/** * Load role privileges * * @service * @anonym * @param Gpf_Rpc_Params $params * @return Gpf_Data_RecordSet */ public function loadRolePrivileges(Gpf_Rpc_Params $params) { if (!Gpf_Session::getAuthUser()->hasPrivilege(Gpf_Privileges::ROLE, Gpf_Privileges::P_READ) && !Gpf_Session::getAuthUser()->hasPrivilege(Gpf_Privileges::ROLE, Pap_Privileges::P_READ_OWN)) { throw new Gpf_Rpc_PermissionDeniedException('Gpf_Role_RolePrivilegesForm', 'loadRolePrivileges'); } $role = new Gpf_Db_Role(); $role->setId($params->get('roleid')); $role->load(); $defaultPrivileges = Gpf_Application::getInstance()->getDefaultPrivilegesByRoleType($role->getRoleType()); $result = new Gpf_Data_RecordSet(); $result->addColumn('object'); $result->addColumn('objectName'); $result->addColumn('possiblePrivileges'); $result->addColumn('activePrivileges'); $rolePrivileges = Gpf_Privileges::loadPrivileges($role->getId()); foreach ($defaultPrivileges->getDefaultPrivileges() as $object => $privileges) { $record = new Gpf_Data_Record($result->getHeader()); $record->add('object', $object); $record->add('objectName', ucfirst(str_replace('_', ' ', strtolower($object)))); $allTypes = $defaultPrivileges->getObjectToTypeRelation(); $record->add('possiblePrivileges', implode(',', $allTypes[$object])); if (array_key_exists($object, $rolePrivileges)) { $record->add('activePrivileges', implode(',', array_keys($rolePrivileges[$object]))); } else { $record->add('activePrivileges', ''); } $result->addRecord($record); } $result->sort('objectName'); return $result; }
public final function loadAfterAuthentication(Gpf_Data_Record $authData) { $this->loadAuthData($authData); $this->privileges = Gpf_Privileges::loadPrivileges($this->roleid); $this->init(); }