public static function getOrCreate($groups) { $db = Loader::db(); $petID = $db->GetOne('select petID from PermissionAccessEntityTypes where petHandle = \'group_combination\''); $q = 'select pae.peID from PermissionAccessEntities pae '; $i = 1; foreach ($groups as $g) { $q .= 'left join PermissionAccessEntityGroups paeg' . $i . ' on pae.peID = paeg' . $i . '.peID '; $i++; } $q .= 'where petID = ? '; $i = 1; foreach ($groups as $g) { $q .= 'and paeg' . $i . '.gID = ' . $g->getGroupID() . ' '; $i++; } $peID = $db->GetOne($q, array($petID)); if (!$peID) { $db->Execute("insert into PermissionAccessEntities (petID) values (?)", array($petID)); Config::save('ACCESS_ENTITY_UPDATED', time()); $peID = $db->Insert_ID(); foreach ($groups as $g) { $db->Execute('insert into PermissionAccessEntityGroups (peID, gID) values (?, ?)', array($peID, $g->getGroupID())); } } return PermissionAccessEntity::getByID($peID); }
public function loadAccessEntityObject($peID) { if ($peID > 0) { $pe = PermissionAccessEntity::getByID($peID); $this->accessEntity = $pe; } }
public static function getOrCreate() { $db = Loader::db(); $petID = $db->GetOne('select petID from PermissionAccessEntityTypes where petHandle = \'file_uploader\''); $peID = $db->GetOne('select peID from PermissionAccessEntities where petID = ?', array($petID)); if (!$peID) { $db->Execute("insert into PermissionAccessEntities (petID) values(?)", array($petID)); $peID = $db->Insert_ID(); Config::save('ACCESS_ENTITY_UPDATED', time()); } return PermissionAccessEntity::getByID($peID); }
public static function getOrCreate(UserInfo $ui) { $db = Loader::db(); $petID = $db->GetOne('select petID from PermissionAccessEntityTypes where petHandle = \'user\''); $peID = $db->GetOne('select pae.peID from PermissionAccessEntities pae inner join PermissionAccessEntityUsers paeg on pae.peID = paeg.peID where petID = ? and paeg.uID = ?', array($petID, $ui->getUserID())); if (!$peID) { $db->Execute("insert into PermissionAccessEntities (petID) values(?)", array($petID)); $peID = $db->Insert_ID(); Config::save('ACCESS_ENTITY_UPDATED', time()); $db->Execute('insert into PermissionAccessEntityUsers (peID, uID) values (?, ?)', array($peID, $ui->getUserID())); } return PermissionAccessEntity::getByID($peID); }
public static function getAccessEntitiesForUser($user) { $entities = array(); $ingids = array(); $db = Loader::db(); foreach ($user->getUserGroups() as $key => $val) { $ingids[] = $key; } $instr = implode(',', $ingids); $peIDs = $db->GetCol('select peID from PermissionAccessEntityGroupSets paegs inner join GroupSetGroups gsg on paegs.gsID = gsg.gsID where gsg.gID in (' . $instr . ')'); if (is_array($peIDs)) { foreach ($peIDs as $peID) { $entity = PermissionAccessEntity::getByID($peID); if (is_object($entity)) { $entities[] = $entity; } } } return $entities; }
public function getAllTimedAssignmentsForPage() { $db = Loader::db(); $assignments = array(); $r = $db->Execute('select peID, pkID, pdID from PagePermissionAssignments ppa inner join PermissionAccessList pal on ppa.paID = pal.paID where pdID > 0 and cID = ?', array($this->object->getCollectionID())); while ($row = $r->FetchRow()) { $pk = PagePermissionKey::getByID($row['pkID']); $pae = PermissionAccessEntity::getByID($row['peID']); $pd = PermissionDuration::getByID($row['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } $r = $db->Execute('select arHandle from Areas where cID = ? and arOverrideCollectionPermissions = 1', array($this->object->getCollectionID())); while ($row = $r->FetchRow()) { $r2 = $db->Execute('select peID, pdID, pkID from AreaPermissionAssignments apa inner join PermissionAccessList pal on apa.paID = pal.paID where pdID > 0 and cID = ? and arHandle = ?', array($this->object->getCollectionID(), $row['arHandle'])); while ($row2 = $r2->FetchRow()) { $pk = AreaPermissionKey::getByID($row2['pkID']); $pae = PermissionAccessEntity::getByID($row2['peID']); $area = Area::get($this->getPermissionObject(), $row['arHandle']); $pk->setPermissionObject($area); $pd = PermissionDuration::getByID($row2['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } } $r = $db->Execute('select peID, cvb.cvID, cvb.bID, pdID, pkID from BlockPermissionAssignments bpa inner join PermissionAccessList pal on bpa.paID = pal.paID inner join CollectionVersionBlocks cvb on cvb.cID = bpa.cID and cvb.cvID = bpa.cvID and cvb.bID = bpa.bID where pdID > 0 and cvb.cID = ? and cvb.cvID = ? and cvb.cbOverrideAreaPermissions = 1', array($this->object->getCollectionID(), $this->object->getVersionID())); while ($row = $r->FetchRow()) { $pk = BlockPermissionKey::getByID($row['pkID']); $pae = PermissionAccessEntity::getByID($row['peID']); $arHandle = $db->GetOne('select arHandle from CollectionVersionBlocks where bID = ? and cvID = ? and cID = ?', array($row['bID'], $row['cvID'], $this->object->getCollectionID())); $b = Block::getByID($row['bID'], $this->object, $arHandle); $pk->setPermissionObject($b); $pd = PermissionDuration::getByID($row['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } return $assignments; }
public function removeListItem(PermissionAccessEntity $pe) { $db = Loader::db(); $db->Execute('delete from PermissionAccessList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $this->getPermissionAccessID())); }
<?php defined('C5_EXECUTE') or die("Access Denied."); $p = new Permissions(); if ($p->canAccessTaskPermissions()) { if ($_REQUEST['task'] == 'add_access_entity' && Loader::helper("validation/token")->validate('add_access_entity')) { $pk = PermissionKey::getByID($_REQUEST['pkID']); $pa = PermissionAccess::getByID($_REQUEST['paID'], $pk); $pe = PermissionAccessEntity::getByID($_REQUEST['peID']); $pd = PermissionDuration::getByID($_REQUEST['pdID']); $pa->addListITem($pe, $pd, $_REQUEST['accessType']); } if ($_REQUEST['task'] == 'remove_access_entity' && Loader::helper("validation/token")->validate('remove_access_entity')) { $pk = PermissionKey::getByID($_REQUEST['pkID']); $pa = PermissionAccess::getByID($_REQUEST['paID'], $pk); $pe = PermissionAccessEntity::getByID($_REQUEST['peID']); $pa->removeListItem($pe); } if ($_REQUEST['task'] == 'save_permission' && Loader::helper("validation/token")->validate('save_permission')) { $pk = PermissionKey::getByID($_REQUEST['pkID']); $pa = PermissionAccess::getByID($_REQUEST['paID'], $pk); $pa->save($_POST); } if ($_REQUEST['task'] == 'display_access_cell' && Loader::helper("validation/token")->validate('display_access_cell')) { $pk = PermissionKey::getByID($_REQUEST['pkID']); $pa = PermissionAccess::getByID($_REQUEST['paID'], $pk); Loader::element('permission/labels', array('pk' => $pk, 'pa' => $pa)); } }
public function getUserAccessEntityObjects() { $req = Request::get(); if ($req->hasCustomRequestUser()) { // we bypass session-saving performance // and we don't save them in session. return PermissionAccessEntity::getForUser($this); } if (isset($_SESSION['accessEntities'])) { $entities = $_SESSION['accessEntities']; } else { $entities = PermissionAccessEntity::getForUser($this); $_SESSION['accessEntities'] = $entities; $_SESSION['accessEntitiesUpdated'] = time(); } return $entities; }