public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $contact_id = waRequest::get('id'); $group_ids = null; if ($contact_id > 0) { $user_groups_model = new waUserGroupsModel(); $group_ids = $user_groups_model->getGroupIds($contact_id); $group_ids[] = 0; } $app_id = waRequest::get('app'); $right_model = new waContactRightsModel(); $rights = $right_model->get($contact_id, $app_id, null, false); $group_rights = null; if ($group_ids) { $group_rights = $right_model->get(array_map(wa_lambda('$a', 'return -$a;'), $group_ids), $app_id, null, false); } // Check custom rights items $app_config = SystemConfig::getAppConfig($app_id); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); if (file_exists($file_path)) { // Init app waSystem::getInstance($app_id, $app_config, true); include $file_path; /** * @var waRightConfig $right_config */ $right_config = new $class_name(); $rights += $right_config->getRights($contact_id); if ($group_ids) { $group_rights += $right_config->getRights(array_map(wa_lambda('$a', 'return -$a;'), $group_ids)); } $this->view->assign('html', $right_config->getHTML($rights, $group_rights)); waSystem::setActive('contacts'); } else { $this->view->assign('html', ''); } if ($contact_id > 0) { $this->view->assign('user', new waContact($contact_id)); } else { $gm = new waGroupModel(); $this->view->assign('group', $gm->getById(-$contact_id)); } $app = wa()->getAppInfo($app_id); $app['id'] = $app_id; $this->view->assign('app', $app); $this->view->assign('rights', $rights); $this->view->assign('group_rights', $group_rights); }
public function getGroups($with_names = false) { $user_groups_model = new waUserGroupsModel(); if ($with_names) { return $user_groups_model->getGroups($this->id); } else { return $user_groups_model->getGroupIds($this->id); } }
/** * Get access rights by group and key * @param int|array $id group ids (if positive) or contact ids (negative) * @param string $name key to check value for; default is 'backend' * @param boolean $check_groups (default is true) if set to false then only own access rights are considered, as if contact has no groups assigned * @param boolean $noWA * @return array (app_id => value) */ public function getApps($id, $name = 'backend', $check_groups = true, $noWA = true) { $cache = false; if ($check_groups && is_numeric($id) && $id < 0) { $user_groups_model = new waUserGroupsModel(); $cache = -$id; $id = array_merge(array($id, 0), $user_groups_model->getGroupIds(-$id)); } if (is_array($id) && !$id || !is_numeric($id) && !is_array($id)) { return array(); } $sql = "SELECT app_id, MAX(value) v\n FROM " . $this->table . "\n WHERE group_id IN (i:group_id)" . ($noWA ? " AND app_id != 'webasyst' " : '') . "AND name = s:name\n AND value > 0\n GROUP BY app_id"; $data = $this->query($sql, array('group_id' => $id, 'name' => $name)); $result = array(); foreach ($data as $row) { $result[$row['app_id']] = $row['v']; if ($cache) { self::$cache[$cache][$row['app_id']][$name] = $row['v']; } } return $result; }