/** * Grants users permissions for the given role on the given project. * * @param $user UserAgent instance for the user to be assigned permissions. * @param $projectName name of the Project the user is being assigned to. * @param $role Role constant defining the role assigned to the user. */ public static function grantUser($user, $projectName, $role) { // Remove from other Sentry-groups on the same Project ProjectHandler::revokeUser($user, $projectName); $sentryGroup = Sentry::findGroupByName(str_replace('#', $projectName, $role)); $user->addGroup($sentryGroup); }
/** * Perform actions triggered from the user list page (/users). Actions performed: * addGroup - Adds a given user to a given CT-group * assignRole - Assigns the given role to a given user on the given CT-group. * removeGroup - Removes the given user from the given CT-group. * * Browser is redirected to calling page (hopefully /users), with a flashError or * flashSuccess message indicating the result. */ public function groupActions($groupName) { $targetUserName = Input::get('usedId'); $targetUser = UserAgent::find($targetUserName); if (!$targetUser) { return Redirect::back()->with('flashError', 'User does not exist: ' . $targetUserName); } $action = Input::get('action'); if ($action == 'addGroup') { $userRole = ProjectHandler::grantUser($targetUser, $groupName, Roles::PROJECT_GUEST); return Redirect::back()->with('flashSuccess', 'User ' . $targetUserName . ' added to group ' . $groupName); } elseif ($action == 'assignRole') { $roleName = Input::get('role'); $role = Roles::getRoleByName($roleName); $userRole = ProjectHandler::grantUser($targetUser, $groupName, $role); return Redirect::back()->with('flashSuccess', 'User ' . $targetUserName . ' assigned role ' . $roleName . ' on group ' . $groupName); } elseif ($action == 'removeGroup') { ProjectHandler::revokeUser($targetUser, $groupName); return Redirect::back()->with('flashSuccess', 'User ' . $targetUserName . ' removed from group ' . $groupName); } else { return Redirect::back()->with('flashError', 'Invalid action selected: ' . $action); } }