public function save($commit = true) { if (!$this->isValid()) { throw new Exception(__('Cannot save the model from an invalid form.')); } // remove all the permissions $perm = Pluf_Permission::getFromString('IDF.project-authorized-user'); $cm = $this->project->getMembershipData(); $guser = new Pluf_User(); foreach ($cm['authorized'] as $user) { Pluf_RowPermission::remove($user, $this->project, $perm); } if ($this->cleaned_data['private_project']) { foreach (preg_split("/\r\n|\r|\n|\\,/", $this->cleaned_data['authorized_users'], -1, PREG_SPLIT_NO_EMPTY) as $login) { $sql = new Pluf_SQL('login=%s', array(trim($login))); $users = $guser->getList(array('filter' => $sql->gen())); if ($users->count() == 1) { Pluf_RowPermission::add($users[0], $this->project, $perm); } } $this->project->private = 1; } else { $this->project->private = 0; } $this->project->update(); $this->project->membershipsUpdated(); }
function IDF_Migrations_6PrivateProject_down($params = null) { $perm = Pluf_Permission::getFromString('IDF.project-authorized-user'); if ($perm) { $perm->delete(); } $table = Pluf::factory('IDF_Project')->getSqlTable(); $sql = array(); $sql['PostgreSQL'] = 'ALTER TABLE ' . $table . ' DROP COLUMN "private"'; $sql['MySQL'] = 'ALTER TABLE ' . $table . ' DROP COLUMN `private`'; $db = Pluf::db(); $engine = Pluf::f('db_engine'); if (!isset($sql[$engine])) { throw new Exception('SQLite complex migration not supported.'); } $db->execute($sql[$engine]); }
public static function remove($owner, $object, $perm) { if (!is_object($perm)) { $found = Pluf_Permission::getFromString($perm); if (false === $found) { throw new Exception(sprintf('The permission %s does not exist.', $perm)); } $perm = $found; } $growp = new Pluf_RowPermission(); $sql = new Pluf_SQL('owner_id=%s AND owner_class=%s AND model_id=%s AND model_class=%s AND permission=%s', array($owner->id, $owner->_a['model'], $object->id, $object->_a['model'], $perm->id)); $perms = $growp->getList(array('filter' => $sql->gen())); foreach ($perms as $p) { $p->delete(); } return true; }
function IDF_Migrations_Install_teardown($params = null) { $perm = Pluf_Permission::getFromString('IDF.project-member'); if ($perm) { $perm->delete(); } $perm = Pluf_Permission::getFromString('IDF.project-owner'); if ($perm) { $perm->delete(); } $perm = Pluf_Permission::getFromString('IDF.project-authorized-user'); if ($perm) { $perm->delete(); } $models = array('IDF_Gconf', 'IDF_Queue', 'IDF_Scm_Cache_Git', 'IDF_Key', 'IDF_Review_FileComment', 'IDF_Review_Comment', 'IDF_Review_Patch', 'IDF_Review', 'IDF_WikiRevision', 'IDF_WikiPage', 'IDF_Timeline', 'IDF_IssueFile', 'IDF_Search_Occ', 'IDF_Upload', 'IDF_Conf', 'IDF_IssueComment', 'IDF_Issue', 'IDF_Tag', 'IDF_Commit', 'IDF_Project'); $db = Pluf::db(); $schema = new Pluf_DB_Schema($db); foreach ($models as $model) { $schema->model = new $model(); $schema->dropTables(); } }
/** * The update of the memberships is done in different places. This * avoids duplicating code. * * @param IDF_Project The project * @param array The new memberships data in 'owners' and 'members' keys */ public static function updateMemberships($project, $cleaned_data) { // remove all the permissions $cm = $project->getMembershipData(); $def = array('owners' => Pluf_Permission::getFromString('IDF.project-owner'), 'members' => Pluf_Permission::getFromString('IDF.project-member')); $guser = new Pluf_User(); foreach ($def as $key => $perm) { foreach ($cm[$key] as $user) { Pluf_RowPermission::remove($user, $project, $perm); } foreach (preg_split("/\r\n|\r|\n|\\,/", $cleaned_data[$key], -1, PREG_SPLIT_NO_EMPTY) as $login) { $sql = new Pluf_SQL('login=%s', array(trim($login))); $users = $guser->getList(array('filter' => $sql->gen())); if ($users->count() == 1) { Pluf_RowPermission::add($users[0], $project, $perm); } } } }
/** * Returns a list of projects accessible for the user. * * @param Pluf_User * @return ArrayObject IDF_Project */ public static function getProjects($user) { $db =& Pluf::db(); $false = Pluf_DB_BooleanToDb(false, $db); if ($user->isAnonymous()) { $sql = sprintf('%s=%s', $db->qn('private'), $false); return Pluf::factory('IDF_Project')->getList(array('filter' => $sql, 'order' => 'shortname ASC')); } if ($user->administrator) { return Pluf::factory('IDF_Project')->getList(array('order' => 'shortname ASC')); } // grab the list of projects where the user is admin, member // or authorized $perms = array(Pluf_Permission::getFromString('IDF.project-member'), Pluf_Permission::getFromString('IDF.project-owner'), Pluf_Permission::getFromString('IDF.project-authorized-user')); $sql = new Pluf_SQL("model_class='IDF_Project' AND owner_class='Pluf_User' AND owner_id=%s AND negative=" . $false, $user->id); $rows = Pluf::factory('Pluf_RowPermission')->getList(array('filter' => $sql->gen())); $sql = sprintf('%s=%s', $db->qn('private'), $false); if ($rows->count() > 0) { $ids = array(); foreach ($rows as $row) { $ids[] = $row->model_id; } $sql .= sprintf(' OR id IN (%s)', implode(', ', $ids)); } return Pluf::factory('IDF_Project')->getList(array('filter' => $sql, 'order' => 'shortname ASC')); }
/** * Return membership data. * * The array has 3 keys: 'members', 'owners' and 'authorized'. * * The list of users is only taken using the row level permission * table. That is, if you set a user as administrator, he will * have the member and owner rights but will not appear in the * lists. * * @param string Format ('objects'), 'string'. * @return mixed Array of Pluf_User or newline separated list of logins. */ public function getMembershipData($fmt = 'objects') { $mperm = Pluf_Permission::getFromString('IDF.project-member'); $operm = Pluf_Permission::getFromString('IDF.project-owner'); $aperm = Pluf_Permission::getFromString('IDF.project-authorized-user'); $grow = new Pluf_RowPermission(); $db =& Pluf::db(); $false = Pluf_DB_BooleanToDb(false, $db); $sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $operm->id)); $owners = new Pluf_Template_ContextVars(array()); foreach ($grow->getList(array('filter' => $sql->gen())) as $row) { if ($fmt == 'objects') { $owners[] = Pluf::factory('Pluf_User', $row->owner_id); } else { $owners[] = Pluf::factory('Pluf_User', $row->owner_id)->login; } } $sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $mperm->id)); $members = new Pluf_Template_ContextVars(array()); foreach ($grow->getList(array('filter' => $sql->gen())) as $row) { if ($fmt == 'objects') { $members[] = Pluf::factory('Pluf_User', $row->owner_id); } else { $members[] = Pluf::factory('Pluf_User', $row->owner_id)->login; } } $authorized = new Pluf_Template_ContextVars(array()); if ($aperm != false) { $sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $aperm->id)); foreach ($grow->getList(array('filter' => $sql->gen())) as $row) { if ($fmt == 'objects') { $authorized[] = Pluf::factory('Pluf_User', $row->owner_id); } else { $authorized[] = Pluf::factory('Pluf_User', $row->owner_id)->login; } } } if ($fmt == 'objects') { return new Pluf_Template_ContextVars(array('members' => $members, 'owners' => $owners, 'authorized' => $authorized)); } else { return array('members' => implode("\n", (array) $members), 'owners' => implode("\n", (array) $owners), 'authorized' => implode("\n", (array) $authorized)); } }