$subPartnerId = $argv[1];
$masterPartnerId = $argv[2];
$subPartner = PartnerPeer::retrieveByPK($subPartnerId);
if (!$subPartner) {
die("no such sub partner [{$subPartner}]." . PHP_EOL);
}
$masterPartner = PartnerPeer::retrieveByPK($masterPartnerId);
if (!$masterPartner) {
die("no such master partner [{$subPartner}]." . PHP_EOL);
}
PermissionPeer::clearInstancePool();
$c = new Criteria();
$c->addAnd(PermissionPeer::PARTNER_ID, $masterPartner->getId(), Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL);
$c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
die("Master partner group doesnot exists" . PHP_EOL);
}
$group = $permission->getPartnerGroup();
$groupPartners = explode(',', $group);
$newGroupArr = array();
foreach ($groupPartners as $groupPartner) {
if ($groupPartner != $subPartnerId) {
$newGroupArr[] = $groupPartner;
}
}
$newGroup = implode(',', $newGroupArr);
$permission->setPartnerGroup($newGroup);
$permission->save();
echo "current partner group [{$newGroup}] " . PHP_EOL;
function addItemToPermissions($item, $permissionNames, $partnerId)
{
foreach ($permissionNames as $permissionName) {
PermissionToPermissionItemPeer::clearInstancePool();
$partnerPermission = array_map('trim', explode('>', $permissionName));
if (count($partnerPermission) === 2) {
$partnerId = trim($partnerPermission[0]);
}
$permissionName = trim(end($partnerPermission));
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN);
$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
KalturaLog::alert('ERROR - Permission name [' . $permissionName . '] for partner [' . $item->getPartnerId() . '] not found in database - skipping!');
continue;
}
KalturaLog::log('Adding permission item id [' . $item->getId() . '] to permission id [' . $permission->getId() . ']');
$permission->addPermissionItem($item->getId(), true);
}
}
public static function getByNameAndPartner($permissionName, $partnerIdsArray)
{
$c = new Criteria();
if (is_array($partnerIdsArray) && !in_array('*', $partnerIdsArray, true) || !is_array($partnerIdsArray) && $partnerIdsArray != '*') {
$partnerIdsArray = array_map('strval', $partnerIdsArray);
$c->addAnd(PermissionPeer::PARTNER_ID, $partnerIdsArray, Criteria::IN);
}
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
PermissionPeer::setUseCriteriaFilter(false);
$permission = PermissionPeer::doSelectOne($c);
PermissionPeer::setUseCriteriaFilter(true);
return $permission;
}
function removeItemFromPermissions(PermissionItem $item, array $permissionNames)
{
foreach ($permissionNames as $permissionName) {
$partnerPermission = array_map('trim', explode('>', $permissionName));
$partnerId = PartnerPeer::GLOBAL_PARTNER;
if (count($partnerPermission) === 2) {
$partnerId = trim($partnerPermission[0]);
}
$permissionName = trim(end($partnerPermission));
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionName);
$c->addAnd(PermissionPeer::TYPE, array(PermissionType::NORMAL, PermissionType::PARTNER_GROUP), Criteria::IN);
$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $item->getPartnerId(), $partnerId), Criteria::IN);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
continue;
}
$c = new Criteria();
$c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ITEM_ID, $item->getId());
$c->addAnd(PermissionToPermissionItemPeer::PERMISSION_ID, $permission->getId());
$permissionToPermissionItem = PermissionToPermissionItemPeer::doSelectOne($c);
if (!$permissionToPermissionItem) {
continue;
}
$permissionToPermissionItem->delete();
}
}
/**
* Create a special partner group permission for given partner id, or get an existing one
* @param int $partnerId
* @param string $partnerGroup
*/
function getOrCreatePartnerGroupPermission($partnerId, $partnerGroup)
{
$permissionName = 'PARTNER_' . $partnerId . '_GROUP_' . $partnerGroup . '_PERMISSION';
PermissionPeer::clearInstancePool();
$c = new Criteria();
$c->addAnd(PermissionPeer::PARTNER_ID, $partnerId, Criteria::EQUAL);
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
// create permission if not yet created
$permission = new Permission();
$permission->setPartnerId($partnerId);
$permission->setName($permissionName);
$permission->setFriendlyName('Partner ' . $partnerId . ' permission for group ' . $partnerGroup);
$permission->setDescription('Partner ' . $partnerId . ' permission for group ' . $partnerGroup);
$permission->setType(PermissionType::PARTNER_GROUP);
$permission->setPartnerGroup($partnerGroup);
$permission->setStatus(PermissionStatus::ACTIVE);
$permission->save();
} else {
if ($permission->getPartnerGroup() != $partnerGroup) {
$msg = '***** ERROR - Permission id [' . $permission->getId() . '] partner group [' . $permission->getPartnerGroup() . '] is different from the required partner group [' . $partnerGroup . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
}
}
return $permission;
}
public static function getByNameAndPartner($permissionName, $partnerIdsArray)
{
$c = new Criteria();
if (!is_array($partnerIdsArray)) {
$partnerIdsArray = array($partnerIdsArray);
}
if (!in_array('*', $partnerIdsArray, true)) {
$partnerIdsArray = array_map('strval', $partnerIdsArray);
$c->addAnd(PermissionPeer::PARTNER_ID, $partnerIdsArray, Criteria::IN);
}
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAscendingOrderByColumn(PermissionPeer::STATUS);
// needed in case the permission appears more than once
PermissionPeer::setUseCriteriaFilter(false);
$permission = PermissionPeer::doSelectOne($c);
PermissionPeer::setUseCriteriaFilter(true);
return $permission;
}
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId)
{
// get list of services defined in the services.ct files
$servicesTable = $serviceConfig->getAllServicesByCt();
// for each defined service.action
foreach ($servicesTable as $ctPath => $services) {
foreach ($services as $serviceActionName) {
$serviceConfig->setServiceName($serviceActionName);
$serviceSplit = explode('.', $serviceActionName);
$serviceName = $serviceSplit[0];
$actionName = $serviceSplit[1];
$ticketTypes = explode(',', $serviceConfig->getTicketType());
$serviceId = $serviceName;
$pluginName = getPluginNameFromServicesCtPath($ctPath);
if ($pluginName) {
$serviceId = strtolower($pluginName) . '_' . $serviceId;
}
$serviceClass = KalturaServicesMap::getService($serviceId);
if (!$serviceClass) {
$tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
if ($tmpServiceIds && count($tmpServiceIds) == 1) {
$serviceId = reset($tmpServiceIds);
$serviceClass = KalturaServicesMap::getService($serviceId);
}
}
if (!$serviceClass) {
$msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
// skip action if set with ticket type N (blocked)
if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
$msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
KalturaLog::notice($msg);
echo $msg . PHP_EOL;
continue;
}
// check if a permission item for the current action already exists
$c = new Criteria();
$c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL);
$c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL);
$c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permissionItem = PermissionItemPeer::doSelectOne($c);
if ($permissionItem) {
$msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
} else {
// create a new api action permission item and save it
$permissionItem = new kApiActionPermissionItem();
$permissionItem->setService($serviceId);
$permissionItem->setAction($actionName);
$permissionItem->setPartnerId($partnerId);
$permissionItem->save();
}
// get the defined permission names from the tags section of the services.ct file
$permissionNames = $serviceConfig->getTags();
$permissionNames = explode(',', $permissionNames);
$anyPermissionSet = false;
// was any permission set to include the current permission item or not
foreach ($permissionNames as $permissionName) {
if (!$permissionName) {
continue;
}
// add the permission item to all its defined permission objects
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
//$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
$msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
$permission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
// add permission item to the basic NO_KS and USER_KS permissions according to its ticket type
// (partner admin role already contains all other permissions)
if ($setBaseSystemPermissions) {
if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) {
$noKsPermission->addPermissionItem($permissionItem->getId(), true);
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
} else {
if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) {
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
}
}
if (!$anyPermissionSet) {
$msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
}
}
}
}
