added ACL::getAclByTypeName, fixed ACL::getRefTable, added perm methods

SE/se-lib/ACL.php

@@ -196,20 +196,29 @@ SQL;
 		return Core_AclHelper::getAclByNamespace($namespace, $forceTblAclInit);
 	}
 
+	public static function getAclByTypeName($typeName, $forceTblAclInit = false) {
+		return Core_AclHelper::getAclByNamespace(str_replace(':', '/', $typeName), $forceTblAclInit);
+	}
+
 	public static function parseNamespaceUrl($namespace) {// returns assoc array: [ 'name', 'url', 'prefix', 'sourceName' ]
 		return Core_AclHelper::parseNamespaceUrl($namespace);
 	}
 
 	public static function getRefTable($rootObjectNamespace, $childName) { // CRM_REF_CONFIG
 		static $cacheRefTables = array();
+		DBG::log("DBG get ref table ({$rootObjectNamespace}, {$childName}) ...");
 		$cacheKey = "{$rootObjectNamespace}/{$childName}";
 		if (array_key_exists($cacheKey, $cacheRefTables)) return $cacheRefTables[$cacheKey];
 
 		$rootAcl = self::getAclByNamespace($rootObjectNamespace);
 		$childXsdType = $rootAcl->getXsdFieldType($childName);
-		if ('ref_uri:' !== substr($childXsdType, 0, 8)) throw new Exception("Expected ref type for field '{$childName}' in object '{$rootObjectNamespace}'");
-		$childNamespace = substr($childXsdType, 8);
-		$childAcl = self::getAclByNamespace($childNamespace);
+		list($typePrefix, $childNamespace) = explode(':', $childXsdType, 2);
+		DBG::log(['$childXsdType' => $childXsdType, '$typePrefix' => $typePrefix, '$childNamespace' => $childNamespace], 'array', "DBG get ref table ...");
+		switch ($typePrefix) {
+			case 'ref_uri': $childAcl = self::getAclByNamespace($childNamespace); break;
+			case 'ref': $childAcl = self::getAclByTypeName($childNamespace); break;
+			default: throw new Exception("Expected ref type for field '{$childName}' in object '{$rootObjectNamespace}'");
+		}
 
 		$refInfo = [];// define $refInfo = [ ID, A_STATUS, VERSION ]
 		try {// check that ref config table exists
@@ -404,4 +413,30 @@ SQL;
 		//   else get from $object->getFields() and put into Core_AclFields
 	}
 
+	public static function canUserReadObject($idUser, $aclOrIdZasob) {
+		throw new Exception("TODO: canUserReadObjec({$idUser}, {$aclOrIdZasob})");
+	}
+	public static function canUserCreateObject($idUser, $aclOrIdZasob) {
+		throw new Exception("TODO: canUserCreateObjec({$idUser}, {$aclOrIdZasob})");
+	}
+	public static function canUserWriteObject($idUser, $aclOrIdZasob) {
+		throw new Exception("TODO: canUserWriteObjec({$idUser}, {$aclOrIdZasob})");
+	}
+	public static function canUserReadObjectField($idUser, $aclOrIdZasob, $fieldNameOrXPath) {
+		throw new Exception("TODO: canUserReadObjectFiel({$idUser}, {$aclOrIdZasob}, {$fieldNameOrXPath})");
+	}
+	public static function canUserCreateObjectField($idUser, $aclOrIdZasob, $fieldNameOrXPath) {
+		throw new Exception("TODO: canUserCreateObjectFiel({$idUser}, {$aclOrIdZasob}, {$fieldNameOrXPath})");
+	}
+	public static function canUserWriteObjectField($idUser, $aclOrIdZasob, $fieldNameOrXPath) {
+		throw new Exception("TODO: canUserWriteObjectFiel({$idUser}, {$aclOrIdZasob}, {$fieldNameOrXPath})");
+	}
+	// TODO: replace below:
+	// AclBase->canCreateField
+	// AclBase->canReadField
+	// AclBase->canReadObjectField
+	// AclBase->canWriteField
+	// AclBase->canWriteObjectField
+	// AclBase->canWriteRecord
+	// AclBase->canReadRecord
 }

SE/se-lib/AntAclBase.php

@@ -115,7 +115,7 @@ class AntAclBase extends Core_AclBase {
     return false; // TODO: return $this->getPerms($fieldName, $object)->canWrite()
   }
 
-  public function getFields() {
+  public function getFields() { // TODO: conflict return structure with TableAcl
     if (empty($this->_fields)) {
       // TODO: fetch fields from DB
       // Lib::loadClass('SchemaFactory');
@@ -229,4 +229,8 @@ class AntAclBase extends Core_AclBase {
     );
   }
 
+  public function isLocalField($fieldName) {
+    return $this->_getField($fieldName)['isLocal'];
+  }
+
 }

SE/se-lib/Core/AclHelper.php

@@ -49,7 +49,7 @@ class Core_AclHelper {// Helper class for Acl
   public static function getAclByNamespace($namespace, $forceTblAclInit = false) { // TODO: mv to ACL
     try {
       Lib::loadClass('SchemaFactory');
-      $objItem = SchemaFactory::loadDefaultObject('SystemObject')->getItem($namespace, ['propertyName'=>"*,field"]);
+      $objItem = SchemaFactory::loadDefaultObject('SystemObject')->getItem(str_replace('__x3A__', '/', $namespace), ['propertyName'=>"*,field"]);
       DBG::log($objItem, 'array', "DBG objItem({$namespace})");
       if (!$objItem['idZasob']) throw new Exception("Missing idZasob for namespace '{$namespace}'");
       if (!in_array($objItem['_type'], [