Change all access API methods to take ORMs instead of ids. This will

minimize reloading objects from the database.
author: Bharat Mediratta <bharat@menalto.com> 2008-12-10 07:05:49 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-10 07:05:49 +0000
commit: 18a6614a11cf39a29f5705edabc710688da357e6 (patch)
tree: 26bcc7c8f81c5f9f948ded7a07b3be41ca370e4c /core/helpers/access.php
parent: 09364348c7ddb5cd46c3f63ea71467e7b49d0c34 (diff)
1 files changed, 58 insertions, 53 deletions
diff --git a/core/helpers/access.php b/core/helpers/access.php
index c21583a8..57fad3c0 100644
--- a/core/helpers/access.php
+++ b/core/helpers/access.php
@@ -73,33 +73,34 @@ class access_Core {
   /**
    * Does this group have this permission on this item?
    *
-   * @param  integer $group_id
-   * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  Group_Model $group
+   * @param  string      $perm_name
+   * @param  Item_Model  $item
    * @return boolean
    */
-  public static function group_can($group_id, $perm_name, $item_id) {
-    $access = ORM::factory("access_cache")->where("item_id", $item_id)->find();
+  public static function group_can($group, $perm_name, $item) {
+    $access = ORM::factory("access_cache")->where("item_id", $item->id)->find();
     if (!$access) {
-      throw new Exception("@todo MISSING_ACCESS for $item_id");
+      throw new Exception("@todo MISSING_ACCESS for $item->id");
     }
 
-    return $access->__get("{$perm_name}_{$group_id}") === self::ALLOW;
+    $group_id = $group ? $group->id : 0;
+    return $access->__get("{$perm_name}_$group_id") === self::ALLOW;
   }
 
   /**
    * Does the active user have this permission on this item?
    *
-   * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  string     $perm_name
+   * @param  Item_Model $item
    * @return boolean
    */
-  public static function can($perm_name, $item_id) {
+  public static function can($perm_name, $item) {
     $user = Session::instance()->get("user", null);
     if ($user) {
-      $access = ORM::factory("access_cache")->where("item_id", $item_id)->find();
+      $access = ORM::factory("access_cache")->where("item_id", $item->id)->find();
       if (!$access) {
-        throw new Exception("@todo MISSING_ACCESS for $item_id");
+        throw new Exception("@todo MISSING_ACCESS for $item->id");
       }
 
       if ($access->view_0 == self::ALLOW) {
@@ -112,64 +113,69 @@ class access_Core {
       }
       return false;
     } else {
-      return self::group_can(group::EVERYBODY, $perm_name, $item_id);
+      return self::group_can(group::EVERYBODY, $perm_name, $item->id);
     }
   }
 
   /**
    * Internal method to set a permission
    *
-   * @param  integer $group_id
+   * @param  Group_Model $group
    * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  Item_Model $item
    * @param  boolean $value
    * @return boolean
    */
-  private static function _set($group_id, $perm_name, $item_id, $value) {
-    $access = ORM::factory("access_intent")->where("item_id", $item_id)->find();
+  private static function _set($group, $perm_name, $item, $value) {
+    $access = ORM::factory("access_intent")->where("item_id", $item->id)->find();
     if (!$access->loaded) {
-      throw new Exception("@todo MISSING_ACCESS for $item_id");
+      throw new Exception("@todo MISSING_ACCESS for $item->id");
     }
 
-    $access->__set("{$perm_name}_{$group_id}", $value);
+    $group_id = $group ? $group->id : 0;
+    $access->__set("{$perm_name}_$group_id", $value);
     $access->save();
 
-    self::_update_access_cache($group_id, $perm_name, $item_id);
+    self::_update_access_cache($group, $perm_name, $item);
   }
 
   /**
    * Allow a group to have a permission on an item.
    *
-   * @param  integer $group_id
+   * @param  Group_Model $group
    * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  Item_Model $item
    * @return boolean
    */
-  public static function allow($group_id, $perm_name, $item_id) {
-    self::_set($group_id, $perm_name, $item_id, self::ALLOW);
+  public static function allow($group, $perm_name, $item) {
+    self::_set($group, $perm_name, $item, self::ALLOW);
   }
 
   /**
    * Deny a group the given permission on an item.
    *
-   * @param  integer $group_id
+   * @param  Group_Model $group
    * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  Item_Model $item
    * @return boolean
    */
-  public static function deny($group_id, $perm_name, $item_id) {
-    self::_set($group_id, $perm_name, $item_id, self::DENY);
+  public static function deny($group, $perm_name, $item) {
+    self::_set($group, $perm_name, $item, self::DENY);
   }
 
   /**
    * Unset the given permission for this item and use inherited values
    *
+   * @param  Group_Model $group
+   * @param  string  $perm_name
+   * @param  Item_Model $item
+   * @return boolean
    */
-  public static function reset($group_id, $perm_name, $item_id) {
-    if ($item_id == 1) {
+  public static function reset($group, $perm_name, $item) {
+    if ($item->id == 1) {
       throw new Exception("@todo CANT_RESET_ROOT_PERMISSION");
     }
-    self::_set($group_id, $perm_name, $item_id, null);
+    self::_set($group, $perm_name, $item, null);
   }
 
   /**
@@ -187,9 +193,9 @@ class access_Core {
     $permission->save();
 
     foreach (self::_get_all_groups() as $group) {
-      self::_add_columns($perm_name, $group->id);
+      self::_add_columns($perm_name, $group);
     }
-    self::_add_columns($perm_name, 0);
+    self::_add_columns($perm_name, null);
   }
 
   /**
@@ -200,9 +206,9 @@ class access_Core {
    */
   public static function delete_permission($name) {
     foreach (self::_get_all_groups() as $group) {
-      self::_drop_columns($name, $group->id);
+      self::_drop_columns($name, $group);
     }
-    self::_drop_columns($name, 0);
+    self::_drop_columns($name, null);
     $permission = ORM::factory("permission")->where("name", $name)->find();
     if ($permission->loaded) {
       $permission->delete();
@@ -217,7 +223,7 @@ class access_Core {
    */
   public static function add_group($group) {
     foreach (ORM::factory("permission")->find_all() as $perm) {
-      self::_add_columns($perm->name, $group->id);
+      self::_add_columns($perm->name, $group);
     }
   }
 
@@ -229,7 +235,7 @@ class access_Core {
    */
   public static function delete_group($group) {
     foreach (ORM::factory("permission")->find_all() as $perm) {
-      self::_drop_columns($perm->name, $group->id);
+      self::_drop_columns($perm->name, $group);
     }
   }
 
@@ -287,13 +293,14 @@ class access_Core {
   /**
    * Internal method to  remove Permission/Group columns
    *
-   * @param  integer $group_id
-   * @param  string  $perm_name
+   * @param  Group_Model $group
+   * @param  string      $perm_name
    * @return void
    */
-  private static function _drop_columns($perm_name, $group_id) {
+  private static function _drop_columns($perm_name, $group) {
+    $group_id = $group ? $group->id : 0;
     $db = Database::instance();
-    $field = "{$perm_name}_{$group_id}";
+    $field = "{$perm_name}_$group_id";
     $db->query("ALTER TABLE `access_caches` DROP `$field`");
     $db->query("ALTER TABLE `access_intents` DROP `$field`");
   }
@@ -301,13 +308,14 @@ class access_Core {
   /**
    * Internal method to add Permission/Group columns
    *
-   * @param  integer $group_id
+   * @param  Group_Model $group
    * @param  string  $perm_name
    * @return void
    */
-  private static function _add_columns($perm_name, $group_id) {
+  private static function _add_columns($perm_name, $group) {
+    $group_id = $group ? $group->id : 0;
     $db = Database::instance();
-    $field = "{$perm_name}_{$group_id}";
+    $field = "{$perm_name}_$group_id";
     $db->query("ALTER TABLE `access_caches` ADD `$field` TINYINT(2) NOT NULL DEFAULT 0");
     $db->query("ALTER TABLE `access_intents` ADD `$field` BOOLEAN DEFAULT NULL");
   }
@@ -319,20 +327,17 @@ class access_Core {
    *
    * @todo: use database locking
    *
-   * @param  integer $group_id
+   * @param  Group_Model $group
    * @param  string  $perm_name
-   * @param  integer $item_id
+   * @param  Item_Model $item
    * @return void
    */
-  public static function _update_access_cache($group_id, $perm_name, $item_id) {
-    $item = ORM::factory("item", $item_id);
-    if (!$item->loaded) {
-      throw new Exception("@todo MISSING_ITEM for $item_id");
-    }
-    $access = ORM::factory("access_intent")->where("item_id", $item_id)->find();
+  public static function _update_access_cache($group, $perm_name, $item) {
+    $access = ORM::factory("access_intent")->where("item_id", $item->id)->find();
 
+    $group_id = $group ? $group->id : 0;
     $db = Database::instance();
-    $field = "{$perm_name}_{$group_id}";
+    $field = "{$perm_name}_$group_id";
 
     if ($perm_name == "view") {
       // With view permissions, deny values in the parent can override allow values in the child,
author	Bharat Mediratta <bharat@menalto.com>	2008-12-10 07:05:49 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-10 07:05:49 +0000
commit	18a6614a11cf39a29f5705edabc710688da357e6 (patch)
tree	26bcc7c8f81c5f9f948ded7a07b3be41ca370e4c /core/helpers/access.php
parent	09364348c7ddb5cd46c3f63ea71467e7b49d0c34 (diff)