public function runConfigureRole(framework\Request $request) { try { $role = new entities\Role($request['role_id']); } catch (\Exception $e) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('This is not a valid role'))); } if ($role->isSystemRole()) { $access_level = $this->getAccessLevel($request['section'], 'core'); } else { $access_level = $this->getUser()->canManageProject($role->getProject()) ? framework\Settings::ACCESS_FULL : framework\Settings::ACCESS_READ; } switch ($request['mode']) { case 'list_permissions': return $this->renderComponent('configuration/rolepermissionslist', array('role' => $role)); break; case 'edit': if (!$access_level == framework\Settings::ACCESS_FULL) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('You do not have access to edit these permissions'))); } if ($request->isPost()) { $role->setName($request['name']); $role->save(); $new_permissions = array(); foreach ($request['permissions'] ?: array() as $new_permission) { $permission_details = explode(',', $new_permission); $new_permissions[$permission_details[2]] = array('module' => $permission_details[0], 'target_id' => $permission_details[1]); } $existing_permissions = array(); foreach ($role->getPermissions() as $existing_permission) { if (!array_key_exists($existing_permission->getPermission(), $new_permissions)) { $role->removePermission($existing_permission); } else { $existing_permissions[$existing_permission->getPermission()] = $new_permissions[$existing_permission->getPermission()]; unset($new_permissions[$existing_permission->getPermission()]); } } foreach ($new_permissions as $permission_key => $details) { $p = new entities\RolePermission(); $p->setModule($details['module']); $p->setPermission($permission_key); if ($details['target_id']) { $p->setTargetID($details['target_id']); } $role->addPermission($p); } foreach ($existing_permissions as $permission_key => $details) { $p = new entities\RolePermission(); $p->setModule($details['module']); $p->setPermission($permission_key); if ($details['target_id']) { $p->setTargetID($details['target_id']); } tables\Permissions::getTable()->addRolePermission($role, $p); } framework\Context::clearPermissionsCache(); framework\Context::cacheAllPermissions(); return $this->renderJSON(array('message' => $this->getI18n()->__('Permissions updated'), 'permissions_count' => count($request['permissions']), 'role_name' => $role->getName())); } return $this->renderComponent('configuration/rolepermissionsedit', array('role' => $role)); case 'delete': if (!$access_level == framework\Settings::ACCESS_FULL || !$request->isPost()) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('This role cannot be removed'))); } $role->delete(); return $this->renderJSON(array('message' => $this->getI18n()->__('Role deleted'))); } }
/** * Adds an assignee with a given role * * @param \thebuggenie\core\entities\common\Identifiable $assignee The user or team to add * @param Role $role The role to add * * @return null */ public function addAssignee($assignee, $role = null) { $user_id = 0; $team_id = 0; if ($assignee instanceof \thebuggenie\core\entities\User) { $user_id = $assignee->getID(); if (tables\ProjectAssignedUsers::getTable()->addUserToProject($this->getID(), $user_id, $role->getID()) && is_array($this->_assigned_users)) { $this->_assigned_users = array_merge($this->_assigned_users, tables\ProjectAssignedUsers::getTable()->getUserByProjectIDUserIDRoleID($this->getID(), $user_id, $role->getID())); } } elseif ($assignee instanceof \thebuggenie\core\entities\Team) { $team_id = $assignee->getID(); if (tables\ProjectAssignedTeams::getTable()->addTeamToProject($this->getID(), $team_id, $role->getID()) && is_array($this->_assigned_users)) { $this->_assigned_teams = array_merge($this->_assigned_teams, tables\ProjectAssignedTeams::getTable()->getTeamByProjectIDTeamIDRoleID($this->getID(), $team_id, $role->getID())); } } if ($role instanceof \thebuggenie\core\entities\Role) { $role_id = $role->getID(); foreach ($role->getPermissions() as $role_permission) { $target_id = strtolower($role_permission->getExpandedTargetID($role)); tables\Permissions::getTable()->removeSavedPermission($user_id, 0, $team_id, $role_permission->getModule(), $role_permission->getPermission(), $target_id, framework\Context::getScope()->getID(), $role_id); framework\Context::setPermission($role_permission->getPermission(), $target_id, $role_permission->getModule(), $user_id, 0, $team_id, true, null, $role_id); } } }
/** * Adds an assignee with a given role * * @param \thebuggenie\core\entities\common\Identifiable $assignee The user or team to add * @param Role $role The role to add * * @return null */ public function addAssignee($assignee, $role = null) { $user_id = 0; $team_id = 0; if ($assignee instanceof \thebuggenie\core\entities\User) { $user_id = $assignee->getID(); tables\ProjectAssignedUsers::getTable()->addUserToProject($this->getID(), $user_id, $role->getID()); } elseif ($assignee instanceof \thebuggenie\core\entities\Team) { $team_id = $assignee->getID(); tables\ProjectAssignedTeams::getTable()->addTeamToProject($this->getID(), $team_id, $role->getID()); } if ($role instanceof \thebuggenie\core\entities\Role) { foreach ($role->getPermissions() as $role_permission) { $target_id = $role_permission->hasTargetID() ? $role_permission->getReplacedTargetID($this) : $this->getID(); framework\Context::setPermission($role_permission->getPermission(), $target_id, $role_permission->getModule(), $user_id, 0, $team_id, true, null, $role->getID()); } } }