function core_dimensions_after_save_member_permissions($member, &$ignored) {
if (!$member instanceof Member || !($member->getId()>0)) return;
$permission_group_ids = array();
$cmp_rows = DB::executeAll("SELECT DISTINCT permission_group_id FROM ".TABLE_PREFIX."contact_member_permissions WHERE member_id = '".$member->getId()."' AND permission_group_id IN (SELECT id FROM ".TABLE_PREFIX."permission_groups WHERE type IN ('permission_groups','user_groups'))");
foreach ($cmp_rows as $row) {
$permission_group_ids[$row['permission_group_id']] = $row['permission_group_id'];
}
$contacts = array();
// users
if (count($permission_group_ids) > 0) {
$contacts = Contacts::findAll(array('conditions' => 'user_type > 0 && permission_group_id IN ('.implode(',', $permission_group_ids).')'));
}
// contacts
$contact_rows = DB::executeAll("SELECT DISTINCT om.object_id FROM ".TABLE_PREFIX."object_members om INNER JOIN ".TABLE_PREFIX."contacts c ON c.object_id=om.object_id
WHERE om.member_id='".$member->getId()."' AND c.user_type=0");
$no_user_ids = array();
if (is_array($contact_rows)) {
foreach ($contact_rows as $row) {
$no_user_ids[] = $row['object_id'];
}
}
$more_contacts = Contacts::findAll(array('conditions' => 'object_id IN ('.implode(',', $no_user_ids).')'));
$contacts = array_merge($contacts, $more_contacts);
$contact_ids = array(0);
$persons_dim = Dimensions::findByCode("feng_persons");
core_dim_remove_contacts_member_associations($member);
foreach ($contacts as $contact) {
$contact_id = $contact->getId();
$contact_member = Members::findOneByObjectId($contact_id, $persons_dim->getId());
if ($contact_member instanceof Member) {
core_dim_add_contact_member_associations($contact_member, $member);
if ($contact instanceof Contact && $contact->isUser()) {
$has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '".$contact->getPermissionGroupId()."' AND member_id = ".$member->getId()) > 0;
if (!$has_project_permissions) {
RoleObjectTypePermissions::createDefaultUserPermissions($contact, $member);
}
}
}
// add user content object to customer member
ObjectMembers::addObjectToMembers($contact_id, array($member));
$contact->addToSharingTable();
$contact_ids[] = $contact_id;
}
// remove contacts whose members are no longer associated to the customer member
$previous_users_in_member = Contacts::instance()->listing(array(
'member_ids' => array($member->getId()),
'ignore_context' => true,
'extra_conditions' => ' AND e.user_type > 0 AND e.object_id NOT IN ('.implode(',', $contact_ids).')',
))->objects;
foreach ($previous_users_in_member as $prev_u) {
ObjectMembers::removeObjectFromMembers($prev_u, logged_user(), array($member), array($member->getId()));
}
// refresh dimensions
evt_add("reload dimension tree", array('dim_id' => $persons_dim->getId(), 'node' => null));
}
/**
* Add contact
*
* @access public
* @param void
* @return null
*/
function add()
{
if (logged_user()->isGuest()) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
$this->setTemplate('edit_contact');
if (array_var($_GET, 'is_user') || array_var(array_var(array_var($_POST, 'contact'), 'user'), 'create-user')) {
if (!can_manage_security(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
} else {
$notAllowedMember = '';
if (!Contact::canAdd(logged_user(), active_context(), $notAllowedMember)) {
if (str_starts_with($notAllowedMember, '-- req dim --')) {
flash_error(lang('must choose at least one member of', str_replace_first('-- req dim --', '', $notAllowedMember, $in)));
} else {
trim($notAllowedMember) == "" ? flash_error(lang('you must select where to keep', lang('the contact'))) : flash_error(lang('no context permissions to add', lang("contacts"), $notAllowedMember));
}
ajx_current("empty");
return;
}
}
if (!is_array(array_var($_POST, 'contact'))) {
// set layout for modal form
if (array_var($_REQUEST, 'modal')) {
$this->setLayout("json");
tpl_assign('modal', true);
}
}
$contact = new Contact();
$im_types = ImTypes::findAll(array('order' => '`id`'));
$contact_data = array_var($_POST, 'contact');
if (!array_var($contact_data, 'company_id')) {
$contact_data['company_id'] = get_id('company_id');
$contact_data['timezone'] = logged_user()->getTimezone();
}
$redirect_to = get_url('contact');
// Create contact from mail content, when writing an email...
$contact_email = array_var($_GET, 'ce');
if ($contact_email) {
$contact_data['email'] = $contact_email;
}
if (array_var($_GET, 'div_id')) {
$contact_data['new_contact_from_mail_div_id'] = array_var($_GET, 'div_id');
$contact_data['hf_contacts'] = array_var($_GET, 'hf_contacts');
}
if (!array_var($_GET, 'is_user')) {
tpl_assign('contact_mail', true);
} else {
if (isset($_GET['user_type'])) {
tpl_assign('user_type', array_var($_GET, 'user_type'));
}
tpl_assign('contact_mail', false);
}
$contact_data['all_phones'] = array();
$contact_data['all_addresses'] = array();
$contact_data['all_webpages'] = array();
$contact_data['all_emails'] = array();
//User From Contact
if (array_var($_REQUEST, 'create_user_from_contact')) {
$contact_old = Contacts::findById(get_id());
if (!$contact_old instanceof Contact) {
flash_error(lang('contact dnx'));
ajx_current("empty");
return;
}
// if
if (!$contact_old->canEdit(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
if (array_var($_REQUEST, 'create_user_from_contact')) {
$contact_data = $this->get_contact_data_from_contact($contact_old);
tpl_assign('userFromContactId', get_id());
$contact_old->setNew(true);
// to keep custom properties and linked objects
tpl_assign('object', $contact_old);
}
}
if (array_var($_REQUEST, 'user_from_contact_id') > 0) {
$contact = Contacts::findById(array_var($_REQUEST, 'user_from_contact_id'));
}
//END User From Contact
tpl_assign('contact', $contact);
tpl_assign('contact_data', $contact_data);
tpl_assign('im_types', $im_types);
// telephone types
$all_telephone_types = TelephoneTypes::getAllTelephoneTypesInfo();
tpl_assign('all_telephone_types', $all_telephone_types);
// address types
$all_address_types = AddressTypes::getAllAddressTypesInfo();
tpl_assign('all_address_types', $all_address_types);
// webpage types
$all_webpage_types = WebpageTypes::getAllWebpageTypesInfo();
tpl_assign('all_webpage_types', $all_webpage_types);
// email types
$all_email_types = EmailTypes::getAllEmailTypesInfo();
tpl_assign('all_email_types', $all_email_types);
// Submit
if (is_array(array_var($_POST, 'contact'))) {
foreach ($contact_data as $k => &$v) {
$v = remove_scripts($v);
}
ajx_current("empty");
try {
//when creating user from contact remove classification from contact first
if (array_var($_REQUEST, 'user_from_contact_id') > 0) {
$members_to_remove = array_flat(DB::executeAll("SELECT m.id FROM " . TABLE_PREFIX . "members m INNER JOIN " . TABLE_PREFIX . "dimensions d ON d.id=m.dimension_id WHERE d.defines_permissions=1"));
$removedMemebersIds = ObjectMembers::removeObjectFromMembers($contact, logged_user(), null, $members_to_remove, false);
}
DB::beginWork();
$contact_data['email'] = trim($contact_data['email']);
$newCompany = false;
if (array_var($contact_data, 'isNewCompany') == 'true' && is_array(array_var($_POST, 'company'))) {
$company_data = array_var($_POST, 'company');
$company = new Contact();
$company->setFromAttributes($company_data);
$company->setIsCompany(true);
$company->setObjectName();
$company->save();
// save phones, addresses and webpages
$this->save_phones_addresses_webpages($company_data, $company);
if ($company_data['email'] != "") {
$company->addEmail($company_data['email'], 'work', true);
}
$newCompany = true;
}
$contact_data['birthday'] = getDateValue($contact_data["birthday"]);
$contact_data['name'] = $contact_data['first_name'] . " " . $contact_data['surname'];
$contact->setFromAttributes($contact_data);
if ($newCompany) {
$contact->setCompanyId($company->getId());
}
$contact->setObjectName();
$contact->save();
// save phones, addresses and webpages
$this->save_phones_addresses_webpages($contact_data, $contact);
// main email
if ($contact_data['email'] != "") {
$contact->addEmail($contact_data['email'], 'personal', true);
}
// save additional emails
$this->save_non_main_emails($contact_data, $contact);
// autodetect timezone
$autotimezone = array_var($contact_data, 'autodetect_time_zone', null);
if ($autotimezone !== null) {
set_user_config_option('autodetect_time_zone', $autotimezone, $contact->getId());
}
//link it!
$object_controller = new ObjectController();
$member_ids = json_decode(array_var($_POST, 'members'));
if (!is_null($member_ids) && !array_var(array_var($contact_data, 'user'), 'create_user')) {
$object_controller->add_to_members($contact, $member_ids);
}
$no_perm_members_ids = json_decode(array_var($_POST, 'no_perm_members'));
if (count($no_perm_members_ids)) {
$object_controller->add_to_members($contact, $no_perm_members_ids);
}
if ($newCompany) {
$object_controller->add_to_members($company, $member_ids);
}
$object_controller->link_to_new_object($contact);
$object_controller->add_subscribers($contact);
$object_controller->add_custom_properties($contact);
foreach ($im_types as $im_type) {
$value = trim(array_var($contact_data, 'im_' . $im_type->getId()));
if ($value != '') {
$contact_im_value = new ContactImValue();
$contact_im_value->setContactId($contact->getId());
$contact_im_value->setImTypeId($im_type->getId());
$contact_im_value->setValue($value);
$contact_im_value->setIsMain(array_var($contact_data, 'default_im') == $im_type->getId());
$contact_im_value->save();
}
// if
}
// foreach
//NEW ! User data in the same form
$user = array_var(array_var($_POST, 'contact'), 'user');
if (isset($contact_data['specify_username'])) {
if ($contact_data['user']['username'] != "") {
$user['username'] = $contact_data['user']['username'];
} else {
$user['username'] = str_replace(" ", "", strtolower($contact_data['name']));
}
} else {
$user['username'] = str_replace(" ", "", strtolower($contact_data['name']));
}
if (isset($_POST['notify-user'])) {
set_user_config_option("sendEmailNotification", 1, logged_user()->getId());
} else {
set_user_config_option("sendEmailNotification", 0, logged_user()->getId());
}
if ($user) {
$user_data = $this->createUserFromContactForm($user, $contact->getId(), $contact_data['email'], isset($_POST['notify-user']), false);
// add user groups
if (isset($_REQUEST['user_groups'])) {
$insert_values = "";
$group_ids = explode(',', $_REQUEST['user_groups']);
foreach ($group_ids as $gid) {
if (trim($gid) == "" || !is_numeric($gid)) {
continue;
}
$insert_values .= ($insert_values == "" ? "" : ",") . "(" . $contact->getId() . ", {$gid})";
}
if ($insert_values != "") {
DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_permission_groups VALUES {$insert_values} ON DUPLICATE KEY UPDATE contact_id=contact_id;");
}
}
if (array_var($contact_data, 'isNewCompany') == 'true' && is_array(array_var($_POST, 'company'))) {
ApplicationLogs::createLog($company, ApplicationLogs::ACTION_ADD);
}
ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD);
if (isset($contact_data['new_contact_from_mail_div_id'])) {
$combo_val = trim($contact->getFirstName() . ' ' . $contact->getSurname() . ' <' . $contact->getEmailAddress('personal') . '>');
evt_add("contact added from mail", array("div_id" => $contact_data['new_contact_from_mail_div_id'], "combo_val" => $combo_val, "hf_contacts" => $contact_data['hf_contacts']));
}
$contact = Contacts::findById($contact->getId());
ContactMemberCaches::updateContactMemberCacheAllMembers($contact);
evt_add("new user added", $contact->getArrayInfo());
}
$null = null;
Hook::fire('after_add_contact', $contact, $null);
DB::commit();
// save user permissions
if ($user) {
DB::beginWork();
$contact = Contacts::findById($contact->getId());
save_user_permissions_background(logged_user(), $contact->getPermissionGroupId(), $contact->isGuest());
DB::commit();
}
flash_success(lang('success add contact', $contact->getObjectName()));
ajx_current("back");
if (array_var($_REQUEST, 'modal')) {
evt_add("reload current panel");
}
// Error...
} catch (Exception $e) {
DB::rollback();
flash_error($e->getMessage());
mark_dao_validation_error_fields($e);
return;
}
// try
try {
if ($user) {
// Send notification
send_notification($user_data, $contact->getId());
}
} catch (Exception $e) {
flash_error($e->getMessage());
}
}
// if
}
function removeFromMembers(Contact $user, $members_array)
{
ObjectMembers::removeObjectFromMembers($this, $user, $members_array);
}
function save_permissions($pg_id, $is_guest = false, $permissions_data = null, $save_cmps = true, $update_sharing_table = true, $fire_hook = true, $update_contact_member_cache = true, $users_ids_to_check = array(), $only_member_permissions = false)
{
if (is_null($permissions_data)) {
// system permissions
$sys_permissions_data = array_var($_POST, 'sys_perm');
// module permissions
$mod_permissions_data = array_var($_POST, 'mod_perm');
// root permissions
if ($rp_genid = array_var($_POST, 'root_perm_genid')) {
$rp_permissions_data = array();
foreach ($_POST as $name => $value) {
if (str_starts_with($name, $rp_genid . 'rg_root_')) {
$rp_permissions_data[$name] = $value;
}
}
}
// member permissions
$permissionsString = array_var($_POST, 'permissions');
} else {
// system permissions
$sys_permissions_data = array_var($permissions_data, 'sys_perm');
// module permissions
$mod_permissions_data = array_var($permissions_data, 'mod_perm');
// root permissions
$rp_genid = array_var($permissions_data, 'root_perm_genid');
$rp_permissions_data = array_var($permissions_data, 'root_perm');
// member permissions
$permissionsString = array_var($permissions_data, 'permissions');
}
try {
DB::beginWork();
$changed_members = array();
// save module permissions
if (!$only_member_permissions) {
try {
TabPanelPermissions::clearByPermissionGroup($pg_id, true);
if (!is_null($mod_permissions_data) && is_array($mod_permissions_data)) {
foreach ($mod_permissions_data as $tab_id => $val) {
DB::execute("INSERT INTO " . TABLE_PREFIX . "tab_panel_permissions (permission_group_id,tab_panel_id) VALUES ('{$pg_id}','{$tab_id}') ON DUPLICATE KEY UPDATE permission_group_id=permission_group_id");
}
}
} catch (Exception $e) {
Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
$root_permissions_sharing_table_delete = array();
$root_permissions_sharing_table_add = array();
if (logged_user() instanceof Contact && can_manage_security(logged_user())) {
try {
if (!$only_member_permissions) {
// save system permissions
$system_permissions = SystemPermissions::findById($pg_id);
if (!$system_permissions instanceof SystemPermission) {
$system_permissions = new SystemPermission();
$system_permissions->setPermissionGroupId($pg_id);
}
$system_permissions->setAllPermissions(false);
$other_permissions = array();
Hook::fire('add_user_permissions', $pg_id, $other_permissions);
foreach ($other_permissions as $k => $v) {
$system_permissions->setColumnValue($k, false);
}
// check max permissions for role, in case of modifying user's permissions
$role_id = "-1";
$tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id));
if ($tmp_contact instanceof Contact) {
$role_id = $tmp_contact->getUserType();
}
$max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $role_id));
if ($max_role_system_permissions instanceof MaxSystemPermission) {
foreach ($sys_permissions_data as $col => &$val) {
$max_val = $max_role_system_permissions->getColumnValue($col);
if (!$max_val) {
unset($sys_permissions_data[$col]);
}
}
}
// don't allow to write emails for collaborators and guests
if ($tmp_contact instanceof Contact) {
$user_type_name = $tmp_contact->getUserTypeName();
if (!in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) {
$mail_ot = ObjectTypes::findByName('mail');
if ($mail_ot instanceof ObjectType) {
DB::executeAll("UPDATE " . TABLE_PREFIX . "contact_member_permissions SET can_write=0, can_delete=0 WHERE object_type_id=" . $mail_ot->getId() . " AND permission_group_id={$pg_id}");
}
}
}
$sys_permissions_data['can_task_assignee'] = !$is_guest;
$system_permissions->setFromAttributes($sys_permissions_data);
$system_permissions->setUseOnDuplicateKeyWhenInsert(true);
$system_permissions->save();
//object type root permissions
$can_have_root_permissions = config_option('let_users_create_objects_in_root') && in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'));
if ($rp_genid && $can_have_root_permissions) {
ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0");
foreach ($rp_permissions_data as $name => $value) {
if (str_starts_with($name, $rp_genid . 'rg_root_')) {
$rp_ot = substr($name, strrpos($name, '_') + 1);
if (is_numeric($rp_ot) && $rp_ot > 0 && $value == 0) {
$root_permissions_sharing_table_delete[] = $rp_ot;
}
if (!is_numeric($rp_ot) || $rp_ot <= 0 || $value < 1) {
continue;
}
$root_permissions_sharing_table_add[] = $rp_ot;
// save with member_id = 0
$root_perm_cmp = new ContactMemberPermission();
$root_perm_cmp->setPermissionGroupId($pg_id);
$root_perm_cmp->setMemberId('0');
$root_perm_cmp->setObjectTypeId($rp_ot);
$root_perm_cmp->setCanWrite($value >= 2);
$root_perm_cmp->setCanDelete($value >= 3);
$root_perm_cmp->save();
}
}
}
if (!$can_have_root_permissions) {
ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0");
$sh_controller = new SharingTableController();
$all_object_type_ids = ObjectTypes::findAll(array('id' => true));
$sh_controller->adjust_root_permissions($pg_id, array('root_permissions_sharing_table_delete' => $all_object_type_ids));
}
}
} catch (Exception $e) {
Logger::log("Error saving system and root permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
// set all permissions to read_only if user is guest
if ($is_guest) {
try {
$all_saved_permissions = ContactMemberPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}"));
foreach ($all_saved_permissions as $sp) {
/* @var $sp ContactMemberPermission */
if ($sp->getCanDelete() || $sp->getCanWrite()) {
$sp->setCanDelete(false);
$sp->setCanWrite(false);
$sp->save();
}
}
$cdps = ContactDimensionPermissions::findAll(array("conditions" => "`permission_type` = 'allow all'"));
foreach ($cdps as $cdp) {
$cdp->setPermissionType('check');
$cdp->save();
}
} catch (Exception $e) {
Logger::log("Error setting guest user permissions to read_only for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
// check the status of the changed dimensions to set 'allow_all', 'deny_all' or 'check'
try {
$dimensions = Dimensions::findAll(array("conditions" => array("`id` IN (SELECT DISTINCT `dimension_id` FROM " . Members::instance()->getTableName(true) . " WHERE `id` IN (?))", $changed_members)));
foreach ($dimensions as $dimension) {
$dimension->setContactDimensionPermission($pg_id, 'check');
}
} catch (Exception $e) {
Logger::log("Error setting dimension permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
//member permissions
if ($permissionsString && $permissionsString != '') {
$permissions = json_decode($permissionsString);
}
if (isset($permissions) && !is_null($permissions) && is_array($permissions)) {
try {
$tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id));
if ($tmp_contact instanceof Contact) {
$user_type_name = $tmp_contact->getUserTypeName();
$role_id = $tmp_contact->getUserType();
$max_role_ot_perms = MaxRoleObjectTypePermissions::instance()->findAll(array('conditions' => "role_id = '{$role_id}'"));
}
$mail_ot = ObjectTypes::findByName('mail');
$sql_insert_values = "";
$member_object_types_to_delete = array();
$allowed_members_ids = array();
foreach ($permissions as &$perm) {
if (!isset($all_perm_deleted[$perm->m])) {
$all_perm_deleted[$perm->m] = true;
}
$allowed_members_ids[$perm->m] = array();
$allowed_members_ids[$perm->m]['pg'] = $pg_id;
if ($perm->r) {
if (isset($allowed_members_ids[$perm->m]['w'])) {
if ($allowed_members_ids[$perm->m]['w'] != 1) {
$allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w;
}
} else {
$allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w;
}
if (isset($allowed_members_ids[$perm->m]['d'])) {
if ($allowed_members_ids[$perm->m]['d'] != 1) {
$allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d;
}
} else {
$allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d;
}
// check max permissions for user type
if ($tmp_contact instanceof Contact) {
$max_perm = null;
foreach ($max_role_ot_perms as $max_role_ot_perm) {
if ($max_role_ot_perm->getObjectTypeId() == $perm->o) {
$max_perm = $max_role_ot_perm;
}
}
if ($max_perm) {
if (!$max_perm->getCanDelete()) {
$perm->d = 0;
}
if (!$max_perm->getCanWrite()) {
$perm->w = 0;
}
} else {
$perm->d = 0;
$perm->w = 0;
$perm->r = 0;
}
}
if ($save_cmps) {
// don't allow to write emails for collaborators and guests
if ($tmp_contact instanceof Contact && !in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) {
if ($mail_ot instanceof ObjectType && $perm->o == $mail_ot->getId()) {
$perm->d = 0;
$perm->w = 0;
}
}
$sql_insert_values .= ($sql_insert_values == "" ? "" : ",") . "('" . $pg_id . "','" . $perm->m . "','" . $perm->o . "','" . $perm->d . "','" . $perm->w . "')";
if (!isset($member_object_types_to_delete[$perm->m])) {
$member_object_types_to_delete[$perm->m] = array();
}
$member_object_types_to_delete[$perm->m][] = $perm->o;
}
$all_perm_deleted[$perm->m] = false;
} else {
if (is_numeric($perm->m) && is_numeric($perm->o)) {
DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id='" . $perm->m . "' AND object_type_id='" . $perm->o . "' AND permission_group_id={$pg_id}");
}
}
$changed_members[] = $perm->m;
}
if ($save_cmps) {
if (count($all_perm_deleted) > 0) {
$member_ids_to_delete = array();
foreach ($all_perm_deleted as $mid => $del) {
// also check in contact_member_permissions
$cmps = ContactMemberPermissions::findAll(array('conditions' => 'permission_group_id=' . $pg_id . " AND member_id={$mid}"));
if ($del && (!is_array($cmps) || count($cmps) == 0)) {
$member_ids_to_delete[] = $mid;
}
}
if (count($member_ids_to_delete) > 0) {
DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id IN (" . implode(',', $member_ids_to_delete) . ") AND permission_group_id={$pg_id}");
}
}
foreach ($member_object_types_to_delete as $mid => $obj_type_ids) {
if (count($obj_type_ids) > 0) {
DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id={$mid} AND object_type_id IN (" . implode(',', $obj_type_ids) . ") AND permission_group_id={$pg_id}");
}
}
if ($sql_insert_values != "") {
DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_member_permissions (permission_group_id, member_id, object_type_id, can_delete, can_write) VALUES {$sql_insert_values} ON DUPLICATE KEY UPDATE member_id=member_id");
}
}
} catch (Exception $e) {
Logger::log("Error saving member permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
DB::commit();
} catch (Exception $e) {
Logger::log("Error saving permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
DB::rollback();
}
try {
if (isset($permissions) && !is_null($permissions) && is_array($permissions)) {
if ($update_sharing_table) {
try {
$sharingTablecontroller = new SharingTableController();
$rp_info = array('root_permissions_sharing_table_delete' => $root_permissions_sharing_table_delete, 'root_permissions_sharing_table_add' => $root_permissions_sharing_table_add);
$sharingTablecontroller->afterPermissionChanged($pg_id, $permissions, $rp_info);
} catch (Exception $e) {
Logger::log("Error saving permissions to sharing table for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
if ($update_contact_member_cache) {
try {
$contactMemberCacheController = new ContactMemberCacheController();
$group = PermissionGroups::findById($pg_id);
$real_group = null;
if ($group->getType() == 'user_groups') {
$real_group = $group;
}
$users = $group->getUsers();
$users_ids_checked = array();
foreach ($users as $us) {
$users_ids_checked[] = $us->getId();
$contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group);
}
//check all users related to the group
foreach ($users_ids_to_check as $us_id) {
if (!in_array($us_id, $users_ids_checked)) {
$users_ids_checked[] = $us_id;
$us = Contacts::findById($us_id);
if ($us instanceof Contact) {
$contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group);
}
}
}
} catch (Exception $e) {
Logger::log("Error saving permissions to contact member cache for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
throw $e;
}
}
}
} catch (Exception $e) {
Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString());
}
if ($fire_hook) {
Hook::fire('after_save_contact_permissions', $pg_id, $pg_id);
}
// remove contact object from members where permissions were deleted
$user = Contacts::findOne(array('conditions' => 'permission_group_id=' . $pg_id));
if ($user instanceof Contact) {
$to_remove = array();
if (isset($all_perm_deleted) && is_array($all_perm_deleted)) {
foreach ($all_perm_deleted as $m_id => $must_remove) {
if ($must_remove) {
$to_remove[] = $m_id;
}
}
ObjectMembers::removeObjectFromMembers($user, logged_user(), null, $to_remove);
}
}
}
function associate_member_to_status_member($project_member, $old_project_status, $status_member_id, $status_dimension, $status_ot = null, $remove_prev_associations = true)
{
if ($status_dimension instanceof Dimension && in_array($status_dimension->getId(), config_option('enabled_dimensions'))) {
// asociate project objects to the new project_status member
if ($old_project_status != $status_member_id) {
$object_members = ObjectMembers::instance()->findAll(array('conditions' => "member_id = " . $project_member->getId() . " AND is_optimization=0"));
// remove objects from old project_type member
if ($old_project_status > 0) {
foreach ($object_members as $om) {
$obj = Objects::findObject($om->getObjectId());
if ($obj instanceof ContentDataObject) {
ObjectMembers::removeObjectFromMembers($obj, logged_user(), null, array($old_project_status));
}
}
}
// add objects to new project_type member
if (is_numeric($status_member_id) && $status_member_id > 0) {
$member_to_add = Members::findById($status_member_id);
foreach ($object_members as $om) {
ObjectMembers::addObjectToMembers($om->getObjectId(), array($member_to_add));
}
if ($member_to_add instanceof Member && $member_to_add->getObjectId() > 0) {
$rel_obj = Objects::findObject($member_to_add->getObjectId());
if ($rel_obj instanceof ContentDataObject) {
ObjectMembers::addObjectToMembers($rel_obj->getId(), array($project_member));
$rel_obj->addToSharingTable();
$null = null;
Hook::fire("after_auto_classifying_associated_object_of_member", array('obj' => $rel_obj, 'mem' => $project_member), $null);
}
}
}
}
$member_dimension = $project_member->getDimension();
$a = DimensionMemberAssociations::instance()->findOne(array('conditions' => array('dimension_id=? AND object_type_id=? AND associated_dimension_id=?' . ($status_ot instanceof ObjectType ? ' AND associated_object_type_id=' . $status_ot->getId() : ''), $member_dimension->getId(), $project_member->getObjectTypeId(), $status_dimension->getId())));
// create relation between members and remove old relations
if ($a instanceof DimensionMemberAssociation) {
if (is_numeric($status_member_id) && $status_member_id > 0) {
$mpm = MemberPropertyMembers::findOne(array('id' => true, 'conditions' => array('association_id = ? AND member_id = ? AND property_member_id = ?', $a->getId(), $project_member->getId(), $status_member_id)));
if (is_null($mpm)) {
$sql = "INSERT INTO " . TABLE_PREFIX . "member_property_members (association_id, member_id, property_member_id, is_active, created_on, created_by_id)\r\n\t\t\t\t\t\tVALUES (" . $a->getId() . "," . $project_member->getId() . "," . $status_member_id . ", 1, NOW()," . logged_user()->getId() . ");";
DB::executeAll($sql);
}
}
if ($remove_prev_associations) {
MemberPropertyMembers::instance()->delete('association_id = ' . $a->getId() . ' AND member_id = ' . $project_member->getId() . " AND property_member_id <> '{$status_member_id}'");
}
}
$a = DimensionMemberAssociations::instance()->findOne(array('conditions' => array('associated_dimension_id=? AND associated_object_type_id=? AND dimension_id=?' . ($status_ot instanceof ObjectType ? ' AND object_type_id=' . $status_ot->getId() : ''), $member_dimension->getId(), $project_member->getObjectTypeId(), $status_dimension->getId())));
// create relation between members and remove old relations
if ($a instanceof DimensionMemberAssociation) {
if (is_numeric($status_member_id) && $status_member_id > 0) {
$mpm = MemberPropertyMembers::findOne(array('id' => true, 'conditions' => array('association_id = ? AND member_id = ? AND property_member_id = ?', $a->getId(), $project_member->getId(), $status_member_id)));
if (is_null($mpm)) {
$sql = "INSERT INTO " . TABLE_PREFIX . "member_property_members (association_id, member_id, property_member_id, is_active, created_on, created_by_id)\r\n\t\t\t\t\t\tVALUES (" . $a->getId() . "," . $status_member_id . "," . $project_member->getId() . ", 1, NOW()," . logged_user()->getId() . ");";
DB::executeAll($sql);
}
}
if ($remove_prev_associations) {
MemberPropertyMembers::instance()->delete('association_id = ' . $a->getId() . ' AND property_member_id = ' . $project_member->getId() . " AND member_id <> '{$status_member_id}'");
}
}
}
}
}
}
DB::commit();
} catch (Exception $e) {
DB::rollback();
Logger::log("Error saving permissions (3): " . $e->getMessage() . "\n" . $e->getTraceAsString());
}
// fire hooks
try {
DB::beginWork();
Hook::fire('after_save_contact_permissions', $pg_id, $pg_id);
DB::commit();
} catch (Exception $e) {
DB::rollback();
Logger::log("Error saving permissions (4): " . $e->getMessage() . "\n" . $e->getTraceAsString());
}
// remove contact object from members where permissions were deleted
$user = Contacts::findOne(array('conditions' => 'permission_group_id=' . $pg_id));
if ($user instanceof Contact) {
$to_remove = array();
foreach ($all_perm_deleted as $m_id => $must_remove) {
if ($must_remove) {
$to_remove[] = $m_id;
}
}
ObjectMembers::removeObjectFromMembers($user, logged_user(), null, $to_remove);
}
@unlink($permissions_filename);
@unlink($sys_permissions_filename);
@unlink($mod_permissions_filename);
@unlink($root_permissions_filename);
