All Data Structures Functions Variables Pages
NamedSecurableItem.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
38  {
43  public $allowChangePermissionsRegardlessOfUser = false;
44 
50  public static function getByName($name)
51  {
52  assert('is_string($name)');
53  assert('$name != ""');
54  try
55  {
56  // not using default value to save cpu cycles on requests that follow the first exception.
57  return GeneralCache::getEntry('NamedSecurableItem' . $name);
58  }
59  catch (NotFoundException $e)
60  {
61  $bean = ZurmoRedBean::findOne('namedsecurableitem', "name = :name ", array(':name' => $name));
62  assert('$bean === false || $bean instanceof RedBean_OODBBean');
63  if ($bean === false)
64  {
65  $model = new NamedSecurableItem();
66  $model->unrestrictedSet('name', $name);
67  }
68  else
69  {
70  $model = self::makeModel($bean);
71  }
72  }
73  GeneralCache::cacheEntry('NamedSecurableItem' . $name, $model);
74  return $model;
75  }
76 
77  public static function getDefaultMetadata()
78  {
79  $metadata = parent::getDefaultMetadata();
80  $metadata[__CLASS__] = array(
81  'members' => array(
82  'name',
83  ),
84  'rules' => array(
85  array('name', 'required'),
86  array('name', 'unique'),
87  array('name', 'type', 'type' => 'string'),
88  array('name', 'length', 'min' => 1, 'max' => 64),
89  )
90  );
91  return $metadata;
92  }
93 
94  public static function isTypeDeletable()
95  {
96  return true;
97  }
98 
103  public function save($runValidation = true, array $attributeNames = null)
104  {
105  $saved = parent::save($runValidation, $attributeNames);
106  if ($saved)
107  {
108  GeneralCache::cacheEntry('NamedSecurableItem' . $this->name, $this);
109  }
110  return $saved;
111  }
112 
117  public function getActualPermissions($permitable = null)
118  {
119  assert('$permitable === null || $permitable instanceof Permitable');
120  if ($permitable === null)
121  {
122  $permitable = Yii::app()->user->userModel;
123  if (!$permitable instanceof User)
124  {
125  throw new NoCurrentUserSecurityException();
126  }
127  }
128  if ($this->name != null)
129  {
130  try
131  {
132  return PermissionsCache::getNamedSecurableItemActualPermissions($this->name, $permitable);
133  }
134  catch (NotFoundException $e)
135  {
136  $actualPermissions = parent::getActualPermissions($permitable);
137  }
138  PermissionsCache::cacheNamedSecurableItemActualPermissions($this->name, $permitable, $actualPermissions);
139  return $actualPermissions;
140  }
141  return parent::getActualPermissions($permitable);
142  }
143 
151  {
152  return (bool)Yii::app()->params['processNamedSecurableActualPermissionsAsNonOptimized'];
153  }
154 
160  public function __get($attributeName)
161  {
162  if ($attributeName == 'name')
163  {
164  return $this->unrestrictedGet('name');
165  }
166  return parent::__get($attributeName);
167  }
168 
177  public function checkPermissionsHasAnyOf($requiredPermissions, User $user = null)
178  {
179  assert('is_int($requiredPermissions)');
180  if ($user == null)
181  {
182  $user = Yii::app()->user->userModel;
183  }
184  $effectivePermissions = $this->getEffectivePermissions($user);
185  if (($effectivePermissions & $requiredPermissions) == 0)
186  {
187  if ($this->allowChangePermissionsRegardlessOfUser)
188  {
189  //Do nothing. Allow override permission.
190  }
191  else
192  {
193  throw new AccessDeniedSecurityException($user, $requiredPermissions, $effectivePermissions);
194  }
195  }
196  }
197  }
198 ?>
static cacheNamedSecurableItemActualPermissions($namedSecurableItemName, $permitable, $actualPermissions, $cacheToDatabase=true)
Definition: User.php:37
checkPermissionsHasAnyOf($requiredPermissions, User $user=null)
static getNamedSecurableItemActualPermissions($namedSecurableItemName, $permitable)
save($runValidation=true, array $attributeNames=null)
getActualPermissions($permitable=null)
Generated on Tue Feb 25 2020 07:10:37