function ArtifactFromID($id, $data = false) { if ($data) { $art_arr =& $data; } else { $res = db_query("SELECT * FROM artifact_vw WHERE artifact_id='{$id}'"); if (!$res || db_numrows($res) < 1) { $this->setError("Invalid Artifact ID"); return false; } else { $art_arr =& db_fetch_array($res); } } $at = artifactType_get_object($art_arr['group_artifact_id']); if (!$at || !is_object($at)) { $this->setError("Could Not Create ArtifactType"); return false; } elseif ($at->isError()) { $this->setError($at->getErrorMessage()); return false; } $this->ArtifactType =& $at; $a = artifact_get_object($id, $art_arr); if (!$a || !is_object($a)) { $this->setError("Could Not Create Artifact"); return false; } elseif ($a->isError()) { $this->setError($a->getErrorMessage()); return false; } $this->Artifact =& $a; return true; }
/** * Factory method which creates an Artifact from an artifact ID * * @param int The artifact ID * @param array The result array, if it's passed in * @return object Artifact object */ function &artifact_get_object($artifact_id, $data = false) { global $ARTIFACT_OBJ; if (!isset($ARTIFACT_OBJ["_" . $artifact_id . "_"])) { if ($data) { //the db result handle was passed in } else { $res = db_query("SELECT * FROM artifact_vw WHERE artifact_id='{$artifact_id}'"); if (db_numrows($res) < 1) { $ARTIFACT_OBJ["_" . $artifact_id . "_"] = false; return false; } $data =& db_fetch_array($res); } $ArtifactType =& artifactType_get_object($data["group_artifact_id"]); $ARTIFACT_OBJ["_" . $artifact_id . "_"] = new Artifact($ArtifactType, $data); } return $ARTIFACT_OBJ["_" . $artifact_id . "_"]; }
} } // // Copy Categories // } elseif (getStringFromRequest('copy_opt')) { $copyid = getStringFromRequest('copyid'); $selectid = getStringFromRequest('selectid'); $copy_rows = count($copyid); if ($copy_rows > 0) { // // create an object for each selected type // $result = db_query("SELECT * FROM artifact_extra_field_list \n\t\t\t\t\tWHERE extra_field_id='{$selectid}'"); $typeid = db_result($result, 0, 'group_artifact_id'); $dest_tracker =& artifactType_get_object($typeid); if (!$dest_tracker || !is_object($dest_tracker)) { exit_error('Error', 'ArtifactType could not be created'); } elseif ($dest_tracker->isError()) { exit_error(_('Error'), $dest_tracker->getErrorMessage()); } // // Copy elements into a field (box) for each tracker selected // $feedback .= 'Copy into Tracker: '; $feedback .= $dest_tracker->getName(); $aef = new ArtifactExtraField($dest_tracker, $selectid); if (!$aef || !is_object($aef)) { $feedback .= 'Unable to create ArtifactExtraField Object'; } elseif ($aef->isError()) { $feedback .= $aefe->getErrorMessage();
private function _getRolesIdByAllowedAction($section, $reference, $action = NULL) { $result = array(); $qpa = db_construct_qpa(); $qpa = db_construct_qpa($qpa, 'SELECT role_id FROM pfo_role_setting WHERE section_name=$1 AND ref_id=$2 ', array($section, $reference)); // Look for roles that are directly allowed to perform action switch ($section) { case 'forge_admin': case 'forge_read': case 'approve_projects': case 'approve_news': case 'project_admin': case 'project_read': case 'tracker_admin': case 'pm_admin': case 'forum_admin': $qpa = db_construct_qpa($qpa, 'AND perm_val = 1'); break; case 'forge_stats': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'admin': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; } break; case 'scm': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'write': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; } break; case 'docman': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'submit': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'approve': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; case 'admin': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 4'); break; } break; case 'frs': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read_public': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'read_private': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'write': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; } break; case 'forum': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 1'); break; case 'post': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 2'); break; case 'unmoderated_post': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 3'); break; case 'moderate': $qpa = db_construct_qpa($qpa, 'AND perm_val >= 4'); break; } break; case 'tracker': case 'pm': switch ($action) { case 'ANY': $qpa = db_construct_qpa($qpa, 'AND perm_val != 0'); break; case 'read': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 1) = 1'); break; case 'tech': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 2) = 2'); break; case 'manager': $qpa = db_construct_qpa($qpa, 'AND (perm_val & 4) = 4'); break; } break; default: $hook_params = array(); $hook_params['section'] = $section; $hook_params['reference'] = $reference; $hook_params['action'] = $action; $hook_params['qpa'] = $qpa; $hook_params['result'] = $result; plugin_hook_by_reference("list_roles_by_permission", $hook_params); $qpa = $hook_params['qpa']; break; } $res = db_query_qpa($qpa); if (!$res) { $this->setError('RBACEngine::getRolesByAllowedAction()::' . db_error()); return false; } while ($arr = db_fetch_array($res)) { $result[] = $arr['role_id']; } // Also look for roles that can perform the action because they're more powerful switch ($section) { case 'forge_read': case 'approve_projects': case 'approve_news': case 'forge_stats': case 'project_admin': $result = array_merge($result, $this->_getRolesIdByAllowedAction('forge_admin', -1)); break; case 'project_read': case 'tracker_admin': case 'pm_admin': case 'forum_admin': case 'scm': case 'docman': case 'frs': $result = array_merge($result, $this->_getRolesIdByAllowedAction('project_admin', $reference)); break; case 'tracker': if ($action != 'tech') { $t = artifactType_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $t->Group->getID())); } break; case 'pm': if ($action != 'tech') { $t = projectgroup_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $t->Group->getID())); } break; case 'forum': $t = forum_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $t->Group->getID())); break; case 'new_tracker': if ($action != 'tech') { $result = array_merge($result, $this->_getRolesIdByAllowedAction('tracker_admin', $reference)); } break; case 'new_pm': if ($action != 'tech') { $result = array_merge($result, $this->_getRolesIdByAllowedAction('pm_admin', $reference)); } break; case 'new_forum': $t = forum_get_object($reference); $result = array_merge($result, $this->_getRolesIdByAllowedAction('forum_admin', $reference)); break; } return array_unique($result); }