Ejemplo n.º 1
0
 function check($oSection)
 {
     $aPermissions = $this->_getAcceptedPermissions();
     //no required permissions, we can show the section
     if (empty($aPermissions)) {
         return true;
     }
     $hasRequiredPermission = false;
     for ($i = 0; $i < count($aPermissions); $i++) {
         $hasRequiredPermission = OA_Permission::hasPermission($aPermissions[$i]);
         if ($hasRequiredPermission) {
             break;
         }
     }
     return $hasRequiredPermission;
 }
Ejemplo n.º 2
0
function OA_headerNavigation()
{
    $oHeaderModel = buildAdvertiserHeaderModel($GLOBALS['clientid']);
    if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
        phpAds_PageHeader("advertiser-access", $oHeaderModel);
        phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.2"));
    } else {
        $sections = array();
        if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
            $sections[] = '2.2';
        }
        $sections[] = '2.3';
        $sections[] = '2.3.2';
        phpAds_PageHeader('advertiser-access', $oHeaderModel);
        phpAds_ShowSections($sections);
    }
}
Ejemplo n.º 3
0
 /**
  * The final "child" implementation of the parental abstract method.
  *
  * @see OA_Admin_Statistics_Common::start()
  */
 function start()
 {
     // Get parameters
     $advertiserId = $this->_getId('advertiser');
     $placementId = $this->_getId('placement');
     $adId = $this->_getId('ad');
     // Security check
     OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
     $this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId));
     // Add standard page parameters
     $this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId);
     // Load the period preset and stats breakdown parameters
     $this->_loadPeriodPresetParam();
     $this->_loadStatsBreakdownParam();
     // Load $_GET parameters
     $this->_loadParams();
     // HTML Framework
     if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
         $this->pageId = '2.1.2.2.1';
         $this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3');
     } elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
         $this->pageId = '1.2.2.1';
         $this->aPageSections[] = '1.2.2.1';
         if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
             $this->aPageSections[] = '1.2.2.2';
         }
         $this->aPageSections[] = '1.2.2.4';
     }
     // Add breadcrumbs
     $this->_addBreadcrumbs('banner', $adId);
     // Add context
     $this->aPageContext = array('banners', $adId);
     // Add shortcuts
     if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
         $this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif');
     }
     $this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif');
     $this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif');
     $this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif');
     // Prepare the data for display by output() method
     $aParams = array('ad_id' => $adId);
     $this->prepare($aParams, 'stats.php');
 }
OA_Permission::enforceAccessToObject('clients', $clientid);
/*-------------------------------------------------------*/
/* Store preferences									 */
/*-------------------------------------------------------*/
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework                                        */
/*-------------------------------------------------------*/
$oHeaderModel = buildAdvertiserHeaderModel($clientid);
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
    phpAds_PageHeader('advertiser-access', $oHeaderModel);
    phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.1"));
} else {
    $sections = array();
    if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
        $sections[] = '2.2';
    }
    $sections[] = '2.3';
    $sections[] = '2.3.1';
    phpAds_PageHeader('advertiser-access', $oHeaderModel);
    phpAds_ShowSections($sections);
}
/*-------------------------------------------------------*/
/* Main code                                             */
/*-------------------------------------------------------*/
require_once MAX_PATH . '/lib/OA/Admin/Template.php';
$oTpl = new OA_Admin_Template('advertiser-user-start.html');
OA_Admin_UI_UserAccess::assignUserStartTemplateVariables($oTpl);
$oTpl->assign('action', 'advertiser-user.php');
$oTpl->assign('entityIdName', 'clientid');
$title = $setPref[$prefSection]['name'];
// Display the settings page's header and sections
$oHeaderModel = new OA_Admin_UI_Model_PageHeaderModel($title);
phpAds_PageHeader('account-user-index', $oHeaderModel);
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) {
    // Show all "Preferences" sections
    phpAds_ShowSections(array("5.1", "5.2", "5.3", "5.5", "5.6", "5.4"));
} else {
    if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
        // Show the "Account Preferences", "User Log" and "Channel Management" sections of the "Preferences" sections
        phpAds_ShowSections(array("5.1", "5.2", "5.4", "5.7"));
    } else {
        if (OA_Permission::isAccount(OA_ACCOUNT_TRAFFICKER, OA_ACCOUNT_ADVERTISER)) {
            // Show the "User Preferences" section of the "Preferences" sections
            $sections = array("5.1", "5.2");
            if (OA_Permission::hasPermission(OA_PERM_USER_LOG_ACCESS)) {
                $sections[] = "5.4";
            }
            phpAds_ShowSections($sections);
        }
    }
}
// Get the current logged in user details
$oUser = OA_Permission::getCurrentUser();
$aUser = $oUser->aUser;
//$aLanguages = MAX_Admin_Languages::AvailableLanguages();
$aLanguages = new MAX_Admin_Languages();
// Prepare an array of HTML elements to display for the form, and
// output using the $oOption object
$aSettings = array(array('text' => $strUserDetails, 'items' => array(array('type' => 'plaintext', 'name' => 'username', 'value' => $aUser['username'], 'text' => $strUsername, 'size' => 35), array('type' => 'break'), array('type' => 'plaintext', 'name' => 'email_address', 'value' => $aUser['email_address'], 'text' => $strEmailAddress, 'size' => 35), array('type' => 'break'), array('type' => 'text', 'name' => 'contact_name', 'value' => $aUser['contact_name'], 'text' => $strFullName, 'size' => 35))), array('text' => $strLanguage, 'items' => array(array('type' => 'select', 'name' => 'language', 'text' => $strLanguage, 'items' => $aLanguages->AvailableLanguages(), 'value' => $GLOBALS['_MAX']['PREF']['language']))));
$oOptions->show($aSettings, $aErrormessage);
            $banners[$key]['url_trimmed'] = substr_replace($banner['url'], ' ...', 40);
        }
    }
}
$oTpl->assign('clientId', $clientid);
$oTpl->assign('campaignId', $campaignid);
$oTpl->assign('aBanners', $banners);
$oTpl->assign('aCount', $aCount);
$oTpl->assign('hideinactive', $hideinactive);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER));
$oTpl->assign('canACL', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
$oTpl->assign('canEdit', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT));
$oTpl->assign('canActivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE));
$oTpl->assign('canDeactivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_DEACTIVATE));
$oTpl->assign('canDelete', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
/*-------------------------------------------------------*/
/* Store preferences                                     */
/*-------------------------------------------------------*/
$session['prefs']['campaign-banners.php'][$campaignid]['hideinactive'] = $hideinactive;
$session['prefs']['campaign-banners.php'][$campaignid]['listorder'] = $listorder;
$session['prefs']['campaign-banners.php'][$campaignid]['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['campaignid'][$clientid] = $campaignid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework                                        */
/*-------------------------------------------------------*/
$oTpl->display();
phpAds_PageFooter();
Ejemplo n.º 7
0
 /**
  * The final "child" implementation of the parental abstract method.
  *
  * @see OA_Admin_Statistics_Common::start()
  */
 function start()
 {
     // Get the preferences
     $aPref = $GLOBALS['_MAX']['PREF'];
     // Get parameters
     $advertiserId = $this->_getId('advertiser');
     $placementId = $this->_getId('placement');
     $adId = $this->_getId('ad');
     // Security check
     OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
     $this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId));
     // Add standard page parameters
     $this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId);
     // Load the period preset and stats breakdown parameters
     $this->_loadPeriodPresetParam();
     $this->_loadStatsBreakdownParam();
     // Load $_GET parameters
     $this->_loadParams();
     // HTML Framework
     if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
         $this->pageId = '2.1.2.2.2';
         $this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3');
     } elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
         $this->pageId = '1.2.2.4';
         $this->aPageSections[] = '1.2.2.1';
         if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
             $this->aPageSections[] = '1.2.2.2';
         }
         $this->aPageSections[] = '1.2.2.4';
     }
     // Add breadcrumbs
     $this->_addBreadcrumbs('banner', $adId);
     // Add context
     $this->aPageContext = array('banners', $adId);
     // Add shortcuts
     if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
         $this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif');
     }
     $this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif');
     $this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif');
     $this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif');
     // Fix entity links
     $this->entityLinks['p'] = 'stats.php?entity=banner&breakdown=affiliate-history';
     $this->entityLinks['z'] = 'stats.php?entity=banner&breakdown=zone-history';
     $this->hideInactive = MAX_getStoredValue('hideinactive', $aPref['ui_hide_inactive'] == true, null, true);
     $this->showHideInactive = true;
     $this->startLevel = MAX_getStoredValue('startlevel', 0, null, true);
     // Init nodes
     $this->aNodes = MAX_getStoredArray('nodes', array());
     $expand = MAX_getValue('expand', '');
     $collapse = MAX_getValue('collapse');
     // Adjust which nodes are opened closed...
     MAX_adjustNodes($this->aNodes, $expand, $collapse);
     $aParams = array();
     $aParams['ad_id'] = $adId;
     switch ($this->startLevel) {
         case 1:
             $this->aEntitiesData = $this->getZones($aParams, $this->startLevel, $expand, true);
             break;
         default:
             $this->startLevel = 0;
             $this->aEntitiesData = $this->getPublishers($aParams, $this->startLevel, $expand);
             break;
     }
     // Summarise the values into a the totals array, & format
     $this->_summariseTotalsAndFormat($this->aEntitiesData);
     $this->showHideLevels = array();
     switch ($this->startLevel) {
         case 1:
             $this->showHideLevels = array(0 => array('text' => $GLOBALS['strShowParentAffiliates'], 'icon' => 'images/icon-affiliate.gif'));
             $this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveZonesHidden']}";
             break;
         case 0:
             $this->showHideLevels = array(1 => array('text' => $GLOBALS['strHideParentAffiliates'], 'icon' => 'images/icon-affiliate-d.gif'));
             $this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveAffiliatesHidden']}";
             break;
     }
     // Save prefs
     $this->aPagePrefs['startlevel'] = $this->startLevel;
     $this->aPagePrefs['nodes'] = implode(",", $this->aNodes);
     $this->aPagePrefs['hideinactive'] = $this->hideInactive;
 }
Ejemplo n.º 8
0
 /**
  * Checks if user has access to specific area (for example admin or agency area)
  * Permissions are defined in www/admin/lib-permissions.inc.php file
  *
  * @access public
  *
  * @param integer $permissions
  * @param string $table  Table name
  * @param integer $id  Id (or empty if new is created)
  * @param unknown $allowed  check allowed
  *
  * @return boolean  True if has access
  */
 function checkPermissions($permissions, $table = '', $id = null, $allowed = null)
 {
     $isError = false;
     if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
         if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
             $isError = true;
         }
     }
     if (!empty($id) && !$this->checkIdExistence($table, $id)) {
         return false;
     }
     if (isset($id) && !OA_Permission::hasAccessToObject($table, $id)) {
         if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
             $isError = true;
         }
     }
     if (isset($allowed)) {
         if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
             $isError = true;
         }
     }
     if ($isError) {
         $this->raiseError('Access forbidden');
         return false;
     } else {
         return true;
     }
 }
Ejemplo n.º 9
0
require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php';
require_once MAX_PATH . '/lib/max/other/html.php';
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER);
OA_Permission::enforceAccountPermission(OA_ACCOUNT_MANAGER, OA_PERM_SUPER_ACCOUNT);
OA_Permission::enforceAccessToObject('agency', $agencyid);
$userAccess = new OA_Admin_UI_UserAccess();
$userAccess->init();
function OA_HeaderNavigation()
{
    global $agencyid;
    if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) {
        phpAds_PageHeader("agency-access");
        $doAgency = OA_Dal::staticGetDO('agency', $agencyid);
        MAX_displayInventoryBreadcrumbs(array(array("name" => $doAgency->name)), "agency");
    } else {
        phpAds_PageHeader("agency-user");
    }
}
$userAccess->setNavigationHeaderCallback('OA_HeaderNavigation');
$accountId = OA_Permission::getAccountIdForEntity('agency', $agencyid);
$userAccess->setAccountId($accountId);
$userAccess->setPagePrefix('agency');
$aAllowedPermissions = array();
if (OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) {
    $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false);
}
$userAccess->setAllowedPermissions($aAllowedPermissions);
$userAccess->setHiddenFields(array('agencyid' => $agencyid));
$userAccess->setRedirectUrl('agency-access.php?agencyid=' . $agencyid);
$userAccess->setBackUrl('agency-user-start.php?agencyid=' . $agencyid);
$userAccess->process();
Ejemplo n.º 10
0
function addZonePageTools($affiliateid, $zoneid, $aOtherPublishers, $aEntities)
{
    global $phpAds_TextDirection;
    //duplicate
    if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD)) {
        addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "zone-modify.php?duplicate=true&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconZoneDuplicate");
    }
    //move to
    if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
        $form = "<form action='" . MAX::constructUrl(MAX_URL_ADMIN, 'zone-modify.php') . "'>\n        <input type='hidden' name='affiliateid' value='{$affiliateid}'>\n        <input type='hidden' name='zoneid' value='{$zoneid}'>\n        <input type='hidden' name='returnurl' value='" . htmlspecialchars(basename($_SERVER['SCRIPT_NAME'])) . "'>\n        <select name='newaffiliateid'>";
        $aOtherPublishers = _multiSort($aOtherPublishers, 'name', 'publisher_id');
        foreach ($aOtherPublishers as $otherPublisherId => $aOtherPublisher) {
            $otherPublisherName = MAX_buildName($aOtherPublisher['publisher_id'], $aOtherPublisher['name']);
            if ($aOtherPublisher['publisher_id'] != $affiliateid) {
                $form .= "<option value='" . $aOtherPublisher['publisher_id'] . "'>" . htmlspecialchars($otherPublisherName) . "</option>";
            }
        }
        $form .= "</select><input type='image' class='submit' src='" . OX::assetPath() . "/images/" . $phpAds_TextDirection . "/go_blue.gif'></form>";
        addPageFormTool($GLOBALS['strMoveTo'], 'iconZoneMove', $form);
    }
    //delete
    if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE)) {
        $deleteConfirm = phpAds_DelConfirm($GLOBALS['strConfirmDeleteZone']);
        addPageLinkTool($GLOBALS["strDelete"], MAX::constructUrl(MAX_URL_ADMIN, "zone-delete.php?token=" . urlencode(phpAds_SessionGetToken()) . "&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=affiliate-zones.php"), "iconDelete", null, $deleteConfirm);
    }
    //shortcut
    addPageShortcut($GLOBALS['strBackToZones'], MAX::constructUrl(MAX_URL_ADMIN, "affiliate-zones.php?affiliateid={$affiliateid}"), "iconBack");
    $entityString = _getEntityString($aEntities);
    addPageShortcut($GLOBALS['strZoneHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=zone&breakdown=history&{$entityString}"), 'iconStatistics');
}
Ejemplo n.º 11
0
    phpAds_PageHeader("affiliate-access");
    MAX_displayWebsiteBreadcrumbs($affiliateid);
}
$userAccess->setNavigationHeaderCallback('OA_headerNavigation');
function OA_footerNavigation()
{
    echo "\n    <script language='JavaScript'>\n    <!--\n    ";
    if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
        echo "function MMM_cascadePermissionsChange()\n        {\n            var e = findObj('permissions_" . OA_PERM_ZONE_EDIT . "');\n            var a = findObj('permissions_" . OA_PERM_ZONE_ADD . "');\n            var d = findObj('permissions_" . OA_PERM_ZONE_DELETE . "');\n\n            a.disabled = d.disabled = !e.checked;\n            if (!e.checked) {\n                a.checked = d.checked = false;\n            }\n        }\n        MMM_cascadePermissionsChange();\n        //-->";
    }
    echo "</script>";
}
$userAccess->setNavigationFooterCallback('OA_footerNavigation');
$accountId = OA_Permission::getAccountIdForEntity('affiliates', $affiliateid);
$userAccess->setAccountId($accountId);
$userAccess->setPagePrefix('affiliate');
$aAllowedPermissions = array();
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) {
    $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false);
}
$aAllowedPermissions[OA_PERM_ZONE_EDIT] = array($strAllowAffiliateModifyZones, false, 'MMM_cascadePermissionsChange()');
$aAllowedPermissions[OA_PERM_ZONE_ADD] = array($strAllowAffiliateAddZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_DELETE] = array($strAllowAffiliateDeleteZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_LINK] = array($strAllowAffiliateLinkBanners, false, false);
$aAllowedPermissions[OA_PERM_ZONE_INVOCATION] = array($strAllowAffiliateGenerateCode, false, false);
$aAllowedPermissions[OA_PERM_USER_LOG_ACCESS] = array($strAllowAuditTrailAccess, false, false);
$userAccess->setAllowedPermissions($aAllowedPermissions);
$userAccess->setHiddenFields(array('affiliateid' => $affiliateid));
$userAccess->setRedirectUrl('affiliate-access.php?affiliateid=' . $affiliateid);
$userAccess->setBackUrl('affiliate-user-start.php?affiliateid=' . $affiliateid);
$userAccess->process();
Ejemplo n.º 12
0
 /**
  * Checks if user has access to specific area (for example admin or agency area)
  * Permissions are defined in www/admin/lib-permissions.inc.php file
  *
  * @access public
  *
  * @param integer $permissions
  * @param string $table  Table name
  * @param integer $id  Id (or empty if new is created)
  * @param unknown $allowed  check allowed
  * @param OA_Permission Does the current call require only a subset of the permissions?
  * 						If set to null, equivalent to asking permission to do everything on the object
  *
  * @return boolean  True if has access
  */
 function checkPermissions($permissions, $table = '', $id = null, $allowed = null, $operationAccessType = OA_Permission::OPERATION_ALL)
 {
     $isError = false;
     if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
         if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
             $isError = true;
         }
     }
     // Should this check also be part of checkPermissions?
     if (!empty($id) && !$this->checkIdExistence($table, $id)) {
         return false;
     }
     if (isset($id) && !OA_Permission::hasAccessToObject($table, $id, $operationAccessType)) {
         if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
             $isError = true;
         }
     }
     if (isset($allowed)) {
         if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
             $isError = true;
         }
     }
     if ($isError) {
         $this->raiseError('Access forbidden');
         return false;
     } else {
         // Set system timezone and return
         OA_setTimeZoneLocal();
         return true;
     }
 }
Ejemplo n.º 13
0
 function _builPermissionFields()
 {
     $aPermissionsFields = array();
     $c = 0;
     foreach ($this->aAllowedPermissions as $permissionId => $aPermission) {
         if (is_array($aPermission)) {
             list($permissionName, $indent, $onClick) = $aPermission;
         } else {
             $permissionName = $aPermission;
             $indent = false;
             $onClick = false;
         }
         $aPermissionsFields[$c] = array('name' => 'permissions[]', 'label' => $permissionName, 'type' => 'checkbox', 'value' => $permissionId, 'checked' => OA_Permission::hasPermission($permissionId, $this->accountId, $this->userid), 'hidden' => $isTrafficker, 'break' => false, 'id' => 'permissions_' . $permissionId, 'indent' => $indent);
         if ($onClick) {
             $aPermissionsFields[$c]['onclick'] = $onClick;
         }
         $c++;
     }
     return $aPermissionsFields;
 }
Ejemplo n.º 14
0
    $aZoneAds = OA_Dal_Delivery_getZoneLinkedAds($row_zones['zoneid']);
    if ($aZoneAds['count_active'] > 0 && $row_zones['delivery'] == phpAds_ZoneBanner && count($aZoneAds['lAds']) == 0) {
        $aZones[$row_zones['zoneid']]['lowPriorityWarning'] = true;
    }
    $aZones[$row_zones['zoneid']]['active'] = $aZoneAds['count_active'] > 0;
}
$oTpl->assign('affiliateId', $affiliateid);
$oTpl->assign('aAdvertisers', $clients);
$oTpl->assign('aZones', $aZones);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('canAdd', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD));
$oTpl->assign('canEdit', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_EDIT));
$oTpl->assign('canLink', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_LINK));
$oTpl->assign('canInvocation', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION));
$oTpl->assign('canDelete', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE));
/*-------------------------------------------------------*/
/* Store preferences                                     */
/*-------------------------------------------------------*/
$session['prefs']['affiliate-zones.php']['listorder'] = $listorder;
$session['prefs']['affiliate-zones.php']['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid'] = $affiliateid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework                                        */
/*-------------------------------------------------------*/
$oTpl->display();
phpAds_PageFooter();
function buildHeaderModel($websiteId)
{
    if ($websiteId) {
Ejemplo n.º 15
0
$oHeaderModel = MAX_displayWebsiteBreadcrumbs($affiliateid);
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
    // Get other affiliates
    $doAffiliates = OA_Dal::factoryDO('affiliates');
    $doAffiliates->addSessionListOrderBy('affiliate-zones.php');
    $doAffiliates->agencyid = $agencyid;
    $doAffiliates->find();
    while ($doAffiliates->fetch() && ($row = $doAffiliates->toArray())) {
        phpAds_PageContext(MAX_buildName($row['affiliateid'], $row['name']), "affiliate-invocation.php?affiliateid=" . $row['affiliateid'], $affiliateid == $row['affiliateid']);
    }
    addWebsitePageTools($affiliateid);
    phpAds_PageHeader("4.2.5", $oHeaderModel);
} else {
    $sections = array();
    $sections[] = "2.1";
    if (OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION)) {
        $sections[] = "2.2";
    }
    phpAds_PageHeader('2.2', $oHeaderModel);
    phpAds_ShowSections($sections);
}
/*-------------------------------------------------------*/
/* Main code                                             */
/*-------------------------------------------------------*/
require_once MAX_PATH . '/lib/max/Admin/Invocation/Publisher.php';
$maxInvocation = new MAX_Admin_Invocation_Publisher();
$maxInvocation->placeInvocationForm();
/*-------------------------------------------------------*/
/* HTML framework                                        */
/*-------------------------------------------------------*/
phpAds_PageFooter();
Ejemplo n.º 16
0
     // There are no restrictions on users that are applied to the autocomplete
     // list, as the admin account can see all accounts and therefore users in
     // its realm
     $oDbh =& OA_DB::singleton();
     $query = $oDbh->quote('%' . $q . '%');
     $doUsers = OA_Dal::factoryDO('users');
     $doUsers->whereAdd('username LIKE ' . $query . ' OR email_address LIKE ' . $query);
     $doUsers->limit($limit);
     $doUsers->find();
     while ($doUsers->fetch()) {
         echo htmlspecialchars($doUsers->user_id) . '|' . htmlspecialchars($doUsers->email_address) . '|' . htmlspecialchars($doUsers->username) . "\n";
     }
     break;
 case OA_ACCOUNT_MANAGER:
     // Check that they have the super account permission
     if (!OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT)) {
         break;
     }
     // A manager account can only "see" those users that are already linked to the
     // current account, and to the advertiser and trafficker accounts that are in the
     // current account's realm -- display only these users -- but also exclude any
     // user that is also linked to the admin account
     $aAdminUserIds = array();
     $aUserIds = array();
     $oDbh =& OA_DB::singleton();
     // Get the ID of all users linked to the admin account
     $adminAccountId = OA_Dal_ApplicationVariables::get('admin_account_id');
     $doAccount_user_assoc = OA_Dal::factoryDO('account_user_assoc');
     $doAccount_user_assoc->account_id = $adminAccountId;
     $doAccount_user_assoc->find();
     while ($doAccount_user_assoc->fetch() > 0) {
        $aCount['campaigns']++;
        if ($hideinactive == true && ($campaign['status'] != OA_ENTITY_STATUS_RUNNING || $campaign['status'] == OA_ENTITY_STATUS_RUNNING && count($campaign['banners']) == 0 && count($campaign['banners']) < $campaign['count'])) {
            $aCount['campaigns_hidden']++;
            unset($aCampaigns[$key]);
        }
    }
}
$oTpl->assign('clientId', $clientid);
$oTpl->assign('aCampaigns', $aCampaigns);
$oTpl->assign('aCount', $aCount);
$oTpl->assign('hideinactive', $hideinactive);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('showconversions', $conf['logging']['trackerImpressions']);
$oTpl->assign('isAdvertiser', OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
$oTpl->assign('canEdit', OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT));
$oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER));
/*-------------------------------------------------------*/
/* Store preferences                                     */
/*-------------------------------------------------------*/
$session['prefs']['advertiser-campaigns.php'][$clientid]['hideinactive'] = $hideinactive;
$session['prefs']['advertiser-campaigns.php'][$clientid]['listorder'] = $listorder;
$session['prefs']['advertiser-campaigns.php'][$clientid]['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework                                        */
/*-------------------------------------------------------*/
/** add view hooks **/
OX_Admin_UI_ViewHooks::registerPageView($oTpl, 'advertiser-campaigns', array('advertiserId' => $clientid));
$oTpl->display();
Ejemplo n.º 18
0
 /**
  * A method to show an error if the user doesn't have specific permissions to
  * perform an action on his account. This method only performs a permission check
  * if user is working as an accountType
  *
  * @static
  * @param string $permission  See OA_PERM_* constants
  * @param int $accountId Defaults to the current active account
  */
 function enforceAccountPermission($accountType, $permission)
 {
     if (OA_Permission::isAccount($accountType)) {
         OA_Permission::enforceTrue(OA_Permission::hasPermission($permission));
     }
     return true;
 }