/** * Return all the modules in an array and the access if exists. * * @param integer $roleId The role ID. * * @return array Array with 'id', 'name', 'label' and the access. */ public function getRoleModulePermissionsById($roleId) { $modules = array(); $model = new Phprojekt_Module_Module(); foreach ($model->fetchAll('(save_type = 0 OR save_type = 2)', 'name ASC') as $module) { $modules['data'][$module->id] = array(); $modules['data'][$module->id]['id'] = $module->id; $modules['data'][$module->id]['name'] = $module->name; $modules['data'][$module->id]['label'] = Phprojekt::getInstance()->translate($module->label, null, $module->name); $modules['data'][$module->id] = array_merge($modules['data'][$module->id], Phprojekt_Acl::convertBitmaskToArray(0)); } $where = 'role_module_permissions.role_id = ' . (int) $roleId; foreach ($this->fetchAll($where) as $right) { if (isset($modules['data'][$right->moduleId])) { $modules['data'][$right->moduleId] = array_merge($modules['data'][$right->moduleId], Phprojekt_Acl::convertBitmaskToArray($right->access)); } } return $modules; }
/** * Returns the rights for all the users of a moduleId-ItemId pair. * * @param string $moduleId The module ID. * @param integer $itemId The item ID. * * @return array Array with 'moduleId', 'itemId', 'userId' and all the access key. */ public function getUsersRights($moduleId, $itemId) { $values = array(); $where = sprintf('module_id = %d AND item_id = %d', (int) $moduleId, (int) $itemId); $rows = $this->fetchAll($where)->toArray(); foreach ($rows as $row) { $access = Phprojekt_Acl::convertBitmaskToArray($row['access']); $values[$row['user_id']] = array_merge($access, array('moduleId' => (int) $moduleId, 'itemId' => (int) $itemId, 'userId' => (int) $row['user_id'])); } return $values; }
/** * Assign all rights to Zend_Acls. * * @return void */ private function _registerRights() { $role = new Phprojekt_Role_RoleModulePermissions(); $rights = array(); foreach ($role->fetchAll(null, 'role_id ASC') as $right) { $access = Phprojekt_Acl::convertBitmaskToArray($right->access); foreach ($access as $name => $value) { if ($value) { $rights[$right->roleId][$name][] = $right->moduleId; } } } foreach ($rights as $roleId => $accessData) { foreach ($accessData as $access => $modules) { foreach ($modules as $moduleId) { $resources = array(); if (!$this->has($moduleId)) { $this->add(new Zend_Acl_Resource($moduleId)); } $resources[] = $moduleId; } $this->allow($roleId, $modules, $access); } } }
/** * Return a list of projects with the necessary info to make the gantt chart. * * OPTIONAL request parameters: * <pre> * - integer <b>nodeId</b> List all the items with projectId == nodeId. * </pre> * * The return have: * <pre> * - projects => A list of projects. * - rights => Write access only if all the projects have write access. * - min => First startDate of all the projects. * - max => Last endDate of all the projects. * - step => Number of days in the year of the min value. * </pre> * * For each project in the list, the data have: * <pre> * - id => id of the project. * - level => Child level * 10. * - parent => id of the parent project. * - childs => Number of children. * - caption => Title of the project. * - start => Timestamp of the startDate. * - end => Timestamp of the endDate. * - startD => Day of startDate. * - startM => Month of startDate. * - startY => Year of startDate. * - endD => Day of endDate. * - endM => Month of endDate. * - endY => Year of endDate. * </pre> * * The return is in JSON format. * * @return void */ public function jsonGetProjectsAction() { $projectId = (int) $this->getRequest()->getParam('nodeId', null); $data['data'] = array(); $activeRecord = Phprojekt_Loader::getModel('Project', 'Project'); $tree = new Phprojekt_Tree_Node_Database($activeRecord, $projectId); $tree = $tree->setup(); $min = gmmktime(0, 0, 0, 12, 31, 2030); $max = gmmktime(0, 0, 0, 1, 1, 1970); $ids = array(); foreach ($tree as $node) { if ($node->id != self::INVISIBLE_ROOT) { $key = $node->id; $parent = $node->getParentNode() ? $node->getParentNode()->id : 0; if (strstr($node->startDate, '-') && strstr($node->endDate, '-')) { list($startYear, $startMonth, $startDay) = explode("-", $node->startDate); list($endYear, $endMonth, $endDay) = explode("-", $node->endDate); $start = gmmktime(10, 0, 0, $startMonth, $startDay, $startYear); $end = gmmktime(0, 0, 0, $endMonth, $endDay, $endYear); if ($start < $min) { $min = $start; } if ($end > $max) { $max = $end; } $key = (int) $key; $ids[] = $key; $data['data']["projects"][$key] = array('id' => $key, 'level' => (int) $node->getDepth() * 10, 'parent' => (int) $parent, 'childs' => (int) count($node->getChildren()), 'caption' => $node->title, 'start' => (int) $start, 'end' => (int) $end, 'startD' => $startDay, 'startM' => $startMonth, 'startY' => $startYear, 'endD' => $endDay, 'endM' => $endMonth, 'endY' => $endYear); } } } // Define right access for each project // Also define the general write access for display the save button // (only if at least one project different than the parent have write or hight access) $data['data']['rights']["currentUser"]["write"] = false; if (count($ids) > 0) { $rights = Phprojekt_Loader::getLibraryClass('Phprojekt_Item_Rights'); $where = sprintf('user_id = %d AND item_id IN (%s) AND module_id = 1', Phprojekt_Auth::getUserId(), implode(", ", $ids)); $access = $rights->fetchAll($where)->toArray(); foreach ($access as $right) { $itemRights = Phprojekt_Acl::convertBitmaskToArray($right['access']); $itemRight = $itemRights['write'] === true; // Mix the item_right with the role if ($itemRight) { $roleRights = new Phprojekt_RoleRights($data['data']["projects"][$right['item_id']]['parent'], 1, $right['item_id']); $roleRightWrite = $roleRights->hasRight('write'); $roleRightCreate = $roleRights->hasRight('create'); $roleRightAdmin = $roleRights->hasRight('admin'); $mixedRight = $roleRightWrite || $roleRightCreate || $roleRightAdmin; } else { $mixedRight = false; } $data['data']['rights']["currentUser"][$right['item_id']] = $mixedRight; if ($data['data']['rights']["currentUser"]["write"] === false && $projectId != $right['item_id'] && $mixedRight) { $data['data']['rights']["currentUser"]["write"] = true; } } } $data['data']['min'] = gmmktime(0, 0, 0, 1, 1, date("Y", $min)); $data['data']['max'] = gmmktime(0, 0, 0, 12, 31, date("Y", $max)); $data['data']['step'] = date("L", $min) ? 366 : 365; if (date("Y", $min) < date("Y", $max)) { while (date("Y", $min) != date("Y", $max)) { $data['data']['step'] += date("L", $max) ? 366 : 365; $max = gmmktime(0, 0, 0, 5, 5, date("Y", $max) - 1); } } // Remove index for the json data $data['data']["projects"] = array_values($data['data']["projects"]); Phprojekt_Converter_Json::echoConvert($data); }
/** * Returns project-module && user-role-project permissions. * * Returns the permissions, * ("none", "read", "write", "access", "create", "copy", "delete", "download", "admin") * for each module that have the project, * for the current logged user, * depending on their role and access, in the project. * * REQUIRES request parameters: * <pre> * - integer <b>nodeId</b> The projectId for consult. * </pre> * * The return is in JSON format. * * @return void */ public function jsonGetModulesPermissionAction() { $projectId = (int) $this->getRequest()->getParam('nodeId'); $relation = Phprojekt_Loader::getModel('Project', 'ProjectModulePermissions'); $modules = $relation->getProjectModulePermissionsById($projectId); if ($projectId == 0) { $data = array(); // there is no rights or invalid project } else { $allowedModules = array(); $rights = new Phprojekt_RoleRights($projectId); foreach ($modules['data'] as $module) { if ($module['inProject']) { $tmpPermission = Phprojekt_Acl::NONE; if ($rights->hasRight('admin', $module['id'])) { $tmpPermission = $tmpPermission | Phprojekt_Acl::ADMIN; } if ($rights->hasRight('create', $module['id'])) { $tmpPermission = $tmpPermission | Phprojekt_Acl::CREATE; } if ($rights->hasRight('write', $module['id'])) { $tmpPermission = $tmpPermission | Phprojekt_Acl::WRITE; } if ($rights->hasRight('read', $module['id'])) { $tmpPermission = $tmpPermission | Phprojekt_Acl::READ; } // Return modules with at least one access if ($tmpPermission != Phprojekt_Acl::NONE) { $module['rights'] = Phprojekt_Acl::convertBitmaskToArray($tmpPermission); $allowedModules[] = $module; } } } $data = $allowedModules; } Phprojekt_Converter_Json::echoConvert($data); }
/** * Convert a model or a model information into a json stream. * * @param Phprojekt_Interface_Model | array $models The model(s) to convert. * @param integer $order A Phprojekt_ModelInformation_Default::ORDERING_* const that * defines the ordering for the convert. * * @return string Data in JSON format. */ private static function _convertModel($models, $order = Phprojekt_ModelInformation_Default::ORDERING_DEFAULT) { if (empty($models)) { throw new Exception('Called with empty value'); } // TODO: Are we sure every model is of the same type and have the same // parent? if (!is_array($models)) { $models = array($models); } $information = $models[0]->getInformation($order); $fieldDefinition = $information->getFieldDefinition($order); $datas = array(); $itemIds = array(); foreach ($models as $model) { if (!$model instanceof Phprojekt_Model_Interface) { throw new Exception("A given model does not implement the\n model interface."); } $data = array(); $data['id'] = (int) $model->id; $itemIds[] = $data['id']; foreach ($fieldDefinition as $field) { $key = $field['key']; $value = $model->{$key}; $data[$key] = self::_convertModelValue($value, $field); } $data['rights'] = array(); $datas[] = $data; } $userId = (int) Phprojekt_Auth_Proxy::getEffectiveUserId(); $moduleId = Phprojekt_Module::getId($models[0]->getModelName()); // Okay we got real models and stuff that pretends to be a model // so we try to guess if we the model has rights that we can access if ($models[0] instanceof Phprojekt_Item_Abstract) { if ($models[0] instanceof Project_Models_Project) { $projectId = $models[0]->id; } else { $projectId = $models[0]->projectId; } // TODO: we still asume that the getModelName call works $rights = Phprojekt_Right::getRightsForItems($moduleId, $projectId, $userId, $itemIds); // We need the $idx to modify the $datas elements instead of just copies. foreach ($datas as $index => $data) { $datas[$index]['rights'][$userId] = Phprojekt_Acl::convertBitmaskToArray($rights[$datas[$index]['id']]); } } $data = array('metadata' => $fieldDefinition, 'data' => $datas, 'numRows' => (int) count($datas)); return self::_makeJsonString($data); }
/** * Returns the rights for all the users of a moduleId-ItemId pair. * * @param string $moduleId The module ID. * @param integer $itemId The item ID. * * @return array Array with 'moduleId', 'itemId', 'userId' and all the access key. */ public function getUsersRights($moduleId, $itemId) { // Cache the query $sessionName = 'Phprojekt_Item_Rights-getUsersRights' . '-' . $moduleId . '-' . $itemId; $rightNamespace = new Zend_Session_Namespace($sessionName); if (!isset($rightNamespace->right)) { $values = array(); $currentUserId = (int) Phprojekt_Auth::getUserId(); // Set the current User // Use for an empty rights, if not, will be re-write $values['currentUser']['moduleId'] = (int) $moduleId; $values['currentUser']['itemId'] = (int) $itemId; $values['currentUser']['userId'] = $currentUserId; $access = Phprojekt_Acl::convertBitmaskToArray((int) Phprojekt_Acl::ALL); $values['currentUser'] = array_merge($values['currentUser'], $access); $where = sprintf('module_id = %d AND item_id = %d', (int) $moduleId, (int) $itemId); $rows = $this->fetchAll($where)->toArray(); foreach ($rows as $row) { $access = Phprojekt_Acl::convertBitmaskToArray($row['access']); if ($currentUserId == $row['user_id']) { $values['currentUser'] = array_merge($values['currentUser'], $access); } else { $values[$row['user_id']]['moduleId'] = (int) $moduleId; $values[$row['user_id']]['itemId'] = (int) $itemId; $values[$row['user_id']]['userId'] = (int) $row['user_id']; $values[$row['user_id']] = array_merge($values[$row['user_id']], $access); } } $rightNamespace->right = $values; } return $rightNamespace->right; }