/**
* Test KTAPI_PermissionAllocation getAllocation(), add(), remove(), save()
*
*/
function testPermissionAllocation()
{
$root = $this->ktapi->get_root_folder();
$folder = $this->ktapi->get_folder_by_name('test123');
if (!$folder instanceof KTAPI_Folder) {
$folder = $root->add_folder('test123');
}
$allocation = KTAPI_PermissionAllocation::getAllocation($this->ktapi, $folder);
$group = KTAPI_Group::getByName('System Administrators');
$user = KTAPI_User::getByUsername('anonymous');
$role = KTAPI_Role::getByName('Publisher');
$read = KTAPI_Permission::getByNamespace('ktcore.permissions.read');
$write = KTAPI_Permission::getByNamespace('ktcore.permissions.write');
$addFolder = KTAPI_Permission::getByNamespace('ktcore.permissions.addFolder');
$security = KTAPI_Permission::getByNamespace('ktcore.permissions.security');
$allocation->add($user, $read);
$allocation->add($user, $write);
$allocation->add($user, $addFolder);
$allocation->add($user, $security);
$allocation->add($role, $read);
$allocation->add($role, $write);
$allocation->remove($group, $write);
$allocation->save();
// refresh object and check permission allocations
$folder2 = $this->ktapi->get_folder_by_name('test123');
$allocation = KTAPI_PermissionAllocation::getAllocation($this->ktapi, $folder2);
$this->assertTrue($allocation->isMemberPermissionSet($user, $read));
$this->assertTrue($allocation->isMemberPermissionSet($user, $write));
$this->assertTrue($allocation->isMemberPermissionSet($role, $write));
$this->assertFalse($allocation->isMemberPermissionSet($group, $write));
$folder->delete('Testing permission allocation');
}
/**
* Removes all members (users, groups) from all roles or from the specified role on the folder
*
* @author KnowledgeTree Team
* @access public
* @param integer $folder_id The folder id
* @param integer $role_id Optional. The id of the role being reset.
* @return array Response
*/
public function remove_all_role_allocation_from_folder($folder_id, $role_id = null, $sig_username = '', $sig_password = '', $reason = '')
{
$response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, 'ktcore.transactions.role_allocations_change');
if ($response['status_code'] == 1) {
return $response;
}
$response['status_code'] = 1;
// Get folder and role objects
$folder = $this->get_folder_by_id($folder_id);
if (PEAR::isError($folder)) {
$response['message'] = $folder->getMessage();
return $response;
}
$role = null;
if (!empty($role_id)) {
$role = KTAPI_Role::getById($role_id);
if (PEAR::isError($role)) {
$response['message'] = $role->getMessage();
return $response;
}
}
// Get the role allocation for the folder
$role_allocation = $folder->getRoleAllocation();
$role_allocation->removeAll($role);
$role_allocation->save();
$response['status_code'] = 0;
$response['results'] = $result;
return $response;
}
/**
* Save's the role allocation
*
* @author KnowledgeTree Team
* @access public
*/
public function save()
{
if (!$this->changed) {
// we don't have to do anything if nothing has changed.
return;
}
$map =& $this->map;
$folderId = $this->folderItem->getObject()->getId();
foreach ($map['role']['role'] as $roleId => $roleName) {
$roleAllocation = RoleAllocation::getAllocationsForFolderAndRole($folderId, $roleId);
$allowed = array();
$userIds = array();
$groupIds = array();
if (array_key_exists($roleId, $map['role']['userAllocation'])) {
foreach ($map['role']['userAllocation'][$roleId] as $userId) {
$userIds[] = $userId;
}
}
if (array_key_exists($roleId, $map['role']['groupAllocation'])) {
foreach ($map['role']['groupAllocation'][$roleId] as $groupId) {
$groupIds[] = $groupId;
}
}
$allowed['user'] = $userIds;
$allowed['group'] = $groupIds;
if (is_null($roleAllocation)) {
$roleAllocation = $this->overrideRoleAllocation(KTAPI_Role::getById($roleId));
}
$roleAllocation->setAllowed($allowed);
$roleAllocation->update();
}
}
/**
* Removes all members (users, groups) from all roles or from the specified role on the folder
*
* @author KnowledgeTree Team
* @access public
* @param integer $folder_id The folder id
* @param integer $role_id Optional. The id of the role being reset.
* @return array Response
*/
public function remove_all_role_allocation_from_folder($folder_id, $role_id = null)
{
$response['status_code'] = 1;
// Get folder and role objects
$folder = $this->get_folder_by_id($folder_id);
if (PEAR::isError($folder)) {
$response['message'] = $folder->getMessage();
return $response;
}
$role = null;
if (!empty($role_id)) {
$role = KTAPI_Role::getById($role_id);
if (PEAR::isError($role)) {
$response['message'] = $role->getMessage();
return $response;
}
}
// Get the role allocation for the folder
$role_allocation = $folder->getRoleAllocation();
$role_allocation->removeAll($role);
$role_allocation->save();
$response['status_code'] = 0;
$response['results'] = $result;
return $response;
}
