/**
* This is an internal helper function, which may only be called statically.
*
* It is used by get_all_privileges in case that there is no cache hit. It will query the
* database and construct all necessary objects out of it.
*
* @param string $guid The GUID of the object for which to query ACL data.
* @param string $type SELF or CONTENT
* @return Array A list of midcom_core_privilege instances.
*/
protected static function _query_privileges($guid, $type)
{
$result = array();
$mc = new midgard_collector('midcom_core_privilege_db', 'objectguid', $guid);
$mc->add_constraint('value', '<>', MIDCOM_PRIVILEGE_INHERIT);
if ($type == 'CONTENT') {
$mc->add_constraint('assignee', '<>', 'SELF');
} else {
$mc->add_constraint('assignee', '=', 'SELF');
}
$mc->set_key_property('guid');
$mc->add_value_property('id');
$mc->add_value_property('privilegename');
$mc->add_value_property('assignee');
$mc->add_value_property('classname');
$mc->add_value_property('value');
midcom_connection::set_error(MGD_ERR_OK);
$mc->execute();
$privileges = $mc->list_keys();
if (!$privileges) {
if (midcom_connection::get_error() != MGD_ERR_OK) {
debug_add("Failed to retrieve all {$type} privileges for the Object GUID {$guid}: " . midcom_connection::get_error_string(), MIDCOM_LOG_INFO);
debug_print_r('Result was:', $result);
if (isset($php_errormsg)) {
debug_add("Error message was: {$php_errormsg}", MIDCOM_LOG_ERROR);
}
throw new midcom_error('Privilege collector failed to execute: ' . midcom_connection::get_error_string());
}
return $result;
}
foreach ($privileges as $privilege_guid => $value) {
$privilege = $mc->get($privilege_guid);
$privilege['objectguid'] = $guid;
$privilege['guid'] = $privilege_guid;
$privilege_object = new midcom_core_privilege($privilege);
if (!isset($privilege_object->assignee)) {
// Invalid privilege, skip
continue;
}
$privilege_object->scope = $privilege_object->_get_scope();
$return[] = $privilege_object;
}
return $return;
}
