/** * Gets all available patterns for the section * * @param string $section section to get patterns for * @param string $get_for get import or export patterns * @return array */ function fn_get_patterns($section, $get_for) { // Get core patterns $files = fn_get_dir_contents(Registry::get('config.dir.schemas') . 'exim', false, true, '.php'); foreach (Registry::get('addons') as $addon_name => $addon_data) { if ($addon_data['status'] != 'A') { continue; } $schema_dir = Registry::get('config.dir.addons') . $addon_name . '/schemas/exim'; if (is_dir($schema_dir)) { $_files = fn_get_dir_contents($schema_dir, false, true, '.php'); foreach ($_files as $key => $filename) { if (strpos($filename, '.post.php') !== false) { unset($_files[$key]); } } if (!empty($_files)) { $files = fn_array_merge($files, $_files, false); } } } $patterns = array(); $sections = array(); foreach ($files as $schema_file) { if (strpos($schema_file, '.functions.') !== false) { // skip functions schema definition continue; } $pattern_id = str_replace('.php', '', $schema_file); $pattern = fn_get_pattern_definition($pattern_id, $get_for); if (empty($pattern) || !fn_check_pattern_permissions($pattern, $get_for, $_SESSION['auth']['user_id'])) { continue; } $sections[$pattern['section']] = array('title' => __($pattern['section']), 'href' => 'exim.' . Registry::get('runtime.mode') . '?section=' . $pattern['section']); if ($pattern['section'] == $section) { $patterns[$pattern_id] = $pattern; } } if (Registry::get('runtime.company_id')) { $schema = fn_get_permissions_schema('vendor'); // Check if the selected section is available if (isset($schema[$get_for]['sections'][$section]['permission']) && !$schema[$get_for]['sections'][$section]['permission']) { return array('', ''); } if (!empty($schema[$get_for]['sections'])) { foreach ($schema[$get_for]['sections'] as $section_id => $data) { if (isset($data['permission']) && !$data['permission']) { unset($sections[$section_id]); } } } if (!empty($schema[$get_for]['patterns'])) { foreach ($schema[$get_for]['patterns'] as $pattern_id => $data) { if (isset($data['permission']) && !$data['permission']) { unset($patterns[$pattern_id]); } } } } ksort($sections, SORT_STRING); uasort($patterns, 'fn_sort_patterns'); return array($sections, $patterns); }
function fn_check_addon_permission($addon) { $schema = fn_get_permissions_schema('vendor'); $schema = $schema['addons']; if (isset($schema[$addon]['permission'])) { $permission = $schema[$addon]['permission']; } return isset($permission) ? $permission : true; }
function fn_check_company_permissions($controller, $mode, $request_method = '', $request_variables = array()) { $schema = fn_get_permissions_schema('vendor'); $default_permission = isset($schema['default_permission']) ? $schema['default_permission'] : false; $schema = $schema['controllers']; if (isset($schema[$controller])) { // Check if permissions set for certain mode if (isset($schema[$controller]['modes']) && isset($schema[$controller]['modes'][$mode])) { if (isset($schema[$controller]['modes'][$mode]['permissions'])) { $permission = is_array($schema[$controller]['modes'][$mode]['permissions']) ? $schema[$controller]['modes'][$mode]['permissions'][$request_method] : $schema[$controller]['modes'][$mode]['permissions']; if (isset($schema[$controller]['modes'][$mode]['condition'])) { $condition = $schema[$controller]['modes'][$mode]['condition']; } } elseif (!empty($request_variables)) { if (isset($schema[$controller]['modes'][$mode]['param_permissions'])) { $permission = fn_get_request_param_permissions($schema[$controller]['modes'][$mode]['param_permissions'], $request_variables); if (!isset($permission) && isset($schema[$controller]['modes'][$mode]['param_permissions']['default_permission'])) { $default_permission = $schema[$controller]['modes'][$mode]['param_permissions']['default_permission']; } } if (isset($schema[$controller]['modes'][$mode]['condition'])) { $condition = fn_get_request_param_permissions($schema[$controller]['modes'][$mode]['condition'], $request_variables); } } } // Check common permissions if (!isset($permission) && isset($schema[$controller]['permissions'])) { $permission = is_array($schema[$controller]['permissions']) ? $schema[$controller]['permissions'][$request_method] : $schema[$controller]['permissions']; } } $permission = isset($permission) ? $permission : $default_permission; if (isset($condition)) { if ($condition['operator'] == 'or') { $permission = $permission || fn_execute_permission_condition($condition); } elseif ($condition['operator'] == 'and') { $permission = $permission && fn_execute_permission_condition($condition); } } fn_set_hook('check_company_permissions', $permission, $controller, $mode, $request_method, $request_variables, $extra, $schema); return $permission; }
function fn_check_object_exists_for_root($controller = '', $mode = '') { $schema = fn_get_permissions_schema('admin'); $controller = empty($controller) ? Registry::get('runtime.controller') : $controller; $mode = empty($mode) ? Registry::get('runtime.mode') : $mode; $vendor_only = false; if (!Registry::get('runtime.company_id')) { if (isset($schema[$controller]['modes'][$mode]['vendor_only'])) { $vendor_only = $schema[$controller]['modes'][$mode]['vendor_only']; } elseif (isset($schema[$controller]['vendor_only']) && is_array($schema[$controller]['vendor_only']['display_condition']) && !empty($schema[$controller]['vendor_only']['display_condition'])) { $vendor_only = fn_ult_check_display_condition($_REQUEST, $schema[$controller]['vendor_only']['display_condition']); } elseif (isset($schema[$controller]['vendor_only']) && $schema[$controller]['vendor_only'] == true) { $vendor_only = $schema[$controller]['vendor_only']; } } return $vendor_only; }