Namespaces | Functions

cms/permission.lib.php File Reference

Go to the source code of this file.

Namespaces

namespace  pragyan
 

Widget Framework for Pragyan CMS (c) 2010 Pragyan Team http://www.gnu.org/licenses/ GNU Public License For more details, see README Add support for File Upload/Download via the widget's configurations Reload Widgets ,Get Widget Instances. see bottom.


Functions

 renderArray ($array)
 inner ($smallobj)
 customjson ($objDesc)
 getAllPermissionsOnPage ($pagepath, $modifiableGroups, $grantableActions)
 getPermissionId ($module, $action)
 getPagePermission (array $pagePath, $usergroupid, $action, $module, $permtype= 'group')
 getPermissions ($userid, $pageid, $action, $module="")
 determineGrantTargetId (&$targettype)
 grantPermissions ($userid, $pageid)
 getPerms ($pageId, $groupuser, $yesno)
 customGetAllUsers ()
 customGetGroups ($priority)
 getAllPermissions ()
 unsetPagePermission ($usergroupid, $pageid, $action, $module, $permtype= 'group')
 setPagePermission ($usergroupid, $pageid, $action, $module, $permission, $permtype= 'group')
 getMaxPriorityGroup (&$pagepath, $userid, &$groupids, &$virtue)
 getModifiableGroups ($userId, $maxPriorityGroup, $ordering= 'asc')
 getGroupPermissions ($groupids, $pagepath, $userid=-1)

Function Documentation

customGetAllUsers (  ) 

Definition at line 681 of file permission.lib.php.

customGetGroups ( priority  ) 

Definition at line 690 of file permission.lib.php.

customjson ( objDesc  ) 

Definition at line 48 of file permission.lib.php.

determineGrantTargetId ( &$  targettype  ) 

Determines the id of the user or group for which permissions are being set from a form generated by getGrantForm()

Returns:
Integer, containing the id of the user or group, a value less than 0 indicating failure

Definition at line 401 of file permission.lib.php.

getAllPermissions (  ) 

Definition at line 699 of file permission.lib.php.

getAllPermissionsOnPage ( pagepath,
modifiableGroups,
grantableActions 
)

Generates a table showing the permissions of all users and visible groups on a particular page

Parameters:
$pagepath Array containing the path to the current page
$modifiableGroups Array containing the groups for which permissions are to be viewed
$grantableActions Array containing the module => actions for which permissions must be shown

$grantableActions is of the form: $grantableActions['moduleName_i'] = array( array1(permid, actionname, actiondescription), array2(permid, actionname, actiondescription) )

Retrieve Ids and Names of all groups

< Associative array relative group ids to group names

Retrieve Ids and Names of all users

$permList: Array of the form $permList[$permId] = array($moduleName, $actionName, $actionDescription)

Retrieve all the permissions set on the page path $groupSetPermissions and $userSetPermissions are arrays of the form $<user/group>SetPermissions[pageid][<user/group>id][permid] = true / false / unset This array will be used later to compute $groupEffectivePermissions and $userEffectivePermission

Now, compute effective permissions for all groups. Computing for groups first will make things easier for users (yeah, right!)

Loop 1 counts down through page numbers. Loop 2 takes each group Loop 3 takes each permission Inside loop three, if the groupSetPermissions for pageid, groupid, permid is set, check if groupEffectivePermissions has been set for that groupid and permid Yes: If groupEffectivePermissions is false, leave it as such. Otherwise, copy setPerm No: copySetPermissions

$pSP stands for SetPermissions for that particular pageId and $gSP stands for SetPermissions for that particular groupId on that pageId. $pSP is a 2D array, and $gSP is a 1D array, respectively (see their initializations) $gEP stands for Effective Permissions for a group on the current page as calculated so far pSP, gSP and gEP are aimed at reducing the number of times the 3D array needs to be indexed and at making the code a little easier to read

Now to compute the effective permissions for the users

Get all the groups each user belongs to

Calculate permissions as far as groups are concerned.

Definition at line 58 of file permission.lib.php.

getGroupPermissions ( groupids,
pagepath,
userid = -1 
)

Retrieves a list of actions a user has on a given page

Parameters:
groupids The groups to which the person belongs
pagepath Array containing page ids representing the nodes on the path to the page
Returns:
Array containing the modules, pointing to list of actions the user can perform on that module

Definition at line 859 of file permission.lib.php.

getMaxPriorityGroup ( &$  pagepath,
userid,
&$  groupids,
&$  virtue 
)

Retrieves the group of maximum priority that gives the concerned user the grant permission at a given page

Parameters:
$pagepath An array containing the page ids of the nodes leading to the current page
$userid User id of the current user
$groupids The list of ids of the groups to which the user belongs, ordered by priority
$virtue String indicating whether the user obtained grant individually or through a group
Returns:
Integer representing the id of the group with the maxmimum priority, -1 in case no such group was found

Definition at line 801 of file permission.lib.php.

getModifiableGroups ( userId,
maxPriorityGroup,
ordering = 'asc' 
)

"SELECT `$groupsTable`.`group_id`, `$groupsTable`.`group_name`, `$groupsTable`.`group_description`, `$groupsTable`.`group_priority` " . "FROM `$groupsTable` WHERE `group_priority <= (SELECT `group_priority` FROM `$groupsTable` WHERE `group_id` = $maxPriorityGroup)

OLD QUERY: *** "SELECT `$groupsTable`.`group_id`, `$groupsTable`.`group_name`, `$groupsTable`.`group_description`, `$groupsTable`.`group_priority` " . "FROM `$groupsTable`, `$usergroupTable` " . "WHERE `$usergroupTable`.`user_id` = $userId AND `$usergroupTable`.`group_id` = `$groupsTable`.`group_id` " . "AND `$groupsTable`.`group_priority` <= " . "(SELECT `group_priority` FROM `$groupsTable` WHERE `group_id` = $maxPriorityGroup) " . "ORDER BY `$groupsTable`.`group_priority` $ordering";

Definition at line 819 of file permission.lib.php.

getPagePermission ( array $  pagePath,
usergroupid,
action,
module,
permtype = 'group' 
)

Checks whether a given group has a given permission over a given page

Parameters:
$pagePath Array of integers, containing the pageids of each node in the path to the current page
$usergroupid Id of the group or user
$action String containing the name of the action requested
$module Name of the module
$permtype String indicating whether $usergroupid contains a group id or a user id
Returns:
Boolean indicating whether the user or group has the requested permission

For the group under consideration, find permission for the page: From leaf node upto root, return false on finding first 'no' If permission is unset even after going till the root, return false

< -1 for unset

Definition at line 319 of file permission.lib.php.

getPermissionId ( module,
action 
)

Definition at line 295 of file permission.lib.php.

getPermissions ( userid,
pageid,
action,
module = "" 
)

Finds out if a given user has the permission to perform a given action on a given page

Parameters:
$userid User Id of the user
$pagePath Array of integers, containing the pageids of each node in the path to the current page
$action String representing the requested action
$module String containing the name of the requested module
Returns:
Boolean indicating whether the user has the requested permission or not

Find all groups the user belongs to, ordered by priority For each group, starting with lowest priority, get permission for the page

Definition at line 366 of file permission.lib.php.

getPerms ( pageId,
groupuser,
yesno 
)

Definition at line 664 of file permission.lib.php.

grantPermissions ( userid,
pageid 
)

Determines which permissions a user can grant, and to which groups and users on a given page

Parameters:
$userid User id of the user attempting to grant permissions
$pagepath Array containing the page ids of the nodes on the path to the given page
$modifiableGroups Buffer to store the groups the user can grant permissions to
$grantableActions Buffer to store the list of actions the user can grant permissions for
Returns:
Boolean, indicating whether the function was successful

Definition at line 457 of file permission.lib.php.

inner ( smallobj  ) 

Definition at line 38 of file permission.lib.php.

renderArray ( array  ) 

permission.lib.php: Everything to do with page and module permissions

TODO: One should also be able to View a resultant "group" permission table. Like we have for users now. Coz one needs to be able to see the resultant permission set for a not logged in user right?. DONE: call getPermissionTable passing a negative userid and as many group ids as you need as the groupids array Generates a list of usernames, and email ids that match a given pattern

Parameters:
$pattern Pattern for which suggestions must be found
Returns:
string A comma separated string ready to be sent back to the client

Definition at line 30 of file permission.lib.php.

setPagePermission ( usergroupid,
pageid,
action,
module,
permission,
permtype = 'group' 
)

Sets permission for a user or group at a particular level, for a given action and module

Parameters:
$usergroupid Id of the user or group for which the permission is to be set
$pageid Id of the page at which level the permission is to be set
$action Action for which the permission is being set
$module Name of the module for which the action is defined
$permission Boolean indicating whether the permission is to be given, or taken away
$permtype String indicating whether $usergroupid represents a user or a group
Returns:
Boolean True indicating success, false indicating failure

Definition at line 752 of file permission.lib.php.

unsetPagePermission ( usergroupid,
pageid,
action,
module,
permtype = 'group' 
)

Unsets permissions for a given user or group for a given page

Parameters:
$usergroupid Id of the user or group, whose permission is to be unset
$pageid Page id of the current page
$action Action for which the permission is to be unset
$module Name of the module to which the action belongs
$permtype A string indicating whether $usergroupid refers to a user or a group
Returns:
Boolean, true indicating success, and false indicating failure

Definition at line 718 of file permission.lib.php.