/**
* get objects acl list
* @param $p client side request params with field config
* @param boolean $inherited flag to include inherited rules also
* @return array json responce
*/
public function getObjectAcl($p, $inherited = true)
{
$rez = array('success' => true, 'data' => array(), 'name' => '');
if (!is_numeric($p['id'])) {
return $rez;
}
if (empty($this->internalAccessing) && !Security::canRead($p['id'])) {
throw new \Exception(L\get('Access_denied'));
}
/* set object title, path and inheriting access ids path*/
$obj_ids = array();
$res = DB\dbQuery('SELECT
ti.`path`
,t.name
,t.inherit_acl
,ts.`set` `obj_ids`
FROM tree t
JOIN tree_info ti ON t.id = ti.id
LEFT JOIN tree_acl_security_sets ts ON ti.security_set_id = ts.id
WHERE t.id = $1', $p['id']) or die(DB\dbQueryError());
if ($r = $res->fetch_assoc()) {
$rez['path'] = Path::replaceCustomNames($r['path']);
$rez['name'] = Path::replaceCustomNames($r['name']);
$rez['inherit_acl'] = $r['inherit_acl'];
$obj_ids = explode(',', $r['obj_ids']);
}
$res->close();
/* end of set object title and path*/
/* get the full set of access credentials(users and/or groups) including inherited from parents */
$lid = Config::get('user_language_index', 1);
$res = DB\dbQuery('SELECT DISTINCT u.id
,u.`name`
,u.`first_name`
,u.`last_name`
,u.`system`
,u.`enabled`
,u.`type`
,u.`sex`
FROM tree_acl a
JOIN users_groups u ON a.user_group_id = u.id
WHERE a.node_id ' . ($inherited ? ' in (0' . implode(',', $obj_ids) . ')' : ' = $1 ') . ' ORDER BY u.`type`, 2', $p['id']) or die(DB\dbQueryError());
while ($r = $res->fetch_assoc()) {
$r['user_group_id'] = $r['id'];
$r['name'] = User::getDisplayName($r);
$r['iconCls'] = $r['type'] == 1 ? 'icon-users' : 'icon-user-' . $r['sex'];
unset($r['sex']);
$access = $this->getUserGroupAccessForObject($p['id'], $r['id']);
$r['allow'] = implode(',', $access[0]);
$r['deny'] = implode(',', $access[1]);
$rez['data'][] = $r;
}
$res->close();
/* end of get the full set of access credentials(users and/or groups) including inherited from parents */
return $rez;
}
