Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
Public Member Functions | Public Attributes | List of all members
RDbAuthManager Class Reference

Public Member Functions

 addItemChild ($itemName, $childName)
 assign ($itemName, $userId, $bizRule=null, $data=null)
 getAuthItem ($name, $allowCaching=true)
 getAuthItemsByNames ($names, $nested=false)
 getAuthItems ($type=null, $userId=null, $sort=true)
 getItemChildren ($names, $allowCaching=true)
 getAssignmentsByItemName ($name)
 updateItemWeight ($result)

Public Attributes

 $rightsTable = 'Rights'

Detailed Description

Rights authorization manager class file.

Author
Christoffer Niska cnisk.nosp@m.a@li.nosp@m.ve.co.nosp@m.m
Since
0.9.7

Definition at line 9 of file RDbAuthManager.php.

Member Function Documentation

RDbAuthManager::addItemChild (   $itemName,
  $childName 
)

Adds an item as a child of another item. Overloads the parent method to make sure that we do not add already existing children.

Parameters
string$itemNamethe item name.
string$childNamethe child item name.
Exceptions
CExceptionif either parent or child doesn't exist or if a loop has been detected.

Definition at line 27 of file RDbAuthManager.php.

{
// Make sure that the item doesn't already have this child.
if( $this->hasItemChild($itemName, $childName)===false )
return parent::addItemChild($itemName, $childName);
}
RDbAuthManager::assign (   $itemName,
  $userId,
  $bizRule = null,
  $data = null 
)

Assigns an authorization item to a user making sure that the user doesn't already have this assignment. Overloads the parent method to make sure that we do not assign already assigned items.

Parameters
string$itemNamethe item name.
mixed$userIdthe user ID (see IWebUser::getId)
string$bizRulethe business rule to be executed when checkAccess is called for this particular authorization item.
mixed$dataadditional data associated with this assignment.
Returns
CAuthAssignment the authorization assignment information.
Exceptions
CExceptionif the item does not exist or if the item has already been assigned to the user.

Definition at line 47 of file RDbAuthManager.php.

{
// Make sure that this user doesn't already have this assignment.
if( $this->getAuthAssignment($itemName, $userId)===null )
return parent::assign($itemName, $userId, $bizRule, $data);
}
RDbAuthManager::getAuthItem (   $name,
  $allowCaching = true 
)

Returns the authorization item with the specified name. Overloads the parent method to allow for runtime caching.

Parameters
string$namethe name of the item.
boolean$allowCachingwhether to accept cached data.
Returns
CAuthItem the authorization item. Null if the item cannot be found.

Definition at line 61 of file RDbAuthManager.php.

References getAuthItems().

Referenced by updateItemWeight().

{
// Get all items if necessary and cache them.
if( $allowCaching && $this->_items===array() )
$this->_items = $this->getAuthItems();
// Get the items from cache if possible.
if( $allowCaching && isset($this->_items[ $name ]) )
{
return $this->_items[ $name ];
}
// Attempt to get the item.
else if( ($item = parent::getAuthItem($name))!==null )
{
return $item;
}
// Item does not exist.
return null;
}
RDbAuthManager::getAuthItems (   $type = null,
  $userId = null,
  $sort = true 
)

Returns the authorization items of the specific type and user. Overloads the parent method to allow for sorting.

Parameters
integer$typethe item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type.
mixed$userIdthe user ID. Defaults to null, meaning returning all items even if they are not assigned to a user.
boolean$sortwhether to sort the items according to their weights.
Returns
array the authorization items of the specific type.

Definition at line 121 of file RDbAuthManager.php.

Referenced by getAuthItem(), and getAuthItemsByNames().

{
// We need to sort the items.
if( $sort===true )
{
if( $type===null && $userId===null )
{
$command=$this->db->createCommand()
->select('name,t1.type,description,t1.bizrule,t1.data,weight')
->from($this->itemTable. ' t1')
->leftJoin($this->rightsTable. ' t2', 'name=itemname')
->order('t1.type DESC, weight ASC');
}
else if( $userId===null )
{
$command=$this->db->createCommand()
->select('name,t1.type,description,t1.bizrule,t1.data,weight')
->from($this->itemTable.' t1')
->leftJoin($this->rightsTable. ' t2', 'name=itemname')
->where('t1.type=:type')
->order('t1.type DESC, weight ASC');
$command->bindValue(':type', $type);
}
else if( $type===null )
{
$command=$this->db->createCommand()
->select('name,t1.type,description,t1.bizrule,t1.data,weight')
->from($this->itemTable. ' t1')
->leftJoin($this->assignmentTable .' t2', 'name=t2.itemname')
->leftJoin($this->rightsTable. ' t3', 'name=t3.itemname')
->where('userid=:userid')
->order('t1.type DESC, weight ASC');
$command->bindValue(':userid', $userId);
}
else
{
$command=$this->db->createCommand()
->select('name,t1.type,description,t1.bizrule,t1.data,weight')
->from($this->itemTable. ' t1')
->leftJoin($this->assignmentTable .' t2', 'name=t2.itemname')
->leftJoin($this->rightsTable. ' t3', 'name=t3.itemname')
->where('t1.type=:type AND userid=:userid')
->order('t1.type DESC, weight ASC');
$command->bindValue(':type', $type);
$command->bindValue(':userid', $userId);
}
$items = array();
foreach($command->queryAll() as $row)
$items[ $row['name'] ] = new CAuthItem($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], unserialize($row['data']));
}
// No sorting required.
else
{
$items = parent::getAuthItems($type, $userId);
}
return $items;
}
RDbAuthManager::getAuthItemsByNames (   $names,
  $nested = false 
)

Returns the specified authorization items.

Parameters
array$namesthe names of the authorization items to get.
boolean$nestedwhether to nest the items by type.
Returns
array the authorization items.

Definition at line 89 of file RDbAuthManager.php.

References getAuthItems().

{
// Get all items if necessary and cache them.
if( $this->_items===array() )
$this->_items = $this->getAuthItems();
// Collect the items we want.
$items = array();
foreach( $this->_items as $name=>$item )
{
if( in_array($name, $names) )
{
if( $nested===true )
$items[ $item->getType() ][ $name ] = $item;
else
$items[ $name ] = $item;
}
}
return $items;
}
RDbAuthManager::getItemChildren (   $names,
  $allowCaching = true 
)

Returns the children of the specified item. Overloads the parent method to allow for caching.

Parameters
mixed$namesthe parent item name. This can be either a string or an array. The latter represents a list of item names (available since version 1.0.5).
boolean$allowCachingwhether to accept cached data.
Returns
array all child items of the parent

Definition at line 189 of file RDbAuthManager.php.

References Rights\getAuthorizer().

{
// Resolve the key for runtime caching.
$key = $names===(array)$names ? implode('|', $names) : $names;
// Get the children from cache if possible.
if( $allowCaching && isset($this->_itemChildren[ $key ])===true )
{
return $this->_itemChildren[ $key ];
}
// Children not cached or cached data is not accepted.
else
{
// We only have one name.
if( is_string($names) )
{
$condition = 'parent='.$this->db->quoteValue($names);
}
// We have multiple names.
else if( $names===(array)$names && $names!==array() )
{
foreach($names as &$name)
$name=$this->db->quoteValue($name);
$condition = 'parent IN ('.implode(', ', $names).')';
}
else
{
$condition = '1';
}
// $sql = "SELECT name, type, description, bizrule, data
// FROM {$this->itemTable}, {$this->itemChildTable}
// WHERE {$condition} AND name=child";
$command = $this->db->createCommand()
->select('name, type, description, bizrule, data')
->from("{$this->itemTable}, {$this->itemChildTable}")
->where("{$condition} AND name=child");
$children = array();
foreach( $command->queryAll() as $row )
{
if( ($data = @unserialize($row['data']))===false )
$data = null;
$children[ $row['name'] ] = new CAuthItem($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data);
}
// Attach the authorization item behavior.
$children = Rights::getAuthorizer()->attachAuthItemBehavior($children);
// Cache the result.
return $this->_itemChildren[ $key ] = $children;
}
}
RDbAuthManager::updateItemWeight (   $result)

Updates the authorization items weight.

Parameters
array$resultthe result returned from jui-sortable.

Definition at line 271 of file RDbAuthManager.php.

References getAuthItem().

{
foreach( $result as $weight=>$itemname )
{
// $sql = "SELECT COUNT(*) FROM {$this->rightsTable}
// WHERE itemname=:itemname";
$command = $this->db->createCommand()
->select('count(*)')
->from($this->rightsTable)
->where('itemname=:itemname');
$command->bindValue(':itemname', $itemname);
// Check if the item already has a weight.
if( $command->queryScalar()>0 )
{
// $sql = "UPDATE {$this->rightsTable}
// SET weight=:weight
// WHERE itemname=:itemname";
$command = $this->db->createCommand()
->update($this->rightsTable, array('weight'=> $weight), 'itemname=:itemname', array(':itemname' => $itemname));
// $command->bindValue(':weight', $weight);
// $command->bindValue(':itemname', $itemname);
// $command->execute();
}
// Item does not have a weight, insert it.
else
{
if( ($item = $this->getAuthItem($itemname))!==null )
{
// $sql = "INSERT INTO {$this->rightsTable} (itemname, type, weight)
// VALUES (:itemname, :type, :weight)";
$command = $this->db->createCommand()
->insert($this->rightsTable, array('itemname' => $itemname, 'type'=>$item->getType(), 'weight'=>$weight));
// $command->bindValue(':itemname', $itemname);
// $command->bindValue(':type', $item->getType());
// $command->bindValue(':weight', $weight);
// $command->execute();
}
}
}
}

The documentation for this class was generated from the following file: