0011758: allow creation of apps only by defining model: initial rights
authorPhilipp Schüle <p.schuele@metaways.de>
Mon, 4 Jul 2016 12:05:20 +0000 (14:05 +0200)
committerPhilipp Schüle <p.schuele@metaways.de>
Tue, 5 Jul 2016 11:57:20 +0000 (13:57 +0200)
* create initial rights for applications without APP_Setup_Initialize

https://forge.tine20.org/view.php?id=11758

Change-Id: I952a37ce42a080ab9f74b2270db3acc31df28e1f
Reviewed-on: http://gerrit.tine20.com/customers/3301
Tested-by: Jenkins CI (http://ci.tine20.com/)
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>
tine20/Addressbook/Setup/Initialize.php
tine20/Admin/Setup/Initialize.php
tine20/Expressomail/Setup/Initialize.php
tine20/Felamimail/Setup/Initialize.php
tine20/Filemanager/Setup/Initialize.php
tine20/Setup/Controller.php
tine20/Setup/Initialize.php
tine20/Tinebase/Controller/Abstract.php
tine20/Tinebase/ModelConfiguration.php
tine20/Tinebase/Setup/Initialize.php

index 6509a9b..20380fa 100644 (file)
@@ -154,25 +154,25 @@ class Addressbook_Setup_Initialize extends Setup_Initialize
             )),
         ))));
     }
-    
+
     /**
-     * Override method because this app requires special rights
-     * @see tine20/Setup/Setup_Initialize#_createInitialRights($_application)
-     * 
+     * init grants of internal addressbook
+     *
+     * @throws Tinebase_Exception_AccessDenied
+     * @throws Tinebase_Exception_InvalidArgument
      */
-    protected function _createInitialRights(Tinebase_Model_Application $_application)
+    protected function _initializeInternalAddressbook()
     {
-        parent::_createInitialRights($_application);
-
         $groupsBackend = Tinebase_Group::factory(Tinebase_Group::SQL);
         $adminGroup = $groupsBackend->getDefaultAdminGroup();
-        
+
         // give anyone read rights to the internal addressbook
         // give Administrators group read/edit/admin rights to the internal addressbook
-        Tinebase_Container::getInstance()->addGrants($this->_getInternalAddressbook(), Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE, '0', array(
+        $internalAddressbook = $this->_getInternalAddressbook();
+        Tinebase_Container::getInstance()->addGrants($internalAddressbook, Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE, '0', array(
             Tinebase_Model_Grants::GRANT_READ
         ), TRUE);
-        Tinebase_Container::getInstance()->addGrants($this->_getInternalAddressbook(), Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP, $adminGroup, array(
+        Tinebase_Container::getInstance()->addGrants($internalAddressbook, Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP, $adminGroup, array(
             Tinebase_Model_Grants::GRANT_READ,
             Tinebase_Model_Grants::GRANT_EDIT,
             Tinebase_Model_Grants::GRANT_ADMIN
index 105841b..9220a33 100644 (file)
@@ -19,13 +19,13 @@ class Admin_Setup_Initialize extends Setup_Initialize
     
     /**
      * Override method because admin app requires special rights
-     * @see tine20/Setup/Setup_Initialize#_createInitialRights($_application)
+     * @see tine20/Setup/Setup_Initialize::createInitialRights($_application)
      * 
      * @todo make hard coded role name ('admin role') configurable
      */
-    protected function _createInitialRights(Tinebase_Model_Application $_application)
+    public static function createInitialRights(Tinebase_Model_Application $_application)
     {
-        //do not call parent::_createInitialRights(); because this app is fopr admins only
+        //do not call parent::createInitialRights(); because this app is for admins only
         
         $roles = Tinebase_Acl_Roles::getInstance();
         $adminRole = $roles->getRoleByName('admin role');
index 78c1cd0..c3ff04f 100644 (file)
@@ -21,7 +21,7 @@ class Expressomail_Setup_Initialize extends Setup_Initialize
     *
     * @var array
     */
-    protected $_userRoleRights = array(
+    static protected $_userRoleRights = array(
         Tinebase_Acl_Rights::RUN,
         Expressomail_Acl_Rights::MANAGE_ACCOUNTS,
     );
index 12384bd..8b08be9 100644 (file)
 class Felamimail_Setup_Initialize extends Setup_Initialize
 {
     /**
-    * array with user role rights, overwrite this in your app to add more rights to user role
+    * array with user role rights
     *
     * @var array
     */
-    protected $_userRoleRights = array(
+    static protected $_userRoleRights = array(
         Tinebase_Acl_Rights::RUN,
         Felamimail_Acl_Rights::MANAGE_ACCOUNTS,
     );
index 58e6c00..d1ad8f8 100644 (file)
 class Filemanager_Setup_Initialize extends Setup_Initialize
 {
     /**
-     * 
      * init folders
      */
     public function _initializeFolders(Tinebase_Model_Application $_application, $_options = null)
     {
         // initialize folders for installed apps
         foreach (Tinebase_Application::getInstance()->getApplications() as $app) {
-            $reflectionClass = new ReflectionClass($app->name . '_Setup_Initialize');
-            $methods = $reflectionClass->getMethods();
-            foreach ($methods as $method) {
-                $methodName = $method->name;
-                if ($method->name == '_initializeFilemanagerFolder') {
-                    Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Initializing filemanager folder for application: ' . $app->name);
-                    $class = $reflectionClass->newInstance();
-                    $class->_initializeFilemanagerFolder($app);
+            $initializeClass = $app->name . '_Setup_Initialize';
+            if (class_exists($initializeClass)) {
+                $reflectionClass = new ReflectionClass($initializeClass);
+                $methods = $reflectionClass->getMethods();
+                foreach ($methods as $method) {
+                    $methodName = $method->name;
+                    if ($method->name == '_initializeFilemanagerFolder') {
+                        Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Initializing filemanager folder for application: ' . $app->name);
+                        $class = $reflectionClass->newInstance();
+                        $class->_initializeFilemanagerFolder($app);
+                    }
                 }
             }
-         }
+        }
     }
 }
index 1173bf6..27a0580 100644 (file)
@@ -1055,8 +1055,7 @@ class Setup_Controller
         if (count($allGroupListIds) > 0) {
             $listsSQLBackend->delete($allGroupListIds);
         }
-        
-        
+
         $roles = Tinebase_Acl_Roles::getInstance();
         $roles->deleteAllRoles();
         
index 0b38d60..04f2265 100644 (file)
@@ -22,7 +22,7 @@ class Setup_Initialize
      * 
      * @var array
      */
-    protected $_userRoleRights = array(
+    static protected $_userRoleRights = array(
         Tinebase_Acl_Rights::RUN
     );
     
@@ -39,19 +39,20 @@ class Setup_Initialize
         $classname = "{$applicationName}_Setup_Initialize";
 
         if (class_exists($classname)) {
-            $instance = new $classname;
-
             Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Initializing application: ' . $applicationName);
 
+            $instance = new $classname;
             $instance->_initialize($_application, $_options);
         } else {
-            Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Skipping init of application: '
+            Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Skipping custom init of application: '
                 . $applicationName . '. Class ' . $classname . ' not found.');
+
+            self::createInitialRights($_application);
         }
     }
     
     /**
-     * Call {@see _createInitialRights} on an instance of the concrete Setup_Initialize class for the given {@param $_application}  
+     * Call {@see createInitialRights} on an instance of the concrete Setup_Initialize class for the given {@param $_application}
      * 
      * @param Tinebase_Model_Application $_application
      * @param array | optional $_options
@@ -62,7 +63,7 @@ class Setup_Initialize
         $applicationName = $_application->name;
         $classname = "{$applicationName}_Setup_Initialize";
         $instance = new $classname;
-        $instance->_createInitialRights($_application);
+        $instance::createInitialRights($_application);
     }
     
     /**
@@ -74,14 +75,15 @@ class Setup_Initialize
      */
     protected function _initialize(Tinebase_Model_Application $_application, $_options = null)
     {
-        $this->_createInitialRights($_application);
-        
+        self::initializeApplicationRights($_application);
+
         $reflectionClass = new ReflectionClass($this);
         $methods = $reflectionClass->getMethods();
         foreach ($methods as $method) {
             $methodName = $method->name;
             if (strpos($methodName, '_initialize') === 0 && $methodName !== '_initialize') {
-                Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Calling init function ' . get_class($this) . '::' . $methodName);
+                Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Calling init function '
+                    . get_class($this) . '::' . $methodName);
                 
                 $this->$methodName($_application, $_options);
             }
@@ -96,10 +98,13 @@ class Setup_Initialize
      * @param Tinebase_Application $application
      * @return void
      */
-    protected function _createInitialRights(Tinebase_Model_Application $_application)
+    public static function createInitialRights(Tinebase_Model_Application $_application)
     {
+        Setup_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Creating initial rights for application '
+            . $_application->name);
+
         $allRights = Tinebase_Application::getInstance()->getAllRights($_application->getId());
-        $userRights = $this->_userRoleRights;
+        $userRights = static::$_userRoleRights;
         
         if (in_array(Tinebase_Acl_Rights::USE_PERSONAL_TAGS, $allRights)) {
             $userRights[] = Tinebase_Acl_Rights::USE_PERSONAL_TAGS;
index 294dd0f..909e339 100755 (executable)
@@ -296,7 +296,7 @@ abstract class Tinebase_Controller_Abstract extends Tinebase_Pluggable_Abstract
         if ($MCV2only) {
             $md = new Tinebase_Record_DoctrineMappingDriver();
             $MCv2Models = array();
-            foreach($models as $model) {
+            foreach ((array)$this->_models as $model) {
                 if ($md->isTransient($model)) {
                     $MCv2Models[] = $model;
                 }
index 5d5f115..0a6369c 100644 (file)
@@ -1078,7 +1078,8 @@ class Tinebase_ModelConfiguration {
                 try {
                     // prepend table name to id prop because of ambiguous ids
                     // TODO find a better way to get table name, maybe we should put it in the modelconfig?
-                    $backend = Tinebase_Core::getApplicationInstance($this->_applicationName, $this->_modelName)->getBackend();
+                    $backend = Tinebase_Core::getApplicationInstance(
+                        $this->_applicationName, $this->_modelName, /* $_ignoreACL */ true)->getBackend();
                     $tableName = $backend->getTableName();
                     $this->_filterModel['customfield'] = array(
                         'filter' => 'Tinebase_Model_Filter_CustomField', 
index 5e22d43..23e192e 100644 (file)
@@ -23,7 +23,7 @@ class Tinebase_Setup_Initialize extends Setup_Initialize
      *
      * @var array
      */
-    protected $_userRoleRights = array(
+    static protected $_userRoleRights = array(
         Tinebase_Acl_Rights::RUN,
         Tinebase_Acl_Rights::REPORT_BUGS,
         Tinebase_Acl_Rights::MANAGE_OWN_STATE,