function fetchPresetPermitOptions($fields)
{
$permits = array();
// Add these permit options for actions that involve both a user_id and a group_id
if (in_array('user_id', $fields) && in_array('group_id', $fields)) {
// Create permit options for default groups (any user)
$permits[] = array("name" => "any user and default groups.", "value" => "isDefaultGroup(group_id)");
// Create permit options for each group (any user)
$groups = fetchAllGroups();
foreach ($groups as $group_id => $group) {
$permits[] = array("name" => "any user and group '{$group['name']}'.", "value" => "isSameGroup(group_id,'{$group['id']}')");
}
$permits[] = array("name" => "any user with any group.", "value" => "always()");
// Only add these permit options for actions that involve a user_id
} else {
if (in_array('user_id', $fields)) {
// Create permit option for 'self'
$permits[] = array("name" => "themselves only.", "value" => "isLoggedInUser(user_id)");
// Create permits to perform actions on users in primary groups
$groups = fetchAllGroups();
foreach ($groups as $group_id => $group) {
$permits[] = array("name" => "users whose primary group is '{$group['name']}'.", "value" => "isUserPrimaryGroup(user_id,'{$group['id']}')");
}
$permits[] = array("name" => "any user.", "value" => "always()");
// Add these options for actions that involve a group_id
} else {
if (in_array('group_id', $fields)) {
$groups = fetchAllGroups();
// TODO: create permit option for the user's primary group only?
// Create permit options for each group
foreach ($groups as $group_id => $group) {
$permits[] = array("name" => "group '{$group['name']}'.", "value" => "isSameGroup(group_id,'{$group['id']}')");
}
$permits[] = array("name" => "any group.", "value" => "always()");
// Default options
} else {
$permits[] = array("name" => "always.", "value" => "always()");
}
}
}
return $permits;
}
function fetchAllPermits($type)
{
try {
global $db_table_prefix;
$result = array();
// Build array of groups/users indexed by id
if ($type == "user") {
$users = fetchAllUsers();
foreach ($users as $user) {
$id = $user['user_id'];
$result[$id] = array();
$result[$id]['user_id'] = $id;
$result[$id]['user_name'] = $user['user_name'];
$result[$id]['action_permits'] = array();
}
} else {
$groups = fetchAllGroups();
foreach ($groups as $group) {
$id = $group['id'];
$result[$id]['group_id'] = $id;
$result[$id]['name'] = $group['name'];
$result[$id]['action_permits'] = array();
}
}
$db = pdoConnect();
if ($type == "user") {
$query = "SELECT {$db_table_prefix}user_action_permits.*, user_name FROM {$db_table_prefix}users, {$db_table_prefix}user_action_permits\n\t\t\tWHERE {$db_table_prefix}users.id = {$db_table_prefix}user_action_permits.user_id ORDER BY user_id, action";
} else {
if ($type == "group") {
$query = "SELECT {$db_table_prefix}group_action_permits.*, name FROM {$db_table_prefix}groups, {$db_table_prefix}group_action_permits\n\t\t\tWHERE {$db_table_prefix}groups.id = {$db_table_prefix}group_action_permits.group_id ORDER BY group_id, action";
} else {
return false;
}
}
$stmt = $db->prepare($query);
$stmt->execute();
while ($r = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($type == "user") {
$id = $r['user_id'];
} else {
$id = $r['group_id'];
}
$action_permit_id = $r['id'];
// Parse out permit string into array of permit functions and parameters
$permits_arr = explode('&', $r['permits']);
$permits_by_arg = array();
foreach ($permits_arr as $permit) {
$permit_with_params = array();
preg_match('/(.*?)\\((.*?)\\)/', $permit, $permit_param_str);
$permit_name = $permit_param_str[1];
//$permit_with_params['name'] = $permit_name;
// Extract and map parameters, if any
if ($permit_param_str[2] and $permit_params = explode(',', $permit_param_str[2])) {
$permit_with_params = array();
foreach ($permit_params as $param) {
$permit_with_params[] = $param;
}
}
$permits_by_arg[$permit_name] = $permit_with_params;
}
$actions = array('action_id' => $action_permit_id, 'action' => $r['action'], 'permits' => $permits_by_arg);
$result[$id]['action_permits'][$action_permit_id] = $actions;
}
// Convert users/groups to numerically indexed array
$result = array_values($result);
$stmt = null;
foreach ($result as $id => $owner) {
$action_names = array();
foreach ($owner['action_permits'] as $action_id => $action) {
$action_names[] = $action['action'];
}
//echo var_dump($action_names);
//echo var_dump($group['action_permits']);
array_multisort($action_names, SORT_ASC, $owner['action_permits']);
// Convert action_permits to numerically indexed array
$result[$id]['action_permits'] = array_values($result[$id]['action_permits']);
}
return $result;
} catch (PDOException $e) {
addAlert("danger", "Oops, looks like our database encountered an error.");
error_log("Error in " . $e->getFile() . " on line " . $e->getLine() . ": " . $e->getMessage());
return false;
} catch (ErrorException $e) {
addAlert("danger", "Oops, looks like our server might have goofed. If you're an admin, please check the PHP error logs.");
return false;
}
}
/**
* Loads all group information.
* @return array $results contains group information id, name, is_default, can_delete
*/
function loadGroups()
{
// This block automatically checks this action against the permissions database before running.
if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
addAlert("danger", "Sorry, you do not have permission to access this resource.");
return false;
}
// Calls appropriate function in db_functions
return fetchAllGroups();
}
