ktpermissions.php.svn-base
来自「PHP 知识管理系统(基于树结构的知识管理系统), 英文原版的PHP源码。」· SVN-BASE 代码 · 共 905 行 · 第 1/3 页
SVN-BASE
905 行
$this->oPage->setTitle(sprintf(_kt('Manage Groups for Role "%s"'), $oRole->getName())); $initJS = 'var optGroup = new OptionTransfer("groupSelect","chosenGroups"); ' . 'function startTrans() { var f = getElement("grouproleform"); ' . ' optGroup.saveNewRightOptions("groupFinal"); ' . ' optGroup.init(f); }; ' . ' addLoadEvent(startTrans); '; $this->oPage->requireJSStandalone($initJS); $aInitialUsers = $oRoleAllocation->getGroups(); $aAllUsers = Group::getList(); // FIXME this is massively non-performant for large userbases.. $aRoleUsers = array(); $aFreeUsers = array(); foreach ($aInitialUsers as $oGroup) { $aRoleUsers[$oGroup->getId()] = $oGroup; } foreach ($aAllUsers as $oGroup) { if (!array_key_exists($oGroup->getId(), $aRoleUsers)) { $aFreeUsers[$oGroup->getId()] = $oGroup; } } $oTemplating =& KTTemplating::getSingleton(); $oTemplate = $oTemplating->loadTemplate("ktcore/folder/roles_managegroups"); $aTemplateData = array( "context" => $this, "edit_rolealloc" => $oRoleAllocation, 'unused_groups' => $aFreeUsers, 'role_groups' => $aRoleUsers, 'rolename' => $oRole->getName(), ); return $oTemplate->render($aTemplateData); } function do_setRoleUsers() { $role_allocation_id = KTUtil::arrayGet($_REQUEST, 'allocation_id'); $oRoleAllocation = RoleAllocation::get($role_allocation_id); if ((PEAR::isError($oRoleAllocation)) || ($oRoleAllocation=== false)) { $this->errorRedirectToMain(_kt('No such role allocation.'), sprintf('fFolderId=%d',$this->oFolder->getId())); } $users = KTUtil::arrayGet($_REQUEST, 'userFinal', ''); $aUserIds = explode(',', $users); // check that its not corrupt.. $aFinalUserIds = array(); foreach ($aUserIds as $iUserId) { $oUser =& User::get($iUserId); if (!(PEAR::isError($oUser) || ($oUser == false))) { $aFinalUserIds[] = $iUserId; } } if (empty($aFinalUserIds)) { $aFinalUserIds = null; } // hack straight in. $oPD = $oRoleAllocation->getPermissionDescriptor(); $aAllowed = $oPD->getAllowed(); // now, grab the existing allowed and modify. $aAllowed['user'] = $aFinalUserIds; $oRoleAllocation->setAllowed($aAllowed); $res = $oRoleAllocation->update(); if (PEAR::isError($res) || ($res == false)) { $this->errorRedirectToMain(_kt('Failed to change the role allocation.') . print_r($res, true), sprintf('fFolderId=%d', $this->oFolder->getId())); } $oTransaction = KTFolderTransaction::createFromArray(array( 'folderid' => $this->oFolder->getId(), 'comment' => _kt('Set role users'), 'transactionNS' => 'ktcore.transactions.role_allocations_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP(), )); $aOptions = array( 'defaultmessage' => _kt('Problem assigning role users'), 'redirect_to' => array('main', sprintf('fFolderId=%d', $this->oFolder->getId())), ); $this->oValidator->notErrorFalse($oTransaction, $aOptions); $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId()); $this->successRedirectToMain(_kt('Allocation changed.'), sprintf('fFolderId=%d',$this->oFolder->getId())); } function do_setRoleGroups() { $role_allocation_id = KTUtil::arrayGet($_REQUEST, 'allocation_id'); $oRoleAllocation = RoleAllocation::get($role_allocation_id); if ((PEAR::isError($oRoleAllocation)) || ($oRoleAllocation=== false)) { $this->errorRedirectToMain(_kt('No such role allocation.'), sprintf('fFolderId=%d',$this->oFolder->getId())); } $groups = KTUtil::arrayGet($_REQUEST, 'groupFinal', ''); $aGroupIds = explode(',', $groups); // check that its not corrupt.. $aFinalGroupIds = array(); foreach ($aGroupIds as $iGroupId) { $oGroup =& Group::get($iGroupId); if (!(PEAR::isError($oGroup) || ($oGroup == false))) { $aFinalGroupIds[] = $iGroupId; } } if (empty($aFinalGroupIds)) { $aFinalGroupIds = null; } // hack straight in. $oPD = $oRoleAllocation->getPermissionDescriptor(); $aAllowed = $oPD->getAllowed(); // now, grab the existing allowed and modify. $aAllowed['group'] = $aFinalGroupIds; $oRoleAllocation->setAllowed($aAllowed); $res = $oRoleAllocation->update(); if (PEAR::isError($res) || ($res == false)) { $this->errorRedirectToMain(_kt('Failed to change the role allocation.') . print_r($res, true), sprintf('fFolderId=%d', $this->oFolder->getId())); } $oTransaction = KTFolderTransaction::createFromArray(array( 'folderid' => $this->oFolder->getId(), 'comment' => _kt('Set role groups'), 'transactionNS' => 'ktcore.transactions.role_allocations_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP(), )); $aOptions = array( 'defaultmessage' => _kt('Problem assigning role groups'), 'redirect_to' => array('main', sprintf('fFolderId=%d', $this->oFolder->getId())), ); $this->oValidator->notErrorFalse($oTransaction, $aOptions); $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId()); $this->successRedirectToMain(_kt('Allocation changed.'), sprintf('fFolderId=%d',$this->oFolder->getId())); } function renegeratePermissionsForRole($iRoleId) { $iStartFolderId = $this->oFolder->getId(); /* * 1. find all folders & documents "below" this one which use the role * definition _active_ (not necessarily present) at this point. * 2. tell permissionutil to regen their permissions. * * The find algorithm is: * * folder_queue <- (iStartFolderId) * while folder_queue is not empty: * active_folder = * for each folder in the active_folder: * find folders in _this_ folder without a role-allocation on the iRoleId * add them to the folder_queue * update the folder's permissions. * find documents in this folder: * update their permissions. */ $sRoleAllocTable = KTUtil::getTableName('role_allocations'); $sFolderTable = KTUtil::getTableName('folders'); $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable); $folder_queue = array($iStartFolderId); while (!empty($folder_queue)) { $active_folder = array_pop($folder_queue); $aParams = array($active_folder); $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id'); if (PEAR::isError($aNewFolders)) { $this->errorRedirectToMain(_kt('Failure to generate folderlisting.')); } $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push. // update the folder. $oFolder =& Folder::get($active_folder); if (PEAR::isError($oFolder) || ($oFolder == false)) { $this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder); } KTPermissionUtil::updatePermissionLookup($oFolder); $aDocList =& Document::getList(array('folder_id = ?', $active_folder)); if (PEAR::isError($aDocList) || ($aDocList === false)) { $this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage())); } foreach ($aDocList as $oDoc) { if (!PEAR::isError($oDoc)) { KTPermissionUtil::updatePermissionLookup($oDoc); } } } }}class KTDocumentRolesAction extends KTDocumentAction { var $sName = 'ktcore.actions.document.roles'; var $_sShowPermission = "ktcore.permissions.write"; var $bAutomaticTransaction = true; function getDisplayName() { return _kt('View Roles'); } function do_main() { $this->oPage->setTitle(_kt("View Roles")); $this->oPage->setBreadcrumbDetails(_kt("View Roles")); $oTemplating = new KTTemplating; $oTemplate = $oTemplating->loadTemplate("ktcore/action/view_roles"); // we need to have: // - a list of roles // - with their users / groups // - and that allocation id $aRoles = array(); // stores data for display. $aRoleList = Role::getList(); foreach ($aRoleList as $oRole) { $iRoleId = $oRole->getId(); $aRoles[$iRoleId] = array("name" => $oRole->getName()); $oRoleAllocation = DocumentRoleAllocation::getAllocationsForDocumentAndRole($this->oDocument->getId(), $iRoleId); if (is_null($oRoleAllocation)) { $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($this->oDocument->getFolderID(), $iRoleId); } $u = array(); $g = array(); $aid = null; $raid = null; if (is_null($oRoleAllocation)) { ; // nothing. } else { //var_dump($oRoleAllocation); $raid = $oRoleAllocation->getId(); // real_alloc_id $aAllowed = $oRoleAllocation->getAllowed(); if (!empty($aAllowed['user'])) { $u = $aAllowed['user']; } if (!empty($aAllowed['group'])) { $g = $aAllowed['group']; } } $aRoles[$iRoleId]['users'] = $u; $aRoles[$iRoleId]['groups'] = $g; $aRoles[$iRoleId]['real_allocation_id'] = $raid; } // final step. // map to users, groups. foreach ($aRoles as $key => $role) { $_users = array(); foreach ($aRoles[$key]['users'] as $iUserId) { $oUser = User::get($iUserId); if (!(PEAR::isError($oUser) || ($oUser == false))) { $_users[] = $oUser->getName(); } } if (empty($_users)) { $aRoles[$key]['users'] = '<span class="descriptiveText"> ' . _kt('no users') . '</span>'; } else { $aRoles[$key]['users'] = implode(', ',$_users); } $_groups = array(); foreach ($aRoles[$key]['groups'] as $iGroupId) { $oGroup = Group::get($iGroupId); if (!(PEAR::isError($oGroup) || ($oGroup == false))) { $_groups[] = $oGroup->getName(); } } if (empty($_groups)) { $aRoles[$key]['groups'] = '<span class="descriptiveText"> ' . _kt('no groups') . '</span>'; } else { $aRoles[$key]['groups'] = implode(', ',$_groups); } } $aTemplateData = array( 'context' => &$this, 'roles' => $aRoles, ); return $oTemplate->render($aTemplateData); }}⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?