HCE Project DC service web UI  0.2
Hierarchical Cluster Engine DC service web UI
 All Classes Namespaces Files Functions Variables Pages
Rights.php
Go to the documentation of this file.
1 <?php
12 class Rights
13 {
14  const PERM_NONE = 0;
15  const PERM_DIRECT = 1;
16  const PERM_INHERITED = 2;
17 
18  private static $_m;
19  private static $_a;
20 
32  public static function assign($itemName, $userId, $bizRule = null, $data = null)
33  {
34  $authorizer = self::getAuthorizer();
35 
36  return $authorizer->authManager->assign($itemName, $userId, $bizRule, $data);
37  }
38 
47  public static function revoke($itemName, $userId)
48  {
49  $authorizer = self::getAuthorizer();
50 
51  return $authorizer->authManager->revoke($itemName, $userId);
52  }
53 
63  public static function getAssignedRoles($userId = null, $sort = true)
64  {
65  $user = Yii::app()->getUser();
66  if ($userId === null && $user->isGuest === false) {
67  $userId = $user->id;
68  }
69 
70  $authorizer = self::getAuthorizer();
71 
72  return $authorizer->getAuthItems(CAuthItem::TYPE_ROLE, $userId, null, $sort);
73  }
74 
80  public static function getBaseUrl()
81  {
82  $module = self::module();
83 
84  return Yii::app()->createUrl($module->baseUrl);
85  }
86 
92  public static function getAuthItemOptions()
93  {
94  return array(
95  CAuthItem::TYPE_OPERATION => Rights::t('core', 'Operation'),
96  CAuthItem::TYPE_TASK => Rights::t('core', 'Task'),
97  CAuthItem::TYPE_ROLE => Rights::t('core', 'Role'),
98  );
99  }
100 
108  public static function getAuthItemTypeName($type)
109  {
110  $options = self::getAuthItemOptions();
111  if (isset($options[ $type ]) === true) {
112  return $options[ $type ];
113  } else {
114  throw new CException(Rights::t('core', 'Invalid authorization item type.'));
115  }
116  }
117 
125  public static function getAuthItemTypeNamePlural($type)
126  {
127  switch ((int) $type) {
128  case CAuthItem::TYPE_OPERATION: return Rights::t('core', 'Operations');
129  case CAuthItem::TYPE_TASK: return Rights::t('core', 'Tasks');
130  case CAuthItem::TYPE_ROLE: return Rights::t('core', 'Roles');
131  default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
132  }
133  }
134 
142  public static function getAuthItemRoute($type)
143  {
144  switch ((int) $type) {
145  case CAuthItem::TYPE_OPERATION: return array('authItem/operations');
146  case CAuthItem::TYPE_TASK: return array('authItem/tasks');
147  case CAuthItem::TYPE_ROLE: return array('authItem/roles');
148  default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
149  }
150  }
151 
159  public static function getValidChildTypes($type)
160  {
161  switch ((int) $type) {
162  // Roles can consist of any type of authorization items
163  case CAuthItem::TYPE_ROLE: return;
164  // Tasks can consist of other tasks and operations
165  case CAuthItem::TYPE_TASK: return array(CAuthItem::TYPE_TASK, CAuthItem::TYPE_OPERATION);
166  // Operations can consist of other operations
167  case CAuthItem::TYPE_OPERATION: return array(CAuthItem::TYPE_OPERATION);
168  // Invalid type
169  default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
170  }
171  }
172 
182  public static function getAuthItemSelectOptions($type = null, $exclude = array())
183  {
184  $authorizer = self::getAuthorizer();
185  $items = $authorizer->getAuthItems($type, null, null, true, $exclude);
186 
187  return self::generateAuthItemSelectOptions($items, $type);
188  }
189 
200  public static function getParentAuthItemSelectOptions(CAuthItem $parent, $type = null, $exclude = array())
201  {
202  $authorizer = self::getAuthorizer();
203  $items = $authorizer->getAuthItems($type, null, $parent, true, $exclude);
204 
205  return self::generateAuthItemSelectOptions($items, $type);
206  }
207 
216  protected static function generateAuthItemSelectOptions($items, $type)
217  {
218  $selectOptions = array();
219 
220  // We have multiple types, nest the items under their types
221  if ($type !== (int) $type) {
222  foreach ($items as $itemName => $item) {
223  $selectOptions[ self::getAuthItemTypeNamePlural($item->type) ][ $itemName ] = $item->getNameText();
224  }
225  }
226  // We have only one type
227  else {
228  foreach ($items as $itemName => $item) {
229  $selectOptions[ $itemName ] = $item->getNameText();
230  }
231  }
232 
233  return $selectOptions;
234  }
235 
243  public static function getDataCsrf()
244  {
245  return ($csrf = self::getCsrfParam()) !== null ? ', '.$csrf : '';
246  }
247 
254  public static function getCsrfParam()
255  {
256  if (Yii::app()->request->enableCsrfValidation === true) {
257  $csrfTokenName = Yii::app()->request->csrfTokenName;
258  $csrfToken = Yii::app()->request->csrfToken;
259 
260  return "'$csrfTokenName':'$csrfToken'";
261  } else {
262  return;
263  }
264  }
265 
270  public static function powered()
271  {
272  $module = self::module();
273 
274  return 'Secured with <a href="http://www.yiiframework.com/extension/rights" rel="external">Rights</a> version '.$module->getVersion().'.';
275  }
276 
280  public static function module()
281  {
282  if (isset(self::$_m) === false) {
283  self::$_m = self::findModule();
284  }
285 
286  return self::$_m;
287  }
288 
298  private static function findModule(CModule $module = null)
299  {
300  if ($module === null) {
301  $module = Yii::app();
302  }
303 
304  if (($m = $module->getModule('rights')) !== null) {
305  return $m;
306  }
307 
308  foreach ($module->getModules() as $id => $c) {
309  if (($m = self::findModule($module->getModule($id))) !== null) {
310  return $m;
311  }
312  }
313 
314  return;
315  }
316 
320  public static function getAuthorizer()
321  {
322  if (isset(self::$_a) === false) {
323  self::$_a = self::module()->getAuthorizer();
324  }
325 
326  return self::$_a;
327  }
328 
341  public static function t($category, $message, $params = array(), $source = null, $language = null)
342  {
343  return Yii::t('RightsModule.'.$category, $message, $params, $source, $language);
344  }
345 }