Пример #1
0
 public static function loadFixtures(TBGScope $scope)
 {
     $roles = array();
     $roles['Developer'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'candoscrumplanning'), array('permission' => 'canvoteforissues'), array('permission' => 'canlockandeditlockedissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissue'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostseeandeditallcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'deletearticle', 'module' => 'publish', 'target_id' => '%project_key%'));
     $roles['Project manager'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'candoscrumplanning'), array('permission' => 'canvoteforissues'), array('permission' => 'canlockandeditlockedissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissue'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostseeandeditallcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'deletearticle', 'module' => 'publish', 'target_id' => '%project_key%'));
     $roles['Tester'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'canvoteforissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'caneditissuecustomfields'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostandeditcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'));
     $roles['Documentation editor'] = array(array('permission' => 'page_project_allpages_access'), array('permission' => 'canseeproject'), array('permission' => 'canseeprojecthierarchy'), array('permission' => 'canvoteforissues'), array('permission' => 'cancreateandeditissues'), array('permission' => 'canaddextrainformationtoissues'), array('permission' => 'canpostandeditcomments'), array('permission' => 'readarticle', 'module' => 'publish', 'target_id' => '%project_key%'), array('permission' => 'editarticle', 'module' => 'publish', 'target_id' => '%project_key%'));
     foreach ($roles as $name => $permissions) {
         $role = new TBGRole();
         $role->setName($name);
         $role->setScope($scope);
         $role->save();
         foreach ($permissions as $k => $permission) {
             $p = new TBGRolePermission();
             $p->setPermission($permission['permission']);
             if (array_key_exists('target_id', $permission)) {
                 $p->setTargetID($permission['target_id']);
             }
             if (array_key_exists('module', $permission)) {
                 $p->setModule($permission['module']);
             }
             $role->addPermission($p);
         }
     }
 }
Пример #2
0
 public function runConfigureRole(TBGRequest $request)
 {
     try {
         $role = new TBGRole($request['role_id']);
     } catch (Exception $e) {
         $this->getResponse()->setHttpStatus(400);
         return $this->renderJSON(array('error' => $this->getI18n()->__('This is not a valid role')));
     }
     if ($role->isSystemRole()) {
         $access_level = $this->getAccessLevel($request['section'], 'core');
     } else {
         $access_level = $this->getUser()->canManageProject($role->getProject()) ? TBGSettings::ACCESS_FULL : TBGSettings::ACCESS_READ;
     }
     switch ($request['mode']) {
         case 'list_permissions':
             return $this->renderTemplate('configuration/rolepermissionslist', array('role' => $role));
             break;
         case 'edit':
             if (!$access_level == TBGSettings::ACCESS_FULL) {
                 $this->getResponse()->setHttpStatus(400);
                 return $this->renderJSON(array('error' => $this->getI18n()->__('You do not have access to edit these permissions')));
             }
             if ($request->isPost()) {
                 $role->setName($request['name']);
                 $role->save();
                 $new_permissions = array();
                 foreach ($request['permissions'] as $new_permission) {
                     $permission_details = explode(',', $new_permission);
                     $new_permissions[$permission_details[2]] = array('module' => $permission_details[0], 'target_id' => $permission_details[1]);
                 }
                 foreach ($role->getPermissions() as $existing_permission) {
                     if (!array_key_exists($existing_permission->getPermission(), $new_permissions)) {
                         $role->removePermission($existing_permission);
                     }
                 }
                 foreach ($new_permissions as $permission_key => $details) {
                     $p = new TBGRolePermission();
                     $p->setModule($details['module']);
                     $p->setPermission($permission_key);
                     if ($details['target_id']) {
                         $p->setTargetID($details['target_id']);
                     }
                     $role->addPermission($p);
                 }
                 return $this->renderJSON(array('message' => $this->getI18n()->__('Permissions updated'), 'permissions_count' => count($request['permissions']), 'role_name' => $role->getName()));
             }
             return $this->renderTemplate('configuration/rolepermissionsedit', array('role' => $role));
         case 'delete':
             if (!$access_level == TBGSettings::ACCESS_FULL || !$request->isPost()) {
                 $this->getResponse()->setHttpStatus(400);
                 return $this->renderJSON(array('error' => $this->getI18n()->__('This role cannot be removed')));
             }
             $role->delete();
             return $this->renderJSON(array('message' => $this->getI18n()->__('Role deleted')));
     }
 }