PHP CB Security::getSecuritySets Beispiele

Programmiersprache: PHP

Namespace / Paketname: CB

Klasse / Typ: Security

Methode / Funktion: getSecuritySets

Beispiele auf hotexamples.com: 2

PHP CB Security::getSecuritySets - 2 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die CB\Security::getSecuritySets, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

isAdmin(8)

canWrite(7)

canRead(6)

canEditUser(4)

canManage(3)

canAddGroup(2)

isUsersOwner(2)

getSecuritySets(2)

copyNodeAcl(2)

canTakeOwnership(2)

calculateUpdatedSecuritySets(2)

canDownload(2)

canCreateActions(2)

canAddUser(2)

updateSecuritySet(2)

canManageTask(1)

canDelete(1)

canCreateFolders(1)

getAccessBitForObject(1)

getEstimatedUserAccessForObject(1)

getGroupUserIds(1)

getSystemGroupId(1)

canChangePermissions(1)

Beispiel #1

Datei anzeigen

Datei: Actions.php Projekt: sebbie42/casebox

 /**
  * internal function executing a copy or move action
  * @param  array $sourceIds ids to be copied
  * @param  int   $targetId
  * @return array processed ids
  */
 private function doAction($action, $objectIds, $targetId)
 {
     $rez = array();
     // all the copy process will be made in a single transaction
     DB\startTransaction();
     //get security sets to which this user has
     //read access for copy or delete access for move
     $this->securitySetsFilter = '';
     if (!Security::isAdmin()) {
         $ss = array();
         switch ($action) {
             case 'copy':
                 $ss = \CB\Security::getSecuritySets();
                 break;
             case 'move':
                 //check if the user can move, because it doesnt anctually delete the obj, but just move it
                 $ss = \CB\Security::getSecuritySets(false, 5);
                 break;
         }
         $this->securitySetsFilter = 'AND ti.security_set_id in (0' . implode(',', $ss) . ')';
     }
     /* select only objects that current user can delete */
     $accessibleIds = array();
     $res = DB\dbQuery('SELECT t.id
         FROM tree t
         JOIN tree_info ti ON
             t.id = ti.id ' . $this->securitySetsFilter . '
         WHERE t.id in (' . implode(',', $objectIds) . ')
             AND t.dstatus = 0');
     while ($r = $res->fetch_assoc()) {
         $accessibleIds[] = $r['id'];
     }
     $res->close();
     if (!empty($accessibleIds)) {
         $this->objectsClass = new \CB\Objects();
         $rez = $this->doRecursiveAction($action, $accessibleIds, $targetId);
     } else {
         throw new \Exception(L\get('Access_denied'), 1);
     }
     DB\commitTransaction();
     return $rez;
 }

Beispiel #2

Datei anzeigen

Datei: Search.php Projekt: austinvernsonger/casebox

 /**
  * get assign security sets to filters
  * dont check if 'skipSecurity = true'
  * it's used in Objects fields where we show all nodes
  * without permission filtering
  * @param  array   &$p
  * @return varchar
  */
 protected function getSecuritySetsParam(&$p)
 {
     $rez = '';
     if (!Security::isAdmin() && empty($p['skipSecurity'])) {
         $pids = false;
         if (!empty($p['pid'])) {
             $pids = $p['pid'];
         } elseif (!empty($p['pids'])) {
             $pids = $p['pids'];
         }
         $sets = Security::getSecuritySets(false, 5, $pids);
         if (!empty($sets)) {
             $rez = 'security_set_id:(' . implode(' OR ', $sets) . ') OR oid:' . User::getId();
         } else {
             //for created users that doesnt belong to any group
             //and dont have any security sets associated
             $rez = '!security_set_id:[* TO *]';
         }
     }
     return $rez;
 }