public static function loadFixtures(\thebuggenie\core\entities\Scope $scope) { $scope_id = $scope->getID(); $admin_group = new \thebuggenie\core\entities\Group(); $admin_group->setName('Administrators'); $admin_group->setScope($scope); $admin_group->save(); \thebuggenie\core\framework\Settings::saveSetting('admingroup', $admin_group->getID(), 'core', $scope_id); $user_group = new \thebuggenie\core\entities\Group(); $user_group->setName('Regular users'); $user_group->setScope($scope); $user_group->save(); \thebuggenie\core\framework\Settings::saveSetting('defaultgroup', $user_group->getID(), 'core', $scope_id); $guest_group = new \thebuggenie\core\entities\Group(); $guest_group->setName('Guests'); $guest_group->setScope($scope); $guest_group->save(); // Set up initial users, and their permissions if ($scope->isDefault()) { list($guestuser_id, $adminuser_id) = \thebuggenie\core\entities\User::loadFixtures($scope, $admin_group, $user_group, $guest_group); tables\UserScopes::getTable()->addUserToScope($guestuser_id, $scope->getID(), $guest_group->getID(), true); tables\UserScopes::getTable()->addUserToScope($adminuser_id, $scope->getID(), $admin_group->getID(), true); } else { $default_scope_id = \thebuggenie\core\framework\Settings::getDefaultScopeID(); $default_user_id = (int) \thebuggenie\core\framework\Settings::get(\thebuggenie\core\framework\Settings::SETTING_DEFAULT_USER_ID, 'core', $default_scope_id); tables\UserScopes::getTable()->addUserToScope($default_user_id, $scope->getID(), $user_group->getID(), true); tables\UserScopes::getTable()->addUserToScope(1, $scope->getID(), $admin_group->getID()); \thebuggenie\core\framework\Settings::saveSetting(\thebuggenie\core\framework\Settings::SETTING_DEFAULT_USER_ID, $default_user_id, 'core', $scope->getID()); } tables\Permissions::getTable()->loadFixtures($scope, $admin_group->getID(), $guest_group->getID()); }
protected function _upgradeFrom3dot2(framework\Request $request) { set_time_limit(0); \thebuggenie\core\entities\tables\Milestones::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGMilestone::getB2DBTable()); \thebuggenie\core\entities\tables\Projects::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGProjectsTable::getTable()); \thebuggenie\core\entities\tables\Log::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGLogTable::getTable()); \thebuggenie\core\entities\tables\Users::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGUsersTable::getTable()); \thebuggenie\core\entities\tables\Issues::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGIssuesTable::getTable()); \thebuggenie\core\entities\tables\Workflows::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGWorkflowsTable::getTable()); \thebuggenie\core\entities\tables\IssueSpentTimes::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGIssueSpentTimesTable::getTable()); \thebuggenie\core\entities\tables\Comments::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGCommentsTable::getTable()); \thebuggenie\core\entities\tables\SavedSearches::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGSavedSearchesTable::getTable()); \thebuggenie\core\entities\tables\Settings::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGSettingsTable::getTable()); \thebuggenie\core\entities\tables\Notifications::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGNotificationsTable::getTable()); \thebuggenie\core\entities\tables\Permissions::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGPermissionsTable::getTable()); \thebuggenie\core\entities\Dashboard::getB2DBTable()->create(); \thebuggenie\core\entities\DashboardView::getB2DBTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGDashboardViewsTable::getTable()); \thebuggenie\core\entities\ApplicationPassword::getB2DBTable()->create(); \thebuggenie\core\entities\NotificationSetting::getB2DBTable()->create(); $transaction = \b2db\Core::startTransaction(); // Upgrade user passwords switch ($request['upgrade_passwords']) { case 'manual': $password = $request['manual_password']; foreach (\thebuggenie\core\entities\tables\Users::getTable()->selectAll() as $user) { $user->setPassword($password); $user->save(); } break; case 'auto': $field = $request['upgrade_passwords_pick'] == 'username' ? 'username' : 'email'; foreach (\thebuggenie\core\entities\tables\Users::getTable()->selectAll() as $user) { if ($field == 'username' && trim($user->getUsername())) { $user->setPassword(trim($user->getUsername())); $user->save(); } elseif ($field == 'email' && trim($user->getEmail())) { $user->setPassword(trim($user->getEmail())); $user->save(); } } break; } $adminuser = \thebuggenie\core\entities\User::getB2DBTable()->selectById(1); $adminuser->setPassword($request['admin_password']); $adminuser->save(); // Add new settings framework\Settings::saveSetting(framework\Settings::SETTING_SERVER_TIMEZONE, 'core', date_default_timezone_get(), 0, 1); foreach ($request->getParameter('status') as $scope_id => $status_id) { $scope = \thebuggenie\core\entities\tables\Scopes::getTable()->selectById((int) $scope_id); if ($scope instanceof \thebuggenie\core\entities\Scope) { $epic = new \thebuggenie\core\entities\Issuetype(); $epic->setName('Epic'); $epic->setIcon('epic'); $epic->setDescription('Issue type suited for entering epics'); $epic->setScope($scope_id); $epic->save(); framework\Settings::saveSetting('issuetype_epic', $epic->getID(), 'core', $scope_id); foreach (\thebuggenie\core\entities\tables\Workflows::getTable()->getAll((int) $scope_id) as $workflow) { $transition = new \thebuggenie\core\entities\WorkflowTransition(); $steps = $workflow->getSteps(); $step = array_shift($steps); $step->setLinkedStatusID((int) $status_id); $step->save(); $transition->setOutgoingStep($step); $transition->setName('Issue created'); $transition->setWorkflow($workflow); $transition->setScope($scope); $transition->setDescription('This is the initial transition for issues using this workflow'); $transition->save(); $workflow->setInitialTransition($transition); $workflow->save(); } \thebuggenie\core\entities\ActivityType::loadFixtures($scope); } } $transaction->commitAndEnd(); framework\Context::finishUpgrading(); foreach (framework\Context::getModules() as $module) { $module->upgrade(); } $this->upgrade_complete = true; }
/** * Adds an assignee with a given role * * @param \thebuggenie\core\entities\common\Identifiable $assignee The user or team to add * @param Role $role The role to add * * @return null */ public function addAssignee($assignee, $role = null) { $user_id = 0; $team_id = 0; if ($assignee instanceof \thebuggenie\core\entities\User) { $user_id = $assignee->getID(); if (tables\ProjectAssignedUsers::getTable()->addUserToProject($this->getID(), $user_id, $role->getID()) && is_array($this->_assigned_users)) { $this->_assigned_users = array_merge($this->_assigned_users, tables\ProjectAssignedUsers::getTable()->getUserByProjectIDUserIDRoleID($this->getID(), $user_id, $role->getID())); } } elseif ($assignee instanceof \thebuggenie\core\entities\Team) { $team_id = $assignee->getID(); if (tables\ProjectAssignedTeams::getTable()->addTeamToProject($this->getID(), $team_id, $role->getID()) && is_array($this->_assigned_users)) { $this->_assigned_teams = array_merge($this->_assigned_teams, tables\ProjectAssignedTeams::getTable()->getTeamByProjectIDTeamIDRoleID($this->getID(), $team_id, $role->getID())); } } if ($role instanceof \thebuggenie\core\entities\Role) { $role_id = $role->getID(); foreach ($role->getPermissions() as $role_permission) { $target_id = strtolower($role_permission->getExpandedTargetID($role)); tables\Permissions::getTable()->removeSavedPermission($user_id, 0, $team_id, $role_permission->getModule(), $role_permission->getPermission(), $target_id, framework\Context::getScope()->getID(), $role_id); framework\Context::setPermission($role_permission->getPermission(), $target_id, $role_permission->getModule(), $user_id, 0, $team_id, true, null, $role_id); } } }
public function addPermission(\thebuggenie\core\entities\RolePermission $permission) { $permission->setRole($this); $permission->save(); if ($this->_permissions !== null) { $this->_permissions[$permission->getID()] = $permission; } tables\Permissions::getTable()->addRolePermission($this, $permission); }
/** * Save a permission setting * * @param string $permission_type The permission type * @param mixed $target_id The target id * @param string $module The name of the module for which the permission is valid * @param integer $uid The user id for which the permission is valid, 0 for none * @param integer $gid The group id for which the permission is valid, 0 for none * @param integer $tid The team id for which the permission is valid, 0 for none * @param boolean $allowed Allowed or not * @param integer $scope [optional] A specified scope if not the default */ public static function setPermission($permission_type, $target_id, $module, $uid, $gid, $tid, $allowed, $scope = null, $role_id = null) { if ($scope === null) { $scope = self::getScope()->getID(); } if ($role_id === null) { self::removePermission($permission_type, $target_id, $module, $uid, $gid, $tid, false, $scope, 0); } Permissions::getTable()->setPermission($uid, $gid, $tid, $allowed, $module, $permission_type, $target_id, $scope, $role_id); self::clearPermissionsCache(); self::cacheAllPermissions(); }
public function runConfigureRole(framework\Request $request) { try { $role = new entities\Role($request['role_id']); } catch (\Exception $e) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('This is not a valid role'))); } if ($role->isSystemRole()) { $access_level = $this->getAccessLevel($request['section'], 'core'); } else { $access_level = $this->getUser()->canManageProject($role->getProject()) ? framework\Settings::ACCESS_FULL : framework\Settings::ACCESS_READ; } switch ($request['mode']) { case 'list_permissions': return $this->renderComponent('configuration/rolepermissionslist', array('role' => $role)); break; case 'edit': if (!$access_level == framework\Settings::ACCESS_FULL) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('You do not have access to edit these permissions'))); } if ($request->isPost()) { $role->setName($request['name']); $role->save(); $new_permissions = array(); foreach ($request['permissions'] ?: array() as $new_permission) { $permission_details = explode(',', $new_permission); $new_permissions[$permission_details[2]] = array('module' => $permission_details[0], 'target_id' => $permission_details[1]); } $existing_permissions = array(); foreach ($role->getPermissions() as $existing_permission) { if (!array_key_exists($existing_permission->getPermission(), $new_permissions)) { $role->removePermission($existing_permission); } else { $existing_permissions[$existing_permission->getPermission()] = $new_permissions[$existing_permission->getPermission()]; unset($new_permissions[$existing_permission->getPermission()]); } } foreach ($new_permissions as $permission_key => $details) { $p = new entities\RolePermission(); $p->setModule($details['module']); $p->setPermission($permission_key); if ($details['target_id']) { $p->setTargetID($details['target_id']); } $role->addPermission($p); } foreach ($existing_permissions as $permission_key => $details) { $p = new entities\RolePermission(); $p->setModule($details['module']); $p->setPermission($permission_key); if ($details['target_id']) { $p->setTargetID($details['target_id']); } tables\Permissions::getTable()->addRolePermission($role, $p); } framework\Context::clearPermissionsCache(); framework\Context::cacheAllPermissions(); return $this->renderJSON(array('message' => $this->getI18n()->__('Permissions updated'), 'permissions_count' => count($request['permissions']), 'role_name' => $role->getName())); } return $this->renderComponent('configuration/rolepermissionsedit', array('role' => $role)); case 'delete': if (!$access_level == framework\Settings::ACCESS_FULL || !$request->isPost()) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('This role cannot be removed'))); } $role->delete(); return $this->renderJSON(array('message' => $this->getI18n()->__('Role deleted'))); } }
public function getAccessList() { $permissions = tables\Permissions::getTable()->getByPermissionTargetIDAndModule('canviewissue', $this->getID()); return $permissions; }
/** * @param framework\Request $request * @param $issue */ protected function _unlockIssueAfter(framework\Request $request, $issue) { tables\Permissions::getTable()->deleteByPermissionTargetIDAndModule('canviewissue', $issue->getID()); $al_users = $request->getParameter('access_list_users', array()); $al_teams = $request->getParameter('access_list_teams', array()); $i_al = $issue->getAccessList(); foreach ($i_al as $k => $item) { if ($item['target'] instanceof entities\Team) { $tid = $item['target']->getID(); if (array_key_exists($tid, $al_teams)) { unset($i_al[$k]); } } elseif ($item['target'] instanceof entities\User) { $uid = $item['target']->getID(); if (array_key_exists($uid, $al_users)) { unset($i_al[$k]); } } } foreach ($al_users as $uid) { framework\Context::setPermission('canviewissue', $issue->getID(), 'core', $uid, 0, 0, true); } foreach ($al_teams as $tid) { framework\Context::setPermission('canviewissue', $issue->getID(), 'core', 0, 0, $tid, true); } }
/** * Unlock the issue * * @param \thebuggenie\core\framework\Request $request */ public function runUnlockIssue(framework\Request $request) { if ($issue_id = $request['issue_id']) { try { $issue = entities\Issue::getB2DBTable()->selectById($issue_id); if (!$issue->canEditIssueDetails()) { return $this->forward403(); } $issue->setLocked(false); $issue->save(); tables\Permissions::getTable()->deleteByPermissionTargetIDAndModule('canviewissue', $issue_id); } catch (\Exception $e) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('message' => framework\Context::getI18n()->__('This issue does not exist'))); } } else { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('message' => framework\Context::getI18n()->__('This issue does not exist'))); } return $this->renderJSON(array('message' => $this->getI18n()->__('Issue access policy updated'))); }
public function runAddTeam(framework\Request $request) { try { $mode = $request['mode']; if ($team_name = $request['team_name']) { if ($mode == 'clone') { try { $old_team = entities\Team::getB2DBTable()->selectById($request['team_id']); } catch (\Exception $e) { } if (!$old_team instanceof entities\Team) { throw new \Exception(framework\Context::getI18n()->__("You cannot clone this team")); } } if (entities\Team::doesTeamNameExist(trim($team_name))) { throw new \Exception(framework\Context::getI18n()->__("Please enter a team name that doesn't already exist")); } $team = new entities\Team(); $team->setName($team_name); $team->save(); if ($mode == 'clone') { if ($request['clone_permissions']) { tables\Permissions::getTable()->cloneTeamPermissions($old_team->getID(), $team->getID()); } if ($request['clone_memberships']) { tables\TeamMembers::getTable()->cloneTeamMemberships($old_team->getID(), $team->getID()); } $message = framework\Context::getI18n()->__('The team was cloned'); } else { $message = framework\Context::getI18n()->__('The team was added'); } return $this->renderJSON(array('message' => $message, 'content' => $this->getComponentHTML('configuration/teambox', array('team' => $team)), 'total_count' => entities\Team::countAll(), 'more_available' => framework\Context::getScope()->hasTeamsAvailable())); } else { throw new \Exception(framework\Context::getI18n()->__('Please enter a team name')); } } catch (\Exception $e) { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $e->getMessage())); } }