/** * Syncronize user privilege types with group privilege types * Add privtypes but not change uprivs levels * Remove privtypes and privs if group hasn't privtype * * @param integer $id_user User ID * @param array $areas array of area objects * @return array Array(0, boolean) */ private function sync_upriv($id_user, $areas) { // get group's privilege types $group = new Group_model(); $g = $group->get_group_by_user($id_user); $gp = X4Utils_helper::obj2array($this->get_gprivs($g->id), 'what', 'level'); $sql = array(); foreach ($areas as $i) { // get User privilege types on area $up = X4Utils_helper::obj2array($this->get_uprivs($id_user, $i->id_area), 'privtype', 'id'); // check group privilege types foreach ($gp as $k => $v) { if (isset($up[$k])) { // if user have a group's privilege do none unset($up[$k]); } else { if ($i->id_area == 1 || !in_array($k, $this->admin_privtypes)) { // if user don't have then add the missing privilege type $sql[] = 'INSERT INTO uprivs (updated, id_area, id_user, privtype, level, xon) VALUES (NOW(), ' . $i->id_area . ', ' . $id_user . ', \'' . $k . '\', ' . $v . ', 1)'; } } } // in array 'up' now you have only the privileges that the group did not so delete it foreach ($up as $k => $v) { $sql[] = 'DELETE u.*, p.* FROM uprivs u JOIN privs p ON u.id_user = p.id_who AND u.privtype = p.what AND u.id_area = p.id_area WHERE u.id = ' . $v . ' AND p.id_who = ' . $id_user . ' AND p.what = \'' . $k . '\' AND p.id_area = ' . $i->id_area; } } return empty($sql) ? array(0, 1) : $this->db->multi_exec($sql); }