function execute( $xml ) { include_once( 'kernel/classes/ezrole.php' ); $assignmentList = $xml->getElementsByTagName( 'RoleAssignment' ); foreach ( $assignmentList as $roleAssignment ) { $roleID = $this->getReferenceID( $roleAssignment->getAttribute( 'roleID' ) ); $assignTo = $this->getReferenceID( $roleAssignment->getAttribute( 'assignTo' ) ); $sectionLimitation = $this->getReferenceID( $roleAssignment->getAttribute( 'sectionLimitation' ) ); $subtreeLimitation = $this->getReferenceID( $roleAssignment->getAttribute( 'subtreeLimitation' ) ); $role = eZRole::fetch( $roleID ); if ( !$role ) { $this->writeMessage( "\tRole $roleID does not exist.", 'warning' ); continue; } $referenceID = $this->getReferenceID( $assignTo ); if ( !$referenceID ) { $this->writeMessage( "\tInvalid object $referenceID does not exist.", 'warning' ); continue; } if ( $sectionLimitation ) { $section = $this->getReferenceID( $sectionLimitation ); if ( $section ) { $role->assignToUser( $referenceID, 'section', $section ); $this->writeMessage( "\tAssigned role $roleID: $referenceID to $section", 'notice' ); } else { $this->writeMessage( "\tInvalid section $sectionLimitation does not exist.", 'warning' ); continue; } } elseif ( $subtreeLimitation ) { $subtree = $this->getReferenceID( $subtreeLimitation ); if ( $subtree ) { $role->assignToUser( $referenceID, 'subtree', $subtree ); $this->writeMessage( "\tAssigned role $roleID: $referenceID to $subtree", 'notice' ); } else { $this->writeMessage( "\tInvalid section $subtreeLimitation does not exist.", 'warning' ); continue; } } else { $role->assignToUser( $referenceID ); $this->writeMessage( "\tAssigned role $roleID: $referenceID", 'notice' ); } } }
return $Module->redirectTo($http->postVariable('BrowseCancelURI')); } } if ($http->hasPostVariable('AssignSectionID') && $http->hasPostVariable('SectionID')) { $Module->redirectTo('/role/assign/' . $roleID . '/' . $limitIdent . '/' . $http->postVariable('SectionID')); } else { if ($http->hasPostVariable('BrowseActionName') and $http->postVariable('BrowseActionName') == 'SelectObjectRelationNode') { $selectedNodeIDArray = $http->postVariable('SelectedNodeIDArray'); if (count($selectedNodeIDArray) == 1) { $limitValue = $selectedNodeIDArray[0]; } $Module->redirectTo('/role/assign/' . $roleID . '/' . $limitIdent . '/' . $limitValue); } else { if ($http->hasPostVariable('BrowseActionName') and $http->postVariable('BrowseActionName') == 'AssignRole') { $selectedObjectIDArray = $http->postVariable('SelectedObjectIDArray'); $role = eZRole::fetch($roleID); $db = eZDB::instance(); $db->begin(); foreach ($selectedObjectIDArray as $objectID) { $role->assignToUser($objectID, $limitIdent, $limitValue); } // Clear role caches. eZRole::expireCache(); $db->commit(); if (count($selectedObjectIDArray) > 0) { eZContentCacheManager::clearAllContentCache(); } /* Clean up policy cache */ eZUser::cleanupCache(); $Module->redirectTo('/role/view/' . $roleID); } else {
function fetchRole($roleID) { $role = eZRole::fetch($roleID); return array('result' => $role); }
$originalRoleID = $originalRole->attribute('id'); // Who changes which role(s) should be logged. if ($http->hasSessionVariable('RoleWasChanged') and $http->sessionVariable('RoleWasChanged') === true) { eZAudit::writeAudit('role-change', array('Role ID' => $originalRoleID, 'Role name' => $originalRoleName, 'Comment' => 'Changed the current role: kernel/role/edit.php')); $http->removeSessionVariable('RoleWasChanged'); } $originalRole->revertFromTemporaryVersion(); eZContentCacheManager::clearAllContentCache(); $Module->redirectTo($Module->functionURI('view') . '/' . $originalRoleID . '/'); /* Clean up policy cache */ eZUser::cleanupCache(); } if ($http->hasPostVariable('Discard')) { $http->removeSessionVariable('RoleWasChanged'); $role = eZRole::fetch($roleID); $originalRole = eZRole::fetch($role->attribute('version')); $role->removeThis(); if ($originalRole != null && $originalRole->attribute('is_new') == 1) { $originalRole->remove(); } $Module->redirectTo($Module->functionURI('list') . '/'); } if ($http->hasPostVariable('ChangeRoleName')) { $role->setAttribute('name', $http->postVariable('NewName')); // Set flag for audit. If true audit will be processed $http->setSessionVariable('RoleWasChanged', true); } if ($http->hasPostVariable('AddModule')) { if ($http->hasPostVariable('Modules')) { $currentModule = $http->postVariable('Modules'); } else {
static function fetchRolesByLimitation($limit_identifier, $limit_value) { $db = eZDB::instance(); $limit_identifier = $db->escapeString($limit_identifier); $limit_value = $db->escapeString($limit_value); $query = "SELECT DISTINCT\n ezuser_role.role_id as role_id,\n ezuser_role.contentobject_id as user_id\n FROM\n ezuser_role\n WHERE\n ezuser_role.limit_value = '{$limit_value}' AND\n ezuser_role.limit_identifier = '{$limit_identifier}'"; $userRoleArray = $db->arrayQuery($query); $userRoles = array(); foreach ($userRoleArray as $userRole) { $role = array(); $role['user'] = eZContentObject::fetch($userRole['user_id']); $role['role'] = eZRole::fetch($userRole['role_id']); $userRoles[] = $role; } return $userRoles; }