/** * Test KTAPI_PermissionAllocation getAllocation(), add(), remove(), save() * */ function testPermissionAllocation() { $root = $this->ktapi->get_root_folder(); $folder = $this->ktapi->get_folder_by_name('test123'); if (!$folder instanceof KTAPI_Folder) { $folder = $root->add_folder('test123'); } $allocation = KTAPI_PermissionAllocation::getAllocation($this->ktapi, $folder); $group = KTAPI_Group::getByName('System Administrators'); $user = KTAPI_User::getByUsername('anonymous'); $role = KTAPI_Role::getByName('Publisher'); $read = KTAPI_Permission::getByNamespace('ktcore.permissions.read'); $write = KTAPI_Permission::getByNamespace('ktcore.permissions.write'); $addFolder = KTAPI_Permission::getByNamespace('ktcore.permissions.addFolder'); $security = KTAPI_Permission::getByNamespace('ktcore.permissions.security'); $allocation->add($user, $read); $allocation->add($user, $write); $allocation->add($user, $addFolder); $allocation->add($user, $security); $allocation->add($role, $read); $allocation->add($role, $write); $allocation->remove($group, $write); $allocation->save(); // refresh object and check permission allocations $folder2 = $this->ktapi->get_folder_by_name('test123'); $allocation = KTAPI_PermissionAllocation::getAllocation($this->ktapi, $folder2); $this->assertTrue($allocation->isMemberPermissionSet($user, $read)); $this->assertTrue($allocation->isMemberPermissionSet($user, $write)); $this->assertTrue($allocation->isMemberPermissionSet($role, $write)); $this->assertFalse($allocation->isMemberPermissionSet($group, $write)); $folder->delete('Testing permission allocation'); }
/** * Removes all members (users, groups) from all roles or from the specified role on the folder * * @author KnowledgeTree Team * @access public * @param integer $folder_id The folder id * @param integer $role_id Optional. The id of the role being reset. * @return array Response */ public function remove_all_role_allocation_from_folder($folder_id, $role_id = null, $sig_username = '', $sig_password = '', $reason = '') { $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, 'ktcore.transactions.role_allocations_change'); if ($response['status_code'] == 1) { return $response; } $response['status_code'] = 1; // Get folder and role objects $folder = $this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { $response['message'] = $folder->getMessage(); return $response; } $role = null; if (!empty($role_id)) { $role = KTAPI_Role::getById($role_id); if (PEAR::isError($role)) { $response['message'] = $role->getMessage(); return $response; } } // Get the role allocation for the folder $role_allocation = $folder->getRoleAllocation(); $role_allocation->removeAll($role); $role_allocation->save(); $response['status_code'] = 0; $response['results'] = $result; return $response; }
/** * Save's the role allocation * * @author KnowledgeTree Team * @access public */ public function save() { if (!$this->changed) { // we don't have to do anything if nothing has changed. return; } $map =& $this->map; $folderId = $this->folderItem->getObject()->getId(); foreach ($map['role']['role'] as $roleId => $roleName) { $roleAllocation = RoleAllocation::getAllocationsForFolderAndRole($folderId, $roleId); $allowed = array(); $userIds = array(); $groupIds = array(); if (array_key_exists($roleId, $map['role']['userAllocation'])) { foreach ($map['role']['userAllocation'][$roleId] as $userId) { $userIds[] = $userId; } } if (array_key_exists($roleId, $map['role']['groupAllocation'])) { foreach ($map['role']['groupAllocation'][$roleId] as $groupId) { $groupIds[] = $groupId; } } $allowed['user'] = $userIds; $allowed['group'] = $groupIds; if (is_null($roleAllocation)) { $roleAllocation = $this->overrideRoleAllocation(KTAPI_Role::getById($roleId)); } $roleAllocation->setAllowed($allowed); $roleAllocation->update(); } }
/** * Removes all members (users, groups) from all roles or from the specified role on the folder * * @author KnowledgeTree Team * @access public * @param integer $folder_id The folder id * @param integer $role_id Optional. The id of the role being reset. * @return array Response */ public function remove_all_role_allocation_from_folder($folder_id, $role_id = null) { $response['status_code'] = 1; // Get folder and role objects $folder = $this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { $response['message'] = $folder->getMessage(); return $response; } $role = null; if (!empty($role_id)) { $role = KTAPI_Role::getById($role_id); if (PEAR::isError($role)) { $response['message'] = $role->getMessage(); return $response; } } // Get the role allocation for the folder $role_allocation = $folder->getRoleAllocation(); $role_allocation->removeAll($role); $role_allocation->save(); $response['status_code'] = 0; $response['results'] = $result; return $response; }