Author: david
Date: Fri Sep 18 10:32:28 2009
New Revision: 3405
Log:
Add 'anonymous' and 'authenticated' ACL groups. Add list of protected groups.
Modified:
trunk/lib/model/om/BaseObject.php
trunk/lib/model/om/BaseUser.php
trunk/plugins/qbAclPlugin/data/fixtures/fixtures.yml
trunk/plugins/qbAclPlugin/lib/model/QubitAclGroup.php
Modified: trunk/lib/model/om/BaseObject.php
==============================================================================
--- trunk/lib/model/om/BaseObject.php Fri Sep 18 00:02:55 2009 (r3404)
+++ trunk/lib/model/om/BaseObject.php Fri Sep 18 10:32:28 2009 (r3405)
@@ -156,6 +156,11 @@
}
}
+ if ('aclPermissions' == $name)
+ {
+ return true;
+ }
+
if ('notes' == $name)
{
return true;
@@ -191,11 +196,6 @@
return true;
}
- if ('aclPermissions' == $name)
- {
- return true;
- }
-
throw new sfException;
}
@@ -237,6 +237,23 @@
}
}
+ if ('aclPermissions' == $name)
+ {
+ if (!isset($this->refFkValues['aclPermissions']))
+ {
+ if (!isset($this->id))
+ {
+ $this->refFkValues['aclPermissions'] = QubitQuery::create();
+ }
+ else
+ {
+ $this->refFkValues['aclPermissions'] =
self::getaclPermissionsById($this->id, array('self' => $this) + $options);
+ }
+ }
+
+ return $this->refFkValues['aclPermissions'];
+ }
+
if ('notes' == $name)
{
if (!isset($this->refFkValues['notes']))
@@ -356,23 +373,6 @@
return $this->refFkValues['statuss'];
}
- if ('aclPermissions' == $name)
- {
- if (!isset($this->refFkValues['aclPermissions']))
- {
- if (!isset($this->id))
- {
- $this->refFkValues['aclPermissions'] = QubitQuery::create();
- }
- else
- {
- $this->refFkValues['aclPermissions'] =
self::getaclPermissionsById($this->id, array('self' => $this) + $options);
- }
- }
-
- return $this->refFkValues['aclPermissions'];
- }
-
throw new sfException;
}
@@ -650,6 +650,26 @@
$this->setid($key);
}
+ public static function addaclPermissionsCriteriaById(Criteria $criteria, $id)
+ {
+ $criteria->add(QubitAclPermission::OBJECT_ID, $id);
+
+ return $criteria;
+ }
+
+ public static function getaclPermissionsById($id, array $options = array())
+ {
+ $criteria = new Criteria;
+ self::addaclPermissionsCriteriaById($criteria, $id);
+
+ return QubitAclPermission::get($criteria, $options);
+ }
+
+ public function addaclPermissionsCriteria(Criteria $criteria)
+ {
+ return self::addaclPermissionsCriteriaById($criteria, $this->id);
+ }
+
public static function addnotesCriteriaById(Criteria $criteria, $id)
{
$criteria->add(QubitNote::OBJECT_ID, $id);
@@ -790,26 +810,6 @@
return self::addstatussCriteriaById($criteria, $this->id);
}
- public static function addaclPermissionsCriteriaById(Criteria $criteria, $id)
- {
- $criteria->add(QubitAclPermission::OBJECT_ID, $id);
-
- return $criteria;
- }
-
- public static function getaclPermissionsById($id, array $options = array())
- {
- $criteria = new Criteria;
- self::addaclPermissionsCriteriaById($criteria, $id);
-
- return QubitAclPermission::get($criteria, $options);
- }
-
- public function addaclPermissionsCriteria(Criteria $criteria)
- {
- return self::addaclPermissionsCriteriaById($criteria, $this->id);
- }
-
public function __call($name, $args)
{
if ('get' == substr($name, 0, 3) || 'set' == substr($name, 0, 3))
Modified: trunk/lib/model/om/BaseUser.php
==============================================================================
--- trunk/lib/model/om/BaseUser.php Fri Sep 18 00:02:55 2009 (r3404)
+++ trunk/lib/model/om/BaseUser.php Fri Sep 18 10:32:28 2009 (r3405)
@@ -82,32 +82,32 @@
{
}
- if ('notes' == $name)
+ if ('aclPermissions' == $name)
{
return true;
}
- if ('permissionScopes' == $name)
+ if ('aclUserGroups' == $name)
{
return true;
}
- if ('systemEvents' == $name)
+ if ('notes' == $name)
{
return true;
}
- if ('userRoleRelations' == $name)
+ if ('permissionScopes' == $name)
{
return true;
}
- if ('aclPermissions' == $name)
+ if ('systemEvents' == $name)
{
return true;
}
- if ('aclUserGroups' == $name)
+ if ('userRoleRelations' == $name)
{
return true;
}
@@ -133,111 +133,151 @@
{
}
- if ('notes' == $name)
+ if ('aclPermissions' == $name)
{
- if (!isset($this->refFkValues['notes']))
+ if (!isset($this->refFkValues['aclPermissions']))
{
if (!isset($this->id))
{
- $this->refFkValues['notes'] = QubitQuery::create();
+ $this->refFkValues['aclPermissions'] = QubitQuery::create();
}
else
{
- $this->refFkValues['notes'] = self::getnotesById($this->id,
array('self' => $this) + $options);
+ $this->refFkValues['aclPermissions'] =
self::getaclPermissionsById($this->id, array('self' => $this) + $options);
}
}
- return $this->refFkValues['notes'];
+ return $this->refFkValues['aclPermissions'];
}
- if ('permissionScopes' == $name)
+ if ('aclUserGroups' == $name)
{
- if (!isset($this->refFkValues['permissionScopes']))
+ if (!isset($this->refFkValues['aclUserGroups']))
{
if (!isset($this->id))
{
- $this->refFkValues['permissionScopes'] = QubitQuery::create();
+ $this->refFkValues['aclUserGroups'] = QubitQuery::create();
}
else
{
- $this->refFkValues['permissionScopes'] =
self::getpermissionScopesById($this->id, array('self' => $this) + $options);
+ $this->refFkValues['aclUserGroups'] =
self::getaclUserGroupsById($this->id, array('self' => $this) + $options);
}
}
- return $this->refFkValues['permissionScopes'];
+ return $this->refFkValues['aclUserGroups'];
}
- if ('systemEvents' == $name)
+ if ('notes' == $name)
{
- if (!isset($this->refFkValues['systemEvents']))
+ if (!isset($this->refFkValues['notes']))
{
if (!isset($this->id))
{
- $this->refFkValues['systemEvents'] = QubitQuery::create();
+ $this->refFkValues['notes'] = QubitQuery::create();
}
else
{
- $this->refFkValues['systemEvents'] =
self::getsystemEventsById($this->id, array('self' => $this) + $options);
+ $this->refFkValues['notes'] = self::getnotesById($this->id,
array('self' => $this) + $options);
}
}
- return $this->refFkValues['systemEvents'];
+ return $this->refFkValues['notes'];
}
- if ('userRoleRelations' == $name)
+ if ('permissionScopes' == $name)
{
- if (!isset($this->refFkValues['userRoleRelations']))
+ if (!isset($this->refFkValues['permissionScopes']))
{
if (!isset($this->id))
{
- $this->refFkValues['userRoleRelations'] = QubitQuery::create();
+ $this->refFkValues['permissionScopes'] = QubitQuery::create();
}
else
{
- $this->refFkValues['userRoleRelations'] =
self::getuserRoleRelationsById($this->id, array('self' => $this) + $options);
+ $this->refFkValues['permissionScopes'] =
self::getpermissionScopesById($this->id, array('self' => $this) + $options);
}
}
- return $this->refFkValues['userRoleRelations'];
+ return $this->refFkValues['permissionScopes'];
}
- if ('aclPermissions' == $name)
+ if ('systemEvents' == $name)
{
- if (!isset($this->refFkValues['aclPermissions']))
+ if (!isset($this->refFkValues['systemEvents']))
{
if (!isset($this->id))
{
- $this->refFkValues['aclPermissions'] = QubitQuery::create();
+ $this->refFkValues['systemEvents'] = QubitQuery::create();
}
else
{
- $this->refFkValues['aclPermissions'] =
self::getaclPermissionsById($this->id, array('self' => $this) + $options);
+ $this->refFkValues['systemEvents'] =
self::getsystemEventsById($this->id, array('self' => $this) + $options);
}
}
- return $this->refFkValues['aclPermissions'];
+ return $this->refFkValues['systemEvents'];
}
- if ('aclUserGroups' == $name)
+ if ('userRoleRelations' == $name)
{
- if (!isset($this->refFkValues['aclUserGroups']))
+ if (!isset($this->refFkValues['userRoleRelations']))
{
if (!isset($this->id))
{
- $this->refFkValues['aclUserGroups'] = QubitQuery::create();
+ $this->refFkValues['userRoleRelations'] = QubitQuery::create();
}
else
{
- $this->refFkValues['aclUserGroups'] =
self::getaclUserGroupsById($this->id, array('self' => $this) + $options);
+ $this->refFkValues['userRoleRelations'] =
self::getuserRoleRelationsById($this->id, array('self' => $this) + $options);
}
}
- return $this->refFkValues['aclUserGroups'];
+ return $this->refFkValues['userRoleRelations'];
}
throw new sfException;
}
+ public static function addaclPermissionsCriteriaById(Criteria $criteria, $id)
+ {
+ $criteria->add(QubitAclPermission::USER_ID, $id);
+
+ return $criteria;
+ }
+
+ public static function getaclPermissionsById($id, array $options = array())
+ {
+ $criteria = new Criteria;
+ self::addaclPermissionsCriteriaById($criteria, $id);
+
+ return QubitAclPermission::get($criteria, $options);
+ }
+
+ public function addaclPermissionsCriteria(Criteria $criteria)
+ {
+ return self::addaclPermissionsCriteriaById($criteria, $this->id);
+ }
+
+ public static function addaclUserGroupsCriteriaById(Criteria $criteria, $id)
+ {
+ $criteria->add(QubitAclUserGroup::USER_ID, $id);
+
+ return $criteria;
+ }
+
+ public static function getaclUserGroupsById($id, array $options = array())
+ {
+ $criteria = new Criteria;
+ self::addaclUserGroupsCriteriaById($criteria, $id);
+
+ return QubitAclUserGroup::get($criteria, $options);
+ }
+
+ public function addaclUserGroupsCriteria(Criteria $criteria)
+ {
+ return self::addaclUserGroupsCriteriaById($criteria, $this->id);
+ }
+
public static function addnotesCriteriaById(Criteria $criteria, $id)
{
$criteria->add(QubitNote::USER_ID, $id);
@@ -317,44 +357,4 @@
{
return self::adduserRoleRelationsCriteriaById($criteria, $this->id);
}
-
- public static function addaclPermissionsCriteriaById(Criteria $criteria, $id)
- {
- $criteria->add(QubitAclPermission::USER_ID, $id);
-
- return $criteria;
- }
-
- public static function getaclPermissionsById($id, array $options = array())
- {
- $criteria = new Criteria;
- self::addaclPermissionsCriteriaById($criteria, $id);
-
- return QubitAclPermission::get($criteria, $options);
- }
-
- public function addaclPermissionsCriteria(Criteria $criteria)
- {
- return self::addaclPermissionsCriteriaById($criteria, $this->id);
- }
-
- public static function addaclUserGroupsCriteriaById(Criteria $criteria, $id)
- {
- $criteria->add(QubitAclUserGroup::USER_ID, $id);
-
- return $criteria;
- }
-
- public static function getaclUserGroupsById($id, array $options = array())
- {
- $criteria = new Criteria;
- self::addaclUserGroupsCriteriaById($criteria, $id);
-
- return QubitAclUserGroup::get($criteria, $options);
- }
-
- public function addaclUserGroupsCriteria(Criteria $criteria)
- {
- return self::addaclUserGroupsCriteriaById($criteria, $this->id);
- }
}
Modified: trunk/plugins/qbAclPlugin/data/fixtures/fixtures.yml
==============================================================================
--- trunk/plugins/qbAclPlugin/data/fixtures/fixtures.yml Fri Sep 18
00:02:55 2009 (r3404)
+++ trunk/plugins/qbAclPlugin/data/fixtures/fixtures.yml Fri Sep 18
10:32:28 2009 (r3405)
@@ -1,52 +1,70 @@
QubitAclGroup:
QubitAclGroup_ROOT:
id: <?php echo QubitAclGroup::ROOT_ID."\n" ?>
+ QubitAclGroup_anonymous:
+ id: <?php echo QubitAclGroup::ANONYMOUS_ID."\n" ?>
+ parent_id: QubitAclGroup_ROOT
+ name:
+ en: 'anonymous user'
+ QubitAclGroup_authenticated:
+ id: <?php echo QubitAclGroup::AUTHENTICATED_ID."\n" ?>
+ parent_id: QubitAclGroup_anonymous
+ name:
+ en: 'authenticated user'
QubitAclGroup_administrator:
id: <?php echo QubitAclGroup::ADMINISTRATOR_ID."\n" ?>
- parent_id: QubitAclGroup_ROOT
+ parent_id: QubitAclGroup_authenticated
name:
en: administrator
QubitAclGroup_editor:
id: <?php echo QubitAclGroup::EDITOR_ID."\n" ?>
- parent_id: QubitAclGroup_ROOT
+ parent_id: QubitAclGroup_authenticated
name:
en: editor
QubitAclGroup_contributor:
id: <?php echo QubitAclGroup::CONTRIBUTOR_ID."\n" ?>
- parent_id: QubitAclGroup_ROOT
+ parent_id: QubitAclGroup_authenticated
name:
en: contributor
QubitAclGroup_translator:
id: <?php echo QubitAclGroup::TRANSLATOR_ID."\n" ?>
- parent_id: QubitAclGroup_ROOT
+ parent_id: QubitAclGroup_authenticated
name:
en: translator
QubitAclAction:
QubitAclAction_create:
id: <?php echo QubitAclAction::CREATE_ID."\n" ?>
- name:
+ name:
en: create
QubitAclAction_read:
id: <?php echo QubitAclAction::READ_ID."\n" ?>
- name:
+ name:
en: read
QubitAclAction_update:
id: <?php echo QubitAclAction::UPDATE_ID."\n" ?>
- name:
+ name:
en: update
QubitAclAction_delete:
id: <?php echo QubitAclAction::DELETE_ID."\n" ?>
- name:
+ name:
en: delete
QubitAclAction_view_draft:
id: <?php echo QubitAclAction::VIEW_DRAFT_ID."\n" ?>
- name:
+ name:
en: view draft
QubitAclAction_publish:
id: <?php echo QubitAclAction::PUBLISH_ID."\n" ?>
- name:
+ name:
en: publish
QubitAclPermission:
+ QubitAclPermission_anonymous_read:
+ group_id: QubitAclGroup_anonymous
+ action_id: <?php echo QubitAclAction::READ_ID."\n" ?>
+ grant_deny: 1
+ QubitAclPermission_authenticated_read:
+ group_id: QubitAclGroup_authenticated
+ action_id: <?php echo QubitAclAction::READ_ID."\n" ?>
+ grant_deny: 1
QubitAclPermission_admin_create:
group_id: QubitAclGroup_administrator
object_id: <?php echo QubitInformationObject::ROOT_ID."\n" ?>
Modified: trunk/plugins/qbAclPlugin/lib/model/QubitAclGroup.php
==============================================================================
--- trunk/plugins/qbAclPlugin/lib/model/QubitAclGroup.php Fri Sep 18
00:02:55 2009 (r3404)
+++ trunk/plugins/qbAclPlugin/lib/model/QubitAclGroup.php Fri Sep 18
10:32:28 2009 (r3405)
@@ -28,6 +28,8 @@
class QubitAclGroup extends BaseAclGroup
{
const ROOT_ID = 1;
+ const ANONYMOUS_ID = 98;
+ const AUTHENTICATED_ID = 99;
const ADMINISTRATOR_ID = 100;
const EDITOR_ID = 101;
const CONTRIBUTOR_ID = 102;
@@ -37,4 +39,14 @@
{
return (string) $this->getName();
}
+
+ public function isProtected()
+ {
+ return (
+ $this->id == ROOT_ID ||
+ $this->id == ANONYMOUS_ID ||
+ $this->id == AUTHENTICATED_ID ||
+ $this->id == ADMINISTRATOR_ID
+ );
+ }
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.ca/group/qubit-commits?hl=en
-~----------~----~----~----~------~----~------~--~---
