public function userHasPermissionOnPlanning($planning_id, $group_id, PFUser $user, $permission) { return $user->isMember($group_id) && $user->hasPermission($permission, $planning_id, $group_id); }
/** * Test is user can administrate FRS service of given project * * @param PFUser $user User to test * @param Integer $groupId Project * * @return Boolean */ public static function userCanAdmin($user, $groupId) { return $user->isSuperUser() || $user->isMember($groupId, 'R2') || $user->isMember($groupId, 'A'); }
private function userIsRestrictedAndNotMemberOfProject(PFUser $user, Project $project) { return $user->isRestricted() && !$user->isMember($project->getID()) && $this->project_manager->checkRestrictedAccessForUser($project, $user); }
private function restrictedMemberIsNotProjectMember(PFUser $user, $project_id) { return $user->isRestricted() && !$user->isMember($project_id); }
public function getUserProjectsAsOptions(PFUser $user, ProjectManager $manager, $currentProjectId) { $purifier = Codendi_HTMLPurifier::instance(); $html = ''; $option = '<option value="%d" title="%s">%s</option>'; $usrProject = array_diff($user->getAllProjects(), array($currentProjectId)); foreach ($usrProject as $projectId) { $project = $manager->getProject($projectId); if ($user->isMember($projectId, 'A') && $project->usesService(GitPlugin::SERVICE_SHORTNAME)) { $projectName = $project->getPublicName(); $projectUnixName = $purifier->purify($project->getUnixName()); $html .= sprintf($option, $projectId, $projectUnixName, $projectName); } } return $html; }
private function userIsRestrictedAndNotProjectMember(PFUser $user, Project $project) { return $project->allowsRestricted() && $user->isRestricted() && !$user->isMember($project->getID()); }
private function addGenericUserInProject(PFUser $user, $session_key, $group_id) { if (!$user->isMember($group_id)) { $this->addProjectMember($session_key, $group_id, $user->getUnixName()); } }
public function assertUserCanAccessProject(PFUser $user, Project $project) { if ($project->isPublic() && $user->isRestricted() && !$user->isMember($project->getGroupId()) || !$project->isPublic() && !$user->isMember($project->getGroupId())) { throw new Exception('User do not have access to the project', '3002'); } }
/** * Tests if the user is Superuser, or File release admin * * @param PFUser $user * @param Integer $groupId * * @return Boolean */ function userCanWrite($user, $groupId) { // R2 refers to File release admin return $this->isWriteEnabled() && ($user->isSuperUser() || $user->isMember($groupId, 'R2')); }
/** * Test if user can modify repository configuration * * @param PFUser $user The user to test * * @return Boolean */ public function userCanAdmin($user) { return $user->isMember($this->getProjectId(), 'A'); }
/** * Append project dynamic ugroups of user * * @param PFUser $user * @param array $user_ugroups * * @return array the new array of user's ugroup */ private function appendDynamicUGroups(PFUser $user, array $user_ugroups = array()) { $user_projects = $user->getProjects(true); foreach ($user_projects as $user_project) { $project_name = strtolower($user_project['unix_group_name']); $group_id = $user_project['group_id']; $user_ugroups[] = $this->ugroupIdToStringWithoutArobase(ProjectUGroup::PROJECT_MEMBERS, $project_name); if ($user->isMember($group_id, 'A')) { $user_ugroups[] = $this->ugroupIdToStringWithoutArobase(ProjectUGroup::PROJECT_ADMIN, $project_name); } } return $user_ugroups; }
/** * Remove a notified mail address from all private repositories of a project * * @param Integer $groupId Porject ID to remove its repositories notification * @param PFUser $user User to exclude from notification * * @return void */ function removeMailByProjectPrivateRepository($groupId, $user) { if (!$user->isMember($groupId)) { $gitDao = $this->_getGitDao(); $repositoryList = $gitDao->getProjectRepositoryList($groupId); if ($repositoryList) { foreach ($repositoryList as $row) { $repository = $this->_getGitRepository(); $repository->setId($row['repository_id']); $repository->load(); if (!$repository->userCanRead($user)) { if (!$this->removeMailByRepository($repository, $user->getEmail())) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_git', 'dao_error_remove_notification')); } } } } } }
/** * Ensure given user can access given project * * @param PFUser $user * @param Project $project * @return boolean * @throws Project_AccessProjectNotFoundException * @throws Project_AccessDeletedException * @throws Project_AccessRestrictedException * @throws Project_AccessPrivateException */ public function userCanAccessProject(PFUser $user, Project $project) { if ($project->isError()) { throw new Project_AccessProjectNotFoundException(); } elseif ($user->isSuperUser()) { return true; } elseif (!$project->isActive()) { throw new Project_AccessDeletedException($project); } elseif ($user->isMember($project->getID())) { return true; } elseif ($user->isRestricted() && !$this->canRestrictedUserAccess($user, $project)) { throw new Project_AccessRestrictedException(); } elseif ($project->isPublic()) { return true; } elseif ($this->userHasBeenDelegatedAccess($user)) { return true; } throw new Project_AccessPrivateException(); }
/** * Ensure given user can access given project * * @param PFUser $user * @param Project $project * @return boolean * @throws Project_AccessProjectNotFoundException * @throws Project_AccessDeletedException * @throws Project_AccessRestrictedException * @throws Project_AccessPrivateException */ public function userCanAccessProject(PFUser $user, Project $project) { if ($project->isError()) { throw new Project_AccessProjectNotFoundException(); } elseif ($user->isSuperUser()) { return true; } elseif (!$project->isActive()) { throw new Project_AccessDeletedException($project); } elseif ($user->isMember($project->getID())) { return true; } elseif ($this->getPermissionsOverriderManager()->doesOverriderAllowUserToAccessProject($user, $project)) { return true; } elseif ($user->isRestricted()) { if (!$project->allowsRestricted() || !$this->restrictedUserCanAccessUrl($user, $this->getUrl(), $_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME'])) { throw new Project_AccessRestrictedException(); } return true; } elseif ($project->isPublic()) { return true; } elseif ($this->userHasBeenDelegatedAccess($user)) { return true; } throw new Project_AccessPrivateException(); }
/** * Test is user can read the content of this repository and metadata * * @param PFUser $user The user to test * @param GitRepository $repository The repository to test * * @return Boolean */ public function userCanRead($user, $repository) { return $user->isMember($repository->getProjectId(), 'A') || $user->hasPermission(Git::PERM_READ, $repository->getId(), $repository->getProjectId()) || $user->hasPermission(Git::PERM_WRITE, $repository->getId(), $repository->getProjectId()) || $user->hasPermission(Git::PERM_WPLUS, $repository->getId(), $repository->getProjectId()); }
/** * Test is user can read the content of this repository and metadata * * @param PFUser $user The user to test * @param GitRepository $repository The repository to test * * @return Boolean */ public function userCanRead($user, $repository) { if ($repository->isPrivate() && $user->isMember($repository->getProjectId())) { return true; } if ($repository->isPublic()) { if ($user->isRestricted() && $user->isMember($repository->getProjectId())) { return true; } if (!$user->isAnonymous()) { return true; } } return false; }
private function userIsAdmin(PFUser $user, $group_id, $permissions, $ugroups) { return $user->isSuperUser() || $user->isMember($group_id, 'A') || $this->hasPermissionFor(Tracker::PERMISSION_ADMIN, $permissions, $ugroups); }