Пример #1
0
 /**
  * Answer true if the authorization is an implicit view AZ cascading up from
  * a descendent and should hence be ignored when determining roles.
  * 
  * @param object Authorization $az
  * @return boolean
  * @access protected
  * @since 7/11/08
  */
 protected function isCascadingUpView(Authorization $az)
 {
     // We are only interested in implicit AZs
     if ($az->isExplicit()) {
         return false;
     }
     // Return false if not a view AZ
     $authZ = Services::getService("AuthZ");
     $idMgr = Services::getService("Id");
     $viewId = $idMgr->getId('edu.middlebury.authorization.view');
     if (!$az->getFunction()->getId()->isEqual($viewId)) {
         return false;
     }
     // Load a list of descendents
     $qualifierId = $az->getQualifier()->getId();
     if (!isset($this->descendentIds)) {
         $this->descendentIds = array();
     }
     if (!isset($this->descendentIds[$qualifierId->getIdString()])) {
         $descendents = array();
         $descendents = $authZ->getQualifierDescendants($qualifierId);
         $descendentIds = array();
         while ($descendents->hasNext()) {
             $descendentIds[] = $descendents->next()->getId();
         }
         $this->descendentIds[$qualifierId->getIdString()] = $descendentIds;
     }
     // Check the explicit AZ's qualifier against our list of descendents.
     $explicitAZ = $az->getExplicitAZ();
     $explicitQualifierId = $explicitAZ->getQualifier()->getId();
     foreach ($this->descendentIds[$qualifierId->getIdString()] as $id) {
         if ($id->isEqual($explicitQualifierId)) {
             return true;
         }
     }
     return false;
 }
Пример #2
0
 /**
  * Given an implicit returns the matching explicit user Authorizations.
  * Explicit Authorizations can be modified.	 A null argument will be
  * treated as a wildcard.
  * 
  * @param object Authorization $implicitAuthorization
  *	
  * @return object AuthorizationIterator
  * 
  * @throws object AuthorizationException An exception with
  *		   one of the following messages defined in
  *		   org.osid.authorization.AuthorizationException may be thrown:
  *		   {@link
  *		   org.osid.authorization.AuthorizationException#OPERATION_FAILED
  *		   OPERATION_FAILED}, {@link
  *		   org.osid.authorization.AuthorizationException#PERMISSION_DENIED
  *		   PERMISSION_DENIED}, {@link
  *		   org.osid.authorization.AuthorizationException#CONFIGURATION_ERROR
  *		   CONFIGURATION_ERROR}, {@link
  *		   org.osid.authorization.AuthorizationException#UNIMPLEMENTED
  *		   UNIMPLEMENTED}, {@link
  *		   org.osid.authorization.AuthorizationException#NULL_ARGUMENT
  *		   NULL_ARGUMENT}, {@link
  *		   org.osid.authorization.AuthorizationException#UNKNOWN_ID
  *		   UNKNOWN_ID}, {@link
  *		   org.osid.authorization.AuthorizationException#UNKNOWN_TYPE
  *		   UNKNOWN_TYPE}
  * 
  * @access public
  */
 function getExplicitUserAZsForImplicitAZ(Authorization $implicitAuthorization)
 {
     if ($implicitAuthorization->isExplicit()) {
         // "The Authorization must be implicit."
         throwError(new Error(AuthorizationExeption::OPERATION_FAILED(), "AuthorizationManager", true));
     }
     $agentId = $implicitAuthorization->getAgentId();
     $function = $implicitAuthorization->getFunction();
     $functionId = $function->getId();
     $qualifier = $implicitAuthorization->getQualifier();
     $qualifierId = $qualifier->getId();
     $authorizations = $this->_cache->getAZs($agentId->getIdString(), $functionId->getIdString(), $qualifierId->getIdString(), null, true, true, $implicitAuthorization->isActiveNow(), $this->_getContainingGroupIdStrings($agentId));
     // isActiveNow
     // Make sure that we are only returning explicit AZs for implicit
     // AZs, not other explicit AZs at this node. This means, only return
     // AZs where the agentId or the qualifier Id are different from those
     // of the implicit AZ
     $explicitForImplicit = array();
     foreach (array_keys($authorizations) as $key) {
         $az = $authorizations[$key];
         $aId = $az->getAgentId();
         $q = $az->getQualifier();
         $qId = $q->getId();
         if ($agentId->isEqual($aId) && $qualifierId->isEqual($qId)) {
             continue;
         } else {
             $explicitForImplicit[] = $az;
         }
     }
     $i = new HarmoniAuthorizationIterator($explicitForImplicit);
     return $i;
 }
Пример #3
0
 /**
  * Create an implicit AZ at a nodeId for an explicit AZ.
  * 
  * @param object Authorization $explicitAZ
  * @param object Id $nodeId
  * @return void
  * @access protected
  * @since 4/21/08
  */
 protected function createImplicitAZ(Authorization $explicitAZ, Id $nodeId)
 {
     if (isset($this->harmoni_db)) {
         if (!isset($this->createImplicitAZ_stmt)) {
             $query = $this->harmoni_db->insert();
             $query->setTable("az2_implicit_az");
             $query->addRawValue("fk_explicit_az", "?");
             $query->addRawValue("fk_agent", "?");
             $query->addRawValue("fk_function", "?");
             $query->addRawValue("fk_qualifier", "?");
             $query->addRawValue("effective_date", "?");
             $query->addRawValue("expiration_date", "?");
             $this->createImplicitAZ_stmt = $query->prepare();
         }
         $this->createImplicitAZ_stmt->bindValue(1, $explicitAZ->getIdString());
         $this->createImplicitAZ_stmt->bindValue(2, $explicitAZ->getAgentId()->getIdString());
         $this->createImplicitAZ_stmt->bindValue(3, $explicitAZ->getFunction()->getId()->getIdString());
         $this->createImplicitAZ_stmt->bindValue(4, $nodeId->getIdString());
         $effectiveDate = $explicitAZ->getEffectiveDate();
         if (is_null($effectiveDate)) {
             $this->createImplicitAZ_stmt->bindValue(5, null);
         } else {
             $this->createImplicitAZ_stmt->bindValue(5, $effectiveDate->asString());
         }
         $expirationDate = $explicitAZ->getExpirationDate();
         if (is_null($expirationDate)) {
             $this->createImplicitAZ_stmt->bindValue(6, null);
         } else {
             $this->createImplicitAZ_stmt->bindValue(6, $expirationDate->asString());
         }
         try {
             $this->createImplicitAZ_stmt->execute();
         } catch (Exception $e) {
             printpre($e->getMessage());
             printpre("fk_explicit_az => " . $explicitAZ->getIdString() . "\nfk_agent => " . $explicitAZ->getAgentId()->getIdString() . "\nfk_function => " . $explicitAZ->getFunction()->getId()->getIdString() . "\nfk_qualifier => " . $explicitAZ->getAgentId()->getIdString());
             printpre(__LINE__);
             exit;
         }
     } else {
         // now insert into database
         $dbHandler = Services::getService("DatabaseManager");
         $query = new InsertQuery();
         $query->setTable("az2_implicit_az");
         $query->addValue("fk_explicit_az", $explicitAZ->getIdString());
         $query->addValue("fk_agent", $explicitAZ->getAgentId()->getIdString());
         $query->addValue("fk_function", $explicitAZ->getFunction()->getId()->getIdString());
         $query->addValue("fk_qualifier", $nodeId->getIdString());
         $effectiveDate = $explicitAZ->getEffectiveDate();
         if (is_null($effectiveDate)) {
             $query->addRawValue("effective_date", "NULL");
         } else {
             $query->addValue("effective_date", $effectiveDate->asString());
         }
         $expirationDate = $explicitAZ->getExpirationDate();
         if (is_null($expirationDate)) {
             $query->addRawValue("expiration_date", "NULL");
         } else {
             $query->addValue("expiration_date", $expirationDate->asString());
         }
         $dbHandler->query($query, $this->_dbIndex);
     }
 }