Allow artefact access to be granted by virtue of group role

htdocs/artefact/lib.php

@@ -95,6 +95,7 @@ abstract class ArtefactType {
     protected $note;
     protected $tags = array();
     protected $institution;
+    protected $group;
 
     protected $viewsinstances;
     protected $viewsmetadata;

htdocs/auth/user.php

@@ -509,7 +509,19 @@ class User {
     }
 
     public function can_view_artefact($a) {
-        return $this->get('admin') || $this->get('id') == $a->get('owner');
+        if ($this->get('admin')
+            || $this->get('id') == $a->get('owner')
+            || $this->is_institutional_admin($a->get('institution'))) {
+            return true;
+        }
+        if ($a->get('group')) {
+            // Only group artefacts can have artefact_access_role & artefact_access_usr records
+            return (bool) count_records_sql("SELECT COUNT(*) FROM {artefact_access_role} ar
+                INNER JOIN {group_member} g ON ar.role = g.role
+                WHERE ar.artefact = ? AND g.member = ? AND ar.can_view = 1", array($a->get('id'), $this->get('id')))
+                || record_exists('artefact_access_usr', 'usr', $this->get('id'), 'artefact', $a->get('id'));
+        }
+        return false;
     }
 
 }

htdocs/lib/db/install.xml

@@ -268,6 +268,31 @@
                 <KEY NAME="parentfk" TYPE="foreign" FIELDS="parent" REFTABLE="artefact" REFFIELDS="id" />
             </KEYS>
         </TABLE>
+        <TABLE NAME="artefact_access_usr">
+            <FIELDS>
+                <FIELD NAME="usr" TYPE="int" LENGTH="10" NOTNULL="true" />
+                <FIELD NAME="artefact" TYPE="int" LENGTH="10" NOTNULL="true" />
+                <FIELD NAME="can_republish" TYPE="int" LENGTH="1" NOTNULL="false" />
+            </FIELDS>
+            <KEYS>
+                <KEY NAME="primary" TYPE="primary" FIELDS="usr,artefact" />
+                <KEY NAME="usrfk" TYPE="foreign" FIELDS="usr" REFTABLE="usr" REFFIELDS="id" />
+                <KEY NAME="artefactfk" TYPE="foreign" FIELDS="artefact" REFTABLE="artefact" REFFIELDS="id" />
+            </KEYS>
+        </TABLE>
+        <TABLE NAME="artefact_access_role">
+            <FIELDS>
+                <FIELD NAME="role" TYPE="text" NOTNULL="true" />
+                <FIELD NAME="artefact" TYPE="int" LENGTH="10" NOTNULL="true" />
+                <FIELD NAME="can_view" TYPE="int" LENGTH="1" NOTNULL="true" />
+                <FIELD NAME="can_edit" TYPE="int" LENGTH="1" NOTNULL="true" />
+                <FIELD NAME="can_republish" TYPE="int" LENGTH="1" NOTNULL="true" />
+            </FIELDS>
+            <KEYS>
+                <KEY NAME="primary" TYPE="primary" FIELDS="role,artefact" />
+                <KEY NAME="artefactfk" TYPE="foreign" FIELDS="artefact" REFTABLE="artefact" REFFIELDS="id" />
+            </KEYS>
+        </TABLE>
         <TABLE NAME="group">
             <FIELDS>
                 <FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="true" />

htdocs/lib/db/upgrade.php

@@ -1070,6 +1070,21 @@ function xmldb_core_upgrade($oldversion=0) {
         execute_sql('ALTER TABLE {artefact} ADD CONSTRAINT {arte_gro_fk} FOREIGN KEY ("group") REFERENCES {group}(id)');
     }
 
+    if ($oldversion < 2008062301) {
+        execute_sql('CREATE TABLE {artefact_access_role} (
+            role TEXT NOT NULL,
+            artefact INTEGER NOT NULL REFERENCES {artefact}(id),
+            can_view SMALLINT NOT NULL,
+            can_edit SMALLINT NOT NULL,
+            can_republish SMALLINT NOT NULL
+        );');
+        execute_sql('CREATE TABLE {artefact_access_usr} (
+            usr INTEGER NOT NULL REFERENCES {usr}(id),
+            artefact INTEGER NOT NULL REFERENCES {artefact}(id),
+            can_republish SMALLINT
+        );');
+    }
+
     return $status;
 
 }

htdocs/lib/version.php

@@ -27,7 +27,7 @@
 defined('INTERNAL') || die();
 
 $config = new StdClass;
-$config->version = 2008062300;
+$config->version = 2008062301;
 $config->release = '1.1.0alpha';
 $config->minupgradefrom = 2007080700;
 $config->minupgraderelease = '0.8.0 (release tag 0.8.0_RELEASE)';