public function getListResponse(KalturaFilterPager $pager, KalturaDetachedResponseProfile $responseProfile = null)
 {
     $permissionItemFilter = $this->toObject();
     $c = new Criteria();
     $permissionItemFilter->attachToCriteria($c);
     $count = PermissionItemPeer::doCount($c);
     $pager->attachToCriteria($c);
     $list = PermissionItemPeer::doSelect($c);
     $response = new KalturaPermissionItemListResponse();
     $response->objects = KalturaPermissionItemArray::fromDbArray($list, $responseProfile);
     $response->totalCount = $count;
     return $response;
 }
 /**
  * Cleans up the environment after running a test.
  */
 protected function tearDown()
 {
     UserRolePeer::clearInstancePool();
     PermissionPeer::clearInstancePool();
     PermissionItemPeer::clearInstancePool();
     kuserPeer::clearInstancePool();
     PartnerPeer::clearInstancePool();
     $this->client = null;
     PermissionItemPeer::setUseCriteriaFilter(false);
     foreach ($this->addedPermissionItemIds as $id) {
         try {
             $obj = PermissionItemPeer::retrieveByPK($id);
             if ($obj) {
                 $obj->delete();
             }
         } catch (PropelException $e) {
         }
     }
     PermissionItemPeer::setUseCriteriaFilter(true);
     $this->addedPermissionItemIds = array();
     parent::tearDown();
 }
 /**
  * Retrieve multiple objects by pkey.
  *
  * @param      array $pks List of primary keys
  * @param      PropelPDO $con the connection to use
  * @throws     PropelException Any exceptions caught during processing will be
  *		 rethrown wrapped into a PropelException.
  */
 public static function retrieveByPKs($pks, PropelPDO $con = null)
 {
     $objs = null;
     if (empty($pks)) {
         $objs = array();
     } else {
         $criteria = new Criteria(PermissionItemPeer::DATABASE_NAME);
         $criteria->add(PermissionItemPeer::ID, $pks, Criteria::IN);
         $objs = PermissionItemPeer::doSelect($criteria, $con);
     }
     return $objs;
 }
Exemplo n.º 4
0
        $permissions[] = $permissionName;
    }
    $permissions = implode(', ', $permissions);
    fputs($file, "permissionItem{$currentIndex}.permissions = {$permissions}\n");
    fputs($file, "\n");
}
if ($file) {
    fclose($file);
}
kMemoryManager::clearMemory();
$criteria = new Criteria();
$criteria->add(PermissionItemPeer::PARTNER_ID, array(0, -1, -2, -3), Criteria::IN);
$criteria->add(PermissionItemPeer::TYPE, PermissionItemType::API_PARAMETER_ITEM);
$criteria->addAscendingOrderByColumn(PermissionItemPeer::PARAM_1);
$criteria->addAscendingOrderByColumn(PermissionItemPeer::PARAM_2);
$permissionItems = PermissionItemPeer::doSelect($criteria);
KalturaLog::debug("Found [" . count($permissionItems) . "] parameter permission items");
$file = null;
$currentIndex = null;
$currentObject = null;
foreach ($permissionItems as $parameterPermissionItem) {
    /* @var $parameterPermissionItem kApiParameterPermissionItem */
    $object = $parameterPermissionItem->getObject();
    $parameter = $parameterPermissionItem->getParameter();
    $action = $parameterPermissionItem->getAction();
    $partnerId = $parameterPermissionItem->getPartnerId();
    $param4 = $parameterPermissionItem->getParam4();
    $param5 = $parameterPermissionItem->getParam5();
    $tags = $parameterPermissionItem->getTags();
    if ($object != $currentObject) {
        if ($file) {
Exemplo n.º 5
0
 /**
  * @return array Array of permission item objects associated with the current permission
  */
 public function getPermissionItems()
 {
     $ids = $this->getPermissionItemIds();
     $c = new Criteria();
     $c->add(PermissionItemPeer::ID, $ids, Criteria::IN);
     $items = PermissionItemPeer::doSelect($c);
     return $items;
 }
<?php

/**
 * @package deployment
 * @subpackage dragonfly.roles_and_permissions
 * 
 * Adds basic API object parameters that require permissions, to their associated permissions.
 * 
 * Delete from permission_to_permission_item where type = 'kApiParameterPermissionItem' to re-deploy
 */
//-- Bootstraping
error_reporting(E_ALL);
require_once dirname(__FILE__) . '/../../../bootstrap.php';
require_once ROOT_DIR . '/api_v3/bootstrap.php';
PermissionPeer::clearInstancePool();
PermissionItemPeer::clearInstancePool();
//-- Script start
// define all items
$permissionItems = array(array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'name', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'tags', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'description', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaPartner', 'parameter' => 'secret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE), array('object' => 'KalturaPartner', 'parameter' => 'adminSecret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE));
// add all to required permissions
foreach ($permissionItems as $cur) {
    $item = new kApiParameterPermissionItem();
    $item->setObject($cur['object']);
    $item->setParameter($cur['parameter']);
    $item->setAction($cur['action']);
    $item->setPartnerId(PartnerPeer::GLOBAL_PARTNER);
    $item->save();
    $permissions = $cur['permission'];
    $permissions = explode(',', $permissions);
    foreach ($permissions as $permissionName) {
        if (!$permissionName) {
 /**
  * Get the associated PermissionItem object
  *
  * @param      PropelPDO Optional Connection object.
  * @return     PermissionItem The associated PermissionItem object.
  * @throws     PropelException
  */
 public function getPermissionItem(PropelPDO $con = null)
 {
     if ($this->aPermissionItem === null && $this->permission_item_id !== null) {
         $this->aPermissionItem = PermissionItemPeer::retrieveByPk($this->permission_item_id);
         /* The following can be used additionally to
         		   guarantee the related object contains a reference
         		   to this object.  This level of coupling may, however, be
         		   undesirable since it could result in an only partially populated collection
         		   in the referenced object.
         		   $this->aPermissionItem->addPermissionToPermissionItems($this);
         		 */
     }
     return $this->aPermissionItem;
 }
     echo $msg . PHP_EOL;
     continue;
 }
 // skip action if set with ticket type N (blocked)
 if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
     $msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
     KalturaLog::notice($msg);
     echo $msg . PHP_EOL;
     continue;
 }
 foreach ($partners as $partner) {
     $c = new Criteria();
     $c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL);
     $c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL);
     $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partner->getId()), Criteria::IN);
     $permissionItem = PermissionItemPeer::doSelectOne($c);
     if (!$permissionItem) {
         $msg = '***** ERROR - Permission item for service [' . $serviceId . '] action [' . $actionName . '] not found in DB!';
         KalturaLog::alert($msg);
         echo $msg . PHP_EOL;
         continue;
     }
     // check if a special ticket type was set for the action which is different from the basic system ticket types
     if (in_array(USER_KS_TICKET_TYPE, $ticketTypes) && !in_array($permissionItem->getId(), $userSessionPermissionItemIds)) {
         // ticket type 1 set - add a special user KS permission to all relevant partners and add current permission item to it
         $userKsRole = getOrCreateUserSessionRole($partner->getId());
         $userKsPermission = getOrCreateSessionPermission($partner->getId(), 'user');
         $userKsPermission->addPermissionItem($permissionItem->getId(), true);
         $userKsRole->setPermissionNames(PermissionName::USER_SESSION_PERMISSION . ',' . $userKsPermission->getName());
         $partner->setUserSessionRoleId($userKsRole->getId());
         $partner->save();
 public function getFieldNameFromPeer($field_name)
 {
     $res = PermissionItemPeer::translateFieldName($field_name, $this->field_name_translation_type, BasePeer::TYPE_COLNAME);
     return $res;
 }
Exemplo n.º 10
0
 /**
  * Builds a Criteria object containing the primary key for this object.
  *
  * Unlike buildCriteria() this method includes the primary key values regardless
  * of whether or not they have been modified.
  *
  * @return     Criteria The Criteria object containing value(s) for primary key(s).
  */
 public function buildPkeyCriteria()
 {
     $criteria = new Criteria(PermissionItemPeer::DATABASE_NAME);
     $criteria->add(PermissionItemPeer::ID, $this->id);
     if ($this->alreadyInSave && count($this->modifiedColumns) == 2 && $this->isColumnModified(PermissionItemPeer::UPDATED_AT)) {
         $theModifiedColumn = null;
         foreach ($this->modifiedColumns as $modifiedColumn) {
             if ($modifiedColumn != PermissionItemPeer::UPDATED_AT) {
                 $theModifiedColumn = $modifiedColumn;
             }
         }
         $atomicColumns = PermissionItemPeer::getAtomicColumns();
         if (in_array($theModifiedColumn, $atomicColumns)) {
             $criteria->add($theModifiedColumn, $this->getByName($theModifiedColumn, BasePeer::TYPE_COLNAME), Criteria::NOT_EQUAL);
         }
     }
     return $criteria;
 }
 public static function clearMemory()
 {
     accessControlPeer::clearInstancePool();
     kuserPeer::clearInstancePool();
     kshowPeer::clearInstancePool();
     entryPeer::clearInstancePool();
     //	    kvotePeer::clearInstancePool();
     //	    commentPeer::clearInstancePool();
     //	    flagPeer::clearInstancePool();
     //	    favoritePeer::clearInstancePool();
     //	    KshowKuserPeer::clearInstancePool();
     //	    MailJobPeer::clearInstancePool();
     SchedulerPeer::clearInstancePool();
     SchedulerWorkerPeer::clearInstancePool();
     SchedulerStatusPeer::clearInstancePool();
     SchedulerConfigPeer::clearInstancePool();
     ControlPanelCommandPeer::clearInstancePool();
     BatchJobPeer::clearInstancePool();
     //	    PriorityGroupPeer::clearInstancePool();
     BulkUploadResultPeer::clearInstancePool();
     //	    blockedEmailPeer::clearInstancePool();
     //	    conversionPeer::clearInstancePool();
     //	    flickrTokenPeer::clearInstancePool();
     PuserKuserPeer::clearInstancePool();
     //	    PuserRolePeer::clearInstancePool();
     PartnerPeer::clearInstancePool();
     //	    WidgetLogPeer::clearInstancePool();
     //	    adminKuserPeer::clearInstancePool();
     //	    notificationPeer::clearInstancePool();
     moderationPeer::clearInstancePool();
     moderationFlagPeer::clearInstancePool();
     roughcutEntryPeer::clearInstancePool();
     //	    widgetPeer::clearInstancePool();
     uiConfPeer::clearInstancePool();
     //	    PartnerStatsPeer::clearInstancePool();
     //	    PartnerActivityPeer::clearInstancePool();
     ConversionProfilePeer::clearInstancePool();
     //	    ConversionParamsPeer::clearInstancePool();
     //	    KceInstallationErrorPeer::clearInstancePool();
     FileSyncPeer::clearInstancePool();
     accessControlPeer::clearInstancePool();
     mediaInfoPeer::clearInstancePool();
     assetParamsPeer::clearInstancePool();
     assetParamsOutputPeer::clearInstancePool();
     assetPeer::clearInstancePool();
     conversionProfile2Peer::clearInstancePool();
     flavorParamsConversionProfilePeer::clearInstancePool();
     categoryPeer::clearInstancePool();
     syndicationFeedPeer::clearInstancePool();
     TrackEntryPeer::clearInstancePool();
     //	    SystemUserPeer::clearInstancePool();
     StorageProfilePeer::clearInstancePool();
     //	    EmailIngestionProfilePeer::clearInstancePool();
     UploadTokenPeer::clearInstancePool();
     //	    invalidSessionPeer::clearInstancePool();
     DynamicEnumPeer::clearInstancePool();
     UserLoginDataPeer::clearInstancePool();
     PermissionPeer::clearInstancePool();
     UserRolePeer::clearInstancePool();
     PermissionItemPeer::clearInstancePool();
     PermissionToPermissionItemPeer::clearInstancePool();
     KuserToUserRolePeer::clearInstancePool();
     $pluginInstances = KalturaPluginManager::getPluginInstances('IKalturaMemoryCleaner');
     foreach ($pluginInstances as $pluginInstance) {
         $pluginInstance->cleanMemory();
     }
     if (function_exists('gc_collect_cycles')) {
         // php 5.3 and above
         gc_collect_cycles();
     }
 }
 /**
  * Selects a collection of PermissionToPermissionItem objects pre-filled with all related objects except Permission.
  *
  * @param      Criteria  $criteria
  * @param      PropelPDO $con
  * @param      String    $join_behavior the type of joins to use, defaults to Criteria::LEFT_JOIN
  * @return     array Array of PermissionToPermissionItem objects.
  * @throws     PropelException Any exceptions caught during processing will be
  *		 rethrown wrapped into a PropelException.
  */
 public static function doSelectJoinAllExceptPermission(Criteria $criteria, $con = null, $join_behavior = Criteria::LEFT_JOIN)
 {
     $criteria = clone $criteria;
     // Set the correct dbName if it has not been overridden
     // $criteria->getDbName() will return the same object if not set to another value
     // so == check is okay and faster
     if ($criteria->getDbName() == Propel::getDefaultDB()) {
         $criteria->setDbName(self::DATABASE_NAME);
     }
     PermissionToPermissionItemPeer::addSelectColumns($criteria);
     $startcol2 = PermissionToPermissionItemPeer::NUM_COLUMNS - PermissionToPermissionItemPeer::NUM_LAZY_LOAD_COLUMNS;
     PermissionItemPeer::addSelectColumns($criteria);
     $startcol3 = $startcol2 + (PermissionItemPeer::NUM_COLUMNS - PermissionItemPeer::NUM_LAZY_LOAD_COLUMNS);
     $criteria->addJoin(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, PermissionItemPeer::ID, $join_behavior);
     $stmt = BasePeer::doSelect($criteria, $con);
     $results = array();
     while ($row = $stmt->fetch(PDO::FETCH_NUM)) {
         $key1 = PermissionToPermissionItemPeer::getPrimaryKeyHashFromRow($row, 0);
         if (null !== ($obj1 = PermissionToPermissionItemPeer::getInstanceFromPool($key1))) {
             // We no longer rehydrate the object, since this can cause data loss.
             // See http://propel.phpdb.org/trac/ticket/509
             // $obj1->hydrate($row, 0, true); // rehydrate
         } else {
             $cls = PermissionToPermissionItemPeer::getOMClass(false);
             $obj1 = new $cls();
             $obj1->hydrate($row);
             PermissionToPermissionItemPeer::addInstanceToPool($obj1, $key1);
         }
         // if obj1 already loaded
         // Add objects for joined PermissionItem rows
         $key2 = PermissionItemPeer::getPrimaryKeyHashFromRow($row, $startcol2);
         if ($key2 !== null) {
             $obj2 = PermissionItemPeer::getInstanceFromPool($key2);
             if (!$obj2) {
                 $omClass = PermissionItemPeer::getOMClass($row, $startcol2);
                 $cls = substr('.' . $omClass, strrpos('.' . $omClass, '.') + 1);
                 $obj2 = new $cls();
                 $obj2->hydrate($row, $startcol2);
                 PermissionItemPeer::addInstanceToPool($obj2, $key2);
             }
             // if $obj2 already loaded
             // Add the $obj1 (PermissionToPermissionItem) to the collection in $obj2 (PermissionItem)
             $obj2->addPermissionToPermissionItem($obj1);
         }
         // if joined row is not null
         $results[] = $obj1;
     }
     $stmt->closeCursor();
     return $results;
 }
Exemplo n.º 13
0
 /**
  * Deletes an existing permission item object.
  * This action is available only to Kaltura system administrators.
  * 
  * @action delete
  * @param int $permissionItemId The permission item's unique identifier
  * @return KalturaPermissionItem The deleted permission item object
  *
  * @throws KalturaErrors::INVALID_OBJECT_ID
  */
 public function deleteAction($permissionItemId)
 {
     $dbPermissionItem = PermissionItemPeer::retrieveByPK($permissionItemId);
     if (!$dbPermissionItem) {
         throw new KalturaAPIException(KalturaErrors::INVALID_OBJECT_ID, $permissionItemId);
     }
     $dbPermissionItem->delete();
     $permissionItem = new KalturaPermissionItem();
     $permissionItem->fromObject($dbPermissionItem, $this->getResponseProfile());
     return $permissionItem;
 }
 /**
  * Lists permission item objects that are associated with an account.
  * 
  * @action list
  * @param KalturaPermissionItemFilter $filter A filter used to exclude specific types of permission items
  * @param KalturaFilterPager $pager A limit for the number of records to display on a page
  * @return KalturaPermissionItemListResponse The list of permission item objects
  */
 public function listAction(KalturaPermissionItemFilter $filter = null, KalturaFilterPager $pager = null)
 {
     if (!$filter) {
         $filter = new KalturaPermissionItemFilter();
     }
     $permissionItemFilter = $filter->toObject();
     $c = new Criteria();
     $permissionItemFilter->attachToCriteria($c);
     $count = PermissionItemPeer::doCount($c);
     if (!$pager) {
         $pager = new KalturaFilterPager();
     }
     $pager->attachToCriteria($c);
     $list = PermissionItemPeer::doSelect($c);
     $response = new KalturaPermissionItemListResponse();
     $response->objects = KalturaPermissionItemArray::fromDbArray($list);
     $response->totalCount = $count;
     return $response;
 }
Exemplo n.º 15
0
 /**
  * Init with allowed permissions for the user in the given KS or kCurrentContext if not KS given
  * kCurrentContext::init should have been executed before!
  * @param string $ks KS to extract user and partner IDs from instead of kCurrentContext
  * @param boolean $useCache use cache or not
  * @throws TODO: add all exceptions
  */
 public static function init($useCache = null)
 {
     // verify that kCurrentContext::init has been executed since it must be used to init current context permissions
     if (!kCurrentContext::$ksPartnerUserInitialized) {
         KalturaLog::crit('kCurrentContext::initKsPartnerUser must be executed before initializing kPermissionManager');
         throw new Exception('kCurrentContext has not been initialized!', null);
     }
     // can be initialized more than once to support multirequest with different kCurrentContext parameters
     self::$initialized = false;
     self::$useCache = $useCache ? true : false;
     // copy kCurrentContext parameters (kCurrentContext::init should have been executed before)
     self::$requestedPartnerId = !self::isEmpty(kCurrentContext::$partner_id) ? kCurrentContext::$partner_id : null;
     self::$ksPartnerId = !self::isEmpty(kCurrentContext::$ks_partner_id) ? kCurrentContext::$ks_partner_id : null;
     self::$ksUserId = !self::isEmpty(kCurrentContext::$ks_uid) ? kCurrentContext::$ks_uid : null;
     self::$ksString = kCurrentContext::$ks ? kCurrentContext::$ks : null;
     self::$adminSession = !self::isEmpty(kCurrentContext::$is_admin_session) ? kCurrentContext::$is_admin_session : false;
     // clear instance pools
     //TODO: may not be needed
     UserRolePeer::clearInstancePool();
     PermissionPeer::clearInstancePool();
     PermissionItemPeer::clearInstancePool();
     PermissionToPermissionItemPeer::clearInstancePool();
     kuserPeer::clearInstancePool();
     // if ks defined - check that it is valid
     self::errorIfKsNotValid();
     // init partner, user, and role objects
     self::initPartnerUserObjects();
     // throw an error if KS partner (operating partner) is blocked
     self::errorIfPartnerBlocked();
     // init role ids
     self::initRoleIds();
     // init permissions map
     self::initPermissionsMap();
     // initialization done
     self::$initialized = true;
     return true;
 }
Exemplo n.º 16
0
function addParameterPermissionItem($itemCfg)
{
    // verify obligatory fields
    if (!$itemCfg->object) {
        throw new Exception('Permission item object must be set');
    }
    if (!$itemCfg->parameter) {
        throw new Exception('Permission item object parameter must be set');
    }
    if (!$itemCfg->action) {
        throw new Exception('Permission item action id must be set');
    }
    if (is_null($itemCfg->partnerId) || $itemCfg->partnerId === '') {
        throw new Exception('Permission item partner id must be set');
    }
    if (!in_array($itemCfg->action, array(ApiParameterPermissionItemAction::INSERT, ApiParameterPermissionItemAction::READ, ApiParameterPermissionItemAction::UPDATE, ApiParameterPermissionItemAction::USAGE))) {
        throw new Exception("Action type [{$itemCfg->action}] unknown");
    }
    // check if item already exists in db
    $c = new Criteria();
    $c->addAnd(kApiParameterPermissionItem::OBJECT_COLUMN_NAME, $itemCfg->object, Criteria::EQUAL);
    $c->addAnd(kApiParameterPermissionItem::PARAMETER_COLUMN_NAME, $itemCfg->parameter, Criteria::EQUAL);
    $c->addAnd(kApiParameterPermissionItem::ACTION_COLUMN_NAME, $itemCfg->action, Criteria::EQUAL);
    $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $itemCfg->partnerId), Criteria::IN);
    $c->addAnd(PermissionItemPeer::TYPE, PermissionItemType::API_PARAMETER_ITEM, Criteria::EQUAL);
    $existingItem = PermissionItemPeer::doSelectOne($c);
    $item = null;
    if ($existingItem) {
        $item = $existingItem;
        KalturaLog::log('Permission item for [' . $item->getAction() . '->' . $item->getObject() . '->' . $item->getParameter() . '] partner id [' . $item->getPartnerId() . '] already exists with id [' . $item->getId() . ']');
    } else {
        // save new permission item object
        $item = new kApiParameterPermissionItem();
        foreach ($itemCfg as $key => $value) {
            if ($key === 'permissions') {
                continue;
                // permissions are set later
            }
            $setterCallback = array($item, "set{$key}");
            if (method_exists($item, 'set' . $key)) {
                call_user_func_array($setterCallback, array($value));
            } else {
                KalturaLog::err("Skipping call to set{$key}() since there is no such method.");
            }
        }
        $item->save();
        KalturaLog::log('New permission item id [' . $item->getId() . '] added for [' . $item->getAction() . '->' . $item->getObject() . '->' . $item->getParameter() . '] partner id [' . $item->getPartnerId() . ']');
    }
    // add item to each defined permission
    $permissionNames = array_map('trim', str_getcsv($itemCfg->permissions));
    addItemToPermissions($item, $permissionNames, $itemCfg->partnerId);
}
function removeParameterPermissionItem($itemCfg)
{
    // verify obligatory fields
    if (!$itemCfg->object) {
        throw new Exception('Permission item object must be set');
    }
    if (!$itemCfg->parameter) {
        throw new Exception('Permission item object parameter must be set');
    }
    if (!$itemCfg->action) {
        throw new Exception('Permission item action id must be set');
    }
    if (is_null($itemCfg->partnerId) || $itemCfg->partnerId === '') {
        throw new Exception('Permission item partner id must be set');
    }
    if (!in_array($itemCfg->action, array(ApiParameterPermissionItemAction::INSERT, ApiParameterPermissionItemAction::READ, ApiParameterPermissionItemAction::UPDATE))) {
        throw new Exception("Action type [{$itemCfg->action}] unknown");
    }
    if (is_null($itemCfg->permissions) || $itemCfg->permissions === '') {
        throw new Exception('Permission item permissions must be set');
    }
    // check if item already exists in db
    $c = new Criteria();
    $c->addAnd(kApiParameterPermissionItem::OBJECT_COLUMN_NAME, $itemCfg->object);
    $c->addAnd(kApiParameterPermissionItem::PARAMETER_COLUMN_NAME, $itemCfg->parameter);
    $c->addAnd(kApiParameterPermissionItem::ACTION_COLUMN_NAME, $itemCfg->action);
    $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $itemCfg->partnerId), Criteria::IN);
    $c->addAnd(PermissionItemPeer::TYPE, PermissionItemType::API_PARAMETER_ITEM);
    $permissionItem = PermissionItemPeer::doSelectOne($c);
    if (!$permissionItem) {
        return;
    }
    // add item to each defined permission
    $permissionNames = array_map('trim', explode(',', $itemCfg->permissions));
    removeItemFromPermissions($permissionItem, $permissionNames);
}
Exemplo n.º 18
0
 /**
  * Populates the object using an array.
  *
  * This is particularly useful when populating an object from one of the
  * request arrays (e.g. $_POST).  This method goes through the column
  * names, checking to see whether a matching key exists in populated
  * array. If so the setByName() method is called for that column.
  *
  * You can specify the key type of the array by additionally passing one
  * of the class type constants BasePeer::TYPE_PHPNAME, BasePeer::TYPE_STUDLYPHPNAME,
  * BasePeer::TYPE_COLNAME, BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_NUM.
  * The default key type is the column's phpname (e.g. 'AuthorId')
  *
  * @param      array  $arr     An array to populate the object from.
  * @param      string $keyType The type of keys the array uses.
  * @return     void
  */
 public function fromArray($arr, $keyType = BasePeer::TYPE_PHPNAME)
 {
     $keys = PermissionItemPeer::getFieldNames($keyType);
     if (array_key_exists($keys[0], $arr)) {
         $this->setId($arr[$keys[0]]);
     }
     if (array_key_exists($keys[1], $arr)) {
         $this->setType($arr[$keys[1]]);
     }
     if (array_key_exists($keys[2], $arr)) {
         $this->setPartnerId($arr[$keys[2]]);
     }
     if (array_key_exists($keys[3], $arr)) {
         $this->setParam1($arr[$keys[3]]);
     }
     if (array_key_exists($keys[4], $arr)) {
         $this->setParam2($arr[$keys[4]]);
     }
     if (array_key_exists($keys[5], $arr)) {
         $this->setParam3($arr[$keys[5]]);
     }
     if (array_key_exists($keys[6], $arr)) {
         $this->setParam4($arr[$keys[6]]);
     }
     if (array_key_exists($keys[7], $arr)) {
         $this->setParam5($arr[$keys[7]]);
     }
     if (array_key_exists($keys[8], $arr)) {
         $this->setTags($arr[$keys[8]]);
     }
     if (array_key_exists($keys[9], $arr)) {
         $this->setCreatedAt($arr[$keys[9]]);
     }
     if (array_key_exists($keys[10], $arr)) {
         $this->setUpdatedAt($arr[$keys[10]]);
     }
     if (array_key_exists($keys[11], $arr)) {
         $this->setCustomData($arr[$keys[11]]);
     }
 }
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId)
{
    // get list of services defined in the services.ct files
    $servicesTable = $serviceConfig->getAllServicesByCt();
    // for each defined service.action
    foreach ($servicesTable as $ctPath => $services) {
        foreach ($services as $serviceActionName) {
            $serviceConfig->setServiceName($serviceActionName);
            $serviceSplit = explode('.', $serviceActionName);
            $serviceName = $serviceSplit[0];
            $actionName = $serviceSplit[1];
            $ticketTypes = explode(',', $serviceConfig->getTicketType());
            $serviceId = $serviceName;
            $pluginName = getPluginNameFromServicesCtPath($ctPath);
            if ($pluginName) {
                $serviceId = strtolower($pluginName) . '_' . $serviceId;
            }
            $serviceClass = KalturaServicesMap::getService($serviceId);
            if (!$serviceClass) {
                $tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
                if ($tmpServiceIds && count($tmpServiceIds) == 1) {
                    $serviceId = reset($tmpServiceIds);
                    $serviceClass = KalturaServicesMap::getService($serviceId);
                }
            }
            if (!$serviceClass) {
                $msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
                KalturaLog::alert($msg);
                echo $msg . PHP_EOL;
                continue;
            }
            // skip action if set with ticket type N (blocked)
            if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
                $msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
                KalturaLog::notice($msg);
                echo $msg . PHP_EOL;
                continue;
            }
            // check if a permission item for the current action already exists
            $c = new Criteria();
            $c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL);
            $c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL);
            $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
            $permissionItem = PermissionItemPeer::doSelectOne($c);
            if ($permissionItem) {
                $msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']';
                KalturaLog::alert($msg);
                echo $msg . PHP_EOL;
            } else {
                // create a new api action permission item and save it
                $permissionItem = new kApiActionPermissionItem();
                $permissionItem->setService($serviceId);
                $permissionItem->setAction($actionName);
                $permissionItem->setPartnerId($partnerId);
                $permissionItem->save();
            }
            // get the defined permission names from the tags section of the services.ct file
            $permissionNames = $serviceConfig->getTags();
            $permissionNames = explode(',', $permissionNames);
            $anyPermissionSet = false;
            // was any permission set to include the current permission item or not
            foreach ($permissionNames as $permissionName) {
                if (!$permissionName) {
                    continue;
                }
                // add the permission item to all its defined permission objects
                $c = new Criteria();
                $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
                $c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
                //$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
                $permission = PermissionPeer::doSelectOne($c);
                if (!$permission) {
                    $msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']';
                    KalturaLog::alert($msg);
                    echo $msg . PHP_EOL;
                    continue;
                }
                $permission->addPermissionItem($permissionItem->getId(), true);
                $anyPermissionSet = true;
            }
            // add permission item to the basic NO_KS and USER_KS permissions according to its ticket type
            // (partner admin role already contains all other permissions)
            if ($setBaseSystemPermissions) {
                if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) {
                    $noKsPermission->addPermissionItem($permissionItem->getId(), true);
                    $userSessionPermission->addPermissionItem($permissionItem->getId(), true);
                    $anyPermissionSet = true;
                } else {
                    if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) {
                        $userSessionPermission->addPermissionItem($permissionItem->getId(), true);
                        $anyPermissionSet = true;
                    }
                }
            }
            if (!$anyPermissionSet) {
                $msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']';
                KalturaLog::alert($msg);
                echo $msg . PHP_EOL;
            }
        }
    }
}