mydropdocumentspage.php
来自「PHP 知识管理系统(基于树结构的知识管理系统), 英文原版的PHP源码。」· PHP 代码 · 共 706 行 · 第 1/2 页
PHP
706 行
}
//This function is used for allocating the user to the WorkSpaceOwner role only when the dropdocuments folder
//has just been created.
function setUserDocsRoleAllocation($oUserFolderObject)
{
$userFolderID = $oUserFolderObject->getId();
$tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
$WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
//create a new role allocation
$oDropdocumentsRoleAllocation = new RoleAllocation();
if ($oDropdocumentsRoleAllocation == null)
{
$this->session->logout();
return _kt('Error: cannot create WorkSpaceOwner role allocation');
}
//set the folder and role for the allocation
$oDropdocumentsRoleAllocation->setFolderId($userFolderID);
$oDropdocumentsRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
$aWorkSpaceOwnerRoleAllowed = array();
$oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAllowed);
//It might be a problem that i'm not doing a "start transaction" here.
//Unable to roll back in event of db failure
$res = $oDropdocumentsRoleAllocation->create();
//The role is created and then updated by adding the current user to the allowed list
$oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
$aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
$aUserId[] = $this->oUser->getId();
$aWorkSpaceOwnerRoleAssignAllowed['user'] = $aUserId;
$oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
$res = $oDropdocumentsRoleAllocation->update();
//Update all info linked to the role
$this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
}
//This function is used to allocate the current user to the WorkSpaceOwner role after the Dropdocuments folder
//has already been created.
function updateUserDocsRoleAllocation($oUserFolder)
{
$userFolderID = $oUserFolder->getId();
$tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');//$oUserRole->getId();
$WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
//Get the role allocation object for the Dropdocuments folder and the WorkSpaceOwner role
$oDropdocumentsRoleAllocation = $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($userFolderID, $WorkSpaceOwnerRoleID);
//check that the object is not null
if ($oDropdocumentsRoleAllocation == null)
{
$this->session->logout();
return _kt('Error: cannot find WorkSpaceOwner role allocation');
}
$oPD = $oDropdocumentsRoleAllocation->getPermissionDescriptor();
$aWorkSpaceOwnerRoleAssignAllowed = $oPD->getAllowed();
//If the user ID is not in the allowed list already then add it to the list.
if(!in_array($this->oUser->getId(), $aWorkSpaceOwnerRoleAssignAllowed['user']))
{
$aNewAllowed = array();
$aNewAllowed = $aWorkSpaceOwnerRoleAssignAllowed['user'];
$aNewAllowed[] = $this->oUser->getId();
$aWorkSpaceOwnerRoleAssignAllowed['user'] = $aNewAllowed;
$oDropdocumentsRoleAllocation->setAllowed($aWorkSpaceOwnerRoleAssignAllowed);
$res = $oDropdocumentsRoleAllocation->update();
$this->renegeratePermissionsForRole($oDropdocumentsRoleAllocation->getRoleId(), $userFolderID);
}
}
function setPersonalFolderPermissions($oPO)
{
$aWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
$aAdminGroupID = $this->getGroupIdByName('System Administrators');
//arrays used to make integers for $aAllowed array variable
$iWorkSpaceOwnerRoleID = $aWorkSpaceOwnerRoleID[0]['id'];
$iAdminGroupID = $aAdminGroupID[0]['id'];
//set permissions for the role and the admin group
$aAllowed = array('role' => array($iWorkSpaceOwnerRoleID), 'group' => array($iAdminGroupID));
//Get the List of all the permissions
$aPersonalFolderPermissions = KTPermission::getList();
//Iterate through and apply all permissions to the current user and the admin group
foreach ($aPersonalFolderPermissions as $oPersonalFolderPermission)
{
KTPermissionUtil::setPermissionForId($oPersonalFolderPermission, $oPO, $aAllowed);
}
//Update permission lookup
KTPermissionUtil::updatePermissionLookupForPO($oPO);
}
function updatePersonalFolderRoleAllocation($oPersonalFolder)
{
//Assign user to the WorkSpaceOwner role
$personalFolderID = $oPersonalFolder->getId();
$tempWorkSpaceOwnerRoleID = $this->getRoleIdByName('WorkSpaceOwner');
$WorkSpaceOwnerRoleID = $tempWorkSpaceOwnerRoleID[0]['id'];
$oRoleAllocation = new RoleAllocation();
if ($oRoleAllocation == null)
{
$this->session->logout();
return _kt('Error: Cannot create WorkSpaceOwner role allocation on personal folder');
}
$oRoleAllocation->setFolderId($personalFolderID);
$oRoleAllocation->setRoleId($WorkSpaceOwnerRoleID);
$aRoleAllowed = array();
$oRoleAllocation->setAllowed($aRoleAllowed);
//It might be a problem that i'm not doing a "start transaction" here.
//Unable to roll back in event of db failure
$res = $oRoleAllocation->create();
//The role is first created and then the current user is allocated to the role below
$oPD = $oRoleAllocation->getPermissionDescriptor();
$aRoleAssignAllowed = $oPD->getAllowed();
$aUserId[] = $this->oUser->getId();
$aRoleAssignAllowed['user'] = $aUserId;
$oRoleAllocation->setAllowed($aRoleAssignAllowed);
$res = $oRoleAllocation->update();
$this->renegeratePermissionsForRole($oRoleAllocation->getRoleId(), $personalFolderID);
}
//FIXME: Direct Database access
function getFolderID($sFolderName) {
$sQuery = 'SELECT id FROM folders WHERE name = \''.$sFolderName.'\'';
$id = DBUtil::getResultArray($sQuery);
return $id[0]['id'];
}
//this function returns the document link and document name to be displayed on the dashlet
function getDocInfo($iDocId) {
$oDocument = Document::get($iDocId);
if (PEAR::isError($oDocument)) {
return _kt('Document no longer exists.');
}
$sName = htmlentities($oDocument->getName(), ENT_NOQUOTES, 'UTF-8');
$sLink = KTBrowseUtil::getUrlForDocument($oDocument);
$aAnchorData = array();
$aAnchorData[] = $sLink;
$aAnchorData[] = $sName;
return $aAnchorData;
}
//This function is used to create the role, role allocation is done separately
function createRole ($sName)
{
$this->startTransaction();
$oRole = Role::createFromArray(array('name' => $sName));
if (PEAR::isError($oRole) || ($oRole == false))
{
if ($this->bTransactionStarted)
{
$this->rollbackTransaction();
}
//return null on failure
return null;
}
else
{
return $oRole;
}
}
//FIXME: Direct Database access
function roleExistsName ($sName)
{
$sQuery = "SELECT id FROM roles WHERE name = ?";
$aParams = array($sName);
$res = DBUtil::getResultArray(array($sQuery, $aParams));
if (count($res) != 0)
{
return true;
}
return false;
}
//FIXME: Direct Database access
function groupExistsName ($sName)
{
$sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
$aParams = array($sName);
$res = DBUtil::getResultArray(array($sQuery, $aParams));
if (count($res) != 0)
{
return true;
}
return false;
}
//FIXME: Direct Database access
function getRoleIdByName($sName)
{
$sQuery = "SELECT id FROM roles WHERE name = ?";
$aParams = array($sName);
$res = DBUtil::getResultArray(array($sQuery, $aParams));
return $res;
}
//FIXME: Direct Database access
function getGroupIdByName ($sName)
{
$sQuery = "SELECT id FROM groups_lookup WHERE name = ?";
$aParams = array($sName);
$res = DBUtil::getResultArray(array($sQuery, $aParams));
return $res;
}
//function taken from KTPermission.php and edited to work here
function renegeratePermissionsForRole($iRoleId, $iFolderId) {
$iStartFolderId = $iFolderId;
/*
* 1. find all folders & documents "below" this one which use the role
* definition _active_ (not necessarily present) at this point.
* 2. tell permissionutil to regen their permissions.
*
* The find algorithm is:
*
* folder_queue <- (iStartFolderId)
* while folder_queue is not empty:
* active_folder =
* for each folder in the active_folder:
* find folders in _this_ folder without a role-allocation on the iRoleId
* add them to the folder_queue
* update the folder's permissions.
* find documents in this folder:
* update their permissions.
*/
$sRoleAllocTable = KTUtil::getTableName('role_allocations');
$sFolderTable = KTUtil::getTableName('folders');
$sQuery = sprintf('SELECT f.id as id FROM %s AS f LEFT JOIN %s AS ra ON (f.id = ra.folder_id) WHERE ra.id IS NULL AND f.parent_id = ?', $sFolderTable, $sRoleAllocTable);
$folder_queue = array($iStartFolderId);
while (!empty($folder_queue)) {
$active_folder = array_pop($folder_queue);
$aParams = array($active_folder);
$aNewFolders = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
if (PEAR::isError($aNewFolders)) {
//$this->errorRedirectToMain(_kt('Failure to generate folderlisting.'));
echo _kt('Failure to generate folderlisting.');
}
$folder_queue = kt_array_merge ($folder_queue, (array) $aNewFolders); // push.
// update the folder.
$oFolder =& Folder::get($active_folder);
if (PEAR::isError($oFolder) || ($oFolder == false)) {
//$this->errorRedirectToMain(_kt('Unable to locate folder: ') . $active_folder);
echo _kt('Unable to locate folder: ').$active_folder;
}
KTPermissionUtil::updatePermissionLookup($oFolder);
$aDocList =& Document::getList(array('folder_id = ?', $active_folder));
if (PEAR::isError($aDocList) || ($aDocList === false)) {
//$this->errorRedirectToMain(sprintf(_kt('Unable to get documents in folder %s: %s'), $active_folder, $aDocList->getMessage()));
echo _kt('Unable to get documents in folder ').$active_folder;
}
foreach ($aDocList as $oDoc) {
if (!PEAR::isError($oDoc)) {
KTPermissionUtil::updatePermissionLookup($oDoc);
}
}
}
}
/*
attempt to abstract the transaction-matching query.
tables that are already defined (other than sec ones):
- Documents (D)
- Users (U)
- TransactionTypes (DTT)
- Document Transactions (DT)
so where clausess can take advantage of those.
*/
function getTransactionsMatchingQuery($oUser, $sJoinClause, $aExternalWhereClauses, $aExternalWhereParams, $aOptions = null) {
$sSelectItems = 'DTT.name AS transaction_name, U.name AS user_name, DT.version AS version, DT.comment AS comment, DT.datetime AS datetime, D.id as document_id, DT.transaction_namespace as namespace';
$sBaseJoin = "FROM " . KTUtil::getTableName("document_transactions") . " AS DT " .
"INNER JOIN " . KTUtil::getTableName("users") . " AS U ON DT.user_id = U.id " .
"INNER JOIN " . KTUtil::getTableName("transaction_types") . " AS DTT ON DTT.namespace = DT.transaction_namespace " .
"INNER JOIN " . KTUtil::getTableName("documents") . " AS D ON D.id = DT.document_id ";
// now we're almost at partialquery like status.
$perm_res = KTSearchUtil::permissionToSQL($oUser, 'ktcore.permissions.read');
if (PEAR::isError($perm_res)) {
return $perm_res;
}
list($sPermissionString, $aPermissionParams, $sPermissionJoin) = $perm_res;
// compile the final list
$aFinalWhere = kt_array_merge(array($sPermissionString,'D.creator_id IS NOT NULL'), $aExternalWhereClauses, array('D.status_id = ?'));
$aFinalWhereParams = kt_array_merge($aPermissionParams, $aExternalWhereParams, array(LIVE));
if (!is_array($aOptions)) {
$aOptions = (array) $aOptions;
}
$sOrderBy = KTUtil::arrayGet($aOptions, 'orderby', 'DT.datetime DESC');
// compile these.
// NBM: do we need to wrap these in ()?
$sWhereClause = implode(' AND ', $aFinalWhere);
if (!empty($sWhereClause)) {
$sWhereClause = 'WHERE ' . $sWhereClause;
}
$sQuery = sprintf("SELECT %s %s %s %s %s ORDER BY %s",
$sSelectItems,
$sBaseJoin,
$sPermissionJoin,
$sJoinClause,
$sWhereClause,
$sOrderBy
);
//var_dump(array($sQuery, $aFinalWhereParams));
$res = DBUtil::getResultArray(array($sQuery, $aFinalWhereParams));
//var_dump($res); exit(0);
return $res;
}
}
?>
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?