function testLoadRole() { $ur = User_Role::getOneFromDb(['user_role_link_id' => 301], $this->DB); $this->assertEqual(301, $ur->user_role_link_id); $ur->loadRole(); $this->assertEqual(3, $ur->role->role_id); }
public function getUsers() { $urs = User_Role::getAllFromDb(['role_id' => $this->role_id], $this->dbConnection); $user_ids = Db_Linked::arrayOfAttrValues($urs, 'user_id'); $users = User::getAllFromDb(['user_id' => $user_ids], $this->dbConnection); usort($users, 'User::cmp'); return $users; }
public function editAction() { //add role if it is provided parent::editAction(); if ($this->_hasParam('roles_list')) { $objUser = $this->view->object; // when the list of roles is submitted directly with user form $arrExistingRoles = array(); foreach ($objUser->getRoles() as $objRole) { $arrExistingRoles[$objRole->getId()] = $objRole->getId(); } $arrNewIds = array(); $arrIds = explode(",", $this->_getParam('roles_list')); foreach ($arrIds as $nRoleId) { $nRoleId = trim($nRoleId); if ($nRoleId == '') { continue; } $arrNewIds[$nRoleId] = $nRoleId; if (!isset($arrExistingRoles[$nRoleId])) { // need to add a role $objUserRole = User_UserRole::Table()->createRow(); $objUserRole->ucur_user_id = $objUser->getId(); $objUserRole->ucur_role_id = $nRoleId; $objUserRole->save(false); } } // walking through existing roles, delete IDs foreach ($arrExistingRoles as $nRoleId) { if (!isset($arrNewIds[$nRoleId])) { // this role has to be deleted $objUserRole = User_UserRole::Table()->findRole($objUser->getId(), $nRoleId); if (is_object($objUserRole)) { $objUserRole->delete(); } } } $objUser->cleanCache(); $this->view->object = $objUser; } else { if ($this->_hasParam('role') && $this->_getParam('role') != '') { $strRole = $this->_getParam('role'); $objRole = User_Role::Table()->findByName($strRole); if (!is_object($objRole)) { throw new App_Exception('Invalid User Role'); } $objUser = $this->view->object; if (!$objUser->hasRole($strRole)) { $objUserRole = User_UserRole::Table()->createRow(); $objUserRole->ucur_user_id = $objUser->getId(); $objUserRole->ucur_role_id = $objRole->getId(); $objUserRole->save(false); $objUser->cleanCache(); } } } }
public function getRoles() { $user_roles = array(); $user_roles = User_Role::getAllFromDb(['user_id' => $this->user_id], $this->dbConnection); if (count($user_roles) <= 0) { return array(Role::getOneFromDb(['name' => 'public'], $this->dbConnection)); } // $roles = Role::getAllFromDb(['role_id'=>array_map(function($e){return $e->role_id;},$user_roles)], $roles = Role::getAllFromDb(['role_id' => Db_Linked::arrayOfAttrValues($user_roles, 'role_id')], $this->dbConnection); return $roles; }
/** * find all elements which the user may not list and therefore may never be shown to the user * @param string $type asset|object|document * @return array */ public static function findForbiddenPaths($type, $user) { if ($user->isAdmin()) { return array(); } // get workspaces $workspaces = $user->{"getWorkspaces" . ucfirst($type)}(); foreach ($user->getRoles() as $roleId) { $role = User_Role::getById($roleId); $workspaces = array_merge($workspaces, $role->{"getWorkspaces" . ucfirst($type)}()); } $forbidden = array(); if (count($workspaces) > 0) { foreach ($workspaces as $workspace) { if (!$workspace->getList()) { $forbidden[] = $workspace->getCpath(); } } } else { $forbidden[] = "/"; } return $forbidden; }
/** * @return void */ protected function _addDefaultAccounts() { $cfgDefaultAccounts = App_Application::getInstance()->getConfig()->user->list; if (is_object($cfgDefaultAccounts)) { $cfgDefaultAccount = null; $tblRole = User_Role::Table(); $tblUserRole = User_UserRole::Table(); /** @var $cfgDefaultAccount User_Account */ foreach ($cfgDefaultAccounts as $cfgDefaultAccount) { $objAccount = $this->_addDefaultAccount($cfgDefaultAccount->toArray()); if (is_object($cfgDefaultAccount->roles)) { // add roles for a user... $arrRoles = $cfgDefaultAccount->roles; foreach ($arrRoles as $strRoleName) { $objRole = $tblRole->findByName($strRoleName); if (is_object($objRole) && !is_object($tblUserRole->findRole($objAccount->getId(), $objRole->getId()))) { $objUserRole = $tblUserRole->createRow(); $objUserRole->ucur_user_id = $objAccount->getId(); $objUserRole->ucur_role_id = $objRole->getId(); $objUserRole->save(); } } } } } }
/** * @param string $strRole * @return void */ public function removeRole($strRole) { $objRole = User_Role::Table()->findByName($strRole); if (!is_object($objRole)) { throw new App_Exception('Invalid user role ' . $strRole); } $nRoleId = $objRole->getId(); $objUserRole = User_UserRole::Table()->findRole($this->getId(), $nRoleId); if (is_object($objUserRole)) { $objUserRole->delete(); $this->cleanCache(); } }
/** * @param String $key * @return boolean */ public function isAllowed($key) { if (!$this->getPermission($key)) { // check roles foreach ($this->getRoles() as $roleId) { $role = User_Role::getById($roleId); if ($role->getPermission($key)) { return true; } } } return $this->getPermission($key); }
public function roleGetAction() { $role = User_Role::getById(intval($this->_getParam("id"))); // workspaces $types = array("asset", "document", "object"); foreach ($types as $type) { $workspaces = $role->{"getWorkspaces" . ucfirst($type)}(); foreach ($workspaces as $workspace) { $el = Element_Service::getElementById($type, $workspace->getCid()); if ($el) { // direct injection => not nice but in this case ok ;-) $workspace->path = $el->getFullPath(); } } } // get available permissions $availableUserPermissionsList = new User_Permission_Definition_List(); $availableUserPermissions = $availableUserPermissionsList->load(); $this->_helper->json(array("success" => true, "role" => $role, "permissions" => $role->generatePermissionList(), "availablePermissions" => $availableUserPermissions)); }