[evolvis-commits] r15213: Implemented Group::addUser() for PFO-RBAC

mirabilos at evolvis.org mirabilos at evolvis.org
Mon Feb 28 23:49:41 CET 2011


Author: mirabilos
Date: 2011-02-28 23:49:41 +0100 (Mon, 28 Feb 2011)
New Revision: 15213

Modified:
   trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php
Log:
Implemented Group::addUser() for PFO-RBAC

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php	2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class.php	2011-02-28 22:49:41 UTC (rev 15213)
@@ -1617,8 +1617,7 @@
 			Admins can add users to groups
 		*/
 
-		$perm =& $this->getPermission ();
-		if (!$perm || !is_object($perm) || !$perm->isAdmin()) {
+		if (!forge_check_perm ('project_admin', $this->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -1647,6 +1646,31 @@
 			//
 			$user_id = db_result($res_newuser,0,'user_id');
 
+			$role = new Role($this,$role_id);
+			if (!$role || !is_object($role)) {
+				$this->setError(_('Error Getting Role Object'));
+				db_rollback();
+				return false;
+			} elseif ($role->isError()) {
+				$this->setError('addUser::roleget::'.$role->getErrorMessage());
+				db_rollback();
+				return false;
+			}
+			
+			if (USE_PFO_RBAC) {
+				$role->addUser (user_get_object ($user_id)) ;
+				if (!$SYS->sysCheckCreateGroup($this->getID())){
+					$this->setError($SYS->getErrorMessage());
+					db_rollback();
+					return false;
+				}
+				if (!$SYS->sysCheckCreateUser($user_id)) {
+					$this->setError($SYS->getErrorMessage());
+					db_rollback();
+					return false;
+				}
+			} else {
+
 			//
 			//	if not already a member, add them
 			//
@@ -1701,16 +1725,6 @@
 				//
 				//	Role setup
 				//
-				$role = new Role($this,$role_id);
-				if (!$role || !is_object($role)) {
-					$this->setError(_('Error Getting Role Object'));
-					db_rollback();
-					return false;
-				} elseif ($role->isError()) {
-					$this->setError('addUser::roleget::'.$role->getErrorMessage());
-					db_rollback();
-					return false;
-				}
 //echo "<h2>Group::addUser role->setUser($user_id)</h2>";
 				if (!$role->setUser($user_id)) {
 					$this->setError('addUser::role::setUser'.$role->getErrorMessage());
@@ -1752,6 +1766,7 @@
 				db_commit();
 				return true;
 			}
+			} // USE_PFO_RBAC
 		} else {
 			//
 			//	user doesn't exist
@@ -1799,6 +1814,7 @@
 		}
 	
 		db_begin();
+
 		$res = db_query_params ('DELETE FROM user_group WHERE group_id=$1 AND user_id=$2', 
 					array ($this->getID(),
 					       $user_id)) ;

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php	2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBAC.php	2011-02-28 22:49:41 UTC (rev 15213)
@@ -959,15 +959,67 @@
 // Actual classes
 
 abstract class RoleExplicit extends BaseRole implements PFO_RoleExplicit {
-	public function addUsers($users) {
-		throw new Exception ("Not implemented") ;
+	public function addUsers ($users) {
+		$ids = array () ;
+		foreach ($users as $user) {
+			$ids[] = $user->getID() ;
+		}
+
+		$already_there = array () ;
+		$res = db_query_params ('SELECT user_id FROM user_role WHERE user_id=ANY($1) AND role_id=$2',
+					array (db_int_array_to_any_clause($ids), $this->getID())) ;
+		while ($arr =& db_fetch_array($res)) {
+			$already_there[] = $arr['user_id'] ;
+		}
+
+		foreach ($ids as $id) {
+			if (!in_array ($id, $already_there)) {
+			db_query_params ('INSERT INTO user_role (user_id, role_id) VALUES ($1, $2)',
+					 array ($id,
+						$this->getID())) ;
+			}
+		}	
 	}
+
+	public function addUser ($user) {
+		return $this->addUsers (array ($user)) ;
+	}
+
 	public function removeUsers($users) {
-		throw new Exception ("Not implemented") ;
+		$ids = array () ;
+		foreach ($users as $user) {
+			$ids[] = $user->getID() ;
+		}
+
+		$already_there = array () ;
+		$res = db_query_params ('DELETE FROM user_role WHERE user_id=ANY($1) AND role_id=$2',
+					array (db_int_array_to_any_clause($ids), $this->getID())) ;
 	}
+
+	public function removeUser ($user) {
+		return $this->removeUsers (array ($user)) ;
+	}
+
 	public function getUsers() {
-		throw new Exception ("Not implemented") ;
+		$result = array () ;
+		$res = db_query_params ('SELECT user_id FROM user_role WHERE role_id=$1',
+					array ($this->getID())) ;
+		while ($arr =& db_fetch_array($res)) {
+			$result[] = user_get_object ($arr['user_id']) ;
+		}
+
+		return $result ;
 	}
+
+	public function hasUser($user) {
+		$res = db_query_params ('SELECT user_id FROM user_role WHERE user_id=$1 AND role_id=$2',
+					array (db_int_array_to_any_clause($user->getID()), $this->getID())) ;
+		if ($res && $db_numrows($res)) {
+			return true ;
+		} else {
+			return false ;
+		}
+	}
 }
 
 class RoleAnonymous extends BaseRole implements PFO_RoleAnonymous {

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php	2011-02-28 22:49:38 UTC (rev 15212)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Role.class.php	2011-02-28 22:49:41 UTC (rev 15213)
@@ -70,24 +70,6 @@
 	}
 
 	/**
-	 *	getID - get the ID of this role.
-	 *
-	 *	@return	integer	The ID Number.
-	 */
-	function getID() {	// From the PFO spec
-		return $this->data_array['role_id'];
-	}
-
-	/**
-	 *	getName - get the name of this role.
-	 *
-	 *	@return	string	The name of this role.
-	 */
-	function getName() {	// From the PFO spec
-		return $this->data_array['role_name'];
-	}
-
-	/**
 	 *	setName - set the name of this role.
 	 *
 	 *	@param	string	The new name of this role.



More information about the evolvis-commits mailing list