/**
* Describe (as a text string) the modifications corresponding to this change
*/
public function GetDescription()
{
$sResult = '';
$oTargetObjectClass = $this->Get('objclass');
$oTargetObjectKey = $this->Get('objkey');
$oTargetSearch = new DBObjectSearch($oTargetObjectClass);
$oTargetSearch->AddCondition('id', $oTargetObjectKey, '=');
$oMonoObjectSet = new DBObjectSet($oTargetSearch);
if (UserRights::IsActionAllowedOnAttribute($this->Get('objclass'), $this->Get('attcode'), UR_ACTION_READ, $oMonoObjectSet) == UR_ALLOWED_YES) {
if (!MetaModel::IsValidAttCode($this->Get('objclass'), $this->Get('attcode'))) {
return '';
}
// Protects against renamed attributes...
$oAttDef = MetaModel::GetAttributeDef($this->Get('objclass'), $this->Get('attcode'));
$sAttName = $oAttDef->GetLabel();
$sLinkClass = $oAttDef->GetLinkedClass();
$aLinkClasses = MetaModel::EnumChildClasses($sLinkClass, ENUM_CHILD_CLASSES_ALL);
// Search for changes on the corresponding link
//
$oSearch = new DBObjectSearch('CMDBChangeOpSetAttribute');
$oSearch->AddCondition('change', $this->Get('change'), '=');
$oSearch->AddCondition('objkey', $this->Get('link_id'), '=');
if (count($aLinkClasses) == 1) {
// Faster than the whole building of the expression below for just one value ??
$oSearch->AddCondition('objclass', $sLinkClass, '=');
} else {
$oField = new FieldExpression('objclass', $oSearch->GetClassAlias());
$sListExpr = '(' . implode(', ', CMDBSource::Quote($aLinkClasses)) . ')';
$sOQLCondition = $oField->Render() . " IN {$sListExpr}";
$oNewCondition = Expression::FromOQL($sOQLCondition);
$oSearch->AddConditionExpression($oNewCondition);
}
$oSet = new DBObjectSet($oSearch);
$aChanges = array();
while ($oChangeOp = $oSet->Fetch()) {
$aChanges[] = $oChangeOp->GetDescription();
}
if (count($aChanges) == 0) {
return '';
}
$sItemDesc = MetaModel::GetHyperLink($this->Get('item_class'), $this->Get('item_id'));
$sResult = $sAttName . ' - ';
$sResult .= Dict::Format('Change:LinkSet:Modified', $sItemDesc);
$sResult .= ' : ' . implode(', ', $aChanges);
}
return $sResult;
}
public function DoCheckToWrite()
{
parent::DoCheckToWrite();
// Plugins
//
foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
$aNewIssues = $oExtensionInstance->OnCheckToWrite($this);
if (count($aNewIssues) > 0) {
$this->m_aCheckIssues = array_merge($this->m_aCheckIssues, $aNewIssues);
}
}
// User rights
//
$aChanges = $this->ListChanges();
if (count($aChanges) > 0) {
$aForbiddenFields = array();
foreach ($this->ListChanges() as $sAttCode => $value) {
$bUpdateAllowed = UserRights::IsActionAllowedOnAttribute(get_class($this), $sAttCode, UR_ACTION_MODIFY, DBObjectSet::FromObject($this));
if (!$bUpdateAllowed) {
$oAttCode = MetaModel::GetAttributeDef(get_class($this), $sAttCode);
$aForbiddenFields[] = $oAttCode->GetLabel();
}
}
if (count($aForbiddenFields) > 0) {
// Security issue
$this->m_bSecurityIssue = true;
$this->m_aCheckIssues[] = Dict::Format('UI:Delete:NotAllowedToUpdate_Fields', implode(', ', $aForbiddenFields));
}
}
}
protected function DoExecute()
{
$sUser = '******';
echo "<p>Totor: " . (UserRights::CheckCredentials('Totor', 'toto') ? 'ok' : 'NO') . "</p>\n";
echo "<p>Romain: " . (UserRights::CheckCredentials('Romain', 'toto') ? 'ok' : 'NO') . "</p>\n";
echo "<p>User: "******"</p>\n";
echo "<p>On behalf of..." . UserRights::GetRealUser() . "</p>\n";
echo "<p>Denis (impersonate) : " . (UserRights::Impersonate('Denis', 'tutu') ? 'ok' : 'NO') . "</p>\n";
echo "<p>User: "******"</p>\n";
echo "<p>On behalf of..." . UserRights::GetRealUser() . "</p>\n";
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT bizOrganization"));
echo "<p>IsActionAllowed..." . (UserRights::IsActionAllowed('bizOrganization', UR_ACTION_MODIFY, $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
echo "<p>IsStimulusAllowed..." . (UserRights::IsStimulusAllowed('bizOrganization', 'myStimulus', $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
echo "<p>IsActionAllowedOnAttribute..." . (UserRights::IsActionAllowedOnAttribute('bizOrganization', 'myattribute', UR_ACTION_MODIFY, $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
return true;
}
