File ExtendedScaffold/Lib/ExtendedFieldsAccessControl.php

 1: <?php
 2: 
 3: App::uses('AccessControlComponent', 'AccessControl.Controller/Component');
 4: App::uses('ExtendedFieldsParser', 'ExtendedScaffold.Lib');
 5: App::uses('FieldSetDefinition', 'ExtendedScaffold.Lib');
 6: 
 7: class ExtendedFieldsAccessControl {
 8: 
 9:     public static function sessionUserHasFieldAccess(\FieldDefinition $field, $readOnly) {
10:         return self::_sessionUserHasAccessByOptions(
11:                         $field->getOptions()
12:                         , $readOnly
13:         );
14:     }
15: 
16:     public static function sessionUserHasFieldSetAccess(\FieldSetDefinition $fieldSet, $readOnly) {
17:         return self::_sessionUserHasAccessByOptions(
18:                         $fieldSet->getOptions()
19:                         , $readOnly
20:         );
21:     }
22: 
23:     private static function _sessionUserHasAccessByOptions($options, $readOnly) {
24:         $defaultAccess = self::_sessionUserAccess($options['accessObject'], $options['accessObjectType']);
25:         $readAccess = self::_sessionUserAccess($options['readAccessObject'], $options['accessObjectType']);
26:         $result = ($defaultAccess == 'allow') ||
27:                 ($defaultAccess == false && $readAccess != 'deny') ||
28:                 ($readOnly && $readAccess == 'allow');
29:         return $result;
30:     }
31: 
32:     private static function _sessionUserAccess($accessObject, $accessObjectType) {
33:         if ($accessObject) {
34:             $hasAccess = $accessObjectType ?
35:                     AccessControlComponent::sessionUserHasAccess(
36:                             $accessObject
37:                             , $accessObjectType
38:                     ) :
39:                     AccessControlComponent::sessionUserHasAccess(
40:                             $accessObject
41:             );
42:             return $hasAccess ? 'allow' : 'deny';
43:         } else {
44:             return false;
45:         }
46:     }
47: 
48:     public static function parseFieldsets($fieldsData, $readonly, $defaultModel = null) {
49:         $fieldSets = ExtendedFieldsParser::parseFieldsets($fieldsData, $defaultModel);
50:         $ret = array();
51:         foreach ($fieldSets as $fieldSet) {
52:             if ($acFieldSet = self::_buildFieldSet($fieldSet, $readonly)) {
53:                 $ret[] = $acFieldSet;
54:             }
55:         }
56:         return $ret;
57:     }
58: 
59:     private static function _buildFieldSet(\FieldSetDefinition $fieldSet, $readonly) {
60:         if (!self::sessionUserHasFieldSetAccess($fieldSet, $readonly)) {
61:             return null;
62:         }
63:         $lines = array();
64:         foreach ($fieldSet->getLines() as $line) {
65:             if ($acLine = self::_buildLine($line, $readonly)) {
66:                 $lines[] = $acLine;
67:             }
68:         }
69:         return empty($lines) ?
70:                 false :
71:                 new FieldSetDefinition($lines, $fieldSet->getOptions());
72:     }
73: 
74:     private static function _buildLine(\FieldRowDefinition $line, $readonly) {
75:         $acFields = array();
76:         foreach ($line->getFields() as $field) {
77:             if (self::sessionUserHasFieldAccess($field, $readonly)) {
78:                 $acFields[] = $field;
79:             }
80:         }
81:         return empty($acFields) ?
82:                 false :
83:                 new FieldRowDefinition($acFields);
84:     }
85: 
86: }
87:
Namespaces

Classes

Interfaces

Exceptions
