public function getTreePermissionsAction() { $this->removeViewRenderer(); $user = User::getById($this->_getParam("user")); if ($this->_getParam("xaction") == "update") { $data = json_decode($this->_getParam("data")); if (!empty($data->id)) { $nodes[] = $data; } else { $nodes = $data; } //loop through store nodes = documents to edit if (is_array($nodes)) { foreach ($nodes as $node) { $document = Document::getById($node->id); $parent = Document::getById($document->getParentId()); $documentPermission = $document->getPermissionsForUser($user); if ($documentPermission instanceof Document_Permissions) { $found = true; if (!$node->permissionSet) { //reset permission by deleting it if ($documentPermission->getCid() == $document->getId()) { $documentPermission->delete(); $permissions = $document->getPermissions(); } break; } else { if ($documentPermission->getCid() != $document->getId() or $documentPermission->getUser()->getId() != $user->getId()) { //we got a parent's permission create new permission //or we got a usergroup permission, create a new permission for specific user $documentPermission = new Document_Permissions(); $documentPermission->setUser($user); $documentPermission->setUserId($user->getId()); $documentPermission->setUsername($user->getUsername()); $documentPermission->setCid($document->getId()); $documentPermission->setCpath($document->getFullPath()); } //update document_permission $doSave = true; $permissionNames = $documentPermission->getValidPermissionKeys(); foreach ($permissionNames as $name) { //check if parent allows list if ($parent) { $parent->getPermissionsForUser($user); $parentList = $parent->isAllowed("list"); } else { $parentList = true; } $setterName = "set" . ucfirst($name); if (isset($node->{$name}) and $node->{$name} and $parentList) { $documentPermission->{$setterName}(true); } else { if (isset($node->{$name})) { $documentPermission->{$setterName}(false); //if no list permission set all to false if ($name == "list") { foreach ($permissionNames as $n) { $setterName = "set" . ucfirst($n); $documentPermission->{$setterName}(false); } break; } } } } $documentPermission->save(); if ($node->evictChildrenPermissions) { $successorList = new Document_List(); $successorList->setOrderKey("index"); $successorList->setOrder("asc"); if ($document->getParentId() < 1) { $successorList->setCondition("parentId > 0"); } else { $successorList->setCondition("path like '" . $document->getFullPath() . "/%'"); } Logger::debug($successorList->getCondition()); $successors = $successorList->load(); foreach ($successors as $successor) { $permission = $successor->getPermissionsForUser($user); if ($permission->getId() > 0 and $permission->getCid() == $successor->getId()) { $permission->delete(); } } } } } } $this->_helper->json(array("success" => true)); } } else { if ($this->_getParam("xaction") == "destroy") { //ignore } else { //read if ($user instanceof User) { $userPermissionsNamespace = new Zend_Session_Namespace('documentUserPermissions'); if (!isset($userPermissionsNamespace->expandedNodes) or $userPermissionsNamespace->currentUser != $user->getId()) { $userPermissionsNamespace->currentUser = $user->getId(); $userPermissionsNamespace->expandedNodes = array(); } if (is_numeric($this->_getParam("anode")) and $this->_getParam("anode") > 0) { $node = $this->_getParam("anode"); $document = Document::getById($node); if ($document->hasChilds()) { $list = new Document_List(); $list->setCondition("parentId = ?", $document->getId()); $list->setOrderKey("index"); $list->setOrder("asc"); $childsList = $list->load(); $requestedNodes = array(); foreach ($childsList as $child) { $requestedNodes[] = $child->getId(); } $userPermissionsNamespace->expandedNodes = array_merge($userPermissionsNamespace->expandedNodes, $requestedNodes); } } else { $userPermissionsNamespace->expandedNodes = array_merge($userPermissionsNamespace->expandedNodes, array(1)); } //load all nodes which are open in client $documentList = new Document_List(); $documentList->setOrderKey("index"); $documentList->setOrder("asc"); $queryIds = "'" . implode("','", $userPermissionsNamespace->expandedNodes) . "'"; $documentList->setCondition("id in (" . $queryIds . ")"); $o = $documentList->load(); $total = count($o); $documents = array(); foreach ($o as $document) { if ($document->getParentId() > 0) { $parent = Document::getById($document->getParentId()); } else { $parent = null; } // get current user permissions $document->getPermissionsForUser($this->getUser()); // only display document if listing is allowed for the current user if ($document->isAllowed("list") and $document->isAllowed("permissions")) { $permission = $this->getTreeNodePermissionConfig($user, $document, $parent, true); $documents[] = $permission; $tmpDocuments[$document->getId()] = $permission; } } //only visible nodes and in the order how they should be displayed ... doesn't make sense but seems to fix bug of duplicate nodes $documentsForFrontend = array(); $visible = $this->_getParam("visible"); if ($visible) { $visibleNodes = explode(",", $visible); foreach ($visibleNodes as $nodeId) { $documentsForFrontend[] = $tmpDocuments[$nodeId]; if ($nodeId == $this->_getParam("anode") and is_array($requestedNodes)) { foreach ($requestedNodes as $nId) { $documentsForFrontend[] = $tmpDocuments[$nId]; } } } $documents = $documentsForFrontend; } } $this->_helper->json(array("total" => $total, "data" => $documents, "success" => true)); } } }
/** * @return array */ public function getPermissions() { $permissions = array(); $permissionsRaw = $this->db->fetchAll("SELECT id FROM documents_permissions WHERE cid = ? ORDER BY cpath ASC", $this->model->getId()); $userIdMappings = array(); foreach ($permissionsRaw as $permissionRaw) { $permissions[] = Document_Permissions::getById($permissionRaw["id"]); } $this->model->setPermissions($permissions); return $permissions; }