mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-21 09:38:48 +02:00
N°642.2 Portal: Lifecycle transitions security is now a blacklist instead of a white list. Making migration transparent and portal configuration easier.
SVN:trunk[5008]
This commit is contained in:
Guillaume Lajarige
@@ -161,10 +161,10 @@ class LifecycleValidatorHelper
|
||||
}
|
||||
|
||||
// Retrieving profiles for the stimulus
|
||||
$oProfilesNode = $oStimulusNode->GetOptionalElement('allowed_profiles');
|
||||
$oProfilesNode = $oStimulusNode->GetOptionalElement('denied_profiles');
|
||||
$aProfilesNames = array();
|
||||
// If no profile is specified, we consider that it's for ALL the profiles
|
||||
if (($oProfilesNode === null) || ($oProfilesNode->GetNodes('./allowed_profile')->length === 0))
|
||||
if (($oProfilesNode === null) || ($oProfilesNode->GetNodes('./denied_profile')->length === 0))
|
||||
{
|
||||
foreach (ProfilesConfig::GetProfilesValues() as $iKey => $aValue)
|
||||
{
|
||||
@@ -173,13 +173,13 @@ class LifecycleValidatorHelper
|
||||
}
|
||||
else
|
||||
{
|
||||
foreach ($oProfilesNode->GetNodes('./allowed_profile') as $oProfileNode)
|
||||
foreach ($oProfilesNode->GetNodes('./denied_profile') as $oProfileNode)
|
||||
{
|
||||
// Retrieving mandatory profile id attribute
|
||||
$sProfileId = $oProfileNode->getAttribute('id');
|
||||
if ($sProfileId === '')
|
||||
{
|
||||
throw new DOMFormatException('Stimulus tag must have an id attribute.', null, null, $oProfileNode);
|
||||
throw new DOMFormatException('Profile tag must have an id attribute.', null, null, $oProfileNode);
|
||||
}
|
||||
$aProfilesNames[] = $sProfileId;
|
||||
}
|
||||
@@ -287,6 +287,12 @@ class LifecycleValidatorHelper
|
||||
{
|
||||
$aStimuli = array();
|
||||
|
||||
// Preparing available stimuli
|
||||
foreach(MetaModel::EnumStimuli($sClass) as $sStimulusCode => $aData)
|
||||
{
|
||||
$aStimuli[$sStimulusCode] = true;
|
||||
}
|
||||
|
||||
// Iterating on profiles to retrieving the different OQLs parts
|
||||
foreach ($aProfiles as $sProfile)
|
||||
{
|
||||
@@ -297,19 +303,16 @@ class LifecycleValidatorHelper
|
||||
$sLifecycleValuesClass = $this->sGeneratedClass;
|
||||
$aProfileMatrix = $sLifecycleValuesClass::GetProfileStimuli($iProfileId, $sClass);
|
||||
|
||||
// If the profile / class tuple is not present (null), it means that all stimuli are allowed
|
||||
if($aProfileMatrix === null)
|
||||
foreach($aProfileMatrix as $sStimulusCode)
|
||||
{
|
||||
$aImplicitStimuli = array_keys(MetaModel::EnumStimuli($sClass));
|
||||
$aStimuli = array_merge_recursive($aStimuli, $aImplicitStimuli);
|
||||
}
|
||||
else
|
||||
{
|
||||
$aStimuli = array_merge_recursive($aStimuli, $aProfileMatrix);
|
||||
if(array_key_exists($sStimulusCode, $aStimuli))
|
||||
{
|
||||
unset($aStimuli[$sStimulusCode]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $aStimuli;
|
||||
return array_keys($aStimuli);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -374,7 +377,7 @@ class LifecycleValidatorHelper
|
||||
// File generated by LifeCycleValidatorHelper
|
||||
//
|
||||
// Please do not edit manually
|
||||
// List of constant lifecycles
|
||||
// List of denied stimuli by profiles in the lifecycles
|
||||
// - used by the portal LifecycleValidatorHelper
|
||||
//
|
||||
class $sClassName
|
||||
@@ -382,6 +385,8 @@ class $sClassName
|
||||
protected static \$aPROFILES = $sProfiles;
|
||||
|
||||
/**
|
||||
* Returns the denied stimuli for a profile / class
|
||||
*
|
||||
* @param integer \$iProfileId
|
||||
* @param string \$sClass
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user