[evolvis-commits] r15085: Skeleton of an implementation for the API currently discussed
mirabilos at evolvis.org
mirabilos at evolvis.org
Mon Feb 28 23:39:20 CET 2011
Author: mirabilos
Date: 2011-02-28 23:39:20 +0100 (Mon, 28 Feb 2011)
New Revision: 15085
Added:
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/PFO-RBAC.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
Log:
Skeleton of an implementation for the API currently discussed
Added: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/PFO-RBAC.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/PFO-RBAC.php (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/PFO-RBAC.php 2011-02-28 22:39:20 UTC (rev 15085)
@@ -0,0 +1,103 @@
+<?php
+/**
+ * API for role-based access control
+ * Defined at Planetforge.org
+ *
+ * Copyright 2010, Roland Mas
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * FusionForge is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+
+// Constants for roles' “capabilities”
+define ("PFO_ROLE_CAP_EXPLICIT", 1) ;
+define ("PFO_ROLE_CAP_FORGEWIDE", 2) ;
+define ("PFO_ROLE_CAP_UNION", 4) ;
+define ("PFO_ROLE_CAP_ANONYMOUS", 8) ;
+define ("PFO_ROLE_CAP_LOGGEDIN", 16) ;
+
+// Constants to identify role classes
+define ("PFO_ROLE_STANDARD", PFO_ROLE_CAP_EXPLICIT) ;
+define ("PFO_ROLE_GLOBAL", PFO_ROLE_CAP_EXPLICIT | PFO_ROLE_CAP_FORGEWIDE) ;
+define ("PFO_ROLE_ANONYMOUS", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_ANONYMOUS) ;
+define ("PFO_ROLE_LOGGEDIN", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_LOGGEDIN) ;
+define ("PFO_ROLE_UNIONPROJECT", PFO_ROLE_CAP_UNION) ;
+define ("PFO_ROLE_UNIONGLOBAL", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_UNION) ;
+
+// Interfaces for the capabilities
+interface PFO_BaseRole {
+ public function getName() ;
+ public function setName() ;
+ public function getID() ;
+ public function getUsers() ;
+ public function hasUser($user) ;
+ public function hasPermission($section, $reference, $permission) ;
+ public function normalizeData() ;
+ public function getSettings() ;
+ public function setSettings($data) ;
+ public function getLinkedProjects() ;
+}
+
+interface PFO_RoleExplicit extends PFO_BaseRole {
+ public function addUser($user) ;
+ public function removeUser($user) ;
+}
+
+interface PFO_RoleForgeWide extends PFO_BaseRole {
+ public function linkProject($project) ;
+ public function unlinkProject($project) ;
+
+}
+
+interface PFO_RoleUnion extends PFO_BaseRole {
+ public function addRole($role) ;
+ public function removeRole($role) ;
+}
+
+// Interfaces for the combination of capabilities
+
+interface PFO_RoleStandard extends PFO_RoleExplicit {
+ const role_caps = PFO_ROLE_STANDARD ;
+}
+
+interface PFO_RoleGlobal extends PFO_RoleExplicit {
+ const role_caps = PFO_ROLE_GLOBAL ;
+}
+
+interface PFO_RoleAnonymous extends PFO_RoleForgeWide {
+ const role_caps = PFO_ROLE_ANONYMOUS ;
+}
+
+interface PFO_RoleLoggedin extends PFO_RoleForgeWide {
+ const role_caps = PFO_ROLE_LOGGEDIN ;
+}
+
+interface PFO_RoleUnionProject extends PFO_RoleUnion {
+ const role_caps = PFO_ROLE_UNIONPROJECT ;
+}
+
+interface PFO_RoleUnionGlobal extends PFO_RoleForgeWide, PFO_RoleUnion {
+ const role_caps = PFO_ROLE_UNIONGLOBAL ;
+}
+
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Added: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php 2011-02-28 22:39:20 UTC (rev 15085)
@@ -0,0 +1,148 @@
+<?php
+/**
+ * FusionForge role-based access control
+ *
+ * Copyright 2004, GForge, LLC
+ * Copyright 2009-2010, Roland Mas
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * FusionForge is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+
+require "PFO-RBAC.php" ;
+
+// Code shared between classes
+
+abstract class Error {}
+
+abstract class BaseRole extends Error implements PFO_BaseRole {
+ public function getName() {
+ return $this->name ;
+ }
+ public function setName() {
+ return true ;
+ }
+ public function getID() {
+ return $this->ID ;
+ }
+ public function getUsers() {
+ return array () ;
+ }
+ public function hasUser($user) {
+ return false ;
+ }
+ public function hasPermission($section, $reference, $permission) {
+ return false ;
+ }
+ public function normalizeData() {
+ return true ;
+ }
+ public function getSettings() {
+ return array () ;
+ }
+ public function setSettings($data) {
+ return true ;
+ }
+ public function getLinkedProjects() {
+ return array () ;
+ }
+}
+
+abstract class BaseRoleGlobal extends BaseRole implements PFO_RoleForgeWide {
+ public function linkProject($project) {
+ return true ;
+ }
+ public function unlinkProject($project) {
+ return true ;
+ }
+}
+
+// Actual classes
+
+class RoleStandard extends BaseRole implements PFO_RoleStandard {
+ public function addUser($user) {
+ return true ;
+ }
+ public function removeUser($user) {
+ return true ;
+ }
+ public function getUsers() {
+ return array () ;
+ }
+ public function getProject() {
+ return false ;
+ }
+}
+
+class RoleGlobal extends BaseRoleGlobal implements PFO_RoleGlobal {
+ public function addUser($user) {
+ return true ;
+ }
+ public function removeUser($user) {
+ return true ;
+ }
+}
+
+class RoleAnonymous extends BaseRoleGlobal implements PFO_RoleAnonymous {
+ public function getName () {
+ return _('Anonymous/not logged in') ;
+ }
+ public function setName ($name) {
+ throw new Exception ("Can't setName() on RoleAnonymous") ;
+ }
+}
+
+class RoleLoggedIn extends BaseRoleGlobal implements PFO_RoleLoggedIn {
+ public function getName () {
+ return _('Any user logged in') ;
+ }
+ public function setName ($name) {
+ throw new Exception ("Can't setName() on RoleLoggedIn") ;
+ }
+}
+
+class RoleUnionProject extends BaseRole implements PFO_RoleUnionProject {
+ public function addRole ($role) {
+ return true ;
+ }
+ public function removeRole ($role) {
+ return true ;
+ }
+}
+
+class RoleUnionGlobal extends BaseRoleGlobal implements PFO_RoleUnionGlobal {
+ public function addRole ($role) {
+ return true ;
+ }
+ public function removeRole ($role) {
+ return true ;
+ }
+}
+
+$rs = new RoleStandard () ;
+$rg = new RoleGlobal () ;
+$ra = new RoleAnonymous () ;
+$rl = new RoleLoggedIn () ;
+$rup = new RoleUnionProject () ;
+$rug = new RoleUnionGlobal () ;
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
More information about the evolvis-commits
mailing list