echo $msg . PHP_EOL;
continue;
}
$serviceConfig = new KalturaServiceConfig($file, null, false, false);
$servicesTable = $serviceConfig->getAllServicesByCt();
// for each defined service.action
foreach ($servicesTable as $ctPath => $services) {
foreach ($services as $serviceActionName) {
// get permission item object for the current service/action
$serviceConfig->setServiceName($serviceActionName);
$serviceSplit = explode('.', $serviceActionName);
$serviceName = $serviceSplit[0];
$actionName = $serviceSplit[1];
$ticketTypes = explode(',', $serviceConfig->getTicketType());
$serviceId = $serviceName;
$pluginName = getPluginNameFromServicesCtPath($ctPath);
if ($pluginName) {
$serviceId = strtolower($pluginName) . '_' . $serviceId;
}
$serviceClass = KalturaServicesMap::getService($serviceId);
if (!$serviceClass) {
$tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
if ($tmpServiceIds && count($tmpServiceIds) == 1) {
$serviceId = reset($tmpServiceIds);
$serviceClass = KalturaServicesMap::getService($serviceId);
}
}
if (!$serviceClass) {
$msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId)
{
// get list of services defined in the services.ct files
$servicesTable = $serviceConfig->getAllServicesByCt();
// for each defined service.action
foreach ($servicesTable as $ctPath => $services) {
foreach ($services as $serviceActionName) {
$serviceConfig->setServiceName($serviceActionName);
$serviceSplit = explode('.', $serviceActionName);
$serviceName = $serviceSplit[0];
$actionName = $serviceSplit[1];
$ticketTypes = explode(',', $serviceConfig->getTicketType());
$serviceId = $serviceName;
$pluginName = getPluginNameFromServicesCtPath($ctPath);
if ($pluginName) {
$serviceId = strtolower($pluginName) . '_' . $serviceId;
}
$serviceClass = KalturaServicesMap::getService($serviceId);
if (!$serviceClass) {
$tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
if ($tmpServiceIds && count($tmpServiceIds) == 1) {
$serviceId = reset($tmpServiceIds);
$serviceClass = KalturaServicesMap::getService($serviceId);
}
}
if (!$serviceClass) {
$msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
// skip action if set with ticket type N (blocked)
if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
$msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
KalturaLog::notice($msg);
echo $msg . PHP_EOL;
continue;
}
// check if a permission item for the current action already exists
$c = new Criteria();
$c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL);
$c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL);
$c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permissionItem = PermissionItemPeer::doSelectOne($c);
if ($permissionItem) {
$msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
} else {
// create a new api action permission item and save it
$permissionItem = new kApiActionPermissionItem();
$permissionItem->setService($serviceId);
$permissionItem->setAction($actionName);
$permissionItem->setPartnerId($partnerId);
$permissionItem->save();
}
// get the defined permission names from the tags section of the services.ct file
$permissionNames = $serviceConfig->getTags();
$permissionNames = explode(',', $permissionNames);
$anyPermissionSet = false;
// was any permission set to include the current permission item or not
foreach ($permissionNames as $permissionName) {
if (!$permissionName) {
continue;
}
// add the permission item to all its defined permission objects
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
//$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
$msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
$permission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
// add permission item to the basic NO_KS and USER_KS permissions according to its ticket type
// (partner admin role already contains all other permissions)
if ($setBaseSystemPermissions) {
if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) {
$noKsPermission->addPermissionItem($permissionItem->getId(), true);
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
} else {
if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) {
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
}
}
if (!$anyPermissionSet) {
$msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
}
}
}
}
