mydropdocumentspage.php.svn-base
来自「PHP 知识管理系统(基于树结构的知识管理系统), 英文原版的PHP源码。」· SVN-BASE 代码 · 共 706 行 · 第 1/2 页
SVN-BASE
706 行
} //This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder //has just been created. function setUserDocsRoleAllocation($oUserFolderObject) { $userFolderID = $oUserFolderObject->getId(); $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; //create a new role allocation $oDropdocumentsRoleAllocation = new RoleAllocation(); if ($oDropdocumentsRoleAllocation == null) { $this->session->logout(); return _kt('Error: cannot create WorkSpaceOwner role allocation'); } //set the folder and role for the allocation $oDropdocumentsRoleAllocation->setFolderId($userFolderID); $oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID); $aWorkSpaceOwnerRoleAllowed = array(); $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed); //It might be a problem that i'm not doing a "start transaction" here. //Unable to roll back in event of db failure $res = $oDropdocumentsRoleAllocation->create(); //The role is created and then updated by adding the current user to the allowed list $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor(); $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed(); $aUserId[] = $this->oUser->getId(); $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId; $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed); $res = $oDropdocumentsRoleAllocation->update(); //Update all info linked to the role $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID); } //This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder //has already been created. function updateUserDocsRoleAllocation($oUserFolder) { $userFolderID = $oUserFolder->getId(); $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId(); $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; //Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role $oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID); //check that the object is not null if ($oDropdocumentsRoleAllocation == null) { $this->session->logout(); return _kt('Error: cannot find WorkSpaceOwner role allocation'); } $oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor(); $aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed(); //If the user ID is not in the allowed list already then add it to the list. if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user'])) { $aNewAllowed = array(); $aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user']; $aNewAllowed[] = $this->oUser->getId(); $aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed; $oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed); $res = $oDropdocumentsRoleAllocation->update(); $this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID); } } function setPersonalFolderPermissions($oPO) { $aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); $aAdminGroupID = $this->getGroupIdByName('System Administrators'); //arrays used to make integers for $aAllowed array variable $iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id']; $iAdminGroupID = $aAdminGroupID[0]['id']; //set permissions for the role and the admin group $aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID)); //Get the List of all the permissions $aPersonalFolderPermissions = KTPermission::getList(); //Iterate through and apply all permissions to the current user and the admin group foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission) { KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed); } //Update permission lookup KTPermissionUtil::updatePermissionLookupForPO($oPO); } function updatePersonalFolderRoleAllocation($oPersonalFolder) { //Assign user to the WorkSpaceOwner role $personalFolderID = $oPersonalFolder->getId(); $tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner'); $WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id']; $oRoleAllocation = new RoleAllocation(); if ($oRoleAllocation == null) { $this->session->logout(); return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder'); } $oRoleAllocation->setFolderId($personalFolderID); $oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID); $aRoleAllowed = array(); $oRoleAllocation->setAllowed($aRoleAllowed); //It might be a problem that i'm not doing a "start transaction" here. //Unable to roll back in event of db failure $res = $oRoleAllocation->create(); //The role is first created and then the current user is allocated to the role below $oPD = $oRoleAllocation->getPermissionDescriptor(); $aRoleAssignAllowed = $oPD->getAllowed(); $aUserId[] = $this->oUser->getId(); $aRoleAssignAllowed['user'] = $aUserId; $oRoleAllocation->setAllowed($aRoleAssignAllowed); $res = $oRoleAllocation->update(); $this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID); } //FIXME: Direct Database access function getFolderID($sFolderName) { $sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\''; $id = DBUtil::getResultArray($sQuery); return $id[0]['id']; } //this function returns the document link and document name to be displayed on the dashlet function getDocInfo($iDocId) { $oDocument = Document::get($iDocId); if (PEAR::isError($oDocument)) { return _kt('Document no longer exists.'); } $sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8'); $sLink = KTBrowseUtil::getUrlForDocument($oDocument); $aAnchorData = array(); $aAnchorData[] = $sLink; $aAnchorData[] = $sName; return $aAnchorData; } //This function is used to create the role, role allocation is done separately function createRole ($sName) { $this->startTransaction(); $oRole = Role::createFromArray(array('name' => $sName)); if (PEAR::isError($oRole) || ($oRole == false)) { if ($this->bTransactionStarted) { $this->rollbackTransaction(); } //return null on failure return null; } else { return $oRole; } } //FIXME: Direct Database access function roleExistsName ($sName) { $sQuery = "SELECT id FROM roles WHERE name = ?"; $aParams = array($sName); $res = DBUtil::getResultArray(array($sQuery, $aParams)); if (count($res) != 0) { return true; } return false; } //FIXME: Direct Database access function groupExistsName ($sName) { $sQuery = "SELECT id FROM groups_lookup WHERE name = ?"; $aParams = array($sName); $res = DBUtil::getResultArray(array($sQuery, $aParams)); if (count($res) != 0) { return true; } return false; } //FIXME: Direct Database access function getRoleIdByName($sName) { $sQuery = "SELECT id FROM roles WHERE name = ?"; $aParams = array($sName); $res = DBUtil::getResultArray(array($sQuery, $aParams)); return $res; } //FIXME: Direct Database access function getGroupIdByName ($sName) { $sQuery = "SELECT id FROM groups_lookup WHERE name = ?"; $aParams = array($sName); $res = DBUtil::getResultArray(array($sQuery, $aParams)); return $res; } //function taken from KTPermission.php and edited to work here function renegeratePermissionsForRole($iRoleId, $iFolderId) { $iStartFolderId = $iFolderId; /* * 1. find all folders & documents "below" this one which use the role * definition _active_ (not necessarily present) at this point. * 2. tell permissionutil to regen their permissions. * * The find algorithm is: * * folder_queue <- (iStartFolderId) * while folder_queue is not empty: * active_folder = * for each folder in the active_folder: * find folders in _this_ folder without a role-allocation on the iRoleId * add them to the folder_queue * update the folder's permissions. * find documents in this folder: * update their permissions. */ $sRoleAllocTable = KTUtil::getTableName('role_allocations'); $sFolderTable = KTUtil::getTableName('folders'); $sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable); $folder_queue = array($iStartFolderId); while (!empty($folder_queue)) { $active_folder = array_pop($folder_queue); $aParams = array($active_folder); $aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id'); if (PEAR::isError($aNewFolders)) { //$this->errorRedirectToMain(_kt('Failure to generate folderlisting.')); echo _kt('Failure to generate folderlisting.'); } $folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push. // update the folder. $oFolder =& Folder::get($active_folder); if (PEAR::isError($oFolder) || ($oFolder == false)) { //$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder); echo _kt('Unable to locate folder: ').$active_folder; } KTPermissionUtil::updatePermissionLookup($oFolder); $aDocList =& Document::getList(array('folder_id = ?', $active_folder)); if (PEAR::isError($aDocList) || ($aDocList === false)) { //$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage())); echo _kt('Unable to get documents in folder ').$active_folder; } foreach ($aDocList as $oDoc) { if (!PEAR::isError($oDoc)) { KTPermissionUtil::updatePermissionLookup($oDoc); } } } } /* attempt to abstract the transaction-matching query. tables that are already defined (other than sec ones): - Documents (D) - Users (U) - TransactionTypes (DTT) - Document Transactions (DT) so where clausess can take advantage of those. */ function getTransactionsMatchingQuery($oUser, $sJoinClause, $aExternalWhereClauses, $aExternalWhereParams, $aOptions = null) { $sSelectItems = 'DTT.name AS transaction_name, U.name AS user_name, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime, D.id as document_id, DT.transaction_namespace as namespace'; $sBaseJoin = "FROM " . KTUtil::getTableName("document_transactions") . " AS DT " . "INNER JOIN " . KTUtil::getTableName("users") . " AS U ON DT.user_id = U.id " . "INNER JOIN " . KTUtil::getTableName("transaction_types") . " AS DTT ON DTT.namespace = DT.transaction_namespace " . "INNER JOIN " . KTUtil::getTableName("documents") . " AS D ON D.id = DT.document_id "; // now we're almost at partialquery like status. $perm_res = KTSearchUtil::permissionToSQL($oUser, 'ktcore.permissions.read'); if (PEAR::isError($perm_res)) { return $perm_res; } list($sPermissionString, $aPermissionParams, $sPermissionJoin) = $perm_res; // compile the final list $aFinalWhere = kt_array_merge(array($sPermissionString,'D.creator_id IS NOT NULL'), $aExternalWhereClauses, array('D.status_id = ?')); $aFinalWhereParams = kt_array_merge($aPermissionParams, $aExternalWhereParams, array(LIVE)); if (!is_array($aOptions)) { $aOptions = (array) $aOptions; } $sOrderBy = KTUtil::arrayGet($aOptions, 'orderby', 'DT.datetime DESC'); // compile these. // NBM: do we need to wrap these in ()? $sWhereClause = implode(' AND ', $aFinalWhere); if (!empty($sWhereClause)) { $sWhereClause = 'WHERE ' . $sWhereClause; } $sQuery = sprintf("SELECT %s %s %s %s %s ORDER BY %s", $sSelectItems, $sBaseJoin, $sPermissionJoin, $sJoinClause, $sWhereClause, $sOrderBy ); //var_dump(array($sQuery, $aFinalWhereParams)); $res = DBUtil::getResultArray(array($sQuery, $aFinalWhereParams)); //var_dump($res); exit(0); return $res; }}?>⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?