/** * Save a rule * * @param bool $apply */ protected function save($apply) { Sobi::Trigger('Save', 'Acl', array(&$this)); if (!SPFactory::mainframe()->checkToken()) { Sobi::Error('Token', SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); } $rid = SPRequest::int('rid', 'null'); $this->validate('acl.edit', array('task' => 'acl.edit', 'rid' => $rid)); if ($rid) { $this->remove($rid); } $vs = SPRequest::timestamp('set_validSince'); $vu = SPRequest::timestamp('set_validUntil'); $vs = $vs ? date(Sobi::Cfg('db.date_format', 'Y-m-d H:i:s'), $vs) : null; $vu = $vu ? date(Sobi::Cfg('db.date_format', 'Y-m-d H:i:s'), $vu) : null; $name = SPRequest::string('set_name'); $nid = SPRequest::cmd('set_nid'); $note = SPRequest::string('set_note'); $state = SPRequest::int('set_state', 1); $gids = SPRequest::arr('set_groups'); $sids = SPRequest::arr('set_sections'); $pf = SPRequest::arr('set_permissions', array()); $pa = SPRequest::arr('set_adm_permissions', array()); // if can publish any, then can see any unpublished if (in_array(20, $pf)) { $pf[] = 14; } // if can publish own, then can see own unpublished if (in_array(21, $pf)) { $pf[] = 12; } if (in_array(19, $pf)) { $pf[] = 15; } $perms = array_merge($pf, $pa); /* @var SPdb $db */ $db = SPFactory::db(); /* update or insert the rule definition */ try { $db->insertUpdate('spdb_permissions_rules', array('rid' => $rid, 'name' => $name, 'nid' => $nid, 'validSince' => $vs, 'validUntil' => $vu, 'note' => $note, 'state' => $state)); } catch (SPException $x) { Sobi::Error('ACL', SPLang::e('CANNOT_CREATE_RULE_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__); } $rid = (int) $rid ? (int) $rid : $db->insertid(); /* insert the groups ids */ if (count($gids)) { foreach ($gids as $i => $gid) { $gids[$i] = array('rid' => $rid, 'gid' => $gid); } try { $db->insertArray('spdb_permissions_groups', $gids); } catch (SPException $x) { Sobi::Error('ACL', SPLang::e('CANNOT_INSERT_GROUPS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__); } } try { $db->select('*', 'spdb_permissions', array('site' => 'adm', 'value' => 'global')); $admPermissions = $db->loadResultArray(); } catch (SPException $x) { Sobi::Error('ACL', SPLang::e('CANNOT_GET_PERMISSIONS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__); } /* create permission and section map */ if (count($sids) && count($perms)) { $map = array(); /* travel the sections */ foreach ($sids as $sid) { foreach ($perms as $pid) { if (in_array($pid, $admPermissions)) { $map[] = array('rid' => $rid, 'sid' => 0, 'pid' => $pid); } else { $map[] = array('rid' => $rid, 'sid' => $sid, 'pid' => $pid); } } } try { $db->insertArray('spdb_permissions_map', $map, true); } catch (SPException $x) { Sobi::Error('ACL', SPLang::e('CANNOT_INSERT_GROUPS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__); } } SPFactory::cache()->cleanAll(); /* trigger plugins */ Sobi::Trigger('AfterSave', 'Acl', array(&$this)); /* set redirect */ $this->response(Sobi::Url($apply ? array('task' => 'acl.edit', 'rid' => $rid) : 'acl'), Sobi::Txt('ACL_RULE_SAVED'), !$apply, SPC::SUCCESS_MSG, array('sets' => array('rid' => $rid))); }