/**
* Load role privileges
*
* @service
* @anonym
* @param Gpf_Rpc_Params $params
* @return Gpf_Data_RecordSet
*/
public function loadRolePrivileges(Gpf_Rpc_Params $params)
{
if (!Gpf_Session::getAuthUser()->hasPrivilege(Gpf_Privileges::ROLE, Gpf_Privileges::P_READ) && !Gpf_Session::getAuthUser()->hasPrivilege(Gpf_Privileges::ROLE, Pap_Privileges::P_READ_OWN)) {
throw new Gpf_Rpc_PermissionDeniedException('Gpf_Role_RolePrivilegesForm', 'loadRolePrivileges');
}
$role = new Gpf_Db_Role();
$role->setId($params->get('roleid'));
$role->load();
$defaultPrivileges = Gpf_Application::getInstance()->getDefaultPrivilegesByRoleType($role->getRoleType());
$result = new Gpf_Data_RecordSet();
$result->addColumn('object');
$result->addColumn('objectName');
$result->addColumn('possiblePrivileges');
$result->addColumn('activePrivileges');
$rolePrivileges = Gpf_Privileges::loadPrivileges($role->getId());
foreach ($defaultPrivileges->getDefaultPrivileges() as $object => $privileges) {
$record = new Gpf_Data_Record($result->getHeader());
$record->add('object', $object);
$record->add('objectName', ucfirst(str_replace('_', ' ', strtolower($object))));
$allTypes = $defaultPrivileges->getObjectToTypeRelation();
$record->add('possiblePrivileges', implode(',', $allTypes[$object]));
if (array_key_exists($object, $rolePrivileges)) {
$record->add('activePrivileges', implode(',', array_keys($rolePrivileges[$object])));
} else {
$record->add('activePrivileges', '');
}
$result->addRecord($record);
}
$result->sort('objectName');
return $result;
}
