PHP Factory::getProjectService方法代码示例

/**
 * Retrieves the NGIS to be added and then add them.
 * @return null 
*/
function submit()
{
    require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
    //Get user details (for the remove ngi function so it can check permissions)
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    //Get a project and NGI services
    $projectServ = \Factory::getProjectService();
    $ngiServ = \Factory::getNgiService();
    //Get the posted service type data
    $projectId = $_REQUEST['ID'];
    $ngiIds = $_REQUEST['NGIs'];
    //turn ngiIds into NGIs
    $ngis = new Doctrine\Common\Collections\ArrayCollection();
    foreach ($ngiIds as $ngiId) {
        $ngis[] = $ngiServ->getNgi($ngiId);
    }
    //get the project
    $project = $projectServ->getProject($projectId);
    try {
        //function will throw error if user does not have the correct permissions
        $projectServ->addNgisToProject($project, $ngis, $user);
        $params = array('Name' => $project->getName(), 'ID' => $project->getId(), 'NGIs' => $ngis);
        show_view("project/added_ngis.php", $params, "Success");
    } catch (Exception $e) {
        show_view('error.php', $e->getMessage());
        die;
    }
}

function show_all_projects()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    $projects = \Factory::getProjectService()->getProjects();
    $params['Projects'] = $projects;
    show_view('project/view_all.php', $params, "Projects");
}

function delete_project()
{
    if (true) {
        throw new Exception("Project deletion is disabled - see controller to enable");
    }
    if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
        throw new Exception("An id must be specified");
    }
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    //Check the portal is not in read only mode, returns exception if it is and user is not an admin
    checkPortalIsNotReadOnlyOrUserIsAdmin($user);
    //Get the project from the id
    $serv = \Factory::getProjectService();
    $project = $serv->getProject($_REQUEST['id']);
    //keep the name to display later
    $params['Name'] = $project->getName();
    // Delete the project. This fuction will check the user is allowed to
    // perform this action and throw an error if not (only gocdb admins allowed).
    // Project deletion does not delete child NGIs and automatically cascade
    // deletes the user Roles over the OwnedEntity.
    try {
        $serv->deleteProject($project, $user);
    } catch (\Exception $e) {
        show_view('error.php', $e->getMessage());
        die;
    }
    show_view("project/deleted_project.php", $params, $params['Name'] . 'deleted');
}

function CheckCurrentUserCanEditProject(\Project $project)
{
    require_once __DIR__ . '/../../web_portal/components/Get_User_Principle.php';
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $enablingRoles = \Factory::getProjectService()->authorizeAction('ACTION_EDIT_OBJECT', $project, $user);
    if (count($enablingRoles) == 0) {
        throw new Exception("You do not have a role that enables you to edit this project");
    }
}

/**
 * Retrieves the new project's data from a portal request and submit it to the
 * services layer's project functions.
 * @return null
 */
function submit()
{
    require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
    //Get the posted NGI data
    $newValues = getProjectDataFromWeb();
    //get the user data for the add NGI function (so it can check permissions)
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    try {
        //function will through error if user does not have the correct permissions
        $project = \Factory::getProjectService()->addProject($newValues, $user);
        $params = array('Name' => $project->getName(), 'ID' => $project->getId());
        show_view("admin/added_project.php", $params);
    } catch (Exception $e) {
        show_view('error.php', $e->getMessage());
        die;
    }
}

/**
 * Retrieves the project edit from a portal request and submit it to the
 * services layer's vsite functions.
 * @param \User $user Current user
 * @return null
 */
function submit(\User $user = null)
{
    require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
    //get the post data
    $newValues = getProjectDataFromWeb();
    //get the project service and the project being edited
    $serv = \Factory::getProjectService();
    $unalteredProject = $serv->getProject($newValues['ID']);
    try {
        //function will throw error if user does not have the correct permissions
        $alteredProject = $serv->editProject($unalteredProject, $newValues, $user);
        $params = array('Name' => $alteredProject->getName(), 'Description' => $alteredProject->getDescription(), 'ID' => $alteredProject->getId());
        show_view("project/edited_project.php", $params);
    } catch (Exception $e) {
        show_view('error.php', $e->getMessage());
        die;
    }
}

function show_project()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
    if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        throw new Exception("An id must be specified");
    }
    $projId = $_GET['id'];
    $serv = \Factory::getProjectService();
    $project = $serv->getProject($projId);
    $allRoles = $project->getRoles();
    $roles = array();
    foreach ($allRoles as $role) {
        if ($role->getStatus() == \RoleStatus::GRANTED && $role->getRoleType()->getName() != \RoleTypeName::CIC_STAFF) {
            $roles[] = $role;
        }
    }
    //get user for case that portal is read only and user is admin, so they can still see edit links
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['ShowEdit'] = false;
    if (count($serv->authorizeAction(\Action::EDIT_OBJECT, $project, $user)) >= 1) {
        $params['ShowEdit'] = true;
    }
    $params['authenticated'] = false;
    if ($user != null) {
        $params['authenticated'] = true;
    }
    // Add RoleActionRecords to params
    $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($project->getId(), 'project');
    $params['Name'] = $project->getName();
    $params['Description'] = $project->getDescription();
    $params['ID'] = $project->getId();
    $params['NGIs'] = $project->getNgis();
    $params['Sites'] = $serv->getSites($project);
    $params['Roles'] = $roles;
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view('project/view_project.php', $params, $params['Name']);
}

function view_requests()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../../components/Get_User_Principle.php';
    require_once __DIR__ . '/../utils.php';
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    if ($user == null) {
        throw new Exception("Unregistered users can't view/request roles");
    }
    // Entites is a two-dimensional array that lists both the id and name of
    // OwnedEntities that a user can reqeust a role over (Projects, NGIs, Sites,
    // ServiceGroups). If an inner dimesional array does not contain an Object_ID
    // array key, then it is used as a section title in a pull-down list.
    $entities = array();
    $entities[] = array('Name' => 'Projects');
    $allProjects = \Factory::getProjectService()->getProjects();
    foreach ($allProjects as $proj) {
        $entities[] = array('Object_ID' => $proj->getId(), 'Name' => $proj->getName());
    }
    $entities[] = array('Name' => 'NGIs');
    $allNGIs = \Factory::getNgiService()->getNGIs();
    foreach ($allNGIs as $ngi) {
        $entities[] = array('Object_ID' => $ngi->getId(), 'Name' => $ngi->getName());
    }
    $entities[] = array('Name' => 'Sites');
    $allSites = \Factory::getSiteService()->getSitesBy();
    foreach ($allSites as $site) {
        $entities[] = array('Object_ID' => $site->getId(), 'Name' => $site->getShortName());
    }
    $entities[] = array('Name' => 'ServiceGroups');
    $allSGs = \Factory::getServiceGroupService()->getServiceGroups();
    foreach ($allSGs as $sg) {
        $entities[] = array('Object_ID' => $sg->getId(), 'Name' => $sg->getName());
    }
    // Current user's own pending roles
    $myPendingRoleRequests = \Factory::getRoleService()->getUserRoles($user, \RoleStatus::PENDING);
    // foreach role, lookup corresponding RoleActionRecord (if any) and populate
    // the role.decoratorObject with the roleActionRecord for subsequent display
    //    foreach($myPendingRoleRequests as $role){
    //       $rar = \Factory::getRoleService()->getRoleActionRecordByRoleId($role->getId());
    //       $role->setDecoratorObject($rar);
    //    }
    // Other roles current user can approve
    $otherRolesUserCanApprove = \Factory::getRoleService()->getPendingRolesUserCanApprove($user);
    // can the calling user grant or reject each role?
    foreach ($otherRolesUserCanApprove as $r) {
        $grantRejectRoleNamesArray = array();
        $grantRejectRoleNamesArray['grant'] = '';
        $grantRejectRoleNamesArray['deny'] = '';
        // get list of roles that allows user to to grant the role request
        $grantRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::GRANT_ROLE, $r->getOwnedEntity(), $user);
        if (count($grantRoleAuthorisingRoleNames) >= 1) {
            $allAuthorisingRoleNames = '';
            foreach ($grantRoleAuthorisingRoleNames as $arName) {
                $allAuthorisingRoleNames .= $arName . ', ';
            }
            $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
            $grantRejectRoleNamesArray['grant'] = '[' . $allAuthorisingRoleNames . ']';
        }
        // get list of roles that allows user to reject the role request
        $denyRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::REJECT_ROLE, $r->getOwnedEntity(), $user);
        if (count($denyRoleAuthorisingRoleNames) >= 1) {
            $allAuthorisingRoleNames = '';
            foreach ($denyRoleAuthorisingRoleNames as $arName) {
                $allAuthorisingRoleNames .= $arName . ', ';
            }
            $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
            $grantRejectRoleNamesArray['deny'] = '[' . $allAuthorisingRoleNames . ']';
        }
        // store array of role names in decorator object
        $r->setDecoratorObject($grantRejectRoleNamesArray);
    }
    $params = array();
    $params['entities'] = $entities;
    $params['myRequests'] = $myPendingRoleRequests;
    $params['allRequests'] = $otherRolesUserCanApprove;
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view("political_role/view_requests.php", $params, "Role Requests");
    die;
}

 /**
  * This class will take an entity of either site, service group, NGI or Project.
  * It will then get the roles from the entity
  * and then get the users for each of those roles. Then using the authorizeAction function for the correct entity type it will
  * ascertain if a given user has the permission to grant a role. If they do there email address is added to an array. This array
  * of email addresses will then be sent a notification that they have a pending role request they can approve.
  *
  * If a site or NGI has no users with roles attached to it due to being newly created then this method will get the parent NGI and
  * send an email to those users to approve. It does this by passing the parent entity back into this method recursively.
  *
  *
  * @param Site/ServiceGroup/NGI/Project $entity            
  */
 public function roleRequest($entity)
 {
     $project = null;
     $emails = null;
     $projectIds = null;
     // Get the roles from the entity
     foreach ($entity->getRoles() as $role) {
         $roles[] = $role;
     }
     // Now for each role get the user
     foreach ($roles as $role) {
         // Call the correct authorize action service for the type of entity
         if ($entity instanceof \Site) {
             $enablingRoles = \Factory::getSiteService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser());
             // If the site has no site adminstrators to approve the role request then send an email to the parent NGI users to approve the request
             if ($roles == null) {
                 $this->roleRequest($entity->getNgi());
                 // Recursivly call this function to send email to the NGI users
             }
         } else {
             if ($entity instanceof \ServiceGroup) {
                 $enablingRoles = \Factory::getServiceGroupService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser());
             } else {
                 if ($entity instanceof \Project) {
                     $enablingRoles = \Factory::getProjectService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser());
                 } else {
                     if ($entity instanceof \NGI) {
                         $enablingRoles = \Factory::getNgiService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser());
                         $projects = $entity->getProjects();
                         // set project with the NGI's parent project and later recurse with this
                         // Only send emails to Project users if there are no users with grant_roles over the NGI
                         if ($roles == null) {
                             // Get the ID's of each project so we can remove duplicates
                             foreach ($projects as $project) {
                                 $projectIds[] = $project->getId();
                             }
                             $projectIds = array_unique($projectIds);
                         }
                     }
                 }
             }
         }
         // remove admin from enabling roles
         $position = array_search('GOCDB_ADMIN', $enablingRoles);
         if ($position != null) {
             unset($enablingRoles[$position]);
         }
         // Get the users email and add it to the array if they have an enabling role
         if (count($enablingRoles) > 0) {
             $emails[] = $role->getUser()->getEmail();
         }
     }
     /*
      * No users are able to grant the role or there are no users over this entity. In this case we will email the parent entity for approval
      */
     if ($emails == null || count($emails) == 0) {
         if ($entity instanceof \Site) {
             $this->roleRequest($entity->getNgi());
             // Recursivly call this function to send email to the NGI users
         } else {
             if ($entity instanceof \NGI) {
                 /*
                  * It is important to remove duplicate projects here otherwise we will spam the same addresses as we recursively call this method.
                  */
                 $projects = $entity->getProjects();
                 // set project with the NGI's parent project and later recurse with this
                 $projectIds = array();
                 // Get the ID's of each project so we can remove duplicates
                 foreach ($projects as $project) {
                     $projectIds[] = $project->getId();
                 }
                 $projectIds = array_unique($projectIds);
             }
         }
     } else {
         // If the entity has valid users who can approve the role then send the email notification.
         // Remove duplicate emails from array
         $emails = array_unique($emails);
         // Get the PortalURL to create an accurate link to the role approval view
         $localInfoLocation = __DIR__ . "/../../config/local_info.xml";
         $localInfoXML = simplexml_load_file($localInfoLocation);
         $webPortalURL = $localInfoXML->local_info->web_portal_url;
         // Email content
         $headers = "From: no-reply@goc.egi.eu";
         $subject = "GocDB: A Role request requires attention";
         $body = "Dear GOCDB User,\n\n" . "A user has requested a role that requires attention.\n\n" . "You can approve or deny this request here:\n\n" . $webPortalURL . "/index.php?Page_Type=Role_Requests\n\n" . "Note: This role may already have been approved or denied by another GocDB User";
         $sendMail = TRUE;
//.........这里部分代码省略.........