Ejemplo n.º 1
0
 public function addPermissions(array $ids)
 {
     foreach ($ids as $permId) {
         $rolePerm = new RolePermission();
         $rolePerm->role_id = $this->id;
         $rolePerm->perm_id = $permId;
         $rolePerm->save();
     }
 }
Ejemplo n.º 2
0
 /**
  * Display the main page of the permission settings
  */
 public function index()
 {
     $permissionGroups = Permission::getAllGroupByPlugin();
     $example = isset($this->roleId) ? array('roleId' => $this->roleId) : array();
     $data = RolePermission::getListByExample(new DBExample($example));
     $values = array();
     foreach ($data as $value) {
         $values[$value->permissionId][$value->roleId] = $value->value;
     }
     $roles = isset($this->roleId) ? array(Role::getById($this->roleId)) : Role::getAll(null, array(), array(), true);
     $param = array('id' => 'permissions-form', 'fieldsets' => array('form' => array(), '_submits' => array(new SubmitInput(array('name' => 'valid', 'value' => Lang::get('main.valid-button'))))));
     foreach ($roles as $role) {
         foreach ($permissionGroups as $group => $permissions) {
             if (Plugin::get($group)) {
                 foreach ($permissions as $permission) {
                     if ($role->id == Role::ADMIN_ROLE_ID) {
                         $default = 1;
                     } elseif (isset($values[$permission->id][$role->id])) {
                         $default = $values[$permission->id][$role->id];
                     } else {
                         $default = 0;
                     }
                     $param['fieldsets']['form'][] = new CheckboxInput(array('name' => "permission-{$permission->id}-{$role->id}", 'disabled' => $role->id == Role::ADMIN_ROLE_ID || $role->id == Role::GUEST_ROLE_ID && !$permission->availableForGuests, 'default' => $default, 'class' => $permission->id == Permission::ALL_PRIVILEGES_ID ? 'select-all' : '', 'nl' => false));
                 }
             }
         }
     }
     $form = new Form($param);
     if (!$form->submitted()) {
         $page = View::make(Plugin::current()->getView("permissions.tpl"), array('permissions' => $permissionGroups, 'fields' => $form->inputs, 'roles' => $roles));
         return NoSidebarTab::make(array('icon' => 'unlock-alt', 'title' => Lang::get('permissions.page-title'), 'page' => $form->wrap($page)));
     } else {
         try {
             foreach ($form->inputs as $name => $field) {
                 if (preg_match('/^permission\\-(\\d+)\\-(\\d+)$/', $name, $match)) {
                     $permissionId = $match[1];
                     $roleId = $match[2];
                     $value = App::request()->getBody($name) ? 1 : 0;
                     if ($roleId != Role::ADMIN_ROLE_ID && !($roleId == Role::GUEST_ROLE_ID && !$permission->availableForGuests)) {
                         $permission = new RolePermission();
                         $permission->set(array('roleId' => $roleId, 'permissionId' => $permissionId, 'value' => $value));
                         $permission->save();
                     }
                 }
             }
             App::logger()->info('Permissions were succesfully updated');
             return $form->response(Form::STATUS_SUCCESS, Lang::get("roles.permissions-update-success"));
         } catch (Exception $e) {
             App::logger()->error('An error occured while updating permissions');
             return $form->response(Form::STATUS_ERROR, DEBUG_MODE ? $e->getMessage() : Lang::get("roles.permissions-update-error"));
         }
     }
 }
 public static function savePermissionsFor($role_id, $permissions)
 {
     if (!Record::existsIn('Role', 'id = :role_id', array(':role_id' => $role_id))) {
         return false;
     }
     if (!self::deleteWhere('RolePermission', 'role_id = :role_id', array(':role_id' => (int) $role_id))) {
         return false;
     }
     foreach ($permissions as $perm) {
         $rp = new RolePermission(array('role_id' => $role_id, 'permission_id' => $perm->id));
         if (!$rp->save()) {
             return false;
         }
     }
     return true;
 }
Ejemplo n.º 4
0
 public static function role($id)
 {
     if (!isset(static::$stored[$id])) {
         static::$stored[$id] = RolePermission::with('permission')->where('role_id', '=', $id)->get();
     }
     return static::$stored[$id];
 }
Ejemplo n.º 5
0
 public function getPermissions($roleId = null)
 {
     if (!$roleId) {
         return null;
     }
     // Check if the table exists (patch not installed yet)
     $db = ConnectionManager::getDataSource('default');
     $tables = $db->listSources();
     if (!in_array($this->tablePrefix . 'role_permission_roles', $tables)) {
         $permissions['full_permissions'] = $roleId == 1;
         $permissions['limited_admin'] = false;
         $permissions['manage_events'] = false;
         $permissions['manage_own_events'] = false;
         $permissions['create_templates'] = false;
         $permissions['create_reports'] = false;
         return $permissions;
     }
     $permissions = array();
     $rolePermissionsAssigned = array();
     App::uses('RolePermissionRole', 'Model');
     $RolePermissionRoleModel = new RolePermissionRole();
     App::uses('RolePermission', 'Model');
     $RolePermissionModel = new RolePermission();
     $params = array();
     $params['recursive'] = 1;
     $params['fields'] = array('id', 'role_id');
     $params['contain']['RolePermission']['fields'] = array('alias');
     $params['conditions']['role_id'] = $roleId;
     if ($rolePermissionRoles = $RolePermissionRoleModel->find('all', $params)) {
         foreach ($rolePermissionRoles as $rolePermissionRole) {
             $permissions[$rolePermissionRole['RolePermission']['alias']] = $rolePermissionRole['RolePermissionRole']['role_id'] == $roleId;
             $rolePermissionsAssigned[] = $rolePermissionRole['RolePermission']['id'];
         }
     }
     $params = array();
     $params['recursive'] = -1;
     $params['conditions']['id !='] = $rolePermissionsAssigned;
     if ($rolePermissions = $RolePermissionModel->find('all', $params)) {
         foreach ($rolePermissions as $rolePermission) {
             if (!isset($permissions[$rolePermission['RolePermission']['alias']])) {
                 $permissions[$rolePermission['RolePermission']['alias']] = false;
             }
         }
     }
     return $permissions;
 }
Ejemplo n.º 6
0
 /**
  * Returns all Permissions for this Role.
  *
  * The Permissions are only read from the DB when needed the first time.
  *
  * @return array An array of Permission objects.
  */
 public function permissions()
 {
     if (!$this->permissions) {
         $this->permissions = array();
         foreach (RolePermission::findPermissionsFor($this->id) as $perm) {
             $this->permissions[$perm->name] = $perm;
         }
     }
     return $this->permissions;
 }
Ejemplo n.º 7
0
 public static function factory(Storage $storage, $row)
 {
     $permission = new RolePermission($storage);
     $permission->setRoleID($row["roleid"]);
     $permission->setPermissionID($row["permissionid"]);
     $permission->setGliederungID($row["gliederungid"]);
     $permission->isTransitive($row["transitive"]);
     return $permission;
 }
Ejemplo n.º 8
0
 public function executeSave(sfWebRequest $request)
 {
     $role = RolePeer::retrieveByPK($request->getParameter('id'));
     $this->forward404Unless($role);
     $perms = $request->getParameter('permissions');
     if (!is_array($perms)) {
         $perms = array();
     }
     # remove rights
     $c = new Criteria();
     $c->add(RolePermissionPeer::ROLE_ID, $role->getId());
     RolePermissionPeer::doDelete($c);
     # save new rights
     foreach ($perms as $perm) {
         $role_permission = new RolePermission();
         $role_permission->setPermissionId($perm);
         $role_permission->setRoleId($role->getId());
         $role_permission->save();
     }
     return $this->renderText('Rights for \'' . $role->getTitle() . '\' have successfully saved!');
 }
Ejemplo n.º 9
0
 public static function GetByPermissionId($permission_id)
 {
     return RolePermission::find('all', array('permission_id' => $permission_id));
 }
Ejemplo n.º 10
0
	final public static function revokePermissions( $role, $permissions ) {
	
		$role = trim($role);
	
		if ( ! $r = Role::findByName($role) ) return self::__ERROR( __('Role does not exist!') );
		
		foreach (explode(',', $permissions) as $permission) {
			
			$permission = trim($permission);
			
			if ( $r->hasPermission($permission) ) {
			
				if ( ! $p = Permission::findByName($permission) ) return self::__ERROR( __('Permission does not exist!') );
				
				RolePermission::deleteWhere('RolePermission','role_id='.$r->id.', permission_id='.$p->id);
				if ( RolePermission::countFrom('RolePermission','role_id='.$r->id.', permission_id='.$p->id) > 0 ) return  self::__ERROR( __('Could not remove Role->Permission link!') );
			
			}
		
		}

		return true;
	}
Ejemplo n.º 11
0
 public function v15()
 {
     // Regenerate cache
     Cache::clear(false);
     // Notifications
     $notifications = array('enabled' => 1, 'signup' => 0, 'contact' => '');
     $this->Setting->setOption('notifications', json_encode($notifications));
     // Calendar settings
     $calendar = array('weekStartDay' => 0, 'title' => 'event', 'timeToDisplay' => 'time_invitation', 'gameIcon' => 1, 'dungeonIcon' => 1);
     $this->Setting->setOption('calendar', json_encode($calendar));
     // Set main characters
     $sql = "SELECT t.user_id, t.game_id, t.character_id, MAX(t.used) AS nb_used\n                FROM (\n                    SELECT ec.user_id, e.game_id, ec.character_id, COUNT(ec.id) AS used\n                    FROM " . $this->dbPrefix . "events_characters ec \n                    JOIN " . $this->dbPrefix . "users u ON ec.user_id=u.id\n                    JOIN " . $this->dbPrefix . "events e ON e.id=ec.event_id\n                    GROUP BY ec.character_id\n                    ORDER BY used DESC, u.id ASC, e.game_id ASC, ec.character_id\n                ) t\n                GROUP BY t.user_id, t.game_id";
     if ($eventsCharacters = $this->EventsCharacter->query($sql)) {
         foreach ($eventsCharacters as $eventsCharacter) {
             $toUpdate = array();
             $toUpdate['id'] = $eventsCharacter['t']['character_id'];
             $toUpdate['main'] = 1;
             $this->Character->save($toUpdate);
         }
     }
     $params = array();
     $params['recursive'] = -1;
     $params['group'] = array('user_id', 'game_id');
     $params['fields'] = array('id', 'user_id', 'game_id');
     $params['order'] = array('main DESC', 'level DESC');
     if ($characters = $this->Character->find('all', $params)) {
         foreach ($characters as $character) {
             $params = array();
             $params['recursive'] = -1;
             $params['fields'] = array('Character.id');
             $params['conditions']['user_id'] = $character['Character']['user_id'];
             $params['conditions']['game_id'] = $character['Character']['game_id'];
             $params['conditions']['main'] = 1;
             if (!$this->Character->find('first', $params)) {
                 $toUpdate = array();
                 $toUpdate['id'] = $character['Character']['id'];
                 $toUpdate['main'] = 1;
                 $this->Character->save($toUpdate);
             }
         }
     }
     // New role own events
     $toSaveRole = array('title' => __('Can manage own events only'), 'alias' => 'manage_own_events', 'description' => __('Can create, edit and delete own events only. Can also manage the roster for his events'));
     App::uses('RolePermission', 'Model');
     $RolePermissionModel = new RolePermission();
     $RolePermissionModel->create();
     $RolePermissionModel->save($toSaveRole);
     // Mushstats
     $this->Setting->setOption('Mushstats', time());
 }
Ejemplo n.º 12
0
 /**
  * Add a new permission in the database
  *
  * @param string $name               The permission name, formatted as "<plugin>.<key>"
  * @param int    $default            The default value for this permission
  * @param int    $availableForGuests Defines if the permission can be set to true for guest users
  *
  * @return Permission The created permission
  */
 public static function add($name, $default = 1, $availableForGuests = 0)
 {
     list($plugin, $key) = explode('.', $name);
     $permission = parent::add(array('plugin' => $plugin, 'key' => $key, 'availableForGuests' => $availableForGuests));
     $roles = Role::getAll();
     foreach ($roles as $role) {
         $value = $role->id == Role::GUEST_ROLE_ID ? $availableForGuests ? $default : 0 : $default;
         RolePermission::add(array('roleId' => $role->id, 'permissionId' => $permission->id, 'value' => $value));
     }
     return $permission;
 }
Ejemplo n.º 13
0
 private function postInstallData($siteTitle)
 {
     // Add default settings
     $host = substr_count($_SERVER['HTTP_HOST'], '.') > 1 ? substr($_SERVER['HTTP_HOST'], strpos($_SERVER['HTTP_HOST'], '.') + 1) : $_SERVER['HTTP_HOST'];
     $host = strpos($host, ':') !== false ? substr($host, 0, strpos($host, ':')) : $host;
     // Remove port if present on unusual configurations
     App::uses('Setting', 'Model');
     $settingModel = new Setting();
     $defaultSettings = array();
     $defaultSettings['title'] = $siteTitle;
     $defaultSettings['theme'] = json_encode(array('logo' => '/img/logo.png', 'bgcolor' => '#444444', 'bgimage' => $this->request->webroot . 'img/bg.png', 'bgrepeat' => 'repeat'));
     $defaultSettings['css'] = '';
     $defaultSettings['notifications'] = json_encode(array('enabled' => 1, 'signup' => 0, 'contact' => ''));
     $defaultSettings['email'] = json_encode(array('name' => 'MushRaider', 'from' => 'mushraider@' . $host, 'encoding' => '', 'transport' => 'Mail', 'host' => '', 'port' => '', 'username' => '', 'password' => ''));
     $defaultSettings['Mushstats'] = time();
     $defaultSettings['calendar'] = json_encode(array('weekStartDay' => 1, 'title' => 'event', 'timeToDisplay' => 'time_invitation', 'gameIcon' => 1, 'dungeonIcon' => 1));
     $defaultSettings['timezone'] = 'Europe/Paris';
     foreach ($defaultSettings as $option => $value) {
         $settingModel->create();
         $settingModel->save(array('option' => $option, 'value' => $value));
     }
     // Add default roles permissions
     $rolesPermissions = array(array('title' => __('Full permissions'), 'alias' => 'full_permissions', 'description' => __('Like Chuck Norris, he can do anything. This overwrite every permissions')), array('title' => __('Limited admin access'), 'alias' => 'limited_admin', 'description' => __('Like Robin, he can do some things but not all (like driving the batmobile or change user role)')), array('title' => __('Can manage events'), 'alias' => 'manage_events', 'description' => __('Can create, edit and delete events. Can also manage the roster for each events')), array('title' => __('Can manage own events only'), 'alias' => 'manage_own_events', 'description' => __('Can create, edit and delete own events only. Can also manage the roster for his events')), array('title' => __('Can create templates'), 'alias' => 'create_templates', 'description' => __('Can create events templates')), array('title' => __('Can create reports'), 'alias' => 'create_reports', 'description' => __('Can create events reports')));
     App::uses('RolePermission', 'Model');
     $RolePermissionModel = new RolePermission();
     foreach ($rolesPermissions as $rolesPermission) {
         $RolePermissionModel->create();
         $RolePermissionModel->save($rolesPermission);
     }
     // Add new roles permissions to existing roles
     App::uses('Role', 'Model');
     $RoleModel = new Role();
     App::uses('RolePermissionRole', 'Model');
     $RolePermissionRoleModel = new RolePermissionRole();
     $RolePermissionRoleModel->__add(array('role_id' => $RoleModel->getIdByAlias('admin'), 'role_permission_id' => $RolePermissionModel->getIdByAlias('full_permissions')));
     $RolePermissionRoleModel->__add(array('role_id' => $RoleModel->getIdByAlias('officer'), 'role_permission_id' => $RolePermissionModel->getIdByAlias('limited_admin')));
     $RolePermissionRoleModel->__add(array('role_id' => $RoleModel->getIdByAlias('officer'), 'role_permission_id' => $RolePermissionModel->getIdByAlias('manage_events')));
     $RolePermissionRoleModel->__add(array('role_id' => $RoleModel->getIdByAlias('officer'), 'role_permission_id' => $RolePermissionModel->getIdByAlias('create_templates')));
     $RolePermissionRoleModel->__add(array('role_id' => $RoleModel->getIdByAlias('officer'), 'role_permission_id' => $RolePermissionModel->getIdByAlias('create_reports')));
 }
Ejemplo n.º 14
0
 /**
  * Adds an object to the instance pool.
  *
  * Propel keeps cached copies of objects in an instance pool when they are retrieved
  * from the database.  In some cases -- especially when you override doSelect*()
  * methods in your stub classes -- you may need to explicitly add objects
  * to the cache in order to ensure that the same objects are always returned by doSelect*()
  * and retrieveByPK*() calls.
  *
  * @param      RolePermission $value A RolePermission object.
  * @param      string $key (optional) key to use for instance map (for performance boost if key was already calculated externally).
  */
 public static function addInstanceToPool(RolePermission $obj, $key = null)
 {
     if (Propel::isInstancePoolingEnabled()) {
         if ($key === null) {
             $key = serialize(array((string) $obj->getRoleId(), (string) $obj->getPermissionId()));
         }
         // if key === null
         self::$instances[$key] = $obj;
     }
 }
Ejemplo n.º 15
0
 /**
  * Set all the permissions on the user
  */
 private function getPermissions()
 {
     if (!isset($this->permissions)) {
         $sql = 'SELECT P.plugin, P.key, P.id
 				FROM ' . RolePermission::getTable() . ' RP
 					INNER JOIN ' . Permission::getTable() . ' P ON RP.permissionId = P.id
 					INNER JOIN ' . self::getTable() . ' U ON U.roleId = RP.roleId
 				WHERE U.id = :id AND RP.value=1';
         $permissions = App::db()->query($sql, array('id' => $this->id), array('return' => DB::RETURN_OBJECT));
         $this->permissions = array();
         foreach ($permissions as $permission) {
             // Register the permission by it id
             $this->permissions['byId'][$permission->id] = 1;
             // Regoster the permission by it name
             $this->permissions['byName'][$permission->plugin][$permission->key] = 1;
         }
     }
 }