/** * @todo remove code; merge with IO permission function (GET <-> POST) * @return string * @throws FolderIDMissingException */ public static function permission_window() { global $user; if ($_POST['file_id'] or $_POST['value_id'] or $_POST['parameter_id'] or $_POST['folder_id']) { if ($_POST['file_id']) { $id = $_POST['file_id']; $object = File::get_instance($id); $type = "file"; $title = $object->get_name(); } if ($_POST['value_id']) { $id = $_POST['value_id']; $object = Value::get_instance($id); $type = "value"; $title = $object->get_type_name(); } if ($_POST['parameter_id']) { $id = $_POST['parameter_id']; $object = Parameter::get_instance($id); $type = "parameter"; $title = $object->get_name(); } if ($_POST['folder_id']) { $id = $_POST['folder_id']; $object = Folder::get_instance($id); $type = "folder"; $title = $object->get_name(); } } else { throw new FolderIDMissingException(); } $data_permission = new DataPermission($type, $id); $template = new HTMLTemplate("data/data_permission_window.html"); $template->set_var("title", $title); $user = new User($data_permission->get_owner_id()); $group = new Group($data_permission->get_owner_group_id()); $template->set_var("owner", $user->get_full_name(false)); $template->set_var("owner_group", $group->get_name()); if ($object->can_set_automatic()) { $disable_automatic = false; } else { $disable_automatic = true; } if ($object->can_set_data_entity()) { $disable_project = false; } else { $disable_project = true; } if ($object->can_set_control()) { $disable_control = false; } else { $disable_control = true; } if ($object->can_set_remain()) { $disable_remain = false; } else { $disable_remain = true; } if ($disable_automatic == true) { $template->set_var("disabled_automatic", "disabled='disabled'"); } else { $template->set_var("disabled_automatic", ""); } if ($data_permission->get_automatic() == true) { $template->set_var("checked_automatic", "checked='checked'"); if ($disable_automatic == true) { $template->set_var("hidden_automatic", "<input type='hidden' name='automatic' value='1' />"); } else { $template->set_var("hidden_automatic", ""); } } else { $template->set_var("checked_automatic", ""); $template->set_var("hidden_automatic", ""); } $permission_array = $data_permission->get_permission_array(); for ($i = 1; $i <= 4; $i++) { for ($j = 1; $j <= 4; $j++) { $checked_name = "checked_" . $i . "_" . $j; $disabled_name = "disabled_" . $i . "_" . $j; $hidden_name = "hidden_" . $i . "_" . $j; if ($i == 3 and $disable_project == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { if (($j == 3 or $j == 4) and $disable_control == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { if ($disable_remain == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { $template->set_var($disabled_name, ""); $disabled = false; } } } if ($permission_array[$i][$j] == true) { $template->set_var($checked_name, "checked='checked'"); if ($disabled == true) { $template->set_var($hidden_name, "<input type='hidden' name='" . $checked_name . "' value='1' />"); } else { $template->set_var($hidden_name, ""); } } else { $template->set_var($checked_name, ""); $template->set_var($hidden_name, ""); } $disabled = false; } } $paramquery = $_GET; $paramquery['nav'] = "data"; unset($paramquery['action']); $params = http_build_query($paramquery, '', '&'); return $template->get_string(); }
/** * @throws FolderIDMissingException * @throws DataSecuriyAccessDeniedException */ public static function permission() { global $user; if ($_GET['file_id'] or $_GET['value_id'] or $_GET['parameter_id'] or $_GET['folder_id']) { if ($_GET['file_id']) { $id = $_GET['file_id']; $object = File::get_instance($id); $type = "file"; $title = $object->get_name(); } if ($_GET['value_id']) { $id = $_GET['value_id']; $object = Value::get_instance($id); $type = "value"; $title = $object->get_type_name(); } if ($_GET['parameter_id']) { $id = $_GET['parameter_id']; $object = Parameter::get_instance($id); $type = "parameter"; $title = $object->get_name(); } if ($_GET['folder_id']) { $id = $_GET['folder_id']; $object = Folder::get_instance($id); $type = "folder"; $title = $object->get_name(); } } else { throw new FolderIDMissingException(); } if ($object->is_control_access() == true) { $full_access = true; } else { $full_access = false; } if ($object->get_owner_id() == $user->get_user_id()) { $user_access = true; } else { $user_access = false; } if ($full_access == true or $user_access == true) { $data_permission = new DataPermission($type, $id); if (!$_GET['nextpage']) { $template = new HTMLTemplate("data/data_permission.html"); $paramquery = $_GET; $paramquery['nextpage'] = "1"; $params = http_build_query($paramquery, '', '&'); $template->set_var("params", $params); $paramquery = $_GET; $paramquery['action'] = "chown"; $params = http_build_query($paramquery, '', '&'); $template->set_var("params_chown", $params); $paramquery = $_GET; $paramquery['action'] = "chgroup"; $params = http_build_query($paramquery, '', '&'); $template->set_var("params_chgroup", $params); $template->set_var("title", $title); $user = new User($data_permission->get_owner_id()); $group = new Group($data_permission->get_owner_group_id()); $template->set_var("owner", $user->get_full_name(false)); $template->set_var("owner_group", $group->get_name()); if ($object->can_set_automatic()) { $disable_automatic = false; } else { $disable_automatic = true; } if ($object->can_set_data_entity()) { $disable_project = false; } else { $disable_project = true; } if ($object->can_set_control()) { $disable_control = false; } else { $disable_control = true; } if ($object->can_set_remain()) { $disable_remain = false; } else { $disable_remain = true; } if ($disable_automatic == true) { $template->set_var("disabled_automatic", "disabled='disabled'"); } else { $template->set_var("disabled_automatic", ""); } if ($data_permission->get_automatic() == true) { $template->set_var("checked_automatic", "checked='checked'"); if ($disable_automatic == true) { $template->set_var("hidden_automatic", "<input type='hidden' name='automatic' value='1' />"); } else { $template->set_var("hidden_automatic", ""); } } else { $template->set_var("checked_automatic", ""); $template->set_var("hidden_automatic", ""); } $permission_array = $data_permission->get_permission_array(); for ($i = 1; $i <= 4; $i++) { for ($j = 1; $j <= 4; $j++) { $checked_name = "checked_" . $i . "_" . $j; $disabled_name = "disabled_" . $i . "_" . $j; $hidden_name = "hidden_" . $i . "_" . $j; if ($i == 3 and $disable_project == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { if (($j == 3 or $j == 4) and $disable_control == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { if ($disable_remain == true) { $template->set_var($disabled_name, "disabled='disabled'"); $disabled = true; } else { $template->set_var($disabled_name, ""); $disabled = false; } } } if ($permission_array[$i][$j] == true) { $template->set_var($checked_name, "checked='checked'"); if ($disabled == true) { $template->set_var($hidden_name, "<input type='hidden' name='" . $checked_name . "' value='1' />"); } else { $template->set_var($hidden_name, ""); } } else { $template->set_var($checked_name, ""); $template->set_var($hidden_name, ""); } $disabled = false; } } $paramquery = $_GET; $paramquery['nav'] = "data"; unset($paramquery['action']); $params = http_build_query($paramquery, '', '&'); $template->set_var("back_link", $params); $template->output(); } else { if ($_POST['save']) { $paramquery = $_GET; unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); } else { if ($type == folder) { $paramquery = $_GET; unset($paramquery['action']); unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); } else { $paramquery = $_GET; unset($paramquery['action']); unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); } } if ($data_permission->set_permission_array($_POST) == true) { Common_IO::step_proceed($params, "Permission: " . $title . "", "Changes saved succesful", null); } else { Common_IO::step_proceed($params, "Permission: " . $title . "", "Operation failed", null); } } } else { throw new DataSecuriyAccessDeniedException(); } }