|
|
|---|
| [ Index ] |
Source Code Reference for V1.00 |
[Summary view] [Print] [Text view]
1 <?php /* $Id: roles.class.php 40 2008-02-11 12:11:44Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/system/roles/roles.class.php $ */ 2 if (!defined('W2P_BASE_DIR')) { 3 die('You should not access this file directly.'); 4 } 5 6 /** 7 * This class abstracts the concept of a user Role, which is, in effect, an ARO 8 * group in phpGACL speak. phpGACL has a few constraints, e.g. having only a 9 * single parent group, from which all other groups must be determined. The 10 * parent for Roles is 'role'. You can create parent trees, however a role 11 * cannot be its own parent. For the first pass of this, we limit to a single 12 * depth role structure. 13 * 14 * Once a Role is created, users can be assigned to one or more roles, by adding 15 * their user ARO id to the group. All users are given an ARO id which is separate 16 * from their user id, but maps it between the w2P database and the phpGacl database. 17 * 18 * Roles, like individual users, can be assigned permissions, and it is expected 19 * that most permissions will be assigned at role level, leaving user level for 20 * just those exceptions warranting it. Permissions are added as ACLs. 21 * 22 * If a role is deleted, then all of the ACLs associated with the role must also 23 * be deleted, and then the user id mappings. Note that the user ARO is _never_ 24 * deleted, unless the user is. 25 */ 26 class CRole { 27 var $role_id = null; 28 var $role_name = null; 29 var $role_description = null; 30 var $perms = null; 31 32 function CRole($name = '', $description = '') { 33 $this->role_name = $name; 34 $this->role_description = $description; 35 $this->perms = &$GLOBALS['AppUI']->acl(); 36 } 37 38 function bind($hash) { 39 if (!is_array($hash)) { 40 return get_class($this) . "::bind failed"; 41 } else { 42 $q = new DBQuery; 43 $q->bindHashToObject($hash, $this); 44 $q->clear(); 45 return null; 46 } 47 } 48 49 function check() { 50 // Not really much to check, just return OK for this iteration. 51 return null; // object is ok 52 } 53 54 function store() { 55 $msg = $this->check(); 56 if ($msg) { 57 return get_class($this) . '::store-check failed ' . $msg; 58 } 59 if ($this->role_id) { 60 $ret = $this->perms->updateRole($this->role_id, $this->role_name, $this->role_description); 61 } else { 62 $ret = $this->perms->insertRole($this->role_name, $this->role_description); 63 } 64 if (!$ret) { 65 return get_class($this) . '::store failed'; 66 } else { 67 return null; 68 } 69 } 70 71 function delete() { 72 // Delete a role requires deleting all of the ACLs associated 73 // with this role, and all of the group data for the role. 74 if ($this->perms->checkModule('roles', 'delete')) { 75 // Delete all the children from this group 76 $this->perms->deleteRole($this->role_id); 77 return null; 78 } else { 79 return get_class($this) . '::delete failed - You do not have permission to delete this role'; 80 } 81 } 82 83 function __sleep() { 84 return array('role_id', 'role_name', 'role_description'); 85 } 86 87 function __wakeup() { 88 $this->perms = &$GLOBALS['AppUI']->acl(); 89 } 90 91 /** 92 * Return a list of known roles. 93 */ 94 function getRoles() { 95 $role_parent = $this->perms->get_group_id('role'); 96 $roles = $this->perms->getChildren($role_parent); 97 return $roles; 98 } 99 100 function rename_array(&$roles, $from, $to) { 101 if (count($from) != count($to)) { 102 return false; 103 } 104 foreach ($roles as $key => $val) { 105 // 4.2 and before return NULL on fail, later returns false. 106 if (($k = array_search($k, $from)) !== false && $k !== null) { 107 unset($roles[$key]); 108 $roles[$to[$k]] = $val; 109 } 110 } 111 return true; 112 } 113 } 114 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jan 8 03:00:03 2009 | Cross-referenced by PHPXref 0.7 |