Peter M. Groen / knowledgetree

Commit a44c4156215f8bd363b56f4cbd250977e0b4e31b

Authored by Brad Shuttleworth
1 parent 46bc6653

back out the role allocation (document) stuff. 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5056 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 8 changed files with 48 additions and 225 deletions
config/tableMappings.inc
  View file @a44c415
... ... @@ -143,7 +143,6 @@ $default->notifications_table = "notifications";
143 143 $default->authentication_sources_table = "authentication_sources";
144 144 $default->dashlet_disable_table = "dashlet_disables";
145 145 $default->role_allocations_table = "role_allocations";
146   -$default->document_role_allocations_table = "document_role_allocations";
147 146 $default->plugins_table = "plugins";
148 147 $default->document_metadata_version_table = "document_metadata_version";
149 148 $default->document_content_version_table = "document_content_version";
... ...
lib/documentmanagement/Document.inc
  View file @a44c415
... ... @@ -69,9 +69,6 @@ class Document {
69 69 function getCreatorID() { return $this->_oDocumentCore->getCreatorId(); }
70 70 function setCreatorID($iNewValue) { $this->_oDocumentCore->setCreatorId($iNewValue); }
71 71  
72   - function getOwnerID() { return $this->_oDocumentCore->getOwnerId(); }
73   - function setOwnerID($iNewValue) { $this->_oDocumentCore->setOwnerId($iNewValue); }
74   -
75 72 function getLastModifiedDate() { return $this->_oDocumentCore->getLastModifiedDate(); }
76 73 function setLastModifiedDate($dNewValue) { $this->_oDocumentCore->setLastModifiedDate($dNewValue); }
77 74  
... ... @@ -421,7 +418,6 @@ class Document {
421 418 $oDocument = new Document();
422 419 $aOptions = array_change_key_case($aOptions);
423 420  
424   -
425 421 $aCoreKeys = array(
426 422 "CreatorId",
427 423 "Created",
... ...
lib/documentmanagement/documentcore.inc.php
  View file @a44c415
... ... @@ -73,7 +73,6 @@ class KTDocumentCore extends KTEntity {
73 73  
74 74 // transaction-related
75 75 "iCreatorId" => 'creator_id',
76   -
77 76 "dCreated" => 'created',
78 77 "iModifiedUserId" => 'modified_user_id',
79 78 "dModified" => 'modified',
... ... @@ -93,7 +92,6 @@ class KTDocumentCore extends KTEntity {
93 92 // permission-related
94 93 "iPermissionObjectId" => 'permission_object_id',
95 94 "iPermissionLookupId" => 'permission_lookup_id',
96   - "iOwnerId" => 'owner_id',
97 95 );
98 96  
99 97 function KTDocument() {
... ... @@ -102,8 +100,6 @@ class KTDocumentCore extends KTEntity {
102 100 // {{{ getters/setters
103 101 function getCreatorId() { return $this->iCreatorId; }
104 102 function setCreatorId($iNewValue) { $this->iCreatorId = $iNewValue; }
105   - function getOwnerId() { return $this->iOwnerId; }
106   - function setOwnerId($iNewValue) { $this->iOwnerId = $iNewValue; }
107 103 function getCreatedDateTime() { return $this->dCreated; }
108 104 function getModifiedUserId() { return $this->iModifiedUserId; }
109 105 function setModifiedUserId($iNewValue) { $this->iModifiedUserId = $iNewValue; }
... ... @@ -216,9 +212,6 @@ class KTDocumentCore extends KTEntity {
216 212 if (empty($this->iModifiedUserId)) {
217 213 $this->iModifiedUserId = $this->iCreatorId;
218 214 }
219   - if (empty($this->iOwnerId)) {
220   - $this->iOwnerId = $this->iCreatorId;
221   - }
222 215 if (empty($this->iMetadataVersion)) {
223 216 $this->iMetadataVersion = 0;
224 217 }
... ... @@ -228,7 +221,7 @@ class KTDocumentCore extends KTEntity {
228 221 $oFolder = Folder::get($this->getFolderId());
229 222 $this->iPermissionObjectId = $oFolder->getPermissionObjectId();
230 223 $res = parent::create();
231   -
  224 +
232 225 if ($res === true) {
233 226 KTPermissionUtil::updatePermissionLookup($this);
234 227 }
... ...
lib/permissions/permissionutil.inc.php
  View file @a44c415
... ... @@ -37,7 +37,6 @@ require_once(KT_LIB_DIR . "/permissions/permissionobject.inc.php");
37 37 require_once(KT_LIB_DIR . "/permissions/permissiondynamiccondition.inc.php");
38 38 require_once(KT_LIB_DIR . "/groups/GroupUtil.php");
39 39 require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php");
40   -require_once(KT_LIB_DIR . "/roles/documentroleallocation.inc.php");
41 40  
42 41 require_once(KT_LIB_DIR . "/workflow/workflowutil.inc.php");
43 42 require_once(KT_LIB_DIR . "/workflow/workflowstatepermissionsassignment.inc.php");
... ... @@ -311,22 +310,13 @@ class KTPermissionUtil {
311 310 foreach ($aAllowed['role'] as $iRoleId) {
312 311 // store the PD <-> RoleId map
313 312 if (!array_key_exists($iRoleId, $_roleCache)) {
314   - $oRoleAllocation = null;
315   - if (is_a($oFolderOrDocument, 'KTDocumentCore') || is_a($oFolderOrDocument, 'Document')) {
316   - $oRoleAllocation =& DocumentRoleAllocation::getAllocationsForDocumentAndRole($oFolderOrDocument->getId(), $iRoleId);
317   - if (PEAR::isError($oRoleAllocation)) { $oRoleAllocation = null; }
318   - }
319   - // if that's null - not set _on_ the document, then
320   - if (is_null($oRoleAllocation)) {
321   - $oRoleAllocation =& RoleAllocation::getAllocationsForFolderAndRole($iRoleSourceFolder, $iRoleId);
322   - }
  313 + $oRoleAllocation =& RoleAllocation::getAllocationsForFolderAndRole($iRoleSourceFolder, $iRoleId);
323 314 $_roleCache[$iRoleId] = $oRoleAllocation;
324 315 }
325 316 // roles are _not_ always assigned (can be null at root)
326   - if (!is_null($_roleCache[$iRoleId])) {
  317 + if ($_roleCache[$iRoleId] != null) {
327 318 $aMapPermAllowed[$iPermissionId]['user'] = array_merge($aAllowed['user'], $_roleCache[$iRoleId]->getUserIds());
328 319 $aMapPermAllowed[$iPermissionId]['group'] = array_merge($aAllowed['group'], $_roleCache[$iRoleId]->getGroupIds());
329   - // naturally, roles cannot be assigned roles, or madness follows.
330 320 }
331 321 }
332 322  
... ... @@ -371,8 +361,7 @@ class KTPermissionUtil {
371 361 }
372 362 $oPD = KTPermissionDescriptor::get($oPLA->getPermissionDescriptorID());
373 363 $aGroups = GroupUtil::listGroupsForUserExpand($oUser);
374   - if ($oPD->hasUsers(array($oUser))) { return true; }
375   - else { return $oPD->hasGroups($aGroups); }
  364 + return $oPD->hasGroups($aGroups);
376 365 }
377 366 // }}}
378 367  
... ...
lib/roles/roleallocation.inc.php
  View file @a44c415
... ... @@ -66,18 +66,6 @@ class RoleAllocation extends KTEntity {
66 66 $this->iPermissionDescriptorId = $oDescriptor->getId();
67 67 }
68 68  
69   - function getAllowed() {
70   - if (!is_null($this->iPermissionDescriptorId)) {
71   - $oDescriptor = KTPermissionDescriptor::get($this->iPermissionDescriptorId); // fully done, etc.
72   - $aAllowed = $oDescriptor->getAllowed();
73   - } else {
74   - $aAllowed = array();
75   - }
76   - return $aAllowed;
77   - }
78   -
79   -
80   -
81 69 function _fieldValues () { return array(
82 70 'role_id' => $this->iRoleId,
83 71 'folder_id' => $this->iFolderId,
... ...
plugins/ktcore/KTCorePlugin.php
  View file @a44c415
... ... @@ -58,7 +58,6 @@ class KTCorePlugin extends KTPlugin {
58 58 // Permissions
59 59 $this->registerAction('documentaction', 'KTDocumentPermissionsAction', 'ktcore.actions.document.permissions', 'KTPermissions.php');
60 60 $this->registerAction('folderaction', 'KTRoleAllocationPlugin', 'ktcore.actions.folder.roles', 'KTPermissions.php');
61   - $this->registerAction('documentaction', 'KTDocumentRolesAction', 'ktcore.actions.document.roles', 'KTPermissions.php');
62 61  
63 62 $this->registerDashlet('KTInfoDashlet', 'ktcore.dashlet.info', 'KTDashlets.php');
64 63 $this->registerDashlet('KTNotificationDashlet', 'ktcore.dashlet.notifications', 'KTDashlets.php');
... ...
plugins/ktcore/KTPermissions.php
  View file @a44c415
... ... @@ -35,12 +35,10 @@ require_once(KT_LIB_DIR . &quot;/groups/Group.inc&quot;);
35 35 require_once(KT_LIB_DIR . "/users/User.inc");
36 36 require_once(KT_LIB_DIR . "/roles/Role.inc");
37 37 require_once(KT_LIB_DIR . "/roles/roleallocation.inc.php");
38   -require_once(KT_LIB_DIR . "/roles/documentroleallocation.inc.php");
39 38  
40 39  
41 40 require_once(KT_LIB_DIR . "/permissions/permission.inc.php");
42 41 require_once(KT_LIB_DIR . "/permissions/permissionobject.inc.php");
43   -require_once(KT_LIB_DIR . "/permissions/permissionlookup.inc.php");
44 42 require_once(KT_LIB_DIR . "/permissions/permissionassignment.inc.php");
45 43 require_once(KT_LIB_DIR . "/permissions/permissiondescriptor.inc.php");
46 44 require_once(KT_LIB_DIR . "/permissions/permissionutil.inc.php");
... ... @@ -54,87 +52,52 @@ class KTDocumentPermissionsAction extends KTDocumentAction {
54 52 }
55 53  
56 54 function do_main() {
57   - $this->oPage->setBreadcrumbDetails("Document Permissions");
  55 + $this->oPage->setBreadcrumbDetails("permissions");
  56 +
58 57 $oTemplate = $this->oValidator->validateTemplate("ktcore/document/document_permissions");
59   -
60   - $oPL = KTPermissionLookup::get($this->oDocument->getPermissionLookupID());
  58 + $oPO = KTPermissionObject::get($this->oDocument->getPermissionObjectID());
61 59 $aPermissions = KTPermission::getList();
62 60 $aMapPermissionGroup = array();
63   - $aMapPermissionRole = array();
64   - $aMapPermissionUser = array();
65   -
66   - $aAllGroups = Group::getList(); // probably small enough
67   - $aAllRoles = Role::getList(); // probably small enough.
68   - // users are _not_ fetched this way.
69   -
70   - $aActiveGroups = array();
71   - $aActiveUsers = array();
72   - $aActiveRoles = array();
73   -
  61 + $aMapPermissionRole = array();
74 62 foreach ($aPermissions as $oPermission) {
75   - $oPLA = KTPermissionLookupAssignment::getByPermissionAndLookup($oPermission, $oPL);
76   - if (PEAR::isError($oPLA)) {
  63 + $oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO);
  64 + if (PEAR::isError($oPA)) {
77 65 continue;
78 66 }
79   - $oDescriptor = KTPermissionDescriptor::get($oPLA->getPermissionDescriptorID());
  67 + $oDescriptor = KTPermissionDescriptor::get($oPA->getPermissionDescriptorID());
80 68 $iPermissionID = $oPermission->getID();
81 69 $aIDs = $oDescriptor->getGroups();
82 70 $aMapPermissionGroup[$iPermissionID] = array();
83 71 foreach ($aIDs as $iID) {
84 72 $aMapPermissionGroup[$iPermissionID][$iID] = true;
85   - $aActiveGroups[$iID] = true;
86 73 }
87 74 $aIds = $oDescriptor->getRoles();
88 75 $aMapPermissionRole[$iPermissionID] = array();
89 76 foreach ($aIds as $iId) {
90 77 $aMapPermissionRole[$iPermissionID][$iId] = true;
91   - $aActiveRoles[$iId] = true;
92   - }
93   - $aIds = $oDescriptor->getUsers();
94   - $aMapPermissionUser[$iPermissionID] = array();
95   - foreach ($aIds as $iId) {
96   - $aMapPermissionUser[$iPermissionID][$iId] = true;
97   - $aActiveUsers[$iId] = true;
98 78 }
99 79 }
100   -
101   - // now we constitute the actual sets.
102   - $users = array();
103   - $groups = array();
104   - $roles = array(); // should _always_ be empty, barring a bug in permissions::updatePermissionLookup
105 80  
106   - // this should be quite limited - direct role -> user assignment is typically rare.
107   - foreach ($aActiveUsers as $id => $marker) {
108   - $oUser = User::get($id);
109   - $users[$oUser->getName()] = $oUser;
110   - }
111   - asort($users); // ascending, per convention.
112   -
113   - foreach ($aActiveGroups as $id => $marker) {
114   - $oGroup = Group::get($id);
115   - $groups[$oGroup->getName()] = $oGroup;
116   - }
117   - asort($groups);
118   -
119   - foreach ($aActiveRoles as $id => $marker) {
120   - $oRole = Role::get($id);
121   - $roles[$oRole->getName()] = $oRole;
122   - }
123   - asort($roles);
124   -
125   - $bEdit = false;
126   - $sInherited = '';
  81 + $oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO);
  82 + if ($oInherited === $this->oDocument) {
  83 + $bEdit = true;
  84 + } else {
  85 + $iInheritedFolderID = $oInherited->getID();
  86 + /* $sInherited = displayFolderPathLink(Folder::getFolderPathAsArray($iInheritedFolderID),
  87 + Folder::getFolderPathNamesAsArray($iInheritedFolderID),
  88 + "$default->rootUrl/control.php?action=editFolderPermissions");*/
  89 + $sInherited = join(" &raquo; ", $oInherited->getPathArray());
  90 + $bEdit = false;
  91 + }
127 92  
128 93 $aTemplateData = array(
129 94 "context" => $this,
130 95 "permissions" => $aPermissions,
131   - "groups" => $groups,
132   - "users" => $users,
133   - "roles" => $roles,
  96 + "groups" => Group::getList(),
  97 + "roles" => Role::getList(),
134 98 "iDocumentID" => $_REQUEST['fDocumentID'],
135 99 "aMapPermissionGroup" => $aMapPermissionGroup,
136 100 "aMapPermissionRole" => $aMapPermissionRole,
137   - "aMapPermissionUser" => $aMapPermissionUser,
138 101 "edit" => $bEdit,
139 102 "inherited" => $sInherited,
140 103 );
... ... @@ -546,93 +509,3 @@ class KTRoleAllocationPlugin extends KTFolderAction {
546 509 }
547 510 }
548 511 }
549   -
550   -class KTDocumentRolesAction extends KTDocumentAction {
551   - var $sDisplayName = 'View Roles';
552   - var $sName = 'ktcore.actions.document.roles';
553   -
554   - var $_sShowPermission = "ktcore.permissions.write";
555   - var $bAutomaticTransaction = true;
556   -
557   - function do_main() {
558   - $this->oPage->setTitle(_("View Roles"));
559   - $this->oPage->setBreadcrumbDetails(_("View Roles"));
560   - $oTemplating = new KTTemplating;
561   - $oTemplate = $oTemplating->loadTemplate("ktcore/action/view_roles");
562   -
563   - // we need to have:
564   - // - a list of roles
565   - // - with their users / groups
566   - // - and that allocation id
567   - $aRoles = array(); // stores data for display.
568   -
569   - $aRoleList = Role::getList();
570   - foreach ($aRoleList as $oRole) {
571   - $iRoleId = $oRole->getId();
572   - $aRoles[$iRoleId] = array("name" => $oRole->getName());
573   - $oRoleAllocation = DocumentRoleAllocation::getAllocationsForDocumentAndRole($this->oDocument->getId(), $iRoleId);
574   - if (is_null($oRoleAllocation)) {
575   - $oRoleAllocation = RoleAllocation::getAllocationsForFolderAndRole($this->oDocument->getFolderID(), $iRoleId);
576   - }
577   -
578   - $u = array();
579   - $g = array();
580   - $aid = null;
581   - $raid = null;
582   - if (is_null($oRoleAllocation)) {
583   - ; // nothing.
584   - } else {
585   - //var_dump($oRoleAllocation);
586   - $raid = $oRoleAllocation->getId(); // real_alloc_id
587   - $aAllowed = $oRoleAllocation->getAllowed();
588   -
589   - if (!empty($aAllowed['user'])) {
590   - $u = $aAllowed['user'];
591   - }
592   - if (!empty($aAllowed['group'])) {
593   - $g = $aAllowed['group'];
594   - }
595   - }
596   - $aRoles[$iRoleId]['users'] = $u;
597   - $aRoles[$iRoleId]['groups'] = $g;
598   - $aRoles[$iRoleId]['real_allocation_id'] = $raid;
599   - }
600   -
601   - // final step.
602   -
603   - // map to users, groups.
604   - foreach ($aRoles as $key => $role) {
605   - $_users = array();
606   - foreach ($aRoles[$key]['users'] as $iUserId) {
607   - $oUser = User::get($iUserId);
608   - if (!(PEAR::isError($oUser) || ($oUser == false))) {
609   - $_users[] = $oUser->getName();
610   - }
611   - }
612   - if (empty($_users)) {
613   - $aRoles[$key]['users'] = '<span class="descriptiveText"> ' . _('no users') . '</span>';
614   - } else {
615   - $aRoles[$key]['users'] = implode(', ',$_users);
616   - }
617   -
618   - $_groups = array();
619   - foreach ($aRoles[$key]['groups'] as $iGroupId) {
620   - $oGroup = Group::get($iGroupId);
621   - if (!(PEAR::isError($oGroup) || ($oGroup == false))) {
622   - $_groups[] = $oGroup->getName();
623   - }
624   - }
625   - if (empty($_groups)) {
626   - $aRoles[$key]['groups'] = '<span class="descriptiveText"> ' . _('no groups') . '</span>';
627   - } else {
628   - $aRoles[$key]['groups'] = implode(', ',$_groups);
629   - }
630   - }
631   -
632   - $aTemplateData = array(
633   - 'context' => &$this,
634   - 'roles' => $aRoles,
635   - );
636   - return $oTemplate->render($aTemplateData);
637   - }
638   -}
639 512 \ No newline at end of file
... ...
templates/ktcore/document/document_permissions.smarty
  View file @a44c415
1 1 <h2>{i18n}Document permissions{/i18n}</h2>
2 2  
3   -<p class="descriptiveText">{i18n}This page shows the permissions that apply to
4   -this specific document. Where the folder view shows you information by role and group,
5   -this page shows the actual groups (and, if they are assigned directly to a role, the users)
6   -who have the different permissions. As a result, groups, users and roles with <strong>no</strong>
7   -permissions are not shown.{/i18n}</p>
8   -
9   -{if ((empty($roles) && empty($groups) && empty($users)))}
10   -<div class="ktInfo"><p>{i18n}No roles or groups have been defined or have permissions.{/i18n}</p></div>
  3 +
  4 +
  5 +{if ((empty($roles) && empty($groups)))}
  6 +<div class="ktInfo"><p>{i18n}No roles or groups have been defined. Permissions can only
  7 +be allocated to roles and groups.{/i18n}</p></div>
11 8 {else}
12 9  
  10 +{*
  11 +
  12 +{if $iFolderId != 1}
  13 +<div class="ktInfo">
  14 +{ if $inherited }
  15 +<p>{i18n arg_permission_source=$inherited}This folder <strong>inherits</strong> its permissions from #permission_source#.{/i18n}
  16 +<a class="ktActionLink ktEdit"
  17 + href="{addQS}action=copyPermissions&fFolderId={$iFolderId}{/addQS}">{i18n}Override Permissions{/i18n}</a> </p>
  18 +{ else }
  19 +<p>{i18n}This folder defines its own permissions.{/i18n}
  20 +<a class="ktActionLink ktDelete"
  21 + href="{addQS}action=inheritPermissions&fFolderId={$iFolderId}{/addQS}">{i18n}Inherit permissions{/i18n}</a>
  22 +{ /if }
  23 +</span>
  24 +</div>
  25 +{ /if }
  26 +
  27 +*}
  28 +
13 29 <form action="{$smarty.server.PHP_SELF}" method="POST">
14 30 <input type="hidden" name="action" value="update">
15 31 <input type="hidden" name="fFolderId" value="{$iFolderId}">
... ... @@ -78,36 +94,6 @@ value=&quot;{$iGroupId}&quot;&gt;&lt;/td&gt;
78 94 { /foreach }
79 95 </tr>
80 96 { /foreach }
81   -
82   -
83   -{ foreach item=oUser from=$users }
84   -<td><span class="descriptiveText">{i18n}User: {/i18n}</span> {$oUser->getName()}</td>
85   - { assign var=iUserId value=$oUser->getId() }
86   - { foreach item=oPerm from=$permissions }
87   - { assign var=iPermId value=$oPerm->getId() }
88   - { assign var=bHasPerm value=$aMapPermissionUser[$iPermId][$iUserId] }
89   -
90   -{ if $edit}
91   -{ if $bHasPerm }
92   -<td class="centered"><input type="checkbox" name="foo[{$iPermId}][group][]"
93   -value="{$iGroupId}" checked="true"></td>
94   -{ else }
95   -<td class="centered"><input type="checkbox" name="foo[{$iPermId}][group][]"
96   -value="{$iGroupId}"></td>
97   -{ /if }
98   -{else}
99   -{ if $bHasPerm }
100   -<td class="centered"><span class="ktAction ktInline ktAllowed">{i18n}Allowed{/i18n}</span></td>
101   -{ else }
102   -<td class="centered"><span class="ktAction ktInline ktDenied">{i18n}Denied{/i18n}</span></td>
103   -{ /if }
104   -{/if}
105   -
106   -
107   - { /foreach }
108   -</tr>
109   -{ /foreach }
110   -
111 97 </tbody>
112 98 </table>
113 99 {if $edit}
... ...