当前位置: 首页>>代码示例>>PHP>>正文


PHP ca_users::getUserRoles方法代码示例

本文整理汇总了PHP中ca_users::getUserRoles方法的典型用法代码示例。如果您正苦于以下问题:PHP ca_users::getUserRoles方法的具体用法?PHP ca_users::getUserRoles怎么用?PHP ca_users::getUserRoles使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在ca_users的用法示例。


在下文中一共展示了ca_users::getUserRoles方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: syncWithDirectory

 private function syncWithDirectory($ps_username)
 {
     $va_default_roles = $this->getConfigValue("ldap_users_default_roles", array());
     $va_default_groups = $this->getConfigValue("ldap_users_default_groups", array());
     $t_user = new ca_users();
     // don't try to sync roles for non-existing users (the first auth call is before the user is actually created)
     if (!$t_user->load($ps_username)) {
         return;
     }
     if ($this->getConfigValue('ldap_sync_user_roles')) {
         $va_expected_roles = array_merge($va_default_roles, $this->getRolesToAddFromDirectory($ps_username));
         foreach ($va_expected_roles as $vs_role) {
             if (!$t_user->hasUserRole($vs_role)) {
                 $t_user->addRoles($vs_role);
             }
         }
         foreach ($t_user->getUserRoles() as $vn_id => $va_role_info) {
             if (!in_array($va_role_info['code'], $va_expected_roles)) {
                 $t_user->removeRoles($vn_id);
             }
         }
     }
     if ($this->getConfigValue('ldap_sync_user_groups')) {
         $va_expected_groups = array_merge($va_default_groups, $this->getGroupsToAddFromDirectory($ps_username));
         foreach ($va_expected_groups as $vs_group) {
             if (!$t_user->inGroup($vs_group)) {
                 $t_user->addToGroups($vs_group);
             }
         }
         foreach ($t_user->getUserGroups() as $vn_id => $va_group_info) {
             if (!in_array($va_group_info['code'], $va_expected_groups)) {
                 $t_user->removeFromGroups($vn_id);
             }
         }
     }
 }
开发者ID:idiscussforum,项目名称:providence,代码行数:36,代码来源:AbstractLDAPAuthAdapter.php

示例2: authenticate

 public static function authenticate($ps_username, $ps_password = '', $pa_options = null)
 {
     $po_auth_config = Configuration::load(Configuration::load()->get('authentication_config'));
     if (!function_exists("ldap_connect")) {
         throw new OpenLDAPException(_t("PHP's LDAP module is required for LDAP authentication!"));
     }
     if (!$ps_username) {
         return false;
     }
     // ldap config
     $vs_ldaphost = $po_auth_config->get("ldap_host");
     $vs_ldapport = $po_auth_config->get("ldap_port");
     $vs_base_dn = $po_auth_config->get("ldap_base_dn");
     $vs_user_ou = $po_auth_config->get("ldap_user_ou");
     $vs_bind_rdn = self::postProcessLDAPConfigValue("ldap_bind_rdn_format", $ps_username, $vs_user_ou, $vs_base_dn);
     $va_default_roles = $po_auth_config->get("ldap_users_default_roles");
     if (!is_array($va_default_roles)) {
         $va_default_roles = array();
     }
     $va_default_groups = $po_auth_config->get("ldap_users_default_groups");
     if (!is_array($va_default_groups)) {
         $va_default_groups = array();
     }
     $vo_ldap = ldap_connect($vs_ldaphost, $vs_ldapport);
     ldap_set_option($vo_ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
     if (!$vo_ldap) {
         return false;
     }
     $vs_bind_rdn_filter = self::postProcessLDAPConfigValue("ldap_bind_rdn_filter", $ps_username, $vs_user_ou, $vs_base_dn);
     if (strlen($vs_bind_rdn_filter) > 0) {
         $vo_dn_search_results = ldap_search($vo_ldap, $vs_base_dn, $vs_bind_rdn_filter);
         $va_dn_search_results = ldap_get_entries($vo_ldap, $vo_dn_search_results);
         if (isset($va_dn_search_results[0]['dn'])) {
             $vs_bind_rdn = $va_dn_search_results[0]['dn'];
         }
     }
     // log in
     $vo_bind = @ldap_bind($vo_ldap, $vs_bind_rdn, $ps_password);
     if (!$vo_bind) {
         // wrong credentials
         if (ldap_get_option($vo_ldap, 0x32, $extended_error)) {
             caLogEvent("ERR", "LDAP ERROR (" . ldap_errno($vo_ldap) . ") {$extended_error} [{$vs_bind_rdn}]", "OpenLDAP::Authenticate");
         }
         ldap_unbind($vo_ldap);
         return false;
     }
     // check group membership
     if (!self::isMemberinAtLeastOneGroup($ps_username, $vo_ldap)) {
         ldap_unbind($vo_ldap);
         return false;
     }
     // user role and group membership syncing with directory
     $t_user = new ca_users();
     if ($t_user->load($ps_username)) {
         // don't try to sync roles for non-existing users (the first auth call is before the user is actually created)
         if ($po_auth_config->get('ldap_sync_user_roles')) {
             $va_expected_roles = array_merge($va_default_roles, self::getRolesToAddFromDirectory($ps_username, $vo_ldap));
             foreach ($va_expected_roles as $vs_role) {
                 if (!$t_user->hasUserRole($vs_role)) {
                     $t_user->addRoles($vs_role);
                 }
             }
             foreach ($t_user->getUserRoles() as $vn_id => $va_role_info) {
                 if (!in_array($va_role_info['code'], $va_expected_roles)) {
                     $t_user->removeRoles($vn_id);
                 }
             }
         }
         if ($po_auth_config->get('ldap_sync_user_groups')) {
             $va_expected_groups = array_merge($va_default_groups, self::getGroupsToAddFromDirectory($ps_username, $vo_ldap));
             foreach ($va_expected_groups as $vs_group) {
                 if (!$t_user->inGroup($vs_group)) {
                     $t_user->addToGroups($vs_group);
                 }
             }
             foreach ($t_user->getUserGroups() as $vn_id => $va_group_info) {
                 if (!in_array($va_group_info['code'], $va_expected_groups)) {
                     $t_user->removeFromGroups($vn_id);
                 }
             }
         }
     }
     ldap_unbind($vo_ldap);
     return true;
 }
开发者ID:kai-iak,项目名称:pawtucket2,代码行数:85,代码来源:OpenLDAP.php

示例3: getScreens

 /**
  * Returns list of screens for a given UI. 
  *
  * @param int $pn_type_id Optional type to restrict screens to
  * @param array $pa_options Options include:
  *		showAll = Include screens that do not have placements. Default is false.
  *		user_id = User_id to apply access control for
  *
  * @return array List of screens for this user interface
  */
 public function getScreens($pn_type_id = null, $pa_options = null)
 {
     if (!$this->getPrimaryKey()) {
         return false;
     }
     if (!($t_instance = $this->_DATAMODEL->getInstanceByTableNum($this->get('editor_type')))) {
         return null;
     }
     if ($t_instance instanceof BaseRelationshipModel) {
         $va_types = $t_instance->getRelationshipTypes();
     } else {
         $va_types = $t_instance->getTypeList();
     }
     $va_sql_params = array((int) $this->getPrimaryKey());
     $o_db = $this->getDb();
     $va_type_list = caMakeTypeIDList($this->get('editor_type'), array($pn_type_id), array('dontIncludeSubtypesInTypeRestriction' => true));
     if (!sizeof($va_type_list)) {
         $va_type_list = array($pn_type_id);
     }
     $vs_type_sql = (int) $pn_type_id ? "AND (ceustr.type_id IS NULL OR ceustr.type_id IN (" . join(",", $va_type_list) . "))" : '';
     $vs_access_sql = '';
     $t_user = new ca_users();
     if (($vn_user_id = caGetOption('user_id', $pa_options, null)) && $t_user->load($vn_user_id)) {
         $vs_access_sql = " AND ((ceus.screen_id IN \n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT screen_id \n\t\t\t\t\t\tFROM ca_editor_ui_screens_x_users\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tuser_id = ?\n\t\t\t\t\t)\n\t\t\t\t)";
         $va_sql_params[] = $vn_user_id;
         $va_groups = $t_user->getUserGroups();
         if (is_array($va_groups) && sizeof($va_groups)) {
             $vs_access_sql .= " OR (ceus.screen_id IN \n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT screen_id \n\t\t\t\t\t\tFROM ca_editor_ui_screens_x_user_groups\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tgroup_id IN (?)\n\t\t\t\t\t)\n\t\t\t\t)";
             $va_sql_params[] = array_keys($va_groups);
         }
         $va_roles = $t_user->getUserRoles();
         if (is_array($va_roles) && sizeof($va_roles)) {
             $vs_access_sql .= " OR (ceus.screen_id IN \n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT screen_id \n\t\t\t\t\t\tFROM ca_editor_ui_screens_x_roles\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\trole_id IN (?)\n\t\t\t\t\t)\n\t\t\t\t)";
             $va_sql_params[] = array_keys($va_roles);
         }
         $vs_access_sql .= "\n\t\t\t\tOR (\n\t\t\t\t\tceus.screen_id NOT IN (\n\t\t\t\t\t\tSELECT screen_id FROM ca_editor_ui_screens_x_users\n\t\t\t\t\t)\n\t\t\t\t\tAND\n\t\t\t\t\tceus.screen_id NOT IN (\n\t\t\t\t\t\tSELECT screen_id FROM ca_editor_ui_screens_x_user_groups\n\t\t\t\t\t)\n\t\t\t\t\tAND\n\t\t\t\t\tceus.screen_id NOT IN (\n\t\t\t\t\t\tSELECT screen_id FROM ca_editor_ui_screens_x_roles\n\t\t\t\t\t)\n\t\t\t\t)\n\t\t\t)";
     }
     $qr_res = $o_db->query("\n\t\t\tSELECT ceus.*, ceusl.*, ceustr.type_id restriction_type_id\n\t\t\tFROM ca_editor_ui_screens ceus\n\t\t\tINNER JOIN ca_editor_ui_screen_labels AS ceusl ON ceus.screen_id = ceusl.screen_id\n\t\t\tLEFT JOIN ca_editor_ui_screen_type_restrictions AS ceustr ON ceus.screen_id = ceustr.screen_id\n\t\t\tWHERE\n\t\t\t\t(ceus.ui_id = ?) {$vs_type_sql}\n\t\t\t\t{$vs_access_sql}\n\t\t\tORDER BY \n\t\t\t\tceus.rank, ceus.screen_id\n\t\t", $va_sql_params);
     $va_screens = array();
     while ($qr_res->nextRow()) {
         if (!$va_screens[$vn_screen_id = $qr_res->get('screen_id')][$vn_screen_locale_id = $qr_res->get('locale_id')]) {
             $va_screens[$vn_screen_id][$vn_screen_locale_id] = $qr_res->getRow();
             if ((bool) $va_screens[$vn_screen_id][$vn_screen_locale_id]['is_default']) {
                 $va_screens[$vn_screen_id][$vn_screen_locale_id]['isDefault'] = "◉";
             }
             $va_screens[$vn_screen_id][$vn_screen_locale_id]['numPlacements'] = sizeof($this->getScreenBundlePlacements($vn_screen_id));
         }
         if ($qr_res->get('restriction_type_id')) {
             $vs_key_to_add = $t_instance instanceof BaseRelationshipModel ? 'type_code' : 'name_plural';
             $va_screens[$vn_screen_id][$vn_screen_locale_id]['typeRestrictions'][$qr_res->get('restriction_type_id')] = $va_types[$qr_res->get('restriction_type_id')][$vs_key_to_add];
         }
     }
     $va_screens_with_bundles = null;
     if ((!isset($pa_options['showAll']) || !$pa_options['showAll']) && sizeof($va_screens)) {
         // Get placements for all screens, so we can filter screens without placements
         $qr_res = $o_db->query("\n\t\t\t\tSELECT screen_id, placement_id, bundle_name\n\t\t\t\tFROM ca_editor_ui_bundle_placements\n\t\t\t\tWHERE\n\t\t\t\t\tscreen_id IN (?)\n\t\t\t", array(array_keys($va_screens)));
         $vs_table = $t_instance->tableName();
         $va_screens_with_bundles = array();
         while ($qr_res->nextRow()) {
             $vn_screen_id = $qr_res->get('screen_id');
             if (isset($va_screens_with_bundles[$vn_screen_id])) {
                 continue;
             }
             if (caGetBundleAccessLevel($vs_table, $qr_res->get('bundle_name')) != __CA_BUNDLE_ACCESS_NONE__) {
                 $va_screens_with_bundles[$vn_screen_id] = true;
             }
         }
     }
     foreach ($va_screens as $vn_screen_id => $va_screen_labels_by_locale) {
         if (is_array($va_screens_with_bundles) && !isset($va_screens_with_bundles[$vn_screen_id])) {
             unset($va_screens[$vn_screen_id]);
             continue;
         }
         foreach ($va_screen_labels_by_locale as $vn_locale_id => $va_restriction_info) {
             if (!is_array($va_screens[$vn_screen_id][$vn_locale_id]['typeRestrictions'])) {
                 continue;
             }
             $va_screens[$vn_screen_id][$vn_locale_id]['typeRestrictionsForDisplay'] = join(', ', $va_screens[$vn_screen_id][$vn_locale_id]['typeRestrictions']);
         }
     }
     return caExtractValuesByUserLocale($va_screens);
 }
开发者ID:samrahman,项目名称:providence,代码行数:92,代码来源:ca_editor_uis.php


注:本文中的ca_users::getUserRoles方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。