/** * Getting the users that have the $selectedright rights * Excluded the admin profil. * For a resource * * @return array UserIds array of user objects|array */ public function getUsersForResourceByRights(ResourceNode $node, $selectedright = 'open', $excludeAdmin = true) { // $this->container->get('icap.manager.dropzone_voter')->isAllowToEdit($dropzone); //getting the ressource node // $ressourceNode = $dropzone->getResourceNode(); // getting the rights of the ressource node $rights = $node->getRights(); // will contain the user's ids. $userIds = array(); $test = array(); // searching for roles with the 'open' right foreach ($rights as $ressourceRight) { $role = $ressourceRight->getRole(); // current role $mask = $ressourceRight->getMask(); // current mask // getting decoded rights. $decodedRights = $this->maskManager->decodeMask($mask, $node->getResourceType()); $checkrights = array_key_exists($selectedright, $decodedRights) && $decodedRights[$selectedright] == true; // if this role is allowed to $selectedright (and this role is not an Admin role) $checkrights = $excludeAdmin ? $checkrights && $role->getName() != 'ROLE_ADMIN' : $checkrights; if ($checkrights) { $users = $role->getUsers(); foreach ($users as $user) { array_push($userIds, $user); } } } //$users = array_unique($users); return $userIds; }
/** * @param \Claroline\CoreBundle\Entity\Resource\ResourceNode $resourceNode * @param \Claroline\CoreBundle\Entity\Resource\ResourceNode $copy * @param array $workspaceRoles */ private function duplicateRights(ResourceNode $resourceNode, ResourceNode $copy, array $workspaceRoles) { $rights = $resourceNode->getRights(); $workspace = $resourceNode->getWorkspace(); foreach ($rights as $right) { $role = $right->getRole(); $key = $role->getTranslationKey(); $newRight = new ResourceRights(); $newRight->setResourceNode($copy); $newRight->setMask($right->getMask()); $newRight->setCreatableResourceTypes($right->getCreatableResourceTypes()->toArray()); if ($role->getWorkspace() === $workspace && isset($workspaceRoles[$key]) && !empty($workspaceRoles[$key])) { $newRight->setRole($workspaceRoles[$key]); } else { $newRight->setRole($role); } $this->om->persist($newRight); } $this->om->flush(); }
/** * Return the resource rights as a readable array. This array can be used for the resource creation. * @param ResourceNode $node * * @return array */ public function getCustomRoleRights(ResourceNode $node) { $perms = array(); foreach ($node->getRights() as $right) { //if not ROLE_ANONYMOUS nor ROLE_USER because they're added automatically in ResourceManager::createRights if ($right->getRole()->getName() !== 'ROLE_ANONYMOUS' && $right->getRole()->getName() !== 'ROLE_USER') { $rolePerms = $this->maskManager->decodeMask($right->getMask(), $node->getResourceType()); $perms[$right->getRole()->getName()] = $rolePerms; $perms[$right->getRole()->getName()]['role'] = $right->getRole(); //no implementation for rights creations yet $perms[$right->getRole()->getName()]['create'] = array(); } } return $perms; }
private function getPermsArray(ResourceNode $node) { $rights = $node->getRights(); $roles = []; foreach ($rights as $right) { $perms = $this->maskManager->decodeMask($right->getMask(), $node->getResourceType()); //we only keep workspace in the current workspace and platform roles if ($right->getRole()->getWorkspace() === $node->getWorkspace()) { //creation rights are missing here but w/e $name = $this->roleManager->getWorkspaceRoleBaseName($right->getRole()); $data = array('name' => $name, 'rights' => $perms); //don't keep the role manager if (!strpos('_' . $name, 'ROLE_WS_MANAGER')) { $roles[] = array('role' => $data); } } } return $roles; }
public function getUsersByResource(ResourceNode $node, $mask) { $rights = $node->getRights(); $roles = []; foreach ($rights as $right) { //1 is the default "open" mask if ($right->getMask() & 1) { $roles[] = $right->getRole(); } } $roles[] = $this->roleRepo->findOneByName('ROLE_WS_MANAGER_' . $node->getWorkspace()->getGuid()); //we must also add the ROLE_WS_MANAGER_{ws_guid} return $this->userRepo->findByRolesIncludingGroups($roles, false, 'id', 'ASC'); }