/**
* Save a rule
*
* @param bool $apply
*/
protected function save($apply)
{
Sobi::Trigger('Save', 'Acl', array(&$this));
if (!SPFactory::mainframe()->checkToken()) {
Sobi::Error('Token', SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__);
}
$rid = SPRequest::int('rid', 'null');
$this->validate('acl.edit', array('task' => 'acl.edit', 'rid' => $rid));
if ($rid) {
$this->remove($rid);
}
$vs = SPRequest::timestamp('set_validSince');
$vu = SPRequest::timestamp('set_validUntil');
$vs = $vs ? date(Sobi::Cfg('db.date_format', 'Y-m-d H:i:s'), $vs) : null;
$vu = $vu ? date(Sobi::Cfg('db.date_format', 'Y-m-d H:i:s'), $vu) : null;
$name = SPRequest::string('set_name');
$nid = SPRequest::cmd('set_nid');
$note = SPRequest::string('set_note');
$state = SPRequest::int('set_state', 1);
$gids = SPRequest::arr('set_groups');
$sids = SPRequest::arr('set_sections');
$pf = SPRequest::arr('set_permissions', array());
$pa = SPRequest::arr('set_adm_permissions', array());
// if can publish any, then can see any unpublished
if (in_array(20, $pf)) {
$pf[] = 14;
}
// if can publish own, then can see own unpublished
if (in_array(21, $pf)) {
$pf[] = 12;
}
if (in_array(19, $pf)) {
$pf[] = 15;
}
$perms = array_merge($pf, $pa);
/* @var SPdb $db */
$db = SPFactory::db();
/* update or insert the rule definition */
try {
$db->insertUpdate('spdb_permissions_rules', array('rid' => $rid, 'name' => $name, 'nid' => $nid, 'validSince' => $vs, 'validUntil' => $vu, 'note' => $note, 'state' => $state));
} catch (SPException $x) {
Sobi::Error('ACL', SPLang::e('CANNOT_CREATE_RULE_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__);
}
$rid = (int) $rid ? (int) $rid : $db->insertid();
/* insert the groups ids */
if (count($gids)) {
foreach ($gids as $i => $gid) {
$gids[$i] = array('rid' => $rid, 'gid' => $gid);
}
try {
$db->insertArray('spdb_permissions_groups', $gids);
} catch (SPException $x) {
Sobi::Error('ACL', SPLang::e('CANNOT_INSERT_GROUPS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__);
}
}
try {
$db->select('*', 'spdb_permissions', array('site' => 'adm', 'value' => 'global'));
$admPermissions = $db->loadResultArray();
} catch (SPException $x) {
Sobi::Error('ACL', SPLang::e('CANNOT_GET_PERMISSIONS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__);
}
/* create permission and section map */
if (count($sids) && count($perms)) {
$map = array();
/* travel the sections */
foreach ($sids as $sid) {
foreach ($perms as $pid) {
if (in_array($pid, $admPermissions)) {
$map[] = array('rid' => $rid, 'sid' => 0, 'pid' => $pid);
} else {
$map[] = array('rid' => $rid, 'sid' => $sid, 'pid' => $pid);
}
}
}
try {
$db->insertArray('spdb_permissions_map', $map, true);
} catch (SPException $x) {
Sobi::Error('ACL', SPLang::e('CANNOT_INSERT_GROUPS_DB_ERR', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__);
}
}
SPFactory::cache()->cleanAll();
/* trigger plugins */
Sobi::Trigger('AfterSave', 'Acl', array(&$this));
/* set redirect */
$this->response(Sobi::Url($apply ? array('task' => 'acl.edit', 'rid' => $rid) : 'acl'), Sobi::Txt('ACL_RULE_SAVED'), !$apply, SPC::SUCCESS_MSG, array('sets' => array('rid' => $rid)));
}
