[Fusionforge-commits] r10630 - in trunk/src: common/include www/my

Roland Mas lolando at libremir.placard.fr.eu.org
Wed Sep 22 16:22:13 CEST 2010


Author: lolando
Date: 2010-09-22 16:22:13 +0200 (Wed, 22 Sep 2010)
New Revision: 10630

Modified:
   trunk/src/common/include/User.class.php
   trunk/src/www/my/index.php
   trunk/src/www/my/rmproject.php
Log:
Use RBAC to determine what projects a user is a member of

Modified: trunk/src/common/include/User.class.php
===================================================================
--- trunk/src/common/include/User.class.php	2010-09-22 14:06:12 UTC (rev 10629)
+++ trunk/src/common/include/User.class.php	2010-09-22 14:22:13 UTC (rev 10630)
@@ -1140,10 +1140,23 @@
 	 *	@return array	Array of groups.
 	 */
 	function &getGroups() {
-		$res = db_query_params ('SELECT group_id FROM user_group WHERE user_id=$1',
-					array ($this->getID())) ;
-		$arr =& util_result_column_to_array($res,0);	
-		return group_get_objects($arr);
+
+		if (USE_PFO_RBAC) {
+			$roles = RBACEngine::getInstance()->getAvailableRolesForUser ($this) ;
+			$ids = array () ;
+			foreach ($roles as $r) {
+				if ($r instanceof RoleExplicit
+				    && $r->getHomeProject() != NULL) {
+					$ids[] = $r->getHomeProject()->getID() ;
+				}
+			}
+			return group_get_objects(array_unique($ids)) ;
+		} else {
+			$res = db_query_params ('SELECT group_id FROM user_group WHERE user_id=$1',
+						array ($this->getID())) ;
+			$arr =& util_result_column_to_array($res,0);	
+			return group_get_objects($arr);
+		}
 	}
 
 	/**

Modified: trunk/src/www/my/index.php
===================================================================
--- trunk/src/www/my/index.php	2010-09-22 14:06:12 UTC (rev 10629)
+++ trunk/src/www/my/index.php	2010-09-22 14:22:13 UTC (rev 10630)
@@ -396,39 +396,38 @@
 	$order_name_arr[]=_('Remove');
 	$order_name_arr[]=_('My Projects');
 	$order_name_arr[]=_('My Roles');
-    echo $HTML->listTableTop($order_name_arr);
+	echo $HTML->listTableTop($order_name_arr);
+	
+	$groups = $user->getGroups() ;
 
-	// Include both groups and foundries; developers should be similarly
-	// aware of membership in either.
-	$result = db_query_params ('SELECT groups.group_name,groups.group_id,groups.unix_group_name,groups.status,groups.type_id,user_group.admin_flags,role.role_name
-		FROM groups,user_group,role 
-		WHERE groups.group_id=user_group.group_id 
-		AND user_group.user_id=$1
-		AND groups.status=$2 
-		AND user_group.role_id=role.role_id 
-		ORDER BY group_name',
-				   array (user_getid(),
-					  'A')) ;
-	$rows=db_numrows($result);
-	if (!$result || $rows < 1) {
+	if (count ($groups) < 1) {
 		echo '<tr><td colspan="3"><strong>'._('You\'re not a member of any active projects').'</strong></td></tr>';
-		echo db_error();
 	} else {
-		for ($i=0; $i<$rows; $i++) {
-			$admin_flags = db_result($result, $i, 'admin_flags');
-			if (stristr($admin_flags, 'A')) {
-				$img="trash-x.png";
-			} else {
-				$img="trash.png";
+		$roles = RBACEngine::getInstance()->getAvailableRolesForUser ($user) ;
+		foreach ($groups as $g) {
+			$bestrole = NULL ;
+			$img="trash.png";
+			foreach ($roles as $r) {
+				if ($r instanceof RoleExplicit
+				    && $r->getHomeProject() != NULL
+				    && $r->getHomeProject()->getID() == $g->getID()) {
+					$bestrole = $r ;
+					if ($r->hasPermission ('project_admin', $g->getID())) {
+						$img="trash-x.png";
+						break ;
+					}
+				}
 			}
 			echo '
 			<tr '. $HTML->boxGetAltRowStyle($i) .'><td class="align-center">' ;
-			echo util_make_link ("/my/rmproject.php?group_id=" . db_result($result,$i,'group_id'),
+			echo util_make_link ("/my/rmproject.php?group_id=" . $g->getID(),
 					     '<img src="'.$HTML->imgroot.'ic/'.$img.'" alt="'._('Delete').'" height="16" width="16" border="0" />') ;
 
 			echo '</td>
-			<td>'.util_make_link_g (db_result($result,$i,'unix_group_name'),db_result($result,$i,'group_id'),db_result($result,$i,'group_name')).'</td>
-			<td>'. htmlspecialchars(db_result($result,$i,'role_name')) .'</td></tr>';
+			<td>'.util_make_link_g ($g->getUnixName(),$g->getID(),$g->getPublicName()).'</td>
+			<td>'. htmlspecialchars($r->getName()) .'</td></tr>';
+
+
 		}
 	}
 	echo $HTML->listTableBottom();

Modified: trunk/src/www/my/rmproject.php
===================================================================
--- trunk/src/www/my/rmproject.php	2010-09-22 14:06:12 UTC (rev 10629)
+++ trunk/src/www/my/rmproject.php	2010-09-22 14:22:13 UTC (rev 10630)
@@ -40,6 +40,30 @@
 	exit_error($group->getErrorMessage(),'my');
 }
 
+/*
+	Main code
+*/
+
+$roles = RBACEngine::getInstance()->getAvailableRolesForUser (session_get_user()) ;
+
+$isadmin = false ;
+foreach ($roles as $r) {
+	if ($r instanceof RoleExplicit
+	    && $r->getHomeProject() != NULL
+	    && $r->getHomeProject()->getID() == $group_id
+	    && $r->hasPermission ('project_admin', $group_id)) {
+		$isadmin = true ;
+	}
+}
+
+
+if ($isadmin) {
+	exit_error(
+		sprintf (_('You cannot remove yourself from this project, because you are admin of it. You should ask other admin to reset your admin privilege first. If you are the only admin of the project, please consider posting availability notice to <a href="%s">Help Wanted Board</a> and be ready to pass admin privilege to interested party.'),
+			 util_make_url ("/people/")
+			) ,'my');
+}
+
 if (getStringFromRequest('confirm')) {
 
 	$user_id = user_getid();
@@ -52,17 +76,6 @@
 
 }
 
-/*
-	Main code
-*/
-
-if (forge_check_perm ('project_admin', $group_id)) {
-	exit_error(
-		sprintf (_('You cannot remove yourself from this project, because you are admin of it. You should ask other admin to reset your admin privilege first. If you are the only admin of the project, please consider posting availability notice to <a href="%s">Help Wanted Board</a> and be ready to pass admin privilege to interested party.'),
-			 util_make_url ("/people/")
-			) ,'my');
-}
-
 site_user_header(array('title'=>_('Quitting Project')));
 
 echo '
@@ -92,4 +105,9 @@
 
 site_user_footer(array());
 
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
 ?>




More information about the Fusionforge-commits mailing list