Ejemplos de user_role_permissions en PHP

Ejemplo n.º 1

Archivo: Security.php Proyecto: AohRveTPV/security_review

 /**
  * Returns the permission strings that a group of roles have.
  *
  * @param array $roleIDs
  *   The array of roleIDs to check.
  * @param bool $groupByRoleId
  *   Choose whether to group permissions by role ID.
  * @return array
  *   An array of the permissions untrusted roles have. If $groupByRoleId is
  *   true, the array key is the role ID, the value is the array of permissions
  *   the role has.
  */
 public static function rolePermissions(array $roleIDs, $groupByRoleId = FALSE)
 {
     // Get the permissions the given roles have, grouped by roles.
     $permissions_grouped = user_role_permissions($roleIDs);
     // Fill up the administrative roles' permissions too.
     foreach ($roleIDs as $roleID) {
         $role = Role::load($roleID);
         /** @var Role $role */
         if ($role->isAdmin()) {
             $permissions_grouped[$roleID] = static::permissions();
         }
     }
     if ($groupByRoleId) {
         // If the result should be grouped, we have nothing else to do.
         return $permissions_grouped;
     } else {
         // Merge the grouped permissions into $untrusted_permissions.
         $untrusted_permissions = array();
         foreach ($permissions_grouped as $rid => $permissions) {
             $untrusted_permissions = array_merge($untrusted_permissions, $permissions);
         }
         // Remove duplicate elements and fix indexes.
         $untrusted_permissions = array_values(array_unique($untrusted_permissions));
         return $untrusted_permissions;
     }
 }

Ejemplo n.º 2

Archivo: PermissionsHash.php Proyecto: anatalsceo/en-classe

 /**
  * Generates a hash that uniquely identifies the user's permissions.
  *
  * @param \Drupal\user\Entity\Role[] $roles
  *   The user's roles.
  *
  * @return string
  *   The permissions hash.
  */
 protected function doGenerate(array $roles)
 {
     // @todo Once Drupal gets rid of user_role_permissions(), we should be able
     // to inject the user role controller and call a method on that instead.
     $permissions_by_role = user_role_permissions($roles);
     foreach ($permissions_by_role as $role => $permissions) {
         sort($permissions);
         $permissions_by_role[$role] = $permissions;
     }
     return hash('sha256', $this->privateKey->get() . Settings::getHashSalt() . serialize($permissions_by_role));
 }

Ejemplo n.º 3

Archivo: Profile.php Proyecto: kingsj/core

 /**
  * Checks if user has Drupal's role with LiteCommerce administrator permissions
  *
  * @param array $roles Array of user's roles in Drupal
  *
  * @return boolean
  */
 public static function isRoleHasAdminPermission(array $roles)
 {
     $rolePermissions = user_role_permissions($roles);
     $found = false;
     foreach ($rolePermissions as $rid => $perms) {
         $found = isset($perms[self::LC_DRUPAL_ADMIN_ROLE_NAME]);
         if ($found) {
             break;
         }
     }
     return $found;
 }

Ejemplo n.º 4

Archivo: tac.admin.php Proyecto: rgamb/UNL-CMS

function tac_admin($form, $form_state, $rid = NULL)
{
    $vocabularyObjects = taxonomy_get_vocabularies();
    $vocabularies = array(-1 => '[Select One]');
    foreach ($vocabularyObjects as $vocabularyObject) {
        $vocabularies[$vocabularyObject->vid] = $vocabularyObject->name;
    }
    $vocabulary = variable_get('tac_vocabulary', -1);
    $form = array();
    $form[] = array('vocabulary' => array('#type' => 'select', '#options' => $vocabularies, '#title' => t('Vocabulary to use for Access Control'), '#default_value' => $vocabulary));
    if ($vocabulary > 0) {
        $query = db_select('tac_map', 'm');
        $query->fields('m');
        $data = $query->execute()->fetchAll();
        $currentValues = array();
        foreach ($data as $row) {
            $currentValues[$row->rid][$row->tid] = $row;
        }
        $user_roles = user_roles();
        $role_permissions = user_role_permissions($user_roles);
        foreach ($user_roles as $rid => $role) {
            if ($rid == DRUPAL_ANONYMOUS_RID) {
                continue;
            }
            if (isset($role_permissions[$rid]['bypass node access']) && $role_permissions[$rid]['bypass node access']) {
                continue;
            }
            $subform = array('#theme' => 'tac_term_list', '#title' => 'Permissions for role "' . $role . '"');
            foreach (taxonomy_get_tree($vocabulary) as $term) {
                $subform['term_' . $term->tid] = array('#title' => $term->name, 'list' => array('#parents' => array('edit', $rid, $term->tid, 'list'), '#type' => 'checkbox', '#default_value' => isset($currentValues[$rid][$term->tid]->grant_list) ? $currentValues[$rid][$term->tid]->grant_list : 0), 'create' => array('#parents' => array('edit', $rid, $term->tid, 'create'), '#type' => 'checkbox', '#default_value' => isset($currentValues[$rid][$term->tid]->grant_create) ? $currentValues[$rid][$term->tid]->grant_create : 0), 'update' => array('#parents' => array('edit', $rid, $term->tid, 'update'), '#type' => 'checkbox', '#default_value' => isset($currentValues[$rid][$term->tid]->grant_update) ? $currentValues[$rid][$term->tid]->grant_update : 0), 'delete' => array('#parents' => array('edit', $rid, $term->tid, 'delete'), '#type' => 'checkbox', '#default_value' => isset($currentValues[$rid][$term->tid]->grant_delete) ? $currentValues[$rid][$term->tid]->grant_delete : 0));
            }
            $form['role' . $rid] = $subform;
        }
    }
    $form[] = array('#type' => 'submit', '#value' => t('Submit'));
    return $form;
}

Ejemplo n.º 5

Archivo: FieldPermissionsService.php Proyecto: drugo32/field_permissions

 /**
  * {@inheritdoc}
  */
 public function getPermissionValue(FieldStorageConfigInterface $field)
 {
     $roules = user_roles();
     $field_field_permissions = [];
     $field_permission_perm = FieldPermissionsService::permissions();
     $permissions = user_role_permissions();
     foreach ($roules as $rule_name => $roule) {
         $roule_perms = $roule->getPermissions();
         $field_field_permissions[$rule_name] = [];
         // For all element set admin permission.
         if ($roule->isAdmin()) {
             foreach (array_keys($field_permission_perm) as $perm_name) {
                 $field_field_permissions[$rule_name][] = $perm_name;
             }
         } else {
             foreach ($roule_perms as $key => $roule_perm) {
                 if (in_array($roule_perm, array_keys($field_permission_perm))) {
                     $field_field_permissions[$rule_name][] = $roule_perm;
                 }
             }
         }
     }
     return $field_field_permissions;
 }

Ejemplo n.º 6

Archivo: DrushRole.php Proyecto: ronanguilloux/Bin

 public function getPerms() {
   $perms = user_role_permissions(array($this->rid => $this->name));
   return array_keys($perms[$this->rid]);
 }

Ejemplo n.º 7

Archivo: PermissionConfiguration.php Proyecto: isaenkov/Dru.io

 /**
  * Represent the current state of permissions as a perm to role name array map.
  */
 protected static function get_permissions($by_role = TRUE)
 {
     $map = user_permission_get_modules();
     $roles = static::get_roles();
     $permissions = array();
     foreach (user_role_permissions($roles) as $rid => $role_permissions) {
         if ($by_role) {
             foreach (array_keys(array_filter($role_permissions)) as $permission) {
                 if (isset($map[$permission])) {
                     $permissions[$permission][] = $roles[$rid];
                 }
             }
         } else {
             $permissions[$roles[$rid]] = array();
             foreach ($role_permissions as $permission => $status) {
                 if (isset($map[$permission])) {
                     $permissions[$roles[$rid]][$permission] = $status;
                 }
             }
         }
     }
     return $permissions;
 }

Ejemplo n.º 8

Archivo: SecurityReviewController.php Proyecto: alexku/travisintegrationtest

 /**
  * Look for admin permissions granted to untrusted roles.
  */
 private function checkAdminPermissions()
 {
     $result = TRUE;
     $check_result_value = array();
     $mapping_role = array('anonymous' => 1, 'authenticated' => 2);
     $untrusted_roles = $this->untrustedRoles();
     // Collect permissions marked as for trusted users only.
     $all_permissions = \Drupal::service('user.permissions')->getPermissions();
     $all_keys = array_keys($all_permissions);
     // Get permissions for untrusted roles.
     $untrusted_permissions = user_role_permissions(array_keys($untrusted_roles));
     foreach ($untrusted_permissions as $rid => $permissions) {
         $intersect = array_intersect($all_keys, $permissions);
         foreach ($intersect as $permission) {
             if (isset($all_permissions[$permission]['restrict access'])) {
                 $check_result_value[$mapping_role[$rid]][] = $permission;
             }
         }
     }
     if (!empty($check_result_value)) {
         $result = FALSE;
     }
     return array('result' => $result, 'value' => $check_result_value);
 }