All Data Structures Functions Variables Pages
RightsUtil.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
40  class RightsUtil
41  {
45  public static function getAllModuleRightsDataByPermitable(Permitable $permitable)
46  {
47  $data = array();
48  $modules = Module::getModuleObjects();
49  foreach ($modules as $module)
50  {
51  if ($module instanceof SecurableModule)
52  {
53  $moduleClassName = get_class($module);
54  $rights = $moduleClassName::getRightsNames();
55  $rightLabels = $moduleClassName::getTranslatedRightsLabels();
56  $reflectionClass = new ReflectionClass($moduleClassName);
57  if (!empty($rights))
58  {
59  $rightsData = array();
60  foreach ($rights as $right)
61  {
62  if (!isset($rightLabels[$right]))
63  {
64  throw new NotSupportedException($right);
65  }
66  $explicit = $permitable->getExplicitActualRight ($moduleClassName, $right);
67  $inherited = $permitable->getInheritedActualRight($moduleClassName, $right);
68  $effective = $permitable->getEffectiveRight ($moduleClassName, $right);
69  $constants = $reflectionClass->getConstants();
70  $constantId = array_search($right, $constants);
71  $rightsData[$constantId] = array(
72  'displayName' => $rightLabels[$right],
73  'explicit' => RightsUtil::getRightStringFromRight($explicit),
74  'inherited' => RightsUtil::getRightStringFromRight($inherited),
75  'effective' => RightsUtil::getRightStringFromRight($effective),
76  );
77  }
78  $data[$moduleClassName] = ArrayUtil::subValueSort($rightsData, 'displayName', 'asort');
79  }
80  }
81  }
82  return $data;
83  }
84 
85  protected static function getRightStringFromRight($right)
86  {
87  if ($right == Right::DENY || $right == Right::ALLOW)
88  {
89  return $right;
90  }
91  return null;
92  }
93 
103  public static function canUserAccessModule($moduleClassName, $user)
104  {
105  assert('$user instanceof User');
106  assert('$moduleClassName != null && is_string($moduleClassName)');
107  assert('is_subclass_of($moduleClassName, "Module")');
108  if (is_subclass_of($moduleClassName, 'SecurableModule'))
109  {
110  $rightName = $moduleClassName::getAccessRight();
111  return self::doesUserHaveAllowByRightName($moduleClassName, $rightName, $user);
112  }
113  return true;
114  }
115 
121  public static function doesUserHaveAllowByRightName($moduleClassName, $rightName, $user)
122  {
123  assert('$moduleClassName != null && is_string($moduleClassName)');
124  assert('$rightName == null || is_string($rightName)');
125 
126  if ($rightName == null)
127  {
128  return true;
129  }
130  assert('$user instanceof User');
131  return Right::ALLOW == $user->getEffectiveRight($moduleClassName, $rightName);
132  }
133 
141  public static function cacheAllRightsByPermitable(Permitable $permitable)
142  {
143  $modules = Module::getModuleObjects();
144  foreach ($modules as $module)
145  {
146  if ($module instanceof SecurableModule)
147  {
148  $moduleClassName = get_class($module);
149  $rights = $moduleClassName::getRightsNames();
150  $rightLabels = $moduleClassName::getTranslatedRightsLabels();
151  if (!empty($rights))
152  {
153  foreach ($rights as $right)
154  {
155  if (!isset($rightLabels[$right]))
156  {
157  throw new NotSupportedException($right);
158  }
159  $permitable->getActualRight ($moduleClassName, $right);
160  }
161  }
162  }
163  }
164  }
165  }
166 ?>
static cacheAllRightsByPermitable(Permitable $permitable)
Definition: RightsUtil.php:141
getExplicitActualRight($moduleName, $rightName)
Definition: Permitable.php:112
static doesUserHaveAllowByRightName($moduleClassName, $rightName, $user)
Definition: RightsUtil.php:121
static getModuleObjects()
Definition: Module.php:51
static subValueSort($array, $subKey, $sortFunctionName)
Definition: ArrayUtil.php:153
getInheritedActualRight($moduleName, $rightName)
Definition: Permitable.php:171
getEffectiveRight($moduleName, $rightName)
Definition: Permitable.php:63
static canUserAccessModule($moduleClassName, $user)
Definition: RightsUtil.php:103
getActualRight($moduleName, $rightName)
Definition: Permitable.php:78
static getAllModuleRightsDataByPermitable(Permitable $permitable)
Definition: RightsUtil.php:45
Generated on Wed Apr 8 2020 07:10:46