Ejemplo n.º 1
0
 public function getTreePermissionsAction()
 {
     $this->removeViewRenderer();
     $user = User::getById($this->_getParam("user"));
     if ($this->_getParam("xaction") == "update") {
         $data = json_decode($this->_getParam("data"));
         if (!empty($data->id)) {
             $nodes[] = $data;
         } else {
             $nodes = $data;
         }
         //loop through store nodes  = documents to edit
         if (is_array($nodes)) {
             foreach ($nodes as $node) {
                 $document = Document::getById($node->id);
                 $parent = Document::getById($document->getParentId());
                 $documentPermission = $document->getPermissionsForUser($user);
                 if ($documentPermission instanceof Document_Permissions) {
                     $found = true;
                     if (!$node->permissionSet) {
                         //reset permission by deleting it
                         if ($documentPermission->getCid() == $document->getId()) {
                             $documentPermission->delete();
                             $permissions = $document->getPermissions();
                         }
                         break;
                     } else {
                         if ($documentPermission->getCid() != $document->getId() or $documentPermission->getUser()->getId() != $user->getId()) {
                             //we got a parent's permission create new permission
                             //or we got a usergroup permission, create a new permission for specific user
                             $documentPermission = new Document_Permissions();
                             $documentPermission->setUser($user);
                             $documentPermission->setUserId($user->getId());
                             $documentPermission->setUsername($user->getUsername());
                             $documentPermission->setCid($document->getId());
                             $documentPermission->setCpath($document->getFullPath());
                         }
                         //update document_permission
                         $doSave = true;
                         $permissionNames = $documentPermission->getValidPermissionKeys();
                         foreach ($permissionNames as $name) {
                             //check if parent allows list
                             if ($parent) {
                                 $parent->getPermissionsForUser($user);
                                 $parentList = $parent->isAllowed("list");
                             } else {
                                 $parentList = true;
                             }
                             $setterName = "set" . ucfirst($name);
                             if (isset($node->{$name}) and $node->{$name} and $parentList) {
                                 $documentPermission->{$setterName}(true);
                             } else {
                                 if (isset($node->{$name})) {
                                     $documentPermission->{$setterName}(false);
                                     //if no list permission set all to false
                                     if ($name == "list") {
                                         foreach ($permissionNames as $n) {
                                             $setterName = "set" . ucfirst($n);
                                             $documentPermission->{$setterName}(false);
                                         }
                                         break;
                                     }
                                 }
                             }
                         }
                         $documentPermission->save();
                         if ($node->evictChildrenPermissions) {
                             $successorList = new Document_List();
                             $successorList->setOrderKey("index");
                             $successorList->setOrder("asc");
                             if ($document->getParentId() < 1) {
                                 $successorList->setCondition("parentId > 0");
                             } else {
                                 $successorList->setCondition("path like '" . $document->getFullPath() . "/%'");
                             }
                             Logger::debug($successorList->getCondition());
                             $successors = $successorList->load();
                             foreach ($successors as $successor) {
                                 $permission = $successor->getPermissionsForUser($user);
                                 if ($permission->getId() > 0 and $permission->getCid() == $successor->getId()) {
                                     $permission->delete();
                                 }
                             }
                         }
                     }
                 }
             }
             $this->_helper->json(array("success" => true));
         }
     } else {
         if ($this->_getParam("xaction") == "destroy") {
             //ignore
         } else {
             //read
             if ($user instanceof User) {
                 $userPermissionsNamespace = new Zend_Session_Namespace('documentUserPermissions');
                 if (!isset($userPermissionsNamespace->expandedNodes) or $userPermissionsNamespace->currentUser != $user->getId()) {
                     $userPermissionsNamespace->currentUser = $user->getId();
                     $userPermissionsNamespace->expandedNodes = array();
                 }
                 if (is_numeric($this->_getParam("anode")) and $this->_getParam("anode") > 0) {
                     $node = $this->_getParam("anode");
                     $document = Document::getById($node);
                     if ($document->hasChilds()) {
                         $list = new Document_List();
                         $list->setCondition("parentId = ?", $document->getId());
                         $list->setOrderKey("index");
                         $list->setOrder("asc");
                         $childsList = $list->load();
                         $requestedNodes = array();
                         foreach ($childsList as $child) {
                             $requestedNodes[] = $child->getId();
                         }
                         $userPermissionsNamespace->expandedNodes = array_merge($userPermissionsNamespace->expandedNodes, $requestedNodes);
                     }
                 } else {
                     $userPermissionsNamespace->expandedNodes = array_merge($userPermissionsNamespace->expandedNodes, array(1));
                 }
                 //load all nodes which are open in client
                 $documentList = new Document_List();
                 $documentList->setOrderKey("index");
                 $documentList->setOrder("asc");
                 $queryIds = "'" . implode("','", $userPermissionsNamespace->expandedNodes) . "'";
                 $documentList->setCondition("id in (" . $queryIds . ")");
                 $o = $documentList->load();
                 $total = count($o);
                 $documents = array();
                 foreach ($o as $document) {
                     if ($document->getParentId() > 0) {
                         $parent = Document::getById($document->getParentId());
                     } else {
                         $parent = null;
                     }
                     // get current user permissions
                     $document->getPermissionsForUser($this->getUser());
                     // only display document if listing is allowed for the current user
                     if ($document->isAllowed("list") and $document->isAllowed("permissions")) {
                         $permission = $this->getTreeNodePermissionConfig($user, $document, $parent, true);
                         $documents[] = $permission;
                         $tmpDocuments[$document->getId()] = $permission;
                     }
                 }
                 //only visible nodes and in the order how they should be displayed ... doesn't make sense but seems to fix bug of duplicate nodes
                 $documentsForFrontend = array();
                 $visible = $this->_getParam("visible");
                 if ($visible) {
                     $visibleNodes = explode(",", $visible);
                     foreach ($visibleNodes as $nodeId) {
                         $documentsForFrontend[] = $tmpDocuments[$nodeId];
                         if ($nodeId == $this->_getParam("anode") and is_array($requestedNodes)) {
                             foreach ($requestedNodes as $nId) {
                                 $documentsForFrontend[] = $tmpDocuments[$nId];
                             }
                         }
                     }
                     $documents = $documentsForFrontend;
                 }
             }
             $this->_helper->json(array("total" => $total, "data" => $documents, "success" => true));
         }
     }
 }
Ejemplo n.º 2
0
 /**
  * @return array
  */
 public function getPermissions()
 {
     $permissions = array();
     $permissionsRaw = $this->db->fetchAll("SELECT id FROM documents_permissions WHERE cid = ? ORDER BY cpath ASC", $this->model->getId());
     $userIdMappings = array();
     foreach ($permissionsRaw as $permissionRaw) {
         $permissions[] = Document_Permissions::getById($permissionRaw["id"]);
     }
     $this->model->setPermissions($permissions);
     return $permissions;
 }