/** * Returns a mapping of org_id => so_status, cascading everything down the * org tree. Only src_orgs with a DELETED status will be ignored here. * * @param int $src_id * @return array $org_ids */ public static function get_authz_status($src_id) { $conn = AIR2_DBManager::get_master_connection(); $org_status = array(); // calculate authz $sel = "select * from src_org where so_src_id = {$src_id}"; $srcorgs = $conn->fetchAll($sel); $sorted = Organization::sort_by_depth($srcorgs, 'so_org_id'); foreach ($sorted as $so) { // ignore deleted src_orgs $stat = $so['so_status']; if ($stat == SrcOrg::$STATUS_DELETED) { continue; } // apply status to self and all children $children = Organization::get_org_children($so['so_org_id']); foreach ($children as $oid) { $org_status[$oid] = $stat; } } return $org_status; }
/** * Returns array of related Organization org_ids that affect * the authorization of the SrcResponseSet. * * @param boolean $include_children * @return array $org_ids */ public function get_authz($include_children = true) { $org_ids = array(); foreach ($this->Inquiry->ProjectInquiry as $pinq) { foreach ($pinq->Project->ProjectOrg as $porg) { if ($include_children) { $children = Organization::get_org_children($porg->porg_org_id); foreach ($children as $org_id) { $org_ids[$org_id] = 1; } } else { $org_ids[$porg->porg_org_id] = 1; } } } return array_keys($org_ids); }
/** * Returns array of related Organization org_ids that affect * the authorization of the Project. * * @return array $org_ids */ public function get_authz() { $org_ids = array(); foreach ($this->ProjectOrg as $porg) { $children = Organization::get_org_children($porg->porg_org_id); foreach ($children as $org_id) { $org_ids[$org_id] = 1; } } return array_keys($org_ids); }
/** * Get authorization object for this User. * array(org_id => bitmask-role) * * This represents the Organization Asset authz. That is, explicit roles * cascade both up and down the Org tree. Explicit roles will always * override implicit ones. * * @return array */ public function get_authz() { if ($this->authz) { return $this->authz; } // reset $this->authz = array(); $this->authz_up = array(); // sort orgs, and calculate authz $sorted = Organization::sort_by_depth($this->UserOrg, 'uo_org_id'); foreach ($sorted as $uo) { if ($uo->uo_status == UserOrg::$STATUS_ACTIVE) { $children = Organization::get_org_children($uo->uo_org_id); $bitmask = $uo->AdminRole->get_bitmask(); foreach ($children as $org_id) { $this->authz[$org_id] = $bitmask; $this->authz_up[$org_id] = $bitmask; } // get upwards-authz $parents = Organization::get_org_parents($uo->uo_org_id); foreach ($parents as $org_id) { $curr = isset($this->authz_up[$org_id]) ? $this->authz_up[$org_id] : 0; $this->authz_up[$org_id] = max(array($bitmask, $curr)); } } } return $this->authz; }