Example #1
0
 /**
  * Renders the user group tree listing.
  *
  * @since	1.0
  * @access	public
  * @param	object	The object to check against.
  * @param	string	The controller to be called.
  * @param	string	The key for the object.
  *
  * @author	Mark Lee <*****@*****.**>
  */
 public static function groups($name = 'gid', $selected = '', $exclude = array(), $checkSuperAdmin = false)
 {
     static $count;
     $count++;
     // If selected value is a string, we assume that it's a json object.
     if (is_string($selected)) {
         $json = FD::json();
         $selected = $json->decode($selected);
     }
     $version = FD::getInstance('Version')->getVersion();
     if ($version >= '1.6') {
         $groups = self::getGroups();
         $theme = FD::themes();
         $selected = FD::makeArray($selected);
         $isSuperAdmin = JFactory::getUser()->authorise('core.admin');
         $theme->set('name', $name);
         $theme->set('checkSuperAdmin', $checkSuperAdmin);
         $theme->set('isSuperAdmin', $isSuperAdmin);
         $theme->set('selected', $selected);
         $theme->set('count', $count);
         $theme->set('groups', $groups);
         return $theme->output('admin/html/tree.groups');
     }
     return JHTML::_('select.genericlist', JFactory::getAcl()->get_group_children_tree(null, 'USERS', false), 'gid', 'size="10"', 'value', 'text', $selected);
 }
Example #2
0
 protected function _actionAdd(KCommandContext $context)
 {
     $parameters = JComponentHelper::getParams('com_users');
     if (!($group_name = $parameters->get('new_usertype'))) {
         $group_name = 'Registered';
     }
     $context->data->id = 0;
     $context->data->group_name = $group_name;
     $context->data->users_group_id = JFactory::getAcl()->get_group_id('', $group_name, 'ARO');
     $context->data->registered_on = JFactory::getDate()->toMySQL();
     if ($parameters->get('useractivation') == '1') {
         $password = $this->getService('com://site/users.helper.password');
         $context->data->activation = $password->getHash($password->getRandom(32));
         $context->data->enabled = 0;
         $message = JText::_('REG_COMPLETE_ACTIVATE');
     } else {
         $message = JText::_('REG_COMPLETE');
     }
     return parent::_actionAdd($context);
 }
Example #3
0
 /**
  * Tests the JFactory::getACL method.
  *
  * @return  void
  *
  * @since   12.1
  */
 public function testGetAcl()
 {
     $this->assertInstanceOf('JAccess', JFactory::getAcl(), 'Line: ' . __LINE__);
 }
Example #4
0
 /**
  * Renders a user group select list
  *
  * @since	1.0
  * @access	public
  * @param	string
  * @return
  */
 public static function usergroups($name, $selected = '')
 {
     $model = FD::model('Users');
     $groups = $model->getUserGroups();
     $theme = FD::themes();
     $theme->set('name', $name);
     $theme->set('selected', $selected);
     $theme->set('groups', $groups);
     $output = $theme->output('admin/html/form.usergroups');
     return $output;
     return JHTML::_('select.genericlist', JFactory::getAcl()->get_group_children_tree(null, 'USERS', false), $name, 'size="10"', 'value', 'text', $selected);
 }
 public static function checkPermissions($action, $error_msg, $suffix = '', $auth = false)
 {
     $allowed = false;
     jimport('joomla.version');
     $version = new JVersion();
     if (version_compare($version->getShortVersion(), '1.6', '<')) {
         $user = JFactory::getUser();
         if ($user->guest) {
             $user->usertype = 'public frontend';
             $user->gid = JFactory::getAcl()->get_group_id('public frontend', 'ARO');
         }
         $user_return = $user->authorize('com_contentbuilder', $action);
         $published_return = $user->authorize('com_contentbuilder_published', 'any');
         if ($published_return !== 'ok') {
             if (!$auth) {
                 //JError::raiseError(403, $error_msg);
                 JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
             } else {
                 return false;
             }
         }
         switch ($action) {
             case 'edit':
                 $edit_return = $user->authorize('com_contentbuilder_limit_edit', $action);
                 if ($edit_return !== 'ok') {
                     if (!$auth) {
                         //JError::raiseError(403, $error_msg);
                         JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                     } else {
                         return false;
                     }
                 }
                 break;
         }
         switch ($action) {
             case 'new':
                 $add_return = $user->authorize('com_contentbuilder_limit_add', $action);
                 if ($add_return !== 'ok') {
                     if (!$auth) {
                         //JError::raiseError(403, $error_msg);
                         JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                     } else {
                         return false;
                     }
                 }
                 break;
         }
         switch ($action) {
             case 'edit':
             case 'new':
             case 'view':
             case 'delete':
                 $myaction = $action == 'delete' ? 'edit' : $action;
                 $verify_return = $user->authorize('com_contentbuilder_verify', $myaction);
                 if ($verify_return !== 'ok') {
                     if ($verify_return === 'notok') {
                         if (!$auth) {
                             //JError::raiseError(403, $error_msg);
                             JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                         } else {
                             return false;
                         }
                     } else {
                         if ($verify_return !== 'notok') {
                             if (!$auth) {
                                 JFactory::getApplication()->redirect($verify_return);
                             } else {
                                 return false;
                             }
                         }
                     }
                 }
                 break;
         }
         if ($user->guest) {
             $user->usertype = '';
             $user->gid = 0;
         }
         if (is_array($user_return) && isset($user_return['own']) && $user_return['own']) {
             $db = JFactory::getDBO();
             static $typeref;
             if (is_array($typeref)) {
                 $typerefid = $typeref[intval($user_return['form_id'])];
             } else {
                 $db->setQuery("Select `type`, `reference_id` From #__contentbuilder_forms Where id = " . intval($user_return['form_id']));
                 $typerefid = $db->loadAssoc();
                 $typeref[intval($user_return['form_id'])] = $typerefid;
             }
             if (is_array($typerefid)) {
                 $form = self::getForm($typerefid['type'], $typerefid['reference_id']);
                 if ($form && !isset($user_return['record_id'])) {
                     $allowed = true;
                 } else {
                     if (is_array($user_return['record_id'])) {
                         foreach ($user_return['record_id'] as $recid) {
                             $db->setQuery("Select session_id From #__contentbuilder_records Where `record_id` = " . $db->Quote($recid) . " And `type` = " . $db->Quote($typerefid['type']) . " And `reference_id` = " . $db->Quote($typerefid['reference_id']) . "");
                             $session_id = $db->loadResult();
                             if ($form && $session_id != JFactory::getSession()->getId() && !$form->isOwner(JFactory::getUser()->get('id', 0), $recid)) {
                                 $allowed = false;
                                 break;
                             } else {
                                 $allowed = true;
                             }
                         }
                     } else {
                         $db->setQuery("Select session_id From #__contentbuilder_records Where `record_id` = " . $db->Quote($user_return['record_id']) . " And `type` = " . $db->Quote($typerefid['type']) . " And `reference_id` = " . $db->Quote($typerefid['reference_id']) . "");
                         $session_id = $db->loadResult();
                         if ($form && ($session_id == JFactory::getSession()->getId() || JFactory::getUser()->get('id', 0) && $form->isOwner(JFactory::getUser()->get('id', 0), $user_return['record_id']))) {
                             $allowed = true;
                         }
                     }
                 }
             }
         } else {
             if (!is_array($user_return) && $user_return) {
                 $allowed = true;
             }
         }
         if (!$allowed) {
             if (!$auth) {
                 //JError::raiseError(403, $error_msg);
                 JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
             } else {
                 return false;
             }
         }
     } else {
         $permissions = JFactory::getSession()->get('permissions' . $suffix, array(), 'com_contentbuilder');
         $published_return = $permissions['published'];
         if (!$published_return) {
             if (!$auth) {
                 //JError::raiseError(403, $error_msg);
                 JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
             } else {
                 return false;
             }
         }
         switch ($action) {
             case 'edit':
                 $edit_return = $permissions['limit_edit'];
                 if (!$edit_return) {
                     if (!$auth) {
                         //JError::raiseError(403, $error_msg);
                         JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                     } else {
                         return false;
                     }
                 }
                 break;
         }
         switch ($action) {
             case 'new':
                 $add_return = $permissions['limit_add'];
                 if (!$add_return) {
                     if (!$auth) {
                         //JError::raiseError(403, $error_msg);
                         JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                     } else {
                         return false;
                     }
                 }
                 break;
         }
         switch ($action) {
             case 'edit':
             case 'new':
             case 'view':
             case 'delete':
                 $myaction = $action == 'delete' ? 'edit' : $action;
                 $verify_return = $permissions['verify_' . $myaction];
                 if ($verify_return !== true) {
                     if ($verify_return === false) {
                         if (!$auth) {
                             //JError::raiseError(403, $error_msg);
                             JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
                         } else {
                             return false;
                         }
                     } else {
                         if (is_string($verify_return)) {
                             if (!$auth) {
                                 JFactory::getApplication()->redirect($verify_return);
                             } else {
                                 return false;
                             }
                         }
                     }
                 }
                 break;
         }
         if (!isset($permissions['own' . $suffix])) {
             $gids = array();
             $groups = JAccess::getGroupsByUser(JFactory::getUser()->get('id', 0));
             foreach ($groups as $gid) {
                 $gids[] = $gid;
             }
             foreach ($permissions as $group_id => $group_action) {
                 if (isset($group_action[$action]) && $group_action[$action] && in_array($group_id, $gids)) {
                     $allowed = true;
                     break;
                 }
             }
         } else {
             if (isset($permissions['own' . $suffix][$action])) {
                 $user_return = $permissions['own' . $suffix][$action];
                 if (is_array($user_return) && isset($user_return['own']) && $user_return['own']) {
                     $db = JFactory::getDBO();
                     static $typeref;
                     if (is_array($typeref)) {
                         $typerefid = $typeref[intval($user_return['form_id'])];
                     } else {
                         $db->setQuery("Select `type`, `reference_id` From #__contentbuilder_forms Where id = " . intval($user_return['form_id']));
                         $typerefid = $db->loadAssoc();
                         $typeref[intval($user_return['form_id'])] = $typerefid;
                     }
                     if (is_array($typerefid)) {
                         $form = self::getForm($typerefid['type'], $typerefid['reference_id']);
                         if ($form && !isset($user_return['record_id'])) {
                             $allowed = true;
                         } else {
                             if (is_array($user_return['record_id'])) {
                                 foreach ($user_return['record_id'] as $recid) {
                                     $db->setQuery("Select session_id From #__contentbuilder_records Where `record_id` = " . $db->Quote($recid) . " And `type` = " . $db->Quote($typerefid['type']) . " And `reference_id` = " . $db->Quote($typerefid['reference_id']) . "");
                                     $session_id = $db->loadResult();
                                     if ($form && $session_id != JFactory::getSession()->getId() && !$form->isOwner(JFactory::getUser()->get('id', 0), $recid)) {
                                         $allowed = false;
                                         break;
                                     } else {
                                         $allowed = true;
                                     }
                                 }
                             } else {
                                 $db->setQuery("Select session_id From #__contentbuilder_records Where `record_id` = " . $db->Quote($user_return['record_id']) . " And `type` = " . $db->Quote($typerefid['type']) . " And `reference_id` = " . $db->Quote($typerefid['reference_id']) . "");
                                 $session_id = $db->loadResult();
                                 if ($form && ($user_return['record_id'] == false || $session_id == JFactory::getSession()->getId() || $form->isOwner(JFactory::getUser()->get('id', 0), $user_return['record_id']))) {
                                     $allowed = true;
                                 }
                             }
                         }
                     }
                 }
             }
         }
         if (!$allowed) {
             if (!$auth) {
                 //JError::raiseError(403, $error_msg);
                 JFactory::getApplication()->redirect('index.php', $error_msg, 'error');
             } else {
                 return false;
             }
         }
     }
     if ($auth) {
         return true;
     }
 }
 /**
  * If table key (id) is NULL : inserts new rows
  * otherwise updates existing row in the database tables
  *
  * Can be overridden or overloaded by the child classes
  *
  * @param  boolean  $updateNulls  TRUE: null object variables are also updated, FALSE: not.
  * @return boolean                TRUE if successful otherwise FALSE
  */
 function store($updateNulls = false)
 {
     global $_CB_framework, $_CB_database, $ueConfig;
     $this->id = (int) $this->id;
     if (checkJversion() == 2) {
         $this->gids = is_array($this->gids) ? $this->gids : array($this->gid);
         $this->gid = (int) $_CB_framework->acl->getBackwardsCompatibleGid($this->gids);
     } else {
         $this->gid = (int) $this->gid;
         $this->gids = array($this->gid);
     }
     $isNew = $this->id == 0;
     $oldUsername = null;
     $oldGid = null;
     $oldGids = array();
     $oldBlock = null;
     if (!$isNew) {
         // get actual username to update sessions in case:
         $sql = 'SELECT ' . $_CB_database->NameQuote($this->_cmsUserTableUsername) . (checkJversion() < 2 ? ', ' . $_CB_database->NameQuote($this->_cmsUserTableGid) : null) . ', ' . $_CB_database->NameQuote('block') . ' FROM ' . $_CB_database->NameQuote($this->_cmsUserTable) . ' WHERE ' . $_CB_database->NameQuote($this->_cmsUserTableKey) . ' = ' . (int) $this->user_id;
         $_CB_database->setQuery($sql);
         $oldEntry = null;
         if ($_CB_database->loadObject($oldEntry)) {
             $oldUsername = $oldEntry->username;
             if (checkJversion() == 2) {
                 $gids = array_values((array) JFactory::getAcl()->getGroupsByUser($this->id, false));
                 foreach ($gids as $k => $v) {
                     $gids[$k] = (string) $v;
                 }
                 $oldGids = $gids;
                 $oldGid = (int) $_CB_framework->acl->getBackwardsCompatibleGid($oldGids);
             } else {
                 $oldGid = (int) $oldEntry->gid;
                 $oldGids = array($oldEntry->gid);
             }
             $oldBlock = $oldEntry->block;
         }
     }
     // insure usertype is in sync with gid:
     /*
      * This could be a better method:
     		if ( checkJversion() == 1 ) {
     			$gdataArray								=	$_CB_framework->acl->get_group_data( (int) $this->gid, 'ARO' );
     			if ( $gdataArray ) {
     				$this->usertype						=	$gdataArray[3];
     			} else {
     				user_error( sprintf( 'comprofilerUser::store: gacl:get_group_data: for user_id %d, name of group_id %d not found in acl groups table.', $this->id, $this->gid ), E_USER_WARNING );
     				$this->usertype						=	'Registered';
     			}
     		} else {
     			$this->usertype							=	$_CB_framework->acl->get_group_name( (int) $gid, 'ARO' );
     		}
     */
     if (checkJversion() == 2) {
         $this->usertype = null;
     } else {
         if (checkJversion() == 1) {
             $query = 'SELECT name' . "\n FROM #__core_acl_aro_groups" . "\n WHERE id = " . (int) $this->gid;
         } else {
             $query = 'SELECT name' . "\n FROM #__core_acl_aro_groups" . "\n WHERE group_id = " . (int) $this->gid;
         }
         $_CB_database->setQuery($query);
         $this->usertype = $_CB_database->loadResult();
     }
     if (!$isNew && $this->confirmed == 0 && $this->cbactivation == '' && $ueConfig['reg_confirmation'] != 0) {
         $this->_setActivationCode();
     }
     // creates CMS and CB objects:
     $this->_mapUsers();
     // remove the previous email set in bindSafely() and needed for checkSafely():
     unset($this->_original_email);
     // stores first into CMS to get id of user if new:
     if (is_callable(array($this->_cmsUser, 'store'))) {
         $result = $this->_cmsUser->store($updateNulls);
         if (!$result) {
             $this->_error = $this->_cmsUser->getError();
         }
     } else {
         if (checkJversion() == 2) {
             $this->_cmsUser->groups = $this->gids;
         }
         $result = $this->_cmsUser->save();
         // Joomla 1.5 native
         if (!$result) {
             $this->_error = $this->_cmsUser->getError();
             if (class_exists('JText')) {
                 $this->_error = JText::_($this->_error);
             }
         }
     }
     if ($result) {
         // synchronize id and user_id:
         if ($isNew) {
             if ($this->_cmsUser->id == 0) {
                 // this is only for mambo 4.5.0 backwards compatibility. 4.5.2.3 $row->store() updates id on insert
                 $sql = 'SELECT ' . $_CB_database->NameQuote($this->_cmsUserTableKey) . ' FROM ' . $_CB_database->NameQuote($this->_cmsUserTable) . ' WHERE ' . $_CB_database->NameQuote($this->_cmsUserTableUsername) . ' = ' . $_CB_database->Quote($this->username);
                 $_CB_database->setQuery($sql);
                 $this->_cmsUser->id = (int) $_CB_database->loadResult();
             }
             $this->id = $this->_cmsUser->id;
             $this->_comprofilerUser->id = $this->_cmsUser->id;
             if ($this->confirmed == 0 && $this->cbactivation == '' && $ueConfig['reg_confirmation'] != 0) {
                 $this->_setActivationCode();
             }
         }
         // stores CB user into comprofiler: if new, inserts, otherwise updates:
         if ($this->user_id == 0) {
             $this->user_id = $this->_cmsUser->id;
             $this->_comprofilerUser->user_id = $this->user_id;
             $result = $this->_comprofilerUser->storeNew($updateNulls);
         } else {
             $result = $this->_comprofilerUser->store($updateNulls);
         }
         if (!$result) {
             $this->_error = $this->_comprofilerUser->getError();
         }
     }
     if ($result) {
         // update the ACL:
         if (checkJversion() == 2) {
             $query = 'SELECT m.id AS aro_id, a.group_id FROM #__user_usergroup_map AS a' . "\n INNER JOIN #__usergroups AS m ON m.id= a.group_id" . "\n WHERE a.user_id = " . (int) $this->id;
         } elseif (checkJversion() == 1) {
             $query = 'SELECT a.id AS aro_id, m.group_id FROM #__core_acl_aro AS a' . "\n INNER JOIN #__core_acl_groups_aro_map AS m ON m.aro_id = a.id" . "\n WHERE a.value = " . $_CB_database->Quote((int) $this->id);
         } else {
             $query = 'SELECT a.aro_id, m.group_id FROM #__core_acl_aro AS a' . "\n INNER JOIN #__core_acl_groups_aro_map AS m ON m.aro_id = a.aro_id" . "\n WHERE a.value = " . $_CB_database->Quote((int) $this->id);
         }
         $_CB_database->setQuery($query);
         $aro_group = null;
         $result = $_CB_database->loadObject($aro_group);
         if ($result && $aro_group->group_id != $this->gid) {
             if (checkJversion() == 2) {
                 //					$query							=	'UPDATE #__user_usergroup_map'
                 //													.	"\n SET group_id = " . (int) $this->gid
                 //													.	"\n WHERE user_id = " . (int) $this->id
                 //													.	( $oldGid ? "\n AND group_id = " . (int) $oldGid : null )
                 //													;
                 //					$_CB_database->setQuery( $query );
                 //					$result							=	$_CB_database->query();
             } else {
                 $query = 'UPDATE #__core_acl_groups_aro_map' . "\n SET group_id = " . (int) $this->gid . "\n WHERE aro_id = " . (int) $aro_group->aro_id;
                 $_CB_database->setQuery($query);
                 $result = $_CB_database->query();
             }
         }
         if ($result && !$isNew && ($oldUsername != $this->username || $aro_group->group_id != $this->gid || $oldGid != $this->gid || self::_ArraysEquivalent($oldGids, $this->gids) || $oldBlock == 0 && $this->block == 1)) {
             // Update current sessions state if there is a change in gid or in username:
             if ($this->block == 0) {
                 $sessionGid = 1;
                 if ($_CB_framework->acl->is_group_child_of($this->usertype, 'Registered', 'ARO') || $_CB_framework->acl->is_group_child_of($this->usertype, 'Public Backend', 'ARO')) {
                     // Authors, Editors, Publishers and Super Administrators are part of the Special Group:
                     $sessionGid = 2;
                 }
                 $query = 'UPDATE #__session ' . "\n SET username = "******"\n WHERE userid = " . (int) $this->id;
                 //TBD: here maybe jaclplus fields update if JACLplus installed....
                 $_CB_database->setQuery($query);
                 $result = $_CB_database->query();
                 if (checkJversion() >= 2) {
                     // This is needed for instant adding of groups to logged-in user (fixing bug #3581):
                     $session = JFactory::getSession();
                     $jUser = $session->get('user');
                     if ($jUser->id == $this->id) {
                         JAccess::clearStatics();
                         $session->set('user', new JUser((int) $this->id));
                     }
                 }
             } else {
                 // logout user now that user login has been blocked:
                 if ($_CB_framework->myId() == $this->id) {
                     $_CB_framework->logout();
                 }
                 $_CB_database->setQuery("DELETE FROM #__session WHERE userid = " . (int) $this->id);
                 //TBD: check if this is enough for J 1.5
                 $result = $_CB_database->query();
             }
         }
         if (!$result) {
             $this->_error = $_CB_database->stderr();
             return false;
         }
     }
     return $result;
 }
 function &_getCmsUserObject($cmsUserId = null)
 {
     if ($this->_cmsUserNeedsDb) {
         global $_CB_database;
         $obj = new $this->_cmsUserClassName($_CB_database);
     } else {
         $obj = new $this->_cmsUserClassName();
     }
     if ($cmsUserId !== null) {
         if (!$obj->load((int) $cmsUserId)) {
             $obj = null;
         } else {
             if (checkJversion() == 2) {
                 global $_CB_framework;
                 $obj->gid = (int) $_CB_framework->acl->getBackwardsCompatibleGid(array_values((array) JFactory::getAcl()->getGroupsByUser($obj->id, false)));
             }
         }
     }
     return $obj;
 }
Example #8
0
 /**
  * If table key (id) is NULL : inserts new rows
  * otherwise updates existing row in the database tables
  *
  * Can be overridden or overloaded by the child classes
  *
  * @param  boolean  $updateNulls  TRUE: null object variables are also updated, FALSE: not.
  * @return boolean                TRUE if successful otherwise FALSE
  *
  * @throws \RuntimeException
  */
 public function store($updateNulls = false)
 {
     global $_CB_framework, $ueConfig;
     $this->id = (int) $this->id;
     $isNew = $this->id == 0;
     $oldUsername = null;
     $oldGids = array();
     $oldBlock = null;
     if (!$isNew) {
         // get actual username to update sessions in case:
         $sql = 'SELECT ' . $this->_db->NameQuote($this->_cmsUserTableUsername) . ', ' . $this->_db->NameQuote('block') . ' FROM ' . $this->_db->NameQuote($this->_cmsUserTable) . ' WHERE ' . $this->_db->NameQuote($this->_cmsUserTableKey) . ' = ' . (int) $this->user_id;
         $this->_db->setQuery($sql);
         $oldEntry = null;
         if ($this->_db->loadObject($oldEntry)) {
             /** @var \JUser $oldEntry */
             $oldUsername = $oldEntry->username;
             $gids = array_values((array) \JFactory::getAcl()->getGroupsByUser($this->id, false));
             foreach ($gids as $k => $v) {
                 $gids[$k] = (string) $v;
             }
             $oldGids = $gids;
             $oldBlock = $oldEntry->block;
         }
     }
     if (!$isNew && $this->confirmed == 0 && $this->cbactivation == '' && $ueConfig['reg_confirmation'] != 0) {
         $this->_setActivationCode();
     }
     // creates CMS and CB objects:
     $this->_mapUsers();
     // remove the previous email set in bindSafely() and needed for checkSafely():
     unset($this->_original_email);
     // stores first into CMS to get id of user if new:
     $this->_cmsUser->groups = $this->gids;
     $result = $this->_cmsUser->save();
     if (!$result) {
         $this->_error = $this->_cmsUser->getError();
         if (class_exists('JText')) {
             $this->_error = \JText::_($this->_error);
         }
     }
     if ($result) {
         // synchronize id and user_id:
         if ($isNew) {
             $this->id = $this->_cmsUser->id;
             $this->_comprofilerUser->id = $this->_cmsUser->id;
             if ($this->confirmed == 0 && $this->cbactivation == '' && $ueConfig['reg_confirmation'] != 0) {
                 $this->_setActivationCode();
             }
         }
         // stores CB user into comprofiler: if new, inserts, otherwise updates:
         if ($this->user_id == 0) {
             $this->user_id = $this->_cmsUser->id;
             $this->_comprofilerUser->user_id = $this->user_id;
             $result = $this->_comprofilerUser->storeNew($updateNulls);
         } else {
             $result = $this->_comprofilerUser->store($updateNulls);
         }
         if (!$result) {
             $this->_error = $this->_comprofilerUser->getError();
         }
     }
     if ($result) {
         // update the ACL:
         $query = 'SELECT m.id AS aro_id, a.group_id FROM #__user_usergroup_map AS a' . "\n INNER JOIN #__usergroups AS m ON m.id= a.group_id" . "\n WHERE a.user_id = " . (int) $this->id;
         $this->_db->setQuery($query);
         $aro_group = null;
         $result = $this->_db->loadObject($aro_group);
         /** @var \StdClass $aro_group */
         if ($result && !$isNew && ($oldUsername != $this->username || self::_ArraysEquivalent($oldGids, $this->gids) || $oldBlock == 0 && $this->block == 1)) {
             // Update current sessions state if there is a change in gid or in username:
             if ($this->block == 0) {
                 $query = 'UPDATE #__session ' . "\n SET username = "******"\n WHERE userid = " . (int) $this->id;
                 $this->_db->setQuery($query);
                 $result = $this->_db->query();
                 // This is needed for instant adding of groups to logged-in user (fixing bug #3581):
                 $session = \JFactory::getSession();
                 $jUser = $session->get('user');
                 if ($jUser->id == $this->id) {
                     \JAccess::clearStatics();
                     $session->set('user', new \JUser((int) $this->id));
                 }
             } else {
                 // logout user now that user login has been blocked:
                 if ($_CB_framework->myId() == $this->id) {
                     $_CB_framework->logout();
                 }
                 $this->_db->setQuery("DELETE FROM #__session WHERE userid = " . (int) $this->id);
                 //TBD: check if this is enough for J 1.5
                 $result = $this->_db->query();
             }
         }
         if (!$result) {
             $this->_error = $this->_db->stderr();
             return false;
         }
     }
     return $result;
 }