function addParameterPermissionItem($itemCfg)
{
// verify obligatory fields
if (!$itemCfg->object) {
throw new Exception('Permission item object must be set');
}
if (!$itemCfg->parameter) {
throw new Exception('Permission item object parameter must be set');
}
if (!$itemCfg->action) {
throw new Exception('Permission item action id must be set');
}
if (is_null($itemCfg->partnerId) || $itemCfg->partnerId === '') {
throw new Exception('Permission item partner id must be set');
}
if (!in_array($itemCfg->action, array(ApiParameterPermissionItemAction::INSERT, ApiParameterPermissionItemAction::READ, ApiParameterPermissionItemAction::UPDATE))) {
throw new Exception("Action type [{$itemCfg->action}] unknown");
}
// check if item already exists in db
$c = new Criteria();
$c->addAnd(kApiParameterPermissionItem::OBJECT_COLUMN_NAME, $itemCfg->object, Criteria::EQUAL);
$c->addAnd(kApiParameterPermissionItem::PARAMETER_COLUMN_NAME, $itemCfg->parameter, Criteria::EQUAL);
$c->addAnd(kApiParameterPermissionItem::ACTION_COLUMN_NAME, $itemCfg->action, Criteria::EQUAL);
$c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $itemCfg->partnerId), Criteria::IN);
$c->addAnd(PermissionItemPeer::TYPE, PermissionItemType::API_PARAMETER_ITEM, Criteria::EQUAL);
$existingItem = PermissionItemPeer::doSelectOne($c);
$item = null;
if (existingItem) {
$item = $existingItem;
KalturaLog::log('Permission item for [' . $item->getAction() . '->' . $item->getObject() . '->' . $item->getParameter() . '] partner id [' . $item->getPartnerId() . '] already exists with id [' . $item->getId() . ']');
} else {
// save new permission item object
$item = new kApiParameterPermissionItem();
foreach ($itemCfg as $key => $value) {
if ($key === 'permissions') {
continue;
// permissions are set later
}
$setterCallback = array($item, "set{$key}");
call_user_func_array($setterCallback, array($value));
}
$item->save();
KalturaLog::log('New permission item id [' . $item->getId() . '] added for [' . $item->getAction() . '->' . $item->getObject() . '->' . $item->getParameter() . '] partner id [' . $item->getPartnerId() . ']');
}
// add item to each defined permission
$permissionNames = array_map('trim', explode(',', $itemCfg->permissions));
addItemToPermissions($item, $permissionNames);
}
/**
* Add an api parameter permission to the local map
* @param array $map map to fill
* @param kApiParameterPermissionItem $item
*/
private static function addApiParameter(array &$map, kApiParameterPermissionItem $item)
{
$itemAction = strtolower($item->getAction());
$itemObject = strtolower($item->getObject());
if (!isset($map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$itemObject])) {
$map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$itemObject] = array();
}
$map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$itemObject][strtolower($item->getParameter())] = true;
}
/**
* Add an api parameter permission to the local map
* @param array $map map to fill
* @param kApiParameterPermissionItem $item
*/
private static function addApiParameter(array &$map, kApiParameterPermissionItem $item)
{
$itemAction = $item->getAction();
// ApiParameterPermissionItemAction
if (!isset($map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$item->getObject()])) {
$map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$item->getObject()] = array();
}
$map[self::API_PARAMETERS_ARRAY_NAME][$itemAction][$item->getObject()][] = $item->getParameter();
}