/** * Copy one permission row to the subtree * * * @package CMS * * @param string type - permission type (OBJ/ACL) * @param integer source_id - source ID (obejct ID or group ID) * @param string crud - CRUPD mask to be copied eg "01000" * @param integer user_id - User ID * @param integer group_id - Group ID * @param integer role_id - Role ID * * Call: * copy_permissions(array( * "type" => 'OBJ', * "source_id" => $site->fdat['id'], * "crud" => $site->fdat['crud'] * "user_id" => $site->fdat['perm_user_id'], * "group_id" => $site->fdat['perm_group_id'], * "role_id" => $site->fdat['perm_role_id'], * )); */ function copy_permissions ($args) { global $site, $class_path; $source_id = $args['source_id']; $crud = $args['crud']; $user_id = $args['user_id']; $group_id = $args['group_id']; $role_id = $args['role_id']; ## how many objects/groups were actually updated $updated_count = 0; # make string "01000" to array $crud_arr['C'] = substr($crud,0,1); $crud_arr['R'] = substr($crud,1,1); $crud_arr['U'] = substr($crud,2,1); $crud_arr['P'] = substr($crud,3,1); $crud_arr['D'] = substr($crud,4,1); ?> <tr> <td valign="top" class="scms_confirm_alert_cell" height="100%"> <? #echo "ID:". $source_id.' / CRUD: '.$crud; if($args['type']) { ############ 1) GET SUBTREE HERE (query 1 time) # get object subtree: children sections (ignore objects languages, to get folders also. there is no risk because we get always one certain branch) if($args['type']=='OBJ'){ include_once($class_path."rubloetelu.class.php"); # used in subtree proc $rubs = new RubLoetelu(array( "keel" => $keel, "required_perm" => "U", "object_type_ids" => "1,22", # get sections, folders (Bug #1996) "ignore_lang" => 1 # ignore objects languages )); #printr($rubs->get_loetelu()); #$rubs->debug->print_msg(); # get branch: is array of all section children with update permission: $branch = $rubs->get_branch_byID(array(id => $site->fdat['id'])); #printr($branch); } # get group subtree: children subgroups elseif($args['type']=='ACL'){ $sql = "SELECT group_id AS id, parent_group_id AS parent, name FROM groups ORDER BY name"; $sth = new SQL($sql); while ($data = $sth->fetch()){ $temp_tree[] = $data; } ############# generate tree require_once($class_path.'menu.class.php'); $menu = new Menu(array( width=> "100%", tree => $temp_tree, datatype => "group" )); $menu->get_full_subtree(array("parent_id" => $site->fdat['id'])); # $menu->full_subtree is variable from group tree and is all ID-s of group children #echo printr($menu->full_subtree); foreach($menu->full_subtree as $subgroup_id) { $branch[$subgroup_id] = ""; # name is not important }; } ################### # 2. INSERT PERMISSIONS # loop over subtree # branch is array of all children foreach($branch as $child_id=>$child_name) { # omit source object itself if($child_id == $source_id) { continue; } ########### CREATE CHILD (to get permissions and title) if($args['type'] == 'OBJ') { ## create child object $child = new Objekt(array( objekt_id => $child_id )); $child->title = $child->all['pealkiri']; } elseif($args['type'] == 'ACL') { ## create child group $child = new Group(array( group_id => $child_id, )); $child->permission = get_user_permission(array( type => 'ACL', group_id => $child_id )); $child->title = $child->name; } #printr($child->permission); ########### CHECK UPDATE PERMISSION - does user has U permission for this object? (Bug #2203) if(!$child->permission['U']) { continue; # user doesn't have U permission => don't change child } # insert permission also to child: #print "<br>insert permission also to child: ". $child_id. " => ".$child_name; ##### 1) DELETE OLD permission $sql = $site->db->prepare("DELETE FROM permissions WHERE type=? AND source_id=? AND ",$args['type'], $child_id); if($role_id){ $sql .= $site->db->prepare(" role_id=? ", $role_id); } elseif($group_id){ $sql .= $site->db->prepare(" group_id=? ", $group_id); } elseif($user_id){ $sql .= $site->db->prepare(" user_id=? ", $user_id); } $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); #print "<br>".$sql; ##### 2) INSERT permission $sql = $site->db->prepare("INSERT INTO permissions (type,source_id,role_id,group_id,user_id,C,R,U,P,D) VALUES (?,?,?,?,?,?,?,?,?,?)", $args['type'], $child_id, ($role_id?$role_id:0), ($group_id?$group_id:0), ($user_id?$user_id:0), $crud_arr['C'], $crud_arr['R'], $crud_arr['U'], $crud_arr['P'], $crud_arr['D'] ); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); #print "<br>".$sql; if($sth->rows) { $updated_count++; } ############ # 3. WRITE LOG # type= OBJ if($args['type'] == 'OBJ') { new Log(array( 'action' => 'update', 'component' => 'ACL', 'objekt_id' => $child_id, 'message' => "Object '".$child->title."' (ID=".$child_id.") permissions updated inside subtree", )); } # type= ACL elseif($args['type'] == 'ACL') { new Log(array( 'action' => 'update', 'component' => 'ACL', 'objekt_id' => $child_id, 'message' => "Object '".$child->title."' (ID=".$child_id.") permissions updated inside subtree", )); } # / write log ############ } # / loop over subtree ################### } # if permission type provided ################## ######### MESSAGE echo $site->sys_sona(array(sona => "Permissions copied to subtree", tyyp=>"editor")); echo ': '.$updated_count.''; ?> </td> </tr> <?#################### BUTTONS ###########?> <tr> <td align="right" valign="top" class="scms_dialog_area_bottom"> <input type="button" value="<?=$site->sys_sona(array(sona => "Close", tyyp=>"editor")) ?>" onclick="javascript:window.close();"> </td> </tr> <? }