acl_set() public method

Set a user or group ACL record
public acl_set ( $ug_type, $forum_id, $ug_id, $auth, $role_id, $clear_prefetch = true )
    /**
     * Remove role
     */
    function remove_role($role_id, $permission_type)
    {
        global $db;
        $auth_admin = new auth_admin();
        // Get complete auth array
        $sql = 'SELECT auth_option, auth_option_id
			FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);
        $result = $db->sql_query($sql);
        $auth_settings = array();
        while ($row = $db->sql_fetchrow($result)) {
            $auth_settings[$row['auth_option']] = ACL_NO;
        }
        $db->sql_freeresult($result);
        // Get the role auth settings we need to re-set...
        $sql = 'SELECT o.auth_option, r.auth_setting
			FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
			WHERE o.auth_option_id = r.auth_option_id
				AND r.role_id = ' . $role_id;
        $result = $db->sql_query($sql);
        while ($row = $db->sql_fetchrow($result)) {
            $auth_settings[$row['auth_option']] = $row['auth_setting'];
        }
        $db->sql_freeresult($result);
        // Get role assignments
        $hold_ary = $auth_admin->get_role_mask($role_id);
        // Re-assign permissions
        foreach ($hold_ary as $forum_id => $forum_ary) {
            if (isset($forum_ary['users'])) {
                $auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
            }
            if (isset($forum_ary['groups'])) {
                $auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
            }
        }
        // Remove role from users and groups just to be sure (happens through acl_set)
        $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
			WHERE auth_role_id = ' . $role_id;
        $db->sql_query($sql);
        $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
			WHERE auth_role_id = ' . $role_id;
        $db->sql_query($sql);
        // Remove role data and role
        $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
			WHERE role_id = ' . $role_id;
        $db->sql_query($sql);
        $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
			WHERE role_id = ' . $role_id;
        $db->sql_query($sql);
        $auth_admin->acl_clear_prefetch();
    }
Ejemplo n.º 2
0
    /**
     * Set ideas forum options
     *
     * @return void
     * @access public
     */
    public function set_ideas_forum_options()
    {
        // Check if Ideas forum is selected and apply relevant settings if it is
        // But display the confirm box first
        if (confirm_box(true)) {
            if (empty($this->config['ideas_forum_id'])) {
                trigger_error($this->language->lang('ACP_IDEAS_NO_FORUM') . adm_back_link($this->u_action), E_USER_WARNING);
            }
            if (!class_exists('auth_admin')) {
                include $this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext;
            }
            $auth_admin = new \auth_admin();
            $forum_id = (int) $this->config['ideas_forum_id'];
            // Get the REGISTERED usergroup ID
            $sql = 'SELECT group_id
				FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "'";
            $this->db->sql_query($sql);
            $group_id = (int) $this->db->sql_fetchfield('group_id');
            // Get 'f_' local REGISTERED users group permissions array for the ideas forum
            // Default undefined permissions to ACL_NO
            $hold_ary = $auth_admin->get_mask('set', false, $group_id, $forum_id, 'f_', 'local', ACL_NO);
            $auth_settings = $hold_ary[$group_id][$forum_id];
            // Set 'Can start new topics' permissions to 'Never' for the ideas forum
            $auth_settings['f_post'] = ACL_NEVER;
            // Update the registered usergroup permissions for selected Ideas forum...
            $auth_admin->acl_set('group', $forum_id, $group_id, $auth_settings);
            // Disable auto-pruning for ideas forum
            $sql = 'UPDATE ' . FORUMS_TABLE . '
				SET ' . $this->db->sql_build_array('UPDATE', array('enable_prune' => false)) . '
				WHERE forum_id = ' . $forum_id;
            $this->db->sql_query($sql);
            $this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'ACP_PHPBB_IDEAS_FORUM_SETUP_LOG');
            trigger_error($this->language->lang('ACP_IDEAS_FORUM_SETUP_UPDATED') . adm_back_link($this->u_action));
        } else {
            confirm_box(false, $this->language->lang('ACP_IDEAS_FORUM_SETUP_CONFIRM'), build_hidden_fields(array('ideas_forum_setup' => $this->request->is_set_post('ideas_forum_setup'))));
        }
    }
Ejemplo n.º 3
0
    /**
     * Main ACP module
     *
     * @param int $id
     * @param string $mode
     * @access public
     */
    public function main($id, $mode)
    {
        // Define the name of the form for use as a form key
        $form_name = 'acp_phpbb_ideas_settings';
        add_form_key($form_name);
        // Set an empty errors array
        $errors = array();
        $display_vars = array('legend1' => 'ACP_PHPBB_IDEAS_SETTINGS', 'ideas_forum_id' => array('lang' => 'ACP_IDEAS_FORUM_ID', 'validate' => 'string', 'type' => 'custom', 'method' => 'select_ideas_forum', 'explain' => true), 'ideas_poster_id' => array('lang' => 'ACP_IDEAS_POSTER_ID', 'validate' => 'string', 'type' => 'custom', 'method' => 'select_ideas_topics_poster', 'explain' => true), 'ideas_base_url' => array('lang' => 'ACP_IDEAS_BASE_URL', 'validate' => 'string', 'type' => 'text:45:255', 'explain' => true));
        // Display forum setup utility button only if the forum is set
        if (!empty($this->config['ideas_forum_id'])) {
            $display_vars = array_merge($display_vars, array('legend2' => 'ACP_IDEAS_UTILITIES', 'ideas_forum_setup' => array('lang' => 'ACP_IDEAS_FORUM_SETUP', 'validate' => 'bool', 'type' => 'custom', 'method' => 'set_ideas_forum_permissions', 'explain' => true)));
        }
        $this->new_config = $this->config;
        $cfg_array = $this->request->is_set('config') ? $this->request->variable('config', array('' => ''), true) : $this->new_config;
        $submit = $this->request->is_set_post('submit');
        $submit_forum_setup = $this->request->is_set_post('ideas_forum_setup');
        // We validate the complete config if wished
        validate_config_vars($display_vars, $cfg_array, $errors);
        if ($submit || $submit_forum_setup) {
            if (!check_form_key($form_name)) {
                $errors[] = $this->language->lang('FORM_INVALID');
            }
        }
        // Check if selected user exists
        if ($submit) {
            $sql = 'SELECT user_id
				FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($cfg_array['ideas_poster_id'])) . "'";
            $result = $this->db->sql_query($sql);
            $user_id = (int) $this->db->sql_fetchfield('user_id');
            $this->db->sql_freeresult($result);
            if (!$user_id) {
                $errors[] = $this->language->lang('NO_USER');
            } else {
                // If selected user does exist, reassign the config value to its ID
                $cfg_array['ideas_poster_id'] = $user_id;
            }
        }
        // Check if Ideas forum is selected and apply relevant settings if it is
        if ($submit_forum_setup) {
            if (empty($this->config['ideas_forum_id'])) {
                trigger_error($this->language->lang('ACP_IDEAS_NO_FORUM') . '.' . adm_back_link($this->u_action));
            } else {
                if (!class_exists('auth_admin')) {
                    include $this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext;
                }
                $auth_admin = new \auth_admin();
                $forum_id = (int) $this->config['ideas_forum_id'];
                // Get the REGISTERED usergroup ID
                $sql = 'SELECT group_id
					FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "'";
                $this->db->sql_query($sql);
                $group_id = (int) $this->db->sql_fetchfield('group_id');
                // Get 'f_' local REGISTERED users group permissions array for the ideas forum
                // Default undefined permissions to ACL_NO
                $hold_ary = $auth_admin->get_mask('set', false, $group_id, $forum_id, 'f_', 'local', ACL_NO);
                $auth_settings = $hold_ary[$group_id][$forum_id];
                // Set 'Can start new topics' permissions to 'Never' for the ideas forum
                $auth_settings['f_post'] = ACL_NEVER;
                // Update the registered usergroup  permissions for selected Ideas forum...
                $auth_admin->acl_set('group', $forum_id, $group_id, $auth_settings);
                // Disable auto-pruning for ideas forum
                $sql = 'UPDATE ' . FORUMS_TABLE . '
					SET ' . $this->db->sql_build_array('UPDATE', array('enable_prune' => false)) . '
					WHERE forum_id = ' . $forum_id;
                $this->db->sql_query($sql);
            }
        }
        // Do not write values if there are errors
        if (sizeof($errors)) {
            $submit = $submit_forum_setup = false;
        }
        // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to
        foreach ($display_vars as $config_name => $null) {
            if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) {
                continue;
            }
            $this->new_config[$config_name] = $config_value = $cfg_array[$config_name];
            if ($submit) {
                $this->config->set($config_name, $config_value);
            }
        }
        // Submit relevant log entries and output success message
        if ($submit || $submit_forum_setup) {
            $message = $submit_forum_setup ? 'FORUM_SETUP' : 'SETTINGS';
            $this->log->add('admin', $this->user->data['user_id'], $this->user->ip, "ACP_PHPBB_IDEAS_{$message}_LOG");
            trigger_error($this->language->lang("ACP_IDEAS_{$message}_UPDATED") . adm_back_link($this->u_action));
        }
        // Output relevant page
        foreach ($display_vars as $config_key => $vars) {
            if (!is_array($vars) && strpos($config_key, 'legend') === false) {
                continue;
            }
            if (strpos($config_key, 'legend') !== false) {
                $this->template->assign_block_vars('options', array('S_LEGEND' => true, 'LEGEND' => $this->language->lang($vars)));
                continue;
            }
            $type = explode(':', $vars['type']);
            $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
            if (empty($content)) {
                continue;
            }
            $this->template->assign_block_vars('options', array('KEY' => $config_key, 'TITLE' => $this->language->lang($vars['lang']), 'S_EXPLAIN' => $vars['explain'], 'TITLE_EXPLAIN' => $vars['explain'] ? $this->language->lang($vars['lang'] . '_EXPLAIN') : '', 'CONTENT' => $content));
        }
        $this->template->assign_vars(array('S_ERROR' => (bool) sizeof($errors), 'ERROR_MSG' => sizeof($errors) ? implode('<br />', $errors) : '', 'U_ACTION' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$this->phpbb_root_path}memberlist.{$this->php_ext}", 'mode=searchuser&amp;form=acp_phpbb_ideas_settings&amp;field=ideas_poster_id&amp;select_single=true')));
    }
 }
 // Update the permission set ... we loop through each auth setting array
 foreach ($auth_settings as $auth_submode => $auth_setting) {
     // Are any entries * ? If so we need to remove them since they
     // are options the user wishes to ignore
     if (in_array('*', $auth_setting)) {
         foreach ($auth_setting as $option => $setting) {
             if ($setting == '*') {
                 unset($auth_setting[$option]);
             }
         }
     }
     if (sizeof($auth_setting)) {
         // Loop through all user/group ids
         foreach ($ug_data as $id) {
             $auth_admin->acl_set($ug_type, $forum_id[$auth_submode], $id, $auth_setting);
         }
     }
 }
 // Do we need to recache the moderator lists? We do if the mode
 // was mod or auth_settings['mod'] is a non-zero size array
 if ($mode == 'mod' || isset($auth_settings['mod']) && sizeof($auth_settings['mod'])) {
     cache_moderators();
 }
 // Remove users who are now moderators or admins from everyones foes
 // list
 if ($mode == 'mod' || isset($auth_settings['mod']) && sizeof($auth_settings['mod']) || $mode == 'admin' || isset($auth_settings['admin']) && sizeof($auth_settings['admin'])) {
     update_foes();
 }
 // Logging ... first grab user or groupnames ...
 $sql = $ug_type == 'group' ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE user_id';