCfg['highlight'] = array('create' => 'create_role', 'edit' => 'edit_role', 'doCreate' => 'create_role', 'doUpdate' => 'edit_role');
$guiObj->highlight->{$actionCfg}['highlight'][$argsObj->doAction] = 1;
$guiObj->operation = $actionCfg['operation'][$argsObj->doAction];
$guiObj->role = $roleObj;
$guiObj->grants = $_SESSION['currentUser']->getGrantsForUserMgmt($dbHandler);
$guiObj->rightsCfg = tlRight::getRightsCfg();
$guiObj->mgt_view_events = $_SESSION['currentUser']->hasRight($db, "mgt_view_events");
// Create status for all checkboxes and set to unchecked
foreach ($guiObj->rightsCfg as $grantDetails) {
foreach ($grantDetails as $grantCode => $grantDescription) {
$guiObj->checkboxStatus[$grantCode] = "";
}
}
if ($roleObj->dbID) {
$webEditorObj->Value = $roleObj->description;
// build checked attribute for checkboxes
if (sizeof($roleObj->rights)) {
foreach ($roleObj->rights as $key => $right) {
$guiObj->checkboxStatus[$right->name] = "checked=\"checked\"";
}
}
//get all users which are affected by changing the role definition
$guiObj->affectedUsers = $roleObj->getAllUsersWithRole($dbHandler);
}
$guiObj->notes = $webEditorObj->CreateHTML();
return $guiObj;
}
/**
* check right on effective role for user, using test project and test plan,
* means that check right on effective role.
*
* @return string|null 'yes' or null
*
* @internal revisions
*/
function hasRight(&$db, $roleQuestion, $tprojectID = null, $tplanID = null)
{
static $parentRightPool;
if (!$parentRightPool) {
$dummy = tlRight::getRightsCfg();
$parentRightPool['tplanRoles'] = $dummy->testprojectWideRange;
$parentRightPool['tprojectRoles'] = $dummy->systemWideRange;
}
// analisys has to be done from specific to generic level
// Test plan
// Test project
// System
// Order in following data structure is CRITIC for algorithm
//
$level2check = array(array('prop' => 'tplanRoles', 'id' => $tplanID), array('prop' => 'tprojectRoles', 'id' => $tprojectID), array('prop' => 'globalRole', 'id' => null));
$userRightSet = null;
$userGlobalRights = array_keys((array) $this->globalRole->rights);
$done = false;
foreach ($level2check as $elem) {
switch ($elem['prop']) {
case 'globalRole':
$userRightSet = $userGlobalRights;
break;
default:
$context = $this->{$elem}['prop'];
if (isset($context[$elem['id']])) {
// subtract parent Level rights
$rightSet = array_keys((array) $context[$elem['id']]->rights);
$rightSet = array_diff($rightSet, array_keys($parentRightPool[$elem['prop']]));
$userRightSet = $this->propagateRights($parentRightPool[$elem['prop']], $userGlobalRights, $rightSet);
$done = true;
}
break;
}
if ($done) {
break;
}
}
return $this->checkForRights($userRightSet, $roleQuestion);
}