Fixes #3506 Added a tab in user to assign roles

78f07428 · Côme Bernigaud · Benoit Mortier · 28a77d7d · 78f07428
Commit 78f07428 authored Dec 10, 2014 by Côme Bernigaud Committed by Benoit Mortier Dec 10, 2014
--- a/plugins/personal/roles/class_userRoles.inc
+++ b/plugins/personal/roles/class_userRoles.inc
+<?php
+/*
+  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
+  Copyright (C) 2014  FusionDirectory
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+*/
+
+class userRoles extends simplePlugin
+{
+  var $objectclasses = array();
+
+  static function plInfo()
+  {
+    return array(
+      'plShortName'     => _('Roles'),
+      'plDescription'   => _('Edit user\'s roles'),
+      'plIcon'          => 'geticon.php?context=types&icon=role&size=48',
+      'plSmallIcon'     => 'geticon.php?context=types&icon=role&size=16',
+      'plSelfModify'    => TRUE,
+      'plObjectType'    => array('user'),
+
+      'plProvidedAcls'  => parent::generatePlProvidedAcls(self::getAttributesInfo())
+    );
+  }
+
+  static function getAttributesInfo ()
+  {
+    return array(
+      'main' => array(
+        'name'  => _('Roles membership'),
+        'attrs' => array(
+          new SetAttribute(
+            new SelectAttribute(
+              '', _('Roles membership'),
+              'rolesMembership', FALSE
+            )
+          )
+        )
+      ),
+    );
+  }
+
+  function __construct (&$config, $dn = NULL, $object = NULL)
+  {
+    parent::__construct($config, $dn, $object);
+
+    /* Roles handling */
+    $roles    = objects::ls('role');
+    $myRoles  = objects::ls(
+      'role', NULL, NULL,
+      '(roleOccupant='.$this->dn.')'
+    );
+    $this->attributesAccess['rolesMembership']->setInLdap(FALSE);
+    $this->attributesAccess['rolesMembership']->attribute->setChoices(array_keys($roles), array_values($roles));
+    $this->attributesAccess['rolesMembership']->setValue(array_keys($myRoles));
+    $this->savedRolesMembership = array_keys($myRoles);
+
+    $this->updateAttributesValues();
+  }
+
+  function ldap_save($cleanup = TRUE)
+  {
+    parent::ldap_save($cleanup);
+
+    /* Take care about rolesMembership values: add to roles */
+    $rolesMembership = $this->attributesAccess['rolesMembership']->getValue();
+    foreach ($rolesMembership as $roledn) {
+      if (!in_array($roledn, $this->savedRolesMembership)) {
+        $r = objects::open($roledn, 'role');
+        $r->getBaseObject()->attributesAccess['roleOccupant']->addValue($this->dn, array('cn' => 'user'));
+        $r->save();
+      }
+    }
+
+    /* Remove roles not listed in rolesMembership */
+    foreach ($this->savedRolesMembership as $roledn) {
+      if (!in_array($roledn, $rolesMembership)) {
+        $r = objects::open($roledn, 'role');
+        $r->getBaseObject()->attributesAccess['roleOccupant']->searchAndRemove($this->dn);
+        $r->save();
+      }
+    }
+  }
+}