All Data Structures Functions Variables Pages
ZurmoControllerUtil.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
41  {
47  public static function updatePermissionsWithDefaultForModelByUser(SecurableItem $model, User $user)
48  {
49  if ($model instanceof SecurableItem && count($model->permissions) === 0)
50  {
51  // we use a dummy SecurableItem here because we don't care about 'owner' in permission array;
52  // using SecurableItem here even when the actual model is OwnedSecurableItem would not cause
53  // any unintended behavior.
54  // If we use $model here and $model is SecurableItem but not OwnedSecurableItem we might
55  // would have to unset($postData['owner']);
56  $postData = static::resolveUserDefaultPermissionsForCurrentUser(new SecurableItem());
57  $explicitReadWritePermissions = self::resolveAndMakeExplicitReadWriteModelPermissions($postData, $model);
59  $explicitReadWritePermissions);
60  if (!$updated)
61  {
62  throw new NotSupportedException();
63  }
64  }
65  }
66 
67  public static function resolveUserDefaultPermissionsForCurrentUser(RedBeanModel $model = null)
68  {
69  return static::resolveUserDefaultPermissionsByUser(Yii::app()->user->userModel, $model);
70  }
71 
72  public static function resolveUserDefaultPermissionsByUser(User $user, RedBeanModel $model = null)
73  {
75  $nonEveryoneGroup = UserConfigurationFormAdapter::resolveAndGetValue($user,
76  'defaultPermissionGroupSetting', false);
78  $defaultPermissionSettings);
79  $explicitReadWriteModelPermissions = compact('type', 'nonEveryoneGroup');
80  $permissions = compact('explicitReadWriteModelPermissions');
81  if ($model === null || $model instanceof OwnedSecurableItem)
82  {
83  $owner = array('id' => $user->id);
84  $permissions = compact('owner', 'explicitReadWriteModelPermissions');
85  }
86  return $permissions;
87  }
88 
93  {
94  static::updatePermissionsWithDefaultForModelByUser($model, Yii::app()->user->userModel);
95  }
96 
97  /*
98  * @param array $postData
99  * @param $model
100  * @param bool $savedSuccessfully
101  * @param string $modelToStringValue
102  * @return OwnedSecurableItem
103  */
104  public function saveModelFromPost($postData, $model, & $savedSuccessfully, & $modelToStringValue, $returnOnValidate = false)
105  {
106  $dataSanitizerClassName = $this->getDataSanitizerUtilClassName();
107  $sanitizedPostData = $dataSanitizerClassName::sanitizePostByDesignerTypeForSavingModel(
108  $model, $postData);
109  return $this->saveModelFromSanitizedData($sanitizedPostData, $model, $savedSuccessfully, $modelToStringValue, $returnOnValidate);
110  }
111 
119  public function saveModelFromSanitizedData($sanitizedData, $model, & $savedSuccessfully, & $modelToStringValue, $returnOnValidate)
120  {
121  //note: the logic for ExplicitReadWriteModelPermission might still need to be moved up into the
122  //post method above, not sure how this is coming in from API.
123  $explicitReadWriteModelPermissions = static::resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData,
124  $model);
126  removeIfExistsFromPostData($sanitizedData);
127 
128  $dataSanitizerClassName = $this->getDataSanitizerUtilClassName();
129  $sanitizedOwnerData = $dataSanitizerClassName::sanitizePostDataToJustHavingElementForSavingModel(
130  $readyToUseData, 'owner');
131  $sanitizedDataWithoutOwner = $dataSanitizerClassName::removeElementFromPostDataForSavingModel(
132  $readyToUseData, 'owner');
133  $model->setAttributes($sanitizedDataWithoutOwner);
134  $this->afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions);
135  if ($explicitReadWriteModelPermissions instanceof ExplicitReadWriteModelPermissions)
136  {
137  $model->setExplicitReadWriteModelPermissionsForWorkflow($explicitReadWriteModelPermissions);
138  }
139  $isDataValid = $model->validate();
140  if ($returnOnValidate)
141  {
142  return $model;
143  }
144  elseif ($isDataValid)
145  {
146  $modelToStringValue = strval($model);
147  if ($sanitizedOwnerData != null)
148  {
149  $model->setAttributes($sanitizedOwnerData);
150  }
151  if ($model instanceof OwnedSecurableItem)
152  {
153  $passedOwnerValidation = $model->validate(array('owner'));
154  }
155  else
156  {
157  $passedOwnerValidation = true;
158  }
159  if ($passedOwnerValidation && $model->save(false))
160  {
161  if ($model instanceof SecurableItem)
162  {
163  $model->clearExplicitReadWriteModelPermissionsForWorkflow();
164  }
165  if ($model instanceof Item)
166  {
167  $oldScenario = $model->getScenario();
168  $model->setScenario('doNotSetModifiedDateTimeOrUser');
169  }
170  if ($explicitReadWriteModelPermissions != null)
171  {
173  resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
174  //todo: handle if success is false, means adding/removing permissions save failed.
175  }
176  if ($model instanceof Item)
177  {
178  $model->setScenario($oldScenario);
179  }
180  $savedSuccessfully = true;
181  $this->afterSuccessfulSave($model);
182  }
183  }
184  else
185  {
186  }
187  return $model;
188  }
189 
190  protected static function resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model)
191  {
192  if ($model instanceof SecurableItem)
193  {
195  }
196  else
197  {
198  return null;
199  }
200  }
201 
202  protected function afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions)
203  {
204  }
205 
206  protected function afterSuccessfulSave($model)
207  {
208  }
209 
215  public function validateAjaxFromPost($model, $postVariableName)
216  {
217  $savedSuccessfully = false;
218  $modelToStringValue = null;
219  if (isset($_POST[$postVariableName]))
220  {
221  $postData = $_POST[$postVariableName];
222  $model = $this->saveModelFromPost($postData, $model, $savedSuccessfully,
223  $modelToStringValue, true);
224  //$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
225  $errorData = ZurmoActiveForm::
226  makeErrorsDataAndResolveForOwnedModelAttributesAndHasOneRelations($model);
227  echo CJSON::encode($errorData);
228  Yii::app()->end(0, false);
229  }
230  }
231 
232  protected function getDataSanitizerUtilClassName()
233  {
234  return 'PostUtil';
235  }
236  }
237 ?>
static resolveAndGetDefaultPermissionSetting(User $user)
saveModelFromSanitizedData($sanitizedData, $model, &$savedSuccessfully, &$modelToStringValue, $returnOnValidate)
static resolveByPostDataAndModelThenMake($postData, SecurableItem $securableItem)
static resolveExplicitReadWriteModelPermissions(SecurableItem $securableItem, ExplicitReadWriteModelPermissions $explicitReadWriteModelPermissions, $validate=false)
Definition: User.php:37
validateAjaxFromPost($model, $postVariableName)
static updatePermissionsWithDefaultForModelByUser(SecurableItem $model, User $user)
Definition: Item.php:37
static updatePermissionsWithDefaultForModelByCurrentUser(SecurableItem $model)
static resolveAndGetValue(User $user, $key, $returnBoolean=true)
Generated on Thu Apr 9 2020 07:10:46