public function installPermissionsObs() { $time_start = microtime(true); jimport('joomla.access.rules'); $app = JFactory::getApplication(); // Get the default rules (root) $root = JTable::getInstance('Asset'); $root->loadByName('root.1'); $root_rules = new JAccessRules($root->rules); // Define the new rules $ACL_PERMISSIONS = '{"core.admin":[],"core.manage":[],"core.create":[],"core.delete":[],"core.edit":[],"core.edit.state":[],"settings.edit":[],"settings.save":[]}'; $new_rules = new JAccessRules($ACL_PERMISSIONS); // Merge the rules into default rules and save it $root_rules->merge($new_rules); $root->rules = (string) $root_rules; if ($root->store()) { echo 'Installed ACL Permissions'; echo ' - <span style="color:green">' . JText::_('Success') . '</span><br />'; } else { echo ' - <span style="color:red">' . JText::_('Failed') . '</span><br />'; } $time_end = microtime(true); $time = $time_end - $time_start; if ($this->debug) { echo 'Duration: ' . round($time) . 's<br>'; } }
function initialPermission() { $component_name = JRequest::getCmd('option'); $db = JFactory::getDBO(); $asset = JTable::getInstance('asset'); // Create an asset object /*** Component assets ***/ if (!$asset->loadByName($component_name)) { // The assets entry does not exist: We will create initial rules for all component's actions // Get root asset $root = JTable::getInstance('asset'); $root->loadByName('root.1'); // Initialize component asset $asset->name = $component_name; $asset->title = $component_name; $asset->setLocation($root->id, 'last-child'); // father of compontent asset it the root asset // Create initial component rules and set them into the asset $initial_rules = $this->_createComponentRules($component_name); $component_rules = new JAccessRules(json_encode($initial_rules)); $asset->rules = $component_rules->__toString(); // Save the asset into the DB if (!$asset->check() || !$asset->store()) { echo $asset->getError(); $this->setError($asset->getError()); return false; } } else { // The assets entry already exists: We will check if it has exactly the actions specified in component's access.xml file // Get existing DB rules and component's actions from the access.xml file $existing_rules = new JAccessRules($asset->rules); $rules_data = $existing_rules->getData(); $component_actions = JAccess::getActions('com_flexicontent', 'component'); // Find any deleted / added actions ... $db_action_names = array(); foreach ($rules_data as $action_name => $data) { $db_action_names[] = $action_name; } foreach ($component_actions as $action) { $file_action_names[] = $action->name; } $deleted_actions = array_diff($db_action_names, $file_action_names); $added_actions = array_diff($file_action_names, $db_action_names); if (count($deleted_actions) || count($added_actions)) { // We have changes in the component actions // First merge the existing component (db) rules into the initial rules $initial_rules = $this->_createComponentRules($component_name); $component_rules = new JAccessRules(json_encode($initial_rules)); $component_rules->merge($existing_rules); // Second, check if obsolete rules are contained in the existing component (db) rules, if so create a new rules object without the obsolete rules if ($deleted_actions) { $rules_data = $component_rules->getData(); foreach ($deleted_actions as $action_name) { unset($rules_data[$action_name]); } $component_rules = new JAccessRules($rules_data); } // Set asset rules $asset->rules = $component_rules->__toString(); // Save the asset if (!$asset->check() || !$asset->store()) { echo $asset->getError(); $this->setError($asset->getError()); return false; } } } // Load component asset $component_asset = JTable::getInstance('asset'); $component_asset->loadByName($component_name); /*** CATEGORY assets ***/ // Get a list com_content categories that do not have assets (or have wrong asset names) $query = $db->getQuery(true)->select('c.id, c.parent_id, c.title, c.asset_id')->from('#__assets AS se')->join('RIGHT', '#__categories AS c ON se.id=c.asset_id AND se.name=concat("com_content.category.",c.id)')->where('(se.id is NULL OR (c.parent_id=1 AND se.parent_id!=' . (int) $asset->id . ') )')->where('c.extension = ' . $db->quote('com_content'))->order('c.level ASC'); // IMPORTANT create categories asset using increasing depth level, so that get parent assetid will not fail $db->setQuery($query); $results = $db->loadObjectList(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // Add an asset to every category that doesnot have one if (count($results) > 0) { foreach ($results as $category) { $parentId = $this->_getAssetParentId(null, $category); $name = "com_content.category.{$category->id}"; // Try to load asset for the current CATEGORY ID $asset_found = $asset->loadByName($name); if (!$asset_found) { if ($category->asset_id) { // asset name not found but category has an asset id set ?, we could delete it here // but it maybe dangerous to do so ... it might be a legitimate asset_id for something else } // Set id to null since we will be creating a new asset on store $asset->id = null; // Set asset rules to empty, (DO NOT set any ACTIONS, just let them inherit ... from parent) $asset->rules = new JAccessRules(); /*if ($parentId == $component_asset->id) { $actions = JAccess::getActions($component_name, 'category'); $rules = json_decode($component_asset->rules); foreach ($actions as $action) { $catrules[$action->name] = $rules->{$action->name}; } $rules = new JAccessRules(json_encode($catrules)); $asset->rules = $rules->__toString(); } else { $parent = JTable::getInstance('asset'); $parent->load($parentId); $asset->rules = $parent->rules; }*/ } else { // do not change (a) the id OR (b) the rules, of the asset } // Initialize appropriate asset properties $asset->name = $name; $asset->title = $category->title; $asset->setLocation($parentId, 'last-child'); // Permissions of categories are inherited by parent category, or from component if no parent category exists // Save the category asset (create or update it) if (!$asset->check() || !$asset->store(false)) { echo $asset->getError(); echo " Problem for asset with id: " . $asset->id; echo " Problem for category with id: " . $category->id . "(" . $category->title . ")"; $this->setError($asset->getError()); return false; } // Assign the asset to the category, if it is not already assigned $query = $db->getQuery(true)->update('#__categories')->set('asset_id = ' . (int) $asset->id)->where('id = ' . (int) $category->id); $db->setQuery($query); if (!$db->query()) { echo JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg()); $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg())); return false; } } } /*** ITEM assets ***/ /* // Get a list com_content items that do not have assets (or have wrong asset names) $query = $db->getQuery(true) ->select('c.id, c.catid as parent_id, c.title, c.asset_id') ->from('#__assets AS se')->join('RIGHT', '#__content AS c ON se.id=c.asset_id AND se.name=concat("com_content.article.",c.id)') ->where('se.id is NULL');//->where('c.extension = ' . $db->quote('com_content')); $db->setQuery($query); $results = $db->loadObjectList(); if ($db->getErrorNum()) echo $db->getErrorMsg(); // Add an asset to every item that doesnot have one if(count($results)>0) { foreach($results as $item) { $parentId = $this->_getAssetParentId(null, $item); $name = "com_content.article.{$item->id}"; // Try to load asset for the current CATEGORY ID $asset_found = $asset->loadByName($name); if ( !$asset_found ) { if ($item->asset_id) { // asset name not found but item has an asset id set ?, we could delete it here // but it maybe dangerous to do so ... it might be a legitimate asset_id for something else } // Set id to null since we will be creating a new asset on store $asset->id = null; // Set asset rules to empty, (DO NOT set any ACTIONS, just let them inherit ... from parent) $asset->rules = new JAccessRules(); //if ($parentId == $component_asset->id) { // $actions = JAccess::getActions($component_name, 'article'); // $rules = json_decode($component_asset->rules); // foreach ($actions as $action) { // $catrules[$action->name] = $rules->{$action->name}; // } // $rules = new JAccessRules(json_encode($catrules)); // $asset->rules = $rules->__toString(); //} else { // $parent = JTable::getInstance('asset'); // $parent->load($parentId); // $asset->rules = $parent->rules; //} } else { // do not change (a) the id OR (b) the rules, of the asset } // Initialize appropriate asset properties $asset->name = $name; $asset->title = $item->title; $asset->setLocation($parentId, 'last-child'); // Permissions of items are inherited from their main category // Save the item asset (create or update it) if (!$asset->check() || !$asset->store(false)) { echo $asset->getError(); $this->setError($asset->getError()); return false; } // Assign the asset to the item, if it is not already assigned $query = $db->getQuery(true) ->update('#__content') ->set('asset_id = ' . (int)$asset->id) ->where('id = ' . (int)$item->id); $db->setQuery($query); if (!$db->query()) { echo JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg()); $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg())); return false; } } } */ /*** FLEXIcontent FIELDS assets ***/ // Get a list flexicontent fields that do not have assets $query = $db->getQuery(true)->select('ff.id, ff.name, ff.asset_id')->from('#__assets AS se')->join('RIGHT', '#__flexicontent_fields AS ff ON se.id=ff.asset_id AND se.name=concat("com_flexicontent.field.",ff.id)')->where('se.id is NULL'); $db->setQuery($query); $results = $db->loadObjectList(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // Add an asset to every field that doesnot have one if (count($results) > 0) { foreach ($results as $field) { $name = "com_flexicontent.field.{$field->id}"; // Test if an asset for the current FIELD ID already exists and load it instead of creating a new asset if (!$asset->loadByName($name)) { if ($field->asset_id) { // asset name not found but field has an asset id set ?, we could delete it here // but it maybe dangerous to do so ... it might be a legitimate asset_id for something else } // Initialize field asset $asset->id = null; $asset->name = $name; $asset->title = $field->name; $asset->setLocation($component_asset->id, 'last-child'); // Permissions of fields are directly inheritted by component // Set asset rules to empty, (DO NOT set any ACTIONS, just let them inherit ... from parent) $asset->rules = new JAccessRules(); /* $actions = JAccess::getActions($component_name, 'field'); $rules = json_decode($component_asset->rules); foreach ($actions as $action) { $fieldrules[$action->name] = $rules->{$action->name}; } $rules = new JAccessRules(json_encode($fieldrules)); $asset->rules = $rules->__toString(); */ // Save the asset if (!$asset->check() || !$asset->store(false)) { echo $asset->getError(); $this->setError($asset->getError()); return false; } } // Assign the asset to the field $query = $db->getQuery(true)->update('#__flexicontent_fields')->set('asset_id = ' . (int) $asset->id)->where('id = ' . (int) $field->id); $db->setQuery($query); if (!$db->query()) { echo JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg()); $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg())); return false; } } } /*** FLEXIcontent TYPES assets ***/ // Get a list flexicontent types that do not have assets $query = $db->getQuery(true)->select('ff.id, ff.name, ff.asset_id')->from('#__assets AS se')->join('RIGHT', '#__flexicontent_types AS ff ON se.id=ff.asset_id AND se.name=concat("com_flexicontent.type.",ff.id)')->where('se.id is NULL'); $db->setQuery($query); $results = $db->loadObjectList(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // Add an asset to every type that doesnot have one if (count($results) > 0) { foreach ($results as $type) { $name = "com_flexicontent.type.{$type->id}"; // Test if an asset for the current TYPE ID already exists and load it instead of creating a new asset if (!$asset->loadByName($name)) { if ($type->asset_id) { // asset name not found but type has an asset id set ?, we could delete it here // but it maybe dangerous to do so ... it might be a legitimate asset_id for something else } // Initialize type asset $asset->id = null; $asset->name = $name; $asset->title = $type->name; $asset->setLocation($component_asset->id, 'last-child'); // Permissions of types are directly inheritted by component // Set asset rules to empty, (DO NOT set any ACTIONS, just let them inherit ... from parent) $asset->rules = new JAccessRules(); /* $actions = JAccess::getActions($component_name, 'type'); $rules = json_decode($component_asset->rules); foreach ($actions as $action) { $typerules[$action->name] = $rules->{$action->name}; } $rules = new JAccessRules(json_encode($typerules)); $asset->rules = $rules->__toString(); */ // Save the asset if (!$asset->check() || !$asset->store(false)) { echo $asset->getError(); $this->setError($asset->getError()); return false; } } // Assign the asset to the type $query = $db->getQuery(true)->update('#__flexicontent_types')->set('asset_id = ' . (int) $asset->id)->where('id = ' . (int) $type->id); $db->setQuery($query); if (!$db->query()) { echo JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg()); $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', get_class($this), $db->getErrorMsg())); return false; } } } // Clear cache so that per user permissions objects are recalculated $cache = FLEXIUtilities::getCache($group = '', 0); $cache->clean('com_flexicontent_cats'); $cache = FLEXIUtilities::getCache($group = '', 1); $cache->clean('com_flexicontent_cats'); return true; }
/** * Tests the JAccessRules::merge method * * @return void * * @since 11.1 */ public function testMergeRules() { $array1 = array('edit' => array(-42 => 1), 'delete' => array(-42 => 0)); $array2 = array('create' => array(2 => 1), 'delete' => array(2 => 0)); $result2 = array('edit' => array(-42 => 1), 'delete' => array(-42 => 0, 2 => 0), 'create' => array(2 => 1)); $rules1 = new JAccessRules($array1); $rules1->merge($array2); $this->assertThat((string) $rules1, $this->equalTo(json_encode($result2)), 'Input as a JAccessRules'); }
/** * Validate all URLS and update their "valid" status */ public static function installAttachmentsPermissions($verbose = true) { jimport('joomla.access.rules'); $app = JFactory::getApplication(); // Get the root rules $root = JTable::getInstance('asset'); $root->loadByName('root.1'); $root_rules = new JAccessRules($root->rules); // Define the new rules $new_rules = new JAccessRules(AttachmentsDefines::$DEFAULT_ATTACHMENTS_ACL_PERMISSIONS); // Merge the rules into default rules and save it $root_rules->merge($new_rules); $root->rules = (string) $root_rules; if ($root->store()) { if ($verbose) { $app->enqueueMessage(JText::_('ATTACH_INSTALLED_DEFAULT_ATTACHMENTS_ASSET_RULES'), 'message'); } } else { if ($verbose) { $app->enqueueMessage(JText::_('ATTACH_INSTALLING_DEFAULT_ATTACHMENTS_ASSET_RULES_FAILED'), 'message'); } } }