function getActiveContextPermissions(Contact $contact, $object_type_id, $context, $dimension_members, $can_write = false, $can_delete = false) { if ($contact instanceof Contact && $contact->isAdministrator()) { return $dimension_members; } $allowed_members = array(); $permission_group_ids = ContactPermissionGroups::getContextPermissionGroupIdsByContactCSV($contact->getId()); $perm_ids_array = explode(",", $permission_group_ids); foreach ($perm_ids_array as $pid) { foreach ($dimension_members as $member_id) { //check if exists a context permission group for this object type id in this member $contact_member_permission = self::findById(array('permission_group_id' => $pid, 'member_id' => $member_id, 'object_type_id' => $object_type_id)); if ($contact_member_permission instanceof ContactMemberPermission && (!$can_write || $contact_member_permission->getCanWrite() && !$can_delete || $contact_member_permission->getCanDelete())) { $permission_contexts = PermissionContexts::findAll(array('`contact_id` = ' . $contact->getId(), 'permission_group_id' => $pid, 'member_id' => $member_id)); //check if the actual context applies to this permission group if (!is_null($permission_contexts)) { $dimensions = array(); $context_members = array(); foreach ($permission_contexts as $pc) { $member = $pc->getMember(); $dimension_id = $member->getDimensionId(); if (!in_array($dimension_id, $dimensions)) { $dimensions[] = $dimension_id; $context_members[$dimension_id] = array(); } $context_members[$dimension_id][] = $member; } $include = true; foreach ($dimensions as $dim_id) { $members_in_context = array(); foreach ($context_members[$dim_id] as $value) { if (in_array($value, $context)) { $members_in_context[] = $value; } } if (count($members_in_context) == 0) { $include = $include && false; } } if ($include && count($dimensions) != 0) { $allowed_members[] = $member_id; } } } } } return $allowed_members; }
/** * Return manager instance * * @access protected * @param void * @return PermissionContexts */ function manager() { if(!($this->manager instanceof PermissionContexts)) $this->manager = PermissionContexts::instance(); return $this->manager; } // manager
function delete() { if (!can_manage_dimension_members(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); if (!$member instanceof Member) { ajx_current("empty"); return; } $ret = array(); Hook::fire('check_additional_member_permissions', array('action' => 'delete', 'member' => $member, 'pg_id' => logged_user()->getPermissionGroupId()), $ret); if (count($ret) > 0 && !array_var($ret, 'ok')) { flash_error(array_var($ret, 'message')); ajx_current("empty"); return; } try { DB::beginWork(); if (!$member->canBeDeleted($error_message)) { throw new Exception($error_message); } $dim_id = $member->getDimensionId(); // Remove from sharing table $sqlDeleteSharingTable = "DELETE sh FROM `" . TABLE_PREFIX . "sharing_table` sh\r\n\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . TABLE_PREFIX . "object_members` om\r\n\t\t\t\t\t\t\t\t\t\tON om.object_id = sh.object_id\r\n\t\t\t\t\t\t\t\t\t\tWHERE om.member_id = " . $member->getId() . " AND om.is_optimization = 0;"; DB::execute($sqlDeleteSharingTable); $affectedObjectsRows = DB::executeAll("SELECT distinct(object_id) AS object_id FROM " . TABLE_PREFIX . "object_members where member_id = " . $member->getId() . " AND is_optimization = 0"); if (is_array($affectedObjectsRows) && count($affectedObjectsRows) > 0) { $ids_str = ""; foreach ($affectedObjectsRows as $row) { $oid = $row['object_id']; $ids_str .= ($ids_str == "" ? "" : ",") . $oid; } add_multilple_objects_to_sharing_table($ids_str, logged_user()); } // remove member associations MemberPropertyMembers::delete('member_id = ' . $member->getId() . ' OR property_member_id = ' . $member->getId()); MemberRestrictions::delete('member_id = ' . $member->getId() . ' OR restricted_member_id = ' . $member->getId()); // remove from permissions tables ContactMemberPermissions::delete('member_id = ' . $member->getId()); PermissionContexts::delete('member_id = ' . $member->getId()); // remove associated content object if ($member->getObjectId() > 0) { $mobj = Objects::findObject($member->getObjectId()); if ($mobj instanceof ContentDataObject) { $mobj->delete(); } } // delete from object_members ObjectMembers::delete('member_id = ' . $member->getId()); Hook::fire('delete_member', $member, $ret); $parent_id = $member->getParentMemberId(); $ok = $member->delete(false); if ($ok) { evt_add("reload dimension tree", array('dim_id' => $dim_id, 'node' => null)); evt_add("try to select member", array('dimension_id' => $dim_id, 'id' => $parent_id)); } DB::commit(); flash_success(lang('success delete member', $member->getName())); if (get_id('start')) { ajx_current("start"); } else { if (get_id('dont_reload')) { ajx_current("empty"); } else { ajx_current("reload"); } } } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } }
/** * This function will return paginated result. Result is an array where first element is * array of returned object and second populated pagination object that can be used for * obtaining and rendering pagination data using various helpers. * * Items and pagination array vars are indexed with 0 for items and 1 for pagination * because you can't use associative indexing with list() construct * * @access public * @param array $arguments Query argumens (@see find()) Limit and offset are ignored! * @param integer $items_per_page Number of items per page * @param integer $current_page Current page number * @return array */ function paginate($arguments = null, $items_per_page = 10, $current_page = 1) { if(isset($this) && instance_of($this, 'PermissionContexts')) { return parent::paginate($arguments, $items_per_page, $current_page); } else { return PermissionContexts::instance()->paginate($arguments, $items_per_page, $current_page); } // if } // paginate
/** * Return manager instance * * @access protected * @param void * @return PermissionContexts */ function manager() { if (!$this->manager instanceof PermissionContexts) { $this->manager = PermissionContexts::instance(); } return $this->manager; }
function delete() { if(!can_manage_dimension_members(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); try { DB::beginWork(); if (!$member->canBeDeleted($error_message)) { throw new Exception($error_message); } $dim_id = $member->getDimensionId(); // Remove from shring table SharingTables::instance()->delete(" object_id IN ( SELECT distinct(object_id) FROM ".TABLE_PREFIX."object_members WHERE member_id = ".$member->getId()." AND is_optimization = 0 ) "); $affectedObjectsRows = DB::executeAll("SELECT distinct(object_id) AS object_id FROM ".TABLE_PREFIX."object_members where member_id = ".$member->getId()." AND is_optimization = 0") ; if (is_array($affectedObjectsRows) && count($affectedObjectsRows) > 0) { foreach ( $affectedObjectsRows as $row ) { $oid = $row['object_id']; $object = Objects::findObject($row['object_id']); // return an instance of Message, contact, etc. /* @var $object ContentDataObject */ if ($object instanceof ContentDataObject) { $object->addToSharingTable(); } } } // remove member associations MemberPropertyMembers::delete('member_id = '.$member->getId().' OR property_member_id = '.$member->getId()); MemberRestrictions::delete('member_id = '.$member->getId().' OR restricted_member_id = '.$member->getId()); // remove from permissions tables ContactMemberPermissions::delete('member_id = '.$member->getId()); PermissionContexts::delete('member_id = '.$member->getId()); // remove associated content object if ($member->getObjectId() > 0) { $mobj = Objects::findObject($member->getObjectId()); if ($mobj instanceof ContentDataObject) $mobj->delete(); } // delete from object_members ObjectMembers::delete('member_id = '.$member->getId()); Hook::fire('delete_member', $member, $ret); // ApplicationLogs::createLog($member, ApplicationLogs::ACTION_DELETE, false, true); $ok = $member->delete(false); if ($ok) { evt_add("reload dimension tree", array('dim_id' => $dim_id, 'node' => null)); evt_add("select dimension member", array('dim_id' => $dim_id, 'node' => 'root')); } DB::commit(); flash_success(lang('success delete member', $member->getName())); if (get_id('start')) { ajx_current("start"); } else { if (get_id('dont_reload')) { ajx_current("empty"); } else { ajx_current("reload"); } } } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } }