if (isset($_REQUEST['assign']) && !isset($_REQUEST['quick_perms'])) { check_ticket('object-perms'); if (isset($_REQUEST['perm']) && !empty($_REQUEST['perm'])) { foreach ($_REQUEST['perm'] as $group => $gperms) { foreach ($gperms as $perm) { if ($tiki_p_admin_objects != 'y' && !$userlib->user_has_perm_on_object($user, $_REQUEST['objectId'], $_REQUEST['objectType'], $perm)) { $smarty->assign('errortype', 401); $smarty->assign('msg', tra('Permission denied')); $smarty->display('error.tpl'); die; } } } } $newPermissions = get_assign_permissions(); $permissionApplier->apply($newPermissions); if (isset($_REQUEST['group'])) { $smarty->assign('groupName', $_REQUEST['group']); } } if (isset($_REQUEST['remove'])) { $access->check_authenticity(tra('Are you sure you want to remove the direct permissions from this object?')); $newPermissions = new Perms_Reflection_PermissionSet(); $permissionApplier->apply($newPermissions); } if (isset($_REQUEST['copy'])) { $newPermissions = get_assign_permissions(); $filter = TikiFilter::get('text'); $to_copy = array('perms' => $newPermissions->getPermissionArray(), 'object' => $filter->filter($_REQUEST['objectId']), 'type' => $filter->filter($_REQUEST['objectType'])); $_SESSION['perms_clipboard'] = $to_copy; }
function testRevertIfWithinBounds() { $current = new Perms_Reflection_PermissionSet(); $current->add('Anonymous', 'view'); $parent = new Perms_Reflection_PermissionSet(); $parent->add('Anonymous', 'view'); $parent->add('Registered', 'edit'); $parent->add('Admins', 'admin'); $newSet = new Perms_Reflection_PermissionSet(); $newSet->add('Anonymous', 'view'); $newSet->add('Registered', 'edit'); $newSet->add('Admins', 'admin'); $target = $this->getMock('Perms_Reflection_Container'); $target->expects($this->once())->method('getDirectPermissions')->will($this->returnValue($current)); $target->expects($this->once())->method('getParentPermissions')->will($this->returnValue($parent)); $target->expects($this->once())->method('remove')->with($this->equalTo('Anonymous'), $this->equalTo('view')); $applier = new Perms_Applier(); $applier->addObject($target); $applier->restrictPermissions(array('view', 'edit', 'admin')); $applier->apply($newSet); }