public function execute()
{
// only allowed to global admin
if (!wa()->getUser()->getRights('webasyst', 'backend')) {
throw new waRightsException(_w('Access denied'));
}
$contact_id = waRequest::get('id');
$group_ids = null;
if ($contact_id > 0) {
$user_groups_model = new waUserGroupsModel();
$group_ids = $user_groups_model->getGroupIds($contact_id);
$group_ids[] = 0;
}
$app_id = waRequest::get('app');
$right_model = new waContactRightsModel();
$rights = $right_model->get($contact_id, $app_id, null, false);
$group_rights = null;
if ($group_ids) {
$group_rights = $right_model->get(array_map(wa_lambda('$a', 'return -$a;'), $group_ids), $app_id, null, false);
}
// Check custom rights items
$app_config = SystemConfig::getAppConfig($app_id);
$class_name = $app_config->getPrefix() . "RightConfig";
$file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php");
if (file_exists($file_path)) {
// Init app
waSystem::getInstance($app_id, $app_config, true);
include $file_path;
/**
* @var waRightConfig $right_config
*/
$right_config = new $class_name();
$rights += $right_config->getRights($contact_id);
if ($group_ids) {
$group_rights += $right_config->getRights(array_map(wa_lambda('$a', 'return -$a;'), $group_ids));
}
$this->view->assign('html', $right_config->getHTML($rights, $group_rights));
waSystem::setActive('contacts');
} else {
$this->view->assign('html', '');
}
if ($contact_id > 0) {
$this->view->assign('user', new waContact($contact_id));
} else {
$gm = new waGroupModel();
$this->view->assign('group', $gm->getById(-$contact_id));
}
$app = wa()->getAppInfo($app_id);
$app['id'] = $app_id;
$this->view->assign('app', $app);
$this->view->assign('rights', $rights);
$this->view->assign('group_rights', $group_rights);
}
public function getGroups($with_names = false)
{
$user_groups_model = new waUserGroupsModel();
if ($with_names) {
return $user_groups_model->getGroups($this->id);
} else {
return $user_groups_model->getGroupIds($this->id);
}
}
/**
* Get access rights by group and key
* @param int|array $id group ids (if positive) or contact ids (negative)
* @param string $name key to check value for; default is 'backend'
* @param boolean $check_groups (default is true) if set to false then only own access rights are considered, as if contact has no groups assigned
* @param boolean $noWA
* @return array (app_id => value)
*/
public function getApps($id, $name = 'backend', $check_groups = true, $noWA = true)
{
$cache = false;
if ($check_groups && is_numeric($id) && $id < 0) {
$user_groups_model = new waUserGroupsModel();
$cache = -$id;
$id = array_merge(array($id, 0), $user_groups_model->getGroupIds(-$id));
}
if (is_array($id) && !$id || !is_numeric($id) && !is_array($id)) {
return array();
}
$sql = "SELECT app_id, MAX(value) v\n FROM " . $this->table . "\n WHERE group_id IN (i:group_id)" . ($noWA ? " AND app_id != 'webasyst' " : '') . "AND name = s:name\n AND value > 0\n GROUP BY app_id";
$data = $this->query($sql, array('group_id' => $id, 'name' => $name));
$result = array();
foreach ($data as $row) {
$result[$row['app_id']] = $row['v'];
if ($cache) {
self::$cache[$cache][$row['app_id']][$name] = $row['v'];
}
}
return $result;
}
