/**
* recursivly add permissions to a class and all instances
*/
public static function addPermissionToClass(\core_kernel_classes_Class $class, $userUri, $rights)
{
$dbAccess = new DataBaseAccess();
$dbAccess->addPermissions($userUri, $class->getUri(), $rights);
foreach ($class->getInstances(false) as $instance) {
$dbAccess->addPermissions($userUri, $instance->getUri(), $rights);
}
foreach ($class->getSubClasses(false) as $subclass) {
self::addPermissionToClass($subclass, $userUri, $rights);
}
}
/**
* (non-PHPdoc)
* @see \oat\generis\model\data\PermissionInterface::onResourceCreated()
*/
public function onResourceCreated(\core_kernel_classes_Resource $resource)
{
$dbAccess = new DataBaseAccess();
// test if class
$class = new \core_kernel_classes_Class($resource);
foreach (array_merge($resource->getTypes(), $class->getParentClasses()) as $parent) {
foreach (AdminService::getUsersPermissions($parent->getUri()) as $userUri => $rights) {
$dbAccess->addPermissions($userUri, $resource->getUri(), $rights);
}
}
}
/**
* (non-PHPdoc)
* @see \oat\generis\model\data\PermissionInterface::onResourceCreated()
*/
public function onResourceCreated(\core_kernel_classes_Resource $resource)
{
$dbAccess = new DataBaseAccess();
// verify resource is created
$permissions = $dbAccess->getResourcePermissions($resource->getUri());
if (empty($permissions)) {
// treat resources as classes without parent classes
$class = new \core_kernel_classes_Class($resource);
foreach (array_merge($resource->getTypes(), $class->getParentClasses()) as $parent) {
foreach (AdminService::getUsersPermissions($parent->getUri()) as $userUri => $rights) {
$dbAccess->addPermissions($userUri, $resource->getUri(), $rights);
}
}
}
}
/**
* Get the permissions a user has on a list of ressources
* @dataProvider getPermissionProvider
* @access public
* @param array $userIds
* @param array $resourceIds
* @return array()
*/
public function testGetPermissions($userIds, array $resourceIds)
{
// get privileges for a user/roles and a resource
$returnValue = array();
$inQueryResource = implode(',', array_fill(0, count($resourceIds), '?'));
$inQueryUser = implode(',', array_fill(0, count($userIds), '?'));
$query = "SELECT resource_id, privilege FROM " . DataBaseAccess::TABLE_PRIVILEGES_NAME . " WHERE resource_id IN ({$inQueryResource}) AND user_id IN ({$inQueryUser})";
$fetchResultFixture = array(array('resource_id' => 1, 'privilege' => 'open'), array('resource_id' => 2, 'privilege' => 'close'), array('resource_id' => 3, 'privilege' => 'create'), array('resource_id' => 3, 'privilege' => 'delete'));
$resultFixture = array(1 => array('open'), 2 => array('close'), 3 => array('create', 'delete'));
$params = $resourceIds;
foreach ($userIds as $userId) {
$params[] = $userId;
}
$persistenceMock = $this->getPersistenceMock($params, $query, $fetchResultFixture);
$this->instance->setPersistence($persistenceMock);
$this->assertSame($resultFixture, $this->instance->getPermissions($userIds, $resourceIds));
}