public static function loadFixtures(TBGScope $scope)
{
$roles = array();
$roles['Developer'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'candoscrumplanning'), array('permission' => 'canvoteforissues'), array('permission' => 'canlockandeditlockedissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissue'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostseeandeditallcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'deletearticle', 'module' => 'publish', 'target_id' => '%project_key%'));
$roles['Project manager'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'candoscrumplanning'), array('permission' => 'canvoteforissues'), array('permission' => 'canlockandeditlockedissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissue'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostseeandeditallcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'deletearticle', 'module' => 'publish', 'target_id' => '%project_key%'));
$roles['Tester'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'canvoteforissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostandeditcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'));
$roles['Documentation editor'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'canvoteforissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostandeditcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'));
foreach ($roles as $name => $permissions) {
$role = new TBGRole();
$role->setName($name);
$role->setScope($scope);
$role->save();
foreach ($permissions as $k => $permission) {
$p = new TBGRolePermission();
$p->setPermission($permission['permission']);
if (array_key_exists('target_id', $permission)) {
$p->setTargetID($permission['target_id']);
}
if (array_key_exists('module', $permission)) {
$p->setModule($permission['module']);
}
$role->addPermission($p);
}
}
}
public function runConfigureRole(TBGRequest $request)
{
try {
$role = new TBGRole($request['role_id']);
} catch (Exception $e) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('This is not a valid role')));
}
if ($role->isSystemRole()) {
$access_level = $this->getAccessLevel($request['section'], 'core');
} else {
$access_level = $this->getUser()->canManageProject($role->getProject()) ? TBGSettings::ACCESS_FULL : TBGSettings::ACCESS_READ;
}
switch ($request['mode']) {
case 'list_permissions':
return $this->renderTemplate('configuration/rolepermissionslist', array('role' => $role));
break;
case 'edit':
if (!$access_level == TBGSettings::ACCESS_FULL) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('You do not have access to edit these permissions')));
}
if ($request->isPost()) {
$role->setName($request['name']);
$role->save();
$new_permissions = array();
foreach ($request['permissions'] as $new_permission) {
$permission_details = explode(',', $new_permission);
$new_permissions[$permission_details[2]] = array('module' => $permission_details[0], 'target_id' => $permission_details[1]);
}
foreach ($role->getPermissions() as $existing_permission) {
if (!array_key_exists($existing_permission->getPermission(), $new_permissions)) {
$role->removePermission($existing_permission);
}
}
foreach ($new_permissions as $permission_key => $details) {
$p = new TBGRolePermission();
$p->setModule($details['module']);
$p->setPermission($permission_key);
if ($details['target_id']) {
$p->setTargetID($details['target_id']);
}
$role->addPermission($p);
}
return $this->renderJSON(array('message' => $this->getI18n()->__('Permissions updated'), 'permissions_count' => count($request['permissions']), 'role_name' => $role->getName()));
}
return $this->renderTemplate('configuration/rolepermissionsedit', array('role' => $role));
case 'delete':
if (!$access_level == TBGSettings::ACCESS_FULL || !$request->isPost()) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $this->getI18n()->__('This role cannot be removed')));
}
$role->delete();
return $this->renderJSON(array('message' => $this->getI18n()->__('Role deleted')));
}
}
