function save_member_permissions($member, $permissionsString = null, $save_cmps = true, $update_sharing_table = true, $fire_hook = true, $update_contact_member_cache = true) { @set_time_limit(0); ini_set('memory_limit', '1024M'); if (!$member instanceof Member) { return; } if (is_null($permissionsString)) { $permissionsString = array_var($_POST, 'permissions'); } if ($permissionsString && $permissionsString != '') { $permissions = json_decode($permissionsString); } $sharingTablecontroller = new SharingTableController(); $contactMemberCacheController = new ContactMemberCacheController(); $changed_pgs = array(); $sql_insert_values = ""; if (isset($permissions) && is_array($permissions)) { $allowed_pg_ids = array(); foreach ($permissions as $k => &$perm) { if ($perm->r) { $allowed_pg_ids[$perm->pg] = array(); if (isset($allowed_pg_ids[$perm->pg]['w'])) { if (!$allowed_pg_ids[$perm->pg]['w']) { $allowed_pg_ids[$perm->pg]['w'] = $perm->w; } } else { $allowed_pg_ids[$perm->pg]['w'] = $perm->w; } if (isset($allowed_pg_ids[$perm->pg]['d'])) { if (!$allowed_pg_ids[$perm->pg]['d']) { $allowed_pg_ids[$perm->pg]['d'] = $perm->d; } } else { $allowed_pg_ids[$perm->pg]['d'] = $perm->d; } // check max permissions for user type $tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $perm->pg)); if ($tmp_contact instanceof Contact) { $max_role_ot_perms = MaxRoleObjectTypePermissions::instance()->findAll(array('conditions' => "role_id = '" . $tmp_contact->getUserType() . "'")); $max_perm = null; foreach ($max_role_ot_perms as $max_role_ot_perm) { if ($max_role_ot_perm->getObjectTypeId() == $perm->o) { $max_perm = $max_role_ot_perm; } } $perm->m = $member->getId(); if ($max_perm) { if (!$max_perm->getCanDelete()) { $perm->d = 0; } if (!$max_perm->getCanWrite()) { $perm->w = 0; } } else { $perm->d = 0; $perm->w = 0; $perm->r = 0; unset($permissions[$k]); continue; } } if ($save_cmps) { $sql_insert_values .= ($sql_insert_values == "" ? "" : ",") . "('" . $perm->pg . "','" . $member->getId() . "','" . $perm->o . "','" . $perm->d . "','" . $perm->w . "')"; } } $perm->m = $member->getId(); $changed_pgs[$perm->pg] = $perm->pg; } if ($save_cmps) { if (count($changed_pgs) > 0) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id IN (" . implode(',', $changed_pgs) . ") AND member_id=" . $member->getId()); } if ($sql_insert_values != "") { DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_member_permissions (permission_group_id, member_id, object_type_id, can_delete, can_write) VALUES {$sql_insert_values} ON DUPLICATE KEY UPDATE member_id=member_id"); } } foreach ($permissions as $p) { if (!$p->m) { $p->m = $member->getId(); } } if ($update_sharing_table) { foreach ($changed_pgs as $pg_id) { $sharingTablecontroller->afterPermissionChanged($pg_id, $permissions); } } if ($update_contact_member_cache) { $contactMemberCacheController->afterMemberPermissionChanged(array('changed_pgs' => $changed_pgs, 'member' => $member)); } foreach ($allowed_pg_ids as $key => $mids) { $root_cmp = ContactMemberPermissions::findById(array('permission_group_id' => $key, 'member_id' => $member->getId(), 'object_type_id' => $member->getObjectTypeId())); if (!$root_cmp instanceof ContactMemberPermission) { $root_cmp = new ContactMemberPermission(); $root_cmp->setPermissionGroupId($key); $root_cmp->setMemberId($member->getId()); $root_cmp->setObjectTypeId($member->getObjectTypeId()); } $root_cmp->setCanWrite($mids['w'] == true ? 1 : 0); $root_cmp->setCanDelete($mids['d'] == true ? 1 : 0); $root_cmp->save(); } } // check the status of the dimension to set 'allow_all', 'deny_all' or 'check' $dimension = $member->getDimension(); foreach ($changed_pgs as $pg_id) { $dimension->setContactDimensionPermission($pg_id, 'check'); } if ($fire_hook) { Hook::fire('after_save_member_permissions', array('member' => $member, 'user_id' => logged_user()->getId()), $member); } return array('changed_pgs' => $changed_pgs, 'member' => $member); }
try { // update sharing table DB::beginWork(); $sharingTablecontroller->afterPermissionChanged($pg_id, $perm_array); $flags_to_delete[] = $pg_id; DB::commit(); } catch (Exception $e) { DB::rollback(); Logger::log("Error saving permissions (2): " . $e->getMessage() . "\n" . $e->getTraceAsString()); } } } // save tree try { DB::beginWork(); $contactMemberCacheController = new ContactMemberCacheController(); $contactMemberCacheController->afterMemberPermissionChanged($result); DB::commit(); } catch (Exception $e) { DB::rollback(); Logger::log("Error saving permissions (3): " . $e->getMessage() . "\n" . $e->getTraceAsString()); } // transaction for the hooks try { DB::beginWork(); Hook::fire('after_save_member_permissions', array('member' => array_var($result, 'member'), 'user_id' => $user_id), array_var($result, 'member')); DB::commit(); } catch (Exception $e) { DB::rollback(); Logger::log("Error saving permissions (4): " . $e->getMessage() . "\n" . $e->getTraceAsString()); }
$rp_info = array('root_permissions_sharing_table_delete' => $root_permissions_sharing_table_delete, 'root_permissions_sharing_table_add' => $root_permissions_sharing_table_add); // update sharing table DB::beginWork(); $sharingTablecontroller = new SharingTableController(); $sharingTablecontroller->afterPermissionChanged($pg_id, json_decode($permissions), $rp_info); // delete flag $flag->delete(); DB::commit(); } catch (Exception $e) { DB::rollback(); Logger::log("Error saving permissions (2): " . $e->getMessage() . "\n" . $e->getTraceAsString()); } // save tree try { DB::beginWork(); $contactMemberCacheController = new ContactMemberCacheController(); $group = PermissionGroups::findById($pg_id); $real_group = null; if ($group->getType() == 'user_groups') { $real_group = $group; } $users = $group->getUsers(); $users_ids_checked = array(); //check all users related to the group foreach ($users as $us) { $users_ids_checked[] = $us->getId(); $contactMemberCacheController->afterUserPermissionChanged($us, json_decode($permissions), $real_group); } //check all users in users_ids_to_check (we do this because a user can be removed from a group) foreach ($users_ids_to_check as $us_id) { if (!in_array($us_id, $users_ids_checked)) {