/**
* Check on user and group permissions and on duplicate FAQs
*
* @param array $resultset Array with search results
*
* @return void
*/
public function reviewResultset(array $resultset)
{
$this->setResultset($resultset);
$duplicateResults = [];
$currentUserId = $this->user->getUserId();
if ('medium' === $this->_config->get('security.permLevel')) {
$currentGroupIds = $this->user->perm->getUserGroups($currentUserId);
} else {
$currentGroupIds = array(-1);
}
foreach ($this->rawResultset as $result) {
$permission = false;
// check permissions for groups
if ('medium' === $this->_config->get('security.permLevel')) {
$groupPermission = $this->faq->getPermission('group', $result->id);
if (count($groupPermission) && in_array($groupPermission[0], $currentGroupIds)) {
$permission = true;
}
}
// check permission for user
if ($permission || 'basic' === $this->_config->get('security.permLevel')) {
$userPermission = $this->faq->getPermission('user', $result->id);
if (in_array(-1, $userPermission) || in_array($this->user->getUserId(), $userPermission)) {
$permission = true;
} else {
$permission = false;
}
}
// check on duplicates
if (!isset($duplicateResults[$result->id])) {
$duplicateResults[$result->id] = 1;
} else {
++$duplicateResults[$result->id];
continue;
}
if ($permission) {
$this->reviewedResultset[] = $result;
}
}
$this->setNumberOfResults($this->reviewedResultset);
}
/**
* Check on user and group permissions and on duplicate FAQs
*
* @param array $resultset Array with search results
*
* @return void
*/
public function reviewResultset(array $resultset)
{
$this->setResultset($resultset);
$faqUser = new PMF_Faq_User();
$faqGroup = new PMF_Faq_Group();
$duplicateResults = array();
$currentUserId = $this->user->getUserId();
if ('medium' == PMF_Configuration::getInstance()->get('main.permLevel')) {
$currentGroupIds = $this->user->perm->getUserGroups($currentUserId);
}
foreach ($this->rawResultset as $index => $result) {
$permission = false;
// check permissions for groups
if ('medium' == PMF_Configuration::getInstance()->get('main.permLevel')) {
$groupPerm = $faqGroup->fetch($result->id);
if (count($groupPerm) && in_array($groupPerm->group_id, $currentGroupIds)) {
$permission = true;
}
}
// check permission for user
if ($permission || 'basic' == PMF_Configuration::getInstance()->get('main.permLevel')) {
$userPerm = $faqUser->fetch($result->id);
if (-1 == $userPerm->user_id || $this->user->getUserId() == $userPerm->user_id) {
$permission = true;
} else {
$permission = false;
}
}
// check on duplicates
if (!isset($duplicateResults[$result->id])) {
$duplicateResults[$result->id] = 1;
} else {
++$duplicateResults[$result->id];
continue;
}
if ($permission) {
$this->reviewedResultset[] = $result;
}
}
$this->setNumberOfResults($this->reviewedResultset);
}
$groupAction = $defaultGroupAction;
$message = sprintf('<p class="alert alert-success">%s</p>', $PMF_LANG['ad_group_suc']);
// display error messages and show form again
} else {
$groupAction = 'add';
$message = '<p class="alert alert-error">';
foreach ($messages as $err) {
$message .= $err . '<br />';
}
$message .= '</p>';
}
}
if (!isset($message)) {
$message = '';
}
// show new group form
if ($groupAction == 'add' && $user->perm->checkRight($user->getUserId(), 'addgroup')) {
$user = new PMF_User_CurrentUser($faqConfig);
$twig->loadTemplate('group/add.twig')->display(array('PMF_LANG' => $PMF_LANG, 'csrfToken' => $user->getCsrfTokenFromSession(), 'descriptionCols' => $descriptionCols, 'descriptionRows' => $descriptionRows, 'groupAutoJoin' => !empty($group_auto_join), 'groupDescription' => isset($group_description) ? $group_description : '', 'groupName' => isset($group_name) ? $group_name : '', 'message' => $message));
}
// end if ($groupAction == 'add')
// show list of users
if ($groupAction == 'list') {
$rightsData = $user->perm->getAllRightsData();
foreach ($rightsData as $key => $right) {
if (isset($PMF_LANG['rightsLanguage'][$right['name']])) {
$rightsData[$key]['description'] = $PMF_LANG['rightsLanguage'][$right['name']];
}
}
$twig->loadTemplate('group/list.twig')->display(array('PMF_LANG' => $PMF_LANG, 'descriptionCols' => $descriptionCols, 'descriptionRows' => $descriptionRows, 'groupAutoJoin' => !empty($group_auto_join), 'groupDescription' => isset($group_description) ? $group_description : '', 'groupName' => isset($group_name) ? $group_name : '', 'groupSelectSize' => $groupSelectSize, 'memberSelectSize' => $memberSelectSize, 'message' => $message, 'rightsData' => $rightsData));
}
wait(25);
$count++;
if (!($count % 10)) {
@ob_flush();
flush();
}
}
@ob_flush();
flush();
// add admin account and rights
$admin = new PMF_User();
$admin->createUser('admin', $password, 1);
$admin->setStatus('protected');
$adminData = array('display_name' => $realname, 'email' => $email);
$admin->setUserData($adminData);
$adminID = $admin->getUserId();
// add rights
$rights = array(array('name' => 'adduser', 'description' => 'Right to add user accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'edituser', 'description' => 'Right to edit user accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'deluser', 'description' => 'Right to delete user accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addbt', 'description' => 'Right to add faq entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editbt', 'description' => 'Right to edit faq entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delbt', 'description' => 'Right to delete faq entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'viewlog', 'description' => 'Right to view logfiles', 'for_users' => 1, 'for_groups' => 1), array('name' => 'adminlog', 'description' => 'Right to view admin log', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delcomment', 'description' => 'Right to delete comments', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addnews', 'description' => 'Right to add news', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editnews', 'description' => 'Right to edit news', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delnews', 'description' => 'Right to delete news', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addcateg', 'description' => 'Right to add categories', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editcateg', 'description' => 'Right to edit categories', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delcateg', 'description' => 'Right to delete categories', 'for_users' => 1, 'for_groups' => 1), array('name' => 'passwd', 'description' => 'Right to change passwords', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editconfig', 'description' => 'Right to edit configuration', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addatt', 'description' => 'Right to add attachments', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delatt', 'description' => 'Right to delete attachments', 'for_users' => 1, 'for_groups' => 1), array('name' => 'backup', 'description' => 'Right to save backups', 'for_users' => 1, 'for_groups' => 1), array('name' => 'restore', 'description' => 'Right to load backups', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delquestion', 'description' => 'Right to delete questions', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addglossary', 'description' => 'Right to add glossary entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editglossary', 'description' => 'Right to edit glossary entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delglossary', 'description' => 'Right to delete glossary entries', 'for_users' => 1, 'for_groups' => 1), array('name' => 'changebtrevs', 'description' => 'Right to edit revisions', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addgroup', 'description' => 'Right to add group accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'editgroup', 'description' => 'Right to edit group accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'delgroup', 'description' => 'Right to delete group accounts', 'for_users' => 1, 'for_groups' => 1), array('name' => 'addtranslation', 'description' => 'Right to add translation', 'for_users' => 1, 'for_groups' => 1), array('name' => 'edittranslation', 'description' => 'Right to edit translations', 'for_users' => 1, 'for_groups' => 1), array('name' => 'deltranslation', 'description' => 'Right to delete translations', 'for_users' => 1, 'for_groups' => 1), array('name' => 'approverec', 'description' => 'Right to approve records', 'for_users' => 1, 'for_groups' => 1));
foreach ($rights as $right) {
$rightID = $admin->perm->addRight($right);
$admin->perm->grantUserRight($adminID, $rightID);
}
// Add anonymous user account
$anonymous = new PMF_User();
$anonymous->createUser('anonymous', null, -1);
$anonymous->setStatus('protected');
$anonymousData = array('display_name' => 'Anonymous User', 'email' => null);
$anonymous->setUserData($anonymousData);
$oConf = PMF_Configuration::getInstance();
$oConf->getAll();
$configs = $oConf->config;
}
print json_encode($groups);
}
// Return the group data
if ('get_group_data' == $ajax_action) {
print json_encode($user->perm->getGroupData($group_id));
}
// Return the group rights
if ('get_group_rights' == $ajax_action) {
print json_encode($user->perm->getGroupRights($group_id));
}
// Return all users
if ('get_all_users' == $ajax_action) {
$users = array();
foreach ($userList as $single_user) {
$user->getUserById($single_user);
$users[] = array('user_id' => $user->getUserId(), 'login' => $user->getLogin());
}
print json_encode($users);
}
// Returns all group members
if ('get_all_members' == $ajax_action) {
$memberList = $user->perm->getGroupMembers($group_id);
$members = array();
foreach ($memberList as $single_member) {
$user->getUserById($single_member);
$members[] = array('user_id' => $user->getUserId(), 'login' => $user->getLogin());
}
print json_encode($members);
}
}
$message = sprintf('<p class="alert alert-success">%s</p>', $PMF_LANG['ad_adus_suc']);
// display error messages and show form again
} else {
$userAction = 'add';
$message = '<p class="alert alert-danger">';
foreach ($messages as $err) {
$message .= $err . '<br />';
}
$message .= '</p>';
}
}
if (!isset($message)) {
$message = '';
}
// show new user form
if ($userAction == 'add' && $user->perm->checkRight($user->getUserId(), 'adduser')) {
$twig->loadTemplate('user/add.twig')->display(array('PMF_LANG' => $PMF_LANG, 'csrfToken' => $user->getCsrfTokenFromSession(), 'userEmail' => isset($user_email) ? $user_email : '', 'userName' => isset($user_name) ? $user_name : '', 'userPassword' => isset($user_password) ? $user_password : '', 'userPasswordConfirm' => isset($user_password_confirm) ? $user_password_confirm : '', 'userRealName' => isset($user_realname) ? $user_realname : ''));
}
// show list of users
if ($userAction == 'list') {
$templateVars = array('PMF_LANG' => $PMF_LANG, 'message' => $message, 'renderUpdateUserScript' => false, 'rights' => $user->perm->getAllRightsData(), 'showListAllUsers' => $permission['edituser']);
if (isset($_GET['user_id'])) {
$templateVars['renderUpdateUserScript'] = true;
$templateVars['updateUserId'] = PMF_Filter::filterInput(INPUT_GET, 'user_id', FILTER_VALIDATE_INT, 0);
}
$twig->loadTemplate('user/list.twig')->display($templateVars);
}
// show list of all users
if ($userAction == 'listallusers' && $user->perm->checkRight($user->getUserId(), 'edituser')) {
$templateVars = array('PMF_LANG' => $PMF_LANG, 'displayPagination' => false, 'message' => $message, 'users' => array());
$allUsers = $user->getAllUsers();
<tbody>
<?php
$counter = $displayedCounter = 0;
foreach ($allUsers as $userId) {
$user->getUserById($userId, true);
if ($displayedCounter >= $perPage) {
continue;
}
$counter++;
if ($counter <= $firstPage) {
continue;
}
$displayedCounter++;
?>
<tr class="row_user_id_<?php
print $user->getUserId();
?>
">
<td><?php
print $user->getUserId();
?>
</td>
<td><i class="<?php
switch ($user->getStatus()) {
case 'active':
echo "icon-ok";
break;
case 'blocked':
echo 'icon-lock';
break;
case 'protected':
/**
* Setter for permission array
*
* @param PMF_User $user User object
*
* @return void
*/
public function setUser(PMF_User $user)
{
// read all rights, set them FALSE
$allRights = $user->perm->getAllRightsData();
foreach ($allRights as $right) {
$this->permission[$right['name']] = false;
}
// check user rights, set them TRUE
$allUserRights = $user->perm->getAllUserRights($user->getUserId());
foreach ($allRights as $right) {
if (in_array($right['right_id'], $allUserRights)) {
$this->permission[$right['name']] = true;
}
}
}
