Peter M. Groen / knowledgetree

Commit b81759814099b32d2985c72938aaa99460651c3c

Authored by Neil Blakey-Milner
1 parent 033d54c1

Upgrade PHP function related to the new permissions system 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3507 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 160 additions and 14 deletions
lib/upgrades/UpgradeFunctions.inc.php
  View file @b817598
@@ -2,14 +2,69 @@ @@ -2,14 +2,69 @@
2 2
3 class UpgradeFunctions { 3 class UpgradeFunctions {
4 var $upgrades = array( 4 var $upgrades = array(
5 - "2.0.0" => array("setPermissionFolder", "rebuildSearchPermissions"), 5 + "2.0.0" => array("setPermissionFolder"),
6 "2.0.6" => array("addTemplateMimeTypes"), 6 "2.0.6" => array("addTemplateMimeTypes"),
  7 + "2.0.8" => array("setPermissionObject"),
7 ); 8 );
8 var $descriptions = array( 9 var $descriptions = array(
9 "rebuildSearchPermissions" => "Rebuild search permissions with updated algorithm", 10 "rebuildSearchPermissions" => "Rebuild search permissions with updated algorithm",
10 "setPermissionFolder" => "Set permission folder for each folder for simplified permissions management", 11 "setPermissionFolder" => "Set permission folder for each folder for simplified permissions management",
11 "addTemplateMimeTypes" => "Add MIME types for Excel and Word templates", 12 "addTemplateMimeTypes" => "Add MIME types for Excel and Word templates",
  13 + "setPermissionObject" => "Set the permission object in charge of a document or folder",
12 ); 14 );
  15 + var $phases = array(
  16 + "setPermissionObject" => 1,
  17 + );
  18 +
  19 + // {{{ _setPermissionFolder
  20 + function _setPermissionFolder($oFolder) {
  21 + global $default;
  22 + $oInheritedFolder = $oFolder;
  23 + while ($bFoundPermissions !== true) {
  24 + /*ok*/$aCheckQuery = array('SELECT id FROM groups_folders_link WHERE folder_id = ? LIMIT 1', $oInheritedFolder->getID());
  25 + if (count(DBUtil::getResultArrayKey($aCheckQuery, 'id')) == 0) {
  26 + $default->log->debug('No direct permissions on folder ' . $oInheritedFolder->getID());
  27 + $bInherited = true;
  28 + $oInheritedFolder =& Folder::get($oInheritedFolder->getParentID());
  29 + if ($oInheritedFolder === false) {
  30 + break;
  31 + }
  32 + // if our parent knows the permission folder, use that.
  33 +
  34 + $aQuery = array("SELECT permission_folder_id FROM folders WHERE id = ?", array($oInheritedFolder->getID()));
  35 + $iPermissionFolderID = DBUtil::getOneResultKey($aQuery, 'permission_folder_id');
  36 + if (!empty($iPermissionFolderID)) {
  37 + $aQuery = array(
  38 + "UPDATE folders SET permission_folder_id = ? WHERE id = ?",
  39 + array($iPermissionFolderID, $oFolder->getID())
  40 + );
  41 + DBUtil::runQuery($aQuery);
  42 + return;
  43 + }
  44 + $default->log->debug('... trying parent: ' . $oInheritedFolder->getID());
  45 + } else {
  46 + $default->log->debug('Found direct permissions on folder ' . $oInheritedFolder->getID());
  47 + $iPermissionFolderID = $oInheritedFolder->getID();
  48 + $aQuery = array(
  49 + "UPDATE folders SET permission_folder_id = ? WHERE id = ?",
  50 + array($iPermissionFolderID, $oFolder->getID())
  51 + );
  52 + DBUtil::runQuery($aQuery);
  53 + return;
  54 + }
  55 + }
  56 +
  57 + $default->log->error('No permissions whatsoever for folder ' . $oFolder->getID());
  58 + // 0, which can never exist, for non-existent. null for not set yet (database upgrade).
  59 + $iPermissionFolderID = 0;
  60 + $aQuery = array(
  61 + "UPDATE folders SET permission_folder_id = ? WHERE id = ?",
  62 + array($iPermissionFolderID, $oFolder->getID())
  63 + );
  64 + DBUtil::runQuery($aQuery);
  65 + }
  66 + // }}}
  67 +
13 function setPermissionFolder() { 68 function setPermissionFolder() {
14 global $default; 69 global $default;
15 require_once(KT_LIB_DIR . '/foldermanagement/Folder.inc'); 70 require_once(KT_LIB_DIR . '/foldermanagement/Folder.inc');
@@ -20,20 +75,8 @@ class UpgradeFunctions { @@ -20,20 +75,8 @@ class UpgradeFunctions {
20 75
21 foreach ($aIDs as $iID) { 76 foreach ($aIDs as $iID) {
22 $oFolder =& Folder::get($iID); 77 $oFolder =& Folder::get($iID);
23 - $oFolder->calculatePermissionFolder();  
24 - $oFolder->update();  
25 - }  
26 - }  
27 -  
28 - function rebuildSearchPermissions() {  
29 - require_once(KT_LIB_DIR . '/documentmanagement/Document.inc');  
30 - require_once(KT_LIB_DIR . '/security/Permission.inc');  
31 -  
32 - $aDocuments = Document::getList();  
33 - foreach ($aDocuments as $oDocument) {  
34 - Permission::updateSearchPermissionsForDocument($oDocument->getID()); 78 + UpgradeFunctions::_setPermissionFolder($oFolder);
35 } 79 }
36 - return true;  
37 } 80 }
38 81
39 function addTemplateMimeTypes() { 82 function addTemplateMimeTypes() {
@@ -68,6 +111,109 @@ class UpgradeFunctions { @@ -68,6 +111,109 @@ class UpgradeFunctions {
68 } 111 }
69 return true; 112 return true;
70 } 113 }
  114 +
  115 + function _setRead($iID, $oPO) {
  116 + global $default;
  117 + print "setRead for $iID<br />\n";
  118 + $oPermission = KTPermission::getByName('ktcore.permissions.read');
  119 + $query = "SELECT group_id FROM $default->groups_folders_table WHERE folder_id = ? AND (can_read = ? OR can_write = ?)";
  120 + $aParams = array($iID, true, true);
  121 + $aGroupIDs = DBUtil::getResultArrayKey(array($query, $aParams), 'group_id');
  122 + $aAllowed = array("group" => $aGroupIDs);
  123 + KTPermissionUtil::setPermissionForID($oPermission, $oPO, $aAllowed);
  124 + }
  125 +
  126 + function _setWrite($iID, $oPO) {
  127 + print "setWrite for $iID<br />\n";
  128 + global $default;
  129 + $oPermission = KTPermission::getByName('ktcore.permissions.write');
  130 + $query = "SELECT group_id FROM $default->groups_folders_table WHERE folder_id = ? AND can_write = ?";
  131 + $aParams = array($iID, true);
  132 + $aGroupIDs = DBUtil::getResultArrayKey(array($query, $aParams), 'group_id');
  133 + $aAllowed = array("group" => $aGroupIDs);
  134 + KTPermissionUtil::setPermissionForID($oPermission, $oPO, $aAllowed);
  135 + }
  136 +
  137 + function _setAddFolder($iID, $oPO) {
  138 + print "setAddFolder for $iID<br />\n";
  139 + global $default;
  140 + $oPermission = KTPermission::getByName('ktcore.permissions.addFolder');
  141 + $query = "SELECT group_id FROM $default->groups_folders_table WHERE folder_id = ? AND can_write = ?";
  142 + $aParams = array($iID, true);
  143 + $aGroupIDs = DBUtil::getResultArrayKey(array($query, $aParams), 'group_id');
  144 + $aAllowed = array("group" => $aGroupIDs);
  145 + KTPermissionUtil::setPermissionForID($oPermission, $oPO, $aAllowed);
  146 + }
  147 +
  148 + function setPermissionObject() {
  149 + global $default;
  150 + require_once(KT_LIB_DIR . '/foldermanagement/Folder.inc');
  151 + require_once(KT_LIB_DIR . '/documentmanagement/Document.inc');
  152 + require_once(KT_LIB_DIR . '/permissions/permissionobject.inc.php');
  153 + require_once(KT_LIB_DIR . '/permissions/permissionutil.inc.php');
  154 + require_once(KT_LIB_DIR . '/permissions/permission.inc.php');
  155 + $query = "SELECT id FROM $default->folders_table WHERE permission_folder_id = id AND permission_object_id IS NULL";
  156 + $aIDs = DBUtil::getResultArrayKey($query, 'id');
  157 + foreach ($aIDs as $iID) {
  158 + print "Setting permission on Folder $iID<br />\n";
  159 + $oFolder =& Folder::get($iID);
  160 + if (PEAR::isError($oFolder)) {
  161 + var_dump($oFolder);
  162 + exit(0);
  163 + }
  164 + if ($oFolder === false) {
  165 + print "Could not find folder...\n";
  166 + exit(0);
  167 + }
  168 + $oPO =& KTPermissionObject::createFromArray(array());
  169 + if (PEAR::isError($oFolder)) {
  170 + var_dump($oPO);
  171 + exit(0);
  172 + }
  173 + $oFolder->setPermissionObjectID($oPO->getId());
  174 + $oFolder->update();
  175 +
  176 + UpgradeFunctions::_setRead($iID, $oPO);
  177 + UpgradeFunctions::_setWrite($iID, $oPO);
  178 + UpgradeFunctions::_setAddFolder($iID, $oPO);
  179 + }
  180 + $query = "SELECT id FROM $default->folders_table WHERE permission_object_id IS NULL";
  181 + $aIDs = DBUtil::getResultArrayKey($query, 'id');
  182 + foreach ($aIDs as $iID) {
  183 + $oFolder =& Folder::get($iID);
  184 + $query = "SELECT permission_folder_id FROM $default->folders_table WHERE id = ?";
  185 + $aParams = array($iID);
  186 + $iPermissionFolderID = DBUtil::getOneResultKey(array($query, $aParams), 'permission_folder_id');
  187 + $oPermissionFolder =& Folder::get($iPermissionFolderID);
  188 + $oFolder->setPermissionObjectID($oPermissionFolder->getPermissionObjectId());
  189 + $oFolder->update();
  190 + }
  191 + $query = "SELECT id FROM $default->documents_table WHERE permission_object_id IS NULL";
  192 + $aIDs = DBUtil::getResultArrayKey($query, 'id');
  193 + foreach ($aIDs as $iID) {
  194 + $oDocument =& Document::get($iID);
  195 + $oFolder =& Folder::get($oDocument->getFolderID());
  196 + if ($oFolder === false) {
  197 + continue;
  198 + }
  199 + $oDocument->setPermissionObjectID($oFolder->getPermissionObjectID());
  200 + $oDocument->update();
  201 + }
  202 +
  203 + $query = "SELECT id FROM $default->documents_table WHERE permission_lookup_id IS NULL AND permission_object_id IS NOT NULL";
  204 + $aIDs = DBUtil::getResultArrayKey($query, 'id');
  205 + foreach ($aIDs as $iID) {
  206 + $oDocument =& Document::get($iID);
  207 + KTPermissionUtil::updatePermissionLookup($oDocument);
  208 + }
  209 +
  210 + $query = "SELECT id FROM $default->folders_table WHERE permission_lookup_id IS NULL";
  211 + $aIDs = DBUtil::getResultArrayKey($query, 'id');
  212 + foreach ($aIDs as $iID) {
  213 + $oFolder =& Folder::get($iID);
  214 + KTPermissionUtil::updatePermissionLookup($oFolder);
  215 + }
  216 + }
71 } 217 }
72 218
73 ?> 219 ?>