function getByNameAndPartnerId($roleName, $partnerId) { $c = new Criteria(); $c->addAnd(UserRolePeer::PARTNER_ID, $partnerId, Criteria::EQUAL); $c->addAnd(UserRolePeer::NAME, $roleName, Criteria::EQUAL); UserRolePeer::setUseCriteriaFilter(false); $userRole = UserRolePeer::doSelectOne($c); UserRolePeer::setUseCriteriaFilter(true); return $userRole; }
public function getListResponse(KalturaFilterPager $pager, KalturaDetachedResponseProfile $responseProfile = null) { $userRoleFilter = $this->toObject(); $c = new Criteria(); $userRoleFilter->attachToCriteria($c); $count = UserRolePeer::doCount($c); $pager->attachToCriteria($c); $list = UserRolePeer::doSelect($c); $response = new KalturaUserRoleListResponse(); $response->objects = KalturaUserRoleArray::fromDbArray($list, $responseProfile); $response->totalCount = $count; return $response; }
function getAdminUsers($lastUser, $userLimitEachLoop) { kuserPeer::clearInstancePool(); UserRolePeer::clearInstancePool(); $c = new Criteria(); $c->addAnd(kuserPeer::ID, $lastUser, Criteria::GREATER_THAN); $c->addAnd(kuserPeer::IS_ADMIN, true, Criteria::EQUAL); $c->addAscendingOrderByColumn(kuserPeer::ID); $c->setLimit($userLimitEachLoop); kuserPeer::setUseCriteriaFilter(false); $users = kuserPeer::doSelect($c); kuserPeer::setUseCriteriaFilter(true); return $users; }
/** * Cleans up the environment after running a test. */ protected function tearDown() { UserRolePeer::clearInstancePool(); PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); kuserPeer::clearInstancePool(); PartnerPeer::clearInstancePool(); $this->client = null; PermissionItemPeer::setUseCriteriaFilter(false); foreach ($this->addedPermissionItemIds as $id) { try { $obj = PermissionItemPeer::retrieveByPK($id); if ($obj) { $obj->delete(); } } catch (PropelException $e) { } } PermissionItemPeer::setUseCriteriaFilter(true); $this->addedPermissionItemIds = array(); parent::tearDown(); }
/** * Init with allowed permissions for the user in the given KS or kCurrentContext if not KS given * kCurrentContext::init should have been executed before! * @param string $ks KS to extract user and partner IDs from instead of kCurrentContext * @param boolean $useCache use cache or not * @throws TODO: add all exceptions */ public static function init($useCache = null) { // verify that kCurrentContext::init has been executed since it must be used to init current context permissions if (!kCurrentContext::$ksPartnerUserInitialized) { KalturaLog::crit('kCurrentContext::initKsPartnerUser must be executed before initializing kPermissionManager'); throw new Exception('kCurrentContext has not been initialized!', null); } // can be initialized more than once to support multirequest with different kCurrentContext parameters self::$initialized = false; self::$useCache = $useCache ? true : false; // copy kCurrentContext parameters (kCurrentContext::init should have been executed before) self::$requestedPartnerId = !self::isEmpty(kCurrentContext::$partner_id) ? kCurrentContext::$partner_id : null; self::$ksPartnerId = !self::isEmpty(kCurrentContext::$ks_partner_id) ? kCurrentContext::$ks_partner_id : null; self::$ksUserId = !self::isEmpty(kCurrentContext::$ks_uid) ? kCurrentContext::$ks_uid : null; self::$ksString = kCurrentContext::$ks ? kCurrentContext::$ks : null; self::$adminSession = !self::isEmpty(kCurrentContext::$is_admin_session) ? kCurrentContext::$is_admin_session : false; // clear instance pools //TODO: may not be needed UserRolePeer::clearInstancePool(); PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); PermissionToPermissionItemPeer::clearInstancePool(); kuserPeer::clearInstancePool(); // if ks defined - check that it is valid self::errorIfKsNotValid(); // init partner, user, and role objects self::initPartnerUserObjects(); // throw an error if KS partner (operating partner) is blocked self::errorIfPartnerBlocked(); // init role ids self::initRoleIds(); // init permissions map self::initPermissionsMap(); // initialization done self::$initialized = true; return true; }
/** * Find object by primary key using raw SQL to go fast. * Bypass doSelect() and the object formatter by using generated code. * * @param mixed $key Primary key to use for the query * @param PropelPDO $con A connection object * * @return UserRole A model object, or null if the key is not found * @throws PropelException */ protected function findPkSimple($key, $con) { $sql = 'SELECT `user_id`, `role_key`, `created_at`, `updated_at`, `created_by`, `updated_by` FROM `user_roles` WHERE `user_id` = :p0 AND `role_key` = :p1'; try { $stmt = $con->prepare($sql); $stmt->bindValue(':p0', $key[0], PDO::PARAM_INT); $stmt->bindValue(':p1', $key[1], PDO::PARAM_STR); $stmt->execute(); } catch (Exception $e) { Propel::log($e->getMessage(), Propel::LOG_ERR); throw new PropelException(sprintf('Unable to execute SELECT statement [%s]', $sql), $e); } $obj = null; if ($row = $stmt->fetch(PDO::FETCH_NUM)) { $obj = new UserRole(); $obj->hydrate($row); UserRolePeer::addInstanceToPool($obj, serialize(array((string) $key[0], (string) $key[1]))); } $stmt->closeCursor(); return $obj; }
function getNewRole($oldRoleName, $userRoles) { if (!$oldRoleName) { $oldRoleName = 'guest'; } if (!isset($userRoles[$oldRoleName])) { KalturaLog::alert('New role name was not found for old role name [' . $oldRoleName . ']'); return null; } $c = new Criteria(); $c->addAnd(UserRolePeer::PARTNER_ID, ADMIN_CONSOLE_PARTNER_ID, Criteria::EQUAL); $c->addAnd(UserRolePeer::ID, $userRoles[$oldRoleName]->getId(), Criteria::EQUAL); $c->addAnd(UserRolePeer::TAGS, '%admin_console%', Criteria::LIKE); UserRolePeer::clearInstancePool(); UserRolePeer::setUseCriteriaFilter(false); $newRole = UserRolePeer::doSelectOne($c); UserRolePeer::setUseCriteriaFilter(true); if (!$newRole) { KalturaLog::alert('Role with id [' . $userRoles[$oldRoleName]->getId() . '] was not found in DB!'); return null; } return $newRole; }
/** * Getter returns the indexed version of the permission names on the role of the kuser separated by commas * @return string */ public function getIndexedPermissionNames() { $permissionNamesArray = array(); if ($this->getRoleIds()) { $roleIds = explode(",", $this->getRoleIds()); foreach ($roleIds as $roleId) { $role = UserRolePeer::retrieveByPK($roleId); $permissionNames = $role->getPermissionNames(null, true); $permissionNames = str_replace("*", self::UNIVERSAL_PERMISSION, $permissionNames); $permissionNamesArray = array_merge($permissionNamesArray, explode(",", $permissionNames)); } } return self::getIndexedFieldValue('kuserPeer::PERMISSION_NAMES', implode(',', $permissionNamesArray), $this->getPartnerId()); }
} $criteria->addAnd(UserRolePeer::NAME, $roleName, Criteria::EQUAL); $criteria->addAscendingOrderByColumn(UserRolePeer::ID); $criteria->setLimit($page); $userRoles = UserRolePeer::doSelect($criteria); while (count($userRoles)) { KalturaLog::info("[" . count($userRoles) . "] user roles ."); foreach ($userRoles as $userRole) { foreach ($parmissionNames as $parmissionName) { addPermissionsToRole($userRole, $parmissionName); } } kMemoryManager::clearMemory(); $nextCriteria = clone $criteria; $nextCriteria->add(UserRolePeer::ID, $userRole->getId(), Criteria::GREATER_THAN); $userRoles = UserRolePeer::doSelect($nextCriteria); usleep(100); } KalturaLog::info("Done"); function addPermissionsToRole($role, $permissionList) { $currentPermissions = $role->getPermissionNames(false, true); if (UserRole::ALL_PARTNER_PERMISSIONS_WILDCARD == $currentPermissions) { return; } $currentPermissionsArray = explode(',', $currentPermissions); $permissionsToAddArray = explode(',', $permissionList); $tempArray = array(); foreach ($permissionsToAddArray as $perm) { if (in_array($perm, $currentPermissionsArray)) { KalturaLog::log('Role name [' . $role->getName() . '] already has permission [' . $perm . ']');
public static function copyUserRoles(Partner $fromPartner, Partner $toPartner) { KalturaLog::log('Copying user roles from partner [' . $fromPartner->getId() . '] to partner [' . $toPartner->getId() . ']'); UserRolePeer::setUseCriteriaFilter(false); $c = new Criteria(); $c->addAnd(UserRolePeer::PARTNER_ID, $fromPartner->getId(), Criteria::EQUAL); $c->addDescendingOrderByColumn(UserRolePeer::CREATED_AT); $roles = UserRolePeer::doSelect($c); UserRolePeer::setUseCriteriaFilter(true); foreach ($roles as $role) { $newRole = $role->copyToPartner($toPartner->getId()); $newRole->save(); } }
/** * Adds a new kuser and user_login_data records as needed * @param kuser $user * @param string $password * @param bool $checkPasswordStructure * @throws kUserException::USER_NOT_FOUND * @throws kUserException::USER_ALREADY_EXISTS * @throws kUserException::INVALID_EMAIL * @throws kUserException::INVALID_PARTNER * @throws kUserException::ADMIN_LOGIN_USERS_QUOTA_EXCEEDED * @throws kUserException::LOGIN_ID_ALREADY_USED * @throws kUserException::PASSWORD_STRUCTURE_INVALID * @throws kPermissionException::ROLE_ID_MISSING * @throws kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED */ public static function addUser(kuser $user, $password = null, $checkPasswordStructure = true, $sendEmail = null) { if (!$user->getPuserId()) { throw new kUserException('', kUserException::USER_ID_MISSING); } // check if user with the same partner and puserId already exists $existingUser = kuserPeer::getKuserByPartnerAndUid($user->getPartnerId(), $user->getPuserId()); if ($existingUser) { throw new kUserException('', kUserException::USER_ALREADY_EXISTS); } // check if roles are valid - may throw exceptions if (!$user->getRoleIds() && $user->getIsAdmin()) { // assign default role according to user type admin / normal $userRoleId = $user->getPartner()->getAdminSessionRoleId(); $user->setRoleIds($userRoleId); } UserRolePeer::testValidRolesForUser($user->getRoleIds(), $user->getPartnerId()); if ($user->getScreenName() === null) { $user->setScreenName($user->getPuserId()); } if ($user->getFullName() === null) { $user->setFirstName($user->getPuserId()); } if (is_null($user->getStatus())) { $user->setStatus(KuserStatus::ACTIVE); } // if password is set, user should be able to login to the system - add a user_login_data record if ($password || $user->getIsAdmin()) { // throws an action on error $user->enableLogin($user->getEmail(), $password, $checkPasswordStructure, $sendEmail); } $user->save(); return $user; }
public function getWidgetSessionRoleId() { $id = $this->getFromCustomData('widget_session_role_id'); if (!$id) { $id = UserRolePeer::getIdByStrId(UserRoleId::WIDGET_SESSION_ROLE); } return $id; }
/** * This is a method for emulating ON DELETE CASCADE for DBs that don't support this * feature (like MySQL or SQLite). * * This method is not very speedy because it must perform a query first to get * the implicated records and then perform the deletes by calling those Peer classes. * * This method should be used within a transaction if possible. * * @param Criteria $criteria * @param PropelPDO $con * @return int The number of affected rows (if supported by underlying database driver). */ protected static function doOnDeleteCascade(Criteria $criteria, PropelPDO $con) { // initialize var to track total num of affected rows $affectedRows = 0; // first find the objects that are implicated by the $criteria $objects = RolePeer::doSelect($criteria, $con); foreach ($objects as $obj) { // delete related GroupRole objects $criteria = new Criteria(GroupRolePeer::DATABASE_NAME); $criteria->add(GroupRolePeer::ROLE_KEY, $obj->getRoleKey()); $affectedRows += GroupRolePeer::doDelete($criteria, $con); // delete related UserRole objects $criteria = new Criteria(UserRolePeer::DATABASE_NAME); $criteria->add(UserRolePeer::ROLE_KEY, $obj->getRoleKey()); $affectedRows += UserRolePeer::doDelete($criteria, $con); // delete related Right objects $criteria = new Criteria(RightPeer::DATABASE_NAME); $criteria->add(RightPeer::ROLE_KEY, $obj->getRoleKey()); $affectedRows += RightPeer::doDelete($criteria, $con); } return $affectedRows; }
/** * Retrieve object using using composite pkey values. * @param int $user_id * @param string $role_key * @param PropelPDO $con * @return UserRole */ public static function retrieveByPK($user_id, $role_key, PropelPDO $con = null) { $_instancePoolKey = serialize(array((string) $user_id, (string) $role_key)); if (null !== ($obj = UserRolePeer::getInstanceFromPool($_instancePoolKey))) { return $obj; } if ($con === null) { $con = Propel::getConnection(UserRolePeer::DATABASE_NAME, Propel::CONNECTION_READ); } $criteria = new Criteria(UserRolePeer::DATABASE_NAME); $criteria->add(UserRolePeer::USER_ID, $user_id); $criteria->add(UserRolePeer::ROLE_KEY, $role_key); $v = UserRolePeer::doSelect($criteria, $con); return !empty($v) ? $v[0] : null; }
function getOrCreateUserSessionRole($partnerId) { PartnerPeer::clearInstancePool(); $partner = PartnerPeer::retrieveByPK($partnerId); $role = null; $id = $partner->getUserSessionRoleId(); if ($id) { $role = UserRolePeer::retrieveByPK($id); } if (!$role) { $role = new UserRole(); $role->setPartnerId($partnerId); $role->setStatus(UserRoleStatus::ACTIVE); $role->setName('Partner ' . $partnerId . ' user session permission'); $role->setDescription('Partner ' . $partnerId . ' user session permission'); $role->setPermissionNames(PermissionName::USER_SESSION_PERMISSION); $role->save(); } return $role; }
private static function initRoleIds() { $roleIds = null; if (!self::$operatingPartner || !self::$ksString) { // no partner or session -> no role $roleIds = null; } else { $ks = ks::fromSecureString(self::$ksString); $ksSetRoleId = $ks->getSetRole(); if ($ksSetRoleId) { //check if role exists $c = new Criteria(); $c->addAnd(is_numeric($ksSetRoleId) ? UserRolePeer::ID : UserRolePeer::SYSTEM_NAME, $ksSetRoleId, Criteria::EQUAL); $c->addAnd(UserRolePeer::PARTNER_ID, array(self::$ksPartnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN); $roleId = UserRolePeer::doSelectOne($c); if ($roleId) { $roleIds = $roleId->getId(); } else { KalturaLog::debug("Role id [{$ksSetRoleId}] does not exists"); throw new KalturaAPIException(APIErrors::UNKNOWN_ROLE_ID, $ksSetRoleId); } } // if user is defined -> get his role IDs if (!$roleIds && self::$kuser) { $roleIds = self::$kuser->getRoleIds(); } // if user has no defined roles or no user is defined -> get default role IDs according to session type (admin/not) if (!$roleIds) { if ($ks->isWidgetSession()) { //there is only one partner widget role defined in the system $roleIds = self::$operatingPartner->getWidgetSessionRoleId(); } elseif (self::$adminSession) { // there is only one partner admin role defined in the system $roleIds = self::$operatingPartner->getAdminSessionRoleId(); } else { // a partner may have special defined user session roles - get them from partner object $roleIds = self::$operatingPartner->getUserSessionRoleId(); } } if ($roleIds) { $roleIds = explode(',', trim($roleIds, ',')); } } self::$roleIds = $roleIds; }
/** * Populates the object using an array. * * This is particularly useful when populating an object from one of the * request arrays (e.g. $_POST). This method goes through the column * names, checking to see whether a matching key exists in populated * array. If so the setByName() method is called for that column. * * You can specify the key type of the array by additionally passing one * of the class type constants BasePeer::TYPE_PHPNAME, BasePeer::TYPE_STUDLYPHPNAME, * BasePeer::TYPE_COLNAME, BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_NUM. * The default key type is the column's phpname (e.g. 'AuthorId') * * @param array $arr An array to populate the object from. * @param string $keyType The type of keys the array uses. * @return void */ public function fromArray($arr, $keyType = BasePeer::TYPE_PHPNAME) { $keys = UserRolePeer::getFieldNames($keyType); if (array_key_exists($keys[0], $arr)) { $this->setId($arr[$keys[0]]); } if (array_key_exists($keys[1], $arr)) { $this->setStrId($arr[$keys[1]]); } if (array_key_exists($keys[2], $arr)) { $this->setName($arr[$keys[2]]); } if (array_key_exists($keys[3], $arr)) { $this->setDescription($arr[$keys[3]]); } if (array_key_exists($keys[4], $arr)) { $this->setPartnerId($arr[$keys[4]]); } if (array_key_exists($keys[5], $arr)) { $this->setStatus($arr[$keys[5]]); } if (array_key_exists($keys[6], $arr)) { $this->setPermissionNames($arr[$keys[6]]); } if (array_key_exists($keys[7], $arr)) { $this->setTags($arr[$keys[7]]); } if (array_key_exists($keys[8], $arr)) { $this->setCreatedAt($arr[$keys[8]]); } if (array_key_exists($keys[9], $arr)) { $this->setUpdatedAt($arr[$keys[9]]); } if (array_key_exists($keys[10], $arr)) { $this->setCustomData($arr[$keys[10]]); } }
/** * Checks if the current user has one of the permissions with the given names * @param array $permissionNamesArray Permission names * @return true or false */ public function hasPermissionOr(array $permissionNamesArray) { $roleIds = explode(',', $this->getRoleIds()); foreach ($roleIds as $roleId) { $userRole = UserRolePeer::retrieveByPK($roleId); if ($userRole) { $permissions = explode(',', $userRole->getPermissionNames()); foreach ($permissionNamesArray as $permissionName) { if (in_array($permissionName, $permissions)) { return true; } } } } return false; }
<?php /** * enable feature for each partner * set to all partners with partner->partnerPackage > 1 to 1 * @package Deployment * @subpackage updates */ $dryRun = true; //TODO: change for real run if (in_array('realrun', $argv)) { $dryRun = false; } require_once dirname(__FILE__) . '/../../bootstrap.php'; $con = myDbHelper::getConnection(myDbHelper::DB_HELPER_CONN_PROPEL2); KalturaStatement::setDryRun($dryRun); $c = new Criteria(); $c->add(UserRolePeer::NAME, "System Administrator", Criteria::EQUAL); $adminRoles = UserRolePeer::doSelect($c, $con); foreach ($adminRoles as $adminRole) { $c = new Criteria(); $c->add(KuserToUserRolePeer::USER_ROLE_ID, $adminRole->getId(), Criteria::EQUAL); $admins = KuserToUserRolePeer::doSelect($c, $con); foreach ($admins as $admin) { $adminUser = $admin->getkuser($con); if ($adminUser) { $adminUser->setAllowedPartners('*'); $adminUser->save(); } } }
public static function validatePrivileges($privileges, $partnerId) { // break all privileges to their pairs - this is to support same "multi-priv" method expected for // edit privilege (edit:XXX,edit:YYY,...) $allPrivileges = explode(',', $privileges); // foreach pair - check privileges on playlist foreach ($allPrivileges as $priv) { // extract playlist ID from pair $exPrivileges = explode(':', $priv); //validate setRole if ($exPrivileges[0] == self::PRIVILEGE_SET_ROLE) { $c = new Criteria(); $c->addAnd(is_numeric($exPrivileges[1]) ? UserRolePeer::ID : UserRolePeer::SYSTEM_NAME, $exPrivileges[1], Criteria::EQUAL); $c->addAnd(UserRolePeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN); $roleId = UserRolePeer::doSelectOne($c); if ($roleId) { $roleIds = $roleId->getId(); } else { KalturaLog::debug("Role id [{$exPrivileges['1']}] does not exists"); throw new kCoreException(kCoreException::INTERNAL_SERVER_ERROR, APIErrors::UNKNOWN_ROLE_ID, $exPrivileges[1]); } } } }
/** * Will return a UserRole object with the given $roleName and given $partnerId (or partner 0) * @param string $roleName * @param int $partnerId * @return UserRole */ public static function getByNameAndPartnerId($roleName, $partnerId) { $c = new Criteria(); $c->addAnd(UserRolePeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN); $c->addAnd(UserRolePeer::NAME, $roleName, Criteria::EQUAL); $c->addAnd(UserRolePeer::STATUS, UserRoleStatus::DELETED, Criteria::NOT_EQUAL); UserRolePeer::setUseCriteriaFilter(false); $userRole = UserRolePeer::doSelectOne($c); UserRolePeer::setUseCriteriaFilter(true); return $userRole; }
public function testUpdateAction() { $this->startSession(KalturaSessionType::ADMIN, $this->getDbPartner()->getAdminUserId()); // failure to update partner 0 roles $c = new Criteria(); $c->addAnd(UserRolePeer::PARTNER_ID, PartnerPeer::GLOBAL_PARTNER, Criteria::EQUAL); $partner0Roles = UserRolePeer::doSelect($c); for ($i = 1; $i < 4; $i++) { $randId = rand(0, count($partner0Roles) - 1); $exceptionThrown = false; $updateRole = new KalturaUserRole(); $updateRole->name = uniqid(); try { $this->client->userRole->update($partner0Roles[$randId]->getId(), $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'INVALID_OBJECT_ID'); } // add a new role to test with $newRole = new KalturaUserRole(); $newRole->name = uniqid(); $addedRole = $this->addRoleWrap($newRole); // failure to add a permisison which the partner does not have $updateRole = new KalturaUserRole(); $updateRole->permissionNames = PermissionName::BATCH_BASE; $exceptionThrown = false; try { $addedRole = $this->client->userRole->update($addedRole->id, $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'PERMISSION_NOT_FOUND'); // success adding and removing valid permissions $updateRole = new KalturaUserRole(); $updateRole->permissionNames = PermissionName::ACCOUNT_BASE . ',' . PermissionName::CONTENT_MANAGE_EMBED_CODE; $resultRole = $this->client->userRole->update($addedRole->id, $updateRole); $this->assertEquals($updateRole->permissionNames, $resultRole->permissionNames); // replace permissions test - verify that old permissions are no more returned $updateRole = new KalturaUserRole(); $updateRole->permissionNames = PermissionName::CONTENT_INGEST_BULK_UPLOAD . ',' . PermissionName::CUSTOM_DATA_PROFILE_DELETE; $resultRole = $this->client->userRole->update($addedRole->id, $updateRole); $this->assertEquals($updateRole->permissionNames, $resultRole->permissionNames); // success updating name, description and status $updateRole = new KalturaUserRole(); $updateRole->name = uniqid(); $updateRole->description = uniqid(); $updateRole->status = KalturaUserRoleStatus::BLOCKED; $resultRole = $this->client->userRole->update($addedRole->id, $updateRole); $this->assertEquals($updateRole->name, $resultRole->name); $this->assertEquals($updateRole->description, $resultRole->description); $this->assertEquals($updateRole->status, $resultRole->status); // failure to update partner id $updateRole = new KalturaUserRole(); $updateRole->partnerId = rand(100, 300); $exceptionThrown = false; try { $addedRole = $this->client->userRole->update($addedRole->id, $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'PROPERTY_VALIDATION_NOT_UPDATABLE'); // failure to update role id $updateRole = new KalturaUserRole(); $updateRole->id = rand(1, 1000); $exceptionThrown = false; try { $addedRole = $this->client->userRole->update($addedRole->id, $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'PROPERTY_VALIDATION_NOT_UPDATABLE'); // failure to update createdAt $updateRole = new KalturaUserRole(); $updateRole->createdAt = time(); $exceptionThrown = false; try { $addedRole = $this->client->userRole->update($addedRole->id, $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'PROPERTY_VALIDATION_NOT_UPDATABLE'); // failure to update updatedAt $updateRole = new KalturaUserRole(); $updateRole->updatedAt = time(); $exceptionThrown = false; try { $addedRole = $this->client->userRole->update($addedRole->id, $updateRole); } catch (Exception $e) { $exceptionThrown = $e; } $this->checkException($exceptionThrown, 'PROPERTY_VALIDATION_NOT_UPDATABLE'); //TODO: verify that only given parameters were updated and not other parameters }
public function getFieldNameFromPeer($field_name) { $res = UserRolePeer::translateFieldName($field_name, $this->field_name_translation_type, BasePeer::TYPE_COLNAME); return $res; }
/** * Update existing user, it is possible to update the user id too * * @action update * @param string $userId * @param KalturaUser $user * @return KalturaUser * * @throws KalturaErrors::INVALID_USER_ID * @throws KalturaErrors::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER * @throws KalturaErrors::USER_ROLE_NOT_FOUND * @throws KalturaErrors::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE */ public function updateAction($userId, KalturaUser $user) { $dbUser = kuserPeer::getKuserByPartnerAndUid($this->getPartnerId(), $userId); if (!$dbUser) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $userId); } if ($dbUser->getIsAdmin() && !is_null($user->isAdmin) && !$user->isAdmin) { throw new KalturaAPIException(KalturaErrors::CANNOT_SET_ROOT_ADMIN_AS_NO_ADMIN); } // update user try { if (!is_null($user->roleIds)) { UserRolePeer::testValidRolesForUser($user->roleIds); } if ($user->id != $userId) { $existingUser = kuserPeer::getKuserByPartnerAndUid($this->getPartnerId(), $user->id); if ($existingUser) { throw new KalturaAPIException(KalturaErrors::DUPLICATE_USER_BY_ID, $user->id); } } $dbUser = $user->toUpdatableObject($dbUser); $dbUser->save(); } catch (kPermissionException $e) { $code = $e->getCode(); if ($code == kPermissionException::ROLE_ID_MISSING) { throw new KalturaAPIException(KalturaErrors::ROLE_ID_MISSING); } if ($code == kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED) { throw new KalturaAPIException(KalturaErrors::ONLY_ONE_ROLE_PER_USER_ALLOWED); } if ($code == kPermissionException::USER_ROLE_NOT_FOUND) { throw new KalturaAPIException(KalturaErrors::USER_ROLE_NOT_FOUND); } if ($code == kPermissionException::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE) { throw new KalturaAPIException(KalturaErrors::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE); } throw $e; } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER) { throw new KalturaAPIException(KalturaErrors::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER); } throw $e; } $user = new KalturaUser(); $user->fromObject($dbUser); return $user; }
/** * Selects a collection of KuserToUserRole objects pre-filled with all related objects except kuser. * * @param Criteria $criteria * @param PropelPDO $con * @param String $join_behavior the type of joins to use, defaults to Criteria::LEFT_JOIN * @return array Array of KuserToUserRole objects. * @throws PropelException Any exceptions caught during processing will be * rethrown wrapped into a PropelException. */ public static function doSelectJoinAllExceptkuser(Criteria $criteria, $con = null, $join_behavior = Criteria::LEFT_JOIN) { $criteria = clone $criteria; // Set the correct dbName if it has not been overridden // $criteria->getDbName() will return the same object if not set to another value // so == check is okay and faster if ($criteria->getDbName() == Propel::getDefaultDB()) { $criteria->setDbName(self::DATABASE_NAME); } KuserToUserRolePeer::addSelectColumns($criteria); $startcol2 = KuserToUserRolePeer::NUM_COLUMNS - KuserToUserRolePeer::NUM_LAZY_LOAD_COLUMNS; UserRolePeer::addSelectColumns($criteria); $startcol3 = $startcol2 + (UserRolePeer::NUM_COLUMNS - UserRolePeer::NUM_LAZY_LOAD_COLUMNS); $criteria->addJoin(KuserToUserRolePeer::USER_ROLE_ID, UserRolePeer::ID, $join_behavior); $stmt = BasePeer::doSelect($criteria, $con); $results = array(); while ($row = $stmt->fetch(PDO::FETCH_NUM)) { $key1 = KuserToUserRolePeer::getPrimaryKeyHashFromRow($row, 0); if (null !== ($obj1 = KuserToUserRolePeer::getInstanceFromPool($key1))) { // We no longer rehydrate the object, since this can cause data loss. // See http://propel.phpdb.org/trac/ticket/509 // $obj1->hydrate($row, 0, true); // rehydrate } else { $cls = KuserToUserRolePeer::getOMClass(false); $obj1 = new $cls(); $obj1->hydrate($row); KuserToUserRolePeer::addInstanceToPool($obj1, $key1); } // if obj1 already loaded // Add objects for joined UserRole rows $key2 = UserRolePeer::getPrimaryKeyHashFromRow($row, $startcol2); if ($key2 !== null) { $obj2 = UserRolePeer::getInstanceFromPool($key2); if (!$obj2) { $cls = UserRolePeer::getOMClass(false); $obj2 = new $cls(); $obj2->hydrate($row, $startcol2); UserRolePeer::addInstanceToPool($obj2, $key2); } // if $obj2 already loaded // Add the $obj1 (KuserToUserRole) to the collection in $obj2 (UserRole) $obj2->addKuserToUserRole($obj1); } // if joined row is not null $results[] = $obj1; } $stmt->closeCursor(); return $results; }
public static function getRoleIds(Partner $operatingPartner = null, kuser $kuser = null) { $roleIds = null; $ksString = kCurrentContext::$ks; $isAdminSession = !self::isEmpty(kCurrentContext::$is_admin_session) ? kCurrentContext::$is_admin_session : false; if (!$ksString || !$operatingPartner && kCurrentContext::$ks_partner_id != Partner::BATCH_PARTNER_ID) { $roleId = UserRolePeer::getIdByStrId(UserRoleId::NO_SESSION_ROLE); if ($roleId) { return array($roleId); } return null; } $ks = ks::fromSecureString($ksString); $ksSetRoleId = $ks->getSetRole(); if ($ksSetRoleId) { if ($ksSetRoleId == 'null') { return null; } $ksPartnerId = !self::isEmpty(kCurrentContext::$ks_partner_id) ? kCurrentContext::$ks_partner_id : null; //check if role exists $c = new Criteria(); $c->addAnd(is_numeric($ksSetRoleId) ? UserRolePeer::ID : UserRolePeer::SYSTEM_NAME, $ksSetRoleId, Criteria::EQUAL); $partnerIds = array_map('strval', array($ksPartnerId, PartnerPeer::GLOBAL_PARTNER)); $c->addAnd(UserRolePeer::PARTNER_ID, $partnerIds, Criteria::IN); $roleId = UserRolePeer::doSelectOne($c); if ($roleId) { $roleIds = $roleId->getId(); } else { KalturaLog::debug("Role id [{$ksSetRoleId}] does not exists"); throw new kCoreException("Unknown role Id [{$ksSetRoleId}]", kCoreException::ID_NOT_FOUND); } } // if user is defined -> get his role IDs if (!$roleIds && $kuser) { $roleIds = $kuser->getRoleIds(); } // if user has no defined roles or no user is defined -> get default role IDs according to session type (admin/not) if (!$roleIds) { if (!$operatingPartner) { // use system default roles if ($ks->isWidgetSession()) { $strId = UserRoleId::WIDGET_SESSION_ROLE; } elseif ($isAdminSession) { $strId = UserRoleId::PARTNER_ADMIN_ROLE; } else { $strId = UserRoleId::BASE_USER_SESSION_ROLE; } $roleIds = UserRolePeer::getIdByStrId($strId); } else { if ($ks->isWidgetSession()) { //there is only one partner widget role defined in the system $roleIds = $operatingPartner->getWidgetSessionRoleId(); } elseif ($isAdminSession) { // there is only one partner admin role defined in the system $roleIds = $operatingPartner->getAdminSessionRoleId(); } else { // a partner may have special defined user session roles - get them from partner object $roleIds = $operatingPartner->getUserSessionRoleId(); } } } if ($roleIds) { $roleIds = explode(',', trim($roleIds, ',')); } return $roleIds; }
/** * Creates a new user role object that is a duplicate of an existing role. * * @action clone * @param int $userRoleId The user role's unique identifier * @return KalturaUserRole The duplicate user role object * * @throws KalturaErrors::INVALID_OBJECT_ID */ public function cloneAction($userRoleId) { $dbUserRole = UserRolePeer::retrieveByPK($userRoleId); if (!$dbUserRole || $dbUserRole->getStatus() == UserRoleStatus::DELETED || $dbUserRole->getPartnerId() != PartnerPeer::GLOBAL_PARTNER && $dbUserRole->getPartnerId() != $this->getPartnerId()) { throw new KalturaAPIException(KalturaErrors::INVALID_OBJECT_ID, $userRoleId); } $newDbRole = $dbUserRole->copyToPartner($this->getPartnerId()); $newName = $newDbRole->getName() . ' copy (' . date("D j M o, H:i:s") . ')'; $newDbRole->setName($newName); $newDbRole->save(); $userRole = new KalturaUserRole(); $userRole->fromObject($newDbRole, $this->getResponseProfile()); return $userRole; }
<?php /** * @package deployment * * Update integration->notify permission name and related objects */ $script = realpath(dirname(__FILE__) . '/../../../../') . '/alpha/scripts/utils/permissions/addPermissionsAndItems.php'; $config = realpath(dirname(__FILE__)) . '/../../../permissions/partner.0.ini'; passthru("php {$script} {$config}"); $config = realpath(dirname(__FILE__)) . '/../../../permissions/service.integration.integration.ini'; passthru("php {$script} {$config}"); require_once dirname(__FILE__) . "/../../../../" . "alpha/scripts/bootstrap.php"; $userRole = UserRolePeer::getByNameAndPartnerId(kIntegrationFlowManager::EXTERNAL_INTEGRATION_SERVICES_ROLE_NAME, PartnerPeer::GLOBAL_PARTNER); $permissionNamesStr = $userRole->getPermissionNames(); $permissionNamesArr = explode(",", $permissionNamesStr); $permissionNamesArr = array_map('trim', $permissionNamesArr); $index = array_search("VOICEBASE_ACTIONS", $permissionNamesArr); if ($index !== false) { unset($permissionNamesArr[$index]); } $permissionNamesArr[] = "INTEGRATION_ACTIONS"; $permissionNamesStr = implode(",", $permissionNamesArr); $userRole->setPermissionNames($permissionNamesStr); $userRole->save();
/** * Get the associated UserRole object * * @param PropelPDO Optional Connection object. * @return UserRole The associated UserRole object. * @throws PropelException */ public function getUserRole(PropelPDO $con = null) { if ($this->aUserRole === null && $this->user_role_id !== null) { $this->aUserRole = UserRolePeer::retrieveByPk($this->user_role_id); /* The following can be used additionally to guarantee the related object contains a reference to this object. This level of coupling may, however, be undesirable since it could result in an only partially populated collection in the referenced object. $this->aUserRole->addKuserToUserRoles($this); */ } return $this->aUserRole; }
/** * Retrieve multiple objects by pkey. * * @param array $pks List of primary keys * @param PropelPDO $con the connection to use * @throws PropelException Any exceptions caught during processing will be * rethrown wrapped into a PropelException. */ public static function retrieveByPKs($pks, PropelPDO $con = null) { $objs = null; if (empty($pks)) { $objs = array(); } else { $criteria = new Criteria(UserRolePeer::DATABASE_NAME); $criteria->add(UserRolePeer::ID, $pks, Criteria::IN); $objs = UserRolePeer::doSelect($criteria, $con); } return $objs; }