function hasPermission($section, $reference, $action = NULL) { $result = false; $value = $this->getSetting($section, $reference); $min = PHP_INT_MAX; $mask = 0; switch ($section) { case 'forge_admin': case 'forge_read': case 'approve_projects': case 'approve_news': case 'project_admin': case 'project_read': case 'tracker_admin': case 'pm_admin': case 'forum_admin': return $value >= 1; break; case 'forge_stats': switch ($action) { case 'read': return $value >= 1; break; case 'admin': return $value >= 2; break; } break; case 'scm': switch ($action) { case 'read': return $value >= 1; break; case 'write': return $value >= 2; break; } break; case 'docman': switch ($action) { case 'read': return $value >= 1; break; case 'submit': return $value >= 2; break; case 'approve': return $value >= 3; break; case 'admin': return $value >= 4; break; } break; case 'frs': switch ($action) { case 'read_public': return $value >= 1; break; case 'read_private': return $value >= 2; break; case 'write': return $value >= 3; break; } break; case 'forum': case 'new_forum': switch ($action) { case 'read': return $value >= 1; break; case 'post': return $value >= 2; break; case 'unmoderated_post': return $value >= 3; break; case 'moderate': return $value >= 4; break; } break; case 'tracker': case 'new_tracker': switch ($action) { case 'read': return ($value & 1) != 0; break; case 'tech': return ($value & 2) != 0; break; case 'manager': return ($value & 4) != 0; break; } break; case 'pm': case 'new_pm': switch ($action) { case 'read': return ($value & 1) != 0; break; case 'tech': return ($value & 2) != 0; break; case 'manager': return ($value & 4) != 0; break; } break; default: $hook_params = array(); $hook_params['section'] = $section; $hook_params['reference'] = $reference; $hook_params['action'] = $action; $hook_params['value'] = $value; $hook_params['result'] = false; plugin_hook_by_reference("role_has_permission", $hook_params); return $hook_params['result']; break; } }
/** * Create a HTML link to a project's page * @param string $groupame * @param int $group_id * @param string $text * @return string */ function util_make_link_g($groupname, $group_id, $text) { $hook_params = array(); $hook_params['resource_type'] = 'group'; $hook_params['group_name'] = $groupname; $hook_params['group_id'] = $group_id; $hook_params['link_text'] = $text; $hook_params['group_link'] = ''; plugin_hook_by_reference('project_link_with_tooltip', $hook_params); if ($hook_params['group_link'] != '') { return $hook_params['group_link']; } return '<a href="' . util_make_url_g($groupname, $group_id) . '">' . $text . '</a>'; }
function loadSearchEngines() { // Specific search engines $this->addSearchEngine(SEARCH__TYPE_IS_ARTIFACT, new ArtifactSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_FORUM, new ForumSearchEngine()); // Project search engines $this->addSearchEngine(SEARCH__TYPE_IS_FULL_PROJECT, new GroupSearchEngine(SEARCH__TYPE_IS_FULL_PROJECT, 'FullProjectHtmlSearchRenderer', _('Search the entire project'))); $this->addSearchEngine(SEARCH__TYPE_IS_TRACKERS, new TrackersGroupSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_FORUMS, new ForumsGroupSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_TASKS, new TasksGroupSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_FRS, new FrsGroupSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_DOCS, new DocsGroupSearchEngine()); $this->addSearchEngine(SEARCH__TYPE_IS_NEWS, new NewsGroupSearchEngine()); // Global search engine $this->addSearchEngine(SEARCH__TYPE_IS_SOFTWARE, new GFSearchEngine(SEARCH__TYPE_IS_SOFTWARE, 'ProjectHtmlSearchRenderer', _('Software/Group'))); $this->addSearchEngine(SEARCH__TYPE_IS_PEOPLE, new GFSearchEngine(SEARCH__TYPE_IS_PEOPLE, 'PeopleHtmlSearchRenderer', _('People'))); if ($GLOBALS['sys_use_people']) { $this->addSearchEngine(SEARCH__TYPE_IS_SKILL, new GFSearchEngine(SEARCH__TYPE_IS_SKILL, 'SkillHtmlSearchRenderer', _('Skill'))); } // Rss search engines $this->addSearchEngine(SEARCH__TYPE_IS_SOFTWARE, new GFSearchEngine(SEARCH__TYPE_IS_SOFTWARE, 'ProjectRssSearchRenderer', _('Software/Group')), SEARCH__OUTPUT_RSS); plugin_hook_by_reference('search_engines', $this); }
private function _getRolesIdByAllowedAction($section, $reference, $action = NULL) { $result = array(); $qpa = db_construct_qpa(); $qpa = db_construct_qpa($qpa, 'SELECT role_id FROM pfo_role_setting WHERE section_name=$1 AND ref_id=$2 ', array($section, $reference)); // Look for roles that are directly allowed to perform action switch ($section) { case 'forge_admin': case 'forge_read': case 'approve_projects': case 'approve_news': case 'project_admin': case 'project_read': case 'tracker_admin': case 'pm_admin': case 'forum_admin': $qpa = db_construct_qpa($qpa, 'AND perm_val = 1'); break; case 'forge_stats': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'admin': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; } break; case 'scm': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'write': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; } break; case 'docman': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'submit': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'approve': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; case 'admin': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 4'); break; } break; case 'frs': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read_public': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'read_private': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'write': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; } break; case 'forum': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'post': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'unmoderated_post': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; case 'moderate': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 4'); break; } break; case 'tracker': case 'pm': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 1) = 1'); break; case 'tech': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 2) = 2'); break; case 'manager': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 4) = 4'); break; } break; default: $hook_params = array(); $hook_params['section'] = $section; $hook_params['reference'] = $reference; $hook_params['action'] = $action; $hook_params['qpa'] = $qpa; $hook_params['result'] = $result; plugin_hook_by_reference("list_roles_by_permission", $hook_params); $qpa = $hook_params['qpa']; break; } $res = db_query_qpa($qpa); if (!$res) { $this->setError('RBACEngine::getRolesByAllowedAction()::' . db_error()); return false; } while ($arr = db_fetch_array($res)) { $result[] = $arr['role_id']; } // Also look for roles that can perform the action because they're more powerful switch ($section) { case 'forge_read': case 'approve_projects': case 'approve_news': case 'forge_stats': case 'project_admin': $result = array_merge($result, $this->_getRolesIdByAllowedAction('forge_admin', -1)); break; case 'project_read': case 'tracker_admin': case 'pm_admin': case 'forum_admin': case 'scm': case 'docman': case 'frs': $result = array_merge($result, $this->_getRolesIdByAllowedAction('project_admin', $reference)); break; case 'tracker': if ($action != 'tech') { $t = artifactType_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $t->Group->getID())); } break; case 'pm': if ($action != 'tech') { $t = projectgroup_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $t->Group->getID())); } break; case 'forum': $t = forum_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $t->Group->getID())); break; case 'new_tracker': if ($action != 'tech') { $result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $reference)); } break; case 'new_pm': if ($action != 'tech') { $result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $reference)); } break; case 'new_forum': $t = forum_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $reference)); break; } return array_unique($result); }
/** * Outputs project's DOAP profile * @param unknown_type $params */ function content_negociated_project_home(&$params) { $projectname = $params['groupname']; $accept = $params['accept']; $group_id = $params['group_id']; if ($accept == 'application/rdf+xml') { // connect to FusionForge internals $pm = ProjectManager::instance(); $project = $pm->getProject($group_id); $project_shortdesc = $project->getPublicName(); $project_description = $project->getDescription(); $tags_list = NULL; if (forge_get_config('use_project_tags')) { $group = group_get_object($group_id); $tags_list = $group->getTags(); } // We will return RDF+XML $params['content_type'] = 'application/rdf+xml'; // Construct an ARC2_Resource containing the project's RDF (DOAP) description $ns = array('rdf' => 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', 'rdfs' => 'http://www.w3.org/2000/01/rdf-schema#', 'doap' => 'http://usefulinc.com/ns/doap#', 'dcterms' => 'http://purl.org/dc/terms/', 'schema' => 'http://schema.org/'); $conf = array('ns' => $ns); $res = ARC2::getResource($conf); $res->setURI(util_make_url_g($projectname, $group_id)); // $res->setRel('rdf:type', 'doap:Project'); rdfutils_setPropToUri($res, 'rdf:type', 'doap:Project'); $res->setProp('doap:name', $projectname); $res->setProp('doap:shortdesc', $project_shortdesc); if ($project_description) { $res->setProp('doap:description', $project_description); } $res->setProp('doap:homepage', $project->getHomePage()); $tags = array(); if ($tags_list) { $tags = split(', ', $tags_list); $res->setProp('dcterms:subject', $tags); } // Now, we need to collect complementary RDF descriptiosn of the project via other plugins // invoke the 'project_rdf_metadata' hook so as to complement the RDF description $hook_params = array(); $hook_params['prefixes'] = array(); foreach ($ns as $prefix => $url) { $hook_params['prefixes'][$url] = $prefix; } $hook_params['group'] = $group_id; // pass the resource in case it could be useful (read-only in principle) $hook_params['in_Resource'] = $res; $hook_params['out_Resources'] = array(); plugin_hook_by_reference('project_rdf_metadata', $hook_params); // add new prefixes to the list foreach ($hook_params['prefixes'] as $url => $prefix) { if (!isset($ns[$prefix])) { $ns[$prefix] = $url; } } // merge the two sets of triples $merged_index = $res->index; foreach ($hook_params['out_Resources'] as $out_res) { $merged_index = ARC2::getMergedIndex($merged_index, $out_res->index); } $conf = array('ns' => $ns, 'serializer_type_nodes' => true); $ser = ARC2::getRDFXMLSerializer($conf); /* Serialize a resource index */ $doc = $ser->getSerializedIndex($merged_index); $params['content'] = $doc . "\n"; } }