/**
* This method adds/saves a permission system
*
* @param $id If we are editing, $id is the group id. If we are adding, $id is the user id
* @param $edit Boolean flag that defines if we are editing $id or adding to $id
* @param $formvalues (Optional) Custom array with user attributes
* @param $group_id Node id used when inserting permissions. nodeID is the node where permissions are applyed
*
* @returns INT: total of rows affected
*/
function _saveFormDetails($id, $edit, $formvalues = null, $group_id = 0)
{
// validate with custom values
if (!is_null($formvalues)) {
$this->_form->validate($formvalues);
}
// get form values EXCLUDING spans
$values = $this->_form->getValues();
// if this group is not a root group we must get the parent group permissions to check the ones we can use
$userobject = new YDCMUserobject();
$groups = $userobject->getElements(array('ydcmgroup', 'ydcmuser'));
$parent_id = $groups[$id]['parent_id'];
// when adding a new group, parent of $id is the master group. when editing a group, parent is a user.. so the master group is the parent of the parent
if ($edit == true) {
$parent_id = $groups[$parent_id]['parent_id'];
}
// if parent of this group is root, parentgroup permissions are ALL (read: null), otherwise we must get permissions of that parent
if ($parent_id == 1) {
$parentgroup_perms = null;
} else {
$parentgroup_perms = $this->getPermissions($parent_id);
}
// if we are editing, we must get the current group permissions. if we are adding, current permissions are empty
if ($edit == true) {
$perms = $this->getPermissions($id);
} else {
$perms = array();
}
$actions_to_add = array();
$actions_to_del = array();
// get all possible actions to compute actions we must add and actions we must delete
foreach ($this->getRegisteredActions() as $class => $actions) {
foreach ($actions as $action) {
// if action is selected by the user AND
// this is a root group OR the action belogs to the parent group
// we can add it
if (isset($values['pclass_' . $class][$action]) && ($values['pclass_' . $class][$action] == 1 || $values['pclass_' . $class][$action] == 'on')) {
// check if action is valid:
// if parent group is a root a group OR the parent group has this action
if (is_null($parentgroup_perms) || isset($parentgroup_perms[$class][$action])) {
// if action is valid we must check if we must add it or the user already has it
if (!isset($perms[$class][$action])) {
$actions_to_add[] = array($class, $action);
}
continue;
}
// if action selected is not valid we must delete it
$actions_to_del[] = array($class, $action);
}
// if action is not set, we will always delete it (even if is not in bd)
$actions_to_del[] = array($class, $action);
}
}
// if we are adding permissions we must add to group_id recently created (not to parent)
if ($edit == false) {
$id = $group_id;
}
$rows_deleted = 0;
// delete actions and count rows affected
foreach ($actions_to_del as $ac) {
$this->resetValues();
$this->set('permission_id', $id);
$this->set('class', $ac[0]);
$this->set('action', $ac[1]);
$rows_deleted += $this->delete();
}
$rows_added = 0;
// add actions and count total of action added
foreach ($actions_to_add as $ac) {
$this->resetValues();
$this->set('permission_id', $id);
$this->set('class', $ac[0]);
$this->set('action', $ac[1]);
$this->insert();
$rows_added++;
}
// TODO: currently YDDatabaseObject don't have a mechanism to control the above deletes and inserts
return $rows_deleted + $rows_added;
}
/**
* Helper method for user management
*
* @param $id If you will EDIT some user this is the user id to edit.
* If you will ADD a new user this is the group id (parent_id) of the new user.
* @param $edit The edit parameter. TRUE if form is form editing, FALSE if form is for a new user creation
* @param $noneditable Array with form element names that are NOT editable
*
* @returns YDForm object pointer
*/
function &_addFormDetails($id, $edit, $noneditable)
{
YDInclude('YDForm.php');
// init form
$this->_form = new YDForm('YDCMUsers');
// check arguments
if (!is_array($noneditable)) {
$noneditable = array($noneditable);
}
// add username
if (in_array('username', $noneditable)) {
$this->_form->addElement('span', 'username', t('ydcmuser label username'));
} else {
$this->_form->addElement('text', 'username', t('ydcmuser label username'));
$this->_form->addFormRule(array(&$this, '_checkuser'), array($edit, $id));
}
// add password box for new users
if ($edit == false) {
$this->_form->addElement('password', 'password', t('ydcmuser label password'));
$this->_form->addElement('password', 'password2', t('ydcmuser label password2'));
}
// add state
if (in_array('state', $noneditable)) {
$this->_form->addElement('span', 'state', t('ydcmuser label state'));
$this->_form->addElement('span', 'login_start', t('ydcmuser label login_start'));
$this->_form->addElement('span', 'login_end', t('ydcmuser label login_end'));
} else {
$this->_form->addElement('select', 'state', t('ydcmuser label state'), array(), array(1 => t('yes'), 0 => t('no'), 2 => t('schedule')));
$this->_form->addElement('datetimeselect', 'login_start', t('ydcmuser label login_start'));
$this->_form->addElement('datetimeselect', 'login_end', t('ydcmuser label login_end'));
}
// add common user details
if (in_array('details', $noneditable)) {
$this->_form->addElement('span', 'name', t('ydcmuser label name'));
$this->_form->addElement('span', 'email', t('ydcmuser label email'));
$this->_form->addElement('span', 'other', t('ydcmuser label other'));
$this->_form->addElement('span', 'lang_id', t('ydcmuser label language'));
$this->_form->addElement('span', 'template', t('ydcmuser label template'));
} else {
$this->_form->addElement('text', 'name', t('ydcmuser label name'), array('size' => 50, 'maxlength' => 255));
$this->_form->addElement('text', 'email', t('ydcmuser label email'));
$this->_form->addElement('textarea', 'other', t('ydcmuser label other'), array('rows' => 15, 'cols' => 40));
$languages = new YDCMLanguages();
$languages = $languages->active();
$this->_form->addElement('select', 'lang_id', t('ydcmuser label language'), array(), $languages);
$templates = YDCMTemplates::getNames();
// get url to templates and set shot.png as filename
$attributes = array('border' => 1, 'src' => YDConfig::get('YDCMTEMPLATES_ADMIN_URL'), 'ext' => YDConfig::get('YDCMTEMPLATES_ADMIN_EXT'));
$this->_form->addElement('selectimage', 'template', t('ydcmuser label template'), $attributes, $templates);
$this->_form->addRule('name', 'maxlength', t('ydcmuser mess name too big'), 255);
$this->_form->addRule('email', 'email', t('ydcmuser mess email not valid'));
$this->_form->addRule('other', 'maxlength', t('ydcmuser mess other too big'), 5000);
$this->_form->addRule('language_id', 'in_array', t('ydcmuser mess language not valid'), array_keys($languages));
$this->_form->addRule('template', 'in_array', t('ydcmuser mess template not valid'), array_keys($templates));
}
// add access information when editing
if ($edit) {
$this->_form->addElement('span', 'login_counter', t('ydcmuser label login_counter'));
$this->_form->addElement('span', 'login_last', t('ydcmuser label login_last'));
$this->_form->addElement('span', 'login_current', t('ydcmuser label login_current'));
}
// if we are editing a user it's a good idea to set form defaults with user node attributes
if ($edit) {
// add submit button
$this->_form->addElement('submit', '_cmdSubmit', t('ydcmuser label save'));
// set form defaults based on user attributes
$this->_form->setDefaults($this->getUser($id));
} else {
// if id argument is not set its because we want a select box (with groups) so choose
if (is_null($id)) {
// get groups from userobject
$obj = new YDCMUserobject();
$this->_form->addElement('select', 'group', t('ydcmuser label group'), array(), $obj->getElements('YDCMGroup', 'reference'));
}
// add submit button
$this->_form->addElement('submit', '_cmdSubmit', t('ydcmuser label new'));
// when adding a user, if login_end date exists we setup 7 days interval
if ($this->_form->isElement('login_end')) {
$this->_form->setDefault('login_end', time() + 7 * 24 * 3600);
}
}
return $this->_form;
}
