/**
* Convert a model or a model information into a json stream.
*
* @param Phprojekt_Interface_Model | array $models The model(s) to convert.
* @param integer $order A Phprojekt_ModelInformation_Default::ORDERING_* const that
* defines the ordering for the convert.
*
* @return string Data in JSON format.
*/
private static function _convertModel($models, $order = Phprojekt_ModelInformation_Default::ORDERING_DEFAULT)
{
if (empty($models)) {
throw new Exception('Called with empty value');
}
// TODO: Are we sure every model is of the same type and have the same
// parent?
if (!is_array($models)) {
$models = array($models);
}
$information = $models[0]->getInformation($order);
$fieldDefinition = $information->getFieldDefinition($order);
$datas = array();
$itemIds = array();
foreach ($models as $model) {
if (!$model instanceof Phprojekt_Model_Interface) {
throw new Exception("A given model does not implement the\n model interface.");
}
$data = array();
$data['id'] = (int) $model->id;
$itemIds[] = $data['id'];
foreach ($fieldDefinition as $field) {
$key = $field['key'];
$value = $model->{$key};
$data[$key] = self::_convertModelValue($value, $field);
}
$data['rights'] = array();
$datas[] = $data;
}
$userId = (int) Phprojekt_Auth_Proxy::getEffectiveUserId();
$moduleId = Phprojekt_Module::getId($models[0]->getModelName());
// Okay we got real models and stuff that pretends to be a model
// so we try to guess if we the model has rights that we can access
if ($models[0] instanceof Phprojekt_Item_Abstract) {
if ($models[0] instanceof Project_Models_Project) {
$projectId = $models[0]->id;
} else {
$projectId = $models[0]->projectId;
}
// TODO: we still asume that the getModelName call works
$rights = Phprojekt_Right::getRightsForItems($moduleId, $projectId, $userId, $itemIds);
// We need the $idx to modify the $datas elements instead of just copies.
foreach ($datas as $index => $data) {
$datas[$index]['rights'][$userId] = Phprojekt_Acl::convertBitmaskToArray($rights[$datas[$index]['id']]);
}
}
$data = array('metadata' => $fieldDefinition, 'data' => $datas, 'numRows' => (int) count($datas));
return self::_makeJsonString($data);
}
public function hasRight($userId, $right, $projectId = null)
{
if (Phprojekt_Auth::isAdminUser() || $this->isNew()) {
return true;
}
$projectId = is_null($projectId) ? $this->projectId : $projectId;
$moduleId = Phprojekt_Module::getId($this->getModelName());
$rights = Phprojekt_Right::getRightsForItems($moduleId, $projectId, $userId, array($this->id));
if (!isset($rights[$this->id])) {
return Phprojekt_Acl::NONE;
}
return ($rights[$this->id] & $right) == $right;
}
/**
* Delete the projects where the user don't have access.
*
* @param Phprojekt_Tree_Node_Database $object Tree class.
*
* @return Phprojekt_Tree_Node_Database The tree class with only the allowed nodes.
*/
public function applyRights(Phprojekt_Tree_Node_Database $object)
{
if (Phprojekt_Auth::isAdminUser()) {
return $object;
}
$projectIds = array_keys($object->_index);
// We don't use the effective user id here to make access management more simple. This way, a user really needs
// read access to be able to look at a project.
$rights = Phprojekt_Right::getRightsForItems(1, 1, Phprojekt_Auth::getUserId(), $projectIds);
$currentRight = Phprojekt_Acl::ALL;
foreach ($object as $index => $node) {
$currentRight = isset($rights[$node->id]) ? $rights[$node->id] : $currentRight;
/* delete node cannot update the iterator reference, so we check if it's still in the index or already
* removed */
if ((Phprojekt_Acl::READ & $currentRight) <= 0 && isset($object->_index[$node->id])) {
$object->deleteNode($object, $node->id);
}
}
return $object;
}
