Esempi di codice in PHP per Acl::hasPermission, GO\Base\Model

Esempio n. 1

0

Mostra file

File: AclUserController.php Progetto: ajaboa/crmpuan

 /**
  * The client CAN use the information contained in
  * $response['manage_permission'] to make decisions such as whether or not to
  * allow the current user to edit the set of groups in the store.
  * @param Array $params Client input parameters
  * @return $response for the client. 
  */
 protected function actionSelectedStore($params)
 {
     $currentPermissionLevel = \GO\Base\Model\Acl::getUserPermissionLevel($params['model_id'], \GO::user()->id);
     $response['manage_permission'] = $params['currentUserHasManagePermission'] = \GO\Base\Model\Acl::hasPermission($currentPermissionLevel, \GO\Base\Model\Acl::MANAGE_PERMISSION);
     $response = array_merge($response, parent::actionSelectedStore($params));
     return $response;
 }

Esempio n. 2

0

Mostra file

File: File.php Progetto: ajaboa/crmpuan

 public function checkWritePermission($delete = false)
 {
     $fsFile = new \GO\Base\Fs\File($this->path);
     $this->folder = \GO\Files\Model\Folder::model()->findByPath($fsFile->parent()->stripFileStoragePath());
     if (!\GO\Base\Model\Acl::hasPermission($this->folder->getPermissionLevel(), \GO\Base\Model\Acl::WRITE_PERMISSION)) {
         throw new Sabre\DAV\Exception\Forbidden("DAV: User " . \GO::user()->username . " doesn't have write permission for file '" . $this->relpath . '"');
     }
 }

Esempio n. 3

0

Mostra file

File: JsonView.php Progetto: ajaboa/crmpuan

 /**
  * Can be used in actionDisplay like actions
  * @param \GO\Base\Db\ActiveRecord $data['model'] the model to render display data for
  * @param array $extraFields the extra fields that should be attached to the data array as key => value
  * @return \GO\Base\Data\JsonResponse Response object
  */
 public function renderDisplay($data)
 {
     $response = array('data' => array(), 'success' => true);
     $response['data'] = $data['model']->getAttributes('html');
     if (!empty($data['model']->user)) {
         $response['data']['username'] = $data['model']->user->name;
     }
     if (!empty($data['model']->mUser)) {
         $response['data']['musername'] = $data['model']->mUser->name;
     }
     //$response['data'] = $model->getAttributes('html');
     //$response['data']['model'] = $model->className();
     $response['data']['permission_level'] = $data['model']->getPermissionLevel();
     $response['data']['write_permission'] = \GO\Base\Model\Acl::hasPermission($response['data']['permission_level'], \GO\Base\Model\Acl::WRITE_PERMISSION);
     $response['data']['customfields'] = array();
     if (!isset($response['data']['workflow']) && \GO::modules()->workflow) {
         $response = $this->_processWorkflowDisplay($data['model'], $response);
     }
     if ($data['model']->customfieldsRecord) {
         $response = $this->_processCustomFieldsDisplay($data['model'], $response);
     }
     if ($data['model']->hasLinks()) {
         $response = $this->_processLinksDisplay($data['model'], $response);
         if (!isset($response['data']['events']) && \GO::modules()->calendar) {
             $response = $this->_processEventsDisplay($data['model'], $response);
         }
         if (!isset($response['data']['tasks']) && \GO::modules()->tasks) {
             $response = $this->_processTasksDisplay($data['model'], $response);
         }
     }
     if (\GO::modules()->files && !isset($response['data']['files'])) {
         $response = $this->_processFilesDisplay($data['model'], $response);
     }
     if (\GO::modules()->comments) {
         $response = $this->_processCommentsDisplay($data['model'], $response);
     }
     if (\GO::modules()->lists) {
         $response = \GO\Lists\ListsModule::displayResponse($data['model'], $response);
     }
     //
     //		$this->fireEvent('display', array(
     //				&$this,
     //				&$response,
     //				&$model
     //		));
     return new \GO\Base\Data\JsonResponse($response);
 }

Esempio n. 4

0

Mostra file

File: MultiSelectGrid.php Progetto: ajaboa/crmpuan

 /**
  * Return information for add and delete buttons in the view. It tells wether add or delete is allowed.
  * 
  * @param array $response 
  */
 public function setButtonParams(&$response)
 {
     $models = $this->_getSelectedModels();
     foreach ($models as $model) {
         if (!isset($response['buttonParams']) && \GO\Base\Model\Acl::hasPermission($model->getPermissionLevel(), \GO\Base\Model\Acl::CREATE_PERMISSION)) {
             //instruct the view for the add action.
             $response['buttonParams'] = array('id' => $model->id, 'name' => $model->name, 'permissionLevel' => $model->getPermissionLevel());
         }
     }
 }

Esempio n. 5

0

Mostra file

File: ModuleController.php Progetto: ajaboa/crmpuan

 public function actionPermissionsStore($params)
 {
     //check access to users or groups module. Because we allow this action without
     //access to the modules module
     if ($params['paramIdType'] == 'groupId') {
         if (!GO::modules()->groups) {
             throw new \GO\Base\Exception\AccessDenied();
         }
     } else {
         if (!GO::modules()->users) {
             throw new \GO\Base\Exception\AccessDenied();
         }
     }
     $response = new JsonResponse(array('success' => true, 'results' => array(), 'total' => 0));
     $modules = array();
     $mods = GO::modules()->getAllModules();
     while ($module = array_shift($mods)) {
         $permissionLevel = 0;
         $usersGroupPermissionLevel = false;
         if (empty($params['id'])) {
             $aclUsersGroup = $module->acl->hasGroup(GO::config()->group_everyone);
             // everybody group
             $permissionLevel = $usersGroupPermissionLevel = $aclUsersGroup ? $aclUsersGroup->level : 0;
         } else {
             if ($params['paramIdType'] == 'groupId') {
                 //when looking at permissions from the groups module.
                 $aclUsersGroup = $module->acl->hasGroup($params['id']);
                 $permissionLevel = $aclUsersGroup ? $aclUsersGroup->level : 0;
             } else {
                 //when looking from the users module
                 $permissionLevel = Acl::getUserPermissionLevel($module->acl_id, $params['id']);
                 $usersGroupPermissionLevel = Acl::getUserPermissionLevel($module->acl_id, $params['id'], true);
             }
         }
         $translated = $module->moduleManager ? $module->moduleManager->name() : $module->id;
         // Module permissions only support read permission and manage permission:
         if (Acl::hasPermission($permissionLevel, Acl::CREATE_PERMISSION)) {
             $permissionLevel = Acl::MANAGE_PERMISSION;
         }
         $modules[$translated] = array('id' => $module->id, 'name' => $translated, 'permissionLevel' => $permissionLevel, 'disable_none' => $usersGroupPermissionLevel !== false && Acl::hasPermission($usersGroupPermissionLevel, Acl::READ_PERMISSION), 'disable_use' => $usersGroupPermissionLevel !== false && Acl::hasPermission($usersGroupPermissionLevel, Acl::CREATE_PERMISSION));
         $response['total'] += 1;
     }
     ksort($modules);
     $response['results'] = array_values($modules);
     echo $response;
 }

Esempio n. 6

0

Mostra file

File: FolderController.php Progetto: ajaboa/crmpuan

 protected function actionList($params)
 {
     if (!empty($params['query'])) {
         return $this->_searchFiles($params);
     }
     if ($params['folder_id'] == 'shared') {
         return $this->_listShares($params);
     }
     //get the folder that contains the files and folders to list.
     //This will check permissions too.
     $folder = \GO\Files\Model\Folder::model()->findByPk($params['folder_id']);
     if (!$folder) {
         $folder = \GO\Files\Model\Folder::model()->findHomeFolder(GO::user());
     }
     if (!$folder) {
         throw new Exception('No Folder found with id ' . $params['folder_id']);
     }
     $user = $folder->quotaUser;
     $this->_listFolderPermissionLevel = $folder->permissionLevel;
     $response['permission_level'] = $folder->permissionLevel;
     //$folder->readonly ? \GO\Base\Model\Acl::READ_PERMISSION : $folder->permissionLevel;
     if (empty($params['skip_fs_sync']) && empty(GO::config()->files_disable_filesystem_sync)) {
         $folder->checkFsSync();
     }
     //useful information for the view.
     $response['path'] = $folder->path;
     //Show this page in thumbnails or list
     $folderPreference = \GO\Files\Model\FolderPreference::model()->findByPk(array('user_id' => \GO::user()->id, 'folder_id' => $folder->id));
     if ($folderPreference) {
         $response['thumbs'] = $folderPreference->thumbs;
     } else {
         $response['thumbs'] = 0;
     }
     $response['parent_id'] = $folder->parent_id;
     //locked state
     $response['lock_state'] = !empty($folder->apply_state);
     $response['cm_state'] = isset($folder->cm_state) && !empty($folder->apply_state) ? $folder->cm_state : "";
     $response['may_apply_state'] = \GO\Base\Model\Acl::hasPermission($folder->getPermissionLevel(), \GO\Base\Model\Acl::MANAGE_PERMISSION);
     //      if($response["lock_state"]){
     //          $state = json_decode($response["cm_state"]);
     //
     //          if(isset($state->sort)){
     //              $params['sort']=$state->sort->field;
     //              $params['dir']=$state->sort->direction;
     //          }
     //      }
     $store = \GO\Base\Data\Store::newInstance(\GO\Files\Model\Folder::model());
     //set sort aliases
     $store->getColumnModel()->formatColumn('type', '', array(), 'name');
     $store->getColumnModel()->formatColumn('size', '"-"', array(), 'name');
     $store->getColumnModel()->formatColumn('locked_user_id', '"0"');
     //handle delete request for both files and folder
     if (isset($params['delete_keys'])) {
         $ids = $this->_splitFolderAndFileIds(json_decode($params['delete_keys'], true));
         $params['delete_keys'] = json_encode($ids['folders']);
         $store->processDeleteActions($params, "GO\\Files\\Model\\Folder");
         $params['delete_keys'] = json_encode($ids['files']);
         $store->processDeleteActions($params, "GO\\Files\\Model\\File");
     }
     $store->getColumnModel()->setFormatRecordFunction(array($this, 'formatListRecord'));
     $findParams = $store->getDefaultParams($params);
     //sorting on custom fields doesn't work for folders
     if (isset($params['sort']) && substr($params['sort'], 0, 4) == 'col_') {
         $findParams->order("name", $params['dir']);
     }
     $findParamsArray = $findParams->getParams();
     if (!isset($findParamsArray['start'])) {
         $findParamsArray['start'] = 0;
     }
     if (!isset($findParamsArray['limit'])) {
         $findParamsArray['limit'] = 0;
     }
     //$stmt = $folder->folders($findParams);
     $stmt = $folder->getSubFolders($findParams);
     $store->setStatement($stmt);
     $response = array_merge($response, $store->getData());
     //add files to the listing if it fits
     $folderPages = floor($stmt->foundRows / $findParamsArray['limit']);
     $foldersOnLastPage = $stmt->foundRows - $folderPages * $findParamsArray['limit'];
     //$isOnLastPageofFolders = $stmt->foundRows < ($findParams['limit'] + $findParams['start']);
     if (count($response['results'])) {
         $fileStart = $findParamsArray['start'] - $folderPages * $findParamsArray['limit'];
         $fileLimit = $findParamsArray['limit'] - $foldersOnLastPage;
     } else {
         $fileStart = $findParamsArray['start'] - $stmt->foundRows;
         $fileLimit = $findParamsArray['limit'];
     }
     if ($fileStart >= 0) {
         $store->resetResults();
         $store->getColumnModel()->formatColumn('size', '"-"', array(), 'size');
         $store->getColumnModel()->formatColumn('type', '', array(), 'extension');
         $store->getColumnModel()->formatColumn('locked', '$model->isLocked()');
         $store->getColumnModel()->formatColumn('locked_user_id', '$model->locked_user_id');
         $store->getColumnModel()->formatColumn('folder_id', '$model->folder_id');
         $findParams = $store->getDefaultParams($params)->limit($fileLimit)->start($fileStart);
         // Handle the files filter
         if (!empty($params['files_filter'])) {
             $extensions = explode(',', $params['files_filter']);
             $findParams->getCriteria()->addInCondition('extension', $extensions);
         }
         $stmt = $folder->files($findParams);
         $store->setStatement($stmt);
         $filesResponse = $store->getData();
         $response['total'] += $filesResponse['total'];
         $response['results'] = array_merge($response['results'], $filesResponse['results']);
     } else {
         $record = $folder->files(\GO\Base\Db\FindParams::newInstance()->single()->select('count(*) as total'));
         $response['total'] += $record->total;
     }
     if (empty($user)) {
         $user = \GO::user();
     }
     $response['owner_id'] = $user->id;
     $response['disk_usage'] = round($user->disk_usage / 1024 / 1024, 2);
     $response['disk_quota'] = $user->disk_quota;
     return $response;
 }

Esempio n. 7

0

Mostra file

File: AbstractModelController.php Progetto: ajaboa/crmpuan

 /**
  * The default action for displaying a model in a DisplayPanel.
  */
 protected function actionDisplay($params)
 {
     $response = array('data' => array(), 'success' => true);
     $modelName = $this->model;
     $model = \GO::getModel($modelName)->findByPk($this->getPrimaryKeyFromParams($params));
     if (!$model) {
         throw new \GO\Base\Exception\NotFound();
     }
     $response = $this->beforeDisplay($response, $model, $params);
     //todo build in new style. Now it's necessary for old library functions
     //require_once(\GO::config()->root_path.'Group-Office.php');
     $response['data'] = array_merge($response['data'], $model->getAttributes('html'));
     $response['data']['model'] = $model->className();
     $response['data']['permission_level'] = $model->getPermissionLevel();
     $response['data']['write_permission'] = \GO\Base\Model\Acl::hasPermission($response['data']['permission_level'], \GO\Base\Model\Acl::WRITE_PERMISSION);
     if (!empty($model->ctime)) {
         $response['data']['ctime'] = \GO\Base\Util\Date::get_timestamp($model->ctime);
     }
     if (!empty($model->mtime)) {
         $response['data']['mtime'] = \GO\Base\Util\Date::get_timestamp($model->mtime);
     }
     if (!empty($model->user)) {
         $response['data']['username'] = $model->user->name;
     }
     if (!empty($model->mUser)) {
         $response['data']['musername'] = $model->mUser->name;
     }
     $response['data']['customfields'] = array();
     if (!isset($response['data']['workflow']) && \GO::modules()->workflow) {
         $response = $this->_processWorkflowDisplay($model, $response);
     }
     if ($model->customfieldsRecord) {
         $response = $this->_processCustomFieldsDisplay($model, $response);
     }
     if ($model->hasLinks()) {
         $response = $this->_processLinksDisplay($model, $response, isset($params['links_limit']) ? $params['links_limit'] : 15);
         if (!isset($response['data']['events']) && \GO::modules()->calendar) {
             $response = $this->_processEventsDisplay($model, $response);
         }
         if (!isset($response['data']['tasks']) && \GO::modules()->tasks) {
             $response = $this->_processTasksDisplay($model, $response);
         }
     }
     if (!isset($response['data']['files'])) {
         $response = $this->_processFilesDisplay($model, $response);
     }
     if (\GO::modules()->comments) {
         $response = $this->_processCommentsDisplay($model, $response);
     }
     if (\GO::modules()->lists) {
         $response = \GO\Lists\ListsModule::displayResponse($model, $response);
     }
     $response = $this->afterDisplay($response, $model, $params);
     $this->fireEvent('display', array(&$this, &$response, &$model));
     return $response;
 }

Esempi in PHP per GO\Base\Model Acl::hasPermission