static function createDefaultUserPermissionsAllDimension(Contact $user, $dimension_id, $remove_previous = true)
{
$role_id = $user->getUserType();
$permission_group_id = $user->getPermissionGroupId();
$dimension = Dimensions::getDimensionById($dimension_id);
if (!$dimension instanceof Dimension || !$dimension->getDefinesPermissions()) {
return;
}
try {
$shtab_permissions = array();
$new_permissions = array();
$role_permissions = self::findAll(array('conditions' => "role_id = '{$role_id}'"));
$members = Members::findAll(array('conditions' => 'dimension_id = ' . $dimension_id));
foreach ($members as $member) {
$member_id = $member->getId();
if ($remove_previous) {
ContactMemberPermissions::delete("permission_group_id = {$permission_group_id} AND member_id = {$member_id}");
}
foreach ($role_permissions as $role_perm) {
if ($member->canContainObject($role_perm->getObjectTypeId())) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($permission_group_id);
$cmp->setMemberId($member_id);
$cmp->setObjectTypeId($role_perm->getObjectTypeId());
$cmp->setCanDelete($role_perm->getCanDelete());
$cmp->setCanWrite($role_perm->getCanWrite());
$cmp->save();
$new_permissions[] = $cmp;
$perm = new stdClass();
$perm->m = $member_id;
$perm->r = 1;
$perm->w = $role_perm->getCanWrite();
$perm->d = $role_perm->getCanDelete();
$perm->o = $role_perm->getObjectTypeId();
$shtab_permissions[] = $perm;
}
}
}
if (count($shtab_permissions)) {
$cdp = ContactDimensionPermissions::instance()->findOne(array('conditions' => "permission_group_id = '{$permission_group_id}' AND dimension_id = {$dimension_id}"));
if (!$cdp instanceof ContactDimensionPermission) {
$cdp = new ContactDimensionPermission();
$cdp->setPermissionGroupId($permission_group_id);
$cdp->setContactDimensionId($dimension_id);
$cdp->setPermissionType('check');
$cdp->save();
} else {
if ($cdp->getPermissionType() == 'deny all') {
$cdp->setPermissionType('check');
$cdp->save();
}
}
$stCtrl = new SharingTableController();
$stCtrl->afterPermissionChanged($permission_group_id, $shtab_permissions);
}
return $new_permissions;
} catch (Exception $e) {
throw $e;
}
}
static function userHasSystemPermission(Contact $user, $system_permission)
{
if ($user instanceof Contact && $user->isAdministrator()) {
return true;
}
if (array_var(self::$permission_cache, $user->getId())) {
if (array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
return array_var(self::$permission_cache[$user->getId()], $system_permission);
}
}
if (array_var(self::$permission_group_ids_cache, $user->getId())) {
$contact_pg_ids = self::$permission_group_ids_cache[$user->getId()];
} else {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
self::$permission_group_ids_cache[$user->getId()] = $contact_pg_ids;
}
$permission = self::findOne(array('conditions' => "`{$system_permission}` = 1 AND `permission_group_id` IN ({$contact_pg_ids})"));
// check max system permission
$max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $user->getUserType()));
if ($max_role_system_permissions instanceof MaxSystemPermission) {
$max_val = $max_role_system_permissions->getColumnValue($system_permission);
if (!$max_val) {
$permission = null;
}
}
if (!array_var(self::$permission_cache, $user->getId())) {
self::$permission_cache[$user->getId()] = array();
}
if (!array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
self::$permission_cache[$user->getId()][$system_permission] = !is_null($permission);
}
if (!is_null($permission)) {
return true;
}
return false;
}
/**
* Check if this user can update this users permissions
*
* @param Contact $user
* @return boolean
*/
function canUpdatePermissions(Contact $user)
{
if (!$this->isUser()) {
return false;
}
$actual_user_type = array_var(self::$pg_cache, $user->getUserType());
if (!$actual_user_type) {
$actual_user_type = PermissionGroups::instance()->findOne(array("conditions" => "id = " . $user->getUserType()));
}
$this_user_type = array_var(self::$pg_cache, $this->getUserType());
if (!$this_user_type) {
$this_user_type = PermissionGroups::instance()->findOne(array("conditions" => "id = " . $this->getUserType()));
}
$can_change_type = $actual_user_type->getId() < $this_user_type->getId() || $user->isAdminGroup() && $this->getId() == $user->getId() || $user->isAdministrator();
return can_manage_security($user) && $can_change_type;
}
/**
* Enter description here ...
* @param Contact $contact
* @param array of ObjectType $types
* @param array of int $members
*/
function grantAllPermissions(Contact $contact, $members)
{
if ($contact->getUserType() > 0 && count($members)) {
$userType = $contact->getUserTypeName();
$permissions = array();
// TO fill sharing table
$gid = $contact->getPermissionGroupId();
foreach ($members as $member_id) {
//new
$member = Members::findById($member_id);
$dimension = $member->getDimension();
$types = array();
$member_types = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId());
if (count($member_types)) {
switch ($userType) {
case 'Super Administrator':
case 'Administrator':
case 'Manager':
case 'Executive':
$types = $member_types;
break;
case 'Collaborator Customer':
case 'Non-Exec Director':
foreach (ObjectTypes::findAll(array("conditions" => " name NOT IN ('mail') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Internal Collaborator':
case 'External Collaborator':
foreach (ObjectTypes::findAll(array("conditions" => " name NOT IN ('mail','contact', 'report') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Guest Customer':
foreach (ObjectTypes::findAll(array("conditions" => " name IN ('message', 'weblink', 'event', 'file') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Guest':
foreach (ObjectTypes::findAll(array("conditions" => " name IN ('message', 'weblink', 'event') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
}
}
foreach ($types as $type_id) {
if (!ContactMemberPermissions::instance()->findOne(array("conditions" => "permission_group_id = {$gid}\tAND \n\t\t\t\t\t\t\tmember_id = {$member_id} AND \n\t\t\t\t\t\t\tobject_type_id = {$type_id}"))) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($gid);
$cmp->setMemberId($member_id);
$cmp->setObjectTypeId($type_id);
if ($userType != "Guest" && $userType != "Guest Customer") {
$cmp->setCanWrite(1);
$cmp->setCanDelete(1);
} else {
$cmp->setCanWrite(0);
$cmp->setCanDelete(0);
}
$cmp->save();
$perm = new stdClass();
$perm->m = $member_id;
$perm->r = 1;
$perm->w = 1;
$perm->d = 1;
$perm->o = $type_id;
$permissions[] = $perm;
}
}
}
if (count($permissions)) {
$stCtrl = new SharingTableController();
$stCtrl->afterPermissionChanged($contact->getPermissionGroupId(), $permissions);
}
}
}
private function cut_max_user_permissions(Contact $user)
{
$admin_pg = PermissionGroups::findOne(array('conditions' => "`name`='Super Administrator'"));
$all_roles_max_permissions = RoleObjectTypePermissions::getAllRoleObjectTypePermissionsInfo();
$admin_perms = $all_roles_max_permissions[$admin_pg->getId()];
$all_object_types = array();
foreach ($admin_perms as &$aperm) {
$all_object_types[] = $aperm['object_type_id'];
}
$max_permissions = array_var($all_roles_max_permissions, $user->getUserType());
$pg_id = $user->getPermissionGroupId();
foreach ($all_object_types as $ot) {
if (!$ot) {
continue;
}
$max = array_var($max_permissions, $ot);
if (!$max) {
// cannot read -> delete in contact_member_permissions
$sql = "DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id} AND object_type_id={$ot}";
DB::execute($sql);
} else {
// cut can_delete and can_write using max permissions
$can_d = $max['can_delete'] ? "1" : "0";
$can_w = $max['can_write'] ? "1" : "0";
$sql = "UPDATE " . TABLE_PREFIX . "contact_member_permissions\r\n\t\t\t\tSET can_delete=(can_delete AND {$can_d}), can_write=(can_write AND {$can_w})\r\n\t\t\t\tWHERE permission_group_id={$pg_id} AND object_type_id={$ot}";
DB::execute($sql);
}
}
// rebuild sharing table for permission group $pg_id
$cmp_rows = DB::executeAll("SELECT * FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id}");
$permissions_array = array();
foreach ($cmp_rows as $row) {
$p = new stdClass();
$p->m = array_var($row, 'member_id');
$p->o = array_var($row, 'object_type_id');
$p->d = array_var($row, 'can_delete');
$p->w = array_var($row, 'can_write');
$p->r = 1;
$permissions[] = $p;
}
$sharing_table_controller = new SharingTableController();
$sharing_table_controller->after_permission_changed($pg_id, $permissions_array);
}
/**
* Return true is $user can access an $object. False otherwise.
*
* @param Contact $user
* @param array $members
* @param $object_type_id
* @return boolean
*/
function can_access(Contact $user, $members, $object_type_id, $access_level, $allow_super_admin = true)
{
if ($allow_super_admin && $user->isAdministrator()) {
return true;
}
$write = $access_level == ACCESS_LEVEL_WRITE;
$delete = $access_level == ACCESS_LEVEL_DELETE;
if ($user->isGuest() && $access_level != ACCESS_LEVEL_READ) {
return false;
}
try {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
$allow_all_cache = array();
$dimension_query_methods = array();
// if no manageable member then check if user has permissions wihout classifying
$manageable_members = array();
foreach ($members as $mem) {
if ($mem instanceof Member && $mem->getDimension()->getIsManageable() && $mem->getDimension()->getDefinesPermissions()) {
$manageable_members[] = $mem->getId();
}
}
if (count($manageable_members) == 0) {
$return = false;
if (config_option('let_users_create_objects_in_root') && $contact_pg_ids != "" && ($user->isAdminGroup() || $user->isExecutive() || $user->isManager())) {
$cond = $delete ? 'AND can_delete = 1' : ($write ? 'AND can_write = 1' : '');
$cmp = ContactMemberPermissions::findOne(array('conditions' => "member_id=0 AND object_type_id={$object_type_id} AND permission_group_id IN ({$contact_pg_ids}) {$cond}"));
$return = $cmp instanceof ContactMemberPermission;
}
return $return;
}
$max_role_ot_perm = MaxRoleObjectTypePermissions::instance()->findOne(array('conditions' => "object_type_id='{$object_type_id}' AND role_id = '" . $user->getUserType() . "'"));
$enabled_dimensions = config_option('enabled_dimensions');
$dimension_permissions = array();
foreach ($members as $k => $m) {
if (!$m instanceof Member) {
unset($members[$k]);
continue;
}
$dimension = $m->getDimension();
if (!$dimension->getDefinesPermissions() || !in_array($dimension->getId(), $enabled_dimensions)) {
continue;
}
$dimension_id = $dimension->getId();
if (!isset($dimension_permissions[$dimension_id])) {
$dimension_permissions[$dimension_id] = false;
}
if (!$dimension_permissions[$dimension_id]) {
if ($m->canContainObject($object_type_id)) {
if (!isset($dimension_query_methods[$dimension->getId()])) {
$dimension_query_methods[$dimension->getId()] = $dimension->getPermissionQueryMethod();
}
//dimension defines permissions and user has maximum level of permissions
if (isset($allow_all_cache[$dimension_id])) {
$allow_all = $allow_all_cache[$dimension_id];
} else {
$allow_all = $dimension->hasAllowAllForContact($contact_pg_ids);
$allow_all_cache[$dimension_id] = $allow_all;
}
if ($allow_all) {
$dimension_permissions[$dimension_id] = true;
}
//check individual members
if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)) {
if ($max_role_ot_perm) {
if ($access_level == ACCESS_LEVEL_DELETE && $max_role_ot_perm->getCanDelete() || $access_level == ACCESS_LEVEL_WRITE && $max_role_ot_perm->getCanWrite() || $access_level == ACCESS_LEVEL_READ) {
$dimension_permissions[$dimension_id] = true;
}
}
}
} else {
unset($dimension_permissions[$dimension_id]);
}
}
}
$allowed = true;
// check that user has permissions in all mandatory query method dimensions
$mandatory_count = 0;
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if (!in_array($dim_id, $enabled_dimensions)) {
continue;
}
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_MANDATORY) {
$mandatory_count++;
if (!array_var($dimension_permissions, $dim_id)) {
// if one of the members belong to a mandatory dimension and user does not have permissions on it then return false
return false;
}
}
}
// If no members in mandatory dimensions then check for not mandatory ones
if ($allowed && $mandatory_count == 0) {
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_NOT_MANDATORY) {
if (array_var($dimension_permissions, $dim_id)) {
// if has permissions over any member of a non mandatory dimension then return true
return true;
} else {
$allowed = false;
}
}
}
}
if ($allowed && count($dimension_permissions)) {
return true;
}
// Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo
//Check Context Permissions
$member_ids = array();
foreach ($members as $member_obj) {
$member_ids[] = $member_obj->getId();
}
$allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete);
$count = 0;
foreach ($members as $m) {
$count++;
if (!in_array($m->getId(), $allowed_members)) {
return false;
} else {
if ($count == count($members)) {
return true;
}
}
}
} catch (Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
function create_user($user_data, $permissionsString, $rp_permissions_data = array(), $save_permissions = true)
{
// try to find contact by some properties
$contact_id = array_var($user_data, "contact_id");
$contact = Contacts::instance()->findById($contact_id);
if (!is_valid_email(array_var($user_data, 'email'))) {
throw new Exception(lang("email value is required"));
}
if (!$contact instanceof Contact) {
// Create a new user
$contact = new Contact();
$contact->setUsername(array_var($user_data, 'username'));
$contact->setDisplayName(array_var($user_data, 'display_name'));
$contact->setCompanyId(array_var($user_data, 'company_id'));
$contact->setUserType(array_var($user_data, 'type'));
$contact->setTimezone(array_var($user_data, 'timezone'));
$contact->setFirstname($contact->getObjectName() != "" ? $contact->getObjectName() : $contact->getUsername());
$contact->setObjectName();
$user_from_contact = false;
} else {
// Create user from contact
$contact->setUserType(array_var($user_data, 'type'));
if (array_var($user_data, 'company_id')) {
$contact->setCompanyId(array_var($user_data, 'company_id'));
}
$contact->setUsername(array_var($user_data, 'username'));
$contact->setTimezone(array_var($user_data, 'timezone'));
$user_from_contact = true;
}
$contact->save();
if (is_valid_email(array_var($user_data, 'email'))) {
$user = Contacts::getByEmail(array_var($user_data, 'email'));
if (!$user) {
$contact->addEmail(array_var($user_data, 'email'), 'personal', true);
}
}
//permissions
$additional_name = "";
$tmp_pg = PermissionGroups::findOne(array('conditions' => "`name`='User " . $contact->getId() . " Personal'"));
if ($tmp_pg instanceof PermissionGroup) {
$additional_name = "_" . gen_id();
}
$permission_group = new PermissionGroup();
$permission_group->setName('User ' . $contact->getId() . $additional_name . ' Personal');
$permission_group->setContactId($contact->getId());
$permission_group->setIsContext(false);
$permission_group->setType("permission_groups");
$permission_group->save();
$contact->setPermissionGroupId($permission_group->getId());
$null = null;
Hook::fire('on_create_user_perm_group', $permission_group, $null);
$contact_pg = new ContactPermissionGroup();
$contact_pg->setContactId($contact->getId());
$contact_pg->setPermissionGroupId($permission_group->getId());
$contact_pg->save();
if (can_manage_security(logged_user())) {
$sp = new SystemPermission();
if (!$user_from_contact) {
$rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type'));
if (is_array($rol_permissions)) {
foreach ($rol_permissions as $pr) {
$sp->setPermission($pr);
}
}
}
$sp->setPermissionGroupId($permission_group->getId());
if (isset($user_data['can_manage_security'])) {
$sp->setCanManageSecurity(array_var($user_data, 'can_manage_security'));
}
if (isset($user_data['can_manage_configuration'])) {
$sp->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration'));
}
if (isset($user_data['can_manage_templates'])) {
$sp->setCanManageTemplates(array_var($user_data, 'can_manage_templates'));
}
if (isset($user_data['can_manage_time'])) {
$sp->setCanManageTime(array_var($user_data, 'can_manage_time'));
}
if (isset($user_data['can_add_mail_accounts'])) {
$sp->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts'));
}
if (isset($user_data['can_manage_dimensions'])) {
$sp->setCanManageDimensions(array_var($user_data, 'can_manage_dimensions'));
}
if (isset($user_data['can_manage_dimension_members'])) {
$sp->setCanManageDimensionMembers(array_var($user_data, 'can_manage_dimension_members'));
}
if (isset($user_data['can_manage_tasks'])) {
$sp->setCanManageTasks(array_var($user_data, 'can_manage_tasks'));
}
if (isset($user_data['can_task_assignee'])) {
$sp->setCanTasksAssignee(array_var($user_data, 'can_task_assignee'));
}
if (isset($user_data['can_manage_billing'])) {
$sp->setCanManageBilling(array_var($user_data, 'can_manage_billing'));
}
if (isset($user_data['can_view_billing'])) {
$sp->setCanViewBilling(array_var($user_data, 'can_view_billing'));
}
if (isset($user_data['can_see_assigned_to_other_tasks'])) {
$sp->setColumnValue('can_see_assigned_to_other_tasks', array_var($user_data, 'can_see_assigned_to_other_tasks'));
}
Hook::fire('add_user_permissions', $sp, $other_permissions);
if (!is_null($other_permissions) && is_array($other_permissions)) {
foreach ($other_permissions as $k => $v) {
$sp->setColumnValue($k, array_var($user_data, $k));
}
}
$sp->save();
$permissions_sent = array_var($_POST, 'manual_permissions_setted') == 1;
// give permissions for user if user type defined in "give_member_permissions_to_new_users" config option
$allowed_user_type_ids = config_option('give_member_permissions_to_new_users');
if ($contact->isAdministrator() || !$permissions_sent && in_array($contact->getUserType(), $allowed_user_type_ids)) {
ini_set('memory_limit', '512M');
$permissions = array();
$default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType()));
$dimensions = Dimensions::findAll();
foreach ($dimensions as $dimension) {
if ($dimension->getDefinesPermissions()) {
$cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = " . $contact->getPermissionGroupId() . " AND `dimension_id` = " . $dimension->getId()));
if (!$cdp instanceof ContactDimensionPermission) {
$cdp = new ContactDimensionPermission();
$cdp->setPermissionGroupId($contact->getPermissionGroupId());
$cdp->setContactDimensionId($dimension->getId());
}
$cdp->setPermissionType('check');
$cdp->save();
// contact member permisssion entries
$members = DB::executeAll('SELECT * FROM ' . TABLE_PREFIX . 'members WHERE dimension_id=' . $dimension->getId());
foreach ($members as $member) {
foreach ($default_permissions as $p) {
// Add persmissions to sharing table
$perm = new stdClass();
$perm->m = $member['id'];
$perm->r = 1;
$perm->w = $p->getCanWrite();
$perm->d = $p->getCanDelete();
$perm->o = $p->getObjectTypeId();
$permissions[] = $perm;
}
}
}
}
$_POST['permissions'] = json_encode($permissions);
} else {
if ($permissions_sent) {
$_POST['permissions'] = $permissionsString;
} else {
$_POST['permissions'] = "";
}
}
if (config_option('let_users_create_objects_in_root') && ($contact->isAdminGroup() || $contact->isExecutive() || $contact->isManager())) {
if ($permissions_sent) {
foreach ($rp_permissions_data as $name => $value) {
$ot_id = substr($name, strrpos($name, '_') + 1);
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($permission_group->getId());
$cmp->setMemberId(0);
$cmp->setObjectTypeId($ot_id);
$cmp->setCanDelete($value >= 3);
$cmp->setCanWrite($value >= 2);
$cmp->save();
}
} else {
$default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType()));
foreach ($default_permissions as $p) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($permission_group->getId());
$cmp->setMemberId(0);
$cmp->setObjectTypeId($p->getObjectTypeId());
$cmp->setCanDelete($p->getCanDelete());
$cmp->setCanWrite($p->getCanWrite());
$cmp->save();
}
}
}
}
if (!isset($_POST['sys_perm']) && !$user_from_contact) {
$rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type'));
$_POST['sys_perm'] = array();
if (is_array($rol_permissions)) {
foreach ($rol_permissions as $pr) {
$_POST['sys_perm'][$pr] = 1;
}
}
}
if (!isset($_POST['mod_perm']) && !$user_from_contact) {
$tabs_permissions = TabPanelPermissions::getRoleModules(array_var($user_data, 'type'));
$_POST['mod_perm'] = array();
foreach ($tabs_permissions as $pr) {
$_POST['mod_perm'][$pr] = 1;
}
}
$password = '';
if (array_var($user_data, 'password_generator') == 'specify') {
$perform_password_validation = true;
// Validate input
$password = array_var($user_data, 'password');
if (trim($password) == '') {
throw new Error(lang('password value required'));
}
// if
if ($password != array_var($user_data, 'password_a')) {
throw new Error(lang('passwords dont match'));
}
// if
} else {
$user_data['password_generator'] = 'link';
$perform_password_validation = false;
}
$contact->setPassword($password);
$contact->save();
$user_password = new ContactPassword();
$user_password->setContactId($contact->getId());
$user_password->setPasswordDate(DateTimeValueLib::now());
$user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp()));
$user_password->password_temp = $password;
$user_password->perform_validation = $perform_password_validation;
$user_password->save();
if (array_var($user_data, 'autodetect_time_zone', 1) == 1) {
set_user_config_option('autodetect_time_zone', 1, $contact->getId());
}
/* create contact for this user*/
ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD);
// Set role permissions for active members
$active_context = active_context();
$sel_members = array();
if (is_array($active_context) && !$permissions_sent) {
$tmp_perms = array();
if ($_POST['permissions'] != "") {
$tmp_perms = json_decode($_POST['permissions']);
}
foreach ($active_context as $selection) {
if ($selection instanceof Member) {
$sel_members[] = $selection;
$has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '" . $contact->getPermissionGroupId() . "' AND member_id = " . $selection->getId()) > 0;
if (!$has_project_permissions) {
$new_cmps = RoleObjectTypePermissions::createDefaultUserPermissions($contact, $selection);
foreach ($new_cmps as $new_cmp) {
$perm = new stdClass();
$perm->m = $new_cmp->getMemberId();
$perm->r = 1;
$perm->w = $new_cmp->getCanWrite();
$perm->d = $new_cmp->getCanDelete();
$perm->o = $new_cmp->getObjectTypeId();
$tmp_perms[] = $perm;
}
}
}
}
if (count($tmp_perms) > 0) {
$_POST['permissions'] = json_encode($tmp_perms);
}
}
if ($save_permissions) {
//save_permissions($contact->getPermissionGroupId(), $contact->isGuest());
save_user_permissions_background(logged_user(), $contact->getPermissionGroupId(), $contact->isGuest());
}
Hook::fire('after_user_add', $contact, $null);
// add user content object to associated members
if (count($sel_members) > 0) {
ObjectMembers::addObjectToMembers($contact->getId(), $sel_members);
$contact->addToSharingTable();
}
return $contact;
}
