/** * Update the details for the organisation */ function updatedetails($data, $form, $request) { if ($this->group) { $this->saveInto($this->group); $this->group->write(); $form->sessionMessage(_t('EcommerceCorporateAccount.DETAILSHAVEBEENUPDATED', 'Your details have been updated.'), 'good'); Director::redirectBack(); } else { $form->sessionMessage(_t('EcommerceCorporateAccount.DETAILSCOULDNOTBEUPATED', 'Your details have not been updated.'), 'bad'); Director::redirectBack(); } }
static function add_members_to_customer_group() { $gp = DataObject::get_one("Group", "\"Title\" = '" . self::get_group_name() . "'"); if (!$gp) { $gp = new Group(); $gp->Title = self::get_group_name(); $gp->Sort = 999998; $gp->write(); } $allCombos = DB::query("Select \"ID\", \"MemberID\", \"GroupID\" FROM \"Group_Members\" WHERE \"Group_Members\".\"GroupID\" = " . $gp->ID . ";"); //make an array of all combos $alreadyAdded = array(); $alreadyAdded[-1] = -1; if ($allCombos) { foreach ($allCombos as $combo) { $alreadyAdded[$combo["MemberID"]] = $combo["MemberID"]; } } $extraWhere = $unlistedMembers = DataObject::get("Member", $where = "\"Member\".\"ID\" NOT IN (" . implode(",", $alreadyAdded) . ")", $sort = null, $join = "INNER JOIN \"Order\" ON \"Order\".\"MemberID\" = \"Member\".\"ID\""); //add combos if ($unlistedMembers) { $existingMembers = $gp->Members(); foreach ($unlistedMembers as $member) { $existingMembers->add($member); } } }
public function requireDefaultRecords() { parent::requireDefaultRecords(); // Add default author group if no other group exists $frontend_group = Group::get()->filter("Code", "users-frontend"); if (!$frontend_group->exists()) { $frontend_group = new Group(); $frontend_group->Code = 'users-frontend'; $frontend_group->Title = "Frontend Users"; $frontend_group->Sort = 1; $frontend_group->write(); Permission::grant($frontend_group->ID, 'USERS_MANAGE_ACCOUNT'); DB::alteration_message('Front end users group created', 'created'); } // Add a verified users group (only used if we turn on // verification) $verify_group = Group::get()->filter("Code", "users-verified"); if (!$verify_group->exists()) { $verify_group = new Group(); $verify_group->Code = 'users-verified'; $verify_group->Title = "Verified Users"; $verify_group->Sort = 1; $verify_group->write(); Permission::grant($verify_group->ID, 'USERS_VERIFIED'); DB::alteration_message('Verified users group created', 'created'); } }
public function processRecord($record, $columnMap, &$results, $preview = false) { $objID = parent::processRecord($record, $columnMap, $results, $preview); $_cache_groupByCode = array(); // Add to predefined groups $member = DataObject::get_by_id($this->objectClass, $objID); foreach ($this->groups as $group) { // TODO This isnt the most memory effective way to add members to a group $member->Groups()->add($group); } // Add to groups defined in CSV if (isset($record['Groups']) && $record['Groups']) { $groupCodes = explode(',', $record['Groups']); foreach ($groupCodes as $groupCode) { $groupCode = Convert::raw2url($groupCode); if (!isset($_cache_groupByCode[$groupCode])) { $group = Group::get()->filter('Code', $groupCode)->first(); if (!$group) { $group = new Group(); $group->Code = $groupCode; $group->Title = $groupCode; $group->write(); } $member->Groups()->add($group); $_cache_groupByCode[$groupCode] = $group; } } } $member->destroy(); unset($member); return $objID; }
static function get_main_group() { $group = DataObject::get_one('Group', "Code = '" . strtolower(self::$main_group) . "'"); if (!$group) { $group = new Group(array('Title' => self::$main_group)); $group->write(); } return $group; }
function testCollateAncestorIDs() { $parentGroup = $this->objFromFixture('Group', 'parentgroup'); $childGroup = $this->objFromFixture('Group', 'childgroup'); $orphanGroup = new Group(); $orphanGroup->ParentID = 99999; $orphanGroup->write(); $this->assertEquals(array($parentGroup->ID), $parentGroup->collateAncestorIDs(), 'Root node only contains itself'); $this->assertEquals(array($childGroup->ID, $parentGroup->ID), $childGroup->collateAncestorIDs(), 'Contains parent nodes, with child node first'); $this->assertEquals(array($orphanGroup->ID), $orphanGroup->collateAncestorIDs(), 'Orphaned nodes dont contain invalid parent IDs'); }
function doUp() { global $database; $members = array(1368, 270, 9202); // EdgarMagana, JonProulx, ShillaSaebi $group = new Group(); $group->setTitle('User Committee'); $group->setDescription('User Committee'); $group->setSlug('user-committee'); $group->write(); $group->Members()->setByIDList($members); }
function testAlternateTreeTitle() { $group = new Group(); $group->Title = 'The A Team'; $group->AccessAllSubsites = true; $this->assertEquals($group->getTreeTitle(), 'The A Team <i>(global group)</i>'); $group->AccessAllSubsites = false; $group->write(); $group->Subsites()->add($this->objFromFixture('Subsite', 'domaintest1')); $group->Subsites()->add($this->objFromFixture('Subsite', 'domaintest2')); $this->assertEquals($group->getTreeTitle(), 'The A Team <i>(Test 1, Test 2)</i>'); }
/** * Add a specific group in order to enable users/groups managemet */ public function requireDefaultRecords() { $group = DataObject::get('Group', "Code = 'users-manager'"); if (!$group->count()) { $usersManagerGroup = new Group(); $usersManagerGroup->Code = 'users-manager'; $usersManagerGroup->Title = _t('Group.DefaultGroupTitleUsersManager', 'Users Manager'); $usersManagerGroup->Sort = 0; $usersManagerGroup->write(); Permission::grant($usersManagerGroup->ID, 'CMS_ACCESS_SecurityAdmin'); } }
function requireDefaultRecords() { if (!Group::get()->filter(array("Code" => "team-member"))->First()) { $group = new Group(); $group->Title = "Team Member"; $group->Code = "team-member"; $group->Sort = 2; $group->write(); $group->flushCache(); DB::alteration_message('Team Member Group created', 'created'); } parent::requireDefaultRecords(); }
public function requireDefaultRecords() { parent::requireDefaultRecords(); // Add default author group if no other group exists $curr_group = Group::get()->filter("Code", "customers"); if (!$curr_group->exists()) { $group = new Group(); $group->Code = 'customers'; $group->Title = "Customers"; $group->Sort = 1; $group->write(); DB::alteration_message('Customers group created', 'created'); } }
function requireDefaultRecords() { parent::requireDefaultRecords(); //Create a new group for customers $allGroups = DataObject::get('Group'); $existingCustomerGroup = $allGroups->find('Title', 'Customers'); if (!$existingCustomerGroup) { $customerGroup = new Group(); $customerGroup->Title = 'Customers'; $customerGroup->setCode($customerGroup->Title); $customerGroup->write(); Permission::grant($customerGroup->ID, 'VIEW_ORDER'); } }
function testOverwriteExistingImport() { $existinggroup = new Group(); $existinggroup->Title = 'Old Group Title'; $existinggroup->Code = 'newgroup1'; $existinggroup->write(); $loader = new GroupCsvBulkLoader(); $results = $loader->load('sapphire/tests/security/GroupCsvBulkLoaderTest.csv'); $created = $results->Created()->toArray(); $this->assertEquals(count($created), 1); $this->assertEquals($created[0]->Code, 'newchildgroup1'); $updated = $results->Updated()->toArray(); $this->assertEquals(count($updated), 1); $this->assertEquals($updated[0]->Code, 'newgroup1'); $this->assertEquals($updated[0]->Title, 'New Group 1'); }
public function testOverwriteExistingImport() { $existinggroup = new Group(); $existinggroup->Title = 'Old Group Title'; $existinggroup->Code = 'newgroup1'; $existinggroup->write(); $loader = new GroupCsvBulkLoader(); $results = $loader->load($this->getCurrentRelativePath() . '/GroupCsvBulkLoaderTest.csv'); $created = $results->Created()->toArray(); $this->assertEquals(count($created), 1); $this->assertEquals($created[0]->Code, 'newchildgroup1'); $updated = $results->Updated()->toArray(); $this->assertEquals(count($updated), 1); $this->assertEquals($updated[0]->Code, 'newgroup1'); $this->assertEquals($updated[0]->Title, 'New Group 1'); }
public function onAfterWrite() { parent::onAfterWrite(); // TODO: should test if this is needed or not if (!$this->owner->ID) { return; } // Apply the subsite title to config $siteconfig = $this->getSiteConfig(); if ($siteconfig) { if ($siteconfig->Title == _t('Subsite.SiteConfigTitle', 'Your Site Name') && $this->owner->Title) { $siteconfig->Title = $this->owner->Title; $siteconfig->write(); } } // Make sure we have groups for this subsite $groupName = $this->getAdministratorGroupName(); $group = self::getGroupByName($groupName); if ($groupName && !$group) { $group = new Group(); $group->Title = $groupName; $group->AccessAllSubsites = false; $group->write(); $group->Subsites()->add($this->owner); // Apply default permissions to this group $codes = array_unique(array_keys(Permission::get_codes(false))); $default_permissions = Config::inst()->get('SubsiteExtension', 'admin_default_permissions'); foreach ($default_permissions as $p) { if (in_array($p, $codes)) { $po = new Permission(array('Code' => $p)); $po->write(); $group->Permissions()->add($po); } } $group->write(); } $membersGroupName = $this->getMembersGroupName(); $membersGroup = self::getGroupByName($membersGroupName); if ($membersGroupName && !$membersGroup) { $membersGroup = new Group(); $membersGroup->Title = $membersGroupName; $membersGroup->AccessAllSubsites = true; $membersGroup->write(); $membersGroup->Subsites()->add($this->owner); $membersGroup->write(); } }
function up() { echo "Starting Migration Proc ...<BR>"; //check if migration already had ran ... $migration = DataObject::get_one("Migration", "Name='{$this->title}'"); if (!$migration) { $g = new Group(); $g->setTitle('Community Members'); $g->setDescription('Community Members'); $g->setSlug(IFoundationMember::CommunityMemberGroupSlug); $g->write(); $migration = new Migration(); $migration->Name = $this->title; $migration->Description = $this->description; $migration->Write(); } echo "Ending Migration Proc ...<BR>"; }
function up() { echo "Starting Migration Proc ...<BR>"; //check if migration already had ran ... $migration = Migration::get()->filter('Name', $this->title)->first(); if (!$migration) { $g = new Group(); $g->setTitle('CCLA Admin'); $g->setDescription('Company CCLA Admin'); $g->setSlug(ICLAMemberDecorator::CCLAGroupSlug); $g->write(); Permission::grant($g->getIdentifier(), ICLAMemberDecorator::CCLAPermissionSlug); $migration = new Migration(); $migration->Name = $this->title; $migration->Description = $this->description; $migration->Write(); } echo "Ending Migration Proc ...<BR>"; }
/** * Create permissions, groups and member records if they don't exist. */ public function requireDefaultRecords() { parent::requireDefaultRecords(); $groups = array(); // create or update groups, cache id by title foreach (self::$groups as $title => $description) { if (!($group = DataObject::get_one('Group', " Title = '{$title}'"))) { $group = new Group(array('Title' => $title)); } // update description if exists, otherwise set $group->Description = $description; $group->write(); $groups[$title] = $group->ID; } // create or update permissions and assign to associated group foreach (self::$permissions as $code => $groupTitle) { if (!($perm = DataObject::get_one('Permission', " Code = '{$code}' "))) { $perm = new Permission(array('Code' => $code)); } $perm->GroupID = $groups[$groupTitle]; $perm->write(); } // if config option is true create or update members, then add Member to group if ($this->config()->get('create_members_and_assign_to_groups') === true) { foreach (self::$members as $memberInfo) { $email = $memberInfo['Email']; if (!($member = DataObject::get_one('Member', " Email = '{$email}' "))) { $member = new Member(); } // set or update data $member->update($memberInfo); $member->write(); foreach (self::$member_groups[$email] as $groupTitle) { // if not in the group already add it $groupID = $groups[$groupTitle]; if (!$member->Groups()->filter('ID', $groupID)->first()) { $member->Groups()->add($groupID); } $member->write(); } } } }
public function DoRegister($data, $form) { if ($member = DataObject::get_one("Member", "`Email` = '" . Convert::raw2sql($data['Email']) . "'")) { $form->AddErrorMessage('Email', _t("REGISTRATION.EMAILEXISTS", "Sorry, that email address already exists. Please choose another."), 'bad'); Session::set("FormInfo.Form_RegistrationForm.data", $data); return $this->redirectBack(); } $Member = new Member(); $form->saveInto($Member); $Member->write(); $Member->logIn(); if (!($userGroup = DataObject::get_one('Group', "Code = 'register-user'"))) { $userGroup = new Group(); $userGroup->Code = "register-user"; $userGroup->Title = "Register-user"; $userGroup->write(); } $userGroup->Members()->add($Member); return $this->redirect(Director::baseURL()); }
public function requireDefaultRecords() { parent::requireDefaultRecords(); $intranetGroup = Group::get()->filter(array("Code" => $this->Config()->get("group_code")))->first(); if ($intranetGroup && $intranetGroup->exists()) { //do nothing } else { $intranetGroup = new Group(); DB::alteration_message($this->Config()->get("group_name") . ' group created', "created"); } if ($intranetGroup) { $intranetGroup->Code = $this->Config()->get("group_code"); $intranetGroup->Title = $this->Config()->get("group_name"); $intranetGroup->write(); Permission::grant($intranetGroup->ID, $this->Config()->get("permission_code")); if (DB::query("\r\n\t\t\t\tSELECT *\r\n\t\t\t\tFROM Permission\r\n\t\t\t\tWHERE \"GroupID\" = '" . $intranetGroup->ID . "'\r\n\t\t\t\t\tAND \"Code\" LIKE '" . $this->Config()->get("permission_code") . "'")->numRecords() == 0) { Permission::grant($intranetGroup->ID, $this->Config()->get("permission_code")); DB::alteration_message($this->Config()->get("group_name") . ' permissions granted', "created"); } } }
public function requireDefaultRecords() { parent::requireDefaultRecords(); // Add default FrontendMember group if none with permission code ADMIN exists if (!defined('CreateDefaultGroupsOnce')) { define('CreateDefaultGroupsOnce', true); $authorGroup = Group::get_one("Group", "Code='content-authors'"); if (!$authorGroup) { $authorGroup = new Group(); $authorGroup->Code = 'content-authors'; $authorGroup->Title = _t('Group.DefaultGroupTitleContentAuthors', 'Content Authors'); $authorGroup->Sort = 1; $authorGroup->write(); Permission::grant($authorGroup->ID, 'CMS_ACCESS_CMSMain'); Permission::grant($authorGroup->ID, 'CMS_ACCESS_AssetAdmin'); Permission::grant($authorGroup->ID, 'CMS_ACCESS_ReportAdmin'); Permission::grant($authorGroup->ID, 'SITETREE_REORGANISE'); } Permission::grant($authorGroup->ID, 'ACCESS_CONTENT'); DB::alteration_message('Content Authors Group Permissions added', "created"); } }
/** * Add default records to database. * * This function is called whenever the database is built, after the * database tables have all been created. */ public function requireDefaultRecords() { parent::requireDefaultRecords(); // Add default poster group if it doesn't exist $poster = Group::get()->filter("Code", 'discussions-posters')->first(); if (!$poster) { $poster = new Group(); $poster->Code = 'discussions-posters'; $poster->Title = _t('Discussions.DefaultGroupTitlePosters', 'Discussion Posters'); $poster->Sort = 1; $poster->write(); Permission::grant($poster->ID, 'DISCUSSIONS_REPLY'); DB::alteration_message('Discussion Poster Group Created', 'created'); } // Add default modrator group if none exists $moderator = Permission::get_groups_by_permission('DISCUSSIONS_MODERATION')->first(); if (!$moderator) { $moderator = new Group(); $moderator->Code = 'discussions-moderators'; $moderator->Title = _t('Discussions.DefaultGroupTitleModerators', 'Discussion Moderators'); $moderator->Sort = 0; $moderator->write(); Permission::grant($moderator->ID, 'DISCUSSIONS_MODERATION'); DB::alteration_message('Discussion Moderator Group Created', 'created'); } // Now add these groups to a discussion holder (if one exists) foreach (DiscussionHolder::get() as $page) { if (!$page->PosterGroups()->count()) { $page->PosterGroups()->add($poster); $page->write(); DB::alteration_message('Added Poster Group to Discussions Holder', 'created'); } if (!$page->ModeratorGroups()->count()) { $page->ModeratorGroups()->add($moderator); $page->write(); DB::alteration_message('Added Moderator Group to Discussions Holder', 'created'); } } }
/** * Create the default Groups * and add default admin to admin group */ public function requireDefaultRecords() { // Readers $readersGroup = DataObject::get('Group')->filter(array('Code' => 'restfulapi-readers')); if (!$readersGroup->count()) { $readerGroup = new Group(); $readerGroup->Code = 'restfulapi-readers'; $readerGroup->Title = 'RESTful API Readers'; $readerGroup->Sort = 0; $readerGroup->write(); Permission::grant($readerGroup->ID, 'RESTfulAPI_VIEW'); } // Editors $editorsGroup = DataObject::get('Group')->filter(array('Code' => 'restfulapi-editors')); if (!$editorsGroup->count()) { $editorGroup = new Group(); $editorGroup->Code = 'restfulapi-editors'; $editorGroup->Title = 'RESTful API Editors'; $editorGroup->Sort = 0; $editorGroup->write(); Permission::grant($editorGroup->ID, 'RESTfulAPI_VIEW'); Permission::grant($editorGroup->ID, 'RESTfulAPI_EDIT'); Permission::grant($editorGroup->ID, 'RESTfulAPI_CREATE'); } // Admins $adminsGroup = DataObject::get('Group')->filter(array('Code' => 'restfulapi-administrators')); if (!$adminsGroup->count()) { $adminGroup = new Group(); $adminGroup->Code = 'restfulapi-administrators'; $adminGroup->Title = 'RESTful API Administrators'; $adminGroup->Sort = 0; $adminGroup->write(); Permission::grant($adminGroup->ID, 'RESTfulAPI_VIEW'); Permission::grant($adminGroup->ID, 'RESTfulAPI_EDIT'); Permission::grant($adminGroup->ID, 'RESTfulAPI_CREATE'); Permission::grant($adminGroup->ID, 'RESTfulAPI_DELETE'); } }
function requireDefaultRecords() { parent::requireDefaultRecords(); // default checkoutpage if ($this->class == 'ShopCheckoutPage') { //create usergroup for shop client if (!DataObject::get_one("Group", "Title LIKE 'ShopClients'")) { $group = new Group(); $group->Title = "ShopClients"; $group->Code = "shop-clients"; $group->Sort = DataObject::get_one("Group", "1", null, "Sort DESC")->Sort + 1; $group->write(); DB::alteration_message('ShopClients usergroup created', 'created'); } if (!DataObject::get('ShopCheckoutPage')) { $p = new ShopCheckoutPage(); $p->Title = _t('Shop.CheckoutPageTitleDefault', 'Checkout'); $p->Content = _t('SiteTree.CheckoutPageContentDefault', ' <h2>Welcome to the checkout Page</h2> <p>Please feel free to replace this text with your own shopinformations...</p> '); $p->URLSegment = 'checkout'; $p->writeToStage('Stage'); $p->publish('Stage', 'Live'); $p->ContentInvoiceAddress = "<h2>Billing Address</h2>\n\t\t\t\t<p>Please fill out the billing address.</p>"; $p->ContentDeliveryAddress = "<h2>Shipping Address</h2>\n\t\t\t\t<p>Please fill out the shipping address.</p>"; $p->ContentShipping = "<h2>Shipping Method</h2>\n\t\t\t\t<p>Please select your preferred shipping method.</p>"; $p->ContentPayment = "<h2>Payment Method</h2>\n\t\t\t\t<p>Please choose your preffered payment methos.</p>"; $p->ContentSummary = "<h2>Order summary</h2>\n\t\t\t\t<p>Take a look of your order and click on „Place order” to finish your shopping session.</p>"; $p->ContentComplete = "<h2>Thanks for your order!</h2>\n\t\t\t\t<p>Your order has been submitted.</p>\n\t\t\t\t<p>You'll recieve an eMail with your order details soon.</p>"; $p->ContentError = "<h2>Order could not be placed</h2>\n\t\t\t\t<p>Sorry, but your order couldn't proceed complety. Please contact us for further information. Thanks!</p>"; $p->writeToStage('Stage'); $p->publish('Stage', 'Live'); $p->flushCache(); DB::alteration_message('ShopCheckoutPage created', 'created'); } } }
/** * run the task */ function run($request) { $approvedCustomerGroup = EcommerceCorporateGroupGroupDecorator::get_approved_customer_group(); $approveCustomerPermissionCode = EcommerceCorporateGroupGroupDecorator::get_permission_code(); if (!$approvedCustomerGroup) { $approvedCustomerGroup = new Group(); $approvedCustomerGroup->Code = EcommerceCorporateGroupGroupDecorator::get_code(); $approvedCustomerGroup->Title = EcommerceCorporateGroupGroupDecorator::get_name(); //$approvedCustomerGroup->ParentID = $parentGroup->ID; $approvedCustomerGroup->write(); Permission::grant($approvedCustomerGroup->ID, $approveCustomerPermissionCode); DB::alteration_message(EcommerceCorporateGroupGroupDecorator::get_name() . ' Group created', "created"); } elseif (DB::query("SELECT * FROM \"Permission\" WHERE \"GroupID\" = '" . $approvedCustomerGroup->ID . "' AND \"Code\" LIKE '" . $approveCustomerPermissionCode . "'")->numRecords() == 0) { Permission::grant($approvedCustomerGroup->ID, $approveCustomerPermissionCode); DB::alteration_message(EcommerceCorporateGroupGroupDecorator::get_name() . ' permissions granted', "created"); } $approvedCustomerGroup = EcommerceCorporateGroupGroupDecorator::get_approved_customer_group(); if (!$approvedCustomerGroup) { user_error("could not create user group"); } else { DB::alteration_message(EcommerceCorporateGroupGroupDecorator::get_name() . ' is ready for use', "created"); } }
/** * Automatically create an AccountPage if one is not found * on the site at the time the database is built (dev/build). */ function requireDefaultRecords() { parent::requireDefaultRecords(); if (!DataObject::get_one('AccountPage')) { $page = new AccountPage(); $page->Title = 'Account'; $page->Content = ''; $page->URLSegment = 'account'; $page->ShowInMenus = 0; $page->writeToStage('Stage'); $page->publish('Stage', 'Live'); DB::alteration_message('Account page \'Account\' created', 'created'); } //Create a new group for customers $allGroups = DataObject::get('Group'); $existingCustomerGroup = $allGroups->find('Title', 'Customers'); if (!$existingCustomerGroup) { $customerGroup = new Group(); $customerGroup->Title = 'Customers'; $customerGroup->setCode($customerGroup->Title); $customerGroup->write(); } }
/** * Adds the member to a group. This will create the group if the given * group code does not return a valid group object. * * @param string $groupcode * @param string Title of the group */ public function addToGroupByCode($groupcode, $title = "") { $group = DataObject::get_one('Group', "\"Code\" = '" . Convert::raw2sql($groupcode) . "'"); if ($group) { $this->Groups()->add($group); } else { if (!$title) { $title = $groupcode; } $group = new Group(); $group->Code = $groupcode; $group->Title = $title; $group->write(); $this->Groups()->add($group); } }
public function requireDefaultRecords() { parent::requireDefaultRecords(); if ($this->config()->create_default_pages) { $groupHolder = DataObject::get_one('ScoutGroupHolder'); if (!$groupHolder) { $groupHolder = new ScoutGroupHolder(); $groupHolder->Title = "Groups"; $groupHolder->URLSegment = 'groups'; $groupHolder->Status = 'Published'; $groupHolder->write(); $groupHolder->publish('Stage', 'Live'); DB::alteration_message('Scout Group Holder page created', 'created'); } } $districtAdmin = DataObject::get_one('Group', "Code = 'scout-district-admin'"); if (!$districtAdmin) { $districtAdmin = new Group(); $districtAdmin->Code = 'scout-district-admin'; $districtAdmin->Title = _t('ScoutDistrict.Groups.SCOUTDISTRICTADMIN', 'Scout District Admin'); $districtAdmin->write(); Permission::grant($districtAdmin->ID, ScoutDistrictPermissions::$district_admin); DB::alteration_message('Scout District Admin group created', 'created'); } $groupManager = DataObject::get_one('Group', "Code = 'scout-group-manager'"); if (!$groupManager) { $groupManager = new Group(); $groupManager->Code = 'scout-group-manager'; $groupManager->Title = _t('ScoutDistrict.Groups.SCOUTGROUPMANAGER', 'Scout Group Manager'); $groupManager->write(); Permission::grant($groupManager->ID, ScoutDistrictPermissions::$group_manager); Permission::grant($groupManager->ID, "CMS_ACCESS_CMSMain"); DB::alteration_message('Scout Group Manager group created', 'created'); } }
public function run($request) { // get all groups from LDAP, but only get the attributes we need. // this is useful to avoid holding onto too much data in memory // especially in the case where getGroups() would return a lot of groups $ldapGroups = $this->ldapService->getGroups(false, array('objectguid', 'samaccountname', 'dn', 'name', 'description'), 'objectguid'); $start = time(); $count = 0; foreach ($ldapGroups as $data) { $group = Group::get()->filter('GUID', $data['objectguid'])->limit(1)->first(); if (!($group && $group->exists())) { // create the initial Group with some internal fields $group = new Group(); $group->GUID = $data['objectguid']; $this->log(sprintf('Creating new Group (ID: %s, GUID: %s, sAMAccountName: %s)', $group->ID, $data['objectguid'], $data['samaccountname'])); } else { $this->log(sprintf('Updating existing Group "%s" (ID: %s, GUID: %s, sAMAccountName: %s)', $group->getTitle(), $group->ID, $data['objectguid'], $data['samaccountname'])); } // Synchronise specific guaranteed fields. $group->Code = $data['samaccountname']; if (!empty($data['name'])) { $group->Title = $data['name']; } else { $group->Title = $data['samaccountname']; } if (!empty($data['description'])) { $group->Description = $data['description']; } $group->DN = $data['dn']; $group->LastSynced = (string) SS_Datetime::now(); $group->IsImportedFromLDAP = true; $group->write(); // Mappings on this group are automatically maintained to contain just the group's DN. // First, scan through existing mappings and remove ones that are not matching (in case the group moved). $hasCorrectMapping = false; foreach ($group->LDAPGroupMappings() as $mapping) { if ($mapping->DN === $data['dn']) { // This is the correct mapping we want to retain. $hasCorrectMapping = true; } else { $this->log(sprintf('Deleting invalid mapping %s on %s.', $mapping->DN, $group->getTitle())); $mapping->delete(); } } // Second, if the main mapping was not found, add it in. if (!$hasCorrectMapping) { $this->log(sprintf('Setting up missing group mapping from %s to %s', $group->getTitle(), $data['dn'])); $mapping = new LDAPGroupMapping(); $mapping->DN = $data['dn']; $mapping->write(); $group->LDAPGroupMappings()->add($mapping); } // cleanup object from memory $group->destroy(); $count++; } // remove Group records that were previously imported, but no longer exist in the directory // NOTE: DB::query() here is used for performance and so we don't run out of memory if ($this->config()->destructive) { foreach (DB::query('SELECT "ID", "GUID" FROM "Group" WHERE "IsImportedFromLDAP" = 1') as $record) { if (!isset($ldapGroups[$record['GUID']])) { $group = Group::get()->byId($record['ID']); // Cascade into mappings, just to clean up behind ourselves. foreach ($group->LDAPGroupMappings() as $mapping) { $mapping->delete(); } $group->delete(); $this->log(sprintf('Removing Group "%s" (GUID: %s) that no longer exists in LDAP.', $group->Title, $group->GUID)); // cleanup object from memory $group->destroy(); } } } $end = time() - $start; $this->log(sprintf('Done. Processed %s records. Duration: %s seconds', $count, round($end, 0))); }
public function testOnChangeGroups() { $staffGroup = $this->objFromFixture('Group', 'staffgroup'); $adminGroup = $this->objFromFixture('Group', 'admingroup'); $staffMember = $this->objFromFixture('Member', 'staffmember'); $adminMember = $this->objFromFixture('Member', 'admin'); $newAdminGroup = new Group(array('Title' => 'newadmin')); $newAdminGroup->write(); Permission::grant($newAdminGroup->ID, 'ADMIN'); $newOtherGroup = new Group(array('Title' => 'othergroup')); $newOtherGroup->write(); $this->assertTrue($staffMember->onChangeGroups(array($staffGroup->ID)), 'Adding existing non-admin group relation is allowed for non-admin members'); $this->assertTrue($staffMember->onChangeGroups(array($newOtherGroup->ID)), 'Adding new non-admin group relation is allowed for non-admin members'); $this->assertFalse($staffMember->onChangeGroups(array($newAdminGroup->ID)), 'Adding new admin group relation is not allowed for non-admin members'); $this->session()->inst_set('loggedInAs', $adminMember->ID); $this->assertTrue($staffMember->onChangeGroups(array($newAdminGroup->ID)), 'Adding new admin group relation is allowed for normal users, when granter is logged in as admin'); $this->session()->inst_set('loggedInAs', null); $this->assertTrue($adminMember->onChangeGroups(array($newAdminGroup->ID)), 'Adding new admin group relation is allowed for admin members'); }