public static function from_idmobject()
{
$perm = new Permissions();
$grant = array();
if (\IDMObject::authZ('role', 'tcert')) {
$grant[] = 'tcert';
}
if (\IDMObject::authz('permission', 'tcert_admin')) {
$grant[] = 'admin';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_ug')) {
$grant[] = 'gatesystem_ug';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_gr')) {
$grant[] = 'gatesystem_gr';
}
if (\IDMObject::authz('permission', 'mis')) {
$grant[] = 'superadmin';
}
if (\IDMObject::authz('role', 'faculty')) {
$grant[] = 'faculty';
}
$perm->grant($grant);
$perm->pidm = $_SESSION['pidm'];
return $perm;
}
function __construct()
{
parent::__construct();
// general template vars
$this->assign('title', 'Analysis and Provisioning Engine');
$this->assign('icon', $GLOBALS['ape']->icons);
$this->template_dir = $GLOBALS['BASE_DIR'] . '/templates';
// custom template functions
$this->register_function('ape_bool', array($this, 'ape_bool'));
$this->assign('username', $_SESSION['username']);
$this->assign('ape', $GLOBALS['ape']);
$this->assign('myuser', $GLOBALS['myuser']);
$this->assign('infodesk', APEAuthZ::infodesk());
// get svn dataz for this application
$this->assign('svninfo', PSU::get_svn_info());
$this->xhtml = false;
$this->load_authz();
/*** set up navigation links ***/
$links = array('nav-home' => $this->createLink('Home', $GLOBALS['BASE_URL'] . '/', 'nav-icon nav-home', 'home'), 'nav-identity' => $this->createLink('Identity/Access', $GLOBALS['BASE_URL'] . '/user/' . $_SESSION['ape_identifier'], 'nav-identity', 'person'));
if (APEAuthZ::advancement()) {
$links['nav-advancement'] = $this->createLink('Advancement', $GLOBALS['BASE_URL'] . '/user/advancement/' . $_SESSION['ape_identifier'], 'nav-advancement', 'advancement');
$this->assign('advancement_link', true);
}
//end if
if (APEAuthZ::hr()) {
$links['nav-hr'] = $this->createLink('HR', '#', 'nav-advancement', 'hr');
$this->assign('hr_link', true);
}
//end if
if (APEAuthZ::family()) {
$links['nav-family'] = $this->createLink('Family', $GLOBALS['BASE_URL'] . '/user/family/' . $_SESSION['ape_identifier'], 'nav-family', 'family');
$this->assign('family_link', true);
}
//end if
if (APEAuthZ::student()) {
$links['nav-student'] = $this->createLink('Student', $GLOBALS['BASE_URL'] . '/user/student/' . $_SESSION['ape_identifier'], 'nav-student', 'student');
$this->assign('student_link', true);
}
//end if
if ($_SESSION['AUTHZ']['admin']) {
$links['nav-identity']['children'][] = $this->createLink('Access Management', $GLOBALS['BASE_URL'] . '/authz.html', 'nav-access', 'access');
}
if (IDMObject::authZ('permission', 'ape_mailing')) {
$links['nav-identity']['children'][] = $this->createLink('Mailing Lists', $GLOBALS['BASE_URL'] . '/lists/', 'nav-mailing', 'mail');
}
if (IDMObject::authZ('oracle', 'reporting_security')) {
$links['nav-identity']['children'][] = $this->createLink('Banner Security', $GLOBALS['BASE_URL'] . '/banner/', 'nav-banner', 'banner-security');
}
if ($GLOBALS['ape']->canResetPassword()) {
$links['nav-identity']['children'][] = $this->createLink('Password Test', $GLOBALS['BASE_URL'] . '/password-test.html', 'nav-pass', 'password');
$links['nav-identity']['children'][] = $this->createLink('Locked (' . $GLOBALS['ape']->locks_count() . ')', $GLOBALS['BASE_URL'] . '/locks.html', 'nav-locked', 'lock');
}
//end if
$links['nav-identity']['children'][] = $this->createLink('Creation (' . $GLOBALS['ape']->pending_accounts_count() . ')', $GLOBALS['BASE_URL'] . '/pending.html', 'nav-pend-create', 'pending-creation');
$links['nav-identity']['children'][] = $this->createLink('Deletion (' . $GLOBALS['ape']->pending_deletion_count() . ')', $GLOBALS['BASE_URL'] . '/deletion.html', 'nav-pend-delete', 'pending-deletion');
if (IDMObject::authz('permission', 'mis')) {
$links['nav-identity']['children'][] = $this->createLink('Provision/Deprovision Docs', 'https://docs.google.com/Doc?docid=0AcDtIeWVN6nGYWNmZ3dxamRqOW5jXzE0N2dndHBqNmZn&hl=en', 'nav-identity', 'identity');
}
//end if
if (APEAuthZ::hr()) {
$links['nav-hr']['children'][] = $this->createLink('Employee Clearance', $GLOBALS['BASE_URL'] . '/checklist-admin.html', 'nav-advancement', 'identity');
}
//end if
// if there are only 2 root links, replace root link #2 with its children
if (count($links) == 2) {
$parent_link = array_pop($links);
$links = array_merge($links, $parent_link['children']);
}
//end if
$this->assign('nav_links', $links);
}
/**
* returns whether or not the current user can view hr data
*/
public static function hr()
{
return IDMObject::authz('permission', 'mis') || IDMObject::authZ('permission', 'ape_checklist_employee_exit_hr');
}