function addPermissionToPartner($permissionCfg, $partnerId = null) { // init new db permission object if (is_null($partnerId)) { $partnerId = $permissionCfg->partnerId; } PermissionPeer::setUseCriteriaFilter(false); $permission = PermissionPeer::getByNameAndPartner($permissionCfg->name, $partnerId); PermissionPeer::setUseCriteriaFilter(true); if (!$permission) { $permission = new Permission(); } foreach ($permissionCfg as $key => $value) { if ($key == 'partnerPackages') { continue; } $setterCallback = array($permission, "set{$key}"); call_user_func_array($setterCallback, array($value)); } if (!$permission->getFriendlyName()) { $permission->setFriendlyName($permission->getName()); } if ($partnerId != null) { $permission->setPartnerId($partnerId); } $permission->setStatus(PermissionStatus::ACTIVE); // add to database KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']'); try { if ($permission->getId()) { $permission->save(); } else { PermissionPeer::addToPartner($permission, $permission->getPartnerId()); } } catch (kPermissionException $e) { if ($e->getCode() === kPermissionException::PERMISSION_ALREADY_EXISTS) { KalturaLog::log('Permission name [' . $permission->getName() . '] already exists for partner id [' . $permission->getPartnerId() . ']'); } else { throw $e; } } }
/** * Deletes an existing permission object. * * @action delete * @param string $permissionName The name assigned to the permission * @return KalturaPermission The deleted permission object * * @throws KalturaErrors::INVALID_OBJECT_ID */ public function deleteAction($permissionName) { $dbPermission = PermissionPeer::getByNameAndPartner($permissionName, array($this->partnerGroup())); if (!$dbPermission) { throw new KalturaAPIException(KalturaErrors::INVALID_OBJECT_ID, $permissionName); } $dbPermission->setStatus(KalturaPermissionStatus::DELETED); $dbPermission->save(); $permission = new KalturaPermission(); $permission->fromObject($dbPermission); return $permission; }
require_once ROOT_DIR . '/api_v3/bootstrap.php'; PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); //-- Script start // define all items $permissionItems = array(array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'startDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'endDate', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_SCHEDULE), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'accessControlId', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ACCESS_CONTROL), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categories', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'categoriesIds', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES . ',' . PermissionName::USER_SESSION_PERMISSION), array('object' => 'KalturaBaseEntry', 'parameter' => 'name', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'tags', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaBaseEntry', 'parameter' => 'description', 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_METADATA . ',' . PermissionName::USER_SESSION_PERMISSION . ',' . PermissionName::CONTENT_MODERATE_METADATA), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::INSERT, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaLiveStreamAdminEntry', 'parameter' => kApiParameterPermissionItem::ALL_VALUES_IDENTIFIER, 'action' => ApiParameterPermissionItemAction::UPDATE, 'permission' => PermissionName::CONTENT_MANAGE_BASE), array('object' => 'KalturaPartner', 'parameter' => 'secret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE), array('object' => 'KalturaPartner', 'parameter' => 'adminSecret', 'action' => ApiParameterPermissionItemAction::READ, 'permission' => PermissionName::INTEGRATION_BASE)); // add all to required permissions foreach ($permissionItems as $cur) { $item = new kApiParameterPermissionItem(); $item->setObject($cur['object']); $item->setParameter($cur['parameter']); $item->setAction($cur['action']); $item->setPartnerId(PartnerPeer::GLOBAL_PARTNER); $item->save(); $permissions = $cur['permission']; $permissions = explode(',', $permissions); foreach ($permissions as $permissionName) { if (!$permissionName) { continue; } $permission = PermissionPeer::getByNameAndPartner(trim($permissionName), array(PartnerPeer::GLOBAL_PARTNER)); if (!$permission) { $msg = '***** ERROR - Permission [' . $cur['permission'] . '] not found for item [' . $cur['object'] . '->' . $cur['parameter'] . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } $permission->addPermissionItem($item->getId()); $permission->save(); } }
$criteria->add(PermissionPeer::PARTNER_ID, $startPartnerId, Criteria::GREATER_THAN); } if ($startUpdatedAt) { $criteria->add(PermissionPeer::UPDATED_AT, $startUpdatedAt, Criteria::GREATER_THAN); } $criteria->addAscendingOrderByColumn(PermissionPeer::PARTNER_ID); $criteria->addSelectColumn(PermissionPeer::PARTNER_ID); $criteria->setLimit($countLimitEachLoop); $stmt = PermissionPeer::doSelectStmt($criteria, $con); $partners = PartnerPeer::retrieveByPKs($stmt->fetchAll(PDO::FETCH_COLUMN)); while (count($partners)) { foreach ($partners as $partner) { /* @var $partner partner */ $partnerId = $partner->getId(); KalturaLog::debug("Set permission [{$permissionName}] for partner id [{$partnerId}]"); $dbPermission = PermissionPeer::getByNameAndPartner($permissionName, $partnerId); if (!$dbPermission) { $dbPermission = new Permission(); $dbPermission->setType(PermissionType::SPECIAL_FEATURE); $dbPermission->setPartnerId($partnerId); $dbPermission->setName($permissionName); } $dbPermission->setStatus(PermissionStatus::ACTIVE); $dbPermission->save(); } kMemoryManager::clearMemory(); $criteria->setOffset($offset); $stmt = PermissionPeer::doSelectStmt($criteria, $con); $partners = PartnerPeer::retrieveByPKs($stmt->fetchAll(PDO::FETCH_COLUMN)); usleep(100); $offset += $countLimitEachLoop;
public function toObject($object_to_fill = null, $props_to_skip = array()) { $object_to_fill = parent::toObject($object_to_fill, $props_to_skip); if (!$object_to_fill) { KalturaLog::err('Cannot find object to fill'); return null; } if (empty($this->deliveryProfileIds)) { $object_to_fill->setDeliveryProfileIds(array()); } else { $object_to_fill->setDeliveryProfileIds(json_decode($this->deliveryProfileIds, true)); } if (!$this->isNull('partnerParentId') && $this->partnerParentId > 0) { $parentPartnerDb = PartnerPeer::retrieveByPK($this->partnerParentId); if ($parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::GROUP && $parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::VAR_GROUP) { throw new KalturaAPIException(SystemPartnerErrors::UNABLE_TO_FORM_GROUP_ASSOCIATION, $this->partnerParentId, $parentPartnerDb->getPartnerGroupType()); } } if (!is_null($this->permissions)) { foreach ($this->permissions as $permission) { $dbPermission = PermissionPeer::getByNameAndPartner($permission->name, array($object_to_fill->getId())); if ($dbPermission) { $dbPermission->setStatus($permission->status); } else { $dbPermission = new Permission(); $dbPermission->setType($permission->type); $dbPermission->setPartnerId($object_to_fill->getId()); //$dbPermission->setStatus($permission->status); $permission->type = null; $dbPermission = $permission->toInsertableObject($dbPermission); } $dbPermission->save(); if ($dbPermission->getStatus() == PermissionStatus::ACTIVE) { $this->enablePermissionForPlugins($object_to_fill->getId(), $dbPermission->getName()); } } //Raise template partner's conversion profiles (so far) and check whether the partner now has permissions for them. $this->copyMissingConversionProfiles($object_to_fill); } if (!is_null($this->limits)) { foreach ($this->limits as $limit) { $limit->apply($object_to_fill); } } if (!is_null($this->autoModerateEntryFilter)) { $dbAutoModerationEntryFilter = new entryFilter(); $this->autoModerateEntryFilter->toObject($dbAutoModerationEntryFilter); $object_to_fill->setAutoModerateEntryFilter($dbAutoModerationEntryFilter); } $object_to_fill->setShouldApplyAccessControlOnEntryMetadata($this->restrictEntryByMetadata); return $object_to_fill; }
$permissionNames = array('FEATURE_SHOW_HTML_STUDIO', 'FEATURE_SHOW_FLASH_STUDIO'); //------------------------------------------------------ require_once __DIR__ . '/../../bootstrap.php'; $con = myDbHelper::getConnection(myDbHelper::DB_HELPER_CONN_PROPEL2); KalturaStatement::setDryRun($dryRun); $c = new Criteria(); $c->addAscendingOrderByColumn(PartnerPeer::ID); $c->addAnd(PartnerPeer::ID, 99, Criteria::GREATER_EQUAL); $c->setLimit($countLimitEachLoop); $partners = PartnerPeer::doSelect($c, $con); while (count($partners)) { foreach ($partners as $partner) { /* @var $partner Partner */ foreach ($permissionNames as $permissionName) { KalturaLog::debug("Set permission [{$permissionName}] for partner id [" . $partner->getId() . "]"); $dbPermission = PermissionPeer::getByNameAndPartner($permissionName, $partner->getId()); if (!$dbPermission) { $dbPermission = new Permission(); $dbPermission->setType(PermissionType::PLUGIN); $dbPermission->setPartnerId($partner->getId()); $dbPermission->setName($permissionName); } $dbPermission->setStatus(PermissionStatus::ACTIVE); $dbPermission->save(); } } kMemoryManager::clearMemory(); $c = new Criteria(); $c->addAscendingOrderByColumn(PartnerPeer::ID); $c->addAnd(PartnerPeer::ID, 99, Criteria::GREATER_EQUAL); $c->setLimit($countLimitEachLoop);
* You can delete permission_item and permission_to_permission_item if you removed something from the services.ct * */ //-- Bootstraping error_reporting(E_ALL); require_once dirname(__FILE__) . '/../../../bootstrap.php'; require_once ROOT_DIR . '/api_v3/bootstrap.php'; PermissionPeer::clearInstancePool(); PermissionItemPeer::clearInstancePool(); //-- Script start // get base system user and no ks permission objects define('NO_KS_TICKET_TYPE', '0'); define('USER_KS_TICKET_TYPE', '1'); define('BLOCKED_TICKET_TYPE', 'N'); $userSessionPermission = PermissionPeer::getByNameAndPartner(PermissionName::USER_SESSION_PERMISSION, array(PartnerPeer::GLOBAL_PARTNER)); $noKsPermission = PermissionPeer::getByNameAndPartner(PermissionName::ALWAYS_ALLOWED_ACTIONS, array(PartnerPeer::GLOBAL_PARTNER)); $userSessionPermissionItemIds = $userSessionPermission->getPermissionItemIds(); $noKsPermissionItemIds = $noKsPermission->getPermissionItemIds(); // special service config files - get .ct files except for the default v3_services.ct $tmpContents = scandir(ROOT_DIR . '/api_v3/config/'); $excludeCts = array(); // files to exclude $excludeCts[] = KalturaServiceConfig::getDefaultName(); // v3_services.ct $excludeCts[] = 'v3_' . Partner::FULL_BLOCK_SERVICE_CONFIG_ID; // v3_services_block.ct $excludeCts[] = 'v3_' . Partner::CONTENT_BLOCK_SERVICE_CONFIG_ID; // v3_services_limited_partner.ct $excludeCts[] = 'v3_services_open_playlist.ct'; $excludeCts[] = 'v3_services_sessionless.ct'; $serviceConfigFiles = array();
public function toObject($object_to_fill = null, $props_to_skip = array()) { $object_to_fill = parent::toObject($object_to_fill, $props_to_skip); if (!$object_to_fill) { KalturaLog::err('Cannot find object to fill'); return null; } if (!$this->isNull('partnerParentId') && $this->partnerParentId > 0) { $parentPartnerDb = PartnerPeer::retrieveByPK($this->partnerParentId); if ($parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::GROUP && $parentPartnerDb->getPartnerGroupType() != KalturaPartnerGroupType::VAR_GROUP) { throw new KalturaAPIException(SystemPartnerErrors::UNABLE_TO_FORM_GROUP_ASSOCIATION, $this->partnerParentId, $parentPartnerDb->getPartnerGroupType()); } } if (!is_null($this->permissions)) { foreach ($this->permissions as $permission) { KalturaLog::debug("partner: " . $object_to_fill->getId() . " add permissions: " . print_r($permission, true)); $dbPermission = PermissionPeer::getByNameAndPartner($permission->name, array($object_to_fill->getId())); if ($dbPermission) { KalturaLog::debug("add permissions: exists; set status; " . $permission->status); KalturaLog::debug("db permissions: " . print_r($dbPermission, true)); $dbPermission->setStatus($permission->status); } else { KalturaLog::debug("add permissions: didn't exists"); $dbPermission = new Permission(); $dbPermission->setType($permission->type); $dbPermission->setPartnerId($object_to_fill->getId()); //$dbPermission->setStatus($permission->status); $permission->type = null; $dbPermission = $permission->toInsertableObject($dbPermission); } KalturaLog::debug("add permissions: save" . print_r($dbPermission, true)); $dbPermission->save(); } } if (!is_null($this->limits)) { foreach ($this->limits as $limit) { $limit->apply($object_to_fill); } } if (!is_null($this->autoModerateEntryFilter)) { $dbAutoModerationEntryFilter = new entryFilter(); $this->autoModerateEntryFilter->toObject($dbAutoModerationEntryFilter); $object_to_fill->setAutoModerateEntryFilter($dbAutoModerationEntryFilter); } return $object_to_fill; }
private function configurePartnerByPackage($partner) { if (!$partner) { return; } if ($partner->getPartnerPackage() == 100) { $permissionNames = array(PermissionName::FEATURE_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM, PermissionName::FEATURE_KALTURA_LIVE_STREAM_TRANSCODE); foreach ($permissionNames as $permissionName) { $permission = PermissionPeer::getByNameAndPartner($permissionName, $partner->getId()); if (!$permission) { $permission = new Permission(); $permission->setType(PermissionType::SPECIAL_FEATURE); $permission->setPartnerId($partner->getId()); $permission->setName($permissionName); } $permission->setStatus(PermissionStatus::ACTIVE); $permission->save(); } } }
} $c->setOffset($offset); PermissionPeer::clearInstancePool(); $permissions = PermissionPeer::doSelect($c, $con); $offset += $countLimitEachLoop; sleep(1); } $c = new Criteria(); $c->add(UserRolePeer::PERMISSION_NAMES, "%dropFolder.CONTENT_INGEST_DROP_FOLDER_MATCH%", Criteria::LIKE); $c->setLimit($countLimitEachLoop); $userRoles = UserRolePeer::doSelect($c, $con); while (count($userRoles)) { foreach ($userRoles as $userRole) { $partnerId = $userRole->getPartnerId(); PermissionPeer::setUseCriteriaFilter(false); $permission = PermissionPeer::getByNameAndPartner('CONTENT_INGEST_DROP_FOLDER_MATCH', array($partnerId)); PermissionPeer::setUseCriteriaFilter(true); if (!$permission) { $permission = new Permission(); $permission->setName('CONTENT_INGEST_DROP_FOLDER_MATCH'); $permission->setDependsOnPermissionNames('DROPFOLDER_PLUGIN_PERMISSION'); $permission->setType(PermissionType::SPECIAL_FEATURE); $permission->setPartnerId($partnerId); $permission->setStatus(PermissionStatus::ACTIVE); // add to database KalturaLog::log('Adding new permission with name [' . $permission->getName() . '] to partner id [' . $permission->getPartnerId() . ']'); PermissionPeer::addToPartner($permission, $permission->getPartnerId()); } } $c->setOffset($offset); UserRolePeer::clearInstancePool();
if ($startUpdatedAt) { $criteria->add(PartnerPeer::UPDATED_AT, $startUpdatedAt, Criteria::GREATER_THAN); } if ($limit) { $criteria->setLimit(min($page, $limit)); } else { $criteria->setLimit($page); } $partners = PartnerPeer::doSelect($criteria); $migrated = 0; while (count($partners) && (!$limit || $migrated < $limit)) { KalturaLog::info("Migrating [" . count($partners) . "] partners."); $migrated += count($partners); foreach ($partners as $partner) { /* @var $partner Partner */ $permission = PermissionPeer::getByNameAndPartner($permissionName, array($partner->getId(), 0)); if (!$permission) { $permission = new Permission(); $permission->setType(PermissionType::SPECIAL_FEATURE); $permission->setPartnerId($partner->getId()); } $permission->setStatus(PermissionStatus::ACTIVE); KalturaStatement::setDryRun($dryRun); $permission->save(); KalturaStatement::setDryRun(false); $startUpdatedAt = $partner->getUpdatedAt(null); $startPartnerId = $partner->getId(); KalturaLog::info("Migrated partner [" . $partner->getId() . "] with updated at [{$startUpdatedAt}: " . $partner->getUpdatedAt() . "]."); } kMemoryManager::clearMemory(); $nextCriteria = clone $criteria;