Allow for dynamic permissions - permissions that are available only if a

certain condition on a document is met, using a saved search/condition. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3973 c91229c3-7414-0410-bfa2-8a42b809f60b

Allow for dynamic permissions - permissions that are available only if a
certain condition on a document is met, using a saved search/condition. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3973 c91229c3-7414-0410-bfa2-8a42b809f60b
Neil Blakey-Milner
1 parent 5be2067c
Showing 1 changed file with 65 additions and 36 deletions
presentation/lookAndFeel/knowledgeTree/foldermanagement/folderPermissions.php
@@ -14,6 +14,9 @@ require_once(KT_LIB_DIR . &quot;/permissions/permissionobject.inc.php&quot;);
 require_once(KT_LIB_DIR . "/permissions/permissionassignment.inc.php");
 require_once(KT_LIB_DIR . "/permissions/permissiondescriptor.inc.php");
 require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php");
+require_once(KT_LIB_DIR . "/permissions/permissiondynamiccondition.inc.php");
+
+require_once(KT_LIB_DIR . "/search/savedsearch.inc.php");
 require_once(KT_LIB_DIR . "/dispatcher.inc.php");
 $sectionName = "Manage Documents";
@@ -27,12 +30,12 @@ function displayFolderPathLink($aPathArray, $aPathNameArray, $sLinkPage = &quot;&quot;) {
     $default->log->debug("displayFolderPathLink: slinkPage=$sLinkPage");
     // display a separate link to each folder in the path
     for ($i=0; $i<count($aPathArray); $i++) {
-        $iFolderID = $aPathArray[$i];
+        $iFolderId = $aPathArray[$i];
         // retrieve the folder name for this folder
         $sFolderName = $aPathNameArray[$i];
-        // generate a link back to this page setting fFolderID
+        // generate a link back to this page setting fFolderId
         $sLink = generateLink($sLinkPage,
-                              "fBrowseType=folder&fFolderID=$iFolderID",
+                              "fBrowseType=folder&fFolderID=$iFolderId",
                               $sFolderName);
         $sPathLinks = (strlen($sPathLinks) > 0) ? $sPathLinks . " > " . $sLink : $sLink;
     }
@@ -41,11 +44,19 @@ function displayFolderPathLink($aPathArray, $aPathNameArray, $sLinkPage = &quot;&quot;) {
 class FolderPermissions extends KTStandardDispatcher {
+    var $bAutomaticTransaction = true;
+
+    function check() {
+        if (KTUtil::arrayGet($_REQUEST, 'fFolderID')) {
+            $_REQUEST['fFolderId'] = $_REQUEST['fFolderID'];
+        }
+        $this->oFolder =& $this->oValidator->validateFolder($_REQUEST['fFolderId']);
+        return true;
+    }
     function do_main() {
         $oTemplating = new KTTemplating;
-        $oTemplate = $oTemplating->loadTemplate("ktcore/manage_folder_permissions");
-        $oFolder = Folder::get($_REQUEST['fFolderID']);
-        $oPO = KTPermissionObject::get($oFolder->getPermissionObjectID());
+        $oTemplate = $oTemplating->loadTemplate("ktcore/folder/permissions");
+        $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());
         $aPermissions = KTPermission::getList();
         $aMapPermissionGroup = array();
         foreach ($aPermissions as $oPermission) {
@@ -53,45 +64,48 @@ class FolderPermissions extends KTStandardDispatcher {
             if (PEAR::isError($oPA)) {
                 continue;
             }
-            $oDescriptor = KTPermissionDescriptor::get($oPA->getPermissionDescriptorID());
-            $iPermissionID = $oPermission->getID();
-            $aIDs = $oDescriptor->getGroups();
-            $aMapPermissionGroup[$iPermissionID] = array();
-            foreach ($aIDs as $iID) {
-                $aMapPermissionGroup[$iPermissionID][$iID] = true;
+            $oDescriptor = KTPermissionDescriptor::get($oPA->getPermissionDescriptorId());
+            $iPermissionId = $oPermission->getId();
+            $aIds = $oDescriptor->getGroups();
+            $aMapPermissionGroup[$iPermissionId] = array();
+            foreach ($aIds as $iId) {
+                $aMapPermissionGroup[$iPermissionId][$iId] = true;
             }
         }
         $aMapPermissionUser = array();
         $aUsers = User::getList();
         foreach ($aPermissions as $oPermission) {
-            $iPermissionID = $oPermission->getID();
+            $iPermissionId = $oPermission->getId();
             foreach ($aUsers as $oUser) {
-                if (KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $oFolder)) {
-                    $aMapPermissionUser[$iPermissionID][$oUser->getID()] = true;
+                if (KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oFolder)) {
+                    $aMapPermissionUser[$iPermissionId][$oUser->getId()] = true;
                 }
             }
         }
         $oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO);
-        if ($oInherited === $oFolder) {
+        if ($oInherited === $this->oFolder) {
             $bEdit = true;
         } else {
-            $iInheritedFolderID = $oInherited->getID();
-            $sInherited = displayFolderPathLink(Folder::getFolderPathAsArray($iInheritedFolderID),
-                        Folder::getFolderPathNamesAsArray($iInheritedFolderID),
+            $iInheritedFolderId = $oInherited->getId();
+            $sInherited = displayFolderPathLink(Folder::getFolderPathAsArray($iInheritedFolderId),
+                        Folder::getFolderPathNamesAsArray($iInheritedFolderId),
                         "$default->rootUrl/control.php?action=editFolderPermissions");
             $bEdit = false;
         }
+        $aDynamicConditions = KTPermissionDynamicCondition::getByPermissionObject($oPO);
         $aTemplateData = array(
             "permissions" => $aPermissions,
             "groups" => Group::getList(),
-            "iFolderID" => $_REQUEST['fFolderID'],
+            "iFolderId" => $this->oFolder->getId(),
             "aMapPermissionGroup" => $aMapPermissionGroup,
             "users" => $aUsers,
             "aMapPermissionUser" => $aMapPermissionUser,
             "edit" => $bEdit,
             "inherited" => $sInherited,
+            "conditions" => KTSavedSearch::getConditions(),
+            "dynamic_conditions" => $aDynamicConditions,
         );
         return $oTemplate->render($aTemplateData);
     }
@@ -104,35 +118,50 @@ class FolderPermissions extends KTStandardDispatcher {
     }
     function do_update() {
-        $oFolder = Folder::get($_REQUEST['fFolderID']);
-        $oPO = KTPermissionObject::get($oFolder->getPermissionObjectID());
+        $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());
         $aFoo = $_REQUEST['foo'];
         $aPermissions = KTPermission::getList();
         foreach ($aPermissions as $oPermission) {
-            $iPermID = $oPermission->getID();
-            $aAllowed = KTUtil::arrayGet($aFoo, $iPermID, array());
-            KTPermissionUtil::setPermissionForID($oPermission, $oPO, $aAllowed);
+            $iPermId = $oPermission->getId();
+            $aAllowed = KTUtil::arrayGet($aFoo, $iPermId, array());
+            KTPermissionUtil::setPermissionForId($oPermission, $oPO, $aAllowed);
         }
         KTPermissionUtil::updatePermissionLookupForPO($oPO);
-        return $this->errorRedirectToMain('Permissions updated',
-                array('fFolderID' => $oFolder->getID()));
+        return $this->successRedirectToMain('Permissions updated',
+                array('fFolderId' => $this->oFolder->getId()));
     }
     function do_copyPermissions() {
-        $oFolder = Folder::get($_REQUEST['fFolderID']);
-        KTPermissionUtil::copyPermissionObject($oFolder);
-        return $this->errorRedirectToMain('Permissions updated',
-                array('fFolderID' => $oFolder->getID()));
+        KTPermissionUtil::copyPermissionObject($this->oFolder);
+        return $this->successRedirectToMain('Permissions updated',
+                array('fFolderId' => $oFolder->getId()));
     }
     function do_inheritPermissions() {
-        $oFolder = Folder::get($_REQUEST['fFolderID']);
-        KTPermissionUtil::inheritPermissionObject($oFolder);
-        return $this->errorRedirectToMain('Permissions updated',
-                array('fFolderID' => $oFolder->getID()));
+        KTPermissionUtil::inheritPermissionObject($this->oFolder);
+        return $this->successRedirectToMain('Permissions updated',
+                array('fFolderId' => $this->oFolder->getId()));
     }
-    
+    function do_newDynamicPermission() {
+        $oGroup =& $this->oValidator->validateGroup($_REQUEST['fGroupId']);
+        $oCondition =& $this->oValidator->validateCondition($_REQUEST['fConditionId']);
+        $aPermissionIds = $_REQUEST['fPermissionIds'];
+        $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId());
+
+        $oDynamicCondition = KTPermissionDynamicCondition::createFromArray(array(
+            'groupid' => $oGroup->getId(),
+            'conditionid' => $oCondition->getId(),
+            'permissionobjectid' => $oPO->getId(),
+        ));
+        $aOptions = array(
+            'redirect_to' => array('main', 'fFolderId=' .  $this->oFolder->getId()),
+        );
+        $this->oValidator->notError($oDynamicCondition, $aOptions);
+        $res = $oDynamicCondition->saveAssignment($aPermissionIds);
+        $this->oValidator->notError($res, $aOptions);
+        $this->successRedirectToMain("Dynamic permission added", "fFolderId=" . $this->oFolder->getId());
+    }
 }
 $oDispatcher = new FolderPermissions;