/**
* Create an array of mapping objects from a query result.
*
* @param object SelectQueryResultInterface
* @return array
* @access private
* @since 3/9/05
*/
function _createMappingsFromResult(SelectQueryResultInterface $result)
{
$mappings = array();
$types = array();
$idManager = Services::getService('Id');
$authNMethodManager = Services::getService('AuthNMethods');
while ($row = $result->getCurrentRow()) {
$typeString = $row['domain'] . "::" . $row['authority'] . "::" . $row['keyword'] . "::" . $row['description'];
if (!isset($types[$typeString])) {
$types[$typeString] = new Type($row['domain'], $row['authority'], $row['keyword'], $row['description']);
}
try {
$authNMethod = $authNMethodManager->getAuthNMethodForType($types[$typeString]);
$mappings[] = new AgentTokenMapping($types[$typeString], $idManager->getId($row['agent_id']), $authNMethod->createTokensForIdentifier($row['token_identifier']));
} catch (UnknownTypeException $e) {
// If an authn type is no longer enabled, just skip it.
}
$result->advanceRow();
}
return $mappings;
}
/**
* Answer an array of authorization objects from a query result.
*
* @param object SelectQueryResultInterface $result
* @param string $aId The string id of an agent.
* @param string $qId The string id of a qualifier. This parameter can not be null
* and used as a wildmark.
* @param boolean $returnExplicitOnly If True, only explicit Authorizations
* will be returned.
* @return array
* @access protected
* @since 4/23/08
*/
protected function getAuthorizationsFromQueryResult(SelectQueryResultInterface $result, $aId, $qId, $returnExplicitOnly)
{
$idManager = Services::getService("Id");
$dbHandler = Services::getService("DatabaseManager");
// this array will store the authorizations that will be returned
$authorizations = array();
// we only want to create one implicitAZ for a given Agent/Function/Qualifier
// combo, so maintain a list of already created ones to skip
$createdImplicitAZs = array();
$i = 0;
// process all rows and create the explicit authorizations
while ($result->hasMoreRows()) {
$row = $result->getCurrentRow();
// printpre($row);
if (isset($row['fk_explicit_az'])) {
$idValue = 'implicit_' . $row['id'];
$isExplicit = false;
} else {
$idValue = $row['id'];
$isExplicit = true;
}
$id = $idManager->getId($idValue);
if (isset($this->_authorizations[$idValue])) {
$authorization = $this->_authorizations[$idValue];
} else {
$agentId = $idManager->getId($row['aid']);
$functionId = $idManager->getId($row['fid']);
$explicitQualifierId = $idManager->getId($row['qid']);
$effectiveDate = $dbHandler->fromDBDate($row['eff_date'], $this->_dbIndex);
$expirationDate = $dbHandler->fromDBDate($row['exp_date'], $this->_dbIndex);
// create the explicit authorization (each explicit authorization
// has a corresponding row in the authorization db table)
$authorization = new AuthZ2_Authorization($row['id'], $agentId, $functionId, $explicitQualifierId, $isExplicit, $this, $effectiveDate, $expirationDate);
$this->_authorizations[$idValue] = $authorization;
}
// Explicit AZ for groups should have corresponding implicit AZs
// in decendents, but not appear in their AZs directly.
// Therefore, only add the explicit AZ if it is for the requested
// agent if we are fetching more than just the explicitAZs.
if (!$aId || $row['aid'] == $aId) {
$authorizations[] = $authorization;
}
// now create the implicit authorizations for those caused by group membership
// (where the aid specified is not the one in the explicit AZ.
//
// We are going to take the small cop-out of not creating implicit AZs
// for every agent who is a member of a group az, only those if an agent
// is specified. Maybe this should be changed, but it wasn't how the
// system used to work.
if (!$returnExplicitOnly && $aId && $row['aid'] != $aId) {
// printpre("Building Implicit AZs...\n\t\$aId = $aId");
// var_dump($returnExplicitOnly);
// This is implicit because of a group
// printpre("In first clause (AuthorizationCache)");
$qualifierId = $idManager->getId($qId);
// If we are getting implicit AZs for a given agent, make sure
// that the implicit AZ has their Id.
$agentId = $idManager->getId($aId);
$function = $authorization->getFunction();
$functionId = $function->getId();
$effectiveDate = $authorization->getEffectiveDate();
$expirationDate = $authorization->getExpirationDate();
$implicit = new AuthZ2_Authorization(null, $agentId, $functionId, $qualifierId, false, $this, $effectiveDate, $expirationDate);
// If the AZ causing this implicit AZ is an explicitAZ, set a reference
// to it.
if ($isExplicit) {
$implicit->setExplicitAZId($authorization->getIdString());
} else {
$implicit->setExplicitAZId($row['fk_explicit_az']);
}
$azHash = $agentId->getIdString() . "::" . $functionId->getIdString() . "::" . $qualifierId->getIdString();
if (!in_array($azHash, $createdImplicitAZs)) {
$authorizations[] = $implicit;
$createdImplicitAZs[] = $azHash;
}
}
$result->advanceRow();
}
$result->free();
return $authorizations;
}
