/** * Temporary function that will not allow a user to have 0 or more than 1 role. * @param string $idsString * @throws kPermissionException::ROLE_ID_MISSING * @throws kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED */ public static function testValidRolesForUser($idsString, $partnerId) { if (!$idsString) { return true; } $ids = explode(',', trim($idsString)); if (count($ids) > 1) { throw new kPermissionException('', kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED); } foreach ($ids as $id) { $userRole = UserRolePeer::retrieveByPK($id); if (!$userRole || !in_array($userRole->getPartnerId(), array($partnerId, PartnerPeer::GLOBAL_PARTNER))) { throw new kPermissionException("A user role with ID [{$id}] does not exist", kPermissionException::USER_ROLE_NOT_FOUND); } } return true; }
/** * Cleans up the environment after running a test. */ protected function tearDown() { UserRolePeer::clearInstancePool(); PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); kuserPeer::clearInstancePool(); PartnerPeer::clearInstancePool(); $this->client = null; UserRolePeer::setUseCriteriaFilter(false); foreach ($this->addedRoleIds as $id) { try { $obj = UserRolePeer::retrieveByPK($id); if ($obj) { $obj->delete(); } } catch (PropelException $e) { } } UserRolePeer::setUseCriteriaFilter(true); $this->addedRoleIds = array(); parent::tearDown(); }
/** * Creates a new user role object that is a duplicate of an existing role. * * @action clone * @param int $userRoleId The user role's unique identifier * @return KalturaUserRole The duplicate user role object * * @throws KalturaErrors::INVALID_OBJECT_ID */ public function cloneAction($userRoleId) { $dbUserRole = UserRolePeer::retrieveByPK($userRoleId); if (!$dbUserRole || $dbUserRole->getStatus() == UserRoleStatus::DELETED || $dbUserRole->getPartnerId() != PartnerPeer::GLOBAL_PARTNER && $dbUserRole->getPartnerId() != $this->getPartnerId()) { throw new KalturaAPIException(KalturaErrors::INVALID_OBJECT_ID, $userRoleId); } $newDbRole = $dbUserRole->copyToPartner($this->getPartnerId()); $newName = $newDbRole->getName() . ' copy (' . date("D j M o, H:i:s") . ')'; $newDbRole->setName($newName); $newDbRole->save(); $userRole = new KalturaUserRole(); $userRole->fromObject($newDbRole, $this->getResponseProfile()); return $userRole; }
/** * Getter returns the indexed version of the permission names on the role of the kuser separated by commas * @return string */ public function getIndexedPermissionNames() { $permissionNamesArray = array(); if ($this->getRoleIds()) { $roleIds = explode(",", $this->getRoleIds()); foreach ($roleIds as $roleId) { $role = UserRolePeer::retrieveByPK($roleId); $permissionNames = $role->getPermissionNames(null, true); $permissionNames = str_replace("*", self::UNIVERSAL_PERMISSION, $permissionNames); $permissionNamesArray = array_merge($permissionNamesArray, explode(",", $permissionNames)); } } return self::getIndexedFieldValue('kuserPeer::PERMISSION_NAMES', implode(',', $permissionNamesArray), $this->getPartnerId()); }
public function setUserSessionRoleId($roleId) { if ($roleId) { $userRole = UserRolePeer::retrieveByPK($roleId); if (!$userRole || !in_array($userRole->getPartnerId(), array($this->getId(), PartnerPeer::GLOBAL_PARTNER))) { throw new kPermissionException("A user role with ID [{$roleId}] does not exist", kPermissionException::USER_ROLE_NOT_FOUND); } } else { $roleId = null; } $this->putInCustomData('user_session_role_id', $roleId); }
private static function getPermissions($roleId) { $map = self::initEmptyMap(); // get cache dirty time $roleCacheDirtyAt = 0; if (self::$operatingPartner) { $roleCacheDirtyAt = self::$operatingPartner->getRoleCacheDirtyAt(); } // get role from cache $roleCacheKey = self::getRoleIdKey($roleId, self::$operatingPartnerId); $cacheRole = self::getFromCache($roleCacheKey, $roleCacheDirtyAt); // compare updatedAt between partner dirty flag and cache if ($cacheRole) { return $cacheRole; // initialization from cache finished } // cache is not updated - delete stored value and re-init from DB $dbRole = null; if (!is_null($roleId)) { UserRolePeer::setUseCriteriaFilter(false); $dbRole = UserRolePeer::retrieveByPK($roleId); UserRolePeer::setUseCriteriaFilter(true); if (!$dbRole) { KalturaLog::alert('User role ID [' . $roleId . '] set for user ID [' . self::$ksUserId . '] of partner [' . self::$operatingPartnerId . '] was not found in the DB'); throw new kPermissionException('User role ID [' . $roleId . '] set for user ID [' . self::$ksUserId . '] of partner [' . self::$operatingPartnerId . '] was not found in the DB', kPermissionException::ROLE_NOT_FOUND); } } $map = self::getPermissionsFromDb($dbRole); // update cache $cacheRole = array('updatedAt' => time(), 'mapHash' => md5(serialize($map))); self::storeInCache($roleCacheKey, $cacheRole, $map); return $map; }
function getOrCreateUserSessionRole($partnerId) { PartnerPeer::clearInstancePool(); $partner = PartnerPeer::retrieveByPK($partnerId); $role = null; $id = $partner->getUserSessionRoleId(); if ($id) { $role = UserRolePeer::retrieveByPK($id); } if (!$role) { $role = new UserRole(); $role->setPartnerId($partnerId); $role->setStatus(UserRoleStatus::ACTIVE); $role->setName('Partner ' . $partnerId . ' user session permission'); $role->setDescription('Partner ' . $partnerId . ' user session permission'); $role->setPermissionNames(PermissionName::USER_SESSION_PERMISSION); $role->save(); } return $role; }
/** * Checks if the current user has one of the permissions with the given names * @param array $permissionNamesArray Permission names * @return true or false */ public function hasPermissionOr(array $permissionNamesArray) { $roleIds = explode(',', $this->getRoleIds()); foreach ($roleIds as $roleId) { $userRole = UserRolePeer::retrieveByPK($roleId); if ($userRole) { $permissions = explode(',', $userRole->getPermissionNames()); foreach ($permissionNamesArray as $permissionName) { if (in_array($permissionName, $permissions)) { return true; } } } } return false; }