コード例 #1
0
 function setPersonalFolderPermissions($oPO)
 {
     $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
     $aAdminGroupID = $this->getGroupIdByName('System Administrators');
     //arrays used to make integers for $aAllowed array variable
     $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
     $iAdminGroupID = $aAdminGroupID[0]['id'];
     //set permissions for the role and the admin group
     $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));
     //Get the List of all the permissions
     $aPersonalFolderPermissions = KTPermission::getList();
     //Iterate through and apply all permissions to the current user and the admin group
     foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission) {
         KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);
     }
     //Update permission lookup
     KTPermissionUtil::updatePermissionLookupForPO($oPO);
 }
コード例 #2
0
 /**
  * Inherits permission object from parent, throwing away our own
  * permission object.
  */
 function inheritPermissionObject(&$oDocumentOrFolder, $aOptions = null)
 {
     global $default;
     $oDocumentOrFolder->cacheGlobal = array();
     $bEvenIfNotOwner = KTUtil::arrayGet($aOptions, 'evenifnotowner');
     if (empty($bEvenIfNotOwner) && !KTPermissionUtil::isPermissionOwner($oDocumentOrFolder)) {
         return PEAR::raiseError(_kt("Document or Folder doesn't own its permission object"));
     }
     $iOrigPOID = $oDocumentOrFolder->getPermissionObjectID();
     $oOrigPO =& KTPermissionObject::get($iOrigPOID);
     $oFolder =& Folder::get($oDocumentOrFolder->getParentID());
     $iNewPOID = $oFolder->getPermissionObjectID();
     $oNewPO =& KTPermissionObject::get($iNewPOID);
     $oDocumentOrFolder->setPermissionObjectID($iNewPOID);
     $oDocumentOrFolder->update();
     if (is_a($oDocumentOrFolder, 'Document')) {
         // If we're a document, no niggly children to worry about.
         KTPermissionUtil::updatePermissionLookup($oDocumentOrFolder);
         return;
     }
     // if the new and old permission object and lookup ids are the same, then we might as well bail
     if ($iOrigPOID == $iNewPOID) {
         if ($oDocumentOrFolder->getPermissionLookupID() == $oFolder->getPermissionLookupID()) {
             // doing this, as this was done below... (not ideal to copy, but anyways...)
             Document::clearAllCaches();
             Folder::clearAllCaches();
             return;
         }
     }
     $iFolderID = $oDocumentOrFolder->getID();
     $sFolderIDs = Folder::generateFolderIDs($iFolderID);
     $sFolderIDs .= '%';
     $sQuery = "UPDATE {$default->folders_table} SET\n            permission_object_id = ? WHERE permission_object_id = ? AND\n            parent_folder_ids LIKE ?";
     $aParams = array($oNewPO->getID(), $oOrigPO->getID(), $sFolderIDs);
     DBUtil::runQuery(array($sQuery, $aParams));
     Folder::clearAllCaches();
     // Update all documents in the folder and in the sub-folders
     $sQuery = "UPDATE {$default->documents_table} SET\n            permission_object_id = ? WHERE permission_object_id = ? AND\n            (parent_folder_ids LIKE ? OR folder_id = ?)";
     $aParams[] = $iFolderID;
     DBUtil::runQuery(array($sQuery, $aParams));
     Document::clearAllCaches();
     KTPermissionUtil::updatePermissionLookupForPO($oNewPO);
 }
コード例 #3
0
 function do_removeDynamicCondition()
 {
     $aOptions = array('redirect_to' => array('main', 'fFolderId=' . $this->oFolder->getId()));
     if (!KTBrowseUtil::inAdminMode($this->oUser, $this->oFolder)) {
         $this->oValidator->userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder, $aOptions);
     }
     $aOptions = array('redirect_to' => array('edit', 'fFolderId=' . $this->oFolder->getId()));
     $oDynamicCondition =& $this->oValidator->validateDynamicCondition($_REQUEST['fDynamicConditionId'], $aOptions);
     $res = $oDynamicCondition->delete();
     $this->oValidator->notError($res, $aOptions);
     $oTransaction = KTFolderTransaction::createFromArray(array('folderid' => $this->oFolder->getId(), 'comment' => _kt('Removed dynamic permissions'), 'transactionNS' => 'ktcore.transactions.permissions_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP()));
     $aOptions = array('defaultmessage' => _kt('Error updating permissions'), 'redirect_to' => array('edit', sprintf('fFolderId=%d', $this->oFolder->getId())));
     $this->oValidator->notErrorFalse($oTransaction, $aOptions);
     $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());
     KTPermissionUtil::updatePermissionLookupForPO($oPO);
     $this->successRedirectTo('edit', _kt('Dynamic permission removed'), 'fFolderId=' . $this->oFolder->getId());
 }
コード例 #4
0
ファイル: KTAPIAcl.inc.php プロジェクト: 5haman/knowledgetree 
 /**
  * Saves changes made by add() and remove().
  *
  * @author KnowledgeTree Team
  * @access public
  */
 public function save()
 {
     if (!$this->changed) {
         // we don't have to do anything if nothing has changed.
         return;
     }
     // if the current setup is inherited, then we must create a new copy to store the new associations.
     if ($this->getIsInherited()) {
         $this->overrideAllocation();
     }
     $permissions = KTPermission::getList();
     $folderItemObject = $this->_logTransaction(_kt('Updated permissions'), 'ktcore.transactions.permissions_change');
     $permissionObject = KTPermissionObject::get($folderItemObject->getPermissionObjectId());
     // transform the map into the structure expected
     foreach ($permissions as $permission) {
         $permissionId = $permission->getId();
         // not the association is singular here
         $allowed = array('group' => array(), 'role' => array(), 'user' => array());
         // fill the group allocations
         foreach ($this->map['groups']['map'] as $groupId => $allocations) {
             if ($allocations[$permissionId]) {
                 $allowed['group'][] = $groupId;
             }
         }
         // fill the user allocations
         foreach ($this->map['users']['map'] as $userId => $allocations) {
             if ($allocations[$permissionId]) {
                 $allowed['user'][] = $userId;
             }
         }
         // fill the role allocations
         foreach ($this->map['roles']['map'] as $roleId => $allocations) {
             if ($allocations[$permissionId]) {
                 $allowed['role'][] = $roleId;
             }
         }
         KTPermissionUtil::setPermissionForId($permission, $permissionObject, $allowed);
     }
     KTPermissionUtil::updatePermissionLookupForPO($permissionObject);
     // set the copy to be that of the modified version.
     $this->mapCopy = $this->map;
     $this->changed = false;
 }
コード例 #5
0
ファイル: conditions.php プロジェクト: 5haman/knowledgetree 
 function do_updateSearch()
 {
     $id = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId');
     $sName = KTUtil::arrayGet($_REQUEST, 'name');
     $oSearch = KTSavedSearch::get($id);
     if (PEAR::isError($oSearch) || $oSearch == false) {
         $this->errorRedirectToMain('No such dynamic condition');
     }
     $datavars = KTUtil::arrayGet($_REQUEST, 'boolean_search');
     if (!is_array($datavars)) {
         $datavars = unserialize($datavars);
     }
     if (empty($datavars)) {
         $this->errorRedirectToMain(_kt('You need to have at least 1 condition.'));
     }
     //$sName = "Neil's saved search";
     if (!empty($sName)) {
         $oSearch->setName($sName);
     }
     $oSearch->setSearch($datavars);
     $res = $oSearch->update();
     $this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Search not saved')));
     // Update permission object if exists
     $sWhere = 'condition_id = ?';
     $aParams = array($id);
     $aPermissionObjects = KTPermissionDynamicCondition::getPermissionObjectIdList($sWhere, $aParams);
     if (!PEAR::isError($aPermissionObjects) && !empty($aPermissionObjects)) {
         // update permission objects
         foreach ($aPermissionObjects as $iPermObjectId) {
             $oPO = KTPermissionObject::get($iPermObjectId['permission_object_id']);
             KTPermissionUtil::updatePermissionLookupForPO($oPO);
         }
     }
     $this->successRedirectToMain(_kt('Dynamic condition saved'));
 }