[icinga-checkins] icinga.org: icinga-web/mfriedrich/fixes: * Groupprovider show own groups to all authenticated users

git at icinga.org git at icinga.org
Mon Jan 10 09:04:59 CET 2011


Module: icinga-web
Branch: mfriedrich/fixes
Commit: 955170c34197f0b6fcbe411947bf130fedebbeaa
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=955170c34197f0b6fcbe411947bf130fedebbeaa

Author: Marius Hein <marius.hein at netways.de>
Date:   Mon Dec 20 16:01:58 2010 +0100

* Groupprovider show own groups to all authenticated users
* Fixes in group model for n:m relation

---

 .../DataProvider/GroupProviderAction.class.php     |    2 +-
 app/modules/AppKit/lib/database/models/NsmRole.php |    2 +-
 app/modules/AppKit/models/RoleAdminModel.class.php |   15 ++++--
 .../GroupProviderSuccessView.class.php             |   58 ++++++++++++--------
 4 files changed, 48 insertions(+), 29 deletions(-)

diff --git a/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php b/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
index aa488e2..0500217 100755
--- a/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
+++ b/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
@@ -24,7 +24,7 @@ class AppKit_DataProvider_GroupProviderAction extends AppKitBaseAction
 	}
 	
 	public function getCredentials() {
-		return array ('appkit.admin', 'appkit.admin.groups', 'icinga_user');
+		return null;
 	}
 	
 	public function executeRead(AgaviRequestDataHolder $rd) {
diff --git a/app/modules/AppKit/lib/database/models/NsmRole.php b/app/modules/AppKit/lib/database/models/NsmRole.php
index 09147b3..8b24a45 100755
--- a/app/modules/AppKit/lib/database/models/NsmRole.php
+++ b/app/modules/AppKit/lib/database/models/NsmRole.php
@@ -13,7 +13,7 @@ class NsmRole extends BaseNsmRole
 
 		parent::setUp();
 
-		$this->hasMany('NsmUser', array (	'local'		=> 'usro_role_id',
+		$this->hasMany('NsmUser', array (	'local'		=> 'usro_user_id',
 											'foreign'	=> 'usro_role_id',
 											'refClass'	=> 'NsmUserRole'));
 
diff --git a/app/modules/AppKit/models/RoleAdminModel.class.php b/app/modules/AppKit/models/RoleAdminModel.class.php
index 02f1386..239f10d 100755
--- a/app/modules/AppKit/models/RoleAdminModel.class.php
+++ b/app/modules/AppKit/models/RoleAdminModel.class.php
@@ -44,21 +44,28 @@ class AppKit_RoleAdminModel extends AppKitBaseModel
 	 * @param numeric $limit
 	 * @param string $sort
 	 * @param boolean $asc
+	 * @param boolean $own
 	 * 
 	 * @return Doctrine_Collection
 	 * @author Jannis Mosshammer
 	 */
-	public function getRoleCollectionInRange($disabled=false,$start = 0,$limit=25,$sort= null,$asc = true) {
+	public function getRoleCollectionInRange($disabled=false,$start = 0,$limit=25,$sort= null,$asc = true,$own=false) {
 		$query = Doctrine_Query::create()
-		->from("NsmRole")
+		->select('r.*')
+		->from("NsmRole r")
 		->limit($limit)
 		->offset($start);
 		if($sort)
-			$query->orderBy($sort." ".($asc ? 'ASC' : 'DESC'));
+			$query->orderBy('r.' . $sort." ".($asc ? 'ASC' : 'DESC'));
 		
 		if ($disabled === false) {
-			$query->andWhere('role_disabled=?', array(0));
+			$query->andWhere('r.role_disabled=?', array(0));
+		}
+		
+		if ($own == true) {
+			$query->innerJoin('r.NsmUser u WITH user_id=?', $this->getContext()->getUser()->getNsmUser()->user_id);
 		}
+		
 		return $query->execute();
 	}	
 	
diff --git a/app/modules/AppKit/views/DataProvider/GroupProviderSuccessView.class.php b/app/modules/AppKit/views/DataProvider/GroupProviderSuccessView.class.php
index 225a0bd..b981892 100755
--- a/app/modules/AppKit/views/DataProvider/GroupProviderSuccessView.class.php
+++ b/app/modules/AppKit/views/DataProvider/GroupProviderSuccessView.class.php
@@ -11,32 +11,44 @@ class AppKit_DataProvider_GroupProviderSuccessView extends AppKitBaseView
 		$limit = $rd->getParameter('limit',false);
 		$sort = $rd->getParameter('sort',false);
 		$asc = ($rd->getParameter('dir','ASC') == 'ASC');
-		$result;
-		// return a single user when an id is provided
-		if($groupId) {
-			$group = $roleadmin->getRoleById($groupId);
-			$role_users = array();
-			if(!$group instanceof NsmRole)
-				return "{}";
+		
+		$result = array ();
+		
+		$user = $this->getContext()->getUser();
+		
+		if ($user->hasCredential('appkit.admin') == false && $user->hasCredential('appkit.admin.groups') == false) {
+			$result = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc, true)->toArray();
 			
-			foreach($group->NsmUser as $user) {
-				$id =  $user->get("user_id");
-				$name = $user->get("user_name");
-				$role_users[] = array("user_id"=>$id,"user_name"=>$name);
+			var_dump($result);
+		}
+		else {
+			// return a single user when an id is provided
+			if($groupId) {
+				$group = $roleadmin->getRoleById($groupId);
+				$role_users = array();
+				if(!$group instanceof NsmRole)
+					return "{}";
+				
+				foreach($group->NsmUser as $user) {
+					$id =  $user->get("user_id");
+					$name = $user->get("user_name");
+					$role_users[] = array("user_id"=>$id,"user_name"=>$name);
+				}
+				
+				$result = $group->toArray();
+				$result["users"] = $role_users;
+			} else {	//return list of all users if no id is provided
+	
+				if($start === false || $limit === false)
+					$groups = $roleadmin->getRoleCollection($disabled)->toArray();
+				else 
+					$groups = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc)->toArray();
+				$result = array();	
+				$result = $groups;
 			}
-			
-			$result = $group->toArray();
-			$result["users"] = $role_users;
-		} else {	//return list of all users if no id is provided
-
-			if($start === false || $limit === false)
-				$groups = $roleadmin->getRoleCollection($disabled)->toArray();
-			else 
-				$groups = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc)->toArray();
-			$result = array();	
-			$result = $groups;
 		}
-		return json_encode(array("roles" => $result, "totalCount" => $roleadmin->getRoleCount($disabled)));
+		
+		return json_encode(array("roles" => $result, "totalCount" => count($result), 'success' => true));
 	}
 	
 	public function executeHtml(AgaviRequestDataHolder $rd)





More information about the icinga-checkins mailing list