function OnPageLoad() { if (is_object($this->data_object)) { echo new XhtmlElement('h1', Html::Encode('Delete role: ' . $this->data_object->getRoleName())); } else { echo new XhtmlElement('h1', 'Delete role'); $this->deleted = true; } if ($this->deleted) { ?> <p>The role has been deleted.</p> <p><a href="roles.php">View all roles</a></p> <?php } else { ?> <p>Deleting a role cannot be undone.</p> <p>Are you sure you want to delete this role?</p> <form method="post" class="deleteButtons"> <div> <input type="submit" value="Delete role" name="delete" /> <input type="submit" value="Cancel" name="cancel" /> </div> </form> <?php $this->AddSeparator(); require_once 'stoolball/user-edit-panel.class.php'; $panel = new UserEditPanel($this->GetSettings(), 'this role'); $panel->AddLink('edit this role', "role.php?item=" . $this->data_object->getRoleId()); echo $panel; } }
public function testMostSpecificRuleAppliesIfNoExactRuleIsFound() { $this->repository->addRule($this->role1, $this->resource1, true); $this->repository->addRule($this->role1, $this->resource2, false); $rule = $this->repository->getMostApplyingRule($this->role2, $this->resource2); $this->assertSame($this->role1->getRoleId(), $rule->getRoleId()); $this->assertSame($this->resource2->getResourceId(), $rule->getResourceId()); }
/** * Returns the rule, that applies most to $role and $resource * * @param \gatekeeper\Role $role Role to search for * @param \gatekeeper\Resource $resource Resource to search for * @return \gatekeeper\Rule * @throws \gatekeeper\ThereIsNoApplyingRuleException if the is no applying * rule */ public function getMostApplyingRule(Role $role, Resource $resource) { do { $roleId = $role->getRoleId(); foreach ($this->getRules() as $rule) { if ($rule->getRoleId() !== $roleId) { continue; } $tmpResource = $resource; do { /// Perhaps breadth first search?! $resourceId = $tmpResource->getResourceId(); if ($rule->getResourceId() === $resourceId) { return $rule; } try { $tmpResource = $tmpResource->getParentResource(); } catch (HasNoParentResourceException $e) { $tmpResource = null; } } while ($tmpResource !== null); } try { $role = $role->getParentRole(); } catch (HasNoParentRoleException $e) { $role = null; } } while ($role !== null); throw new ThereIsNoApplyingRuleException(); }
/** * Returns the rules associated with a Resource and a Role, or null if no such rules exist * * If either $resource or $role is null, this means that the rules returned are for all Resources or all Roles, * respectively. Both can be null to return the default rule set for all Resources and all Roles. * * If the $create parameter is true, then a rule set is first created and then returned to the caller. * * @param Zend\Acl\Resource $resource * @param Zend\Acl\Role $role * @param boolean $create * @return array|null */ protected function &_getRules(Resource $resource = null, Role $role = null, $create = false) { // create a reference to null $null = null; $nullRef =& $null; // follow $resource do { if (null === $resource) { $visitor =& $this->_rules['allResources']; break; } $resourceId = $resource->getResourceId(); if (!isset($this->_rules['byResourceId'][$resourceId])) { if (!$create) { return $nullRef; } $this->_rules['byResourceId'][$resourceId] = array(); } $visitor =& $this->_rules['byResourceId'][$resourceId]; } while (false); // follow $role if (null === $role) { if (!isset($visitor['allRoles'])) { if (!$create) { return $nullRef; } $visitor['allRoles']['byPrivilegeId'] = array(); } return $visitor['allRoles']; } $roleId = $role->getRoleId(); if (!isset($visitor['byRoleId'][$roleId])) { if (!$create) { return $nullRef; } $visitor['byRoleId'][$roleId]['byPrivilegeId'] = array(); } return $visitor['byRoleId'][$roleId]; }
/** * Exclude object from result * * @param Role $role Object to remove from the list of results * * @return RoleQuery The current query, for fluid interface */ public function prune($role = null) { if ($role) { $this->addUsingAlias(RolePeer::ROLE_ID, $role->getRoleId(), Criteria::NOT_EQUAL); } return $this; }
/** * Adds an object to the instance pool. * * Propel keeps cached copies of objects in an instance pool when they are retrieved * from the database. In some cases -- especially when you override doSelect*() * methods in your stub classes -- you may need to explicitly add objects * to the cache in order to ensure that the same objects are always returned by doSelect*() * and retrieveByPK*() calls. * * @param Role $value A Role object. * @param string $key (optional) key to use for instance map (for performance boost if key was already calculated externally). */ public static function addInstanceToPool(Role $obj, $key = null) { if (Propel::isInstancePoolingEnabled()) { if ($key === null) { $key = (string) $obj->getRoleId(); } // if key === null self::$instances[$key] = $obj; } }
/** * Saves a security role * @param $role Role */ public function SaveRole(Role $role) { $roles = $this->GetSettings()->GetTable('Role'); $permissions_table = $this->GetSettings()->GetTable('PermissionRoleLink'); # if no id, it's a new object; otherwise update the object if ($role->getRoleId()) { $sql = "UPDATE {$roles} SET \r\n role = " . Sql::ProtectString($this->GetDataConnection(), $role->getRoleName()) . " \r\n WHERE role_id = " . Sql::ProtectNumeric($role->getRoleId()); $this->LoggedQuery($sql); # Remove existing permissions $sql = "DELETE FROM {$permissions_table} WHERE role_id = " . Sql::ProtectNumeric($role->getRoleId()); $this->LoggedQuery($sql); } else { $sql = "INSERT INTO {$roles} SET role = " . Sql::ProtectString($this->GetDataConnection(), $role->getRoleName()); $this->LoggedQuery($sql); $role->setRoleId($this->GetDataConnection()->insertID()); } # Add replacement permissions $role_id = Sql::ProtectNumeric($role->getRoleId()); $permissions = $role->Permissions()->ToArray(); foreach ($permissions as $permission => $scopes) { foreach ($scopes as $scope => $ignore_value) { $resource_uri = $scope == PermissionType::GLOBAL_PERMISSION_SCOPE ? "NULL" : Sql::ProtectString($this->GetDataConnection(), $scope); $sql = "INSERT INTO {$permissions_table} SET \r\n permission_id = " . Sql::ProtectNumeric($permission) . ",\r\n resource_uri = {$resource_uri}, \r\n role_id = {$role_id}"; $this->LoggedQuery($sql); } } }