1: <?php
  2: /*****************************************************************************************
  3:  * X2Engine Open Source Edition is a customer relationship management program developed by
  4:  * X2Engine, Inc. Copyright (C) 2011-2016 X2Engine Inc.
  5:  * 
  6:  * This program is free software; you can redistribute it and/or modify it under
  7:  * the terms of the GNU Affero General Public License version 3 as published by the
  8:  * Free Software Foundation with the addition of the following permission added
  9:  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
 10:  * IN WHICH THE COPYRIGHT IS OWNED BY X2ENGINE, X2ENGINE DISCLAIMS THE WARRANTY
 11:  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
 12:  * 
 13:  * This program is distributed in the hope that it will be useful, but WITHOUT
 14:  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 15:  * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 16:  * details.
 17:  * 
 18:  * You should have received a copy of the GNU Affero General Public License along with
 19:  * this program; if not, see http://www.gnu.org/licenses or write to the Free
 20:  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 21:  * 02110-1301 USA.
 22:  * 
 23:  * You can contact X2Engine, Inc. P.O. Box 66752, Scotts Valley,
 24:  * California 95067, USA. or at email address contact@x2engine.com.
 25:  * 
 26:  * The interactive user interfaces in modified source and object code versions
 27:  * of this program must display Appropriate Legal Notices, as required under
 28:  * Section 5 of the GNU Affero General Public License version 3.
 29:  * 
 30:  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
 31:  * these Appropriate Legal Notices must retain the display of the "Powered by
 32:  * X2Engine" logo. If the display of the logo is not reasonably feasible for
 33:  * technical reasons, the Appropriate Legal Notices must display the words
 34:  * "Powered by X2Engine".
 35:  *****************************************************************************************/
 36: 
 37: /**
 38:  * Base class for behaviors respecting the establishment of access permissions
 39:  *
 40:  * @property boolean|string $assignmentAttr The attribute to use for assignment
 41:  *  and ownership. False signifies that it's to be treated as if owned by the
 42:  *  system/no one in particular.
 43:  * @property boolean|string $visibilityAttr The attribute to use for visibility
 44:  *  settings. False signifies that visibility should be ignored.
 45:  * @package application.components.permissions
 46:  */
 47: abstract class ModelPermissionsBehavior extends CActiveRecordBehavior {
 48: 
 49:     /**
 50:      * Returns a CDbCriteria containing record-level access conditions.
 51:      * @return CDbCriteria
 52:      */
 53:     abstract function getAccessCriteria();
 54: 
 55:     /**
 56:      * Returns a number from 0 to 3 representing the current user's access level using the Yii auth manager
 57:      * Assumes authItem naming scheme like "ContactsViewPrivate", etc.
 58:      * This method probably ought to overridden, as there is no reliable way to determine the module a model "belongs" to.
 59:      * @return integer The access level. 0=no access, 1=own records, 2=public records, 3=full access
 60:      */
 61:     abstract function getAccessLevel($uid=null);
 62: 
 63:     /**
 64:      * Generates SQL condition to filter out records the user doesn't have
 65:      *  permission to see.
 66:      * This method is used by the 'accessControl' filter.
 67:      * @param integer $accessLevel The user's access level. 0=no access, 1=own
 68:      *  records, 2=public records, 3=full access
 69:      * @return String The SQL conditions
 70:      */
 71:     abstract function getAccessConditions($accessLevel);
 72: 
 73:     /**
 74:      * 
 75:      */
 76:     abstract function getAssignmentAttr();
 77: 
 78:     /**
 79:      * 
 80:      */
 81:     abstract function getVisibilityAttr();
 82:     
 83:     /**
 84:      * 
 85:      */
 86:     public static function getVisibilityOptions(){
 87:         return array();
 88:     }
 89:     
 90:     /*
 91:      * Returns regex for performing SQL assignedTo field comparisons.
 92:      * @return string This can be inserted (with parameter binding) into SQL queries to
 93:      *  determine if an action is assigned to a given user.
 94:      */
 95:     public static function getUserNameRegex ($username=null) {
 96:         return '(^|, )'.($username===null?Yii::app()->getSuName():$username).'($|, )';
 97:     }
 98: }
 99: 
100: ?>
101: