/**
* For a given permission object, get the assignment object for the
* given permission, or create one if there isn't one already.
*
* This assignment object describes the group of users/groups/roles
* that have the given permission. If one is created, it is created
* empty.
*/
function getOrCreateAssignment($sPermission, $iObjectID)
{
if (is_string($sPermission)) {
$oPermission =& KTPermission::getByName($sPermission);
} else {
$oPermission =& $sPermission;
}
if (is_numeric($iObjectID)) {
$oObject =& KTPermissionObject::get($iObjectID);
} else {
$oObject =& $iObjectID;
}
$oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oObject);
if (PEAR::isError($oPA)) {
$oPA = KTPermissionAssignment::createFromArray(array('permissionid' => $oPermission->getID(), 'permissionobjectid' => $oObject->getID()));
}
return $oPA;
}
function &_getPermissionsMap()
{
$oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());
$aPermissions = KTPermission::getList();
$aPermissionsMap = array('role' => array(), 'group' => array());
foreach ($aPermissions as $oPermission) {
$oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO);
if (PEAR::isError($oPA)) {
continue;
}
$oDescriptor = KTPermissionDescriptor::get($oPA->getPermissionDescriptorId());
$iPermissionId = $oPermission->getId();
// groups
$aGroupIds = $oDescriptor->getGroups();
foreach ($aGroupIds as $iId) {
$aPermissionsMap['group'][$iId][$iPermissionId] = true;
}
// roles
$aRoleIds = $oDescriptor->getRoles();
foreach ($aRoleIds as $iId) {
$aPermissionsMap['role'][$iId][$iPermissionId] = true;
}
}
return $aPermissionsMap;
}
