function applyGroupPermission($smarty, $module_name, $local_templates_dir, &$pDB, $arrConf, $credentials)
{
global $arrLang;
$pACL = new paloACL($pDB);
$pORGZ = new paloSantoOrganization($pDB);
$filter_resource = getParameter("resource_apply");
$limit = getParameter("limit_apply");
$offset = getParameter("offset_apply");
$idGroup = getParameter("filter_group");
if ($credentials['userlevel'] == "superadmin") {
$idOrgFil = getParameter("idOrganization");
if (empty($idOrgFil)) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("Invalid Organization"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
} else {
$idOrgFil = $credentials['id_organization'];
}
if (empty($idGroup)) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("Invalid Group"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
//valido exista una organizacion con dicho id y que no sea la organizacion 1
$orgTmp = $pORGZ->getOrganizationById($idOrgFil);
if ($orgTmp === false) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr($pORGZ->errMsg));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
} elseif (count($orgTmp) == 0) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("Organization doesn't exist"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
if ($idOrgFil == 1) {
$error = true;
$msg_error = _tr("Invalid Organization");
}
//valido que el grupo pertenezca a la organizacion
if ($pACL->getGroups($idGroup, $idOrgFil) == false) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("Invalid Group"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
$lang = get_language();
if ($lang != "en") {
if (isset($filter_resource)) {
if (trim($filter_resource) != "") {
global $arrLang;
$filter_value = strtolower(trim($filter_resource));
$parameter_to_find[] = $filter_value;
//parametro de busqueda sin traduccion
foreach ($arrLang as $key => $value) {
$langValue = strtolower(trim($value));
if (preg_match("/^[[:alnum:]| ]*\$/", $filter_value)) {
if (strpos($langValue, $filter_value) !== FALSE) {
$parameter_to_find[] = $key;
}
}
}
}
}
}
if (isset($filter_resource)) {
$parameter_to_find[] = $filter_resource;
} else {
$parameter_to_find = null;
}
//obtenemos los recursos a los que la organizacion tiene acceso
$arrResourcesOrg = $pACL->getResourcesByOrg($idOrgFil, $parameter_to_find);
if ($arrResourcesOrg === false) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr($pACL->errMsg));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
$arrResources = array_slice($arrResourcesOrg, $offset, $limit);
foreach ($arrResources as $resource) {
$listResource[] = $resource['id'];
//lista de id de los recursos que queremos consultar
}
//el grupo administrator de cada organizacion tiene ciertos recursos siempre activos
$isAdministrator = $pACL->getGroupNameByid($idGroup) == _tr("administrator") ? true : false;
if ($isAdministrator) {
$listResource[] = "grouplist";
$listResource[] = "userlist";
$listResource[] = "group_permission";
}
//las acciones que tiene cada drecurso
$arrResourceActions = $pACL->getResourcesActions($listResource);
if ($arrResourceActions === false) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("An error has ocurred to retrieved Resources Actions"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
//para el casos de los recursos organization, dashboard, cdrreport ahi acciones que no se les puede otorgar a los usuarios
if (isset($arrResourceActions['organization'])) {
$arrResourceActions['organization'] = array_diff($arrResourceActions['organization'], array('change_org_status', 'create_org', 'delete_org', 'edit_DID'));
}
if (isset($arrResourceActions['dashboard'])) {
$arrResourceActions['dashboard'] = array('access');
}
if (isset($arrResourceActions['cdrreport'])) {
$arrResourceActions['cdrreport'] = array('access', _tr('export'));
}
//los premisos que tiene el grupo
$arrPermisos = $pACL->loadGroupPermissions($idGroup, $listResource);
if ($arrPermisos === false) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", _tr("An error has ocurred to retrieved Group Permissions"));
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
$arrNewPermissions = array();
$arrDelPermissions = array();
$arrSelectdPermissions = array();
if (isset($_POST['groupPermission'])) {
foreach ($_POST['groupPermission'] as $resource => $actions) {
if (isset($arrResourceActions[$resource])) {
$res_actions = array_intersect(array_keys($actions), $arrResourceActions[$resource]);
if (in_array('access', $res_actions)) {
$arrSelectdPermissions[$resource] = $res_actions;
}
}
}
}
if ($isAdministrator) {
if (isset($arrResourceActions['grouplist'])) {
$arrSelectdPermissions["grouplist"] = $arrResourceActions['grouplist'];
}
if (isset($arrResourceActions['userlist'])) {
$arrSelectdPermissions["userlist"] = $arrResourceActions['userlist'];
}
if (isset($arrResourceActions['group_permission'])) {
$arrSelectdPermissions["group_permission"] = $arrResourceActions['group_permission'];
}
}
//sacamos la lista de los permisos nuevos
foreach ($arrSelectdPermissions as $resource => $actions) {
if (isset($arrPermisos[$resource])) {
$new_actions = array_diff($actions, $arrPermisos[$resource]);
if (count($new_actions) > 0) {
$arrNewPermissions[$resource] = $new_actions;
}
} else {
//no se hallaba antes lo agregamos a la lista de recursos nuevos
$arrNewPermissions[$resource] = $actions;
}
}
//sacamos la lista de los recursos ausentes
foreach ($arrPermisos as $resource => $actions) {
if (isset($arrSelectdPermissions[$resource])) {
$del_actions = array_diff($actions, $arrSelectdPermissions[$resource]);
if (count($del_actions) > 0) {
$arrDelPermissions[$resource] = $del_actions;
}
} else {
//no se halla entre los recursos seleccionados lo agregamos a la lista de recursos ausentes
$arrDelPermissions[$resource] = $actions;
}
}
$pACL->_DB->beginTransaction();
if (count($arrDelPermissions) > 0) {
if (!$pACL->deleteGroupPermission($idGroup, $arrDelPermissions)) {
$smarty->assign("mb_title", "ERROR");
$smarty->assign("mb_message", _tr("A error has been ocurred. ") . $pACL->errMsg);
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
}
if (count($arrNewPermissions) > 0) {
if (!$pACL->saveGroupPermission($idGroup, $arrNewPermissions)) {
$smarty->assign("mb_title", "ERROR");
$smarty->assign("mb_message", _tr("A error has been ocurred. ") . $pACL->errMsg);
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
}
$smarty->assign("mb_title", _tr("MESSAGE"));
$smarty->assign("mb_message", _tr("Changes was applied successfully"));
$pACL->_DB->commit();
//borra los menus q tiene de permisos que estan guardados en la session, el index.php principal (html) volvera a generar esta arreglo de permisos.
unset($_SESSION['elastix_user_permission']);
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $credentials);
}
function applyGroupPermission($smarty, $module_name, $local_templates_dir, &$pDB, $arrConf)
{
$pGroupPermission = new paloSantoGroupPermission();
$filter_resource = getParameter("resource_apply");
$limit = getParameter("limit_apply");
$offset = getParameter("offset_apply");
$action_apply = getParameter("action_apply");
$start_apply = getParameter("start_apply");
$arrResources = $pGroupPermission->ObtainResources($limit, $offset, $filter_resource);
//****************************************************************************************************
// ACTION -> access
//****************************************************************************************************
//permisos recursos seleccionados en el grid
// Array ( [0] => build_module [1] => delete_module [2] => language_admin ...
$selectedAccess = isset($_POST['groupPermission']) ? array_keys($_POST['groupPermission']) : array();
$idGroup = getParameter("filter_group");
$isAdministrator = $idGroup == 1 ? true : false;
if ($isAdministrator) {
$selectedAccess[] = "usermgr";
$selectedAccess[] = "grouplist";
$selectedAccess[] = "userlist";
$selectedAccess[] = "group_permission";
}
$listaPermisos = OrderResourceGroupPermissions($pGroupPermission->loadResourceGroupPermissions("access", $idGroup));
$listaPermisosNuevos = array_diff($selectedAccess, $listaPermisos);
$listaPermisosAusentes = array_diff($listaPermisos, $selectedAccess);
$listaPermisosNuevosGrupo = array();
$listaPermisosAusentesGrupo = array();
foreach ($arrResources as $resource) {
if (in_array($resource["name"], $listaPermisosNuevos)) {
$listaPermisosNuevosGrupo[] = $resource["id"];
}
if (in_array($resource["name"], $listaPermisosAusentes)) {
$listaPermisosAusentesGrupo[] = $resource["id"];
}
}
if (count($listaPermisosAusentesGrupo) > 0) {
$bExito = $pGroupPermission->deleteGroupPermissions("access", $idGroup, $listaPermisosAusentesGrupo);
if (!$bExito) {
$msgError = "ERROR";
}
}
if (count($listaPermisosNuevosGrupo) > 0) {
$bExito = $pGroupPermission->saveGroupPermissions("access", $idGroup, $listaPermisosNuevosGrupo);
if (!$bExito) {
$msgError = "ERROR";
}
}
if (!empty($msgError)) {
$smarty->assign("mb_message", $msgError);
}
//TODO: Las acciones de view, delete, create y update no existen en la base de datos en la tabla acl_action (sólo está la acción access), por lo tanto se generaba un error al no existir dichas acciones. Queda para un futuro la implementación de estas acciones.
//****************************************************************************************************
// ACTION -> view
//****************************************************************************************************
/*
//permisos recursos seleccionados en el grid
// Array ( [0] => build_module [1] => delete_module [2] => language_admin ...
$selectedViews = isset($_POST['viewPermission']) ? array_keys($_POST['viewPermission']) : array();
if( $isAdministrator ){
$selectedViews[] = "usermgr";
$selectedViews[] = "grouplist";
$selectedViews[] = "userlist";
$selectedViews[] = "group_permission";
}
$listaPermisos = OrderResourceGroupPermissions( $pGroupPermission->loadResourceGroupPermissions("view", $idGroup) );
$listaPermisosNuevos = array_diff( $selectedViews, $listaPermisos);
$listaPermisosAusentes = array_diff( $listaPermisos, $selectedViews);
$listaPermisosNuevosGrupo = array();
$listaPermisosAusentesGrupo = array();
foreach($arrResources as $resource) { print_r("<br/>".$resource["name"]);
if( in_array( $resource["name"], $listaPermisosNuevos) ) $listaPermisosNuevosGrupo[] = $resource["id"];
if( in_array( $resource["name"], $listaPermisosAusentes) ) $listaPermisosAusentesGrupo[] = $resource["id"];
}
if( count($listaPermisosAusentesGrupo) > 0 ){
$bExito = $pGroupPermission->deleteGroupPermissions("view", $idGroup, $listaPermisosAusentesGrupo);
if (!$bExito)
$msgError = "ERROR";
}
print_r($listaPermisosNuevosGrupo);
if( count($listaPermisosNuevosGrupo) > 0 ){
$bExito = $pGroupPermission->saveGroupPermissions("view", $idGroup, $listaPermisosNuevosGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if (!empty($msgError))
$smarty->assign("mb_message", $msgError);
//****************************************************************************************************
// ACTION -> create
//****************************************************************************************************
//permisos recursos seleccionados en el grid
// Array ( [0] => build_module [1] => delete_module [2] => language_admin ...
$selectedCreates = isset($_POST['createPermission']) ? array_keys($_POST['createPermission']) : array();
if( $isAdministrator ){
$selectedCreates[] = "usermgr";
$selectedCreates[] = "grouplist";
$selectedCreates[] = "userlist";
$selectedCreates[] = "group_permission";
}
$listaPermisos = OrderResourceGroupPermissions( $pGroupPermission->loadResourceGroupPermissions("create", $idGroup) );
$listaPermisosNuevos = array_diff( $selectedCreates, $listaPermisos);
$listaPermisosAusentes = array_diff( $listaPermisos, $selectedCreates);
$listaPermisosNuevosGrupo = array();
$listaPermisosAusentesGrupo = array();
foreach($arrResources as $resource) {
if( in_array( $resource["name"], $listaPermisosNuevos) ) $listaPermisosNuevosGrupo[] = $resource["id"];
if( in_array( $resource["name"], $listaPermisosAusentes) ) $listaPermisosAusentesGrupo[] = $resource["id"];
}
if( count($listaPermisosAusentesGrupo) > 0 ){
$bExito = $pGroupPermission->deleteGroupPermissions("create", $idGroup, $listaPermisosAusentesGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if( count($listaPermisosNuevosGrupo) > 0 ){
$bExito = $pGroupPermission->saveGroupPermissions("create", $idGroup, $listaPermisosNuevosGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if (!empty($msgError))
$smarty->assign("mb_message", $msgError);
//****************************************************************************************************
// ACTION -> delete
//****************************************************************************************************
$selectedDeletes = isset($_POST['deletePermission']) ? array_keys($_POST['deletePermission']) : array();
if( $isAdministrator ){
$selectedDeletes[] = "usermgr";
$selectedDeletes[] = "grouplist";
$selectedDeletes[] = "userlist";
$selectedDeletes[] = "group_permission";
}
$listaPermisos = OrderResourceGroupPermissions( $pGroupPermission->loadResourceGroupPermissions("delete", $idGroup) );
$listaPermisosNuevos = array_diff( $selectedDeletes, $listaPermisos);
$listaPermisosAusentes = array_diff( $listaPermisos, $selectedDeletes);
$listaPermisosNuevosGrupo = array();
$listaPermisosAusentesGrupo = array();
foreach($arrResources as $resource) {
if( in_array( $resource["name"], $listaPermisosNuevos) ) $listaPermisosNuevosGrupo[] = $resource["id"];
if( in_array( $resource["name"], $listaPermisosAusentes) ) $listaPermisosAusentesGrupo[] = $resource["id"];
}
if( count($listaPermisosAusentesGrupo) > 0 ){
$bExito = $pGroupPermission->deleteGroupPermissions("delete", $idGroup, $listaPermisosAusentesGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if( count($listaPermisosNuevosGrupo) > 0 ){
$bExito = $pGroupPermission->saveGroupPermissions("delete", $idGroup, $listaPermisosNuevosGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if (!empty($msgError))
$smarty->assign("mb_message", $msgError);
//****************************************************************************************************
// ACTION -> update
//****************************************************************************************************
$selectedUpdates = isset($_POST['updatePermission']) ? array_keys($_POST['updatePermission']) : array();
if( $isAdministrator ){
$selectedUpdates[] = "usermgr";
$selectedUpdates[] = "grouplist";
$selectedUpdates[] = "userlist";
$selectedUpdates[] = "group_permission";
}
$listaPermisos = OrderResourceGroupPermissions( $pGroupPermission->loadResourceGroupPermissions("update", $idGroup) );
$listaPermisosNuevos = array_diff( $selectedUpdates, $listaPermisos);
$listaPermisosAusentes = array_diff( $listaPermisos, $selectedUpdates);
$listaPermisosNuevosGrupo = array();
$listaPermisosAusentesGrupo = array();
foreach($arrResources as $resource) {
if( in_array( $resource["name"], $listaPermisosNuevos) ) $listaPermisosNuevosGrupo[] = $resource["id"];
if( in_array( $resource["name"], $listaPermisosAusentes) ) $listaPermisosAusentesGrupo[] = $resource["id"];
}
if( count($listaPermisosAusentesGrupo) > 0 ){
$bExito = $pGroupPermission->deleteGroupPermissions("update", $idGroup, $listaPermisosAusentesGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if( count($listaPermisosNuevosGrupo) > 0 ){
$bExito = $pGroupPermission->saveGroupPermissions("update", $idGroup, $listaPermisosNuevosGrupo);
if (!$bExito)
$msgError = "ERROR";
}
if (!empty($msgError))
$smarty->assign("mb_message", $msgError);*/
//borra los menus q tiene de permisos que estan guardados en la session, el index.php principal (html) volvera a generar esta arreglo de permisos.
unset($_SESSION['elastix_user_permission']);
return reportGroupPermission($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, true, $action_apply, $start_apply);
}
