function setPersonalFolderPermissions($oPO) { $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); $aAdminGroupID = $this->getGroupIdByName('System Administrators'); //arrays used to make integers for $aAllowed array variable $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id']; $iAdminGroupID = $aAdminGroupID[0]['id']; //set permissions for the role and the admin group $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID)); //Get the List of all the permissions $aPersonalFolderPermissions = KTPermission::getList(); //Iterate through and apply all permissions to the current user and the admin group foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission) { KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed); } //Update permission lookup KTPermissionUtil::updatePermissionLookupForPO($oPO); }
/** * Inherits permission object from parent, throwing away our own * permission object. */ function inheritPermissionObject(&$oDocumentOrFolder, $aOptions = null) { global $default; $oDocumentOrFolder->cacheGlobal = array(); $bEvenIfNotOwner = KTUtil::arrayGet($aOptions, 'evenifnotowner'); if (empty($bEvenIfNotOwner) && !KTPermissionUtil::isPermissionOwner($oDocumentOrFolder)) { return PEAR::raiseError(_kt("Document or Folder doesn't own its permission object")); } $iOrigPOID = $oDocumentOrFolder->getPermissionObjectID(); $oOrigPO =& KTPermissionObject::get($iOrigPOID); $oFolder =& Folder::get($oDocumentOrFolder->getParentID()); $iNewPOID = $oFolder->getPermissionObjectID(); $oNewPO =& KTPermissionObject::get($iNewPOID); $oDocumentOrFolder->setPermissionObjectID($iNewPOID); $oDocumentOrFolder->update(); if (is_a($oDocumentOrFolder, 'Document')) { // If we're a document, no niggly children to worry about. KTPermissionUtil::updatePermissionLookup($oDocumentOrFolder); return; } // if the new and old permission object and lookup ids are the same, then we might as well bail if ($iOrigPOID == $iNewPOID) { if ($oDocumentOrFolder->getPermissionLookupID() == $oFolder->getPermissionLookupID()) { // doing this, as this was done below... (not ideal to copy, but anyways...) Document::clearAllCaches(); Folder::clearAllCaches(); return; } } $iFolderID = $oDocumentOrFolder->getID(); $sFolderIDs = Folder::generateFolderIDs($iFolderID); $sFolderIDs .= '%'; $sQuery = "UPDATE {$default->folders_table} SET\n permission_object_id = ? WHERE permission_object_id = ? AND\n parent_folder_ids LIKE ?"; $aParams = array($oNewPO->getID(), $oOrigPO->getID(), $sFolderIDs); DBUtil::runQuery(array($sQuery, $aParams)); Folder::clearAllCaches(); // Update all documents in the folder and in the sub-folders $sQuery = "UPDATE {$default->documents_table} SET\n permission_object_id = ? WHERE permission_object_id = ? AND\n (parent_folder_ids LIKE ? OR folder_id = ?)"; $aParams[] = $iFolderID; DBUtil::runQuery(array($sQuery, $aParams)); Document::clearAllCaches(); KTPermissionUtil::updatePermissionLookupForPO($oNewPO); }
function do_removeDynamicCondition() { $aOptions = array('redirect_to' => array('main', 'fFolderId=' . $this->oFolder->getId())); if (!KTBrowseUtil::inAdminMode($this->oUser, $this->oFolder)) { $this->oValidator->userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder, $aOptions); } $aOptions = array('redirect_to' => array('edit', 'fFolderId=' . $this->oFolder->getId())); $oDynamicCondition =& $this->oValidator->validateDynamicCondition($_REQUEST['fDynamicConditionId'], $aOptions); $res = $oDynamicCondition->delete(); $this->oValidator->notError($res, $aOptions); $oTransaction = KTFolderTransaction::createFromArray(array('folderid' => $this->oFolder->getId(), 'comment' => _kt('Removed dynamic permissions'), 'transactionNS' => 'ktcore.transactions.permissions_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP())); $aOptions = array('defaultmessage' => _kt('Error updating permissions'), 'redirect_to' => array('edit', sprintf('fFolderId=%d', $this->oFolder->getId()))); $this->oValidator->notErrorFalse($oTransaction, $aOptions); $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId()); KTPermissionUtil::updatePermissionLookupForPO($oPO); $this->successRedirectTo('edit', _kt('Dynamic permission removed'), 'fFolderId=' . $this->oFolder->getId()); }
/** * Saves changes made by add() and remove(). * * @author KnowledgeTree Team * @access public */ public function save() { if (!$this->changed) { // we don't have to do anything if nothing has changed. return; } // if the current setup is inherited, then we must create a new copy to store the new associations. if ($this->getIsInherited()) { $this->overrideAllocation(); } $permissions = KTPermission::getList(); $folderItemObject = $this->_logTransaction(_kt('Updated permissions'), 'ktcore.transactions.permissions_change'); $permissionObject = KTPermissionObject::get($folderItemObject->getPermissionObjectId()); // transform the map into the structure expected foreach ($permissions as $permission) { $permissionId = $permission->getId(); // not the association is singular here $allowed = array('group' => array(), 'role' => array(), 'user' => array()); // fill the group allocations foreach ($this->map['groups']['map'] as $groupId => $allocations) { if ($allocations[$permissionId]) { $allowed['group'][] = $groupId; } } // fill the user allocations foreach ($this->map['users']['map'] as $userId => $allocations) { if ($allocations[$permissionId]) { $allowed['user'][] = $userId; } } // fill the role allocations foreach ($this->map['roles']['map'] as $roleId => $allocations) { if ($allocations[$permissionId]) { $allowed['role'][] = $roleId; } } KTPermissionUtil::setPermissionForId($permission, $permissionObject, $allowed); } KTPermissionUtil::updatePermissionLookupForPO($permissionObject); // set the copy to be that of the modified version. $this->mapCopy = $this->map; $this->changed = false; }
function do_updateSearch() { $id = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId'); $sName = KTUtil::arrayGet($_REQUEST, 'name'); $oSearch = KTSavedSearch::get($id); if (PEAR::isError($oSearch) || $oSearch == false) { $this->errorRedirectToMain('No such dynamic condition'); } $datavars = KTUtil::arrayGet($_REQUEST, 'boolean_search'); if (!is_array($datavars)) { $datavars = unserialize($datavars); } if (empty($datavars)) { $this->errorRedirectToMain(_kt('You need to have at least 1 condition.')); } //$sName = "Neil's saved search"; if (!empty($sName)) { $oSearch->setName($sName); } $oSearch->setSearch($datavars); $res = $oSearch->update(); $this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Search not saved'))); // Update permission object if exists $sWhere = 'condition_id = ?'; $aParams = array($id); $aPermissionObjects = KTPermissionDynamicCondition::getPermissionObjectIdList($sWhere, $aParams); if (!PEAR::isError($aPermissionObjects) && !empty($aPermissionObjects)) { // update permission objects foreach ($aPermissionObjects as $iPermObjectId) { $oPO = KTPermissionObject::get($iPermObjectId['permission_object_id']); KTPermissionUtil::updatePermissionLookupForPO($oPO); } } $this->successRedirectToMain(_kt('Dynamic condition saved')); }