Example #1
0
 /**
  * setting security inheritance flag for an item
  *
  * @param array $p {
  *     @type int      $id    id of tree node
  *     @type boolean  $inherit    set inherit to true or false
  *     @type string   $copyRules   when removing inheritance ($inherit = false)
  *                                 then this value could be set to 'yes' or 'no'
  *                                 for copying inherited rules to current node
  * }
  *
  */
 public function setInheritance($p)
 {
     /* check input params */
     if (empty($p['id']) || !isset($p['inherit']) || !is_numeric($p['id']) || !is_bool($p['inherit'])) {
         throw new \Exception(L\get('Wrong_input_data'));
     }
     /* end of check input params */
     if (!Security::isAdmin() && !Security::canChangePermissions($p['id'])) {
         throw new \Exception(L\get('Access_denied'));
     }
     /* checking if current inherit value is not already set to requested state */
     $inherit_acl = false;
     $r = DM\Tree::read($p['id']);
     if (!empty($r)) {
         $inherit_acl = $r['inherit_acl'];
     } else {
         throw new \Exception(L\get('Object_not_found'));
     }
     if ($inherit_acl == $p['inherit']) {
         return array('success' => false);
     }
     /* end of checking if current inherit value is not already set to requested state */
     // make pre update changes
     if ($p['inherit']) {
         DB\dbQuery('DELETE from tree_acl WHERE node_id = $1', $p['id']);
     } else {
         switch (@$p['copyRules']) {
             case 'yes':
                 //copy all inherited rules to current object
                 $acl = $this->getObjectAcl($p);
                 foreach ($acl['data'] as $rule) {
                     $allow = explode(',', str_replace('2', '1', $rule['allow']));
                     $deny = explode(',', str_replace('2', '1', $rule['deny']));
                     for ($i = 0; $i < 12; $i++) {
                         $allow[$i] = $allow[$i] == 1 ? '1' : '0';
                         $deny[$i] = $deny[$i] == -1 ? '1' : '0';
                     }
                     $allow = array_reverse($allow);
                     $deny = array_reverse($deny);
                     $allow = bindec(implode('', $allow));
                     $deny = bindec(implode('', $deny));
                     DB\dbQuery('INSERT INTO tree_acl (
                             node_id
                             ,user_group_id
                             ,allow
                             ,deny
                             ,cid)
                         VALUES($1
                              ,$2
                              ,$3
                              ,$4
                              ,$5) ON duplicate KEY
                         UPDATE allow = $3
                                 ,deny = $4
                                 ,uid = $5
                                 ,udate = CURRENT_TIMESTAMP', array($p['id'], $rule['id'], $allow, $deny, User::getId()));
                 }
                 break;
             default:
                 DB\dbQuery('DELETE from tree_acl WHERE node_id = $1', $p['id']);
                 break;
         }
     }
     // updating inherit flag for the object
     DM\Tree::update(array('id' => $p['id'], 'inherit_acl' => intval($p['inherit'])));
     Security::calculateUpdatedSecuritySets();
     Solr\Client::runBackgroundCron();
     return array('success' => true, 'data' => array());
 }