public static function getRightsForItems($moduleId, $projectId, $userId, array $itemIds) { $acl = Phprojekt_Item_Rights::getItemRights($moduleId, $itemIds, $userId); return self::mergeWithRole($moduleId, $projectId, $userId, $acl); }
public function testSaveRights() { $this->markTestSkipped('Do not use Helpdesk model outside of Helpdesk tests'); $model = new Helpdesk_Models_Helpdesk(array('db' => $this->sharedFixture)); $model->title = 'test'; $model->projectId = 1; $model->ownerId = 1; $model->attachments = '3bc3369dd33d3ab9c03bd76262cff633|LICENSE'; $model->status = 3; $model->author = 1; $model->save(); $model->saveRights(array(1 => 255)); $rights = new Phprojekt_Item_Rights(); $this->assertEquals(255, $rights->getItemRight(10, $model->id, 1)); $this->assertEquals(0, $rights->getItemRight(10, $model->id, 10)); }
/** * Saves the new values of the projects dates. * * OPTIONAL request parameters: * <pre> * - array <b>projects</b> Array with projectId,startDate and endDate by comma separated * </pre> * * If there is an error, the save will return a Zend_Controller_Action_Exception, * if not, it returns a string in JSON format with: * <pre> * - type => 'success'. * - message => Success message. * - id => 0. * </pre> * * @throws Zend_Controller_Action_Exception On error in the action save or wrong parameters. * * @return void */ public function jsonSaveAction() { $projects = (array) $this->getRequest()->getParam('projects', array()); $activeRecord = new Project_Models_Project(); $rights = new Phprojekt_Item_Rights(); $userId = Phprojekt_Auth::getUserId(); $this->setCurrentProjectId(); // Error check: no project received if (empty($projects)) { $label = Phprojekt::getInstance()->translate('Projects'); $message = Phprojekt::getInstance()->translate('No project info was received'); throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400); } foreach ($projects as $project) { list($id, $startDate, $endDate) = explode(",", $project); // Check: are the three values available? if (empty($id) || empty($startDate) || empty($endDate)) { $label = Phprojekt::getInstance()->translate('Projects'); $message = Phprojekt::getInstance()->translate('Incomplete data received'); throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400); } $id = (int) $id; $activeRecord->find($id); // Check: project id exists? if (empty($activeRecord->id)) { $label = Phprojekt::getInstance()->translate('Project'); $message = Phprojekt::getInstance()->translate('Id not found #') . $id; throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400); } // Check: dates are valid? $validStart = Cleaner::validate('date', $startDate, false); $validEnd = Cleaner::validate('date', $endDate, false); if (!$validStart || !$validEnd) { $label = Phprojekt::getInstance()->translate('Project id #') . $id; if (!$validStart) { $message = Phprojekt::getInstance()->translate('Start date invalid'); } else { $message = Phprojekt::getInstance()->translate('End date invalid'); } throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400); } // Check: start date after end date? $startDateTemp = strtotime($startDate); $endDateTemp = strtotime($endDate); if ($startDateTemp > $endDateTemp) { $label = Phprojekt::getInstance()->translate('Project id #') . $id; $message = Phprojekt::getInstance()->translate('Start date can not be after End date'); throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400); } $activeRecord->startDate = $startDate; $activeRecord->endDate = $endDate; if ($rights->getItemRight(1, $id, $userId) >= Phprojekt_Acl::WRITE) { $activeRecord->parentSave(); } } $message = Phprojekt::getInstance()->translate(self::EDIT_MULTIPLE_TRUE_TEXT); $return = array('type' => 'success', 'message' => $message, 'id' => 0); Phprojekt_Converter_Json::echoConvert($return); }
/** * Extencion of the ActiveRecord save adding default permissions. * * @return boolean True for a sucessful save. */ public function save() { if ($this->id == 0) { if (parent::save()) { // adding default values $rights = new Phprojekt_Item_Rights(); $rights->saveDefaultRights($this->id); return true; } } else { return parent::save(); } }
/** * Save the rights for the current item. * * The users are a POST array with user IDs. * * @param array $rights Array of user IDs with the bitmask access. * * @return void */ public function saveRights($rights) { // Do the default action parent::saveRights($rights); // Update access and delete the cache also for the children $itemRights = new Phprojekt_Item_Rights(); $activeRecord = new Project_Models_Project(); $tree = new Phprojekt_Tree_Node_Database($activeRecord, $this->id); $tree = $tree->setup(); $users = array(); foreach ($rights as $userId => $access) { $users[] = (int) $userId; } // Just a check if (empty($users)) { $users[] = 1; } // Keep on the childen only the access for the allowed users in the parent foreach ($tree as $node) { $projectId = (int) $node->id; // Delete users that are not allowed in the parent $where = sprintf('module_id = 1 AND item_id = %d AND user_id NOT IN (%s)', $projectId, implode(",", $users)); $itemRights->delete($where); } }