5 * Copyright 2004, GForge, LLC
6 * Copyright 2009-2011, Roland Mas
8 * This file is part of FusionForge. FusionForge is free software;
9 * you can redistribute it and/or modify it under the terms of the
10 * GNU General Public License as published by the Free Software
11 * Foundation; either version 2 of the Licence, or (at your option)
14 * FusionForge is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 require_once $gfcommon.'include/rbac_texts.php' ;
25 require_once $gfcommon.'include/RBAC.php' ;
28 * TODO: FusionForge roles - Enter description here ...
31 class Role extends RoleExplicit implements PFO_RoleExplicit {
39 * Role($group,$id) - CONSTRUCTOR.
41 * @param object The Group object.
42 * @param int The role_id.
44 function Role($Group, $role_id = false) {
46 if (!$Group || !is_object($Group) || $Group->isError()) {
49 $this->Group =& $Group;
51 $hook_params = array();
52 $hook_params['role'] =& $this;
53 plugin_hook("role_get", $hook_params);
55 if (isset ($GLOBALS['default_roles'])) {
56 $this->defaults = array_merge_recursive($this->defaults,
57 $GLOBALS['default_roles']);
58 foreach ($this->defaults as $k => $v) {
59 if (!array_key_exists($GLOBALS['default_roles'], $k)) {
60 unset($this->defaults[$k]);
66 //setting up an empty object
67 //probably going to call create()
70 return $this->fetchData($role_id);
74 * setName - set the name of this role.
76 * @param string The new name of this role.
77 * @return boolean True if updated OK
79 function setName($role_name) { // From the PFO spec
80 if ($role_name == '') {
81 $this->setError('Cannot set a role name to empty');
84 if ($this->getName() != stripslashes($role_name)) {
86 if ($this->Group == NULL) {
87 $res = db_query_params('SELECT role_name FROM pfo_role WHERE home_group_id IS NULL AND role_name=$1',
88 array(htmlspecialchars($role_name)));
89 if (db_numrows($res)) {
90 $this->setError('Cannot create a role with this name (already used)');
95 $res = db_query_params('SELECT role_name FROM pfo_role WHERE home_group_id=$1 AND role_name=$2',
96 array($this->Group->getID(), htmlspecialchars($role_name)));
97 if (db_numrows($res)) {
98 $this->setError('Cannot create a role with this name (already used)');
103 $res = db_query_params('UPDATE pfo_role SET role_name=$1 WHERE role_id=$2',
104 array(htmlspecialchars($role_name),
106 if (!$res || db_affected_rows($res) < 1) {
107 $this->setError('update::name::'.db_error());
116 * isPublic - is this role public (accessible from projects
117 * other than its home project)?
119 * @return boolean True if public
121 function isPublic() { // From the PFO spec
122 return $this->data_array['is_public'];
126 * setPublic - set the public flag for this role.
128 * @param boolean The new value of the flag.
129 * @return boolean True if updated OK
131 function setPublic($flag) { // From the PFO spec
132 $res = db_query_params('UPDATE pfo_role SET is_public=$1 WHERE role_id=$2',
133 array($flag?'true':'false',
135 if (!$res || db_affected_rows($res) < 1) {
136 $this->setError('update::is_public::'.db_error());
142 function getHomeProject() { // From the PFO spec
147 * create - create a new role in the database.
149 * @param string The name of the role.
150 * @param array A multi-dimensional array of data in this format: $data['section_name']['ref_id']=$val
151 * @return integer The id on success or false on failure.
153 function create($role_name, $data, $newproject=false) {
154 if ($this->Group == NULL) {
155 if (!forge_check_global_perm('forge_admin')) {
156 $this->setPermissionDeniedError();
161 if (!forge_check_global_perm('approve_projects')) {
162 $this->setPermissionDeniedError();
165 } elseif (!forge_check_perm('project_admin', $this->Group->getID())) {
166 $this->setPermissionDeniedError();
169 if ($role_name == '') {
170 $this->setError('Cannot create a role with an empty name');
175 if ($this->Group == NULL) {
176 $res = db_query_params('SELECT role_name FROM pfo_role WHERE home_group_id IS NULL AND LOWER(role_name)=LOWER($1)',
177 array (htmlspecialchars($role_name)));
178 if (db_numrows($res)) {
179 $this->setError('Cannot create a role with this name (already used)');
184 $res = db_query_params('SELECT role_name FROM pfo_role WHERE home_group_id=$1 AND LOWER(role_name)=LOWER($2)',
185 array ($this->Group->getID(), htmlspecialchars($role_name)));
186 if (db_numrows($res)) {
187 $this->setError('Cannot create a role with this name (already used)');
193 if ($this->Group == NULL) {
194 $res = db_query_params ('INSERT INTO pfo_role (role_name) VALUES ($1)',
195 array (htmlspecialchars($role_name))) ;
197 $res = db_query_params ('INSERT INTO pfo_role (home_group_id, role_name) VALUES ($1, $2)',
198 array ($this->Group->getID(),
199 htmlspecialchars($role_name))) ;
202 $this->setError('create::'.db_error());
206 $role_id=db_insertid($res,'pfo_role','role_id');
208 $this->setError('create::db_insertid::'.db_error());
212 $this->data_array['role_id'] = $role_id ;
213 $this->data_array['role_name'] = $role_name ;
215 $this->update ($role_name, $data) ;
217 $this->normalizeData () ;
219 if (!$this->fetchData($role_id)) {
228 * TODO: Enter description here ...
229 * @param unknown_type $name
230 * @return Ambigous <number, boolean, contents>|boolean
232 function createDefault($name) {
233 if ($this->Group == NULL) {
234 return $this->create($name,array(),true);
237 if (array_key_exists ($name, $this->defaults)) {
238 $arr =& $this->defaults[$name];
244 foreach ($arr as $k => $v) {
245 $data[$k][$this->Group->getID()]= $v;
247 if ($k == 'new_forum') {
248 $res = db_query_params('SELECT group_forum_id FROM forum_group_list WHERE group_id=$1',
249 array ($this->Group->getID())) ;
251 $this->setError('Error: Forum'.db_error());
254 for ($j=0; $j<db_numrows($res); $j++) {
255 $data['forum'][db_result($res, $j, 'group_forum_id')]= $v;
257 } elseif ($k == 'new_pm') {
258 $res = db_query_params('SELECT group_project_id FROM project_group_list WHERE group_id=$1',
259 array ($this->Group->getID())) ;
261 $this->setError('Error: TaskMgr'.db_error());
264 for ($j=0; $j<db_numrows($res); $j++) {
265 $data['pm'][db_result($res, $j, 'group_project_id')]= $v;
267 } elseif ($k == 'new_tracker') {
268 $res = db_query_params('SELECT group_artifact_id FROM artifact_group_list WHERE group_id=$1',
269 array ($this->Group->getID())) ;
271 $this->setError('Error: Tracker'.db_error());
274 for ($j=0; $j<db_numrows($res); $j++) {
275 $data['tracker'][db_result($res, $j, 'group_artifact_id')]= $v;
280 return $this->create($name,$data,false);
284 * delete - delete a role in the database.
286 * @return boolean True on success or false on failure.
289 if ($this->Group == NULL) {
290 if (!forge_check_global_perm ('forge_admin')) {
291 $this->setPermissionDeniedError();
294 } elseif (!forge_check_perm('project_admin', $this->Group->getID())) {
295 $this->setPermissionDeniedError();
299 $res=db_query_params('SELECT user_id FROM pfo_user_role WHERE role_id=$1',
300 array($this->getID()));
302 if (db_numrows($res) > 0) {
303 $this->setError(_('Cannot remove a non empty role.'));
308 $res=db_query_params('DELETE FROM pfo_user_role WHERE role_id=$1',
309 array($this->getID())) ;
311 $this->setError('delete::name::'.db_error());
316 $res=db_query_params('DELETE FROM role_project_refs WHERE role_id=$1',
317 array($this->getID()));
319 $this->setError('delete::name::'.db_error());
324 $res=db_query_params('DELETE FROM pfo_role_setting WHERE role_id=$1',
325 array($this->getID()));
327 $this->setError('delete::name::'.db_error());
332 $res=db_query_params('DELETE FROM pfo_role WHERE role_id=$1',
333 array($this->getID()));
335 $this->setError('delete::name::'.db_error());
348 * @return boolean True on success or false on failure.
350 function setUser($user_id) {
353 if ($this->Group == NULL) {
354 if (!forge_check_global_perm ('forge_admin')) {
355 $this->setPermissionDeniedError();
358 } elseif (!forge_check_perm ('project_admin', $this->Group->getID())) {
359 $this->setPermissionDeniedError();
363 return $this->addUser (user_get_object($user_id)) ;
370 // c-file-style: "bsd"