/**
* Returns an array containing all the permissions for the specified item.
* The ugroups that have no permission defined in the request take the permission of the parent folder.
*/
function _get_permissions_as_array($group_id, $item_id, $permissions)
{
$permissions_array = array();
$perms = array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE');
// Get the ugroups of the parent
$ugroups = permission_get_ugroups_permissions($group_id, $item_id, $perms, false);
// Initialize the ugroup permissions to the same values as the parent folder
foreach ($ugroups as $ugroup) {
$ugroup_id = $ugroup['ugroup']['id'];
$permissions_array[$ugroup_id] = 100;
foreach ($perms as $perm) {
if (isset($ugroup['permissions'][$perm])) {
$permissions_array[$ugroup_id] = Docman_PermissionsManager::getDefinitionIndexForPermission($perm);
}
}
}
// Set the SOAP-provided permissions
foreach ($permissions as $index => $permission) {
$ugroup_id = $permission->ugroup_id;
if (isset($permissions_array[$ugroup_id])) {
$permissions_array[$ugroup_id] = Docman_PermissionsManager::getDefinitionIndexForPermission($permission->type);
}
}
return $permissions_array;
}
function fetch($id, $params)
{
$html = '';
if ($params['user_can_manage']) {
$titles = array();
$titles[] = $GLOBALS['Language']->getText('plugin_docman', 'details_permissions_ugroups');
$titles[] = $GLOBALS['Language']->getText('plugin_docman', 'details_permissions_perms');
$html .= html_build_list_table_top($titles, false, false, false);
$odd_even = array('boxitem', 'boxitemalt');
$i = 0;
$ugroups = permission_get_ugroups_permissions($params['group_id'], $id, array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE'), false);
ksort($ugroups);
foreach ($ugroups as $ugroup) {
$html .= '<tr class="' . $odd_even[$i++ % count($odd_even)] . '">';
$html .= '<td>' . $ugroup['ugroup']['name'] . '</td>';
$html .= '<td style="text-align:center;"><select name="permissions[' . $ugroup['ugroup']['id'] . ']">';
$html .= '<option value="100">-</option>';
$perms = array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE');
$i = 1;
foreach ($perms as $perm) {
if (isset($params['force_permissions'][$ugroup['ugroup']['id']])) {
$selected = $params['force_permissions'][$ugroup['ugroup']['id']] == $i ? 'selected="selected"' : '';
} else {
$selected = isset($ugroup['permissions'][$perm]) ? 'selected="selected"' : '';
}
$html .= '<option value="' . $i++ . '" ' . $selected . '>' . permission_get_name($perm) . '</option>';
}
$html .= '</select></td>';
$html .= '</tr>';
}
$html .= '</table>';
} else {
$html .= $GLOBALS['Language']->getText('plugin_docman', 'new_same_perms_as_parent');
// Will be created with the same permissions than its parent.
$html .= $GLOBALS['Language']->getText('plugin_docman', 'new_need_to_be_manager');
// <br />You need Manage permission to define permissions.
}
return $html;
}
/**
* @returns array the permissions for the ugroups
*/
function plugin_tracker_permission_get_field_tracker_ugroups_permissions($group_id, $atid, $fields)
{
$tracker_permissions = plugin_tracker_permission_get_tracker_ugroups_permissions($group_id, $atid);
//Anonymous can access ?
if (isset($tracker_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($tracker_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['permissions']) && count($tracker_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['permissions']) > 0) {
//Do nothing
} else {
//We remove the id
if (isset($tracker_permissions[$GLOBALS['UGROUP_ANONYMOUS']])) {
unset($tracker_permissions[$GLOBALS['UGROUP_ANONYMOUS']]);
}
//Registered can access ?
if (isset($tracker_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($tracker_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']) && count($tracker_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']) > 0) {
//Do nothing
} else {
//We remove the id
if (isset($tracker_permissions[$GLOBALS['UGROUP_REGISTERED']])) {
unset($tracker_permissions[$GLOBALS['UGROUP_REGISTERED']]);
}
//Each group can access ?
foreach ($tracker_permissions as $key => $value) {
if (!isset($value['permissions']) || count($value['permissions']) < 1) {
unset($tracker_permissions[$key]);
}
}
}
}
$ugroups_that_can_access_to_tracker = $tracker_permissions;
$ugroups_permissions = array();
foreach ($fields as $field) {
$fake_id = $field->getID();
$ugroups = permission_get_ugroups_permissions($group_id, $fake_id, array('PLUGIN_TRACKER_FIELD_READ', 'PLUGIN_TRACKER_FIELD_UPDATE', 'PLUGIN_TRACKER_FIELD_SUBMIT'), false);
//{{{ We remove the ugroups which can't access to tracker and don't have permissions
/*foreach($ugroups as $key => $value) {
if (!isset($ugroups_that_can_access_to_tracker[$key]) && count($ugroups[$key]['permissions']) == 0) {
unset($ugroups[$key]);
}
}*/
//}}}
//We store permission for the current field
$ugroups_permissions[$field->getID()] = array('field' => array('shortname' => $field->getName(), 'name' => $field->getLabel() . ($field->isRequired() ? ' *' : ''), 'id' => $field->getID(), 'field' => $field, 'link' => '/tracker/admin/index.php?group_id=' . $group_id . '&atid=' . $atid . '&func=display_field_update&field_id=' . $field->getID()), 'ugroups' => $ugroups);
//{{{ We store tracker permissions
foreach ($ugroups_permissions[$field->getID()]['ugroups'] as $key => $ugroup) {
if (isset($tracker_permissions[$key])) {
$ugroups_permissions[$field->getID()]['ugroups'][$key]['tracker_permissions'] = $tracker_permissions[$key]['permissions'];
} else {
$ugroups_permissions[$field->getID()]['ugroups'][$key]['tracker_permissions'] = array();
}
}
//}}}
}
return $ugroups_permissions;
}
/**
* @param Docman_Item $item The id of the item
* @param bool $force true if you want to bypass permissions checking (@see permission_add_ugroup)
* @param PFUser $user The current user
*/
private function setPermissionsOnItem(Docman_Item $item, $force, PFUser $user)
{
$permission_definition = array(100 => array('order' => 0, 'type' => null, 'label' => null, 'previous' => null), 1 => array('order' => 1, 'type' => 'PLUGIN_DOCMAN_READ', 'label' => permission_get_name('PLUGIN_DOCMAN_READ'), 'previous' => 0), 2 => array('order' => 2, 'type' => 'PLUGIN_DOCMAN_WRITE', 'label' => permission_get_name('PLUGIN_DOCMAN_WRITE'), 'previous' => 1), 3 => array('order' => 3, 'type' => 'PLUGIN_DOCMAN_MANAGE', 'label' => permission_get_name('PLUGIN_DOCMAN_MANAGE'), 'previous' => 2));
$permissions = $this->_controler->request->get('permissions');
$old_permissions = permission_get_ugroups_permissions($item->getGroupId(), $item->getId(), array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE'), false);
$done_permissions = array();
$history = array('PLUGIN_DOCMAN_READ' => false, 'PLUGIN_DOCMAN_WRITE' => false, 'PLUGIN_DOCMAN_MANAGE' => false);
foreach ($permissions as $ugroup_id => $wanted_permission) {
$this->_setPermission($item->getGroupId(), $item->getId(), $permission_definition, $old_permissions, $done_permissions, $ugroup_id, $permissions, $history, $force);
}
$updated = false;
foreach ($history as $perm => $put_in_history) {
if ($put_in_history) {
permission_add_history($item->getGroupId(), $perm, $item->getId());
$updated = true;
}
}
$this->_controler->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'info_perms_updated'));
// If requested by user, apply permissions recursively on sub items
if ($this->_controler->request->get('recursive')) {
//clone permissions for sub items
// Recursive application via a callback of Docman_Actions::recursivePermissions in
// Docman_ItemFactory::breathFirst
$item_factory = $this->_getItemFactory();
$item_factory->breathFirst($item->getId(), array(&$this, 'recursivePermissions'), array('id' => $item->getId()));
$this->_controler->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'info_perms_recursive_updated'));
}
}
/**
* @returns array the permissions for the ugroups
*/
function permission_get_tracker_ugroups_permissions($group_id, $object_id)
{
return permission_get_ugroups_permissions($group_id, $object_id, array('TRACKER_ACCESS_FULL', 'TRACKER_ACCESS_ASSIGNEE', 'TRACKER_ACCESS_SUBMITTER'), false);
}
function getContent()
{
$folder_or_document = is_a($this->item, 'Docman_Folder') ? 'folder' : 'document';
$content = '';
$content .= '<form action="' . $this->url . '" method="post">';
//{{{ Explanations
/* => in the doc
$content .= '<div>';
$content .= 'Readers can:<ul>
<li>access to document/folder,</li>
<li>access to properties of the document/folder.</li>
</ul>';
$content .= 'Writers have the same rights than readers plus:<ul>
<li>update the document (create a new version),</li>
<li>update the properties of the document/folder,</li>
<li>move the document/folder,</li>
<li>create a sub-item for the folder.</li>
</ul>';
$content .= 'Managers have the same rights than writers plus:<ul>
<li>delete the document/folder,</li>
<li>change permissions of the document/folder.</li>
</ul>';
$content .= '</div>';
*/
//}}}
//{{{ Permissions
$content .= '<div>';
$titles = array();
$titles[] = $GLOBALS['Language']->getText('plugin_docman', 'details_permissions_ugroups');
$titles[] = $GLOBALS['Language']->getText('plugin_docman', 'details_permissions_perms');
$content .= html_build_list_table_top($titles, false, false, false);
$odd_even = array('boxitem', 'boxitemalt');
$i = 0;
$ugroups = permission_get_ugroups_permissions($this->item->getGroupId(), $this->item->getId(), array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE'), false);
ksort($ugroups);
foreach ($ugroups as $ugroup) {
$content .= '<tr class="' . $odd_even[$i++ % count($odd_even)] . '">';
$content .= '<td>' . $ugroup['ugroup']['name'] . '</td>';
$content .= '<td style="text-align:center;"><select name="permissions[' . $ugroup['ugroup']['id'] . ']">';
$content .= '<option value="100">-</option>';
$perms = array('PLUGIN_DOCMAN_READ', 'PLUGIN_DOCMAN_WRITE', 'PLUGIN_DOCMAN_MANAGE');
$i = 1;
foreach ($perms as $perm) {
$content .= '<option value="' . $i++ . '" ' . (isset($ugroup['permissions'][$perm]) ? 'selected="selected"' : '') . '>' . permission_get_name($perm) . '</option>';
}
$content .= '</select></td>';
$content .= '</tr>';
}
$content .= '</table>';
if (is_a($this->item, 'Docman_Folder')) {
$content .= '<div>';
$content .= '<input type="checkbox" name="recursive" id="docman_recusrsive_permissions" value="1" /><label for="docman_recusrsive_permissions">' . $GLOBALS['Language']->getText('plugin_docman', 'details_permissions_recursive') . '</label>';
$content .= '</div>';
}
$content .= '<div>';
$content .= '<input type="hidden" name="action" value="permissions" />';
$content .= '<input type="hidden" name="id" value="' . $this->item->getId() . '" />';
$content .= '<input type="submit" name="update" value="' . $GLOBALS['Language']->getText('project_admin_permissions', 'submit_perm') . '" />';
$content .= '</div>';
$content .= '</div>';
//}}}
$content .= '</form>';
return $content;
}
