/** * Syncronize user privilege types with group privilege types * Add privtypes but not change uprivs levels * Remove privtypes and privs if group hasn't privtype * * @param integer $id_user User ID * @param array $areas array of area objects * @return array Array(0, boolean) */ private function sync_upriv($id_user, $areas) { // get group's privilege types $group = new Group_model(); $g = $group->get_group_by_user($id_user); $gp = X4Utils_helper::obj2array($this->get_gprivs($g->id), 'what', 'level'); $sql = array(); foreach ($areas as $i) { // get User privilege types on area $up = X4Utils_helper::obj2array($this->get_uprivs($id_user, $i->id_area), 'privtype', 'id'); // check group privilege types foreach ($gp as $k => $v) { if (isset($up[$k])) { // if user have a group's privilege do none unset($up[$k]); } else { if ($i->id_area == 1 || !in_array($k, $this->admin_privtypes)) { // if user don't have then add the missing privilege type $sql[] = 'INSERT INTO uprivs (updated, id_area, id_user, privtype, level, xon) VALUES (NOW(), ' . $i->id_area . ', ' . $id_user . ', \'' . $k . '\', ' . $v . ', 1)'; } } } // in array 'up' now you have only the privileges that the group did not so delete it foreach ($up as $k => $v) { $sql[] = 'DELETE u.*, p.* FROM uprivs u JOIN privs p ON u.id_user = p.id_who AND u.privtype = p.what AND u.id_area = p.id_area WHERE u.id = ' . $v . ' AND p.id_who = ' . $id_user . ' AND p.what = \'' . $k . '\' AND p.id_area = ' . $i->id_area; } } return empty($sql) ? array(0, 1) : $this->db->multi_exec($sql); }
/** * Delete Group * * @access private * @param array $_post _POST array * @return void */ private function deleting($_post) { $msg = null; // check permissions $msg = AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'groups', $_post['id'], 4); if (is_null($msg)) { // action $group = new Group_model(); $result = $group->delete($_post['id']); // set message $msg = AdmUtils_helper::set_msg($result); // clear useless permissions if ($result[1]) { $perm = new Permission_model(); $perm->deleting_by_what('groups', $_post['id']); // set what update $msg->update[] = array('element' => 'topic', 'url' => BASE_URL . 'users', 'title' => null); } } $this->response($msg); }
/** * New / Edit user form (use Ajax) * * @param integer $id User ID (if 0 then is a new item) * @param integer $id_group Group ID (if 0 then is a new item) * @return void */ public function edit($id, $id_group = 0) { // load dictionaries $this->dict->get_wordarray(array('form', 'login', 'users')); $lang = X4Route_core::$lang; // get object $user = new User_model(); $u = $id ? $user->get_by_id($id) : new User_obj($id_group, $lang); // get group $group = new Group_model(); $g = $group->get_by_id($u->id_group, 'groups', 'id_area, name'); // build the form $fields = array(); $fields[] = array('label' => null, 'type' => 'hidden', 'value' => $u->id_group, 'name' => 'id_group'); $fields[] = array('label' => null, 'type' => 'hidden', 'value' => $g->id_area, 'name' => 'id_area'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '<h4>' . _GROUP . ': ' . $g->name . '</h4>'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">'); // languages $lmod = new Language_model(); $fields[] = array('label' => ucfirst(_LANGUAGE), 'type' => 'select', 'value' => $u->lang, 'options' => array($lmod->get_languages(), 'code', 'language'), 'name' => 'lang', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">'); $fields[] = array('label' => _USERNAME, 'type' => 'text', 'value' => $u->username, 'name' => 'username', 'suggestion' => _USERNAME_RULE, 'rule' => 'required|minlength§6|alphanumeric', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>'); // password if ($id) { $fields[] = array('label' => null, 'type' => 'html', 'value' => '<h4 class="acenter zerom">' . _PASSWORD_CHANGE_MSG . '</h4>'); $rule = ''; } else { // for a new user you must insert a password $rule = 'required|'; } $fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">'); $fields[] = array('label' => _PASSWORD, 'type' => 'password', 'value' => '', 'name' => 'password', 'suggestion' => _PASSWORD_RULE, 'rule' => $rule . 'minlength§6|alphanumeric', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">'); $fields[] = array('label' => _REPEAT_PASSWORD, 'type' => 'password', 'value' => '', 'name' => 'password2', 'rule' => $rule . 'equal-password', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>'); $fields[] = array('label' => _DESCRIPTION, 'type' => 'textarea', 'value' => $u->description, 'name' => 'description', 'sanitize' => 'string', 'rule' => 'required'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">'); $fields[] = array('label' => _EMAIL, 'type' => 'text', 'value' => $u->mail, 'name' => 'mail', 'rule' => 'required|mail', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">'); $fields[] = array('label' => _PHONE, 'type' => 'text', 'value' => $u->phone, 'name' => 'phone', 'rule' => 'phone', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div><div class="band inner-pad clearfix"><div class="one-half xs-one-whole">'); $fields[] = array('label' => _LEVEL, 'type' => 'select', 'value' => $u->level, 'options' => array($user->get_levels(), 'id', 'name'), 'name' => 'level', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">'); // permissions on areas $perm = new Permission_model(); $area = new Area_model(); $fields[] = array('label' => _DOMAIN, 'type' => 'select', 'value' => X4Utils_helper::obj2array($perm->get_aprivs($id), null, 'id_area'), 'options' => array($area->get_areas($g->id_area, false), 'id', 'name'), 'multiple' => 4, 'name' => 'domain', 'extra' => 'class="large"'); $fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>'); // if submitted if (X4Route_core::$post) { $e = X4Validation_helper::form($fields, 'editor'); if ($e) { $this->editing($id, $_POST); } else { $this->notice($fields); } die; } // contents $view = new X4View_core('editor'); $view->title = $id ? _EDIT_USER : _ADD_USER; // form builder $view->form = X4Form_helper::doform('editor', $_SERVER["REQUEST_URI"], $fields, array(_RESET, _SUBMIT, 'buttons'), 'post', '', 'onclick="setForm(\'editor\');"'); $view->render(TRUE); }