[evolvis-commits] r15213: Implemented Group::addUser() for PFO-RBAC
mirabilos at evolvis.org
mirabilos at evolvis.org
Mon Feb 28 23:49:41 CET 2011
Author: mirabilos
Date: 2011-02-28 23:49:41 +0100 (Mon, 28 Feb 2011)
New Revision: 15213
Modified:
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php
Log:
Implemented Group::addUser() for PFO-RBAC
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php 2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php 2011-02-28 22:49:41 UTC (rev 15213)
@@ -1617,8 +1617,7 @@
Admins can add users to groups
*/
- $perm =& $this->getPermission ();
- if (!$perm || !is_object($perm) || !$perm->isAdmin()) {
+ if (!forge_check_perm ('project_admin', $this->getID()) {
$this->setPermissionDeniedError();
return false;
}
@@ -1647,6 +1646,31 @@
//
$user_id = db_result($res_newuser,0,'user_id');
+ $role = new Role($this,$role_id);
+ if (!$role || !is_object($role)) {
+ $this->setError(_('Error Getting Role Object'));
+ db_rollback();
+ return false;
+ } elseif ($role->isError()) {
+ $this->setError('addUser::roleget::'.$role->getErrorMessage());
+ db_rollback();
+ return false;
+ }
+
+ if (USE_PFO_RBAC) {
+ $role->addUser (user_get_object ($user_id)) ;
+ if (!$SYS->sysCheckCreateGroup($this->getID())){
+ $this->setError($SYS->getErrorMessage());
+ db_rollback();
+ return false;
+ }
+ if (!$SYS->sysCheckCreateUser($user_id)) {
+ $this->setError($SYS->getErrorMessage());
+ db_rollback();
+ return false;
+ }
+ } else {
+
//
// if not already a member, add them
//
@@ -1701,16 +1725,6 @@
//
// Role setup
//
- $role = new Role($this,$role_id);
- if (!$role || !is_object($role)) {
- $this->setError(_('Error Getting Role Object'));
- db_rollback();
- return false;
- } elseif ($role->isError()) {
- $this->setError('addUser::roleget::'.$role->getErrorMessage());
- db_rollback();
- return false;
- }
//echo "<h2>Group::addUser role->setUser($user_id)</h2>";
if (!$role->setUser($user_id)) {
$this->setError('addUser::role::setUser'.$role->getErrorMessage());
@@ -1752,6 +1766,7 @@
db_commit();
return true;
}
+ } // USE_PFO_RBAC
} else {
//
// user doesn't exist
@@ -1799,6 +1814,7 @@
}
db_begin();
+
$res = db_query_params ('DELETE FROM user_group WHERE group_id=$1 AND user_id=$2',
array ($this->getID(),
$user_id)) ;
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php 2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php 2011-02-28 22:49:41 UTC (rev 15213)
@@ -959,15 +959,67 @@
// Actual classes
abstract class RoleExplicit extends BaseRole implements PFO_RoleExplicit {
- public function addUsers($users) {
- throw new Exception ("Not implemented") ;
+ public function addUsers ($users) {
+ $ids = array () ;
+ foreach ($users as $user) {
+ $ids[] = $user->getID() ;
+ }
+
+ $already_there = array () ;
+ $res = db_query_params ('SELECT user_id FROM user_role WHERE user_id=ANY($1) AND role_id=$2',
+ array (db_int_array_to_any_clause($ids), $this->getID())) ;
+ while ($arr =& db_fetch_array($res)) {
+ $already_there[] = $arr['user_id'] ;
+ }
+
+ foreach ($ids as $id) {
+ if (!in_array ($id, $already_there)) {
+ db_query_params ('INSERT INTO user_role (user_id, role_id) VALUES ($1, $2)',
+ array ($id,
+ $this->getID())) ;
+ }
+ }
}
+
+ public function addUser ($user) {
+ return $this->addUsers (array ($user)) ;
+ }
+
public function removeUsers($users) {
- throw new Exception ("Not implemented") ;
+ $ids = array () ;
+ foreach ($users as $user) {
+ $ids[] = $user->getID() ;
+ }
+
+ $already_there = array () ;
+ $res = db_query_params ('DELETE FROM user_role WHERE user_id=ANY($1) AND role_id=$2',
+ array (db_int_array_to_any_clause($ids), $this->getID())) ;
}
+
+ public function removeUser ($user) {
+ return $this->removeUsers (array ($user)) ;
+ }
+
public function getUsers() {
- throw new Exception ("Not implemented") ;
+ $result = array () ;
+ $res = db_query_params ('SELECT user_id FROM user_role WHERE role_id=$1',
+ array ($this->getID())) ;
+ while ($arr =& db_fetch_array($res)) {
+ $result[] = user_get_object ($arr['user_id']) ;
+ }
+
+ return $result ;
}
+
+ public function hasUser($user) {
+ $res = db_query_params ('SELECT user_id FROM user_role WHERE user_id=$1 AND role_id=$2',
+ array (db_int_array_to_any_clause($user->getID()), $this->getID())) ;
+ if ($res && $db_numrows($res)) {
+ return true ;
+ } else {
+ return false ;
+ }
+ }
}
class RoleAnonymous extends BaseRole implements PFO_RoleAnonymous {
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php 2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php 2011-02-28 22:49:41 UTC (rev 15213)
@@ -70,24 +70,6 @@
}
/**
- * getID - get the ID of this role.
- *
- * @return integer The ID Number.
- */
- function getID() { // From the PFO spec
- return $this->data_array['role_id'];
- }
-
- /**
- * getName - get the name of this role.
- *
- * @return string The name of this role.
- */
- function getName() { // From the PFO spec
- return $this->data_array['role_name'];
- }
-
- /**
* setName - set the name of this role.
*
* @param string The new name of this role.
More information about the evolvis-commits
mailing list