function CallHook($hookname, &$params)
{
if (isset($params['group_id'])) {
$group_id = $params['group_id'];
} elseif (isset($params['group'])) {
$group_id = $params['group'];
} else {
$group_id = null;
}
if ($hookname == "groupmenu") {
$project = group_get_object($group_id);
if (!$project || !is_object($project)) {
return;
}
if ($project->isError()) {
return;
}
if (!$project->isProject()) {
return;
}
if ($project->usesPlugin($this->name)) {
$params['TITLES'][] = $this->text;
$params['DIRS'][] = util_make_url('/plugins/mediawiki/wiki/' . $project->getUnixName() . '/index.php');
$params['ADMIN'][] = '';
$params['TOOLTIPS'][] = _('Mediawiki Space');
}
$params['toptab'] == $this->name ? $params['selected'] = count($params['TITLES']) - 1 : '';
} elseif ($hookname == "groupisactivecheckbox") {
//Check if the group is active
// this code creates the checkbox in the project edit public info page to activate/deactivate the plugin
$group = group_get_object($group_id);
echo "<tr>";
echo "<td>";
echo ' <input type="checkbox" name="use_mediawikiplugin" value="1" ';
// checked or unchecked?
if ($group->usesPlugin($this->name)) {
echo "checked";
}
echo " /><br/>";
echo "</td>";
echo "<td>";
echo "<strong>Use " . $this->text . " Plugin</strong>";
echo "</td>";
echo "</tr>";
} elseif ($hookname == "groupisactivecheckboxpost") {
// this code actually activates/deactivates the plugin after the form was submitted in the project edit public info page
$group = group_get_object($group_id);
$use_mediawikiplugin = getStringFromRequest('use_mediawikiplugin');
if ($use_mediawikiplugin == 1) {
$group->setPluginUse($this->name);
} else {
$group->setPluginUse($this->name, false);
}
} elseif ($hookname == "project_public_area") {
$project = group_get_object($group_id);
if (!$project || !is_object($project)) {
return;
}
if ($project->isError()) {
return;
}
if (!$project->isProject()) {
return;
}
if ($project->usesPlugin($this->name)) {
echo '<div class="public-area-box">';
print '<a href="' . util_make_url('/plugins/mediawiki/wiki/' . $project->getUnixName() . '/index.php') . '">';
print html_abs_image(util_make_url('/plugins/mediawiki/wiki/' . $project->getUnixName() . '/skins/fusionforge/wiki.png'), '20', '20', array('alt' => 'Mediawiki'));
print ' Mediawiki';
print '</a>';
echo '</div>';
}
} elseif ($hookname == "role_get") {
$role =& $params['role'];
// Read access
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_read');
$right->SetAllowedValues(array('0', '1'));
$right->SetDefaultValues(array('Admin' => '1', 'Senior Developer' => '1', 'Junior Developer' => '1', 'Doc Writer' => '1', 'Support Tech' => '1'));
// Edit privileges
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_edit');
$right->SetAllowedValues(array('0', '1', '2', '3'));
$right->SetDefaultValues(array('Admin' => '3', 'Senior Developer' => '2', 'Junior Developer' => '1', 'Doc Writer' => '3', 'Support Tech' => '0'));
// File upload privileges
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_upload');
$right->SetAllowedValues(array('0', '1', '2'));
$right->SetDefaultValues(array('Admin' => '2', 'Senior Developer' => '2', 'Junior Developer' => '1', 'Doc Writer' => '2', 'Support Tech' => '0'));
// Administrative tasks
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_admin');
$right->SetAllowedValues(array('0', '1'));
$right->SetDefaultValues(array('Admin' => '1', 'Senior Developer' => '0', 'Junior Developer' => '0', 'Doc Writer' => '0', 'Support Tech' => '0'));
} elseif ($hookname == "role_normalize") {
$role =& $params['role'];
$new_sa =& $params['new_sa'];
$new_pa =& $params['new_pa'];
$projects = $role->getLinkedProjects();
foreach ($projects as $p) {
$role->normalizePermsForSection($new_pa, 'plugin_mediawiki_read', $p->getID());
$role->normalizePermsForSection($new_pa, 'plugin_mediawiki_edit', $p->getID());
$role->normalizePermsForSection($new_pa, 'plugin_mediawiki_upload', $p->getID());
$role->normalizePermsForSection($new_pa, 'plugin_mediawiki_admin', $p->getID());
}
} elseif ($hookname == "role_translate_strings") {
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_read');
$right->setDescription(_('Mediawiki read access'));
$right->setValueDescriptions(array('0' => _('No reading'), '1' => _('Read access')));
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_edit');
$right->setDescription(_('Mediawiki write access'));
$right->setValueDescriptions(array('0' => _('No editing'), '1' => _('Edit existing pages only'), '2' => _('Edit and create pages'), '3' => _('Edit, create, move, delete pages')));
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_upload');
$right->setDescription(_('Mediawiki file upload'));
$right->setValueDescriptions(array('0' => _('No uploading'), '1' => _('Upload permitted'), '2' => _('Upload and re-upload')));
$right = new PluginSpecificRoleSetting($role, 'plugin_mediawiki_admin');
$right->setDescription(_('Mediawiki administrative tasks'));
$right->setValueDescriptions(array('0' => _('No administrative access'), '1' => _('Edit interface, import XML dumps')));
} elseif ($hookname == "role_get_setting") {
$role = $params['role'];
$reference = $params['reference'];
$value = $params['value'];
switch ($params['section']) {
case 'plugin_mediawiki_read':
if ($role->hasPermission('project_admin', $reference)) {
$params['result'] = 1;
} else {
$params['result'] = $value;
}
break;
case 'plugin_mediawiki_edit':
if ($role->hasPermission('project_admin', $reference)) {
$params['result'] = 3;
} else {
$params['result'] = $value;
}
break;
case 'plugin_mediawiki_upload':
if ($role->hasPermission('project_admin', $reference)) {
$params['result'] = 2;
} else {
$params['result'] = $value;
}
break;
case 'plugin_mediawiki_admin':
if ($role->hasPermission('project_admin', $reference)) {
$params['result'] = 1;
} else {
$params['result'] = $value;
}
break;
}
} elseif ($hookname == "role_has_permission") {
$value = $params['value'];
switch ($params['section']) {
case 'plugin_mediawiki_read':
switch ($params['action']) {
case 'read':
default:
$params['result'] |= $value >= 1;
break;
}
break;
case 'plugin_mediawiki_edit':
switch ($params['action']) {
case 'editexisting':
$params['result'] |= $value >= 1;
break;
case 'editnew':
$params['result'] |= $value >= 2;
break;
case 'editmove':
$params['result'] |= $value >= 3;
break;
}
break;
case 'plugin_mediawiki_upload':
switch ($params['action']) {
case 'upload':
$params['result'] |= $value >= 1;
break;
case 'reupload':
$params['result'] |= $value >= 2;
break;
}
break;
case 'plugin_mediawiki_admin':
switch ($params['action']) {
case 'admin':
default:
$params['result'] |= $value >= 1;
break;
}
break;
}
} elseif ($hookname == "list_roles_by_permission") {
switch ($params['section']) {
case 'plugin_mediawiki_read':
switch ($params['action']) {
case 'read':
default:
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 1');
break;
}
break;
case 'plugin_mediawiki_edit':
switch ($params['action']) {
case 'editexisting':
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 1');
break;
case 'editnew':
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 2');
break;
case 'editmove':
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 3');
break;
}
break;
case 'plugin_mediawiki_upload':
switch ($params['action']) {
case 'upload':
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 1');
break;
case 'reupload':
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 2');
break;
}
break;
case 'plugin_mediawiki_admin':
switch ($params['action']) {
case 'admin':
default:
$params['qpa'] = db_construct_qpa($params['qpa'], ' AND perm_val >= 1');
break;
}
break;
}
} elseif ($hookname == "project_admin_plugins") {
$group_id = $params['group_id'];
$group = group_get_object($group_id);
if ($group->usesPlugin($this->name)) {
echo util_make_link("/plugins/mediawiki/plugin_admin.php?group_id=" . $group->getID(), _("MediaWiki Plugin admin")) . "<br />";
}
} elseif ($hookname == "clone_project_from_template") {
$template = $params['template'];
$project = $params['project'];
$id_mappings = $params['id_mappings'];
$sections = array('plugin_mediawiki_read', 'plugin_mediawiki_edit', 'plugin_mediawiki_upload', 'plugin_mediawiki_admin');
foreach ($template->getRoles() as $oldrole) {
$newrole = RBACEngine::getInstance()->getRoleById($id_mappings['role'][$oldrole->getID()]);
$oldsettings = $oldrole->getSettingsForProject($template);
foreach ($sections as $section) {
if (isset($oldsettings[$section][$template->getID()])) {
$newrole->setSetting($section, $project->getID(), $oldsettings[$section][$template->getID()]);
}
}
}
} elseif ($hookname == 'group_delete') {
$projectId = $params['group_id'];
$projectObject = group_get_object($projectId);
if ($projectObject->usesPlugin($this->name)) {
//delete the files and db schema
$schema = 'plugin_mediawiki_' . $projectObject->getUnixName();
// Sanitize schema name
$schema = strtr($schema, "-", "_");
db_query_params('drop schema $1 cascade', array($schema));
exec('/bin/rm -rf ' . forge_get_config('projects_path', 'mediawiki') . '/' . $projectObject->getUnixName());
}
}
}
private function _getRolesIdByAllowedAction($section, $reference, $action = NULL)
{
$result = array();
$qpa = db_construct_qpa();
$qpa = db_construct_qpa($qpa, 'SELECT role_id FROM pfo_role_setting WHERE section_name=$1 AND ref_id=$2 ', array($section, $reference));
// Look for roles that are directly allowed to perform action
switch ($section) {
case 'forge_admin':
case 'forge_read':
case 'approve_projects':
case 'approve_news':
case 'project_admin':
case 'project_read':
case 'tracker_admin':
case 'pm_admin':
case 'forum_admin':
$qpa = db_construct_qpa($qpa, 'AND perm_val = 1');
break;
case 'forge_stats':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 1');
break;
case 'admin':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 2');
break;
}
break;
case 'scm':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 1');
break;
case 'write':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 2');
break;
}
break;
case 'docman':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 1');
break;
case 'submit':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 2');
break;
case 'approve':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 3');
break;
case 'admin':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 4');
break;
}
break;
case 'frs':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read_public':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 1');
break;
case 'read_private':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 2');
break;
case 'write':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 3');
break;
}
break;
case 'forum':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 1');
break;
case 'post':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 2');
break;
case 'unmoderated_post':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 3');
break;
case 'moderate':
$qpa = db_construct_qpa($qpa, 'AND perm_val >= 4');
break;
}
break;
case 'tracker':
case 'pm':
switch ($action) {
case 'ANY':
$qpa = db_construct_qpa($qpa, 'AND perm_val != 0');
break;
case 'read':
$qpa = db_construct_qpa($qpa, 'AND (perm_val & 1) = 1');
break;
case 'tech':
$qpa = db_construct_qpa($qpa, 'AND (perm_val & 2) = 2');
break;
case 'manager':
$qpa = db_construct_qpa($qpa, 'AND (perm_val & 4) = 4');
break;
}
break;
default:
$hook_params = array();
$hook_params['section'] = $section;
$hook_params['reference'] = $reference;
$hook_params['action'] = $action;
$hook_params['qpa'] = $qpa;
$hook_params['result'] = $result;
plugin_hook_by_reference("list_roles_by_permission", $hook_params);
$qpa = $hook_params['qpa'];
break;
}
$res = db_query_qpa($qpa);
if (!$res) {
$this->setError('RBACEngine::getRolesByAllowedAction()::' . db_error());
return false;
}
while ($arr = db_fetch_array($res)) {
$result[] = $arr['role_id'];
}
// Also look for roles that can perform the action because they're more powerful
switch ($section) {
case 'forge_read':
case 'approve_projects':
case 'approve_news':
case 'forge_stats':
case 'project_admin':
$result = array_merge($result, $this->_getRolesIdByAllowedAction('forge_admin', -1));
break;
case 'project_read':
case 'tracker_admin':
case 'pm_admin':
case 'forum_admin':
case 'scm':
case 'docman':
case 'frs':
$result = array_merge($result, $this->_getRolesIdByAllowedAction('project_admin', $reference));
break;
case 'tracker':
if ($action != 'tech') {
$t = artifactType_get_object($reference);
$result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $t->Group->getID()));
}
break;
case 'pm':
if ($action != 'tech') {
$t = projectgroup_get_object($reference);
$result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $t->Group->getID()));
}
break;
case 'forum':
$t = forum_get_object($reference);
$result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $t->Group->getID()));
break;
case 'new_tracker':
if ($action != 'tech') {
$result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $reference));
}
break;
case 'new_pm':
if ($action != 'tech') {
$result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $reference));
}
break;
case 'new_forum':
$t = forum_get_object($reference);
$result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $reference));
break;
}
return array_unique($result);
}
