MISP/app/Model/Role.php

<?php
App::uses('AppModel', 'Model');

class Role extends AppModel {

	public $validate = array(
			'valueNotEmpty' => array(
				'rule' => array('valueNotEmpty'),
		),
	);

	public $hasMany = array(
		'User' => array(
			'className' => 'User',
			'foreignKey' => 'role_id',
			'dependent' => false,
			'conditions' => '',
			'fields' => '',
			'order' => '',
			'limit' => '',
			'offset' => '',
			'exclusive' => '',
			'finderQuery' => '',
			'counterQuery' => ''
		)
	);

	public $actsAs = array(
			'Trim',
			'SysLogLogable.SysLogLogable' => array(	// TODO Audit, logable
					'roleModel' => 'Role',
					'roleKey' => 'role_id',
					'change' => 'full'
			),
	);

	public $virtualFields = array(
		'permission' => "CASE WHEN (Role.perm_add + Role.perm_modify + Role.perm_publish = 3) THEN '3' WHEN (Role.perm_add + Role.perm_modify_org = 2) THEN '2' WHEN (Role.perm_add = 1) THEN '1' ELSE '0' END",
	);

	public $permFlags = array(
		'perm_admin' => array('id' => 'RolePermAdmin', 'text' => 'Admin', 'readonlyenabled' => false),
		'perm_site_admin' => array('id' => 'RolePermSiteAdmin', 'text' => 'Site Admin', 'readonlyenabled' => false),
		'perm_sync' => array('id' => 'RolePermSync', 'text' => 'Sync Actions', 'readonlyenabled' => true),
		'perm_audit' => array('id' => 'RolePermAudit', 'text' => 'Audit Actions', 'readonlyenabled' => true),
		'perm_auth' => array('id' => 'RolePermAuth', 'text' => 'Auth key access', 'readonlyenabled' => true),
		'perm_regexp_access' => array('id' => 'RolePermRegexpAccess', 'text' => 'Regex Actions', 'readonlyenabled' => false),
		'perm_tagger' => array('id' => 'RolePermTagger', 'text' => 'Tagger', 'readonlyenabled' => false),
		'perm_tag_editor' => array('id' => 'RolePermTagEditor', 'text' => 'Tag Editor', 'readonlyenabled' => false),
		'perm_template' => array('id' => 'RolePermTemplate', 'text' => 'Template Editor', 'readonlyenabled' => false),
		'perm_sharing_group' => array('id' => 'RolePermSharingGroup', 'text' => 'Sharing Group Editor', 'readonlyenabled' => false),
		'perm_delegate' => array('id' => 'RolePermDelegate', 'text' => 'Delegations Access', 'readonlyenabled' => false),
		'perm_sighting' => array('id' => 'RolePermSighting', 'text' => 'Sighting Creator', 'readonlyenabled' => true)
	);

	public $premissionLevelName = array('Read Only', 'Manage Own Events', 'Manage Organisation Events', 'Manage and Publish Organisation Events');

	public function beforeSave($options = array()) {
	  //Conversion from the named data access permission levels
		switch ($this->data['Role']['permission']) {
			case '0':
				$this->data['Role']['perm_add'] = 0;
				$this->data['Role']['perm_modify'] = 0;
				$this->data['Role']['perm_modify_org'] = 0;
				$this->data['Role']['perm_publish'] = 0;
				break;
			case '1':
				$this->data['Role']['perm_add'] = 1;
				$this->data['Role']['perm_modify'] = 1;
				$this->data['Role']['perm_modify_org'] = 0;
				$this->data['Role']['perm_publish'] = 0;
				break;
			case '2':
				$this->data['Role']['perm_add'] = 1;
				$this->data['Role']['perm_modify'] = 1;
				$this->data['Role']['perm_modify_org'] = 1;
				$this->data['Role']['perm_publish'] = 0;
				break;
			case '3':
				$this->data['Role']['perm_add'] = 1;
				$this->data['Role']['perm_modify'] = 1;
				$this->data['Role']['perm_modify_org'] = 1;
				$this->data['Role']['perm_publish'] = 1;
				break;
			default:
				break;
		}
		return true;
	}
}
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`<?php`
			`App::uses('AppModel', 'Model');`
chg: Cleanup of the controllers and models - removed incorrect, useless boiler plate comments - kept useful comments intact - added some missing line breaks to make the codebase a bit more uniform - removed some obviously obsolete TODO comments 2016-08-25 11:38:37 +02:00
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`class Role extends AppModel {`

			`public $validate = array(`
Upgrade to CakePHP 2.7, fixes #684 - cakephp submodule updated to 2.7 - make sure that you update your instance! - not updating will not break compatibility 2015-10-09 15:59:25 +02:00			`'valueNotEmpty' => array(`
			`'rule' => array('valueNotEmpty'),`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`),`
			`);`

			`public $hasMany = array(`
			`'User' => array(`
			`'className' => 'User',`
			`'foreignKey' => 'role_id',`
			`'dependent' => false,`
			`'conditions' => '',`
			`'fields' => '',`
			`'order' => '',`
			`'limit' => '',`
			`'offset' => '',`
			`'exclusive' => '',`
			`'finderQuery' => '',`
			`'counterQuery' => ''`
			`)`
			`);`

			`public $actsAs = array(`
			`'Trim',`
Changes to logs and some minor changes - Regexp, blacklist, roles, whitelists now logged - adminCRUD now sets ID (for the logging) on edit - some minor UI changes (removal of empty action menues on the left menu bar) 2013-03-07 11:51:43 +01:00			`'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable`
			`'roleModel' => 'Role',`
			`'roleKey' => 'role_id',`
			`'change' => 'full'`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`),`
			`);`

			`public $virtualFields = array(`
chg: use CASE WHEN instead of IF in $virtualFields 2016-07-11 20:24:03 +02:00			`'permission' => "CASE WHEN (Role.perm_add + Role.perm_modify + Role.perm_publish = 3) THEN '3' WHEN (Role.perm_add + Role.perm_modify_org = 2) THEN '2' WHEN (Role.perm_add = 1) THEN '1' ELSE '0' END",`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`);`

Update to the roles and user filtering - new role permission added for SG editors - roles reworked, permissions all looked up centrally from the role model instead of code replication across controllers and views - user filtering now correctly uses organisation objects instead of org strings 2015-04-07 14:47:14 +02:00			`public $permFlags = array(`
fix: Re-added the accidentally removed code in a merge, fixes #1965 - affects f0e1a27b7dca2e6d36f904ef52d4976649ccefa3 2017-02-20 18:43:36 +01:00			`'perm_admin' => array('id' => 'RolePermAdmin', 'text' => 'Admin', 'readonlyenabled' => false),`
			`'perm_site_admin' => array('id' => 'RolePermSiteAdmin', 'text' => 'Site Admin', 'readonlyenabled' => false),`
new: Enable sync permission for read only accounts 2017-03-02 11:11:18 +01:00			`'perm_sync' => array('id' => 'RolePermSync', 'text' => 'Sync Actions', 'readonlyenabled' => true),`
fix: Re-added the accidentally removed code in a merge, fixes #1965 - affects f0e1a27b7dca2e6d36f904ef52d4976649ccefa3 2017-02-20 18:43:36 +01:00			`'perm_audit' => array('id' => 'RolePermAudit', 'text' => 'Audit Actions', 'readonlyenabled' => true),`
			`'perm_auth' => array('id' => 'RolePermAuth', 'text' => 'Auth key access', 'readonlyenabled' => true),`
			`'perm_regexp_access' => array('id' => 'RolePermRegexpAccess', 'text' => 'Regex Actions', 'readonlyenabled' => false),`
			`'perm_tagger' => array('id' => 'RolePermTagger', 'text' => 'Tagger', 'readonlyenabled' => false),`
			`'perm_tag_editor' => array('id' => 'RolePermTagEditor', 'text' => 'Tag Editor', 'readonlyenabled' => false),`
			`'perm_template' => array('id' => 'RolePermTemplate', 'text' => 'Template Editor', 'readonlyenabled' => false),`
			`'perm_sharing_group' => array('id' => 'RolePermSharingGroup', 'text' => 'Sharing Group Editor', 'readonlyenabled' => false),`
			`'perm_delegate' => array('id' => 'RolePermDelegate', 'text' => 'Delegations Access', 'readonlyenabled' => false),`
			`'perm_sighting' => array('id' => 'RolePermSighting', 'text' => 'Sighting Creator', 'readonlyenabled' => true)`
Update to the roles and user filtering - new role permission added for SG editors - roles reworked, permissions all looked up centrally from the role model instead of code replication across controllers and views - user filtering now correctly uses organisation objects instead of org strings 2015-04-07 14:47:14 +02:00			`);`
remove whitespace (space/tab) from empty lines 2016-06-04 01:08:16 +02:00
Further progress 2015-08-31 02:32:37 +02:00			`public $premissionLevelName = array('Read Only', 'Manage Own Events', 'Manage Organisation Events', 'Manage and Publish Organisation Events');`
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes 2013-04-25 14:04:08 +02:00
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`public function beforeSave($options = array()) {`
fix: Re-added the accidentally removed code in a merge, fixes #1965 - affects f0e1a27b7dca2e6d36f904ef52d4976649ccefa3 2017-02-20 18:43:36 +01:00			`//Conversion from the named data access permission levels`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`switch ($this->data['Role']['permission']) {`
			`case '0':`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_add'] = 0;`
			`$this->data['Role']['perm_modify'] = 0;`
			`$this->data['Role']['perm_modify_org'] = 0;`
			`$this->data['Role']['perm_publish'] = 0;`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`break;`
			`case '1':`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_add'] = 1;`
fix: Re-added the accidentally removed code in a merge, fixes #1965 - affects f0e1a27b7dca2e6d36f904ef52d4976649ccefa3 2017-02-20 18:43:36 +01:00			`$this->data['Role']['perm_modify'] = 1;`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_modify_org'] = 0;`
			`$this->data['Role']['perm_publish'] = 0;`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`break;`
			`case '2':`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_add'] = 1;`
			`$this->data['Role']['perm_modify'] = 1;`
			`$this->data['Role']['perm_modify_org'] = 1;`
			`$this->data['Role']['perm_publish'] = 0;`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`break;`
			`case '3':`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_add'] = 1;`
fix: Re-added the accidentally removed code in a merge, fixes #1965 - affects f0e1a27b7dca2e6d36f904ef52d4976649ccefa3 2017-02-20 18:43:36 +01:00			`$this->data['Role']['perm_modify'] = 1;`
			`$this->data['Role']['perm_modify_org'] = 1;`
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 20:22:42 +02:00			`$this->data['Role']['perm_publish'] = 1;`
Removed the js title bubble for related events - Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standards 2013-03-08 13:16:02 +01:00			`break;`
			`default:`
			`break;`
			`}`
			`return true;`
			`}`
chg: add newline character before EOF to non-minified (text-)files 2016-06-06 10:09:55 +02:00			`}`