public function getListResponse(KalturaFilterPager $pager, KalturaDetachedResponseProfile $responseProfile = null)
{
$permissionFilter = $this->toObject();
$c = new Criteria();
$permissionFilter->attachToCriteria($c);
$count = PermissionPeer::doCount($c);
$pager->attachToCriteria($c);
$list = PermissionPeer::doSelect($c);
$response = new KalturaPermissionListResponse();
$response->objects = KalturaPermissionArray::fromDbArray($list, $responseProfile);
$response->totalCount = $count;
return $response;
}
/**
* Retrieve multiple objects by pkey.
*
* @param array $pks List of primary keys
* @param PropelPDO $con the connection to use
* @throws PropelException Any exceptions caught during processing will be
* rethrown wrapped into a PropelException.
*/
public static function retrieveByPKs($pks, PropelPDO $con = null)
{
$objs = null;
if (empty($pks)) {
$objs = array();
} else {
$criteria = new Criteria(PermissionPeer::DATABASE_NAME);
$criteria->add(PermissionPeer::ID, $pks, Criteria::IN);
$objs = PermissionPeer::doSelect($criteria, $con);
}
return $objs;
}
public static function copyPermissions(Partner $fromPartner, Partner $toPartner)
{
KalturaLog::log('Copying permissions from partner [' . $fromPartner->getId() . '] to partner [' . $toPartner->getId() . ']');
PermissionPeer::setUseCriteriaFilter(false);
$c = new Criteria();
$c->addAnd(PermissionPeer::PARTNER_ID, $fromPartner->getId(), Criteria::EQUAL);
$c->addDescendingOrderByColumn(PermissionPeer::CREATED_AT);
$permissions = PermissionPeer::doSelect($c);
PermissionPeer::setUseCriteriaFilter(true);
foreach ($permissions as $permission) {
$newPermission = $permission->copyToPartner($toPartner->getId());
$newPermission->save();
}
}
/**
* Description : List the permissions's room
*
* @param String roomId : Room id
* @return : Collection of permission
*/
public function listPermissions($roomId)
{
try {
$criteria = new Criteria();
$criteria->add(PermissionPeer::ROOM_ID, $roomId);
return PermissionPeer::doSelect($criteria);
} catch (Exception $e) {
return array();
}
}
<?php
$dir = __DIR__ . '/permissions';
chdir(__DIR__ . '/../');
require_once __DIR__ . '/../bootstrap.php';
if (!file_exists($dir)) {
mkdir($dir, 0750);
}
$criteria = new Criteria();
$criteria->add(PermissionPeer::PARTNER_ID, array(0, -1, -2, -3), Criteria::IN);
$criteria->add(PermissionPeer::STATUS, PermissionStatus::ACTIVE);
$criteria->addAscendingOrderByColumn(PermissionPeer::NAME);
$permissions = PermissionPeer::doSelect($criteria);
KalturaLog::debug("Found [" . count($permissions) . "] permissions");
$files = array();
$permissionArray = array();
foreach ($permissions as $index => $permission) {
/* @var $permission Permission */
$partnerId = $permission->getPartnerId();
$type = $permission->getType();
$name = $permission->getName();
$friendlyName = $permission->getFriendlyName();
$description = $permission->getDescription();
$dependsOnPermissionNames = $permission->getDependsOnPermissionNames();
$tags = $permission->getTags();
$partnerGroup = $permission->getPartnerGroup();
$permissionArray[$permission->getId()] = $permission;
if (!isset($files[$partnerId])) {
$files[$partnerId] = fopen("{$dir}/partner.{$partnerId}.ini", 'w');
fputs($files[$partnerId], "[permissions]\n");
}
/**
* Lists permission objects that are associated with an account.
* Blocked permissions are listed unless you use a filter to exclude them.
* Blocked permissions are listed unless you use a filter to exclude them.
*
* @action list
* @param KalturaPermissionFilter $filter A filter used to exclude specific types of permissions
* @param KalturaFilterPager $pager A limit for the number of records to display on a page
* @return KalturaPermissionListResponse The list of permission objects
*/
public function listAction(KalturaPermissionFilter $filter = null, KalturaFilterPager $pager = null)
{
if (!$filter) {
$filter = new KalturaPermissionFilter();
}
$permissionFilter = $filter->toObject();
$c = new Criteria();
$permissionFilter->attachToCriteria($c);
$count = PermissionPeer::doCount($c);
if (!$pager) {
$pager = new KalturaFilterPager();
}
$pager->attachToCriteria($c);
$list = PermissionPeer::doSelect($c);
$response = new KalturaPermissionListResponse();
$response->objects = KalturaPermissionArray::fromDbArray($list);
$response->totalCount = $count;
return $response;
}
/**
* If this collection has already been initialized with
* an identical criteria, it returns the collection.
* Otherwise if this Room has previously
* been saved, it will retrieve related Permissions from storage.
* If this Room is new, it will return
* an empty collection or the current collection, the criteria
* is ignored on a new object.
*
* @param Connection $con
* @param Criteria $criteria
* @throws PropelException
*/
public function getPermissions($criteria = null, $con = null)
{
// include the Peer class
include_once 'src/model/whiteboard/om/BasePermissionPeer.php';
if ($criteria === null) {
$criteria = new Criteria();
} elseif ($criteria instanceof Criteria) {
$criteria = clone $criteria;
}
if ($this->collPermissions === null) {
if ($this->isNew()) {
$this->collPermissions = array();
} else {
$criteria->add(PermissionPeer::ROOM_ID, $this->getRoomId());
PermissionPeer::addSelectColumns($criteria);
$this->collPermissions = PermissionPeer::doSelect($criteria, $con);
}
} else {
// criteria has no effect for a new object
if (!$this->isNew()) {
// the following code is to determine if a new query is
// called for. If the criteria is the same as the last
// one, just return the collection.
$criteria->add(PermissionPeer::ROOM_ID, $this->getRoomId());
PermissionPeer::addSelectColumns($criteria);
if (!isset($this->lastPermissionCriteria) || !$this->lastPermissionCriteria->equals($criteria)) {
$this->collPermissions = PermissionPeer::doSelect($criteria, $con);
}
}
}
$this->lastPermissionCriteria = $criteria;
return $this->collPermissions;
}
{
parent::__construct(DrmAccessControlActionType::DRM_POLICY);
}
public function getPolicyId()
{
return $this->policyId;
}
public function setPolicyId($policyId)
{
$this->policyId = $policyId;
}
}
$permCrit = new Criteria();
$permCrit->add(PermissionPeer::NAME, 'PLAYREADY_PLUGIN_PERMISSION', Criteria::EQUAL);
$permCrit->addAnd(PermissionPeer::STATUS, 1, Criteria::EQUAL);
$permissions = PermissionPeer::doSelect($permCrit);
$partners = array();
foreach ($permissions as $perm) {
$partners[] = $perm->getPartnerId();
}
KalturaLog::debug("Partners are '" . print_r($partners, true) . "'");
$c = new Criteria();
$c->add(accessControlPeer::PARTNER_ID, $partners, Criteria::IN);
$c->addAnd(accessControlPeer::RULES, '%kAccessControlPlayReadyPolicyAction%', Criteria::LIKE);
$acs = accessControlPeer::doSelect($c);
foreach ($acs as $ac) {
KalturaLog::debug("checking access control '" . $ac->getId() . "'");
$rules = $ac->getRulesArray();
foreach ($rules as $rule) {
$actions = $rule->getActions();
$j = 0;
/**
* Retrieve partner level permissions
*
* @param int $partnerId
* @param PropelPDO $con the connection to use
* @return array<Permission>
*/
public static function retrievePartnerLevelPermissions($partnerId, PropelPDO $con = null)
{
$criteria = new Criteria();
$criteria->add(PermissionPeer::PARTNER_ID, $partnerId);
$criteria->add(PermissionPeer::STATUS, PermissionStatus::ACTIVE);
$criteria->add(PermissionPeer::TYPE, array(PermissionType::PLUGIN, PermissionType::SPECIAL_FEATURE), Criteria::IN);
return PermissionPeer::doSelect($criteria, $con);
}
/**
* Init permission items map from DB for the given role
* @param UserRole $dbRole
*/
private static function getPermissionsFromDb($dbRole)
{
$map = self::initEmptyMap();
// get all permission object names from role record
if ($dbRole) {
$tmpPermissionNames = $dbRole->getPermissionNames(true);
$tmpPermissionNames = array_map('trim', explode(',', $tmpPermissionNames));
} else {
$tmpPermissionNames = array();
}
// add always allowed permissions
if (self::$operatingPartner) {
$alwaysAllowed = self::$operatingPartner->getAlwaysAllowedPermissionNames();
$alwaysAllowed = array_map('trim', explode(',', $alwaysAllowed));
} else {
$alwaysAllowed = array(PermissionName::ALWAYS_ALLOWED_ACTIONS);
}
$tmpPermissionNames = array_merge($tmpPermissionNames, $alwaysAllowed);
// if the request sent from the internal server set additional permission allowing access without KS
// from internal servers
if (kIpAddressUtils::isInternalIp()) {
KalturaLog::debug('IP in range, adding ALWAYS_ALLOWED_FROM_INTERNAL_IP_ACTIONS permission');
$alwaysAllowedInternal = array(PermissionName::ALWAYS_ALLOWED_FROM_INTERNAL_IP_ACTIONS);
$tmpPermissionNames = array_merge($tmpPermissionNames, $alwaysAllowedInternal);
}
$permissionNames = array();
foreach ($tmpPermissionNames as $name) {
$permissionNames[$name] = $name;
}
$map[self::PERMISSION_NAMES_ARRAY] = $permissionNames;
// get mapping of permissions to permission items
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionNames, Criteria::IN);
$c->addAnd(PermissionPeer::PARTNER_ID, array(strval(PartnerPeer::GLOBAL_PARTNER), strval(self::$operatingPartnerId)), Criteria::IN);
$c->addAnd(PermissionItemPeer::PARTNER_ID, array(strval(PartnerPeer::GLOBAL_PARTNER), strval(self::$operatingPartnerId)), Criteria::IN);
$lookups = PermissionToPermissionItemPeer::doSelectJoinAll($c);
foreach ($lookups as $lookup) {
$item = $lookup->getPermissionItem();
$permission = $lookup->getPermission();
if (!$item) {
KalturaLog::err('PermissionToPermissionItem id [' . $lookup->getId() . '] is defined with PermissionItem id [' . $lookup->getPermissionItemId() . '] which does not exists!');
continue;
}
if (!$permission) {
KalturaLog::err('PermissionToPermissionItem id [' . $lookup->getId() . '] is defined with Permission name [' . $lookup->getPermissionName() . '] which does not exists!');
continue;
}
// organize permission items in local arrays
$type = $item->getType();
if ($type == PermissionItemType::API_ACTION_ITEM) {
self::addApiAction($map, $item);
} else {
if ($type == PermissionItemType::API_PARAMETER_ITEM) {
self::addApiParameter($map, $item);
}
}
}
// set partner group permission
$c = new Criteria();
$c->addAnd(PermissionPeer::PARTNER_ID, self::$operatingPartnerId, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::PARTNER_GROUP, Criteria::EQUAL);
$partnerGroupPermissions = PermissionPeer::doSelect($c);
foreach ($partnerGroupPermissions as $pgPerm) {
self::addPartnerGroupAction($map, $pgPerm);
}
return $map;
}
public function testGetAction()
{
$this->startSession(KalturaSessionType::ADMIN, $this->getDbPartner()->getAdminUserId());
// get a partner 0 role and compare to DB record
$c = new Criteria();
$c->addAnd(UserRolePeer::PARTNER_ID, PartnerPeer::GLOBAL_PARTNER, Criteria::EQUAL);
$partner0Roles = UserRolePeer::doSelect($c);
for ($i = 1; $i < 4; $i++) {
$randId = rand(0, count($partner0Roles) - 1);
$getRole = $this->client->userRole->get($partner0Roles[$randId]->getId());
$this->assertType('KalturaUserRole', $getRole);
$this->assertEquals(PartnerPeer::GLOBAL_PARTNER, $getRole->partnerId);
$this->assertEquals($partner0Roles[$randId]->getId(), $getRole->id);
$this->assertEquals($partner0Roles[$randId]->getName(), $getRole->name);
$this->assertEquals($partner0Roles[$randId]->getDescription(), $getRole->description);
$this->assertEquals($partner0Roles[$randId]->getPartnerId(), $getRole->partnerId);
$this->assertEquals($partner0Roles[$randId]->getPermissionNames(), $getRole->permissionNames);
$this->assertNotNull($getRole->createdAt);
$this->assertNotNull($getRole->updatedAt);
}
// get current partner's role and compare to DB record
$c = new Criteria();
$c->addAnd(UserRolePeer::PARTNER_ID, self::TEST_PARTNER_ID, Criteria::EQUAL);
$partnerRoles = UserRolePeer::doSelect($c);
for ($i = 1; $i < 4; $i++) {
$randId = rand(0, count($partner0Roles) - 1);
$getRole = $this->client->userRole->get($partnerRoles[$randId]->getId());
$this->assertType('KalturaUserRole', $getRole);
$this->assertEquals(self::TEST_PARTNER_ID, $getRole->partnerId);
$this->assertEquals($partnerRoles[$randId]->getId(), $getRole->id);
$this->assertEquals($partnerRoles[$randId]->getName(), $getRole->name);
$this->assertEquals($partnerRoles[$randId]->getDescription(), $getRole->description);
$this->assertEquals($partnerRoles[$randId]->getPartnerId(), $getRole->partnerId);
$this->assertEquals($partnerRoles[$randId]->getPermissionNames(), $getRole->permissionNames);
$this->assertNotNull($getRole->createdAt);
}
// failure to get another partner's role (not partner 0)
$c = new Criteria();
$c->addAnd(UserRolePeer::PARTNER_ID, array(self::TEST_PARTNER_ID, PartnerPeer::GLOBAL_PARTNER), Criteria::NOT_IN);
$otherPartnerRoles = UserRolePeer::doSelect($c);
for ($i = 1; $i < 4; $i++) {
$randId = rand(0, count($partner0Roles) - 1);
$exceptionThrown = false;
try {
$this->client->userRole->get($otherPartnerRoles[$randId]->getId());
} catch (Exception $e) {
$exceptionThrown = $e;
}
$this->checkException($exceptionThrown, 'INVALID_OBJECT_ID');
}
// add role with permission names = * and verify that all relevant permissions are returned
$newRole = new KalturaUserRole();
$newRole->name = 'Test role with ';
$newRole->permissionNames = UserRole::ALL_PARTNER_PERMISSIONS_WILDCARD;
$addedRole = $this->addRoleWrap($newRole);
$getRole = $this->client->userRole->get($addedRole->id);
$this->assertEquals($addedRole->permissionNames, $getRole->permissionNames);
$c = new Criteria();
$c->addAnd(PermissionPeer::PARTNER_ID, array(self::TEST_PARTNER_ID, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
$c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
$c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL);
$allPartnerPermissions = PermissionPeer::doSelect($c);
$returnedPermissions = explode(',', trim($getRole->permissionNames, ','));
$this->assertEquals(count($allPartnerPermissions), count($returnedPermissions));
foreach ($allPartnerPermissions as $permission) {
$this->assertTrue(in_array($permission->getName(), $returnedPermissions));
}
}
private function getRightInstance()
{
if (!is_array($this->rights)) {
$credentials = $this->listCredentials();
$c = new Criteria();
$c->addJoin(RolePeer::ID, RolePermissionPeer::ROLE_ID, Criteria::LEFT_JOIN);
$c->addJoin(RolePermissionPeer::PERMISSION_ID, PermissionPeer::ID, Criteria::LEFT_JOIN);
$c->add(RolePeer::TITLE, $credentials, Criteria::IN);
$c->addGroupByColumn(PermissionPeer::ID);
$permissions = PermissionPeer::doSelect($c);
$this->rights = array();
foreach ($permissions as $permission) {
$this->rights[] = $permission->getCode();
}
}
return $this->rights;
}
KalturaStatement::setDryRun($dryRun);
$c = new Criteria();
$c->add(PermissionPeer::NAME, 'dropFolder.CONTENT_INGEST_DROP_FOLDER_MATCH', Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::SPECIAL_FEATURE, Criteria::EQUAL);
$c->addAnd(PermissionPeer::PARTNER_ID, 0, Criteria::NOT_EQUAL);
$c->setLimit($countLimitEachLoop);
$permissions = PermissionPeer::doSelect($c, $con);
while (count($permissions)) {
foreach ($permissions as $permission) {
$permission->setName('CONTENT_INGEST_DROP_FOLDER_MATCH');
$permission->setDependsOnPermissionNames('DROPFOLDER_PLUGIN_PERMISSION');
$permission->save();
}
$c->setOffset($offset);
PermissionPeer::clearInstancePool();
$permissions = PermissionPeer::doSelect($c, $con);
$offset += $countLimitEachLoop;
sleep(1);
}
$c = new Criteria();
$c->add(UserRolePeer::PERMISSION_NAMES, "%dropFolder.CONTENT_INGEST_DROP_FOLDER_MATCH%", Criteria::LIKE);
$c->setLimit($countLimitEachLoop);
$userRoles = UserRolePeer::doSelect($c, $con);
while (count($userRoles)) {
foreach ($userRoles as $userRole) {
$partnerId = $userRole->getPartnerId();
PermissionPeer::setUseCriteriaFilter(false);
$permission = PermissionPeer::getByNameAndPartner('CONTENT_INGEST_DROP_FOLDER_MATCH', array($partnerId));
PermissionPeer::setUseCriteriaFilter(true);
if (!$permission) {
$permission = new Permission();
public static function filterDependenciesByNames($permissionNames, $partnerId)
{
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, explode(',', $permissionNames), Criteria::IN);
$c->addAnd(PermissionPeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
PermissionPeer::setUseCriteriaFilter(false);
$permissionObjects = PermissionPeer::doSelect($c);
PermissionPeer::setUseCriteriaFilter(true);
$permissionObjects = PermissionPeer::filterDependencies($permissionObjects, $partnerId);
$permissionNames = array();
foreach ($permissionObjects as $object) {
$permissionNames[] = $object->getName();
}
$permissionNames = implode(',', $permissionNames);
return $permissionNames;
}
/**
* Retrieve object using using composite pkey values.
* @param int $user_id
@param int $room_id
* @param Connection $con
* @return Permission
*/
public static function retrieveByPK($user_id, $room_id, $con = null)
{
if ($con === null) {
$con = Propel::getConnection(self::DATABASE_NAME);
}
$criteria = new Criteria();
$criteria->add(PermissionPeer::USER_ID, $user_id);
$criteria->add(PermissionPeer::ROOM_ID, $room_id);
$v = PermissionPeer::doSelect($criteria, $con);
return !empty($v) ? $v[0] : null;
}
