private static function initRoleIds()
{
$roleIds = null;
if (!self::$operatingPartner || !self::$ksString) {
// no partner or session -> no role
$roleIds = null;
} else {
// if user is defined -> get his role IDs
if (self::$kuser) {
$roleIds = self::$kuser->getRoleIds();
}
// if user has no defined roles or no user is defined -> get default role IDs according to session type (admin/not)
if (!$roleIds) {
if (self::$adminSession) {
// there is only one partner admin role defined in the system
$roleIds = self::$operatingPartner->getAdminSessionRoleId();
} else {
// a partner may have special defined user session roles - get them from partner object
$roleIds = self::$operatingPartner->getUserSessionRoleId();
}
}
if ($roleIds) {
$roleIds = explode(',', trim($roleIds, ','));
}
}
self::$roleIds = $roleIds;
}
private static function initRoleIds()
{
$roleIds = null;
if (!self::$operatingPartner || !self::$ksString) {
// no partner or session -> no role
$roleIds = null;
} else {
$ks = ks::fromSecureString(self::$ksString);
$ksSetRoleId = $ks->getSetRole();
if ($ksSetRoleId) {
//check if role exists
$c = new Criteria();
$c->addAnd(is_numeric($ksSetRoleId) ? UserRolePeer::ID : UserRolePeer::SYSTEM_NAME, $ksSetRoleId, Criteria::EQUAL);
$c->addAnd(UserRolePeer::PARTNER_ID, array(self::$ksPartnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
$roleId = UserRolePeer::doSelectOne($c);
if ($roleId) {
$roleIds = $roleId->getId();
} else {
KalturaLog::debug("Role id [{$ksSetRoleId}] does not exists");
throw new KalturaAPIException(APIErrors::UNKNOWN_ROLE_ID, $ksSetRoleId);
}
}
// if user is defined -> get his role IDs
if (!$roleIds && self::$kuser) {
$roleIds = self::$kuser->getRoleIds();
}
// if user has no defined roles or no user is defined -> get default role IDs according to session type (admin/not)
if (!$roleIds) {
if ($ks->isWidgetSession()) {
//there is only one partner widget role defined in the system
$roleIds = self::$operatingPartner->getWidgetSessionRoleId();
} elseif (self::$adminSession) {
// there is only one partner admin role defined in the system
$roleIds = self::$operatingPartner->getAdminSessionRoleId();
} else {
// a partner may have special defined user session roles - get them from partner object
$roleIds = self::$operatingPartner->getUserSessionRoleId();
}
}
if ($roleIds) {
$roleIds = explode(',', trim($roleIds, ','));
}
}
self::$roleIds = $roleIds;
}
/**
* Adds a new kuser and user_login_data records as needed
* @param kuser $user
* @param string $password
* @param bool $checkPasswordStructure
* @throws kUserException::USER_NOT_FOUND
* @throws kUserException::USER_ALREADY_EXISTS
* @throws kUserException::INVALID_EMAIL
* @throws kUserException::INVALID_PARTNER
* @throws kUserException::ADMIN_LOGIN_USERS_QUOTA_EXCEEDED
* @throws kUserException::LOGIN_ID_ALREADY_USED
* @throws kUserException::PASSWORD_STRUCTURE_INVALID
* @throws kPermissionException::ROLE_ID_MISSING
* @throws kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED
*/
public static function addUser(kuser $user, $password = null, $checkPasswordStructure = true, $sendEmail = null)
{
if (!$user->getPuserId()) {
throw new kUserException('', kUserException::USER_ID_MISSING);
}
// check if user with the same partner and puserId already exists
$existingUser = kuserPeer::getKuserByPartnerAndUid($user->getPartnerId(), $user->getPuserId());
if ($existingUser) {
throw new kUserException('', kUserException::USER_ALREADY_EXISTS);
}
// check if roles are valid - may throw exceptions
if (!$user->getRoleIds() && $user->getIsAdmin()) {
// assign default role according to user type admin / normal
$userRoleId = $user->getPartner()->getAdminSessionRoleId();
$user->setRoleIds($userRoleId);
}
UserRolePeer::testValidRolesForUser($user->getRoleIds(), $user->getPartnerId());
if ($user->getScreenName() === null) {
$user->setScreenName($user->getPuserId());
}
if ($user->getFullName() === null) {
$user->setFirstName($user->getPuserId());
}
if (is_null($user->getStatus())) {
$user->setStatus(KuserStatus::ACTIVE);
}
// if password is set, user should be able to login to the system - add a user_login_data record
if ($password || $user->getIsAdmin()) {
// throws an action on error
$user->enableLogin($user->getEmail(), $password, $checkPasswordStructure, $sendEmail);
}
$user->save();
return $user;
}
public static function getRoleIds(Partner $operatingPartner = null, kuser $kuser = null)
{
$roleIds = null;
$ksString = kCurrentContext::$ks;
$isAdminSession = !self::isEmpty(kCurrentContext::$is_admin_session) ? kCurrentContext::$is_admin_session : false;
if (!$ksString || !$operatingPartner && kCurrentContext::$ks_partner_id != Partner::BATCH_PARTNER_ID) {
$roleId = UserRolePeer::getIdByStrId(UserRoleId::NO_SESSION_ROLE);
if ($roleId) {
return array($roleId);
}
return null;
}
$ks = ks::fromSecureString($ksString);
$ksSetRoleId = $ks->getSetRole();
if ($ksSetRoleId) {
if ($ksSetRoleId == 'null') {
return null;
}
$ksPartnerId = !self::isEmpty(kCurrentContext::$ks_partner_id) ? kCurrentContext::$ks_partner_id : null;
//check if role exists
$c = new Criteria();
$c->addAnd(is_numeric($ksSetRoleId) ? UserRolePeer::ID : UserRolePeer::SYSTEM_NAME, $ksSetRoleId, Criteria::EQUAL);
$partnerIds = array_map('strval', array($ksPartnerId, PartnerPeer::GLOBAL_PARTNER));
$c->addAnd(UserRolePeer::PARTNER_ID, $partnerIds, Criteria::IN);
$roleId = UserRolePeer::doSelectOne($c);
if ($roleId) {
$roleIds = $roleId->getId();
} else {
KalturaLog::debug("Role id [{$ksSetRoleId}] does not exists");
throw new kCoreException("Unknown role Id [{$ksSetRoleId}]", kCoreException::ID_NOT_FOUND);
}
}
// if user is defined -> get his role IDs
if (!$roleIds && $kuser) {
$roleIds = $kuser->getRoleIds();
}
// if user has no defined roles or no user is defined -> get default role IDs according to session type (admin/not)
if (!$roleIds) {
if (!$operatingPartner) {
// use system default roles
if ($ks->isWidgetSession()) {
$strId = UserRoleId::WIDGET_SESSION_ROLE;
} elseif ($isAdminSession) {
$strId = UserRoleId::PARTNER_ADMIN_ROLE;
} else {
$strId = UserRoleId::BASE_USER_SESSION_ROLE;
}
$roleIds = UserRolePeer::getIdByStrId($strId);
} else {
if ($ks->isWidgetSession()) {
//there is only one partner widget role defined in the system
$roleIds = $operatingPartner->getWidgetSessionRoleId();
} elseif ($isAdminSession) {
// there is only one partner admin role defined in the system
$roleIds = $operatingPartner->getAdminSessionRoleId();
} else {
// a partner may have special defined user session roles - get them from partner object
$roleIds = $operatingPartner->getUserSessionRoleId();
}
}
}
if ($roleIds) {
$roleIds = explode(',', trim($roleIds, ','));
}
return $roleIds;
}
