public function save($commit = true)
{
if (!$this->isValid()) {
throw new Exception(__('Cannot save the model from an invalid form.'));
}
// remove all the permissions
$perm = Pluf_Permission::getFromString('IDF.project-authorized-user');
$cm = $this->project->getMembershipData();
$guser = new Pluf_User();
foreach ($cm['authorized'] as $user) {
Pluf_RowPermission::remove($user, $this->project, $perm);
}
if ($this->cleaned_data['private_project']) {
foreach (preg_split("/\r\n|\r|\n|\\,/", $this->cleaned_data['authorized_users'], -1, PREG_SPLIT_NO_EMPTY) as $login) {
$sql = new Pluf_SQL('login=%s', array(trim($login)));
$users = $guser->getList(array('filter' => $sql->gen()));
if ($users->count() == 1) {
Pluf_RowPermission::add($users[0], $this->project, $perm);
}
}
$this->project->private = 1;
} else {
$this->project->private = 0;
}
$this->project->update();
$this->project->membershipsUpdated();
}
public static function add($owner, $object, $perm, $negative = false)
{
if (!is_object($perm)) {
// Find matching permission
$found = Pluf_Permission::getFromString($perm);
if (false === $found) {
throw new Exception(sprintf('The permission %s does not exist.', $perm));
}
$perm = $found;
}
Pluf_RowPermission::remove($owner, $object, $perm);
$nperm = new Pluf_RowPermission();
$nperm->owner_id = $owner->id;
$nperm->owner_class = $owner->_a['model'];
$nperm->model_id = $object->id;
$nperm->model_class = $object->_a['model'];
$nperm->permission = $perm;
$nperm->negative = $negative;
$nperm->create();
return true;
}
/**
* The update of the memberships is done in different places. This
* avoids duplicating code.
*
* @param IDF_Project The project
* @param array The new memberships data in 'owners' and 'members' keys
*/
public static function updateMemberships($project, $cleaned_data)
{
// remove all the permissions
$cm = $project->getMembershipData();
$def = array('owners' => Pluf_Permission::getFromString('IDF.project-owner'), 'members' => Pluf_Permission::getFromString('IDF.project-member'));
$guser = new Pluf_User();
foreach ($def as $key => $perm) {
foreach ($cm[$key] as $user) {
Pluf_RowPermission::remove($user, $project, $perm);
}
foreach (preg_split("/\r\n|\r|\n|\\,/", $cleaned_data[$key], -1, PREG_SPLIT_NO_EMPTY) as $login) {
$sql = new Pluf_SQL('login=%s', array(trim($login)));
$users = $guser->getList(array('filter' => $sql->gen()));
if ($users->count() == 1) {
Pluf_RowPermission::add($users[0], $project, $perm);
}
}
}
}
public function testRowPermission()
{
$user = new Pluf_User(1);
$group = new Pluf_Group();
$group->name = 'testRowPermission';
$group->description = 'testRowPermission';
$group->create();
for ($i = 1; $i <= 5; $i++) {
$mess = new Pluf_Message();
$mess->user = $user;
$mess->message = 'Dummy object to test against: ' . $i;
$mess->create();
}
$perm = new Pluf_Permission();
$perm->application = 'Pluf_RowPermission';
$perm->code_name = 'test1';
$perm->name = 'test1';
$perm->description = 'test1';
$perm->create();
// Permission through group
$mess = new Pluf_Message(1);
Pluf_RowPermission::add($group, $mess, $perm);
$this->assertEquals(false, $user->hasPerm('Pluf_RowPermission.test1', $mess));
$user->setAssoc($group);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(true, $user->hasPerm('Pluf_RowPermission.test1', $mess));
$user->delAssoc($group);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(false, $user->hasPerm('Pluf_RowPermission.test1', $mess));
$user->setAssoc($group);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(true, $user->hasPerm('Pluf_RowPermission.test1', $mess));
Pluf_RowPermission::remove($group, $mess, $perm);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(false, $user->hasPerm('Pluf_RowPermission.test1', $mess));
// Permission through direct user
Pluf_RowPermission::add($user, $mess, $perm);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(true, $user->hasPerm('Pluf_RowPermission.test1', $mess));
Pluf_RowPermission::remove($user, $mess, $perm);
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(false, $user->hasPerm('Pluf_RowPermission.test1', $mess));
// Using string for the permission.
Pluf_RowPermission::add($user, $mess, 'Pluf_RowPermission.test1');
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(true, $user->hasPerm('Pluf_RowPermission.test1', $mess));
Pluf_RowPermission::remove($user, $mess, 'Pluf_RowPermission.test1');
$user->getAllPermissions(true);
//reset the cache
$this->assertEquals(false, $user->hasPerm('Pluf_RowPermission.test1', $mess));
}