Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
soap_api_permission_role_service.inc
1 <?php
18 require_once SQ_PACKAGES_PATH.'/web_services/api/soap_api/soap_api.inc';
19 
31 class Soap_Api_Permission_Role_Service extends Soap_Api
32 {
33 
34 
41  function __construct($assetid=0)
42  {
43  parent::__construct($assetid);
44 
45  }//end constructor
46 
47 
55  public function getFunctionList()
56  {
57  return Array(
58  'HasAccess' => '1',
59  'GetPermission' => '1',
60  'GetRole' => '1',
61  'SetPermission' => '1',
62  'SetRole' => '1',
63  );
64 
65  }//end getFunctionList()
66 
67 
82  function HasAccess($request)
83  {
84  $request_info = (Array) $request;
85  $assetid = array_get_index($request_info, 'AssetID', '');
86  $access_level = $this->array_get_index_restricted_value($request_info, 'PermissionLevel', '');
87 
88  if (!empty($assetid) && !empty($access_level)) {
89  $asset = $GLOBALS['SQ_SYSTEM']->am->getAsset($assetid);
90  $access_func_call = strtolower($access_level)."Access";
91  $access = $asset->$access_func_call();
92  return Array (
93  'HasAccessResult' => (bool) $access,
94  );
95  } else {
96  throw new SoapFault('Server', 'Asset ID or Access Level is not valid. Please provide a valid AssetID and Access Level');
97  }//end else
98 
99  }//end HasAccess()
100 
101 
119  function SetPermission($request)
120  {
121  $request_info = (Array) $request;
122  $assetid = array_get_index($request_info, 'AssetID', '');
123  $userid = array_get_index($request_info, 'UserID', '');
124  $permission = $this->array_get_index_restricted_value($request_info, 'PermissionLevel', '');
125  $cascade = self::getBooleanIndex($request_info, 'Cascade', TRUE);
126  $grant = $this->array_get_index_restricted_value($request_info, 'Grant', ''); // Apply, Deny, Revoke = 1, 0, -1
127  $grant_level = Array (
128  'Apply' => '1',
129  'Deny' => '0',
130  'Revoke' => '-1',
131  );
132 
133  $grant_val = $grant_level[$grant]; // We are not going check if isset index, the WSDL should check the input values for $grant
134  $perm_level = self::getPermValue($permission);
135  $auto_cascade = array_get_index($request_info, 'Cascade', '1');
136 
137  if (!empty($assetid) && !empty($userid) && !empty($permission)) {
138  $hh = $GLOBALS['SQ_SYSTEM']->getHipoHerder();
139  $running_vars = Array (
140  'permission_changes' => Array (
141  Array (
142  'assetids' => Array ( $assetid),
143  'granted' => $grant_val,
144  'permission' => $perm_level,
145  'userid' => $userid,
146  'cascades' => $auto_cascade,
147  'previous_access' => NULL,
148  'dependants_only' => !($cascade && $auto_cascade),
149  ),
150  ),
151  );
152  $errors = $hh->freestyleHipo('hipo_job_edit_permissions', $running_vars);
153  if (empty($errors)) {
154  return Array (
155  'SetPermissionResult' => TRUE,
156  );
157  } else {
158  throw new SoapFault('Server', 'Unable to set Permission on Asset');
159  }//end else
160  } else {
161  throw new SoapFault('Server', 'Asset ID or Permission Level or User ID is not valid');
162  }//end else
163  }//end SetPermission()
164 
165 
184  function GetPermission($request)
185  {
186  $request_info = (Array) $request;
187  $assetid = array_get_index($request_info, 'AssetID', '');
188  $perm_level = $this->array_get_index_restricted_value($request_info, 'PermissionLevel', '');
189  $granted = self::getNullIndex($request_info, 'Granted', NULL);
190  $and_greater = self::getBooleanIndex($request_info, 'AndGreater', FALSE);
191  $expand_groups = self::getBooleanIndex($request_info, 'ExpandGroups', FALSE);
192  $all_info = self::getBooleanIndex($request_info, 'AllInfo', FALSE);
193  $collapse_roles = self::getBooleanIndex($request_info, 'CollapseRoles', FALSE);
194 
195  $perm_level = self::getPermValue($perm_level);
196  if (!empty($assetid) && !empty($perm_level)) {
197  $permission_list = $GLOBALS['SQ_SYSTEM']->am->getPermission($assetid, $perm_level, $granted, $and_greater, $expand_groups, $all_info, $collapse_roles);
198  $final_result = Array();
199  $i = 0;
200  foreach ($permission_list as $key => $value) {
201  if ($all_info) {
202  $final_result[$i]['UserID'] = $key;
203  $final_result[$i]['Grant'] = $value;
204  } else {
205  $final_result[$i]['UserID'] = $value;
206  }//end else
207  $i++;
208  }//end if
209  return Array (
210  'GetPermissionResult' => $final_result,
211  );
212  } else {
213  throw new SoapFault('Server', 'Asset ID or Access Level is not valid. Please provide a valid AssetID and Access Level');
214  }//end else
215 
216  }//end GetPermission()
217 
218 
238  function GetRole($request)
239  {
240  $request_info = (Array) $request;
241  $assetid = self::getNullIndex($request_info, 'AssetID', NULL);
242  $roleid = self::getNullIndex($request_info, 'RoleID', NULL);
243  $userid = self::getNullIndex($request_info, 'UserID', NULL);
244  $include_assetid = self::getBooleanIndex($request_info, 'IncludeAssetID', FALSE);
245  $include_globals = self::getBooleanIndex($request_info, 'IncludeGlobals', FALSE);
246  $include_dependants = self::getBooleanIndex($request_info, 'IncludeDependants', TRUE);
247  $expand_groups = self::getBooleanIndex($request_info, 'ExpandGroups', FALSE);
248 
249  $role_list = $GLOBALS['SQ_SYSTEM']->am->getRole($assetid, $roleid, $userid, $include_assetid, $include_globals, $expand_groups, $include_dependants);
250  $role_list_result = Array();
251  $i = 0;
252 
253  foreach ($role_list as $role_id => $user_info) {
254  if ($include_assetid) {
255  foreach ($user_info as $userid => $assetid_info) {
256  $role_list_result[$i]['RoleID'] = $role_id;
257  $role_list_result[$i]['UserID'] = $userid;
258  $role_list_result[$i]['AssetID'] = $assetid_info[0];
259  $i++;
260  }//end foreach
261  } else {
262  if (count($user_info > 1)) {
263  foreach ($user_info as $index => $userid) {
264  $role_list_result[$i]['RoleID'] = $role_id;
265  $role_list_result[$i]['UserID'] = $userid;
266  $i++;
267  }//end foreach
268  } else {
269  $role_list_result[$i]['RoleID'] = $role_id;
270  $role_list_result[$i]['UserID'] = $user_info[0];
271  }//end else
272  }//end else
273  $i++;
274  }//end foreach
275 
276  return Array (
277  'GetRoleResult' => $role_list_result,
278  );
279 
280  }//end GetRole()
281 
282 
301  function SetRole($request)
302  {
303  $request_info = (Array) $request;
304  $assetid = self::getNullIndex($request_info, 'AssetID', NULL);
305  $roleid = self::getNullIndex($request_info, 'RoleID', NULL);
306  $userid = self::getNullIndex($request_info, 'UserID', NULL);
307  $action = self::getNullIndex($request_info, 'Action', NULL);
308  $global_role = self::getBooleanIndex($request_info, 'GlobalRole', FALSE);
309  $cascade = self::getBooleanIndex($request_info, 'Cascade', TRUE);
310 
311  if (!empty($assetid) && !empty($roleid)) {
312  $hh = $GLOBALS['SQ_SYSTEM']->getHipoHerder();
313  $asset = $GLOBALS['SQ_SYSTEM']->am->getAsset($assetid);
314  $action = strtolower($action);
315  if ($global_role) {
316  $userid = 0;
317  }//end if
318  if ($userid === NULL) {
319  throw new SoapFault('Server', 'Please Provide User ID');
320  } else {
321  // Check that this is a user, but only if it is not global role assignment
322  if ($userid !== 0) {
323  $user = $GLOBALS['SQ_SYSTEM']->am->getAsset($userid);
324  if (!($user instanceof User)) {
325  throw new SoapFault('Server', 'The provided User ID does not belong to a User');
326  }//end if
327  }//end if
328  }//end
329 
330  if ($roleid === NULL) {
331  throw new SoapFault('Server', 'Please Provide Role ID');
332  } else {
333  // Check that this is a role
334  $role = $GLOBALS['SQ_SYSTEM']->am->getAsset($roleid);
335  if (!($role instanceof Role)) {
336  throw new SoapFault('Server', 'The provided Role ID does not belong to a Role');
337  }//end if
338  }//end else
339 
340  if ($action == 'delete') {
341  // Check that there is something to delete
342  $user_role = $GLOBALS['SQ_SYSTEM']->am->getRole($assetid, $roleid, $userid);
343  if (empty($user_role)) {
344  throw new SoapFault('Server', 'No such Role ID #'.$roleid.' for User ID #'.$userid);
345  }//end if
346  }//end if
347 
348  $role_vars = Array (
349  $action => Array (
350  $roleid => Array (
351  $userid,
352  ),
353  ),
354  );
355  $running_vars = Array(
356  'assets' => Array (
357  $assetid => Array (
358  'type_code' => $asset->type(),
359  ),
360  ),
361  'role_changes' => $role_vars,
362  );
363 
364  $errors = $hh->freestyleHipo('hipo_job_edit_roles', $running_vars);
365  if (empty($errors)) {
366  return Array (
367  'SetRoleResult' => TRUE,
368  );
369  } else {
370  throw new SoapFault('Server', 'Unable to set Permission on Asset');
371  }//end else
372  } else {
373  throw new SoapFault('Server', 'Asset ID or Access Level is not valid. Please provide a valid AssetID and Access Level');
374  }//end else
375 
376  }//end SetRole()
377 
378 
379  private static function getPermValue($permission)
380  {
381  $perm_level = Array (
382  'Read' => '1',
383  'Write' => '2',
384  'Admin' => '3',
385  );
386 
387  if (empty($permission) || !isset($perm_level[$permission])) return NULL;
388 
389  return $perm_level[$permission];
390 
391  }//end getPermValue()
392 
393 
400  public static function getComplexElements($func_list=Array())
401  {
402  $role_details = self::getArgType('RoleDetail', 0, 'unbounded');
403  $permission_type = self::getArgType('PermissionLevel', 1, 1);
404  $grant_type = self::getArgType('Grant', 1, 1);
405  $role_action = self::getArgType('RoleActionType', 1, 1);
406  $permission_detail = self::getArgType('PermissionDetail', 0, 'unbounded');
407 
408  $complex_types = Array (
409  'HasAccess' => Array (
410  'HasAccess' => Array (
411  'AssetID' => self::$string_non_optional,
412  'PermissionLevel' => $permission_type,
413  ),
414  'HasAccessResponse' => Array (
415  'HasAccessResult' => self::$boolean_optional,
416  ),
417  ),
418  'SetPermission' => Array (
419  'SetPermission' => Array (
420  'AssetID' => self::$string_non_optional,
421  'UserID' => self::$string_non_optional,
422  'PermissionLevel' => $permission_type,
423  'Grant' => $grant_type,
424  'Cascade' => self::$boolean_optional,
425  ),
426  'SetPermissionResponse' => Array (
427  'SetPermissionResult' => self::$string_optional,
428  ),
429  ),
430  'GetPermission' => Array (
431  'GetPermission' => Array (
432  'AssetID' => self::$string_non_optional,
433  'PermissionLevel' => $permission_type,
434  'Granted' => self::$boolean_optional,
435  'AndGreater' => self::$boolean_optional,
436  'ExpandGroups' => self::$boolean_optional,
437  'AllInfo' => self::$boolean_optional,
438  'CollapseRoles' => self::$boolean_optional,
439  ),
440  'GetPermissionResponse' => Array (
441  'GetPermissionResult' => $permission_detail,
442  ),
443  ),
444  'GetRole' => Array (
445  'GetRole' => Array (
446  'AssetID' => self::$string_optional,
447  'RoleID' => self::$string_optional,
448  'UserID' => self::$string_optional,
449  'IncludeAssetID' => self::$string_optional,
450  'IncludeGlobals' => self::$string_optional,
451  'ExpandGroups' => self::$string_optional,
452  'IncludeDependants' => self::$string_optional,
453  ),
454  'GetRoleResponse' => Array (
455  'GetRoleResult' => $role_details,
456  ),
457  ),
458  'SetRole' => Array (
459  'SetRole' => Array (
460  'AssetID' => self::$string_non_optional,
461  'RoleID' => self::$string_non_optional,
462  'UserID' => self::$string_optional,
463  'Action' => $role_action,
464  'GlobalRole' => self::$boolean_optional,
465  ),
466  'SetRoleResponse' => Array (
467  'SetRoleResult' => self::$boolean_optional,
468  ),
469  ),
470  );
471 
472  $complex_types_available = parent::getComplexElements($complex_types);
473 
474  return $complex_types_available;
475 
476 
477  }//end getComplexElements();
478 
479 
486  public static function getComplexTypes($func_list=Array())
487  {
488 
489  $complex_types = Array (
490  'GetRole' => Array (
491  'RoleDetail' => Array (
492  'RoleID' => self::$string_optional,
493  'UserID' => self::$string_optional,
494  'AssetID' => self::$string_optional,
495  ),
496  ),
497  'GetPermission' => Array (
498  'PermissionDetail' => Array (
499  'UserID' => self::$string_optional,
500  'Grant' => self::$string_optional,
501  ),
502  ),
503  );
504 
505  $complex_types_available = parent::getComplexElements($complex_types);
506 
507  return $complex_types_available;
508 
509  }//end getComplexTypes()
510 
511 
518  public static function getSimpleRestrictedTypes($func_list=Array())
519  {
520 
521  $access_level = Array (
522  'restriction_base' => 'string',
523  'enumeration' => Array (
524  'Read', 'Write', 'Admin'
525  ),
526  );
527  $simple_restricted_types = Array (
528  'HasAccess' => Array (
529  'PermissionLevel' => $access_level,
530  ),
531  'SetPermission' => Array (
532  'PermissionLevel' => $access_level,
533  'Grant' => Array (
534  'restriction_base' => 'string',
535  'enumeration' => Array (
536  'Apply', 'Deny', 'Revoke',
537  ),
538  ),
539  ),
540  'SetRole' => Array (
541  'RoleActionType' => Array (
542  'restriction_base' => 'string',
543  'enumeration' => Array (
544  'Add', 'Delete',
545  ),
546  ),
547  ),
548  );
549 
550  $simple_restricted_types_available = parent::processSimpleRestrictedTypes($simple_restricted_types);
551 
552  return $simple_restricted_types_available;
553 
554  }//end getSimpleRestrictedTypes()
555 
556 
557 }//end class
558 ?>