/** * If this collection has already been initialized with * an identical criteria, it returns the collection. * Otherwise if this PermissionItem is new, it will return * an empty collection; or if this PermissionItem has previously * been saved, it will retrieve related PermissionToPermissionItems from storage. * * This method is protected by default in order to keep the public * api reasonable. You can provide public methods for those you * actually need in PermissionItem. */ public function getPermissionToPermissionItemsJoinPermission($criteria = null, $con = null, $join_behavior = Criteria::LEFT_JOIN) { if ($criteria === null) { $criteria = new Criteria(PermissionItemPeer::DATABASE_NAME); } elseif ($criteria instanceof Criteria) { $criteria = clone $criteria; } if ($this->collPermissionToPermissionItems === null) { if ($this->isNew()) { $this->collPermissionToPermissionItems = array(); } else { $criteria->add(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $this->id); $this->collPermissionToPermissionItems = PermissionToPermissionItemPeer::doSelectJoinPermission($criteria, $con, $join_behavior); } } else { // the following code is to determine if a new query is // called for. If the criteria is the same as the last // one, just return the collection. $criteria->add(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $this->id); if (!isset($this->lastPermissionToPermissionItemCriteria) || !$this->lastPermissionToPermissionItemCriteria->equals($criteria)) { $this->collPermissionToPermissionItems = PermissionToPermissionItemPeer::doSelectJoinPermission($criteria, $con, $join_behavior); } } $this->lastPermissionToPermissionItemCriteria = $criteria; return $this->collPermissionToPermissionItems; }
$file = fopen("{$dir}/object.{$object}.ini", 'w'); fputs($file, "[parameter_permission_items]\n"); $currentIndex = 0; $currentObject = $object; } $currentIndex++; fputs($file, "permissionItem{$currentIndex}.object = {$object}\n"); fputs($file, "permissionItem{$currentIndex}.parameter = {$parameter}\n"); fputs($file, "permissionItem{$currentIndex}.action = {$action}\n"); fputs($file, "permissionItem{$currentIndex}.partnerId = {$partnerId}\n"); fputs($file, "permissionItem{$currentIndex}.param4 = {$param4}\n"); fputs($file, "permissionItem{$currentIndex}.param5 = {$param5}\n"); fputs($file, "permissionItem{$currentIndex}.tags = {$tags}\n"); $criteria = new Criteria(); $criteria->add(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $parameterPermissionItem->getId()); $permissionToPermissionItems = PermissionToPermissionItemPeer::doSelect($criteria); $permissions = array(); foreach ($permissionToPermissionItems as $permissionToPermissionItem) { /* @var $permissionToPermissionItem PermissionToPermissionItem */ if (!isset($permissionArray[$permissionToPermissionItem->getPermissionId()])) { continue; } $permission = $permissionArray[$permissionToPermissionItem->getPermissionId()]; /* @var $permission Permission */ $permissionName = $permission->getName(); $permissionPartnerId = $permission->getPartnerId(); if ($permissionPartnerId != $partnerId) { $permissionName = "{$permissionPartnerId}>{$permissionName}"; } $permissions[] = $permissionName; }
function addItemToPermissions($item, $permissionNames, $partnerId) { foreach ($permissionNames as $permissionName) { PermissionToPermissionItemPeer::clearInstancePool(); $partnerPermission = array_map('trim', explode('>', $permissionName)); if (count($partnerPermission) === 2) { $partnerId = trim($partnerPermission[0]); } $permissionName = trim(end($partnerPermission)); $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN); $c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { KalturaLog::alert('ERROR - Permission name [' . $permissionName . '] for partner [' . $item->getPartnerId() . '] not found in database - skipping!'); continue; } KalturaLog::log('Adding permission item id [' . $item->getId() . '] to permission id [' . $permission->getId() . ']'); $permission->addPermissionItem($item->getId(), true); } }
function removeItemFromPermissions(PermissionItem $item, array $permissionNames) { foreach ($permissionNames as $permissionName) { $partnerPermission = array_map('trim', explode('>', $permissionName)); $partnerId = PartnerPeer::GLOBAL_PARTNER; if (count($partnerPermission) === 2) { $partnerId = trim($partnerPermission[0]); } $permissionName = trim(end($partnerPermission)); $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName); $c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN); $c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { continue; } $c = new Criteria(); $c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $item->getId()); $c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ID, $permission->getId()); $permissionToPermissionItem = PermissionToPermissionItemPeer::doSelectOne($c); if (!$permissionToPermissionItem) { continue; } $permissionToPermissionItem->delete(); } }
/** * Delete all permission items related from current pemission. */ private function deletePermissionItems(array $permissionsItemsToRemove) { if (!count($permissionsItemsToRemove)) { return; } $c = new Criteria(); $c->add(PermissionToPermissionItemPeer::PERMISSION_ID, $this->getId(), Criteria::EQUAL); $c->add(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $permissionsItemsToRemove, Criteria::IN); PermissionToPermissionItemPeer::doDelete($c); }
/** * Init permission items map from DB for the given role * @param UserRole $dbRole */ private static function getPermissionsFromDb($dbRole) { $map = self::initEmptyMap(); // get all permission object names from role record if ($dbRole) { $tmpPermissionNames = $dbRole->getPermissionNames(true); $tmpPermissionNames = array_map('trim', explode(',', $tmpPermissionNames)); } else { $tmpPermissionNames = array(); } // add always allowed permissions if (self::$operatingPartner) { $alwaysAllowed = self::$operatingPartner->getAlwaysAllowedPermissionNames(); $alwaysAllowed = array_map('trim', explode(',', $alwaysAllowed)); } else { $alwaysAllowed = array(PermissionName::ALWAYS_ALLOWED_ACTIONS); } $tmpPermissionNames = array_merge($tmpPermissionNames, $alwaysAllowed); // if the request sent from the internal server set additional permission allowing access without KS // from internal servers if (kIpAddressUtils::isInternalIp()) { KalturaLog::debug('IP in range, adding ALWAYS_ALLOWED_FROM_INTERNAL_IP_ACTIONS permission'); $alwaysAllowedInternal = array(PermissionName::ALWAYS_ALLOWED_FROM_INTERNAL_IP_ACTIONS); $tmpPermissionNames = array_merge($tmpPermissionNames, $alwaysAllowedInternal); } $permissionNames = array(); foreach ($tmpPermissionNames as $name) { $permissionNames[$name] = $name; } $map[self::PERMISSION_NAMES_ARRAY] = $permissionNames; // get mapping of permissions to permission items $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionNames, Criteria::IN); $c->addAnd(PermissionPeer::PARTNER_ID, array(strval(PartnerPeer::GLOBAL_PARTNER), strval(self::$operatingPartnerId)), Criteria::IN); $c->addAnd(PermissionItemPeer::PARTNER_ID, array(strval(PartnerPeer::GLOBAL_PARTNER), strval(self::$operatingPartnerId)), Criteria::IN); $lookups = PermissionToPermissionItemPeer::doSelectJoinAll($c); foreach ($lookups as $lookup) { $item = $lookup->getPermissionItem(); $permission = $lookup->getPermission(); if (!$item) { KalturaLog::err('PermissionToPermissionItem id [' . $lookup->getId() . '] is defined with PermissionItem id [' . $lookup->getPermissionItemId() . '] which does not exists!'); continue; } if (!$permission) { KalturaLog::err('PermissionToPermissionItem id [' . $lookup->getId() . '] is defined with Permission name [' . $lookup->getPermissionName() . '] which does not exists!'); continue; } // organize permission items in local arrays $type = $item->getType(); if ($type == PermissionItemType::API_ACTION_ITEM) { self::addApiAction($map, $item); } else { if ($type == PermissionItemType::API_PARAMETER_ITEM) { self::addApiParameter($map, $item); } } } // set partner group permission $c = new Criteria(); $c->addAnd(PermissionPeer::PARTNER_ID, self::$operatingPartnerId, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL); $partnerGroupPermissions = PermissionPeer::doSelect($c); foreach ($partnerGroupPermissions as $pgPerm) { self::addPartnerGroupAction($map, $pgPerm); } return $map; }
/** * Delete all permission items related from current pemission. */ private function deleteAllPermissionItems() { $c = new Criteria(); $c->add(PermissionToPermissionItemPeer::PERMISSION_ID, $this->getId(), Criteria::EQUAL); PermissionToPermissionItemPeer::doDelete($c); }
/** * Init with allowed permissions for the user in the given KS or kCurrentContext if not KS given * kCurrentContext::init should have been executed before! * @param string $ks KS to extract user and partner IDs from instead of kCurrentContext * @param boolean $useCache use cache or not * @throws TODO: add all exceptions */ public static function init($useCache = null) { // verify that kCurrentContext::init has been executed since it must be used to init current context permissions if (!kCurrentContext::$ksPartnerUserInitialized) { KalturaLog::crit('kCurrentContext::initKsPartnerUser must be executed before initializing kPermissionManager'); throw new Exception('kCurrentContext has not been initialized!', null); } // can be initialized more than once to support multirequest with different kCurrentContext parameters self::$initialized = false; self::$useCache = $useCache ? true : false; // copy kCurrentContext parameters (kCurrentContext::init should have been executed before) self::$requestedPartnerId = !self::isEmpty(kCurrentContext::$partner_id) ? kCurrentContext::$partner_id : null; self::$ksPartnerId = !self::isEmpty(kCurrentContext::$ks_partner_id) ? kCurrentContext::$ks_partner_id : null; self::$ksUserId = !self::isEmpty(kCurrentContext::$ks_uid) ? kCurrentContext::$ks_uid : null; self::$ksString = kCurrentContext::$ks ? kCurrentContext::$ks : null; self::$adminSession = !self::isEmpty(kCurrentContext::$is_admin_session) ? kCurrentContext::$is_admin_session : false; // clear instance pools //TODO: may not be needed UserRolePeer::clearInstancePool(); PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); PermissionToPermissionItemPeer::clearInstancePool(); kuserPeer::clearInstancePool(); // if ks defined - check that it is valid self::errorIfKsNotValid(); // init partner, user, and role objects self::initPartnerUserObjects(); // throw an error if KS partner (operating partner) is blocked self::errorIfPartnerBlocked(); // init role ids self::initRoleIds(); // init permissions map self::initPermissionsMap(); // initialization done self::$initialized = true; return true; }
public static function clearMemory() { accessControlPeer::clearInstancePool(); kuserPeer::clearInstancePool(); kshowPeer::clearInstancePool(); entryPeer::clearInstancePool(); // kvotePeer::clearInstancePool(); // commentPeer::clearInstancePool(); // flagPeer::clearInstancePool(); // favoritePeer::clearInstancePool(); // KshowKuserPeer::clearInstancePool(); // MailJobPeer::clearInstancePool(); SchedulerPeer::clearInstancePool(); SchedulerWorkerPeer::clearInstancePool(); SchedulerStatusPeer::clearInstancePool(); SchedulerConfigPeer::clearInstancePool(); ControlPanelCommandPeer::clearInstancePool(); BatchJobPeer::clearInstancePool(); // PriorityGroupPeer::clearInstancePool(); BulkUploadResultPeer::clearInstancePool(); // blockedEmailPeer::clearInstancePool(); // conversionPeer::clearInstancePool(); // flickrTokenPeer::clearInstancePool(); PuserKuserPeer::clearInstancePool(); // PuserRolePeer::clearInstancePool(); PartnerPeer::clearInstancePool(); // WidgetLogPeer::clearInstancePool(); // adminKuserPeer::clearInstancePool(); // notificationPeer::clearInstancePool(); moderationPeer::clearInstancePool(); moderationFlagPeer::clearInstancePool(); roughcutEntryPeer::clearInstancePool(); // widgetPeer::clearInstancePool(); uiConfPeer::clearInstancePool(); // PartnerStatsPeer::clearInstancePool(); // PartnerActivityPeer::clearInstancePool(); ConversionProfilePeer::clearInstancePool(); // ConversionParamsPeer::clearInstancePool(); // KceInstallationErrorPeer::clearInstancePool(); FileSyncPeer::clearInstancePool(); accessControlPeer::clearInstancePool(); mediaInfoPeer::clearInstancePool(); assetParamsPeer::clearInstancePool(); assetParamsOutputPeer::clearInstancePool(); assetPeer::clearInstancePool(); conversionProfile2Peer::clearInstancePool(); flavorParamsConversionProfilePeer::clearInstancePool(); categoryPeer::clearInstancePool(); syndicationFeedPeer::clearInstancePool(); TrackEntryPeer::clearInstancePool(); // SystemUserPeer::clearInstancePool(); StorageProfilePeer::clearInstancePool(); // EmailIngestionProfilePeer::clearInstancePool(); UploadTokenPeer::clearInstancePool(); // invalidSessionPeer::clearInstancePool(); DynamicEnumPeer::clearInstancePool(); UserLoginDataPeer::clearInstancePool(); PermissionPeer::clearInstancePool(); UserRolePeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); PermissionToPermissionItemPeer::clearInstancePool(); KuserToUserRolePeer::clearInstancePool(); $pluginInstances = KalturaPluginManager::getPluginInstances('IKalturaMemoryCleaner'); foreach ($pluginInstances as $pluginInstance) { $pluginInstance->cleanMemory(); } if (function_exists('gc_collect_cycles')) { // php 5.3 and above gc_collect_cycles(); } }
/** * Retrieve multiple objects by pkey. * * @param array $pks List of primary keys * @param PropelPDO $con the connection to use * @throws PropelException Any exceptions caught during processing will be * rethrown wrapped into a PropelException. */ public static function retrieveByPKs($pks, PropelPDO $con = null) { $objs = null; if (empty($pks)) { $objs = array(); } else { $criteria = new Criteria(PermissionToPermissionItemPeer::DATABASE_NAME); $criteria->add(PermissionToPermissionItemPeer::ID, $pks, Criteria::IN); $objs = PermissionToPermissionItemPeer::doSelect($criteria, $con); } return $objs; }
/** * Populates the object using an array. * * This is particularly useful when populating an object from one of the * request arrays (e.g. $_POST). This method goes through the column * names, checking to see whether a matching key exists in populated * array. If so the setByName() method is called for that column. * * You can specify the key type of the array by additionally passing one * of the class type constants BasePeer::TYPE_PHPNAME, BasePeer::TYPE_STUDLYPHPNAME, * BasePeer::TYPE_COLNAME, BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_NUM. * The default key type is the column's phpname (e.g. 'AuthorId') * * @param array $arr An array to populate the object from. * @param string $keyType The type of keys the array uses. * @return void */ public function fromArray($arr, $keyType = BasePeer::TYPE_PHPNAME) { $keys = PermissionToPermissionItemPeer::getFieldNames($keyType); if (array_key_exists($keys[0], $arr)) { $this->setId($arr[$keys[0]]); } if (array_key_exists($keys[1], $arr)) { $this->setPermissionId($arr[$keys[1]]); } if (array_key_exists($keys[2], $arr)) { $this->setPermissionItemId($arr[$keys[2]]); } if (array_key_exists($keys[3], $arr)) { $this->setCreatedAt($arr[$keys[3]]); } if (array_key_exists($keys[4], $arr)) { $this->setUpdatedAt($arr[$keys[4]]); } }
/** * Builds a Criteria object containing the primary key for this object. * * Unlike buildCriteria() this method includes the primary key values regardless * of whether or not they have been modified. * * @return Criteria The Criteria object containing value(s) for primary key(s). */ public function buildPkeyCriteria() { $criteria = new Criteria(PermissionToPermissionItemPeer::DATABASE_NAME); $criteria->add(PermissionToPermissionItemPeer::ID, $this->id); if ($this->alreadyInSave && count($this->modifiedColumns) == 2 && $this->isColumnModified(PermissionToPermissionItemPeer::UPDATED_AT)) { $theModifiedColumn = null; foreach ($this->modifiedColumns as $modifiedColumn) { if ($modifiedColumn != PermissionToPermissionItemPeer::UPDATED_AT) { $theModifiedColumn = $modifiedColumn; } } $atomicColumns = PermissionToPermissionItemPeer::getAtomicColumns(); if (in_array($theModifiedColumn, $atomicColumns)) { $criteria->add($theModifiedColumn, $this->getByName($theModifiedColumn, BasePeer::TYPE_COLNAME), Criteria::NOT_EQUAL); } } return $criteria; }