function replaceExistingAsset($config, $db, $user, $category, $asset) { /* save the asset perms for now */ $permissions = (array) $asset['permissions']; unset($asset['permissions']); /* don't trust the user-provided asset, check permissions separately */ $old_perms = $db->GetRecords("SELECT * FROM `{$config->values['perms_table']}` WHERE `Identifier`='{$asset['Identifier']}' LIMIT 1"); if (count($old_perms) == 1) { $asset['permissions'] = $old_perms[0]; } else { SLAM_setDefaultPerms($asset, $config); } /* verify that the current user is qualified */ if (SLAM_getAssetAccess($user, $asset) < 2) { return SLAM_makeErrorHTML('Authentication error: You are not authorized to save edits to this asset.', true); } /* don't try and save the permissions field into the asset table */ unset($asset['permissions']); $q = SLAM_makeUpdateStatement($db, $category, $asset, "`Identifier`='" . sql_real_escape($asset['Identifier'], $db->link) . "'", 1); if ($db->Query($q) === false) { return SLAM_makeErrorHTML('Database error: could not save record: ' . $db->ErrorState(), true); } $asset['permissions'] = $permissions; if (($ret = SLAM_saveAssetPerms($config, $db, $asset)) !== true) { return $ret; } return True; }
public function getPermissions(&$config, $db, $user, $request) { /* * this function creates a list of all the identifiers in the result and associates their permissions */ # compile the list of identifiers we're to retrieve $list = array(); foreach ($this->assets as $category) { foreach ($category as $asset) { $list[] = "'{$asset['Identifier']}'"; } } if (count($list) < 1) { return true; } # run a single query to get all available info $query = "SELECT * FROM `{$config->values['perms_table']}` WHERE `Identifier` IN (" . join(',', $list) . ')'; if (($rows = $db->GetRecords($query)) === false) { $config->errors[] = "Error: Could not retrieve permissions for requested assets." . $db->ErrorState(); return false; } # reconfigure the perms so that the identifier is the key $permissions = array(); foreach ($rows as $row) { $permissions[$row['Identifier']] = $row; $permissions[$row['Identifier']]['projects'] = explode(',', $permissions[$row['Identifier']]['projects']); } $identifiers = @array_keys($permissions); # save the permissions to the assets, or outfit them with default perms foreach ($this->assets as $category => &$list) { foreach ($list as &$asset) { if (in_array($asset['Identifier'], $identifiers)) { $asset['permissions'] = $permissions[$asset['Identifier']]; } else { SLAM_setDefaultPerms($asset, $config); } } } return true; }