Beispiel #1
0
function doOperation(&$dbHandler, $argsObj, $operation)
{
    $rights = implode("','", array_keys($argsObj->grant));
    $op = new stdClass();
    $op->role = new tlRole();
    $op->role->rights = tlRight::getAll($dbHandler, "WHERE description IN ('{$rights}')");
    $op->role->name = $argsObj->rolename;
    $op->role->description = $argsObj->notes;
    $op->role->dbID = $argsObj->roleid;
    $op->userFeedback = null;
    $op->template = 'rolesEdit.tpl';
    $result = $op->role->writeToDB($dbHandler);
    if ($result >= tl::OK) {
        $auditCfg = null;
        switch ($operation) {
            case 'doCreate':
                $auditCfg['msg'] = "audit_role_created";
                $auditCfg['activity'] = "CREATE";
                break;
            case 'doUpdate':
                $auditCfg['msg'] = "audit_role_saved";
                $auditCfg['activity'] = "SAVE";
                break;
        }
        logAuditEvent(TLS($auditCfg['msg'], $argsObj->rolename), $auditCfg['activity'], $op->role->dbID, "roles");
        $op->template = null;
    } else {
        $op->userFeedback = getRoleErrorMessage($result);
    }
    return $op;
}
Beispiel #2
0
function complete_gui(&$dbHandler, &$guiObj, &$argsObj, &$roleObj, &$webEditorObj)
{
    $actionCfg['operation'] = array('create' => 'doCreate', 'edit' => 'doUpdate', 'doCreate' => 'doCreate', 'doUpdate' => 'doUpdate');
    $actionCfg['highlight'] = array('create' => 'create_role', 'edit' => 'edit_role', 'doCreate' => 'create_role', 'doUpdate' => 'edit_role');
    $guiObj->highlight->{$actionCfg}['highlight'][$argsObj->doAction] = 1;
    $guiObj->operation = $actionCfg['operation'][$argsObj->doAction];
    $guiObj->role = $roleObj;
    $guiObj->grants = $_SESSION['currentUser']->getGrantsForUserMgmt($dbHandler);
    $guiObj->rightsCfg = tlRight::getRightsCfg();
    $guiObj->mgt_view_events = $_SESSION['currentUser']->hasRight($db, "mgt_view_events");
    // Create status for all checkboxes and set to unchecked
    foreach ($guiObj->rightsCfg as $grantDetails) {
        foreach ($grantDetails as $grantCode => $grantDescription) {
            $guiObj->checkboxStatus[$grantCode] = "";
        }
    }
    if ($roleObj->dbID) {
        $webEditorObj->Value = $roleObj->description;
        // build checked attribute for checkboxes
        if (sizeof($roleObj->rights)) {
            foreach ($roleObj->rights as $key => $right) {
                $guiObj->checkboxStatus[$right->name] = "checked=\"checked\"";
            }
        }
        //get all users which are affected by changing the role definition
        $guiObj->affectedUsers = $roleObj->getAllUsersWithRole($dbHandler);
    }
    $guiObj->notes = $webEditorObj->CreateHTML();
    return $guiObj;
}
 /**
  * check right on effective role for user, using test project and test plan,
  * means that check right on effective role.
  *
  * @return string|null 'yes' or null
  *
  * @internal revisions
  */
 function hasRight(&$db, $roleQuestion, $tprojectID = null, $tplanID = null)
 {
     static $parentRightPool;
     if (!$parentRightPool) {
         $dummy = tlRight::getRightsCfg();
         $parentRightPool['tplanRoles'] = $dummy->testprojectWideRange;
         $parentRightPool['tprojectRoles'] = $dummy->systemWideRange;
     }
     // analisys has to be done from specific to generic level
     // Test plan
     // Test project
     // System
     // Order in following data structure is CRITIC for algorithm
     //
     $level2check = array(array('prop' => 'tplanRoles', 'id' => $tplanID), array('prop' => 'tprojectRoles', 'id' => $tprojectID), array('prop' => 'globalRole', 'id' => null));
     $userRightSet = null;
     $userGlobalRights = array_keys((array) $this->globalRole->rights);
     $done = false;
     foreach ($level2check as $elem) {
         switch ($elem['prop']) {
             case 'globalRole':
                 $userRightSet = $userGlobalRights;
                 break;
             default:
                 $context = $this->{$elem}['prop'];
                 if (isset($context[$elem['id']])) {
                     // subtract parent Level rights
                     $rightSet = array_keys((array) $context[$elem['id']]->rights);
                     $rightSet = array_diff($rightSet, array_keys($parentRightPool[$elem['prop']]));
                     $userRightSet = $this->propagateRights($parentRightPool[$elem['prop']], $userGlobalRights, $rightSet);
                     $done = true;
                 }
                 break;
         }
         if ($done) {
             break;
         }
     }
     return $this->checkForRights($userRightSet, $roleQuestion);
 }