/** * Short description of method remove * * @access public * @author Jehan Bihin, <*****@*****.**> * @param string $roleUri * @param string $accessUri * @return mixed */ public function remove($roleUri, $accessUri) { $module = new core_kernel_classes_Resource($accessUri); $role = new core_kernel_classes_Class($roleUri); $accessProperty = new core_kernel_classes_Property(funcAcl_models_classes_AccessService::PROPERTY_ACL_GRANTACCESS); // Retrieve the module ID. $uri = explode('#', $module->getUri()); list($type, $extId, $modId) = explode('_', $uri[1]); // access via extension? $extAccess = funcAcl_helpers_Cache::getExtensionAccess($extId); if (in_array($roleUri, $extAccess)) { // remove access to extension $extUri = $this->makeEMAUri($extId); funcAcl_models_classes_ExtensionAccessService::singleton()->remove($roleUri, $extUri); // add access to all other controllers foreach (funcAcl_helpers_Model::getModules($extId) as $eModule) { if (!$module->equals($eModule)) { $this->add($roleUri, $eModule->getUri()); $this->getEventManager()->trigger(new AccessRightRemovedEvent($roleUri, $eModule->getUri())); //$role->setPropertyValue($accessProperty, $eModule->getUri()); } } //funcAcl_helpers_Cache::flushExtensionAccess($extId); } // Remove the access to the module for this role. $role->removePropertyValue($accessProperty, $module->getUri()); $this->getEventManager()->trigger(new AccessRightRemovedEvent($roleUri, $accessUri)); funcAcl_helpers_Cache::cacheModule($module); // Remove the access to the actions corresponding to the module for this role. foreach (funcAcl_helpers_Model::getActions($module) as $actionResource) { funcAcl_models_classes_ActionAccessService::singleton()->remove($role->getUri(), $actionResource->getUri()); } funcAcl_helpers_Cache::cacheModule($module); }
public static function run() { // We get all the management roles and the extension they belong to. $managementRoleClass = new core_kernel_classes_Class(CLASS_MANAGEMENTROLE); $foundManagementRoles = $managementRoleClass->getInstances(true); $managementRolesByExtension = array(); foreach (common_ext_ExtensionsManager::singleton()->getInstalledExtensions() as $extension) { $managementRole = $extension->getManagementRole(); if (empty($managementRole)) { // try to discover it. foreach ($foundManagementRoles as $mR) { $moduleURIs = $mR->getPropertyValues(new core_kernel_classes_Property(PROPERTY_ACL_GRANTACCESS)); foreach ($moduleURIs as $moduleURI) { $uri = explode('#', $moduleURI); list($type, $extId) = explode('_', $uri[1]); if ($extId == $extension->getId()) { $managementRole = $mR; break 2; } } } } if (!empty($managementRole)) { $managementRolesByExtension[$extension->getId()] = $managementRole; } } funcAcl_helpers_Cache::flush(); foreach (common_ext_ExtensionsManager::singleton()->getInstalledExtensions() as $extension) { if ($extension->getId() != 'generis') { // 2. Grant access to Management Role. if (!empty($managementRolesByExtension[$extension->getId()])) { $extAccessService = funcAcl_models_classes_ExtensionAccessService::singleton(); $extAccessService->add($managementRolesByExtension[$extension->getId()]->getUri(), $extAccessService->makeEMAUri($extension->getId())); } else { common_Logger::i('Management Role not found for extension ' . $extension->getId()); } } } }
public function revokeExtensionAccess(core_kernel_classes_Resource $role, $ext) { $accessUri = $this->makeEMAUri($ext); funcAcl_models_classes_ExtensionAccessService::singleton()->remove($role->getUri(), $accessUri); }
public function addExtensionAccess() { if (!tao_helpers_Request::isAjax()) { throw new Exception("wrong request mode"); } else { $role = $this->getRequestParameter('role'); $uri = $this->getRequestParameter('uri'); $extensionService = funcAcl_models_classes_ExtensionAccessService::singleton(); $extensionService->add($role, $uri); echo json_encode(array('uri' => $uri)); } }