disabled<?php
}
?>
>
<option value=1<?php
if (TBGSettings::isPermissive()) {
?>
selected<?php
}
?>
><?php
echo __('Permissive');
?>
</option>
<option value=0<?php
if (!TBGSettings::isPermissive()) {
?>
selected<?php
}
?>
><?php
echo __('Restrictive');
?>
</option>
</select>
</td>
</tr>
<tr>
<td class="config_explanation" colspan="2">
<?php
echo __("%restrictive: With this security policy, users don't automatically get access to projects, modules, etc., but must be granted access specifically.", array('%restrictive' => '<b>' . __('Restrictive') . '</b>'));
/**
* Return if the user can create public saved searches
*
* @return boolean
*/
public function canCreatePublicSearches()
{
return $this->_dualPermissionsCheck('cancreatepublicsearches', 0, 'canfindissuesandsavesearches', 0, TBGSettings::isPermissive());
}
/**
* Return if the user can delete own comment
*
* @return boolean
*/
public function canUserDeleteOwnComment()
{
$retval = $this->_canPermissionOrSeeAndEditComments('candeletecommentsown');
return $retval !== null ? $retval : TBGSettings::isPermissive();
}
public function canUserSet(TBGUser $user)
{
$retval = $user->hasPermission($this->getPermissionsKey(), $this->getID(), 'core', true);
$retval = $retval === null ? $user->hasPermission($this->getPermissionsKey(), 0, 'core', true) : $retval;
return $retval !== null ? $retval : TBGSettings::isPermissive();
}
/**
* Check to see if a specified user/group/team has access
*
* @param string $permission_type The permission type
* @param integer $uid The user id for which the permission is valid, 0 for all
* @param integer $gid The group id for which the permission is valid, 0 for all
* @param integer $tid The team id for which the permission is valid, 0 for all
* @param integer $target_id[optional] The target id
* @param string $module_name[optional] The name of the module for which the permission is valid
* @param boolean $explicit[optional] whether to check for an explicit permission and return false if not set
* @param boolean $permissive[optional] whether to return false or true when explicit fails
*
* @return unknown_type
*/
public static function checkPermission($permission_type, $uid, $gid, $tid, $target_id = 0, $module_name = 'core', $explicit = false, $permissive = false)
{
$uid = (int) $uid;
$gid = (int) $gid;
if (array_key_exists($module_name, self::$_permissions) && array_key_exists($permission_type, self::$_permissions[$module_name]) && (array_key_exists($target_id, self::$_permissions[$module_name][$permission_type]) || $target_id === null)) {
if (array_key_exists(0, self::$_permissions[$module_name][$permission_type])) {
$permissions_notarget = self::$_permissions[$module_name][$permission_type][0];
}
$permissions_target = array_key_exists($target_id, self::$_permissions[$module_name][$permission_type]) ? self::$_permissions[$module_name][$permission_type][$target_id] : array();
$retval = self::_permissionsCheck($permissions_target, $uid, $gid, $tid);
if (array_key_exists(0, self::$_permissions[$module_name][$permission_type])) {
$retval = $retval !== null ? $retval : self::_permissionsCheck($permissions_notarget, $uid, $gid, $tid);
}
if ($retval !== null) {
return $retval;
}
}
if ($explicit) {
return $permissive;
}
return TBGSettings::isPermissive();
}
/**
* Return if the user can report new issues
*
* @param integer $product_id[optional] A product id
* @return boolean
*/
public function canReportIssues($project_id = null)
{
$retval = null;
if ($project_id !== null) {
if (is_numeric($project_id)) {
$project_id = TBGContext::factory()->TBGProject($project_id);
}
$project_id = $project_id instanceof TBGProject ? $project_id->getID() : $project_id;
$retval = $this->hasPermission('cancreateissues', $project_id, 'core', true, null);
$retval = $retval !== null ? $retval : $this->hasPermission('cancreateandeditissues', $project_id, 'core', true, null);
}
$retval = $retval !== null ? $retval : $this->hasPermission('cancreateissues', 0, 'core', true, null);
$retval = $retval !== null ? $retval : $this->hasPermission('cancreateandeditissues', 0, 'core', true, null);
return $retval !== null ? $retval : TBGSettings::isPermissive();
}
if (is_bool($val)) {
?>
<?php
$image_tag = $val ? image_tag('permission_set_ok.png') : image_tag('permission_set_denied.png');
?>
<?php
} elseif ($mode == 'datatype') {
?>
<?php
$image_tag = image_tag('permission_set_unset.png');
?>
<?php
} elseif ($mode == 'general' && $type == 'everyone') {
?>
<?php
$image_tag = TBGSettings::isPermissive() ? image_tag('permission_unset_ok.png') : image_tag('permission_unset_denied.png');
?>
<?php
} elseif ($mode == 'configuration' && $type == 'everyone') {
?>
<?php
$image_tag = image_tag('permission_unset_denied.png');
?>
<?php
} elseif ($mode == 'pages' && $type == 'everyone') {
?>
<?php
$image_tag = image_tag('permission_unset_ok.png');
?>
<?php
} elseif ($mode == 'user' && $type == 'everyone') {
protected function _canPermissionsOrExtraInformation($permission)
{
if (isset($this->_can_permission_cache[$permission])) {
return $this->_can_permission_cache[$permission];
}
$retval = $this->_permissionCheck($permission);
$retval = $retval === null ? $this->canAddExtraInformation() : $retval;
$this->_can_permission_cache[$permission] = $retval;
return $retval !== null ? $retval : TBGSettings::isPermissive();
}
protected function _dualPermissionsCheck($permission_1, $permission_2, $fallback = null)
{
$retval = $this->permissionCheck($permission_1);
$retval = $retval === null ? $this->permissionCheck($permission_2) : $retval;
if ($retval !== null) {
return $retval;
} else {
return $fallback !== null ? $fallback : TBGSettings::isPermissive();
}
}