Merge in from pre_0.1 branch

git-svn-id: file:///svn-source/pmgr/trunk/site@847 97e9348a-65ac-dc4b-aefc-98561f571b83
2009-09-15 02:38:28 +00:00
parent 7b3707ef89
commit cc12d5ff93
128 changed files with 4126 additions and 1330 deletions
--- a/models/permission.php
+++ b/models/permission.php
@@ -0,0 +1,105 @@
+<?php
+class Permission extends AppModel {
+
+  var $hasMany =
+    array('PermissionValue',
+	  );
+
+  var $knows =
+    array('User', 'Site', 'Group');
+
+  static $permission_set = array();
+
+  function getAll($name, $force = false) {
+/*     $this->prClassLevel(30); */
+/*     $this->PermissionValue->prClassLevel(30); */
+/*     $this->Group->Membership->prClassLevel(30); */
+/*     $this->PermissionValue->SitePermission->prClassLevel(30); */
+/*     $this->PermissionValue->UserPermission->prClassLevel(30); */
+/*     $this->PermissionValue->GroupPermission->prClassLevel(30); */
+/*     $this->PermissionValue->DefaultPermission->prClassLevel(30); */
+    $this->prEnter(compact('name'));
+
+    if (!empty(self::$permission_set[$name]) && !$force)
+      return $this->prReturn(self::$permission_set[$name]);
+
+    self::$permission_set[$name] = array();
+
+    $site_id   = $this->Site->currentSiteId();
+    $user_id   = $this->User->currentUserId();
+    $group_ids = $this->Group->currentGroupIds();
+
+/*     $site_id = 1; */
+/*     $user_id = 2; */
+/*     $group_ids = $this->Group->groupIds($user_id, $site_id); */
+
+    if (empty($group_ids)) {
+      self::$permission_set[$name][$name][] = array('access' => 'DENY', 'level' => null);
+      $site_id = null;
+      $user_id = null;
+    }
+
+    if (!empty($site_id))
+      self::$permission_set[$name] =
+	array_merge(self::$permission_set[$name],
+		    $this->PermissionValue->SitePermission->values($site_id, $name));
+
+    if (!empty($user_id))
+      self::$permission_set[$name] =
+	array_merge(self::$permission_set[$name],
+		    $this->PermissionValue->UserPermission->values($user_id, $name));
+
+    if (!empty($group_ids)) {
+      self::$permission_set[$name] =
+	array_merge(self::$permission_set[$name],
+		    $this->PermissionValue->GroupPermission->values($group_ids, $name));
+
+      self::$permission_set[$name] =
+	array_merge(self::$permission_set[$name],
+		    $this->PermissionValue->DefaultPermission->values($name));
+
+      self::$permission_set[$name][] = array('access' => 'ALLOW', 'level' => null);
+    }
+
+    return $this->prReturn(self::$permission_set[$name]);
+  }
+
+  function get($name) {
+    $this->prEnter(compact('name'));
+
+    // REVISIT <AP>: 20090827
+    //  This is a pretty crappy algorithm.  How do we decide whether DENY really
+    //  means DENY, or whether an ALLOW has priority.  
+    //  Oh well, it works for now...
+    
+    $values = $this->getAll($name);
+    $result = array_shift($values);
+
+    foreach ($values AS $value)
+      if (empty($result['level']) || (!empty($value['level']) && $value['level'] < $result['level']))
+	$result['level'] = $value['level'];
+
+    if ($result['access'] !== 'ALLOW')
+      $result['level'] = 9999999;
+
+    return $this->prReturn($result);
+  }
+
+  function allow($name) {
+    $this->prEnter(compact('name'));
+    $result = $this->get($name);
+    return $this->prReturn($result['access'] === 'ALLOW');
+  }
+
+  function deny($name) {
+    $this->prEnter(compact('name'));
+    return $this->prReturn(!$this->allow($name));
+  }
+
+  function level($name) {
+    $this->prEnter(compact('name'));
+    $result = $this->get($name);
+    return $this->prReturn($result['level']);
+  }
+
+}