function addPermissionToPartner($permissionCfg, $partnerId = null)
{
// init new db permission object
if (is_null($partnerId)) {
$partnerId = $permissionCfg->partnerId;
}
PermissionPeer::setUseCriteriaFilter(false);
$permission = PermissionPeer::getByNameAndPartner($permissionCfg->name, $partnerId);
PermissionPeer::setUseCriteriaFilter(true);
if (!$permission) {
$permission = new Permission();
}
foreach ($permissionCfg as $key => $value) {
if ($key == 'partnerPackages') {
continue;
}
$setterCallback = array($permission, "set{$key}");
call_user_func_array($setterCallback, array($value));
}
if (!$permission->getFriendlyName()) {
$permission->setFriendlyName($permission->getName());
}
if ($partnerId != null) {
$permission->setPartnerId($partnerId);
}
$permission->setStatus(PermissionStatus::ACTIVE);
// add to database
KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']');
try {
if ($permission->getId()) {
$permission->save();
} else {
PermissionPeer::addToPartner($permission, $permission->getPartnerId());
}
} catch (kPermissionException $e) {
if ($e->getCode() === kPermissionException::PERMISSION_ALREADY_EXISTS) {
KalturaLog::log('Permission name [' . $permission->getName() . '] already exists for partner id [' . $permission->getPartnerId() . ']');
} else {
throw $e;
}
}
}
/**
* Deletes an existing permission object.
*
* @action delete
* @param string $permissionName The name assigned to the permission
* @return KalturaPermission The deleted permission object
*
* @throws KalturaErrors::INVALID_OBJECT_ID
*/
public function deleteAction($permissionName)
{
$dbPermission = PermissionPeer::getByNameAndPartner($permissionName, array($this->partnerGroup()));
if (!$dbPermission) {
throw new KalturaAPIException(KalturaErrors::INVALID_OBJECT_ID, $permissionName);
}
$dbPermission->setStatus(KalturaPermissionStatus::DELETED);
$dbPermission->save();
$permission = new KalturaPermission();
$permission->fromObject($dbPermission);
return $permission;
}
require_once ROOT_DIR . '/api_v3/bootstrap.php';
PermissionPeer::clearInstancePool();
PermissionItemPeer::clearInstancePool();
//-- Script start
// define all items
$permissionItems = array(array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'name', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'tags', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'description', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaPartner', 'parameter' => 'secret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE), array('object' => 'KalturaPartner', 'parameter' => 'adminSecret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE));
// add all to required permissions
foreach ($permissionItems as $cur) {
$item = new kApiParameterPermissionItem();
$item->setObject($cur['object']);
$item->setParameter($cur['parameter']);
$item->setAction($cur['action']);
$item->setPartnerId(PartnerPeer::GLOBAL_PARTNER);
$item->save();
$permissions = $cur['permission'];
$permissions = explode(',', $permissions);
foreach ($permissions as $permissionName) {
if (!$permissionName) {
continue;
}
$permission = PermissionPeer::getByNameAndPartner(trim($permissionName), array(PartnerPeer::GLOBAL_PARTNER));
if (!$permission) {
$msg = '***** ERROR - Permission [' . $cur['permission'] . '] not found for item [' . $cur['object'] . '->' . $cur['parameter'] . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
$permission->addPermissionItem($item->getId());
$permission->save();
}
}
$criteria->add(PermissionPeer::PARTNER_ID, $startPartnerId, Criteria::GREATER_THAN);
}
if ($startUpdatedAt) {
$criteria->add(PermissionPeer::UPDATED_AT, $startUpdatedAt, Criteria::GREATER_THAN);
}
$criteria->addAscendingOrderByColumn(PermissionPeer::PARTNER_ID);
$criteria->addSelectColumn(PermissionPeer::PARTNER_ID);
$criteria->setLimit($countLimitEachLoop);
$stmt = PermissionPeer::doSelectStmt($criteria, $con);
$partners = PartnerPeer::retrieveByPKs($stmt->fetchAll(PDO::FETCH_COLUMN));
while (count($partners)) {
foreach ($partners as $partner) {
/* @var $partner partner */
$partnerId = $partner->getId();
KalturaLog::debug("Set permission [{$permissionName}] for partner id [{$partnerId}]");
$dbPermission = PermissionPeer::getByNameAndPartner($permissionName, $partnerId);
if (!$dbPermission) {
$dbPermission = new Permission();
$dbPermission->setType(PermissionType::SPECIAL_FEATURE);
$dbPermission->setPartnerId($partnerId);
$dbPermission->setName($permissionName);
}
$dbPermission->setStatus(PermissionStatus::ACTIVE);
$dbPermission->save();
}
kMemoryManager::clearMemory();
$criteria->setOffset($offset);
$stmt = PermissionPeer::doSelectStmt($criteria, $con);
$partners = PartnerPeer::retrieveByPKs($stmt->fetchAll(PDO::FETCH_COLUMN));
usleep(100);
$offset += $countLimitEachLoop;
public function toObject($object_to_fill = null, $props_to_skip = array())
{
$object_to_fill = parent::toObject($object_to_fill, $props_to_skip);
if (!$object_to_fill) {
KalturaLog::err('Cannot find object to fill');
return null;
}
if (empty($this->deliveryProfileIds)) {
$object_to_fill->setDeliveryProfileIds(array());
} else {
$object_to_fill->setDeliveryProfileIds(json_decode($this->deliveryProfileIds, true));
}
if (!$this->isNull('partnerParentId') && $this->partnerParentId > 0) {
$parentPartnerDb = PartnerPeer::retrieveByPK($this->partnerParentId);
if ($parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::GROUP && $parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::VAR_GROUP) {
throw new KalturaAPIException(SystemPartnerErrors::UNABLE_TO_FORM_GROUP_ASSOCIATION, $this->partnerParentId, $parentPartnerDb->getPartnerGroupType());
}
}
if (!is_null($this->permissions)) {
foreach ($this->permissions as $permission) {
$dbPermission = PermissionPeer::getByNameAndPartner($permission->name, array($object_to_fill->getId()));
if ($dbPermission) {
$dbPermission->setStatus($permission->status);
} else {
$dbPermission = new Permission();
$dbPermission->setType($permission->type);
$dbPermission->setPartnerId($object_to_fill->getId());
//$dbPermission->setStatus($permission->status);
$permission->type = null;
$dbPermission = $permission->toInsertableObject($dbPermission);
}
$dbPermission->save();
if ($dbPermission->getStatus() == PermissionStatus::ACTIVE) {
$this->enablePermissionForPlugins($object_to_fill->getId(), $dbPermission->getName());
}
}
//Raise template partner's conversion profiles (so far) and check whether the partner now has permissions for them.
$this->copyMissingConversionProfiles($object_to_fill);
}
if (!is_null($this->limits)) {
foreach ($this->limits as $limit) {
$limit->apply($object_to_fill);
}
}
if (!is_null($this->autoModerateEntryFilter)) {
$dbAutoModerationEntryFilter = new entryFilter();
$this->autoModerateEntryFilter->toObject($dbAutoModerationEntryFilter);
$object_to_fill->setAutoModerateEntryFilter($dbAutoModerationEntryFilter);
}
$object_to_fill->setShouldApplyAccessControlOnEntryMetadata($this->restrictEntryByMetadata);
return $object_to_fill;
}
$permissionNames = array('FEATURE_SHOW_HTML_STUDIO', 'FEATURE_SHOW_FLASH_STUDIO');
//------------------------------------------------------
require_once __DIR__ . '/../../bootstrap.php';
$con = myDbHelper::getConnection(myDbHelper::DB_HELPER_CONN_PROPEL2);
KalturaStatement::setDryRun($dryRun);
$c = new Criteria();
$c->addAscendingOrderByColumn(PartnerPeer::ID);
$c->addAnd(PartnerPeer::ID, 99, Criteria::GREATER_EQUAL);
$c->setLimit($countLimitEachLoop);
$partners = PartnerPeer::doSelect($c, $con);
while (count($partners)) {
foreach ($partners as $partner) {
/* @var $partner Partner */
foreach ($permissionNames as $permissionName) {
KalturaLog::debug("Set permission [{$permissionName}] for partner id [" . $partner->getId() . "]");
$dbPermission = PermissionPeer::getByNameAndPartner($permissionName, $partner->getId());
if (!$dbPermission) {
$dbPermission = new Permission();
$dbPermission->setType(PermissionType::PLUGIN);
$dbPermission->setPartnerId($partner->getId());
$dbPermission->setName($permissionName);
}
$dbPermission->setStatus(PermissionStatus::ACTIVE);
$dbPermission->save();
}
}
kMemoryManager::clearMemory();
$c = new Criteria();
$c->addAscendingOrderByColumn(PartnerPeer::ID);
$c->addAnd(PartnerPeer::ID, 99, Criteria::GREATER_EQUAL);
$c->setLimit($countLimitEachLoop);
* You can delete permission_item and permission_to_permission_item if you removed something from the services.ct
*
*/
//-- Bootstraping
error_reporting(E_ALL);
require_once dirname(__FILE__) . '/../../../bootstrap.php';
require_once ROOT_DIR . '/api_v3/bootstrap.php';
PermissionPeer::clearInstancePool();
PermissionItemPeer::clearInstancePool();
//-- Script start
// get base system user and no ks permission objects
define('NO_KS_TICKET_TYPE', '0');
define('USER_KS_TICKET_TYPE', '1');
define('BLOCKED_TICKET_TYPE', 'N');
$userSessionPermission = PermissionPeer::getByNameAndPartner(PermissionName::USER_SESSION_PERMISSION, array(PartnerPeer::GLOBAL_PARTNER));
$noKsPermission = PermissionPeer::getByNameAndPartner(PermissionName::ALWAYS_ALLOWED_ACTIONS, array(PartnerPeer::GLOBAL_PARTNER));
$userSessionPermissionItemIds = $userSessionPermission->getPermissionItemIds();
$noKsPermissionItemIds = $noKsPermission->getPermissionItemIds();
// special service config files - get .ct files except for the default v3_services.ct
$tmpContents = scandir(ROOT_DIR . '/api_v3/config/');
$excludeCts = array();
// files to exclude
$excludeCts[] = KalturaServiceConfig::getDefaultName();
// v3_services.ct
$excludeCts[] = 'v3_' . Partner::FULL_BLOCK_SERVICE_CONFIG_ID;
// v3_services_block.ct
$excludeCts[] = 'v3_' . Partner::CONTENT_BLOCK_SERVICE_CONFIG_ID;
// v3_services_limited_partner.ct
$excludeCts[] = 'v3_services_open_playlist.ct';
$excludeCts[] = 'v3_services_sessionless.ct';
$serviceConfigFiles = array();
public function toObject($object_to_fill = null, $props_to_skip = array())
{
$object_to_fill = parent::toObject($object_to_fill, $props_to_skip);
if (!$object_to_fill) {
KalturaLog::err('Cannot find object to fill');
return null;
}
if (!$this->isNull('partnerParentId') && $this->partnerParentId > 0) {
$parentPartnerDb = PartnerPeer::retrieveByPK($this->partnerParentId);
if ($parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::GROUP && $parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::VAR_GROUP) {
throw new KalturaAPIException(SystemPartnerErrors::UNABLE_TO_FORM_GROUP_ASSOCIATION, $this->partnerParentId, $parentPartnerDb->getPartnerGroupType());
}
}
if (!is_null($this->permissions)) {
foreach ($this->permissions as $permission) {
KalturaLog::debug("partner: " . $object_to_fill->getId() . " add permissions: " . print_r($permission, true));
$dbPermission = PermissionPeer::getByNameAndPartner($permission->name, array($object_to_fill->getId()));
if ($dbPermission) {
KalturaLog::debug("add permissions: exists; set status; " . $permission->status);
KalturaLog::debug("db permissions: " . print_r($dbPermission, true));
$dbPermission->setStatus($permission->status);
} else {
KalturaLog::debug("add permissions: didn't exists");
$dbPermission = new Permission();
$dbPermission->setType($permission->type);
$dbPermission->setPartnerId($object_to_fill->getId());
//$dbPermission->setStatus($permission->status);
$permission->type = null;
$dbPermission = $permission->toInsertableObject($dbPermission);
}
KalturaLog::debug("add permissions: save" . print_r($dbPermission, true));
$dbPermission->save();
}
}
if (!is_null($this->limits)) {
foreach ($this->limits as $limit) {
$limit->apply($object_to_fill);
}
}
if (!is_null($this->autoModerateEntryFilter)) {
$dbAutoModerationEntryFilter = new entryFilter();
$this->autoModerateEntryFilter->toObject($dbAutoModerationEntryFilter);
$object_to_fill->setAutoModerateEntryFilter($dbAutoModerationEntryFilter);
}
return $object_to_fill;
}
private function configurePartnerByPackage($partner)
{
if (!$partner) {
return;
}
if ($partner->getPartnerPackage() == 100) {
$permissionNames = array(PermissionName::FEATURE_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM_TRANSCODE);
foreach ($permissionNames as $permissionName) {
$permission = PermissionPeer::getByNameAndPartner($permissionName, $partner->getId());
if (!$permission) {
$permission = new Permission();
$permission->setType(PermissionType::SPECIAL_FEATURE);
$permission->setPartnerId($partner->getId());
$permission->setName($permissionName);
}
$permission->setStatus(PermissionStatus::ACTIVE);
$permission->save();
}
}
}
}
$c->setOffset($offset);
PermissionPeer::clearInstancePool();
$permissions = PermissionPeer::doSelect($c, $con);
$offset += $countLimitEachLoop;
sleep(1);
}
$c = new Criteria();
$c->add(UserRolePeer::PERMISSION_NAMES, "%dropFolder.CONTENT_INGEST_DROP_FOLDER_MATCH%", Criteria::LIKE);
$c->setLimit($countLimitEachLoop);
$userRoles = UserRolePeer::doSelect($c, $con);
while (count($userRoles)) {
foreach ($userRoles as $userRole) {
$partnerId = $userRole->getPartnerId();
PermissionPeer::setUseCriteriaFilter(false);
$permission = PermissionPeer::getByNameAndPartner('CONTENT_INGEST_DROP_FOLDER_MATCH', array($partnerId));
PermissionPeer::setUseCriteriaFilter(true);
if (!$permission) {
$permission = new Permission();
$permission->setName('CONTENT_INGEST_DROP_FOLDER_MATCH');
$permission->setDependsOnPermissionNames('DROPFOLDER_PLUGIN_PERMISSION');
$permission->setType(PermissionType::SPECIAL_FEATURE);
$permission->setPartnerId($partnerId);
$permission->setStatus(PermissionStatus::ACTIVE);
// add to database
KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']');
PermissionPeer::addToPartner($permission, $permission->getPartnerId());
}
}
$c->setOffset($offset);
UserRolePeer::clearInstancePool();
if ($startUpdatedAt) {
$criteria->add(PartnerPeer::UPDATED_AT, $startUpdatedAt, Criteria::GREATER_THAN);
}
if ($limit) {
$criteria->setLimit(min($page, $limit));
} else {
$criteria->setLimit($page);
}
$partners = PartnerPeer::doSelect($criteria);
$migrated = 0;
while (count($partners) && (!$limit || $migrated < $limit)) {
KalturaLog::info("Migrating [" . count($partners) . "] partners.");
$migrated += count($partners);
foreach ($partners as $partner) {
/* @var $partner Partner */
$permission = PermissionPeer::getByNameAndPartner($permissionName, array($partner->getId(), 0));
if (!$permission) {
$permission = new Permission();
$permission->setType(PermissionType::SPECIAL_FEATURE);
$permission->setPartnerId($partner->getId());
}
$permission->setStatus(PermissionStatus::ACTIVE);
KalturaStatement::setDryRun($dryRun);
$permission->save();
KalturaStatement::setDryRun(false);
$startUpdatedAt = $partner->getUpdatedAt(null);
$startPartnerId = $partner->getId();
KalturaLog::info("Migrated partner [" . $partner->getId() . "] with updated at [{$startUpdatedAt}: " . $partner->getUpdatedAt() . "].");
}
kMemoryManager::clearMemory();
$nextCriteria = clone $criteria;
