public static function remove($owner, $object, $perm)
{
if (!is_object($perm)) {
$found = Pluf_Permission::getFromString($perm);
if (false === $found) {
throw new Exception(sprintf('The permission %s does not exist.', $perm));
}
$perm = $found;
}
$growp = new Pluf_RowPermission();
$sql = new Pluf_SQL('owner_id=%s AND owner_class=%s AND model_id=%s AND model_class=%s AND permission=%s', array($owner->id, $owner->_a['model'], $object->id, $object->_a['model'], $perm->id));
$perms = $growp->getList(array('filter' => $sql->gen()));
foreach ($perms as $p) {
$p->delete();
}
return true;
}
/**
* Get all the permissions of a user.
*
* @param bool Force the reload of the list of permissions (false)
* @return array List of permissions
*/
function getAllPermissions($force = false)
{
if ($force == false and !is_null($this->_cache_perms)) {
return $this->_cache_perms;
}
$this->_cache_perms = array();
$perms = (array) $this->get_permissions_list();
$groups = $this->get_groups_list();
$ids = array();
foreach ($groups as $group) {
$ids[] = $group->id;
}
if (count($ids) > 0) {
$gperm = new Pluf_Permission();
$f_name = strtolower(Pluf::f('pluf_custom_group', 'Pluf_Group')) . '_id';
$perms = array_merge($perms, (array) $gperm->getList(array('filter' => $f_name . ' IN (' . join(', ', $ids) . ')', 'view' => 'join_group')));
}
foreach ($perms as $perm) {
if (!in_array($perm->application . '.' . $perm->code_name, $this->_cache_perms)) {
$this->_cache_perms[] = $perm->application . '.' . $perm->code_name;
}
}
if (Pluf::f('pluf_use_rowpermission', false) and $this->id) {
$growp = new Pluf_RowPermission();
$sql = new Pluf_SQL('owner_id=%s AND owner_class=%s', array($this->id, 'Pluf_User'));
if (count($ids) > 0) {
$sql2 = new Pluf_SQL('owner_id IN (' . join(', ', $ids) . ') AND owner_class=%s', array(Pluf::f('pluf_custom_group', 'Pluf_Group')));
$sql->SOr($sql2);
}
$perms = $growp->getList(array('filter' => $sql->gen(), 'view' => 'join_permission'));
foreach ($perms as $perm) {
$perm_string = $perm->application . '.' . $perm->code_name . '#' . $perm->model_class . '(' . $perm->model_id . ')';
if ($perm->negative) {
$perm_string = '!' . $perm_string;
}
if (!in_array($perm_string, $this->_cache_perms)) {
$this->_cache_perms[] = $perm_string;
}
}
}
return $this->_cache_perms;
}
/**
* Return membership data.
*
* The array has 3 keys: 'members', 'owners' and 'authorized'.
*
* The list of users is only taken using the row level permission
* table. That is, if you set a user as administrator, he will
* have the member and owner rights but will not appear in the
* lists.
*
* @param string Format ('objects'), 'string'.
* @return mixed Array of Pluf_User or newline separated list of logins.
*/
public function getMembershipData($fmt = 'objects')
{
$mperm = Pluf_Permission::getFromString('IDF.project-member');
$operm = Pluf_Permission::getFromString('IDF.project-owner');
$aperm = Pluf_Permission::getFromString('IDF.project-authorized-user');
$grow = new Pluf_RowPermission();
$db =& Pluf::db();
$false = Pluf_DB_BooleanToDb(false, $db);
$sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $operm->id));
$owners = new Pluf_Template_ContextVars(array());
foreach ($grow->getList(array('filter' => $sql->gen())) as $row) {
if ($fmt == 'objects') {
$owners[] = Pluf::factory('Pluf_User', $row->owner_id);
} else {
$owners[] = Pluf::factory('Pluf_User', $row->owner_id)->login;
}
}
$sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $mperm->id));
$members = new Pluf_Template_ContextVars(array());
foreach ($grow->getList(array('filter' => $sql->gen())) as $row) {
if ($fmt == 'objects') {
$members[] = Pluf::factory('Pluf_User', $row->owner_id);
} else {
$members[] = Pluf::factory('Pluf_User', $row->owner_id)->login;
}
}
$authorized = new Pluf_Template_ContextVars(array());
if ($aperm != false) {
$sql = new Pluf_SQL('model_class=%s AND model_id=%s AND owner_class=%s AND permission=%s AND negative=' . $false, array('IDF_Project', $this->id, 'Pluf_User', $aperm->id));
foreach ($grow->getList(array('filter' => $sql->gen())) as $row) {
if ($fmt == 'objects') {
$authorized[] = Pluf::factory('Pluf_User', $row->owner_id);
} else {
$authorized[] = Pluf::factory('Pluf_User', $row->owner_id)->login;
}
}
}
if ($fmt == 'objects') {
return new Pluf_Template_ContextVars(array('members' => $members, 'owners' => $owners, 'authorized' => $authorized));
} else {
return array('members' => implode("\n", (array) $members), 'owners' => implode("\n", (array) $owners), 'authorized' => implode("\n", (array) $authorized));
}
}
