public function runConfigureRole(framework\Request $request)
{
try {
$role = new entities\Role($request['role_id']);
} catch (\Exception $e) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('This is not a valid role')));
}
if ($role->isSystemRole()) {
$access_level = $this->getAccessLevel($request['section'], 'core');
} else {
$access_level = $this->getUser()->canManageProject($role->getProject()) ? framework\Settings::ACCESS_FULL : framework\Settings::ACCESS_READ;
}
switch ($request['mode']) {
case 'list_permissions':
return $this->renderComponent('configuration/rolepermissionslist', array('role' => $role));
break;
case 'edit':
if (!$access_level == framework\Settings::ACCESS_FULL) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('You do not have access to edit these permissions')));
}
if ($request->isPost()) {
$role->setName($request['name']);
$role->save();
$new_permissions = array();
foreach ($request['permissions'] ?: array() as $new_permission) {
$permission_details = explode(',', $new_permission);
$new_permissions[$permission_details[2]] = array('module' => $permission_details[0], 'target_id' => $permission_details[1]);
}
$existing_permissions = array();
foreach ($role->getPermissions() as $existing_permission) {
if (!array_key_exists($existing_permission->getPermission(), $new_permissions)) {
$role->removePermission($existing_permission);
} else {
$existing_permissions[$existing_permission->getPermission()] = $new_permissions[$existing_permission->getPermission()];
unset($new_permissions[$existing_permission->getPermission()]);
}
}
foreach ($new_permissions as $permission_key => $details) {
$p = new entities\RolePermission();
$p->setModule($details['module']);
$p->setPermission($permission_key);
if ($details['target_id']) {
$p->setTargetID($details['target_id']);
}
$role->addPermission($p);
}
foreach ($existing_permissions as $permission_key => $details) {
$p = new entities\RolePermission();
$p->setModule($details['module']);
$p->setPermission($permission_key);
if ($details['target_id']) {
$p->setTargetID($details['target_id']);
}
tables\Permissions::getTable()->addRolePermission($role, $p);
}
framework\Context::clearPermissionsCache();
framework\Context::cacheAllPermissions();
return $this->renderJSON(array('message' => $this->getI18n()->__('Permissions updated'), 'permissions_count' => count($request['permissions']), 'role_name' => $role->getName()));
}
return $this->renderComponent('configuration/rolepermissionsedit', array('role' => $role));
case 'delete':
if (!$access_level == framework\Settings::ACCESS_FULL || !$request->isPost()) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('This role cannot be removed')));
}
$role->delete();
return $this->renderJSON(array('message' => $this->getI18n()->__('Role deleted')));
}
}
/**
* Adds an assignee with a given role
*
* @param \thebuggenie\core\entities\common\Identifiable $assignee The user or team to add
* @param Role $role The role to add
*
* @return null
*/
public function addAssignee($assignee, $role = null)
{
$user_id = 0;
$team_id = 0;
if ($assignee instanceof \thebuggenie\core\entities\User) {
$user_id = $assignee->getID();
if (tables\ProjectAssignedUsers::getTable()->addUserToProject($this->getID(), $user_id, $role->getID()) && is_array($this->_assigned_users)) {
$this->_assigned_users = array_merge($this->_assigned_users, tables\ProjectAssignedUsers::getTable()->getUserByProjectIDUserIDRoleID($this->getID(), $user_id, $role->getID()));
}
} elseif ($assignee instanceof \thebuggenie\core\entities\Team) {
$team_id = $assignee->getID();
if (tables\ProjectAssignedTeams::getTable()->addTeamToProject($this->getID(), $team_id, $role->getID()) && is_array($this->_assigned_users)) {
$this->_assigned_teams = array_merge($this->_assigned_teams, tables\ProjectAssignedTeams::getTable()->getTeamByProjectIDTeamIDRoleID($this->getID(), $team_id, $role->getID()));
}
}
if ($role instanceof \thebuggenie\core\entities\Role) {
$role_id = $role->getID();
foreach ($role->getPermissions() as $role_permission) {
$target_id = strtolower($role_permission->getExpandedTargetID($role));
tables\Permissions::getTable()->removeSavedPermission($user_id, 0, $team_id, $role_permission->getModule(), $role_permission->getPermission(), $target_id, framework\Context::getScope()->getID(), $role_id);
framework\Context::setPermission($role_permission->getPermission(), $target_id, $role_permission->getModule(), $user_id, 0, $team_id, true, null, $role_id);
}
}
}
/**
* Adds an assignee with a given role
*
* @param \thebuggenie\core\entities\common\Identifiable $assignee The user or team to add
* @param Role $role The role to add
*
* @return null
*/
public function addAssignee($assignee, $role = null)
{
$user_id = 0;
$team_id = 0;
if ($assignee instanceof \thebuggenie\core\entities\User) {
$user_id = $assignee->getID();
tables\ProjectAssignedUsers::getTable()->addUserToProject($this->getID(), $user_id, $role->getID());
} elseif ($assignee instanceof \thebuggenie\core\entities\Team) {
$team_id = $assignee->getID();
tables\ProjectAssignedTeams::getTable()->addTeamToProject($this->getID(), $team_id, $role->getID());
}
if ($role instanceof \thebuggenie\core\entities\Role) {
foreach ($role->getPermissions() as $role_permission) {
$target_id = $role_permission->hasTargetID() ? $role_permission->getReplacedTargetID($this) : $this->getID();
framework\Context::setPermission($role_permission->getPermission(), $target_id, $role_permission->getModule(), $user_id, 0, $team_id, true, null, $role->getID());
}
}
}
