예제 #1
0
function addPermission($permissionCfg)
{
    // verify obligatory fields
    if (!$permissionCfg->name) {
        throw new Exception('Permission name must be set');
    }
    if (is_null($permissionCfg->partnerId) || $permissionCfg->partnerId === '') {
        throw new Exception('Permission partner id must be set');
    }
    // init new db permission object
    $permission = new Permission();
    foreach ($permissionCfg as $key => $value) {
        $setterCallback = array($permission, "set{$key}");
        call_user_func_array($setterCallback, array($value));
    }
    if (!$permission->getFriendlyName()) {
        $permission->setFriendlyName($permission->getName());
    }
    if (!$permission->getStatus()) {
        $permission->setStatus(PermissionStatus::ACTIVE);
    }
    // add to database
    KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']');
    try {
        PermissionPeer::addToPartner($permission, $permission->getPartnerId());
    } catch (kPermissionException $e) {
        if ($e->getCode() === kPermissionException::PERMISSION_ALREADY_EXISTS) {
            KalturaLog::log('Permission name [' . $permission->getName() . '] already exists for partner id [' . $permission->getPartnerId() . ']');
        } else {
            throw $e;
        }
    }
}
예제 #2
0
 public static function enableForPartner($permissionName, $permissionType, $partnerId, $friendlyName = null, $description = null)
 {
     $permission = new Permission();
     $permission->setName($permissionName);
     $permission->setFriendlyName($friendlyName ? $friendlyName : $permissionName);
     $permission->setDescription($description);
     $permission->setType($permissionType);
     $permission->setStatus(PermissionStatus::ACTIVE);
     try {
         // try to add permission
         self::addToPartner($permission, $partnerId);
         return true;
     } catch (kPermissionException $e) {
         $code = $e->getCode();
         if ($code == kPermissionException::PERMISSION_ALREADY_EXISTS) {
             // permission already exists - set status to active
             $permission = self::getByNameAndPartner($permissionName, array($partnerId));
             if (!$permission) {
                 throw new kCoreException("Permission [{$permissionName}] not found for partner [{$partnerId}]", kCoreException::INTERNAL_SERVER_ERROR);
             }
             $permission->setStatus(PermissionStatus::ACTIVE);
             $permission->save();
             return true;
         }
         throw $e;
     }
     throw new kCoreException('Unknown error occured', kCoreException::INTERNAL_SERVER_ERROR);
 }
    $dryRun = false;
}
//------------------------------------------------------
require_once dirname(__FILE__) . '/../../../bootstrap.php';
//------------------------------------------------------
$permissionsData = array(array(-1, PermissionType::NORMAL, PermissionName::BATCH_BASE, 'Batch system permission', null), array(0, PermissionType::NORMAL, PermissionName::USER_SESSION_PERMISSION, 'User session permission', null), array(0, PermissionType::NORMAL, PermissionName::ALWAYS_ALLOWED_ACTIONS, 'No session permission', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_UPLOAD, 'Upload', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_BULK_UPLOAD, 'Bulk upload', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_FEED, 'Feed subscription', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_MIX, 'Manage remix', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_BASE, 'Basic content management', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_METADATA, 'Modify metadata', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES, 'Assign categories', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_THUMBNAIL, 'Modify thumbnails', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_SCHEDULE, 'Modify scheduling', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ACCESS_CONTROL, 'Modify content access control', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_CUSTOM_DATA, 'Modify custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DELETE, 'Delete content', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_RECONVERT, 'Reconvert flavors', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_EDIT_CATEGORIES, 'Manage categories', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_EMBED_CODE, 'Grab embed code', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_BASE, 'Distribution base', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_WHERE, 'Where to distribute', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_SEND, 'Distribution submit', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_REMOVE, 'Distribution remove', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_PROFILE_MODIFY, 'Distribution profile manage', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_VIRUS_SCAN, 'Virus scan actions', PermissionPeer::getPermissionNameFromPluginName(VirusScanPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DOWNLOAD, 'Content download', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ANNOTATION, 'Annotate', PermissionPeer::getPermissionNameFromPluginName(AnnotationPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_SHARE, 'Share content', null), array(0, PermissionType::NORMAL, PermissionName::LIVE_STREAM_ADD, 'Add live streams', PermissionName::FEATURE_LIVE_STREAM), array(0, PermissionType::NORMAL, PermissionName::LIVE_STREAM_UPDATE, 'Modify live streams', PermissionName::FEATURE_LIVE_STREAM), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_BASE, 'Basic moderation', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_METADATA, 'Moderate metadata', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_CUSTOM_DATA, 'Moderate custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_APPROVE_REJECT, 'Approve/Reject content', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_BASE, 'Playlist access', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_ADD, 'Add playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_UPDATE, 'Modify playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_DELETE, 'Delete playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_EMBED_CODE, 'Grab playlist embed code', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_BASE, 'Syndication feeds access', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_ADD, 'Create syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_UPDATE, 'Modify syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_DELETE, 'Delete syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_BASE, 'Appstudio access', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_ADD_UICONF, 'Create players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_UPDATE_UICONF, 'Modify players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_DELETE_UICONF, 'Delete players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_BRAND_UICONF, 'Set player branding', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_SELECT_CONTENT, 'Select player content', null), array(0, PermissionType::NORMAL, PermissionName::ADVERTISING_BASE, 'Advertising access', null), array(0, PermissionType::NORMAL, PermissionName::ADVERTISING_UPDATE_SETTINGS, 'Modify advertising settings', null), array(0, PermissionType::NORMAL, PermissionName::ACCOUNT_BASE, 'Account settings access', null), array(0, PermissionType::NORMAL, PermissionName::ACCOUNT_UPDATE_SETTINGS, 'Modify account settings', null), array(0, PermissionType::NORMAL, PermissionName::INTEGRATION_BASE, 'Integration settings access', null), array(0, PermissionType::NORMAL, PermissionName::INTEGRATION_UPDATE_SETTINGS, 'Modify integration settings', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_BASE, 'Access control profiles access', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_ADD, 'Create access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_UPDATE, 'Modify access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_DELETE, 'Delete access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_BASE, 'Transcoding profiles access', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_ADD, 'Create transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_UPDATE, 'Modify transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_DELETE, 'Delete transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_BASE, 'Custom data access', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_ADD, 'Create custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_UPDATE, 'Modify custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_DELETE, 'Delete custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::ADMIN_BASE, 'Administration settings access', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_ADD, 'Add users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_UPDATE, 'Modify users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_DELETE, 'Delete users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_ADD, 'Add roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_UPDATE, 'Modify roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_DELETE, 'Delete roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_PUBLISHER_MANAGE, 'Manage publishers', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_WHITE_BRANDING, 'Manage whitebranding', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_BASE, 'Analytics access', PermissionName::FEATURE_ANALYTICS_TAB), array(0, PermissionType::NORMAL, PermissionName::WIDGET_ADMIN, 'Widget admin', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_SEND_DATA, 'Send analytics data', null), array(0, PermissionType::NORMAL, PermissionName::WIDGET_ADMIN, 'Widget admin', null), array(0, PermissionType::NORMAL, PermissionName::SEARCH_SERVICE, 'Search service', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_SEND_DATA, 'Send analytics data', null), array(0, PermissionType::NORMAL, PermissionName::AUDIT_TRAIL_BASE, 'Audit trail base', PermissionPeer::getPermissionNameFromPluginName(AuditPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::AUDIT_TRAIL_ADD, 'Audit trail add', PermissionPeer::getPermissionNameFromPluginName(AuditPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::KMC_ACCESS, 'KMC access', null), array(0, PermissionType::NORMAL, PermissionName::KMC_READ_ONLY, 'KMC access', PermissionName::KMC_ACCESS), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_ADD, 'Add custom data field', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_UPDATE, 'Update custom data field', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_DELETE, 'Delete custom data field', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_KMC_ACCESS, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_CONFIG, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_BLOCK, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_REMOVE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_ADD, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_USAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_USER_MANAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_SYSTEM_MONITOR, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_DEVELOPERS_TAB, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_INPROGRESS, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_FAILED, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_SETUP, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_STORAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_VIRUS_SCAN, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_EMAIL_INGESTION, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_CONTENT_DISTRIBUTION_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_CONTENT_DISTRIBUTION_MODIFY, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PERMISSIONS_MANAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_INTERNAL, 'System internal actions', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_ENTRY_INVESTIGATION, 'Entry investigation', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_FILESYNC, 'Filesync actions', null), array(99, PermissionType::SPECIAL_FEATURE, PermissionName::FEATURE_PS2_PERMISSIONS_VALIDATION, 'PS2 permissions validation', null));
//------------------------------------------------------
$allPermissions = array();
foreach ($permissionsData as $data) {
    $permission = new Permission();
    $permission->setPartnerId($data[0]);
    $permission->setType($data[1]);
    $permission->setName($data[2]);
    $permission->setFriendlyName($data[3]);
    $permission->setDependsOnPermissionNames($data[4]);
    $permission->setStatus(PermissionStatus::ACTIVE);
    $allPermissions[] = $permission;
}
//------------------------------------------------------
foreach ($allPermissions as $permission) {
    if ($dryRun) {
        KalturaLog::log('DRY RUN - Adding new permission [' . $permission->getName() . '] to partner [' . $permission->getPartnerId() . ']');
    } else {
        KalturaLog::log('Adding new permission [' . $permission->getName() . '] to partner [' . $permission->getPartnerId() . ']');
        $permission->save();
    }
}
$msg = 'Done - ' . ($dryRun ? 'DRY RUN!' : 'REAL RUN!');
KalturaLog::log($msg);
echo $msg;
//------------------------------------------------------
예제 #4
0
function addPermissionToPartner($permissionCfg, $partnerId = null)
{
    // init new db permission object
    if (is_null($partnerId)) {
        $partnerId = $permissionCfg->partnerId;
    }
    PermissionPeer::setUseCriteriaFilter(false);
    $permission = PermissionPeer::getByNameAndPartner($permissionCfg->name, $partnerId);
    PermissionPeer::setUseCriteriaFilter(true);
    if (!$permission) {
        $permission = new Permission();
    }
    foreach ($permissionCfg as $key => $value) {
        if ($key == 'partnerPackages') {
            continue;
        }
        $setterCallback = array($permission, "set{$key}");
        call_user_func_array($setterCallback, array($value));
    }
    if (!$permission->getFriendlyName()) {
        $permission->setFriendlyName($permission->getName());
    }
    if ($partnerId != null) {
        $permission->setPartnerId($partnerId);
    }
    $permission->setStatus(PermissionStatus::ACTIVE);
    // add to database
    KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']');
    try {
        if ($permission->getId()) {
            $permission->save();
        } else {
            PermissionPeer::addToPartner($permission, $permission->getPartnerId());
        }
    } catch (kPermissionException $e) {
        if ($e->getCode() === kPermissionException::PERMISSION_ALREADY_EXISTS) {
            KalturaLog::log('Permission name [' . $permission->getName() . '] already exists for partner id [' . $permission->getPartnerId() . ']');
        } else {
            throw $e;
        }
    }
}
예제 #5
0
 /**
  * Copy current permission to the given partner.
  * @param int $partnerId
  */
 public function copyToPartner($partnerId)
 {
     $permission = new Permission();
     $permission->setName($this->getName());
     $permission->setFriendlyName($this->getFriendlyName());
     $permission->setDescription($this->getDescription());
     $permission->setStatus($this->getStatus());
     $permission->setTags($this->getTags());
     $permission->setType($this->getType());
     $permission->setCustomData($this->getCustomData());
     $permission->setPartnerId($partnerId);
     // set new partner id
     return $permission;
 }
예제 #6
0
 /**
  *
  * add ps2 permission for given partner
  * @param Partner $partner
  */
 public static function sePermissionForPartner(Partner $partner, $permission)
 {
     $ps2Permission = new Permission();
     $ps2Permission->setName($permission);
     $ps2Permission->setPartnerId($partner->getId());
     $ps2Permission->setStatus(PermissionStatus::ACTIVE);
     $ps2Permission->setType(PermissionType::SPECIAL_FEATURE);
     $ps2Permission->save();
 }
/**
 * Create a special partner group permission for given partner id, or get an existing one
 * @param int $partnerId
 * @param string $partnerGroup
 */
function getOrCreatePartnerGroupPermission($partnerId, $partnerGroup)
{
    $permissionName = 'PARTNER_' . $partnerId . '_GROUP_' . $partnerGroup . '_PERMISSION';
    PermissionPeer::clearInstancePool();
    $c = new Criteria();
    $c->addAnd(PermissionPeer::PARTNER_ID, $partnerId, Criteria::EQUAL);
    $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
    $c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL);
    $permission = PermissionPeer::doSelectOne($c);
    if (!$permission) {
        // create permission if not yet created
        $permission = new Permission();
        $permission->setPartnerId($partnerId);
        $permission->setName($permissionName);
        $permission->setFriendlyName('Partner ' . $partnerId . ' permission for group ' . $partnerGroup);
        $permission->setDescription('Partner ' . $partnerId . ' permission for group ' . $partnerGroup);
        $permission->setType(PermissionType::PARTNER_GROUP);
        $permission->setPartnerGroup($partnerGroup);
        $permission->setStatus(PermissionStatus::ACTIVE);
        $permission->save();
    } else {
        if ($permission->getPartnerGroup() != $partnerGroup) {
            $msg = '***** ERROR - Permission id [' . $permission->getId() . '] partner group [' . $permission->getPartnerGroup() . '] is different from the required partner group [' . $partnerGroup . ']';
            KalturaLog::alert($msg);
            echo $msg . PHP_EOL;
        }
    }
    return $permission;
}
 private function configurePartnerByPackage($partner)
 {
     if (!$partner) {
         return;
     }
     if ($partner->getPartnerPackage() == 100) {
         $permissionNames = array(PermissionName::FEATURE_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM_TRANSCODE);
         foreach ($permissionNames as $permissionName) {
             $permission = PermissionPeer::getByNameAndPartner($permissionName, $partner->getId());
             if (!$permission) {
                 $permission = new Permission();
                 $permission->setType(PermissionType::SPECIAL_FEATURE);
                 $permission->setPartnerId($partner->getId());
                 $permission->setName($permissionName);
             }
             $permission->setStatus(PermissionStatus::ACTIVE);
             $permission->save();
         }
     }
 }