Merge branch 'hotline_#27346_fix_permissions' into 'stable'

Hotline #27346 fix permissions

See merge request !1003

VERSION_HOTLINE/27346

+  - ticket #27346 : correction de la génération des permissions
\ No newline at end of file

cosmogramme/php/_init.php

 <?php
 error_reporting(E_ERROR | E_PARSE);
 
-define("PATCH_LEVEL","262");
+define("PATCH_LEVEL","263");
 
 define("APPLI","cosmogramme");
 define("COSMOPATH", "/var/www/html/vhosts/opac2/www/htdocs");

cosmogramme/sql/patch/patch_263.php

+<?php
+/* add default permissions to permission table because patch 242 didn't make the job */
+
+$adapter = Zend_Registry::get('sql');
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'CATEGORY' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('CATEGORY', 'ARTICLE', 'Droits', 1, 'Créer des sous-catégories et des articles')");
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'ARTICLE' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('ARTICLE', 'ARTICLE', 'Droits', 2, 'Créer des articles');");
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'PENDING' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('PENDING', 'ARTICLE', 'Nouveaux statuts autorisés', 1, 'À valider');");
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'VALIDATED' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('VALIDATED', 'ARTICLE', 'Nouveaux statuts autorisés', 101, 'Validé');");
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'REFUSED' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('REFUSED', 'ARTICLE', 'Nouveaux statuts autorisés', 102, 'Refusé');");
+
+if(!$adapter->query("SELECT * FROM `permission` WHERE code = 'ARCHIVED' LIMIT 1;"))
+	$adapter->query("insert into `permission` (code, module, type, sorting, description) VALUES ('ARCHIVED', 'ARTICLE', 'Nouveaux statuts autorisés', 103, 'Archivé');");
+?>
\ No newline at end of file

scripts/generate-permissions.php

 <?php
-
 require 'console.php';
-echo BASE_URL."\n";
+echo BASE_URL . "\n";
 
-if (Class_UserGroup_Permission::countBy([])>0) {
-	echo "Permissions detected, stop script\n";
+if(!Class_Permission::findAll()) {
+	echo "No permission in DB, stop script\n";
 	exit;
 }
 
-$group_category = Class_UserGroupCategorie::newInstance(['libelle' => 'Droits d\'accès aux articles']);
-
-$group_category->save();
+if (Class_UserGroup_Permission::countBy([])>0) {
+	echo "Usergroup permissions detected, stop script\n";
+	exit;
+}
 
+if(!$group_category = Class_UserGroupCategorie::findFirstBy(['libelle' => 'Droits d\'accès aux articles'])) {
+	$group_category = Class_UserGroupCategorie::newInstance(['libelle' => 'Droits d\'accès aux articles']);
+	$group_category->save();
+}
 
 $all_cms_permissions = Class_Permission::getCmsPermissions();
 $redac_permissions = Class_Permission::findAllBy(['module' => 'ARTICLE', 'code' => ['ARTICLE' , 'PENDING', 'CATEGORY' ]]);
 
-function addGroupFor($library, $level, $label, $categ,$permissions) {
+$redac_portail = addGroupFor(Class_Bib::getPortail(), ZendAfi_Acl_AdminControllerRoles::MODO_PORTAIL, 'Rédacteurs Portail' ,$group_category,$redac_permissions);
+
+$admin_portail = addGroupFor(Class_Bib::getPortail(), ZendAfi_Acl_AdminControllerRoles::ADMIN_PORTAIL,  'Administrateurs Portail ' ,$group_category,$all_cms_permissions);
+
+foreach(Class_Bib::findAll() as $library) {
+  addGroupFor($library,
+							ZendAfi_Acl_AdminControllerRoles::MODO_BIB,
+							'Rédacteurs ' . $library->getLibelle(),
+							$group_category,
+							$redac_permissions);
+
+	addGroupFor($library,
+							ZendAfi_Acl_AdminControllerRoles::ADMIN_BIB,
+							'Administrateurs ' . $library->getLibelle(),
+							$group_category,
+							$all_cms_permissions);
+
+	allow($redac_permissions,
+				$redac_portail,
+				$library);
+
+	allow($all_cms_permissions,
+				$admin_portail,
+				$library);
+}
 
-  $group = Class_UserGroup::newInstance(['libelle' => $label,
-                                         'group_type' => Class_UserGroup::TYPE_DYNAMIC,
-                                         'role_level' => $level,
-                                         'library' => $library,
-                                         'categorie' => $categ]);
+
+function addGroupFor($library, $level, $label, $categ,$permissions) {
+	if(!$group = Class_UserGroup::findFirstBy(['libelle' => $label,
+																						 'id_cat' => $categ->getId()]))
+		$group = Class_UserGroup::newInstance(['libelle' => $label,
+																					 'group_type' => Class_UserGroup::TYPE_DYNAMIC,
+																					 'role_level' => $level,
+																					 'library' => $library,
+																					 'categorie' => $categ]);
 
   $group->addRight(Class_UserGroup::RIGHT_USER_ACCES_ARTICLES)
 				->addRight(Class_UserGroup::RIGHT_USER_PUBLICATION_DIRECTE)
 				->addRight(Class_UserGroup::RIGHT_USER_FILE_ACCESS)
 				->save();
+
 	allow($permissions,$group,$library);
 	return $group;
 }
 
 
-
 function allow($permissions,$group,$library) {
   foreach($permissions as $permission)
     $permission->permitTo($group, $library);
 }
-
-
-$redac_portail=addGroupFor(Class_Bib::getPortail(), ZendAfi_Acl_AdminControllerRoles::MODO_PORTAIL, 'Rédacteurs Portail' ,$group_category,$redac_permissions);
-
-$admin_portail=addGroupFor(Class_Bib::getPortail(), ZendAfi_Acl_AdminControllerRoles::ADMIN_PORTAIL,  'Administrateurs Portail ' ,$group_category,$all_cms_permissions);
-
-
-foreach(Class_Bib::findAll() as $library) {
-  addGroupFor($library, ZendAfi_Acl_AdminControllerRoles::MODO_BIB, 'Rédacteurs ' . $library->getLibelle(),$group_category,$redac_permissions);
-	addGroupFor($library, ZendAfi_Acl_AdminControllerRoles::ADMIN_BIB,  'Administrateurs ' . $library->getLibelle(),$group_category,$all_cms_permissions);
-
-	allow($redac_permissions,$redac_portail, $library);
-	allow($all_cms_permissions,$admin_portail, $library);
-
-}