/package/app/app/alpha/lib/model/PermissionPeer.php

https://github.com/richhl/kalturaCE · PHP · 280 lines · 226 code · 35 blank · 19 comment · 31 complexity · 9cb0da75a851922b1697e76c55f55e22 MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. 

  4. /**
    5. 

  5.  * Skeleton subclass for performing query and update operations on the 'permission' table.
    6. 

  6.  *
    7. 

  7.  * 
    8. 

  8.  *
    9. 

  9.  * You should add additional methods to this class to meet the
    10. 

  10.  * application requirements.  This class will only be generated as
    11. 

  11.  * long as it does not already exist in the output directory.
    12. 

  12.  *
    13. 

  13.  * @package Core
    14. 

  14.  * @subpackage model
    15. 

  15.  */
    16. 

  16. class PermissionPeer extends BasePermissionPeer
    17. 

  17. {
    18. 

  18. 

  19. 	public static function checkValidPermissionsForRole($permissionsStr, $partnerId)
    20. 

  20. 	{
    21. 

  21. 		if ($permissionsStr == UserRole::ALL_PARTNER_PERMISSIONS_WILDCARD) {
    22. 

  22. 			return true;
    23. 

  23. 		}
    24. 

  24. 		
    25. 

  25. 		$permissions = array_map('trim', explode(',', $permissionsStr));
    26. 

  26. 		
    27. 

  27. 		foreach ($permissions as $permission)
    28. 

  28. 		{
    29. 

  29. 			if (!$permission)
    30. 

  30. 				continue;
    31. 

  31. 			
    32. 

  32. 			$c = new Criteria();
    33. 

  33. 			$c->addAnd(PermissionPeer::NAME, $permission, Criteria::EQUAL);
    34. 

  34. 			$c->addAnd(PermissionPeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
    35. 

  35. 			// a user role can only contain NORMAL permission types - TODO should be changed to perPartner / perUser permissions
    36. 

  36. 			$c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
    37. 

  37. 			$c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL);
    38. 

  38. 			
    39. 

  39. 			PermissionPeer::setUseCriteriaFilter(false);
    40. 

  40. 			$hasPermission = PermissionPeer::doSelectOne($c);
    41. 

  41. 			PermissionPeer::setUseCriteriaFilter(true);
    42. 

  42. 			
    43. 

  43. 			if (!$hasPermission || $hasPermission->getStatus() == PermissionStatus::DELETED) {
    44. 

  44. 				throw new kPermissionException('Permission ['.$permission.'] was not found for partner ['.$partnerId.']', kPermissionException::PERMISSION_NOT_FOUND);
    45. 

  45. 			}
    46. 

  46. 		}
    47. 

  47. 	}
    48. 

  48. 			
    49. 

  49. 	public static function addToPartner($permission, $partnerId)
    50. 

  50. 	{
    51. 

  51. 		$permission->setPartnerId($partnerId);
    52. 

  52. 		$c = new Criteria();
    53. 

  53. 		$c->addAnd(PermissionPeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
    54. 

  54. 		$c->addAnd(PermissionPeer::NAME, $permission->getName(), Criteria::EQUAL);
    55. 

  55. 		$existingPermission = PermissionPeer::doSelectOne($c);
    56. 

  56. 		if (!$existingPermission) {
    57. 

  57. 			$permission->save();
    58. 

  58. 			KalturaLog::log('Adding permission ['.$permission->getName().'] to partner ['.$partnerId.'].');
    59. 

  59. 			return $permission;
    60. 

  60. 		}
    61. 

  61. 		else {
    62. 

  62. 			throw new kPermissionException('Permission ['.$permission->getName().'] already exists for partner ['.$partnerId.']', kPermissionException::PERMISSION_ALREADY_EXISTS);
    63. 

  63. 		}
    64. 

  64. 	}
    65. 

  65. 	
    66. 

  66. 	
    67. 

  67. 	public static function removePermissionFromPartner($permissionName, $partnerId)
    68. 

  68. 	{
    69. 

  69. 		$c = new Criteria();
    70. 

  70. 		$c->addAnd(PermissionPeer::PARTNER_ID, $partnerId, Criteria::EQUAL);
    71. 

  71. 		$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
    72. 

  72. 		$existingPermission = PermissionPeer::doSelectOne($c);
    73. 

  73. 		if (!$existingPermission) {
    74. 

  74. 			throw new kPermissionException('Permission ['.$permissionName.'] does not exist for partner ['.$partnerId.']', kPermissionException::PERMISSION_NOT_FOUND);
    75. 

  75. 		}
    76. 

  76. 		KalturaLog::log('Removing permission ['.$permissionName.'] from partner ['.$partnerId.'].');
    77. 

  77. 		$existingPermission->setStatus(PermissionStatus::DELETED);
    78. 

  78. 	}
    79. 

  79. 	
    80. 

  80. 	
    81. 

  81. 	public static function enableForPartner($permissionName, $permissionType, $partnerId, $friendlyName = null, $description = null)
    82. 

  82. 	{
    83. 

  83. 		$permission = new Permission();
    84. 

  84. 		$permission->setName($permissionName);
    85. 

  85. 		$permission->setFriendlyName($friendlyName ? $friendlyName : $permissionName);
    86. 

  86. 		$permission->setDescription($description);
    87. 

  87. 		$permission->setType($permissionType);
    88. 

  88. 		$permission->setStatus(PermissionStatus::ACTIVE);
    89. 

  89. 		
    90. 

  90. 		try {
    91. 

  91. 			// try to add permission
    92. 

  92. 			self::addToPartner($permission, $partnerId);
    93. 

  93. 			return true;
    94. 

  94. 		}
    95. 

  95. 		catch (kPermissionException $e) {
    96. 

  96. 			$code = $e->getCode();
    97. 

  97. 			if ($code == kPermissionException::PERMISSION_ALREADY_EXISTS) {
    98. 

  98. 				// permission already exists - set status to active
    99. 

  99. 				$permission = self::getByNameAndPartner($permissionName, array($partnerId));
    100. 

  100. 				if(!$permission)
    101. 

  101. 					throw new kCoreException("Permission [$permissionName] not found for partner [$partnerId]", kCoreException::INTERNAL_SERVER_ERROR);
    102. 

  102. 					
    103. 

  103. 				$permission->setStatus(PermissionStatus::ACTIVE);
    104. 

  104. 				$permission->save();
    105. 

  105. 				return true;
    106. 

  106. 			}
    107. 

  107. 			throw $e;
    108. 

  108. 		}
    109. 

  109. 		throw new kCoreException('Unknown error occured', kCoreException::INTERNAL_SERVER_ERROR);
    110. 

  110. 	}
    111. 

  111. 

  112. 	
    113. 

  113. 	public static function disableForPartner($permissionName, $partnerId)
    114. 

  114. 	{
    115. 

  115. 		$permission = self::getByNameAndPartner($permissionName, array($partnerId));
    116. 

  116. 		if (!$permission) {
    117. 

  117. 			return true; // permission not found - already disabled
    118. 

  118. 		}
    119. 

  119. 		if ($permission->getStatus() != PermissionStatus::ACTIVE) {
    120. 

  120. 			return true; // non active status - already disabled
    121. 

  121. 		}
    122. 

  122. 		$permission->setStatus(PermissionStatus::BLOCKED);
    123. 

  123. 		$permission->save();
    124. 

  124. 	}
    125. 

  125. 	
    126. 

  126. 	
    127. 

  127. 	public static function isValidForPartner($permissionName, $partnerId, $checkDependency = true)
    128. 

  128. 	{
    129. 

  129. 		$permission = self::getByNameAndPartner($permissionName, array($partnerId, PartnerPeer::GLOBAL_PARTNER));
    130. 

  130. 		if (!$permission) {
    131. 

  131. 			return false;
    132. 

  132. 		}
    133. 

  133. 		if ($permission->getStatus() != PermissionStatus::ACTIVE) {
    134. 

  134. 			return false;
    135. 

  135. 		}
    136. 

  136. 		
    137. 

  137. 		// check if permissions depends on another permission which is not valid for partner
    138. 

  138. 		if ($checkDependency)
    139. 

  139. 		{
    140. 

  140. 			$dependsOn = trim($permission->getDependsOnPermissionNames());
    141. 

  141. 			$dependsOn = explode(',', $dependsOn);
    142. 

  142. 			$valid = true;
    143. 

  143. 			if ($dependsOn) {
    144. 

  144. 				foreach($dependsOn as $dependPermission) {
    145. 

  145. 					$dependPermission = trim($dependPermission);
    146. 

  146. 					if (!$dependPermission) {
    147. 

  147. 						continue;
    148. 

  148. 					}
    149. 

  149. 					$valid = $valid && self::isValidForPartner($dependPermission, $partnerId);
    150. 

  150. 				}
    151. 

  151. 			}
    152. 

  152. 			if (!$valid) {
    153. 

  153. 				return false;
    154. 

  154. 			}
    155. 

  155. 		}
    156. 

  156. 		return $permission;
    157. 

  157. 	}
    158. 

  158. 	
    159. 

  159. 	
    160. 

  160. 	public static function getByNameAndPartner($permissionName, $partnerIdsArray)
    161. 

  161. 	{
    162. 

  162. 		$c = new Criteria();
    163. 

  163. 		if (!in_array('*', $partnerIdsArray, true)) {
    164. 

  164. 			$c->addAnd(PermissionPeer::PARTNER_ID, $partnerIdsArray, Criteria::IN);
    165. 

  165. 		}
    166. 

  166. 		$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
    167. 

  167. 		PermissionPeer::setUseCriteriaFilter(false);
    168. 

  168. 		$permission = PermissionPeer::doSelectOne($c);
    169. 

  169. 		PermissionPeer::setUseCriteriaFilter(true);
    170. 

  170. 		return $permission;
    171. 

  171. 	}
    172. 

  172. 	
    173. 

  173. 	public static function isAllowedPlugin($pluginName, $partnerId)
    174. 

  174. 	{
    175. 

  175. 		$permissionName = self::getPermissionNameFromPluginName($pluginName);
    176. 

  176. 		return self::isValidForPartner($permissionName, $partnerId);
    177. 

  177. 	}
    178. 

  178. 	
    179. 

  179. 	public static function enablePlugin($pluginName, $partnerId)
    180. 

  180. 	{
    181. 

  181. 		$permissionName = self::getPermissionNameFromPluginName($pluginName);
    182. 

  182. 		$friendlyName = $pluginName .' plugin permission';
    183. 

  183. 		$description = 'Permission to use '.$pluginName.' plugin';
    184. 

  184. 		return self::enableForPartner($permissionName, PermissionType::PLUGIN, $partnerId, $friendlyName, $description);
    185. 

  185. 	}
    186. 

  186. 	
    187. 

  187. 	public static function disablePlugin($pluginName, $partnerId)
    188. 

  188. 	{
    189. 

  189. 		$permissionName = self::getPermissionNameFromPluginName($pluginName);
    190. 

  190. 		return self::disableForPartner($permissionName, $partnerId);
    191. 

  191. 	}
    192. 

  192. 	
    193. 

  193. 	public static function getPermissionNameFromPluginName($pluginName)
    194. 

  194. 	{
    195. 

  195. 		return strtoupper($pluginName).'_PLUGIN_PERMISSION';
    196. 

  196. 	}
    197. 

  197. 	
    198. 

  198. 	public static function getAllValidForPartner($partnerId, $checkDependency = true)
    199. 

  199. 	{
    200. 

  200. 		$c = new Criteria();
    201. 

  201. 		$c->addAnd(PermissionPeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
    202. 

  202. 		$c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL);
    203. 

  203. 		PermissionPeer::setUseCriteriaFilter(false);
    204. 

  204. 		$allPermissions = PermissionPeer::doSelect($c);
    205. 

  205. 		PermissionPeer::setUseCriteriaFilter(true);
    206. 

  206. 		
    207. 

  207. 		if ($checkDependency) {
    208. 

  208. 			$allPermissions = self::filterDependencies($allPermissions, $partnerId);
    209. 

  209. 		}
    210. 

  210. 				
    211. 

  211. 		return $allPermissions;
    212. 

  212. 	}
    213. 

  213. 	
    214. 

  214. 	
    215. 

  215. 	public static function filterDependenciesByNames($permissionNames, $partnerId)
    216. 

  216. 	{
    217. 

  217. 		$c = new Criteria();
    218. 

  218. 		$c->addAnd(PermissionPeer::NAME, explode(',', $permissionNames), Criteria::IN);
    219. 

  219. 		$c->addAnd(PermissionPeer::PARTNER_ID, array($partnerId, PartnerPeer::GLOBAL_PARTNER), Criteria::IN);
    220. 

  220. 		PermissionPeer::setUseCriteriaFilter(false);
    221. 

  221. 		$permissionObjects = PermissionPeer::doSelect($c);
    222. 

  222. 		PermissionPeer::setUseCriteriaFilter(true);
    223. 

  223. 		$permissionObjects = PermissionPeer::filterDependencies($permissionObjects, $partnerId);
    224. 

  224. 		$permissionNames = array();
    225. 

  225. 		foreach ($permissionObjects as $object)
    226. 

  226. 		{
    227. 

  227. 			$permissionNames[] = $object->getName();
    228. 

  228. 		}
    229. 

  229. 		$permissionNames = implode(',', $permissionNames);
    230. 

  230. 		return $permissionNames;
    231. 

  231. 	}
    232. 

  232. 	
    233. 

  233. 	public static function filterDependencies($permissions, $partnerId)
    234. 

  234. 	{
    235. 

  235. 		$c = new Criteria();
    236. 

  236. 		$c->addAnd(PermissionPeer::PARTNER_ID, $partnerId, Criteria::EQUAL);
    237. 

  237. 		$c->addAnd(PermissionPeer::TYPE, array(PermissionType::PLUGIN, PermissionType::SPECIAL_FEATURE), Criteria::IN);
    238. 

  238. 		$c->addAnd(PermissionPeer::STATUS, PermissionStatus::ACTIVE, Criteria::EQUAL);
    239. 

  239. 		$c->addSelectColumn(PermissionPeer::NAME);
    240. 

  240. 		$stmt = PermissionPeer::doSelectStmt($c);
    241. 

  241. 		$additionalPartnerPermissionNames = $stmt->fetchAll(PDO::FETCH_COLUMN);
    242. 

  242. 	
    243. 

  243. 		
    244. 

  244. 		$checkDependency = true;
    245. 

  245. 		while ($checkDependency)
    246. 

  246. 		{
    247. 

  247. 			$checkDependency = false;
    248. 

  248. 			$permissionNames = array();
    249. 

  249. 			foreach ($permissions as $permission)
    250. 

  250. 			{
    251. 

  251. 				// create an array of permission names to assist the check
    252. 

  252. 				$permissionNames[$permission->getId()] = $permission->getName();
    253. 

  253. 			}
    254. 

  254. 			foreach ($permissions as $key => $permission)
    255. 

  255. 			{
    256. 

  256. 				$dependsOn = trim($permission->getDependsOnPermissionNames());
    257. 

  257. 				$dependsOn = explode(',', $dependsOn);
    258. 

  258. 				if ($dependsOn)
    259. 

  259. 				{
    260. 

  260. 					foreach($dependsOn as $dependPermission)
    261. 

  261. 					{
    262. 

  262. 						$dependPermission = trim($dependPermission);
    263. 

  263. 						if (!$dependPermission) {
    264. 

  264. 							// invalid text
    265. 

  265. 							continue;
    266. 

  266. 						}
    267. 

  267. 						if (!in_array($dependPermission, $permissionNames, true) && !in_array($dependPermission, $additionalPartnerPermissionNames, true)) {
    268. 

  268. 							// current permission depends on a non existing permission
    269. 

  269. 							unset($permissions[$key]);
    270. 

  270. 							$checkDependency = true; // need to recheck because we have delete a permission
    271. 

  271. 							break;
    272. 

  272. 						}
    273. 

  273. 					}
    274. 

  274. 				}
    275. 

  275. 			}
    276. 

  276. 		}
    277. 

  277. 		return $permissions;
    278. 

  278. 	}
    279. 

  279. 	
    280. 

  280. } // PermissionPeer
    281.