Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Replace ROOT_ROLE concept by AJXP_GRP_/ : applied to the root of the …
Browse files Browse the repository at this point in the history 
…groups.

Add support for groups reordering
Fix an old bug where a role could be ordered before the group tree.
  • Loading branch information
@cdujeu
cdujeu committed Sep 10, 2015
1 parent 59264e4 commit 359db66
Show file tree
Hide file tree
Showing 5 changed files with 111 additions and 18 deletions.
14 changes: 7 additions & 7 deletions core/src/core/classes/class.AuthService.php
View file
Expand Up @@ -427,24 +427,24 @@ public static function bootSequence(&$START_PARAMETERS)
{
if(AJXP_Utils::detectApplicationFirstRun()) return;
if(file_exists(AJXP_CACHE_DIR."/admin_counted")) return;
$rootRole = self::getRole("ROOT_ROLE", false);
$rootRole = self::getRole("AJXP_GRP_/", false);
if ($rootRole === false) {
$rootRole = new AJXP_Role("ROOT_ROLE");
$rootRole->setLabel("Root Role");
$rootRole->setAutoApplies(array("standard", "admin"));
$dashId = "";
$rootRole = new AJXP_Role("AJXP_GRP_/");
$rootRole->setLabel("Root Group");
//$rootRole->setAutoApplies(array("standard", "admin"));
//$dashId = "";
$allRepos = ConfService::getRepositoriesList("all", false);
foreach ($allRepos as $repositoryId => $repoObject) {
if($repoObject->isTemplate) continue;
if($repoObject->getAccessType() == "ajxp_user") $dashId = $repositoryId;
//if($repoObject->getAccessType() == "ajxp_user") $dashId = $repositoryId;
$gp = $repoObject->getGroupPath();
if (empty($gp) || $gp == "/") {
if ($repoObject->getDefaultRight() != "") {
$rootRole->setAcl($repositoryId, $repoObject->getDefaultRight());
}
}
}
if(!empty($dashId)) $rootRole->setParameterValue("core.conf", "DEFAULT_START_REPOSITORY", $dashId);
//if(!empty($dashId)) $rootRole->setParameterValue("core.conf", "DEFAULT_START_REPOSITORY", $dashId);
$paramNodes = AJXP_PluginsService::searchAllManifests("//server_settings/param[@scope]", "node", false, false, true);
if (is_array($paramNodes) && count($paramNodes)) {
foreach ($paramNodes as $xmlNode) {
Expand Down
2 changes: 1 addition & 1 deletion core/src/core/classes/class.ConfService.php
View file
Expand Up @@ -1436,7 +1436,7 @@ public function getRepositoryInst()
if (!empty($ctxId) && isSet($this->configs["REPOSITORIES"]) && isSet($this->configs["REPOSITORIES"][$ctxId])) {
return $this->configs["REPOSITORIES"][$ctxId];
}
return $this->configs["REPOSITORY"];
return isSet($this->configs["REPOSITORY"])?$this->configs["REPOSITORY"]:null;
}

/**
Expand Down
42 changes: 38 additions & 4 deletions core/src/plugins/access.ajxp_conf/class.ajxp_confAccessDriver.php
View file
Expand Up @@ -647,7 +647,10 @@ public function switchAction($action, $httpVars, $fileVars)
$data = array(
"ROLE" => $roleData,
"ALL" => array(
"PLUGINS_SCOPES" => array("GLOBAL_TYPES" => array("conf", "auth", "authfront", "log", "mq", "notifications", "gui")),
"PLUGINS_SCOPES" => array(
"GLOBAL_TYPES" => array("conf", "auth", "authfront", "log", "mq", "notifications", "gui", "sec"),
"GLOBAL_PLUGINS" => array("action.avatar", "action.disclaimer", "action.scheduler", "action.skeleton", "action.updater")
),
"REPOSITORIES" => $repos,
"REPOSITORIES_DETAILS" => $repoDetailed,
"PROFILES" => array("standard|Standard","admin|Administrator","shared|Shared","guest|Guest")
Expand All @@ -658,7 +661,12 @@ public function switchAction($action, $httpVars, $fileVars)
$data["USER"]["LOCK"] = $userObject->getLock();
$data["USER"]["PROFILE"] = $userObject->getProfile();
$data["USER"]["ROLES"] = array_keys($userObject->getRoles());
$data["ALL"]["ROLES"] = array_keys(AuthService::getRolesList(array(), true));
$rolesList = AuthService::getRolesList(array(), true);
$data["ALL"]["ROLES"] = array_keys($rolesList);
$data["ALL"]["ROLES_DETAILS"] = array();
foreach($rolesList as $rId => $rObj){
$data["ALL"]["ROLES_DETAILS"][$rId] = $rObj->getLabel();
}
if (isSet($userObject->parentRole)) {
$data["PARENT_ROLE"] = $userObject->parentRole->getDataArray();
}
Expand All @@ -668,7 +676,10 @@ public function switchAction($action, $httpVars, $fileVars)


$scope = "role";
if($roleGroup) $scope = "group";
if($roleGroup) {
$scope = "group";
if($roleId == "AJXP_GRP_/") $scope = "role";
}
else if(isSet($userObject)) $scope = "user";
$data["SCOPE_PARAMS"] = array();
$nodes = AJXP_PluginsService::getInstance()->searchAllManifests("//param[contains(@scope,'".$scope."')]|//global_param[contains(@scope,'".$scope."')]", "node", false, true, true);
Expand Down Expand Up @@ -1016,7 +1027,30 @@ public function switchAction($action, $httpVars, $fileVars)
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage($mess["ajxp_conf.".$messId].$httpVars["user_id"], null);
AJXP_XMLWriter::close();
return ;

break;

case "user_reorder_roles":

if (!isSet($httpVars["user_id"]) || !AuthService::userExists($httpVars["user_id"]) || !isSet($httpVars["roles"])) {
throw new Exception($mess["ajxp_conf.61"]);
}
$roles = json_decode($httpVars["roles"], true);
$userId = AJXP_Utils::sanitize($httpVars["user_id"], AJXP_SANITIZE_EMAILCHARS);
$confStorage = ConfService::getConfStorageImpl();
$user = $confStorage->createUserObject($userId);
if(!AuthService::canAdministrate($user)){
throw new Exception("Cannot update user data for ".$userId);
}
$user->updateRolesOrder($roles);
$user->save("superuser");
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser->getId() == $user->getId()) {
AuthService::updateUser($user);
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::sendMessage("Roles reordered for user ".$httpVars["user_id"], null);
AJXP_XMLWriter::close();

break;

Expand Down
17 changes: 15 additions & 2 deletions core/src/plugins/conf.sql/class.AJXP_SqlUser.php
View file
Expand Up @@ -398,6 +398,7 @@ public function load()
$rolesToLoad = array_keys($this->rights["ajxp.roles"]);
}
}
$rolesToLoad[] = "AJXP_GRP_/";
if ($this->groupPath != null) {
$base = "";
$exp = explode("/", $this->groupPath);
Expand All @@ -422,6 +423,18 @@ public function load()
}
}

if(!isSet($this->rights["ajxp.roles.order"]) && is_array($this->rights["ajxp.roles"])){
// Create sample order
$this->rights["ajxp.roles.order"] = array();
$index = 0;
foreach($this->rights["ajxp.roles"] as $id => $rBool){
$this->rights["ajxp.roles.order"][$id] = $index;
$index++;
}
}else{
$this->rights["ajxp.roles.order"] = unserialize(str_replace('$phpserial$', '', $this->rights["ajxp.roles.order"]));
}

// CHECK USER PERSONAL ROLE
if (isSet($this->roles["AJXP_USR_"."/".$this->id]) && is_a($this->roles["AJXP_USR_"."/".$this->id], "AJXP_Role")) {
$this->personalRole = $this->roles["AJXP_USR_"."/".$this->id];
Expand Down Expand Up @@ -472,9 +485,9 @@ protected function _save($context = "superuser")
// UPDATE TABLE
dibi::query("DELETE FROM [ajxp_user_rights] WHERE [login]=%s", $this->getId());
foreach ($this->rights as $rightKey => $rightValue) {
if ($rightKey == "ajxp.roles") {
if ($rightKey == "ajxp.roles" || $rightKey == "ajxp.roles.order") {
if (is_array($rightValue) && count($rightValue)) {
$rightValue = $this->filterRolesForSaving($rightValue);
$rightValue = $this->filterRolesForSaving($rightValue, $rightKey == "ajxp.roles" ? true: false);
$rightValue = '$phpserial$'.serialize($rightValue);
} else {
continue;
Expand Down
54 changes: 50 additions & 4 deletions core/src/plugins/core.conf/class.AbstractAjxpUser.php
View file
Expand Up @@ -164,6 +164,10 @@ public function addRole($roleObject)
}
if(!isSet($this->rights["ajxp.roles"])) $this->rights["ajxp.roles"] = array();
$this->rights["ajxp.roles"][$roleObject->getId()] = true;
if(!isSet($this->rights["ajxp.roles.order"])){
$this->rights["ajxp.roles.order"] = array();
}
$this->rights["ajxp.roles.order"][$roleObject->getId()] = count($this->rights["ajxp.roles"]);
uksort($this->rights["ajxp.roles"], array($this, "orderRoles"));
$this->roles[$roleObject->getId()] = $roleObject;
$this->recomputeMergedRole();
Expand All @@ -175,10 +179,35 @@ public function removeRole($roleId)
unset($this->rights["ajxp.roles"][$roleId]);
uksort($this->rights["ajxp.roles"], array($this, "orderRoles"));
if(isSet($this->roles[$roleId])) unset($this->roles[$roleId]);
if(isset($this->rights["ajxp.roles.order"]) && isset($this->rights["ajxp.roles.order"][$roleId])){
$previousPos = $this->rights["ajxp.roles.order"][$roleId];
$ordered = array_flip($this->rights["ajxp.roles.order"]);
ksort($ordered);
unset($ordered[$previousPos]);
$reordered = array();
$p = 0;
foreach($ordered as $id) {
$reordered[$id] = $p;
$p++;
}
$this->rights["ajxp.roles.order"] = $reordered;
}
}
$this->recomputeMergedRole();
}

/**
* @param $orderedRolesIds Ordered array of roles ids
*/
public function updateRolesOrder($orderedRolesIds){
// check content
$saveRoleOrders = array();
foreach($orderedRolesIds as $position => $rId){
if(isSet($this->rights["ajxp.roles"][$rId])) $saveRoleOrders[$rId] = $position;
}
$this->rights["ajxp.roles.order"] = $saveRoleOrders;
}

public function getRoles()
{
if (isSet($this->rights["ajxp.roles"])) {
Expand Down Expand Up @@ -486,9 +515,25 @@ protected function migrateRightsToPersonalRole()

protected function orderRoles($r1, $r2)
{
// One group and something else
if(strpos($r1, "AJXP_GRP_") === 0 && strpos($r2, "AJXP_GRP_") === FALSE) return -1;
if(strpos($r2, "AJXP_GRP_") === 0 && strpos($r1, "AJXP_GRP_") === FALSE) return 1;

// Usr role and something else
if(strpos($r1, "AJXP_USR_") === 0) return 1;
if(strpos($r2, "AJXP_USR_") === 0) return -1;
return strcmp($r1,$r2);

// Two groups, sort by string, will magically keep group hierarchy
if(strpos($r1, "AJXP_GRP_") === 0 && strpos($r2, "AJXP_GRP_") === 000) {
return strcmp($r1,$r2);
}

// Two roles - Try to get sorting order
if(isSet($this->rights["ajxp.roles.order"])){
return $this->rights["ajxp.roles.order"][$r1] - $this->rights["ajxp.roles.order"][$r2];
}else{
return strcmp($r1,$r2);
}
}

public function setResolveAsParent($resolveAsParent)
Expand All @@ -503,15 +548,16 @@ public function getResolveAsParent()

/**
* @param array $roles
* @param boolean $checkBoolean
* @return array
*/
protected function filterRolesForSaving($roles)
protected function filterRolesForSaving($roles, $checkBoolean)
{
$res = array();
foreach ($roles as $rName => $status) {
if(!$status) continue;
if($checkBoolean && !$status) continue;
if(strpos($rName, "AJXP_GRP_/") === 0) continue;
$res[$rName] = true;
$res[$rName] = $status;
}
return $res;
}
Expand Down

0 comments on commit 359db66

Please sign in to comment.