Menu
▾
▴
[Gemstracker-svn] SF.net SVN: gemstracker:[274] trunk/library/classes
|
From: <gem...@li...> - 2011-11-22 17:34:58
|
Revision: 274
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=274&view=rev
Author: matijsdejong
Date: 2011-11-22 17:34:49 +0000 (Tue, 22 Nov 2011)
Log Message:
-----------
Allow org switching for orgs accessible by others for #40
Modified Paths:
--------------
trunk/library/classes/Gems/Default/OrganizationAction.php
trunk/library/classes/Gems/User/OldStaffUserDefinition.php
trunk/library/classes/Gems/User/ProjectUserDefinition.php
trunk/library/classes/Gems/User/StaffUserDefinition.php
trunk/library/classes/Gems/User/User.php
trunk/library/classes/Gems/User/UserLoader.php
trunk/library/classes/GemsEscort.php
Modified: trunk/library/classes/Gems/Default/OrganizationAction.php
===================================================================
--- trunk/library/classes/Gems/Default/OrganizationAction.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/Default/OrganizationAction.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -52,6 +52,10 @@
{
$org = $this->loader->getOrganization($data['gor_id_organization']);
$org->invalidateCache();
+
+ // Make sure any changes in the allowed list are reflected.
+ $this->loader->getCurrentUser()->refreshAllowedOrganizations();
+
return parent::afterSave($data, $isNew);
}
Modified: trunk/library/classes/Gems/User/OldStaffUserDefinition.php
===================================================================
--- trunk/library/classes/Gems/User/OldStaffUserDefinition.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/User/OldStaffUserDefinition.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -148,7 +148,7 @@
// For a multi-layout project we need to select the appropriate style too,
// but as PATCHES may not be in effect we have to try two selects
$select2 = clone $select;
- $select2->columns(array('user_style' => 'gor_style', 'user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges'), 'gems__organizations');
+ $select2->columns(array('user_style' => 'gor_style', 'user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges', 'accessible_by' => 'gor_accessible_by'), 'gems__organizations');
try {
// Fails before patch has run...
Modified: trunk/library/classes/Gems/User/ProjectUserDefinition.php
===================================================================
--- trunk/library/classes/Gems/User/ProjectUserDefinition.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/User/ProjectUserDefinition.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -77,7 +77,6 @@
'user_organization_id' => $organization,
'user_organization_name' => 'SUPER ADMIN',
'user_allowed_ip_ranges' => $this->project->getSuperAdminIPRanges(),
- 'allowedOrgs' => array($organization => 'SUPER ADMIN')
);
}
}
\ No newline at end of file
Modified: trunk/library/classes/Gems/User/StaffUserDefinition.php
===================================================================
--- trunk/library/classes/Gems/User/StaffUserDefinition.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/User/StaffUserDefinition.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -193,9 +193,10 @@
->join('gems__groups', 'gsf_id_primary_group = ggp_id_group', array('user_role'=>'ggp_role', 'user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges'))
->join('gems__organizations', 'gul_id_organization = gor_id_organization',
array(
- 'user_organization_id'=>'gor_id_organization',
- 'user_organization_name'=>'gor_name',
- 'user_style' => 'gor_style'))
+ 'user_organization_id' => 'gor_id_organization',
+ 'user_organization_name' => 'gor_name',
+ 'user_style' => 'gor_style',
+ 'accessible_by' => 'gor_accessible_by'))
->joinLeft('gems__user_passwords', 'gul_id_user = gup_id_user',
array('user_password_reset' => 'gup_reset_required'))
->where('ggp_group_active = 1')
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/User/User.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -66,6 +66,12 @@
/**
*
+ * @var Zend_Db_Adapter_Abstract
+ */
+ protected $db;
+
+ /**
+ *
* @var Gems_User_UserDefinitionInterface
*/
protected $definition;
@@ -204,9 +210,9 @@
public function authenticate($formValues)
{
$auth = Gems_Auth::getInstance();
-
+
$formValues['allowed_ip_ranges'] = $this->getAllowedIPRanges();
-
+
$adapter = $this->definition->getAuthAdapter($formValues);
$authResult = $auth->authenticate($adapter, $formValues);
@@ -280,17 +286,33 @@
$this->setAsCurrentUser();
}
}
+
+ if (! $this->_hasVar('__allowedOrgs')) {
+ // Is always requested so no win in waiting.
+ $this->refreshAllowedOrganizations();
+ }
+
return true;
}
/**
+ * Returns the list of allowed IP ranges (separated by colon)
+ *
+ * @return string
+ */
+ public function getAllowedIPRanges()
+ {
+ return $this->_getVar('user_allowed_ip_ranges');
+ }
+
+ /**
* Get an array of OrgId => Org Name for all allowed organizations for the current loggedin user
*
* @return array
*/
public function getAllowedOrganizations()
{
- return $this->_getVar('allowedOrgs');
+ return $this->_getVar('__allowedOrgs');
}
/**
@@ -346,16 +368,6 @@
{
return $this->_getVar('user_group');
}
-
- /**
- * Returns the list of allowed IP ranges (separated by colon)
- *
- * @return string
- */
- public function getAllowedIPRanges()
- {
- return $this->_getVar('user_allowed_ip_ranges');
- }
/**
* The locale set for this user..
@@ -519,7 +531,18 @@
}
/**
+ * Returns true if the role of the current user has the given privilege
*
+ * @param string $privilege
+ * @return bool
+ */
+ public function hasPrivilege($privilege)
+ {
+ return (! $this->acl) || $this->acl->isAllowed($this->getRole(), null, $privilege);
+ }
+
+ /**
+ *
* @return boolean True when a user can log in.
*/
public function isActive()
@@ -558,6 +581,47 @@
}
/**
+ * Allowes a refresh of the existing list of organizations
+ * for this user.
+ *
+ * @return Gems_User_User (continuation pattern)
+ */
+ public function refreshAllowedOrganizations()
+ {
+ $sql = "SELECT gor_id_organization, gor_name FROM gems__organizations WHERE ";
+
+ // Privilege overrules organizational settings
+ if (! $this->hasPrivilege('pr.organization-switch')) {
+ if ($by = $this->_getVar('accessible_by')) {
+ $orgs = explode(':', trim($by, ':'));
+
+ if ($orgs) {
+ // Not to forget: the users own organization
+ $orgs[] = $this->getOrganizationId();
+
+ $sql .= "gor_id_organization IN (";
+ $sql .= implode(', ', $orgs);
+ $sql .= ") AND ";
+ } else {
+ $sql = false;
+ }
+ } else {
+ $sql = false;
+ }
+ }
+ if ($sql) {
+ $sql .= " gor_active = 1 ORDER BY gor_name";
+ $orgs = $this->db->fetchPairs($sql);
+ } else {
+ $orgs = array();
+ }
+
+ $this->_setVar('__allowedOrgs', $orgs);
+
+ return $this;
+ }
+
+ /**
* Check for password weakness.
*
* @param string $password
Modified: trunk/library/classes/Gems/User/UserLoader.php
===================================================================
--- trunk/library/classes/Gems/User/UserLoader.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/Gems/User/UserLoader.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -207,10 +207,6 @@
$values['user_active'] = true;
}
- if (! isset($values['allowedOrgs'])) {
- //Load the allowed organizations
- $values['allowedOrgs'] = $this->getAllowedOrganizations();
- }
$values['__user_definition'] = $defName;
return $this->_loadClass('User', true, array($values, $definition));
Modified: trunk/library/classes/GemsEscort.php
===================================================================
--- trunk/library/classes/GemsEscort.php 2011-11-22 15:59:21 UTC (rev 273)
+++ trunk/library/classes/GemsEscort.php 2011-11-22 17:34:49 UTC (rev 274)
@@ -795,7 +795,8 @@
*/
protected function _layoutOrganizationSwitcher() // Gems_Project_Organization_MultiOrganizationInterface
{
- if ($this->hasPrivilege('pr.organization-switch')) {
+ $user = $this->getLoader()->getCurrentUser();
+ if ($orgs = $user->getAllowedOrganizations()) {
// Organization switcher
$orgSwitch = MUtil_Html::create('div', array('id' => 'organizations'));
$currentUri = base64_encode($this->view->url());
@@ -805,9 +806,9 @@
'controller' => 'organization',
'action' => 'change-ui'), null, true);
$orgSwitch->raw('<form method="get" action="' . $url . '"><div><input type="hidden" name="current_uri" value="' . $currentUri . '" /><select name="org" onchange="javascript:this.form.submit();">');
- foreach ($this->getLoader()->getCurrentUser()->getAllowedOrganizations() as $id => $org) {
+ foreach ($orgs as $id => $org) {
$selected = '';
- if ($id == $this->session->user_organization_id) {
+ if ($id == $user->getOrganizationId()) {
$selected = ' selected="selected"';
} else {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
