[Fusionforge-commits] r9764 - trunk/gforge/common/include

Roland Mas lolando at libremir.placard.fr.eu.org
Fri May 21 09:40:56 CEST 2010


Author: lolando
Date: 2010-05-21 09:40:55 +0200 (Fri, 21 May 2010)
New Revision: 9764

Added:
   trunk/gforge/common/include/PFO-RBAC.php
   trunk/gforge/common/include/RBAC.php
Log:
Skeleton of an implementation for the API currently discussed

Added: trunk/gforge/common/include/PFO-RBAC.php
===================================================================
--- trunk/gforge/common/include/PFO-RBAC.php	                        (rev 0)
+++ trunk/gforge/common/include/PFO-RBAC.php	2010-05-21 07:40:55 UTC (rev 9764)
@@ -0,0 +1,103 @@
+<?php
+/**
+ * API for role-based access control
+ * Defined at Planetforge.org
+ *
+ * Copyright 2010, Roland Mas
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ * 
+ * FusionForge is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+
+// Constants for roles' “capabilities”
+define ("PFO_ROLE_CAP_EXPLICIT",  1) ;
+define ("PFO_ROLE_CAP_FORGEWIDE", 2) ;
+define ("PFO_ROLE_CAP_UNION",     4) ;
+define ("PFO_ROLE_CAP_ANONYMOUS", 8) ;
+define ("PFO_ROLE_CAP_LOGGEDIN", 16) ;
+
+// Constants to identify role classes
+define ("PFO_ROLE_STANDARD", PFO_ROLE_CAP_EXPLICIT) ;
+define ("PFO_ROLE_GLOBAL", PFO_ROLE_CAP_EXPLICIT | PFO_ROLE_CAP_FORGEWIDE) ;
+define ("PFO_ROLE_ANONYMOUS", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_ANONYMOUS) ;
+define ("PFO_ROLE_LOGGEDIN", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_LOGGEDIN) ;
+define ("PFO_ROLE_UNIONPROJECT", PFO_ROLE_CAP_UNION) ;
+define ("PFO_ROLE_UNIONGLOBAL", PFO_ROLE_CAP_FORGEWIDE | PFO_ROLE_CAP_UNION) ;
+
+// Interfaces for the capabilities
+interface PFO_BaseRole {
+	public function getName() ;
+	public function setName() ;
+	public function getID() ;
+	public function getUsers() ;
+	public function hasUser($user) ;
+	public function hasPermission($section, $reference, $permission) ;
+	public function normalizeData() ;
+	public function getSettings() ;
+	public function setSettings($data) ;
+	public function getLinkedProjects() ;
+}
+
+interface PFO_RoleExplicit extends PFO_BaseRole {
+	public function addUser($user) ;
+	public function removeUser($user) ;
+}
+
+interface PFO_RoleForgeWide extends PFO_BaseRole {
+	public function linkProject($project) ;
+	public function unlinkProject($project) ;
+
+}
+
+interface PFO_RoleUnion extends PFO_BaseRole {
+	public function addRole($role) ;
+	public function removeRole($role) ;
+}
+
+// Interfaces for the combination of capabilities
+
+interface PFO_RoleStandard extends PFO_RoleExplicit {
+	const role_caps = PFO_ROLE_STANDARD ;
+}
+
+interface PFO_RoleGlobal extends PFO_RoleExplicit {
+	const role_caps = PFO_ROLE_GLOBAL ;
+}
+
+interface PFO_RoleAnonymous extends PFO_RoleForgeWide {
+	const role_caps = PFO_ROLE_ANONYMOUS ;
+}
+
+interface PFO_RoleLoggedin extends PFO_RoleForgeWide {
+	const role_caps = PFO_ROLE_LOGGEDIN ;
+}
+
+interface PFO_RoleUnionProject extends PFO_RoleUnion {
+	const role_caps = PFO_ROLE_UNIONPROJECT ;
+}
+
+interface PFO_RoleUnionGlobal extends PFO_RoleForgeWide, PFO_RoleUnion {
+	const role_caps = PFO_ROLE_UNIONGLOBAL ;
+}
+
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>

Added: trunk/gforge/common/include/RBAC.php
===================================================================
--- trunk/gforge/common/include/RBAC.php	                        (rev 0)
+++ trunk/gforge/common/include/RBAC.php	2010-05-21 07:40:55 UTC (rev 9764)
@@ -0,0 +1,148 @@
+<?php
+/**
+ * FusionForge role-based access control
+ *
+ * Copyright 2004, GForge, LLC
+ * Copyright 2009-2010, Roland Mas
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ * 
+ * FusionForge is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+
+require "PFO-RBAC.php" ;
+
+// Code shared between classes
+
+abstract class Error {}
+
+abstract class BaseRole extends Error implements PFO_BaseRole {
+	public function getName() {
+		return $this->name ;
+	}
+	public function setName() {
+		return true ;
+	}
+	public function getID() {
+		return $this->ID ;
+	}
+	public function getUsers() {
+		return array () ;
+	}
+	public function hasUser($user) {
+		return false ;
+	}
+	public function hasPermission($section, $reference, $permission) {
+		return false ;
+	}
+	public function normalizeData() {
+		return true ;
+	}
+	public function getSettings() {
+		return array () ;
+	}
+	public function setSettings($data) {
+		return true ;
+	}
+	public function getLinkedProjects() {
+		return array () ;
+	}
+}
+
+abstract class BaseRoleGlobal extends BaseRole implements PFO_RoleForgeWide {
+	public function linkProject($project) {
+		return true ;
+	}
+	public function unlinkProject($project) {
+		return true ;
+	}
+}
+
+// Actual classes
+
+class RoleStandard extends BaseRole implements PFO_RoleStandard {
+	public function addUser($user) {
+		return true ;
+	}
+	public function removeUser($user) {
+		return true ;
+	}
+	public function getUsers() {
+		return array () ;
+	}
+	public function getProject() {
+		return false ;
+	}
+}
+
+class RoleGlobal extends BaseRoleGlobal implements PFO_RoleGlobal {
+	public function addUser($user) {
+		return true ;
+	}
+	public function removeUser($user) {
+		return true ;
+	}
+}
+
+class RoleAnonymous extends BaseRoleGlobal implements PFO_RoleAnonymous {
+	public function getName () {
+		return _('Anonymous/not logged in') ;
+	}
+	public function setName ($name) {
+		throw new Exception ("Can't setName() on RoleAnonymous") ;
+	}
+}
+
+class RoleLoggedIn extends BaseRoleGlobal implements PFO_RoleLoggedIn {
+	public function getName () {
+		return _('Any user logged in') ;
+	}
+	public function setName ($name) {
+		throw new Exception ("Can't setName() on RoleLoggedIn") ;
+	}
+}
+
+class RoleUnionProject extends BaseRole implements PFO_RoleUnionProject {
+	public function addRole ($role) {
+		return true ;
+	}
+	public function removeRole ($role) {
+		return true ;
+	}
+}
+
+class RoleUnionGlobal extends BaseRoleGlobal implements PFO_RoleUnionGlobal {
+	public function addRole ($role) {
+		return true ;
+	}
+	public function removeRole ($role) {
+		return true ;
+	}
+}
+
+$rs = new RoleStandard () ;
+$rg = new RoleGlobal () ;
+$ra = new RoleAnonymous () ;
+$rl = new RoleLoggedIn () ;
+$rup = new RoleUnionProject () ;
+$rug = new RoleUnionGlobal () ;
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>




More information about the Fusionforge-commits mailing list