$subPartnerId = $argv[1]; $masterPartnerId = $argv[2]; $subPartner = PartnerPeer::retrieveByPK($subPartnerId); if (!$subPartner) { die("no such sub partner [{$subPartner}]." . PHP_EOL); } $masterPartner = PartnerPeer::retrieveByPK($masterPartnerId); if (!$masterPartner) { die("no such master partner [{$subPartner}]." . PHP_EOL); } PermissionPeer::clearInstancePool(); $c = new Criteria(); $c->addAnd(PermissionPeer::PARTNER_ID, $masterPartner->getId(), Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL); $c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { die("Master partner group doesnot exists" . PHP_EOL); } $group = $permission->getPartnerGroup(); $groupPartners = explode(',', $group); $newGroupArr = array(); foreach ($groupPartners as $groupPartner) { if ($groupPartner != $subPartnerId) { $newGroupArr[] = $groupPartner; } } $newGroup = implode(',', $newGroupArr); $permission->setPartnerGroup($newGroup); $permission->save(); echo "current partner group [{$newGroup}] " . PHP_EOL;
function addItemToPermissions($item, $permissionNames, $partnerId) { foreach ($permissionNames as $permissionName) { PermissionToPermissionItemPeer::clearInstancePool(); $partnerPermission = array_map('trim', explode('>', $permissionName)); if (count($partnerPermission) === 2) { $partnerId = trim($partnerPermission[0]); } $permissionName = trim(end($partnerPermission)); $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN); $c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { KalturaLog::alert('ERROR - Permission name [' . $permissionName . '] for partner [' . $item->getPartnerId() . '] not found in database - skipping!'); continue; } KalturaLog::log('Adding permission item id [' . $item->getId() . '] to permission id [' . $permission->getId() . ']'); $permission->addPermissionItem($item->getId(), true); } }
public static function getByNameAndPartner($permissionName, $partnerIdsArray) { $c = new Criteria(); if (is_array($partnerIdsArray) && !in_array('*', $partnerIdsArray, true) || !is_array($partnerIdsArray) && $partnerIdsArray != '*') { $partnerIdsArray = array_map('strval', $partnerIdsArray); $c->addAnd(PermissionPeer::PARTNER_ID, $partnerIdsArray, Criteria::IN); } $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); PermissionPeer::setUseCriteriaFilter(false); $permission = PermissionPeer::doSelectOne($c); PermissionPeer::setUseCriteriaFilter(true); return $permission; }
function removeItemFromPermissions(PermissionItem $item, array $permissionNames) { foreach ($permissionNames as $permissionName) { $partnerPermission = array_map('trim', explode('>', $permissionName)); $partnerId = PartnerPeer::GLOBAL_PARTNER; if (count($partnerPermission) === 2) { $partnerId = trim($partnerPermission[0]); } $permissionName = trim(end($partnerPermission)); $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName); $c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN); $c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { continue; } $c = new Criteria(); $c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $item->getId()); $c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ID, $permission->getId()); $permissionToPermissionItem = PermissionToPermissionItemPeer::doSelectOne($c); if (!$permissionToPermissionItem) { continue; } $permissionToPermissionItem->delete(); } }
/** * Create a special partner group permission for given partner id, or get an existing one * @param int $partnerId * @param string $partnerGroup */ function getOrCreatePartnerGroupPermission($partnerId, $partnerGroup) { $permissionName = 'PARTNER_' . $partnerId . '_GROUP_' . $partnerGroup . '_PERMISSION'; PermissionPeer::clearInstancePool(); $c = new Criteria(); $c->addAnd(PermissionPeer::PARTNER_ID, $partnerId, Criteria::EQUAL); $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { // create permission if not yet created $permission = new Permission(); $permission->setPartnerId($partnerId); $permission->setName($permissionName); $permission->setFriendlyName('Partner ' . $partnerId . ' permission for group ' . $partnerGroup); $permission->setDescription('Partner ' . $partnerId . ' permission for group ' . $partnerGroup); $permission->setType(PermissionType::PARTNER_GROUP); $permission->setPartnerGroup($partnerGroup); $permission->setStatus(PermissionStatus::ACTIVE); $permission->save(); } else { if ($permission->getPartnerGroup() != $partnerGroup) { $msg = '***** ERROR - Permission id [' . $permission->getId() . '] partner group [' . $permission->getPartnerGroup() . '] is different from the required partner group [' . $partnerGroup . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; } } return $permission; }
public static function getByNameAndPartner($permissionName, $partnerIdsArray) { $c = new Criteria(); if (!is_array($partnerIdsArray)) { $partnerIdsArray = array($partnerIdsArray); } if (!in_array('*', $partnerIdsArray, true)) { $partnerIdsArray = array_map('strval', $partnerIdsArray); $c->addAnd(PermissionPeer::PARTNER_ID, $partnerIdsArray, Criteria::IN); } $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAscendingOrderByColumn(PermissionPeer::STATUS); // needed in case the permission appears more than once PermissionPeer::setUseCriteriaFilter(false); $permission = PermissionPeer::doSelectOne($c); PermissionPeer::setUseCriteriaFilter(true); return $permission; }
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId) { // get list of services defined in the services.ct files $servicesTable = $serviceConfig->getAllServicesByCt(); // for each defined service.action foreach ($servicesTable as $ctPath => $services) { foreach ($services as $serviceActionName) { $serviceConfig->setServiceName($serviceActionName); $serviceSplit = explode('.', $serviceActionName); $serviceName = $serviceSplit[0]; $actionName = $serviceSplit[1]; $ticketTypes = explode(',', $serviceConfig->getTicketType()); $serviceId = $serviceName; $pluginName = getPluginNameFromServicesCtPath($ctPath); if ($pluginName) { $serviceId = strtolower($pluginName) . '_' . $serviceId; } $serviceClass = KalturaServicesMap::getService($serviceId); if (!$serviceClass) { $tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName); if ($tmpServiceIds && count($tmpServiceIds) == 1) { $serviceId = reset($tmpServiceIds); $serviceClass = KalturaServicesMap::getService($serviceId); } } if (!$serviceClass) { $msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } // skip action if set with ticket type N (blocked) if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) { $msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!'; KalturaLog::notice($msg); echo $msg . PHP_EOL; continue; } // check if a permission item for the current action already exists $c = new Criteria(); $c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL); $c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL); $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN); $permissionItem = PermissionItemPeer::doSelectOne($c); if ($permissionItem) { $msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; } else { // create a new api action permission item and save it $permissionItem = new kApiActionPermissionItem(); $permissionItem->setService($serviceId); $permissionItem->setAction($actionName); $permissionItem->setPartnerId($partnerId); $permissionItem->save(); } // get the defined permission names from the tags section of the services.ct file $permissionNames = $serviceConfig->getTags(); $permissionNames = explode(',', $permissionNames); $anyPermissionSet = false; // was any permission set to include the current permission item or not foreach ($permissionNames as $permissionName) { if (!$permissionName) { continue; } // add the permission item to all its defined permission objects $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL); //$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { $msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } $permission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } // add permission item to the basic NO_KS and USER_KS permissions according to its ticket type // (partner admin role already contains all other permissions) if ($setBaseSystemPermissions) { if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) { $noKsPermission->addPermissionItem($permissionItem->getId(), true); $userSessionPermission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } else { if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) { $userSessionPermission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } } } if (!$anyPermissionSet) { $msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; } } } }